RE: Auditing in Windows 2008 and R2 what are folks doing?
We are implementing this in an even bigger environment. However syslog runs over UDP (natively) and it's not reliable. You'd need to use software that gives you more reliability (e.g. by sending the traffic over TCP) if you need this to produce reliable log files centrally. Cheers Ken From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, 29 July 2010 3:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? 800+ servers to a syslog? Plus going to have to put agents on every single server in the domain? Really haven't used Syslog much for the windows event logging Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, July 28, 2010 3:48 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? EventCombMT still works... :) Why not export all the logs to SysLog, and spend a few tiny dollars on searching those logs? * Syslog servers are cheap/free. * Syslog forwarders for Windows are cheap/free. * Tools to search consolidated logs range from free to exorbitant. See Splunk on both accounts. :) Once you have established the value of log parsing and management, you'll have a slightly better chance of procuring some funds. -ASB: http://XeeSM.com/AndrewBaker On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward ezi...@lifespan.orgmailto:ezi...@lifespan.org wrote: Naa its far harder than that, I think someone said we can dump the event logs via powershell, but using EventCombMT when I need to get something I hope still works. Either that or I am going to have to bug MGMT again about a dedicated eventlog management tool. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: James Rankin [mailto:kz2...@googlemail.commailto:kz2...@googlemail.com] Sent: Wednesday, July 28, 2010 3:36 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? Tough gig then. Looks like you're going to be doing a lot of creative stuff with dumpel.exe and the findstr command :-) On 28 July 2010 13:06, Ziots, Edward ezi...@lifespan.orgmailto:ezi...@lifespan.org wrote: I don't have SCOM, I wish I had some event log auditing solution, been asking for 5+ yrs, and all it ever falls on is deaf ears Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Malcolm Reitz [mailto:malcolm.re...@live.commailto:malcolm.re...@live.com] Sent: Tuesday, July 27, 2010 6:29 PM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? Have you looked in to using the Audit Collection Services piece of SCOM? I think ACS could be valuable for security event reporting and forensics use. -Malcolm From: James Rankin [mailto:kz2...@googlemail.commailto:kz2...@googlemail.com] Sent: Tuesday, July 27, 2010 15:41 To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? I'm mainly interested in account lockouts, logons attempted under things like built-in administrator accounts, high numbers of logon failures, and any attempts to modify security policies and/or protected groups (such as local admins, domain admins, server ops, and the like). We've also got certain areas where file access is audited. I use SCOM to try and aggregate the events for me. This is quite handy, as it also monitors things like failed su to root on our ESX servers and other stuff outside of the Windows event logging arena. On 27 July 2010 20:15, Ziots, Edward ezi...@lifespan.orgmailto:ezi...@lifespan.org wrote: Hey gang, well I wanted to ask the group, what is everyone doing about their audit policies on Windows 2008 R2 for domain controllers or member servers. I have mapped out all the audit categories and sub-categories, and events, but I don't want the logs to turn into soup, so kinda wanted to see what others were doing for which categories and subcategories they turned on auditing for. Would be nice to bounce some ideas off about certain events. ( Already plowed through M$ site descriptions, the Microsoft Security Resource Kit and Randy Franklin Smith's Eventlog site) Feel free to post here, or if you like catch me offline, love to hear the feedback. After this its on to Firewall rules accordingly for the servers and either scripting or GPOing that out for a baseline. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.orgmailto:email%3aezi...@lifespan.org Cell:401-639-3505 -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right
RE: Auditing in Windows 2008 and R2 what are folks doing?
Thanks Ken, appreciate the insight as always. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, July 29, 2010 4:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? We are implementing this in an even bigger environment. However syslog runs over UDP (natively) and it's not reliable. You'd need to use software that gives you more reliability (e.g. by sending the traffic over TCP) if you need this to produce reliable log files centrally. Cheers Ken From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, 29 July 2010 3:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? 800+ servers to a syslog? Plus going to have to put agents on every single server in the domain? Really haven't used Syslog much for the windows event logging Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, July 28, 2010 3:48 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? EventCombMT still works... :) Why not export all the logs to SysLog, and spend a few tiny dollars on searching those logs? * Syslog servers are cheap/free. * Syslog forwarders for Windows are cheap/free. * Tools to search consolidated logs range from free to exorbitant. See Splunk on both accounts. :) Once you have established the value of log parsing and management, you'll have a slightly better chance of procuring some funds. -ASB: http://XeeSM.com/AndrewBaker On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward ezi...@lifespan.org wrote: Naa its far harder than that, I think someone said we can dump the event logs via powershell, but using EventCombMT when I need to get something I hope still works. Either that or I am going to have to bug MGMT again about a dedicated eventlog management tool. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, July 28, 2010 3:36 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? Tough gig then. Looks like you're going to be doing a lot of creative stuff with dumpel.exe and the findstr command :-) On 28 July 2010 13:06, Ziots, Edward ezi...@lifespan.org wrote: I don't have SCOM, I wish I had some event log auditing solution, been asking for 5+ yrs, and all it ever falls on is deaf ears Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org mailto:email%3aezi...@lifespan.org Cell:401-639-3505 From: Malcolm Reitz [mailto:malcolm.re...@live.com] Sent: Tuesday, July 27, 2010 6:29 PM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? Have you looked in to using the Audit Collection Services piece of SCOM? I think ACS could be valuable for security event reporting and forensics use. -Malcolm From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, July 27, 2010 15:41 To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? I'm mainly interested in account lockouts, logons attempted under things like built-in administrator accounts, high numbers of logon failures, and any attempts to modify security policies and/or protected groups (such as local admins, domain admins, server ops, and the like). We've also got certain areas where file access is audited. I use SCOM to try and aggregate the events for me. This is quite handy, as it also monitors things like failed su to root on our ESX servers and other stuff outside of the Windows event logging arena. On 27 July 2010 20:15, Ziots, Edward ezi...@lifespan.org wrote: Hey gang, well I wanted to ask the group, what is everyone doing about their audit policies on Windows 2008 R2 for domain controllers or member servers. I have mapped out all the audit categories and sub-categories, and events, but I don't want the logs to turn into soup, so kinda wanted to see what others were doing for which categories and subcategories they turned on auditing for. Would be nice to bounce some ideas off about certain events. ( Already plowed through M$ site descriptions, the Microsoft Security Resource Kit and Randy Franklin Smith's Eventlog site) Feel free to post here, or if you like catch me offline, love to hear the feedback. After this its on to Firewall rules accordingly for the servers and either scripting or GPOing that out for a
RE: WDS, PXE Proxy Split DHCP
I'm not sure if that will work-the WDS server is probably set not to listen on port 67, which is where a normal (non-pxe) DHCP server is probably sending the packets. It looks like from here (http://technet.microsoft.com/en-us/library/bb680753.aspx) that you should be able to figure out which port your WDS server is using for PXE (they show 4011). You might be able to try passing that via the option 66 host name string, such as server.name.domain:4011. If that doesn't work, you could also try adding option 60 to the non-PXE DHCP server. Failing that, you might have to scope it all out from one server. Then, script netsh to do regular exports of DHCP to other server, in case you need to do a quick import and get DHCP up and running. Or, just keep half of the addresses in reserve on that system, but leave the service off. If your other server is down for DHCP, WDS isn't going to be working either. From: Sean Rector [mailto:sean.rec...@vaopera.org] Sent: Wednesday, July 28, 2010 4:18 PM To: NT System Admin Issues Subject: WDS, PXE Proxy Split DHCP Hello, I have two Windows Server 2008 R2 DHCP servers in a SplitScope configuration. One of these is my WDS server. If the PXE client pulls its IP from that server (DC01), WDS runs fine on the client. If the client pulls its IP from the 2nd server (DC02), I get the Windows failed to start. error screen of Windows Boot Manager. On DC02, I have DHCP Options 66 (IP of DC01) and 67 (boot\X64\wdsnbp.com) configured. What am I missing? The documentation really doesn't cover having a SplitScope configuration. I have DHCP split for resiliency. Sean Rector, MCSE Information Technology Manager Virginia Opera Association E-Mail: sean.rec...@vaopera.orgmailto:sean.rec...@vaopera.org Phone:(757) 213-4548 (direct line) {+} 2010-2011 subscriptions are on sale now! Featuring: Rigoletto | Così Fan Tutte | The Valkyrie | Madama Butterfly Visit us online at www.VaOpera.orghttp://www.vaopera.org/ or call 1-866-OPERA-VA The vision of Virginia Opera is to enrich lives through the powerful integration of music, voice and human drama. This e-mail and any attached files are confidential and intended solely for the intended recipient(s). Unless otherwise specified, persons unnamed as recipients may not read, distribute, copy or alter this e-mail. Any views or opinions expressed in this e-mail belong to the author and may not necessarily represent those of Virginia Opera. Although precautions have been taken to ensure no viruses are present, Virginia Opera cannot accept responsibility for any loss or damage that may arise from the use of this e-mail or attachments. {*} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Physical to Virtual backup
At least it would keep your users up and running until you rebuilt your physical box in one way or another. And since we're on the topic of VMware. All you Central IL admins, don't forget the VMUG meeting next week in Normal at ISU. Been a while since we had one and I'm sure it will fill up fast. From: Jeff Cain [mailto:je...@sunbelt-software.com] Sent: Wednesday, July 28, 2010 3:30 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup I love VMWare Converter, but I have not tried to go from virtual to physical. J Thanks, Jeff Cain - supp...@sunbeltsoftware.com Technical Support Analyst Sunbelt Software, part of the GFI Software family www.sunbeltsoftware.com http://www.sunbeltsoftware.com/ Tel: 1-877-757-4094 Fax: +1 727-562-3402 From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Wednesday, July 28, 2010 4:28 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup How easy is it to go from virtual back to physical? From: N Parr [mailto:npar...@mortonind.com] Sent: Wednesday, July 28, 2010 4:22 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup If you Google the subject of this email you will find a ton of resources complete with how-to's. Most of them free. One of the first hits steps you though scripting it hands off with VMware converter. From: Jay Dale [mailto:jd...@emlogis.com] Sent: Wednesday, July 28, 2010 3:02 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup Look at Shadowprotect from Storagecraft. I think they do something like that. Jay Dale Senior Systems Administrator o:713.785.0960 x290 From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Wednesday, July 28, 2010 8:53 AM To: NT System Admin Issues Subject: Physical to Virtual backup Good morning list members! I have a physical server running a 3rd party accounting package. The vendor does NOT support their product in a virtual environment or in a cluster at this time. I am certain it would run fine in a VM, but due to our support agreement, I must continue to run it on a single server. (The database is run on a separate SQL cluster) For backup and DR purposes, I would like to take daily P2V snapshot of this single server. I am interested if anyone else is doing something similar and, if so, what you are using. Thanks, BF ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
EMC Powerpath and Windows 2008 R2
Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Auditing in Windows 2008 and R2 what are folks doing?
I'll chime in with my 2 cents. We are in the same situation, but we did have a small SCOM implementation. Only used for KMS reporting. I convinced management to buy licenses so we could monitor the domain controllers using ACS. Prior to that I looked at this product: http://www.diskmonitor.com/Log-Manager/ I set it up and monitored a few servers. I was very impressed with the results. Much less expensive than doing ACS with SCOM. YMMV Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From: Ziots, Edward ezi...@lifespan.org To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date: 07/29/2010 08:17 AM Subject:RE: Auditing in Windows 2008 and R2 what are folks doing? Thanks Ken, appreciate the insight as always. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, July 29, 2010 4:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? We are implementing this in an even bigger environment. However syslog runs over UDP (natively) and it’s not reliable. You’d need to use software that gives you more reliability (e.g. by sending the traffic over TCP) if you need this to produce reliable log files centrally. Cheers Ken From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, 29 July 2010 3:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? 800+ servers to a syslog? Plus going to have to put agents on every single server in the domain? Really haven’t used Syslog much for the windows event logging Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, July 28, 2010 3:48 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? EventCombMT still works... :) Why not export all the logs to SysLog, and spend a few tiny dollars on searching those logs? Syslog servers are cheap/free. Syslog forwarders for Windows are cheap/free. Tools to search consolidated logs range from free to exorbitant. See Splunk on both accounts. :) Once you have established the value of log parsing and management, you'll have a slightly better chance of procuring some funds. -ASB: http://XeeSM.com/AndrewBaker On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward ezi...@lifespan.org wrote: Naa its far harder than that, I think someone said we can dump the event logs via powershell, but using EventCombMT when I need to get something I hope still works. Either that or I am going to have to bug MGMT again about a dedicated eventlog management tool. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, July 28, 2010 3:36 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? Tough gig then. Looks like you're going to be doing a lot of creative stuff with dumpel.exe and the findstr command :-) On 28 July 2010 13:06, Ziots, Edward ezi...@lifespan.org wrote: I don’t have SCOM, I wish I had some event log auditing solution, been asking for 5+ yrs, and all it ever falls on is deaf ears…. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Malcolm Reitz [mailto:malcolm.re...@live.com] Sent: Tuesday, July 27, 2010 6:29 PM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? Have you looked in to using the Audit Collection Services piece of SCOM? I think ACS could be valuable for security event reporting and forensics use. -Malcolm From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, July 27, 2010 15:41 To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? I'm mainly interested in account lockouts, logons attempted under things like built-in administrator accounts, high numbers of logon failures, and any attempts to modify security policies and/or protected groups (such as local admins, domain admins, server ops, and the like). We've also got certain areas where file access is audited. I use SCOM to try and aggregate the events for me. This is quite handy, as it also monitors things like failed su to root on our ESX servers and other stuff outside of the Windows event logging arena. On 27 July 2010 20:15, Ziots, Edward ezi...@lifespan.org wrote: Hey gang, well I wanted to ask the group, what is everyone doing
RE: EMC Powerpath and Windows 2008 R2
I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
Not using MirrorView... We have a DMX 1000 SAN, on the backend and Qlogic HBA's on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AQlogic To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
I'm running PowerPath v5.3 (build 11) on a 2008R2 server connected to my CX4-240. I haven't seen this behavior. Dell r710 with QLogic HBAs. To the best of my understanding, you are correct - PowerPath basically makes sure that even though there are multiple physical paths to the target LUN, only one is 'seen' by Windows. Jim Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 Not using MirrorView... We have a DMX 1000 SAN, on the backend and Qlogic HBA's on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AQlogic To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este facsímile, incluyendo lo adjunto, es para el uso exclusivo del destinatario(s) y puede contener información confidencial y/o información protegida de salud. En virtud de la Ley Federal (HIPAA), el destinatario tiene la obligación de mantener esta información segura y confidencial. Cualquier divulgación a terceros sin la autorización de los miembros de lo permitido por la ley está prohibido y penado en virtud de la Ley Federal. Si usted no es el destinatario, por favor, póngase en contacto con el remitente por teléfono y destruir todas las copias del mensaje original ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
Just did an uninstall and a reinstall and it seemingly worked, had the SAN man trespass the LUN, accordingly but still seeing some funky items there. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Jim Holmgren [mailto:jholmg...@xlhealth.com] Sent: Thursday, July 29, 2010 8:59 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I'm running PowerPath v5.3 (build 11) on a 2008R2 server connected to my CX4-240. I haven't seen this behavior. Dell r710 with QLogic HBAs. To the best of my understanding, you are correct - PowerPath basically makes sure that even though there are multiple physical paths to the target LUN, only one is 'seen' by Windows. Jim Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 Not using MirrorView... We have a DMX 1000 SAN, on the backend and Qlogic HBA's on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AQlogic To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Windows 7 - Libraries
I find this a bit disheartening, as we will be rolling out W7 boxes in the not too distant future. Has this improved since the timeframe you mentioned here? Did this by any chance have to do with one particular server O/S? IIRC Server 2k3 was a little less equipped for W7 GPOs than W2k8. Of course, I could be thinking of something totally unrelated. That happens before 2nd round of coffee. :) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com -Original Message- From: James Hill [mailto:james.h...@superamart.com.au] Sent: Wednesday, July 28, 2010 6:54 PM To: NT System Admin Issues Subject: RE: Windows 7 - Libraries The lack of control of Windows 7 features via GP was less than amusing at Teched here last year. Obviously it was all about how good Win 7 was and during a session on Group Policy they harped on about how many new GP's there were. They didn't mention that the Win 7 features and the new Group Policies often didn't match up :) -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, 29 July 2010 2:24 AM To: NT System Admin Issues Subject: RE: Windows 7 - Libraries What they call meeting the bar for new _core OS_ feature content in a service pack is very high, especially since the Vista reset. This is why we've seen some things decoupled - such as IIS, which comes with the OS but has been updated independently during the last several release cycles. We might see new GPs in a SP, but I doubt they'll add much in terms of functionality during a SP to _core OS_ features (and I consider AD and GP processing to be core OS, I haven't investigated this particular issue in the SP1 beta myself - not one of my particular interests). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, July 28, 2010 12:05 PM To: NT System Admin Issues Subject: Re: Windows 7 - Libraries On Wed, Jul 28, 2010 at 9:24 AM, Andrew S. Baker asbz...@gmail.com wrote: I joked earlier about them coming in Service Packs, but that hasn't been customary for Windows OS in a while. Maybe a feature pack? It'll be in Update Rollup 2 to Feature Pack 1. ;-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
GPO and folder redirections
Is there a way, using GPO and folder redirection to *exclude* some directories under My Documents? I'm thinking of using Folder Redirection, however, I can't find any way, using the GPO editor, to exclude things like My Pictures and My Music. -- Thanks, John Aldrich Blueridge Industries IT Manager ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
So you are pretty certain that it's simply seeing the same disk via different paths? If that is the case, and PowerPath is installed, I would take it up with EMC support. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 Not using MirrorView... We have a DMX 1000 SAN, on the backend and Qlogic HBA's on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AQlogic To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
We use power path here and yes before power path is put on, in disk management you will see multiple disks once power path is installed and server is rebooted it seems to fix itself. From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo _ From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: GPO and folder redirections
There are GPs for those folders too. So, if you want to keep them local or redirect them elsewhere, you should be able to do that. HTH, Scott --- Scott Wilhelm Computer Technician Massena Central School District St. Lawrence-Lewis BOCES (315) 764-3700 ext. 3046 The harder I work, the luckier I get. Samuel Goldwyn -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, July 29, 2010 9:40 AM To: NT System Admin Issues Subject: GPO and folder redirections Is there a way, using GPO and folder redirection to *exclude* some directories under My Documents? I'm thinking of using Folder Redirection, however, I can't find any way, using the GPO editor, to exclude things like My Pictures and My Music. -- Thanks, John Aldrich Blueridge Industries IT Manager ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Auditing in Windows 2008 and R2 what are folks doing?
Ok here is another weird one. Still running Windows 2003 R2 FFL/DFL Domain, put a Windows 2008 R2 server into the servers OU accordingly, and set the audit policy locally via auditpol. I reboot the Windows 2008 R2 server and the audit policy is gone. Basically everything I set via auditpol.exe has been reverted. Is there a possibility that since I am in a Windows 2003 Domain that wgen group policy refreshes it doesn’t obey the Windows 2008 Audit settings and reverts them all back to Windows 2003? Puzzling… It shows in the logs that all the audit settings have been ripped out, System audit policy was changed. Subject: Security ID:SYSTEM Account Name: RIFILE04X$ Account Domain: DOMAIN Logon ID: 0x3e7 Audit Policy Change: Category: System Subcategory: Security State Change Subcategory GUID: {0cce9210-69ae-11d9-bed3-505054503030} Changes:Success removed, Failure removed Makes little to no sense to me, why if I set them locally they be ripped out accordingly. I have a server audit policy at the servers OU that is Windows 2003 settings, that applies to Windows 2003/2000 accordingly. But at least some of the audit settings should be enabled in Windows 2008 with this in place. Any ideas? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Thursday, July 29, 2010 8:34 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? I'll chime in with my 2 cents. We are in the same situation, but we did have a small SCOM implementation. Only used for KMS reporting. I convinced management to buy licenses so we could monitor the domain controllers using ACS. Prior to that I looked at this product: http://www.diskmonitor.com/Log-Manager/ http://www.diskmonitor.com/Log-Manager/ I set it up and monitored a few servers. I was very impressed with the results. Much less expensive than doing ACS with SCOM. YMMV Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From:Ziots, Edward ezi...@lifespan.org To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date:07/29/2010 08:17 AM Subject:RE: Auditing in Windows 2008 and R2 what are folks doing? Thanks Ken, appreciate the insight as always. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Ken Schaefer [mailto:k...@adopenstatic.com mailto:k...@adopenstatic.com ] Sent: Thursday, July 29, 2010 4:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? We are implementing this in an even bigger environment. However syslog runs over UDP (natively) and it’s not reliable. You’d need to use software that gives you more reliability (e.g. by sending the traffic over TCP) if you need this to produce reliable log files centrally. Cheers Ken From: Ziots, Edward [mailto:ezi...@lifespan.org mailto:ezi...@lifespan.org ] Sent: Thursday, 29 July 2010 3:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? 800+ servers to a syslog? Plus going to have to put agents on every single server in the domain? Really haven’t used Syslog much for the windows event logging Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com mailto:asbz...@gmail.com ] Sent: Wednesday, July 28, 2010 3:48 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? EventCombMT still works... :) Why not export all the logs to SysLog, and spend a few tiny dollars on searching those logs? * Syslog servers are cheap/free. * Syslog forwarders for Windows are cheap/free. * Tools to search consolidated logs range from free to exorbitant. See Splunk on both accounts. :) Once you have established the value of log parsing and management, you'll have a slightly better chance of procuring some funds. -ASB: http://XeeSM.com/AndrewBaker http://xeesm.com/AndrewBaker On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward ezi...@lifespan.org wrote: Naa its far harder than that, I think
RE: GPO and folder redirections
2008 Domains have those ADM files built into GPM. You wont see those in 2003 using GPM by default. -Original Message- From: Wilhelm, Scott [mailto:swilh...@mcs.k12.ny.us] Sent: Thursday, July 29, 2010 9:45 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections There are GPs for those folders too. So, if you want to keep them local or redirect them elsewhere, you should be able to do that. HTH, Scott --- Scott Wilhelm Computer Technician Massena Central School District St. Lawrence-Lewis BOCES (315) 764-3700 ext. 3046 The harder I work, the luckier I get. Samuel Goldwyn -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, July 29, 2010 9:40 AM To: NT System Admin Issues Subject: GPO and folder redirections Is there a way, using GPO and folder redirection to *exclude* some directories under My Documents? I'm thinking of using Folder Redirection, however, I can't find any way, using the GPO editor, to exclude things like My Pictures and My Music. -- Thanks, John Aldrich Blueridge Industries IT Manager ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: GPO and folder redirections
Exactly. We're on 2003 R2, so I'm only seeing My Documents, Desktop and Application Data as options to redirect. :-( -Original Message- From: greg.swe...@actsconsulting.net [mailto:greg.swe...@actsconsulting.net] Sent: Thursday, July 29, 2010 9:56 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections 2008 Domains have those ADM files built into GPM. You wont see those in 2003 using GPM by default. -Original Message- From: Wilhelm, Scott [mailto:swilh...@mcs.k12.ny.us] Sent: Thursday, July 29, 2010 9:45 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections There are GPs for those folders too. So, if you want to keep them local or redirect them elsewhere, you should be able to do that. HTH, Scott --- Scott Wilhelm Computer Technician Massena Central School District St. Lawrence-Lewis BOCES (315) 764-3700 ext. 3046 The harder I work, the luckier I get. Samuel Goldwyn -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, July 29, 2010 9:40 AM To: NT System Admin Issues Subject: GPO and folder redirections Is there a way, using GPO and folder redirection to *exclude* some directories under My Documents? I'm thinking of using Folder Redirection, however, I can't find any way, using the GPO editor, to exclude things like My Pictures and My Music. -- Thanks, John Aldrich Blueridge Industries IT Manager ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
online backup for business in the UK
Hello All I have had an enquiry from a small company with 3 offices, all internet connected, who have a requirement to back up their data offsite and automatically Does anybody use such a service based in the UK? If so who? How do you find it? Any Gotchas? Regards laurence ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: online backup for business in the UK
Are the sites connected together? Budget? How much data on each site? How much data changes per day (MBs/GBs)? Off site = not the home site for the data, or building/location with nothing to do with the company? - DFS server at each site? - Robocopy site A to site B, site B to site C, and site C to site A -Original Message- From: Laurence Childs [mailto:laurence.chi...@btinternet.com] Sent: 29 July 2010 15:37 To: NT System Admin Issues Subject: online backup for business in the UK Hello All I have had an enquiry from a small company with 3 offices, all internet connected, who have a requirement to back up their data offsite and automatically Does anybody use such a service based in the UK? If so who? How do you find it? Any Gotchas? Regards laurence ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ This email and any attachments to it may be confidential and are intended solely for the use of the individual to whom it is addressed. If you are not the intended recipient of this email, you must neither take any action based upon its contents, nor copy or show it to anyone. Please contact the sender if you believe you have received this email in error. QinetiQ may monitor email traffic data and also the content of email for the purposes of security. QinetiQ Limited (Registered in England Wales: Company Number: 3796233) Registered office: 85 Buckingham Gate, London SW1E 6PD http://www.qinetiq.com. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: GPO and folder redirections
Maybe this would work - first redirect those folders out from under My Documents to a new folder in the user's profile, such as My Media Files The location of these folders is set in the registry under: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Use r Shell Folders You could create a custom group policy admin template so you can set these folder locations in group policy. There was an article in Windows IT Pro magazine a couple of years ago that talked about this, and I think there was a download to a premade adm file. A quick search turns up an article at Petri that shows how to create a template to redirect Favorites and Cookies, could probably be adapted to moving My Pictures and My Music. http://www.petri.co.il/redirect-favorites-cookies-folder-using-group-pol icy.htm Ralph -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, July 29, 2010 10:22 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections Exactly. We're on 2003 R2, so I'm only seeing My Documents, Desktop and Application Data as options to redirect. :-( -Original Message- From: greg.swe...@actsconsulting.net [mailto:greg.swe...@actsconsulting.net] Sent: Thursday, July 29, 2010 9:56 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections 2008 Domains have those ADM files built into GPM. You wont see those in 2003 using GPM by default. -Original Message- From: Wilhelm, Scott [mailto:swilh...@mcs.k12.ny.us] Sent: Thursday, July 29, 2010 9:45 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections There are GPs for those folders too. So, if you want to keep them local or redirect them elsewhere, you should be able to do that. HTH, Scott --- Scott Wilhelm Computer Technician Massena Central School District St. Lawrence-Lewis BOCES (315) 764-3700 ext. 3046 The harder I work, the luckier I get. Samuel Goldwyn -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, July 29, 2010 9:40 AM To: NT System Admin Issues Subject: GPO and folder redirections Is there a way, using GPO and folder redirection to *exclude* some directories under My Documents? I'm thinking of using Folder Redirection, however, I can't find any way, using the GPO editor, to exclude things like My Pictures and My Music. -- Thanks, John Aldrich Blueridge Industries IT Manager ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential inf ormation and is intended only for the individual or entity to whom it is add ressed. Any review, dissemination, or copying of this communication by anyon e other than the intended recipient is strictly prohibited. If you are not t he intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Remote Recycle Bin Access?
I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? Die dulci fruere! Roger Wright ___ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: EMC Powerpath and Windows 2008 R2
I've got some 2008 boxes...nothing R2 yet. As someone has already mentioned, once a server has been zoned to the array, disk management will list several disks. Usually, installing PowerPath and scanning for hardware changes (or rebooting) will update disk management and present the correct disks based on the number of LUNs assigned. If you're still seeing issues, I would have the appropriate person review the zoning config on your fabric while your SAN guys verifies the host connectivity on the DMX. I'm only familiar with the CX line from EMC but I'm assuming the management interface has the ability to check the connectivity status and to make sure each path is logged in and registered with the array. I've also seen odd behavior like this when a host is assigned to a storage group on the array but no LUNs have been assigned. - Sean On Thu, Jul 29, 2010 at 4:32 AM, Ziots, Edward ezi...@lifespan.org wrote: Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN’s from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Remote Recycle Bin Access?
On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Vipre effectiveness false positives
For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Sunbelt's Archiver vs. others
I'm doing research for a company considering implementing archiving. I like the looks of Sunbelt's product, but wondering if anyone else's research has uncovered any relatively objective comparisons of current archiving products. I've even inquired of Sunbelt Sales but they've been unable to provide me any. Anyone using a product they particularly like, for a size of say 300-600 mailboxes? -- David _ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Remote Recycle Bin Access?
Thanks. I've copied the entire folder (3.5 GB) over to my machine and see two SID entries but can't view the contents. I tried taking ownership but no go. Suggestions? Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:16 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Sunbelt's Archiver vs. others
I'm using SEA but have no experience with others, I have 225 mailboxes and need to add about 25 more, I have been using it for about 15 months and have archived about 5,5 mil emails in about 200Gb. Very easy to manage, works great with Outlook remote and OWA. I’m quite happy with it. Stefan On Thu, Jul 29, 2010 at 11:38 AM, David blazer...@gmail.com wrote: I'm doing research for a company considering implementing archiving. I like the looks of Sunbelt's product, but wondering if anyone else's research has uncovered any relatively objective comparisons of current archiving products. I've even inquired of Sunbelt Sales but they've been unable to provide me any. Anyone using a product they particularly like, for a size of say 300-600 mailboxes? -- David _ -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Auditing in Windows 2008 and R2 what are folks doing?
Definitely, for auditing purposes, you should use software that will send reliable Syslogs, as per RFC3195 Or something similar... -ASB: http://XeeSM.com/AndrewBaker On Thu, Jul 29, 2010 at 4:50 AM, Ken Schaefer k...@adopenstatic.com wrote: We are implementing this in an even bigger environment. However syslog runs over UDP (natively) and it’s not reliable. You’d need to use software that gives you more reliability (e.g. by sending the traffic over TCP) if you need this to produce reliable log files centrally. Cheers Ken *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, 29 July 2010 3:50 AM *To:* NT System Admin Issues *Subject:* RE: Auditing in Windows 2008 and R2 what are folks doing? 800+ servers to a syslog? Plus going to have to put agents on every single server in the domain? Really haven’t used Syslog much for the windows event logging Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* Andrew S. Baker [mailto:asbz...@gmail.com] *Sent:* Wednesday, July 28, 2010 3:48 PM *To:* NT System Admin Issues *Subject:* Re: Auditing in Windows 2008 and R2 what are folks doing? EventCombMT still works... :) Why not export all the logs to SysLog, and spend a few tiny dollars on searching those logs? - Syslog servers are cheap/free. - Syslog forwarders for Windows are cheap/free. - Tools to search consolidated logs range from free to exorbitant. See Splunk on both accounts. :) Once you have established the value of log parsing and management, you'll have a slightly better chance of procuring some funds. -ASB: http://XeeSM.com/AndrewBaker On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward ezi...@lifespan.org wrote: Naa its far harder than that, I think someone said we can dump the event logs via powershell, but using EventCombMT when I need to get something I hope still works. Either that or I am going to have to bug MGMT again about a dedicated eventlog management tool. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* James Rankin [mailto:kz2...@googlemail.com] *Sent:* Wednesday, July 28, 2010 3:36 PM *To:* NT System Admin Issues *Subject:* Re: Auditing in Windows 2008 and R2 what are folks doing? Tough gig then. Looks like you're going to be doing a lot of creative stuff with *dumpel.exe* and the *findstr* command :-) On 28 July 2010 13:06, Ziots, Edward ezi...@lifespan.org wrote: I don’t have SCOM, I wish I had some event log auditing solution, been asking for 5+ yrs, and all it ever falls on is deaf ears…. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* Malcolm Reitz [mailto:malcolm.re...@live.com] *Sent:* Tuesday, July 27, 2010 6:29 PM *To:* NT System Admin Issues *Subject:* RE: Auditing in Windows 2008 and R2 what are folks doing? Have you looked in to using the Audit Collection Services piece of SCOM? I think ACS could be valuable for security event reporting and forensics use. -Malcolm *From:* James Rankin [mailto:kz2...@googlemail.com] *Sent:* Tuesday, July 27, 2010 15:41 *To:* NT System Admin Issues *Subject:* Re: Auditing in Windows 2008 and R2 what are folks doing? I'm mainly interested in account lockouts, logons attempted under things like built-in administrator accounts, high numbers of logon failures, and any attempts to modify security policies and/or protected groups (such as local admins, domain admins, server ops, and the like). We've also got certain areas where file access is audited. I use SCOM to try and aggregate the events for me. This is quite handy, as it also monitors things like failed su to root on our ESX servers and other stuff outside of the Windows event logging arena. On 27 July 2010 20:15, Ziots, Edward ezi...@lifespan.org wrote: Hey gang, well I wanted to ask the group, what is everyone doing about their audit policies on Windows 2008 R2 for domain controllers or member servers. I have mapped out all the audit categories and sub-categories, and events, but I don’t want the logs to turn into soup, so kinda wanted to see what others were doing for which categories and subcategories they turned on auditing for. Would be nice to bounce some ideas off about certain events. ( Already plowed through M$ site descriptions, the Microsoft Security Resource Kit and Randy Franklin Smith’s Eventlog site) Feel free to post here, or if you like catch me offline, love to hear the feedback. After this its on to Firewall rules accordingly for the servers and either scripting or GPOing that out for a baseline. Z Edward E.
RE: Physical to Virtual backup
I did Google. My interest was to see what experts on the list were doing. From: N Parr [mailto:npar...@mortonind.com] Sent: Wednesday, July 28, 2010 4:22 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup If you Google the subject of this email you will find a ton of resources complete with how-to's. Most of them free. One of the first hits steps you though scripting it hands off with VMware converter. From: Jay Dale [mailto:jd...@emlogis.com] Sent: Wednesday, July 28, 2010 3:02 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup Look at Shadowprotect from Storagecraft. I think they do something like that. Jay Dale Senior Systems Administrator o:713.785.0960 x290 From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Wednesday, July 28, 2010 8:53 AM To: NT System Admin Issues Subject: Physical to Virtual backup Good morning list members! I have a physical server running a 3rd party accounting package. The vendor does NOT support their product in a virtual environment or in a cluster at this time. I am certain it would run fine in a VM, but due to our support agreement, I must continue to run it on a single server. (The database is run on a separate SQL cluster) For backup and DR purposes, I would like to take daily P2V snapshot of this single server. I am interested if anyone else is doing something similar and, if so, what you are using. Thanks, BF ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Password question
Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sunbelt's Archiver vs. others
Are you using Journaling or SEA Direct Archive? From: Stefan Jafs [mailto:stefan.j...@gmail.com] Sent: Thursday, July 29, 2010 11:45 AM To: NT System Admin Issues Subject: Re: Sunbelt's Archiver vs. others I'm using SEA but have no experience with others, I have 225 mailboxes and need to add about 25 more, I have been using it for about 15 months and have archived about 5,5 mil emails in about 200Gb. Very easy to manage, works great with Outlook remote and OWA. I'm quite happy with it. Stefan On Thu, Jul 29, 2010 at 11:38 AM, David blazer...@gmail.commailto:blazer...@gmail.com wrote: I'm doing research for a company considering implementing archiving. I like the looks of Sunbelt's product, but wondering if anyone else's research has uncovered any relatively objective comparisons of current archiving products. I've even inquired of Sunbelt Sales but they've been unable to provide me any. Anyone using a product they particularly like, for a size of say 300-600 mailboxes? -- David _ -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Vipre effectiveness false positives
I've been running VIPRE Enterprise in two different environments for over two years, one with 175 nodes and one with 250 nodes. Yes, there have been issues with false positives during that time and they've been more than an annoyance. However, since the files have been quarantined and not deleted I've been able to restore them without much of a problem. No down systems as a result in my experience. And yes, the client infection rates have definitely reduced after switching from McAfee Viruscan and MS Forefront to VIPRE. I can't give you firm stats but before switching to VIPRE we used to deal with 3-5 rouge av issues per month. That dropped on 1 or 2 after installing VIPRE and I can't recall a single incident in the past couple months. In addition to a better catch rate VIPRE has also had less drain on system performance than the previous av products. Again, not directly measurable but users don't complain about the long and slow scan times like they used to do. On my personal machine, the deep scan for Forefront used to take 5 hours or more. With VIPRE that dropped to about 3½. In my mind an occasional FP is a trade-off for the enhanced protection, lower impact on system performance, ease of management, and overall product satisfaction. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support – heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: MD3200i / VSphere
I have several MD3000i. Each management port has its own IP for redundant management. Each iScsi controller has two ports, again, for redundancy. You can change any of these IPs via the Dell software. I do not know if they can be bonded to increase throughput. I suggest contacting Dell support. They have a team that specializes in setup of the MD3000i, and setup should be included in the purchase price. From: Lists - Level5 [mailto:li...@levelfive.us] Sent: Wednesday, July 28, 2010 2:00 PM To: NT System Admin Issues Subject: MD3200i / VSphere Anyone managing an MD3000i series device? I only have been using LH and EQL boxes, but am installing an MD3000i (budget reasons), anyway the system comes up well and good, but my question was that each port has its own IP there isn't a 'group' IP like there is on EQL. On the iSCSI side on vpshere is the multi-paths where it sees all the IP's of both mgmt. controllers and 4 nics on each one. The default is 'Fixed' , but I was thinking I would push that to Round-Robin (Vmware) in order to get the most throughput to the 8GB of available connectivity ... I cant seem to find much mention of this , all the of setups and configs I have come across just show the basic setup. Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
What version of Exchange? This functionality has been there forever although there are some limitations. It's more or less fully there in Exchange 2007 SP3 and Exchange 2010 SP1. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:53 PM To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Sunbelt's Archiver vs. others
I'm archiving after 30 days as per recommendation from Sunbelt not to cause issues with BB's, I do not do Direct Archiving. SJ On Thu, Jul 29, 2010 at 11:55 AM, Bob Fronk b...@btrfronk.com wrote: Are you using Journaling or SEA Direct Archive? *From:* Stefan Jafs [mailto:stefan.j...@gmail.com] *Sent:* Thursday, July 29, 2010 11:45 AM *To:* NT System Admin Issues *Subject:* Re: Sunbelt's Archiver vs. others I'm using SEA but have no experience with others, I have 225 mailboxes and need to add about 25 more, I have been using it for about 15 months and have archived about 5,5 mil emails in about 200Gb. Very easy to manage, works great with Outlook remote and OWA. I’m quite happy with it. Stefan On Thu, Jul 29, 2010 at 11:38 AM, David blazer...@gmail.com wrote: I'm doing research for a company considering implementing archiving. I like the looks of Sunbelt's product, but wondering if anyone else's research has uncovered any relatively objective comparisons of current archiving products. I've even inquired of Sunbelt Sales but they've been unable to provide me any. Anyone using a product they particularly like, for a size of say 300-600 mailboxes? -- David _ -- Stefan Jafs -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
+100. I have very similar setups with nearly identical results. Much happier users and admins! -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:56 AM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I've been running VIPRE Enterprise in two different environments for over two years, one with 175 nodes and one with 250 nodes. Yes, there have been issues with false positives during that time and they've been more than an annoyance. However, since the files have been quarantined and not deleted I've been able to restore them without much of a problem. No down systems as a result in my experience. And yes, the client infection rates have definitely reduced after switching from McAfee Viruscan and MS Forefront to VIPRE. I can't give you firm stats but before switching to VIPRE we used to deal with 3-5 rouge av issues per month. That dropped on 1 or 2 after installing VIPRE and I can't recall a single incident in the past couple months. In addition to a better catch rate VIPRE has also had less drain on system performance than the previous av products. Again, not directly measurable but users don't complain about the long and slow scan times like they used to do. On my personal machine, the deep scan for Forefront used to take 5 hours or more. With VIPRE that dropped to about 3½. In my mind an occasional FP is a trade-off for the enhanced protection, lower impact on system performance, ease of management, and overall product satisfaction. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Physical to Virtual backup
Just in case anyone is curious, I finally gave up waiting for someone here to tell me how to do it, and Googled the question of Virtual to Physical. According to VMWare, it *can* be done, but it's a pain, so I think I'll go with something like Ghost 4 Linux to image the PC in question instead of virtualizing as a backup. That way, I *know* how to restore to the same or similar hardware. John-AldrichTile-Tools From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Thursday, July 29, 2010 11:52 AM To: NT System Admin Issues Subject: RE: Physical to Virtual backup I did Google. My interest was to see what experts on the list were doing. From: N Parr [mailto:npar...@mortonind.com] Sent: Wednesday, July 28, 2010 4:22 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup If you Google the subject of this email you will find a ton of resources complete with how-to's. Most of them free. One of the first hits steps you though scripting it hands off with VMware converter. _ From: Jay Dale [mailto:jd...@emlogis.com] Sent: Wednesday, July 28, 2010 3:02 PM To: NT System Admin Issues Subject: RE: Physical to Virtual backup Look at Shadowprotect from Storagecraft. I think they do something like that. Jay Dale Senior Systems Administrator o:713.785.0960 x290 From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Wednesday, July 28, 2010 8:53 AM To: NT System Admin Issues Subject: Physical to Virtual backup Good morning list members! I have a physical server running a 3rd party accounting package. The vendor does NOT support their product in a virtual environment or in a cluster at this time. I am certain it would run fine in a VM, but due to our support agreement, I must continue to run it on a single server. (The database is run on a separate SQL cluster) For backup and DR purposes, I would like to take daily P2V snapshot of this single server. I am interested if anyone else is doing something similar and, if so, what you are using. Thanks, BF ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
RE: Vipre effectiveness false positives
We have several hundred customer sites all protected with Vipre. Yes there have been issues, but what software product doesn't have some issues. The performance, reduced management issues, and phenomenal..Did I mention phenomenal support when there are questions or issues is worth it..PERIOD God rid of Symancrap, AVG, McCrapee, CA from lots of locations and I have had zero complaints..other than the one IBM issue.. :) Greg Sweers -Original Message- From: John Cook [mailto:john.c...@pfsf.org] Sent: Thursday, July 29, 2010 12:09 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives +100. I have very similar setups with nearly identical results. Much happier users and admins! -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:56 AM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I've been running VIPRE Enterprise in two different environments for over two years, one with 175 nodes and one with 250 nodes. Yes, there have been issues with false positives during that time and they've been more than an annoyance. However, since the files have been quarantined and not deleted I've been able to restore them without much of a problem. No down systems as a result in my experience. And yes, the client infection rates have definitely reduced after switching from McAfee Viruscan and MS Forefront to VIPRE. I can't give you firm stats but before switching to VIPRE we used to deal with 3-5 rouge av issues per month. That dropped on 1 or 2 after installing VIPRE and I can't recall a single incident in the past couple months. In addition to a better catch rate VIPRE has also had less drain on system performance than the previous av products. Again, not directly measurable but users don't complain about the long and slow scan times like they used to do. On my personal machine, the deep scan for Forefront used to take 5 hours or more. With VIPRE that dropped to about 3½. In my mind an occasional FP is a trade-off for the enhanced protection, lower impact on system performance, ease of management, and overall product satisfaction. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
I concur. We've had Vipre for *about* 6 months or so, since just before the new version came out. We've had a few F/Ps, but most of them were nothing serious... a little OEM-included software, usually, specific to the OEM (HP.) This past week, we had some F/Ps of .lnk files, but since they're just shortcuts, who gives a rip?!?! I've only had one or two real infections, and now that most people are no longer local admins, I haven't had any to speak of. I've only had one system that ate itself and I was able to hook up the hard drive to another computer and copy the data files I needed off the dead computer's hard drive, and once that was done, I wiped and reinstalled Windows on the affected computer. The problem was not even Vipre's fault.. it was the rootkit that caused so many blue screen errors when Microsoft put out a fix for the vulnerability after computers were already infected. I had one machine with that problem. I believe that was with Vipre 3.x. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:56 AM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I've been running VIPRE Enterprise in two different environments for over two years, one with 175 nodes and one with 250 nodes. Yes, there have been issues with false positives during that time and they've been more than an annoyance. However, since the files have been quarantined and not deleted I've been able to restore them without much of a problem. No down systems as a result in my experience. And yes, the client infection rates have definitely reduced after switching from McAfee Viruscan and MS Forefront to VIPRE. I can't give you firm stats but before switching to VIPRE we used to deal with 3-5 rouge av issues per month. That dropped on 1 or 2 after installing VIPRE and I can't recall a single incident in the past couple months. In addition to a better catch rate VIPRE has also had less drain on system performance than the previous av products. Again, not directly measurable but users don't complain about the long and slow scan times like they used to do. On my personal machine, the deep scan for Forefront used to take 5 hours or more. With VIPRE that dropped to about 3½. In my mind an occasional FP is a trade-off for the enhanced protection, lower impact on system performance, ease of management, and overall product satisfaction. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Auditing in Windows 2008 and R2 what are folks doing?
There are TCP syslog options. On Thu, Jul 29, 2010 at 01:50, Ken Schaefer k...@adopenstatic.com wrote: We are implementing this in an even bigger environment. However syslog runs over UDP (natively) and it’s not reliable. You’d need to use software that gives you more reliability (e.g. by sending the traffic over TCP) if you need this to produce reliable log files centrally. Cheers Ken From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, 29 July 2010 3:50 AM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? 800+ servers to a syslog? Plus going to have to put agents on every single server in the domain? Really haven’t used Syslog much for the windows event logging Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, July 28, 2010 3:48 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? EventCombMT still works... :) Why not export all the logs to SysLog, and spend a few tiny dollars on searching those logs? Syslog servers are cheap/free. Syslog forwarders for Windows are cheap/free. Tools to search consolidated logs range from free to exorbitant. See Splunk on both accounts. :) Once you have established the value of log parsing and management, you'll have a slightly better chance of procuring some funds. -ASB: http://XeeSM.com/AndrewBaker On Wed, Jul 28, 2010 at 3:38 PM, Ziots, Edward ezi...@lifespan.org wrote: Naa its far harder than that, I think someone said we can dump the event logs via powershell, but using EventCombMT when I need to get something I hope still works. Either that or I am going to have to bug MGMT again about a dedicated eventlog management tool. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, July 28, 2010 3:36 PM To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? Tough gig then. Looks like you're going to be doing a lot of creative stuff with dumpel.exe and the findstr command :-) On 28 July 2010 13:06, Ziots, Edward ezi...@lifespan.org wrote: I don’t have SCOM, I wish I had some event log auditing solution, been asking for 5+ yrs, and all it ever falls on is deaf ears…. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Malcolm Reitz [mailto:malcolm.re...@live.com] Sent: Tuesday, July 27, 2010 6:29 PM To: NT System Admin Issues Subject: RE: Auditing in Windows 2008 and R2 what are folks doing? Have you looked in to using the Audit Collection Services piece of SCOM? I think ACS could be valuable for security event reporting and forensics use. -Malcolm From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, July 27, 2010 15:41 To: NT System Admin Issues Subject: Re: Auditing in Windows 2008 and R2 what are folks doing? I'm mainly interested in account lockouts, logons attempted under things like built-in administrator accounts, high numbers of logon failures, and any attempts to modify security policies and/or protected groups (such as local admins, domain admins, server ops, and the like). We've also got certain areas where file access is audited. I use SCOM to try and aggregate the events for me. This is quite handy, as it also monitors things like failed su to root on our ESX servers and other stuff outside of the Windows event logging arena. On 27 July 2010 20:15, Ziots, Edward ezi...@lifespan.org wrote: Hey gang, well I wanted to ask the group, what is everyone doing about their audit policies on Windows 2008 R2 for domain controllers or member servers. I have mapped out all the audit categories and sub-categories, and events, but I don’t want the logs to turn into soup, so kinda wanted to see what others were doing for which categories and subcategories they turned on auditing for. Would be nice to bounce some ideas off about certain events. ( Already plowed through M$ site descriptions, the Microsoft Security Resource Kit and Randy Franklin Smith’s Eventlog site) Feel free to post here, or if you like catch me offline, love to hear the feedback. After this its on to Firewall rules accordingly for the servers and either scripting or GPOing that out for a baseline. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able
RE: Password question
Would be going to Exchange 2010. The users' only access would be through OWA, no full client on the desktop. Brian Desmond br...@briandesmond.com 7/29/2010 9:01 AM What version of Exchange? This functionality has been there forever although there are some limitations. It's more or less fully there in Exchange 2007 SP3 and Exchange 2010 SP1. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:53 PM To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
The gotcha is that the functionality has been reduced in 2007 pre-SP3 and 2010 pre-SP1. There is no way to change an expired password without these latest SPs. In 2003, IISADMPWD, with all it's warts, at least let you deal with expired passwords. However it looks to be very nice in 2010 once SP1 hits. -Original Message- From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, July 29, 2010 11:02 AM To: NT System Admin Issues Subject: RE: Password question What version of Exchange? This functionality has been there forever although there are some limitations. It's more or less fully there in Exchange 2007 SP3 and Exchange 2010 SP1. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:53 PM To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Vipre effectiveness false positives
Our parent company is using SEP now and after viewing how well VIPRE functions in our environment is considering it as the only viable alternative when the Symantec contract is up in a month or two. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support – heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
As long as you don't check User must change password at next logon you should be ok. If you do check that, you're gonna want to wait for SP1 or put up and IIS 6 box with IISADMPWD configured. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:28 AM To: NT System Admin Issues Subject: RE: Password question Would be going to Exchange 2010. The users' only access would be through OWA, no full client on the desktop. Brian Desmond br...@briandesmond.com 7/29/2010 9:01 AM What version of Exchange? This functionality has been there forever although there are some limitations. It's more or less fully there in Exchange 2007 SP3 and Exchange 2010 SP1. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:53 PM To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
What version of Exchange / OWA? If 2010, then yes, via the ECP, users can perform various self-service activities at will... If 2007, then the option is also there under Options Change Password... Also, as I recall, - since each of the above options require that the user is already logged in to their mailbox in order to be able to get to those links... OWA will also prompt a user for a password change in the event that a password has expired, or it's a new user account with the must change password at next logon setting applied... So yes, users can change their AD passwords via OWA with *almost* as much flexibility as from a normal login session on a domain joined desktop client HTH Paul G. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: 29 July 2010 16:53 To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Remote Recycle Bin Access?
Did you check permissions? If Creator-Owner isn't listed you may have to add it or give yourself permissions even after you take ownership. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:38 AM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? Thanks. I've copied the entire folder (3.5 GB) over to my machine and see two SID entries but can't view the contents. I tried taking ownership but no go. Suggestions? Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:16 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sunbelt's Archiver vs. others
I like Sunbelt's solution and I like RedGate's solution. I think they are both very functional for the small/medium organization. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: David [mailto:blazer...@gmail.com] Sent: Thursday, July 29, 2010 11:38 AM To: NT System Admin Issues Subject: Sunbelt's Archiver vs. others I'm doing research for a company considering implementing archiving. I like the looks of Sunbelt's product, but wondering if anyone else's research has uncovered any relatively objective comparisons of current archiving products. I've even inquired of Sunbelt Sales but they've been unable to provide me any. Anyone using a product they particularly like, for a size of say 300-600 mailboxes? -- David _ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
Cool, so with 2010, I don't have to uncheck the User must change password option? Paul Gordon paul_gor...@hotmail.com 7/29/2010 9:38 AM What version of Exchange / OWA? If 2010, then yes, via the ECP, users can perform various self-service activities at will... If 2007, then the option is also there under Options Change Password... Also, as I recall, - since each of the above options require that the user is already logged in to their mailbox in order to be able to get to those links... OWA will also prompt a user for a password change in the event that a password has expired, or it's a new user account with the must change password at next logon setting applied... So yes, users can change their AD passwords via OWA with *almost* as much flexibility as from a normal login session on a domain joined desktop client HTH Paul G. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: 29 July 2010 16:53 To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
2010 sp1. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 12:49 PM To: NT System Admin Issues Subject: RE: Password question Cool, so with 2010, I don't have to uncheck the User must change password option? Paul Gordon paul_gor...@hotmail.com 7/29/2010 9:38 AM What version of Exchange / OWA? If 2010, then yes, via the ECP, users can perform various self-service activities at will... If 2007, then the option is also there under Options Change Password... Also, as I recall, - since each of the above options require that the user is already logged in to their mailbox in order to be able to get to those links... OWA will also prompt a user for a password change in the event that a password has expired, or it's a new user account with the must change password at next logon setting applied... So yes, users can change their AD passwords via OWA with *almost* as much flexibility as from a normal login session on a domain joined desktop client HTH Paul G. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: 29 July 2010 16:53 To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Remote Recycle Bin Access?
It's definitely a perms issue. But Windows 7 balks at altering a system folder and its contents. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 12:47 PM, Ralph Smith m...@gatewayindustries.org wrote: Did you check permissions? If Creator-Owner isn't listed you may have to add it or give yourself permissions even after you take ownership. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:38 AM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? Thanks. I've copied the entire folder (3.5 GB) over to my machine and see two SID entries but can't view the contents. I tried taking ownership but no go. Suggestions? Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:16 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Remote Recycle Bin Access?
Between attrib.exe and icacls.exe you can make it do what you want (if you are at least local admin). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 1:11 PM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? It's definitely a perms issue. But Windows 7 balks at altering a system folder and its contents. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 12:47 PM, Ralph Smith m...@gatewayindustries.org wrote: Did you check permissions? If Creator-Owner isn't listed you may have to add it or give yourself permissions even after you take ownership. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:38 AM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? Thanks. I've copied the entire folder (3.5 GB) over to my machine and see two SID entries but can't view the contents. I tried taking ownership but no go. Suggestions? Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:16 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Remote Recycle Bin Access?
Tried the attrib command and was able to remove the hidden setting on the main folder but not on the contents. I'll play with icacls. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 1:13 PM, Michael B. Smith mich...@smithcons.com wrote: Between attrib.exe and icacls.exe you can make it do what you want (if you are at least local admin). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 1:11 PM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? It's definitely a perms issue. But Windows 7 balks at altering a system folder and its contents. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 12:47 PM, Ralph Smith m...@gatewayindustries.org wrote: Did you check permissions? If Creator-Owner isn't listed you may have to add it or give yourself permissions even after you take ownership. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:38 AM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? Thanks. I've copied the entire folder (3.5 GB) over to my machine and see two SID entries but can't view the contents. I tried taking ownership but no go. Suggestions? Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:16 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: GPO and folder redirections
Spin up a 2008 or 2008 R2 DC, and I think this might let you have the extra GPOs without raising your FFL or DFL. I'm not sure on this though, off the top of my head - others may be able to confirm or deny. I am pretty sure I was using the new Group Policy Preferences before I upgraded my domain. On 29 July 2010 15:21, John Aldrich jaldr...@blueridgecarpet.com wrote: Exactly. We're on 2003 R2, so I'm only seeing My Documents, Desktop and Application Data as options to redirect. :-( -Original Message- From: greg.swe...@actsconsulting.net [mailto: greg.swe...@actsconsulting.net] Sent: Thursday, July 29, 2010 9:56 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections 2008 Domains have those ADM files built into GPM. You wont see those in 2003 using GPM by default. -Original Message- From: Wilhelm, Scott [mailto:swilh...@mcs.k12.ny.us] Sent: Thursday, July 29, 2010 9:45 AM To: NT System Admin Issues Subject: RE: GPO and folder redirections There are GPs for those folders too. So, if you want to keep them local or redirect them elsewhere, you should be able to do that. HTH, Scott --- Scott Wilhelm Computer Technician Massena Central School District St. Lawrence-Lewis BOCES (315) 764-3700 ext. 3046 The harder I work, the luckier I get. Samuel Goldwyn -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, July 29, 2010 9:40 AM To: NT System Admin Issues Subject: GPO and folder redirections Is there a way, using GPO and folder redirection to *exclude* some directories under My Documents? I'm thinking of using Folder Redirection, however, I can't find any way, using the GPO editor, to exclude things like My Pictures and My Music. -- Thanks, John Aldrich Blueridge Industries IT Manager ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: GPO and folder redirections
You don't need to raise the FFL or DFL. You also don't need a 2008 or 2008 R2 DC - a member server will be fine. Heck, a Vista or Win7 desktop with the appropriate RSAT will do just fine. On 7/29/2010 12:35 PM, James Rankin wrote: Spin up a 2008 or 2008 R2 DC, and I think this might let you have the extra GPOs without raising your FFL or DFL. I'm not sure on this though, off the top of my head - others may be able to confirm or deny. I am pretty sure I was using the new Group Policy Preferences before I upgraded my domain. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
I think we ARE seeing this issue. We seem to see four versions of the disc: one for each route (2 HBAs x 2 FC switches to SAN). PowerPath is new here, so trying to get a handle on this. -sc From: Jim Holmgren [mailto:jholmg...@xlhealth.com] Sent: Thursday, July 29, 2010 8:59 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I'm running PowerPath v5.3 (build 11) on a 2008R2 server connected to my CX4-240. I haven't seen this behavior. Dell r710 with QLogic HBAs. To the best of my understanding, you are correct - PowerPath basically makes sure that even though there are multiple physical paths to the target LUN, only one is 'seen' by Windows. Jim Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 Not using MirrorView... We have a DMX 1000 SAN, on the backend and Qlogic HBA's on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AQlogic To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Direct Access behimd pix firewall
Anyone here running direct access behind a pix firewall? I really don't trust this yet and it is in testing mode. Luke L. Brumbaugh Network Engineer Butler Animal Health Supply Ph:(614) 659-1736 ** CONFIDENTIALITY NOTICE - The information transmitted in this message is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy all copies of this document. Thank you. Butler Schein Animal Health ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Direct Access behimd pix firewall
http://webcache.googleusercontent.com/search?q=cache:JzzGkCcJNIsJ:www.experts-exchange.com/Security/Software_Firewalls/Enterprise_Firewalls/Checkpoint_Firewall/Q_25148706.html+DirectAccess+Server+Behind+Firewall+Without+NATcd=1hl=enct=clnkgl=us From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] Sent: Thursday, July 29, 2010 1:41 PM To: NT System Admin Issues Subject: Direct Access behimd pix firewall Anyone here running direct access behind a pix firewall? I really don't trust this yet and it is in testing mode. Luke L. Brumbaugh Network Engineer Butler Animal Health Supply Ph:(614) 659-1736 ** CONFIDENTIALITY NOTICE - The information transmitted in this message is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy all copies of this document. Thank you. Butler Schein Animal Health ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
We have to uninstall and then reinstall Powerpath 5.3 SP1 on ours and reboot to get it to work. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, July 29, 2010 1:40 PM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I think we ARE seeing this issue. We seem to see four versions of the disc: one for each route (2 HBAs x 2 FC switches to SAN). PowerPath is new here, so trying to get a handle on this. -sc From: Jim Holmgren [mailto:jholmg...@xlhealth.com] Sent: Thursday, July 29, 2010 8:59 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I'm running PowerPath v5.3 (build 11) on a 2008R2 server connected to my CX4-240. I haven't seen this behavior. Dell r710 with QLogic HBAs. To the best of my understanding, you are correct - PowerPath basically makes sure that even though there are multiple physical paths to the target LUN, only one is 'seen' by Windows. Jim Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 Not using MirrorView... We have a DMX 1000 SAN, on the backend and Qlogic HBA's on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AQlogic To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: EMC Powerpath and Windows 2008 R2
Thanks Edward... -sc From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 1:45 PM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 We have to uninstall and then reinstall Powerpath 5.3 SP1 on ours and reboot to get it to work. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, July 29, 2010 1:40 PM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I think we ARE seeing this issue. We seem to see four versions of the disc: one for each route (2 HBAs x 2 FC switches to SAN). PowerPath is new here, so trying to get a handle on this. -sc From: Jim Holmgren [mailto:jholmg...@xlhealth.com] Sent: Thursday, July 29, 2010 8:59 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I'm running PowerPath v5.3 (build 11) on a 2008R2 server connected to my CX4-240. I haven't seen this behavior. Dell r710 with QLogic HBAs. To the best of my understanding, you are correct - PowerPath basically makes sure that even though there are multiple physical paths to the target LUN, only one is 'seen' by Windows. Jim Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:53 AM To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 Not using MirrorView... We have a DMX 1000 SAN, on the backend and Qlogic HBA's on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Thursday, July 29, 2010 8:37 AQlogic To: NT System Admin Issues Subject: RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, July 29, 2010 8:32 AM To: NT System Admin Issues Subject: EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN's from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Vipre effectiveness false positives
I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.comwrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant ( http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support – heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: EMC Powerpath and Windows 2008 R2
Pretty incredible timing. One of my analysts just informed me about an hour ago that he upgraded one of our test 2008 boxes to 2008 R2 and the SAN allocated disks dissappeared. I had to uninstall and re-install PowerPath to resolve the issue. It appeared that even though the PowerPath service was running, the PowerPath monitor wasn't working. Attempting to manually start the PowerPath monitor caused an error stating RPC Server Unavailable. Check that the PowerPath Service is running. The service would fail to start successfully after attempting to restart it. - Sean On Thu, Jul 29, 2010 at 9:45 AM, Ziots, Edward ezi...@lifespan.org wrote: We have to uninstall and then reinstall Powerpath 5.3 SP1 on ours and reboot to get it to work. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* Steven M. Caesare [mailto:scaes...@caesare.com] *Sent:* Thursday, July 29, 2010 1:40 PM *To:* NT System Admin Issues *Subject:* RE: EMC Powerpath and Windows 2008 R2 I think we ARE seeing this issue. We seem to see four versions of the disc: one for each route (2 HBAs x 2 FC switches to SAN). PowerPath is new here, so trying to get a handle on this. -sc *From:* Jim Holmgren [mailto:jholmg...@xlhealth.com] *Sent:* Thursday, July 29, 2010 8:59 AM *To:* NT System Admin Issues *Subject:* RE: EMC Powerpath and Windows 2008 R2 I’m running PowerPath v5.3 (build 11) on a 2008R2 server connected to my CX4-240. I haven’t seen this behavior. Dell r710 with QLogic HBAs. To the best of my understanding, you are correct – PowerPath basically makes sure that even though there are multiple physical paths to the target LUN, only one is ‘seen’ by Windows. Jim Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.com *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, July 29, 2010 8:53 AM *To:* NT System Admin Issues *Subject:* RE: EMC Powerpath and Windows 2008 R2 Not using MirrorView… We have a DMX 1000 SAN, on the backend and Qlogic HBA’s on the server, along with the Powerpath V5.3 SP1, which claims via the documentation to support Windows 2008 R2. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 *From:* Mayo, Bill [mailto:bem...@pittcountync.gov] *Sent:* Thursday, July 29, 2010 8:37 AQlogic *To:* NT System Admin Issues *Subject:* RE: EMC Powerpath and Windows 2008 R2 I don't have PowerPath on any 2008 servers, so I can't speak to that. Are you using MirrorView? If so, it is possible that you are seeing the mirror copy of the disk as well as the original. Bill Mayo -- *From:* Ziots, Edward [mailto:ezi...@lifespan.org] *Sent:* Thursday, July 29, 2010 8:32 AM *To:* NT System Admin Issues *Subject:* EMC Powerpath and Windows 2008 R2 Folks, Is anyone out there using EMC powerpath with Windows 2008 R2, to present LUN’s from an EMC SAN to servers/Clusters etc etc? My SAN Guy, basically is telling me that the role service of Multipath I/O is added to the server when the EMC Powerpath is added but when the drives are presented we are seeing two disks in disk management, not one, which the Multipath software in EMC Powerpath is supposed to take care of. ( We are using Version 5.3 SP1, on X64 Windows 2008 R2) Nothing showing up on the EMC site accordingly, Any ideas accordingly? Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org email%3aezi...@lifespan.org Cell:401-639-3505 CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o
Re: GPO and folder redirections
That's correct, I remember now. We still had XP desktops so I had to fire up a 2008 server and use the tools on there. I think you have to load the Group Policy CLient Side Extensions onto your older clients (XP desktops, 2003 servers) and it works fine from there. On 29 July 2010 18:39, Phil Brutsche p...@optimumdata.com wrote: You don't need to raise the FFL or DFL. You also don't need a 2008 or 2008 R2 DC - a member server will be fine. Heck, a Vista or Win7 desktop with the appropriate RSAT will do just fine. On 7/29/2010 12:35 PM, James Rankin wrote: Spin up a 2008 or 2008 R2 DC, and I think this might let you have the extra GPOs without raising your FFL or DFL. I'm not sure on this though, off the top of my head - others may be able to confirm or deny. I am pretty sure I was using the new Group Policy Preferences before I upgraded my domain. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Remote Recycle Bin Access?
SOLVED! ATTRIB -S -H -R all on one line took care of it. I'm in! Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 1:13 PM, Michael B. Smith mich...@smithcons.com wrote: Between attrib.exe and icacls.exe you can make it do what you want (if you are at least local admin). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 1:11 PM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? It's definitely a perms issue. But Windows 7 balks at altering a system folder and its contents. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 12:47 PM, Ralph Smith m...@gatewayindustries.org wrote: Did you check permissions? If Creator-Owner isn't listed you may have to add it or give yourself permissions even after you take ownership. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:38 AM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? Thanks. I've copied the entire folder (3.5 GB) over to my machine and see two SID entries but can't view the contents. I tried taking ownership but no go. Suggestions? Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:16 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Remote Recycle Bin Access?
Make sure you do it from in an elevated CMD prompt. And you need to remove the SYSTEM attribute as well. -ASB: http://XeeSM.com/AndrewBaker On Thu, Jul 29, 2010 at 1:22 PM, Roger Wright rhw...@gmail.com wrote: Tried the attrib command and was able to remove the hidden setting on the main folder but not on the contents. I'll play with icacls. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 1:13 PM, Michael B. Smith mich...@smithcons.com wrote: Between attrib.exe and icacls.exe you can make it do what you want (if you are at least local admin). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 1:11 PM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? It's definitely a perms issue. But Windows 7 balks at altering a system folder and its contents. Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 12:47 PM, Ralph Smith m...@gatewayindustries.org wrote: Did you check permissions? If Creator-Owner isn't listed you may have to add it or give yourself permissions even after you take ownership. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, July 29, 2010 11:38 AM To: NT System Admin Issues Subject: Re: Remote Recycle Bin Access? Thanks. I've copied the entire folder (3.5 GB) over to my machine and see two SID entries but can't view the contents. I tried taking ownership but no go. Suggestions? Die dulci fruere! Roger Wright ___ On Thu, Jul 29, 2010 at 11:16 AM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jul 29, 2010 at 11:05 AM, Roger Wright rhw...@gmail.com wrote: I need to browse to a remote XP machine and view the Recycle Bin for a particular user. I see the hidden Recycler folder in the root of C: but it's empty. Is there another location I can search? The Recycle Bin for a user is stored per drive, under C:\RECYCLER, in a subdirectory named after their SID. For example: C:\RECYCLER\S-1-5-21-12345-5789-9876-54321 -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: -- This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by anyone other than the intended recipient is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl Confidentiality Notice: -- This communication, including any attachments, may contain confidential inf ormation and is intended only for the individual or entity to whom it is add ressed. Any review, dissemination, or copying of this communication by anyon e other than the intended recipient is strictly prohibited. If you are not t he intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: there's 3 kinds of lies: lies, damned lies, and statistics From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl Confidentiality Notice: ** This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by an yone other than the intended recipient is strictly prohibited. If you are no t the intended recipient, please contact the sender by reply email, delete a nd destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Forefront Endpoint Beta
Anyone playing with this? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: MD3200i / VSphere
Right, they can't be bonded. With dual controllers (4 nics) you can configure multipath, with a single controller, you can only configure for failover. -mb From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Thursday, July 29, 2010 9:00 AM To: NT System Admin Issues Subject: RE: MD3200i / VSphere I have several MD3000i. Each management port has its own IP for redundant management. Each iScsi controller has two ports, again, for redundancy. You can change any of these IPs via the Dell software. I do not know if they can be bonded to increase throughput. I suggest contacting Dell support. They have a team that specializes in setup of the MD3000i, and setup should be included in the purchase price. From: Lists - Level5 [mailto:li...@levelfive.us] Sent: Wednesday, July 28, 2010 2:00 PM To: NT System Admin Issues Subject: MD3200i / VSphere Anyone managing an MD3000i series device? I only have been using LH and EQL boxes, but am installing an MD3000i (budget reasons), anyway the system comes up well and good, but my question was that each port has its own IP there isn't a 'group' IP like there is on EQL. On the iSCSI side on vpshere is the multi-paths where it sees all the IP's of both mgmt. controllers and 4 nics on each one. The default is 'Fixed' , but I was thinking I would push that to Round-Robin (Vmware) in order to get the most throughput to the 8GB of available connectivity ... I cant seem to find much mention of this , all the of setups and configs I have come across just show the basic setup. Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I'm not knocking VIPRE at all - I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 2:28 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: there's 3 kinds of lies: lies, damned lies, and statistics From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl Confidentiality Notice: ** This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by an yone other than the intended recipient is strictly prohibited. If you are no t the intended recipient, please contact the sender by reply email, delete a nd destroy all copies of the original message. Confidentiality Notice: -- This communication, including any attachments, may contain confidential inf ormation and is intended only for the individual or entity to whom it is add ressed. Any review, dissemination, or copying of this communication by anyon e other than the intended recipient is strictly prohibited. If you are not t he intended recipient, please contact the sender by reply email, delete and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
I track the detection statistics daily of VIPRE against 30+ competitors against hundreds of thousands of real malware in the wild. The detection stats on VirusTotal do not reflect reality. We will reach out to them to find out what exactly is going on with their zoo. I am happy to share data with anyone off-list, just ping me directly. Alex Eckelberry CEO, Sunbelt Software Part of GFI Software Family From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 2:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.commailto:c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl Confidentiality Notice: ** This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by an yone other than the intended recipient is strictly prohibited. If you are no t the intended recipient, please contact the sender by reply email, delete a nd destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
My point was really that all AV vendors have experience FPs, not just Vipre. I agree that statistics can be a valuable tool, it's just that which ones you choose and how you present them can be misleading. For example, in a horse race between the US and Russia, the US horse won. In the American papers, it was reported that the US was took first place. In the Russian papers, it was reported that the US was next to last and that Russia was second place. The statistics reported in both cases were true, but the picture they gave of the race was very different. From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 3:08 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I'm not knocking VIPRE at all - I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 2:28 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: there's 3 kinds of lies: lies, damned lies, and statistics From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl Confidentiality Notice: ** This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by an yone other than the intended recipient is strictly prohibited. If you are no t the intended recipient, please contact the sender by reply email, delete a nd destroy all copies of the original message.
RE: Forefront Endpoint Beta
I have been. It has changed quite a lot over time. May still be a change or 2 coming before it is released. Any specific questions? Tim -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 1:52 PM To: NT System Admin Issues Subject: Forefront Endpoint Beta Anyone playing with this? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Forefront Endpoint Beta
Not really. We just recently setup FCS, and was wondering how different it is now. I understand it works with SCCM now, instead of MoM. Is the interface useful yet? Just finding out what machines are up to date and which aren't is a trial at the moment... Tim Vander Kooi tvanderk...@expl.com 7/29/2010 4:00 PM I have been. It has changed quite a lot over time. May still be a change or 2 coming before it is released. Any specific questions? Tim -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 1:52 PM To: NT System Admin Issues Subject: Forefront Endpoint Beta Anyone playing with this? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
I don't disagree, but when you are presented with information you have to evaluate the validity of the data, and hopefully get clarification from those involved when it implies that there may be a problem. Virus Bulletin actually warned in the explanation of the chart that it was just one result and that conclusions shouldn't be jumped to until there was more data. And sometimes, a horse is just a horse, of course. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 4:39 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives My point was really that all AV vendors have experience FPs, not just Vipre. I agree that statistics can be a valuable tool, it's just that which ones you choose and how you present them can be misleading. For example, in a horse race between the US and Russia, the US horse won. In the American papers, it was reported that the US was took first place. In the Russian papers, it was reported that the US was next to last and that Russia was second place. The statistics reported in both cases were true, but the picture they gave of the race was very different. From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 3:08 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I'm not knocking VIPRE at all - I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 2:28 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: there's 3 kinds of lies: lies, damned lies, and statistics From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to
Re: Vipre effectiveness false positives
Unless, of course, the horse, of course... On Thu, Jul 29, 2010 at 8:48 PM, Ralph Smith m...@gatewayindustries.orgwrote: I don't disagree, but when you are presented with information you have to evaluate the validity of the data, and hopefully get clarification from those involved when it implies that there may be a problem. Virus Bulletin actually warned in the explanation of the chart that it was just one result and that conclusions shouldn't be jumped to until there was more data. And sometimes, a horse is just a horse, of course. -- *From:* Kim Longenbaugh [mailto:k...@colonialsavings.com] *Sent:* Thursday, July 29, 2010 4:39 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives My point was really that all AV vendors have experience FPs, not just Vipre. I agree that statistics can be a valuable tool, it’s just that which ones you choose and how you present them can be misleading. For example, in a horse race between the US and Russia, the US horse won. In the American papers, it was reported that the US was took first place. In the Russian papers, it was reported that the US was next to last and that Russia was second place. The statistics reported in both cases were true, but the picture they gave of the race was very different. *From:* Ralph Smith [mailto:m...@gatewayindustries.org] *Sent:* Thursday, July 29, 2010 3:08 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I’m not knocking VIPRE at all – I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. -- *From:* Kim Longenbaugh [mailto:k...@colonialsavings.com] *Sent:* Thursday, July 29, 2010 2:28 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: “there’s 3 kinds of lies: lies, damned lies, and statistics” *From:* Ralph Smith [mailto:m...@gatewayindustries.org] *Sent:* Thursday, July 29, 2010 1:20 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives I’ve had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I’ve had only a half dozen infections in that time – all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying – the only popular business class AV solution that scored worse was CA (my former solution), and most of the others – McAfee, ESET, Kaspersky, Sophos to name a few – show significantly better results. It would be interesting to hear a comment from Sunbelt – a little reassurance needed here. :-) -- *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Thursday, July 29, 2010 1:48 PM *To:* NT System Admin Issues *Subject:* Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant ( http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result?
RE: OT: Vipre effectiveness false positives
Not if his name is Mr. Ed. :-) Sent from my HTC Tilt™ 2, a Windows® phone from ATT From: Ralph Smith m...@gatewayindustries.org Sent: Thursday, July 29, 2010 8:49 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: RE: Vipre effectiveness false positives I don't disagree, but when you are presented with information you have to evaluate the validity of the data, and hopefully get clarification from those involved when it implies that there may be a problem. Virus Bulletin actually warned in the explanation of the chart that it was just one result and that conclusions shouldn't be jumped to until there was more data. And sometimes, a horse is just a horse, of course. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 4:39 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives My point was really that all AV vendors have experience FPs, not just Vipre. I agree that statistics can be a valuable tool, it’s just that which ones you choose and how you present them can be misleading. For example, in a horse race between the US and Russia, the US horse won. In the American papers, it was reported that the US was took first place. In the Russian papers, it was reported that the US was next to last and that Russia was second place. The statistics reported in both cases were true, but the picture they gave of the race was very different. From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 3:08 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I’m not knocking VIPRE at all – I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 2:28 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: “there’s 3 kinds of lies: lies, damned lies, and statistics” From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I’ve had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I’ve had only a half dozen infections in that time – all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying – the only popular business class AV solution that scored worse was CA (my former solution), and most of the others – McAfee, ESET, Kaspersky, Sophos to name a few – show significantly better results. It would be interesting to hear a comment from Sunbelt – a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.commailto:c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified.
Re: OT: Vipre effectiveness false positives
Great (and terribly bored) minds think alike, I suppose. :-) On Thu, Jul 29, 2010 at 8:53 PM, Michael B. Smith mich...@smithcons.comwrote: Not if his name is Mr. Ed. :-) Sent from my HTC Tilt™ 2, a Windows® phone from ATT -- From: Ralph Smith m...@gatewayindustries.org Sent: Thursday, July 29, 2010 8:49 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: RE: Vipre effectiveness false positives I don't disagree, but when you are presented with information you have to evaluate the validity of the data, and hopefully get clarification from those involved when it implies that there may be a problem. Virus Bulletin actually warned in the explanation of the chart that it was just one result and that conclusions shouldn't be jumped to until there was more data. And sometimes, a horse is just a horse, of course. -- *From:* Kim Longenbaugh [mailto:k...@colonialsavings.com] *Sent:* Thursday, July 29, 2010 4:39 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives My point was really that all AV vendors have experience FPs, not just Vipre. I agree that statistics can be a valuable tool, it’s just that which ones you choose and how you present them can be misleading. For example, in a horse race between the US and Russia, the US horse won. In the American papers, it was reported that the US was took first place. In the Russian papers, it was reported that the US was next to last and that Russia was second place. The statistics reported in both cases were true, but the picture they gave of the race was very different. *From:* Ralph Smith [mailto:m...@gatewayindustries.org] *Sent:* Thursday, July 29, 2010 3:08 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I’m not knocking VIPRE at all – I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. -- *From:* Kim Longenbaugh [mailto:k...@colonialsavings.com] *Sent:* Thursday, July 29, 2010 2:28 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: “there’s 3 kinds of lies: lies, damned lies, and statistics” *From:* Ralph Smith [mailto:m...@gatewayindustries.org] *Sent:* Thursday, July 29, 2010 1:20 PM *To:* NT System Admin Issues *Subject:* RE: Vipre effectiveness false positives I’ve had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I’ve had only a half dozen infections in that time – all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying – the only popular business class AV solution that scored worse was CA (my former solution), and most of the others – McAfee, ESET, Kaspersky, Sophos to name a few – show significantly better results. It would be interesting to hear a comment from Sunbelt – a little reassurance needed here. :-) -- *From:* Erik Goldoff [mailto:egold...@gmail.com] *Sent:* Thursday, July 29, 2010 1:48 PM *To:* NT System Admin Issues *Subject:* Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (
RE: OT: Vipre effectiveness false positives
I've been doing tech edits for magazine articles...not the most fun task. Even on holiday, i have to keep my customers happy! But the rest of the family is sleeping after a long day of having fun... Sent from my HTC Tilt™ 2, a Windows® phone from ATT From: Richard Stovall rich...@gmail.com Sent: Thursday, July 29, 2010 8:57 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: OT: Vipre effectiveness false positives Great (and terribly bored) minds think alike, I suppose. :-) On Thu, Jul 29, 2010 at 8:53 PM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: Not if his name is Mr. Ed. :-) Sent from my HTC Tilt™ 2, a Windows® phone from ATT From: Ralph Smith m...@gatewayindustries.orgmailto:m...@gatewayindustries.org Sent: Thursday, July 29, 2010 8:49 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: Vipre effectiveness false positives I don't disagree, but when you are presented with information you have to evaluate the validity of the data, and hopefully get clarification from those involved when it implies that there may be a problem. Virus Bulletin actually warned in the explanation of the chart that it was just one result and that conclusions shouldn't be jumped to until there was more data. And sometimes, a horse is just a horse, of course. From: Kim Longenbaugh [mailto:k...@colonialsavings.commailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 4:39 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives My point was really that all AV vendors have experience FPs, not just Vipre. I agree that statistics can be a valuable tool, it’s just that which ones you choose and how you present them can be misleading. For example, in a horse race between the US and Russia, the US horse won. In the American papers, it was reported that the US was took first place. In the Russian papers, it was reported that the US was next to last and that Russia was second place. The statistics reported in both cases were true, but the picture they gave of the race was very different. From: Ralph Smith [mailto:m...@gatewayindustries.orgmailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 3:08 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I’m not knocking VIPRE at all – I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. From: Kim Longenbaugh [mailto:k...@colonialsavings.commailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 2:28 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: “there’s 3 kinds of lies: lies, damned lies, and statistics” From: Ralph Smith [mailto:m...@gatewayindustries.orgmailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I’ve had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I’ve had only a half dozen infections in that time – all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying – the only popular business class AV solution that scored worse was CA (my former solution), and most of the others – McAfee, ESET, Kaspersky, Sophos to name a few – show significantly better results. It would be interesting to hear a comment from Sunbelt – a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.commailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl
RE: OT: Vipre effectiveness false positives
Willlburrr!... From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, July 29, 2010 8:53 PM To: NT System Admin Issues Subject: RE: OT: Vipre effectiveness false positives Not if his name is Mr. Ed. :-) Sent from my HTC Tilt(tm) 2, a Windows(r) phone from ATT From: Ralph Smith m...@gatewayindustries.org Sent: Thursday, July 29, 2010 8:49 PM To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: RE: Vipre effectiveness false positives I don't disagree, but when you are presented with information you have to evaluate the validity of the data, and hopefully get clarification from those involved when it implies that there may be a problem. Virus Bulletin actually warned in the explanation of the chart that it was just one result and that conclusions shouldn't be jumped to until there was more data. And sometimes, a horse is just a horse, of course. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 4:39 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives My point was really that all AV vendors have experience FPs, not just Vipre. I agree that statistics can be a valuable tool, it's just that which ones you choose and how you present them can be misleading. For example, in a horse race between the US and Russia, the US horse won. In the American papers, it was reported that the US was took first place. In the Russian papers, it was reported that the US was next to last and that Russia was second place. The statistics reported in both cases were true, but the picture they gave of the race was very different. From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 3:08 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives True, but there were people on the VIPRE forum that were hit just as hard by a couple of the FPs that VIPRE had. I'm not knocking VIPRE at all - I like it a lot and would purchase it again with no hesitation. However, when a well known organization like Virus Bulletin publishes test results, it makes sense to look at the data and try to understand what it means and how it may impact your organization. I personally feel confident with Sunbelt, but I would be interested to understand how they interpret the chart and what they feel the implications are for their product. By the way, some lies may be statistics, but not all statistics are lies. Information, including statistical, is the basis for sound decision making. From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Thursday, July 29, 2010 2:28 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives How about a little perspective on false positives? http://news.cnet.com/8301-1009_3-20003074-83.html and a reminder about statistics from Mark Twain: there's 3 kinds of lies: lies, damned lies, and statistics From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant
RE: Windows 7 - Libraries
I'm afraid it hasn't improved. The limitations I discussed still apply with all of the latest patches on Win 7 and 2008 R2 etc. Having said that a lot of the Win 7 features do have group policy options. However, GPP in particular is limited. I've even come across things that worked under XP but don't under Win 7 (Shortcuts created via GPP pointing to mapped network drives fail. The ugly workaround is to run a gpupdate in a logon script so effectively gpupdates is run twice!). It's not all bad though, for example the ability to hide a mapped drive never worked for me in XP but it does under Windows 7 :) -Original Message- From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, 29 July 2010 11:39 PM To: NT System Admin Issues Subject: RE: Windows 7 - Libraries I find this a bit disheartening, as we will be rolling out W7 boxes in the not too distant future. Has this improved since the timeframe you mentioned here? Did this by any chance have to do with one particular server O/S? IIRC Server 2k3 was a little less equipped for W7 GPOs than W2k8. Of course, I could be thinking of something totally unrelated. That happens before 2nd round of coffee. :) Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com -Original Message- From: James Hill [mailto:james.h...@superamart.com.au] Sent: Wednesday, July 28, 2010 6:54 PM To: NT System Admin Issues Subject: RE: Windows 7 - Libraries The lack of control of Windows 7 features via GP was less than amusing at Teched here last year. Obviously it was all about how good Win 7 was and during a session on Group Policy they harped on about how many new GP's there were. They didn't mention that the Win 7 features and the new Group Policies often didn't match up :) -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, 29 July 2010 2:24 AM To: NT System Admin Issues Subject: RE: Windows 7 - Libraries What they call meeting the bar for new _core OS_ feature content in a service pack is very high, especially since the Vista reset. This is why we've seen some things decoupled - such as IIS, which comes with the OS but has been updated independently during the last several release cycles. We might see new GPs in a SP, but I doubt they'll add much in terms of functionality during a SP to _core OS_ features (and I consider AD and GP processing to be core OS, I haven't investigated this particular issue in the SP1 beta myself - not one of my particular interests). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, July 28, 2010 12:05 PM To: NT System Admin Issues Subject: Re: Windows 7 - Libraries On Wed, Jul 28, 2010 at 9:24 AM, Andrew S. Baker asbz...@gmail.com wrote: I joked earlier about them coming in Service Packs, but that hasn't been customary for Windows OS in a while. Maybe a feature pack? It'll be in Update Rollup 2 to Feature Pack 1. ;-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: WDS, PXE Proxy Split DHCP
Tried removing dhcp options 66 and 67 on DC02 so that only DC01 can provide the information? From: Sean Rector [mailto:sean.rec...@vaopera.org] Sent: Thursday, 29 July 2010 9:18 AM To: NT System Admin Issues Subject: WDS, PXE Proxy Split DHCP Hello, I have two Windows Server 2008 R2 DHCP servers in a SplitScope configuration. One of these is my WDS server. If the PXE client pulls its IP from that server (DC01), WDS runs fine on the client. If the client pulls its IP from the 2nd server (DC02), I get the Windows failed to start. error screen of Windows Boot Manager. On DC02, I have DHCP Options 66 (IP of DC01) and 67 (boot\X64\wdsnbp.com) configured. What am I missing? The documentation really doesn't cover having a SplitScope configuration. I have DHCP split for resiliency. Sean Rector, MCSE Information Technology Manager Virginia Opera Association E-Mail: sean.rec...@vaopera.orgmailto:sean.rec...@vaopera.org Phone:(757) 213-4548 (direct line) {+} 2010-2011 subscriptions are on sale now! Featuring: Rigoletto | Così Fan Tutte | The Valkyrie | Madama Butterfly Visit us online at www.VaOpera.orghttp://www.vaopera.org/ or call 1-866-OPERA-VA The vision of Virginia Opera is to enrich lives through the powerful integration of music, voice and human drama. This e-mail and any attached files are confidential and intended solely for the intended recipient(s). Unless otherwise specified, persons unnamed as recipients may not read, distribute, copy or alter this e-mail. Any views or opinions expressed in this e-mail belong to the author and may not necessarily represent those of Virginia Opera. Although precautions have been taken to ensure no viruses are present, Virginia Opera cannot accept responsibility for any loss or damage that may arise from the use of this e-mail or attachments. {*} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DFS Quandary
It's already in 2008 and 2008R2 [cid:image001.png@01CB2FF6.E0DB2670] From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, 29 July 2010 7:20 AM To: NT System Admin Issues Subject: Re: DFS Quandary It will be in the version after the version after that if you get a jump start on complaining now. -ASB: http://XeeSM.com/AndrewBaker On Wed, Jul 28, 2010 at 4:56 PM, Tom Miller tmil...@hnncsb.orgmailto:tmil...@hnncsb.org wrote: Too bad there is no folder exclusion option, then I wouldn't have to do the work-around. That must be in the next version... Joe Tinney jtin...@lastar.commailto:jtin...@lastar.com 7/28/2010 4:47 PM I happened to be in the DFS FAQ earlier today and ran across this: From http://technet.microsoft.com/en-us/library/cc773238(WS.10).aspx#BKMK_006: Can more than one folder be replicated on a single server? Yes. DFS Replication can replicate numerous folders between servers. Ensure that each of the replicated folders has a unique root path and that they do not overlap. For example, D:\Sales and D:\Accounting can be the root paths for two replicated folders, but D:\Sales and D:\Sales\Reports cannot be the root paths for two replicated folders. That would seem to indicate that you shouldn't, but not necessarily that you can't and doesn't spell out the apparent doom that would occur from doing so. I would imagine you could end up in some kind of replication loop based on the asynchronous and serial method of replication that this document also indicates is possible. That is just a guess, though. Good luck, Joe From: Sean Martin [mailto:seanmarti...@gmail.commailto:seanmarti...@gmail.com] Sent: Wednesday, July 28, 2010 3:41 PM To: NT System Admin Issues Subject: Re: DFS Quandary Can you create a new folder target beneath your namespace and then create a new replication group for that folder target? Example: Current Config: Namespace = \\domain\sharefile:///\\domain\share Existing folder target = DirectoryA DirectoryA contains = Directory1, Directory2, Directory3 Existing Replication group = \\domain\share\DirectoryAfile:///\\domain\share\DirectoryA New Config: Namespace = \\domain\sharefile:///\\domain\share Existing folder target = DirectoryA New folder target = Directory2 Existing replication group = \\domain\share\DirectoryAfile:///\\domain\share\DirectoryA New replication group = \\domain\share\DirectoryA\Directory1file:///\\domain\share\DirectoryA\Directory1 It's been awhile since I messed with DFS and that was on 2003, but it seems that should work. I don't have the ability to test however - Sean On Wed, Jul 28, 2010 at 9:43 AM, Tom Miller tmil...@hnncsb.orgmailto:tmil...@hnncsb.org wrote: Doesn't work. The folder I want to use is a subfolder of an entire share I already have configuration in a replication group. You'd think there'd be an easy way to exclude a subfolder. I think what I'll have to do is move the folder to be in a namespace to a separate share. Tom Charlie Kaiser charl...@golden-eagle.orgmailto:charl...@golden-eagle.org 7/28/2010 1:11 PM See if this helps... http://blogs.dirteam.com/blogs/r2/archive/2005/12/08/250.aspx *** Charlie Kaiser charl...@golden-eagle.orgmailto:charl...@golden-eagle.org Kingman, AZ *** -Original Message- From: Tom Miller [mailto:tmil...@hnncsb.orgmailto:tmil...@hnncsb.org] Sent: Wednesday, July 28, 2010 9:37 AM To: NT System Admin Issues Subject: DFS Quandary Folks, I need some advice on a DFS setup. All of my WAN servers have several shares replicated for backup purposes to our main campus storage server. I also replicate the main data shares on our file and print servers here at campus to the same storage server via DFS. Now I have a need to replicate via DFS name space a particular folder. One of our programs is sending a portion of its staff to one of our vacant buildings, so the program will be split into two locations. I want to use DFS name space to replicate changes both ways, but since I already use DFS for backup, the DFS console gives me an error that it's already replicated. Suggestions or work-arounds? Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information.