RE: Windows 2008 won't forget IP

[Miller Bonnie L .]

NLA is referring to "Network Location Awareness".  Do you have the Windows 
Firewall enabled, and if so, is it selecting the appropriate profile (domain vs 
private vs public)?  I *think* that might be the domain profile (which should 
be correct), and it might be due to some FW rules you have in place.

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 1:28 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

No dupe on the other system.  It seems to be OK with it up until a reboot, 
where it has the issue.  All the event log errors I see are related to 
services, et al not being able to talk to the network.

When on a different IP, the only place it shows up in the registry is: 
HKLM\SOFTWARE\Microsoft\windows 
NT\CurrentVersion\NetworkList\Nla\Cache\IntranetAuth\1.1.x.x.x.x - where 
x.x.x.x represent the IP in question.  The values here are "Failures" and 
"Successes".  I did actually try wiping it out before to no avail 
(interestingly, it came back).

The only thing I would know to do like that is kill the adapter and re-add it 
(what I did in the first place), which is what someone else suggested.  I am 
able to workaround the issue by simply using a different IP, and I am OK doing 
that in this instance.  It is worth noting that I did the same process with a 
nearly identical server and had no issue.  I think I must have done something 
in a funky order the first time that caused the problem.

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
Sent: Friday, June 01, 2012 4:10 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

Hm... and you're sure there isn't a dupe out there on another system?  Very odd 
that it would go to an APIPA address, but that should show up in the event logs 
if it thinks it has a conflict.

While you have it on a different IP, if you search via regedit for the desired 
IP, do you find it anywhere?

I'm not familiar with VMWare, but if it were in Hyper-V, I'd maybe try to 
recreate the machine configuration after that, reattaching the vhds.  Is 
something like that an option?

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 12:09 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

That is the process I followed (shorthanded in my explanation).  There is no 
NIC showing other than the current one.

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
Sent: Friday, June 01, 2012 2:32 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

Run cmd as administrator
set devmgr_show_nonpresent_devices=1
devmgmt.msc
When device manager launches toggle it to show hidden devices again.
Look for NICs that don't belong and remove them.
Reboot

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 11:22 AM
To: NT System Admin Issues
Subject: Windows 2008 won't forget IP

I wanted to upgrade the NIC on a vSphere based virtual server, so I powered 
down and removed the existing NIC and added a new one.  The IP was statically 
assigned.  After rebooting, I got rid of the old NIC (show hidden devices in 
Device Manager, uninstall), and I set the IP of the new NIC to match that of 
the old and reboot.  After doing so, can't log into domain anymore and figure 
out IP is not responding.  After much troubleshooting, I am able to get the 
machine working by changing the IP to something else via netsh (network control 
panel hangs).  That's all working OK, reboot a couple of times, and confirm the 
old NIC is not a phantom.  Change the IP back to the desired one again, and am 
able to ping it.  Reboot, and same problem again (can't login to domain-based 
account, no response from IP).  When I do an IPCONFIG, it shows a self-assigned 
address (169...).  When I do a NETSH INTERFACE IP SHOW CONFIG, it shows my 
desired IP address (although it is not responding).  I try to use netsh to 
change it to that address again and it rejects it (indicating it already 
exists).  I assume the address is hung somewhere, but I can't find any sign of 
it in the registry or anywhere else.  I also tried "netsh int ip reset" and 
"netsh winsock reset" (found while googling) to no avail.

Basically, if I try to make this machine use the old/desired IP address, it 
will not work.  Any other IP (that I have tested) works fine.  It will work 
with the old IP until a reboot.  Any clue what I might do to make this Windows 
2008 R2 Server forget this old IP?

Thanks,
Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ 

Re: From SANS email...

[Jonathan Link]

Can we just drop the geopolitical talk in this forum?  If you want to have
that kind of discussion, you know where to take it.

Yes, you made your opinion known.  Good for you.  It has no bearing as to
how it relates to cybersecurity.

On Fri, Jun 1, 2012 at 4:30 PM, Kurt Buff  wrote:

> Uh - that's exactly what happened. The plant was physically sabotaged
> by agents of the US government.
>
> Should that not be considered a war-like, or at least criminal, act?
>
> What do you think the response would be if the reverse happened, and
> some major piece of US infrastructure were damaged by agents of Iran?
>
> Kurt
>
> On Fri, Jun 1, 2012 at 12:17 PM, Chinnery, Paul  wrote:
> > So if an agent for the US, physically sabotaged the plant, would that
> also be an act of war?
> >
> > -Original Message-
> > From: Kurt Buff [mailto:kurt.b...@gmail.com]
> > Sent: Friday, June 01, 2012 2:00 PM
> > To: NT System Admin Issues
> > Subject: Re: From SANS email...
> >
> > On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul 
> wrote:
> >>  FLASH: The New York Times reported this morning that President Obama
> >> (and his predecessor) ordered a sophisticated campaign of cyberattacks
> >> against Iran's nuclear program, and has either attacked or considered
> >> attacking networks in China, Syria, and North Korea as well.  Because
> >> the publication of this story is likely to herald substantive and
> >> far-ranging changes in the way cybersecurity is managed in the US and
> >> in many other countries, we have included an analysis by Gautham Nagesh.
> >> Under normal circumstances, his thoughtful, in-depth analyses are
> >> available only to paid subscribers to CQ Roll Call "Executive Briefing
> >> on Technology."  This is an abnormal circumstance.  There is great
> >> value in the security community understanding that the game has
> >> changed, and what it means.
> >>
> >> Well DUH!!!
> >
> > Indeed, not surprising.
> >
> > It should lead to both Obama and Bush being criminally tried for
> committing acts of war absent a proper declaration.
> >
> > Kurt
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <
> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
> >
> > ---
> > To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> >
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
> > ---
> > To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 won't forget IP

[Mayo, Bill]

Yes. The only place it shows up in the registry is:
HKLM\SOFTWARE\Microsoft\windows
NT\CurrentVersion\NetworkList\Nla\Cache\IntranetAuth\1.1.x.x.x.x - where
x.x.x.x represent the IP in question.  The values here are "Failures"
and "Successes".  I did actually try wiping it out before to no avail
(interestingly, it came back).

 

From: Crawford, Scott [mailto:crawfo...@evangel.edu] 
Sent: Friday, June 01, 2012 4:37 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

Tried searching for the IP in the registry?  Might turn up a clue.

 

From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Friday, June 01, 2012 3:28 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

No dupe on the other system.  It seems to be OK with it up until a
reboot, where it has the issue.  All the event log errors I see are
related to services, et al not being able to talk to the network.

 

When on a different IP, the only place it shows up in the registry is:
HKLM\SOFTWARE\Microsoft\windows
NT\CurrentVersion\NetworkList\Nla\Cache\IntranetAuth\1.1.x.x.x.x - where
x.x.x.x represent the IP in question.  The values here are "Failures"
and "Successes".  I did actually try wiping it out before to no avail
(interestingly, it came back).

 

The only thing I would know to do like that is kill the adapter and
re-add it (what I did in the first place), which is what someone else
suggested.  I am able to workaround the issue by simply using a
different IP, and I am OK doing that in this instance.  It is worth
noting that I did the same process with a nearly identical server and
had no issue.  I think I must have done something in a funky order the
first time that caused the problem.

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Friday, June 01, 2012 4:10 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

Hm... and you're sure there isn't a dupe out there on another system?
Very odd that it would go to an APIPA address, but that should show up
in the event logs if it thinks it has a conflict.

 

While you have it on a different IP, if you search via regedit for the
desired IP, do you find it anywhere?

 

I'm not familiar with VMWare, but if it were in Hyper-V, I'd maybe try
to recreate the machine configuration after that, reattaching the vhds.
Is something like that an option?

 

From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Friday, June 01, 2012 12:09 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

That is the process I followed (shorthanded in my explanation).  There
is no NIC showing other than the current one.

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Friday, June 01, 2012 2:32 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

Run cmd as administrator

set devmgr_show_nonpresent_devices=1

devmgmt.msc

When device manager launches toggle it to show hidden devices again.

Look for NICs that don't belong and remove them.

Reboot

 

From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Friday, June 01, 2012 11:22 AM
To: NT System Admin Issues
Subject: Windows 2008 won't forget IP

 

I wanted to upgrade the NIC on a vSphere based virtual server, so I
powered down and removed the existing NIC and added a new one.  The IP
was statically assigned.  After rebooting, I got rid of the old NIC
(show hidden devices in Device Manager, uninstall), and I set the IP of
the new NIC to match that of the old and reboot.  After doing so, can't
log into domain anymore and figure out IP is not responding.  After much
troubleshooting, I am able to get the machine working by changing the IP
to something else via netsh (network control panel hangs).  That's all
working OK, reboot a couple of times, and confirm the old NIC is not a
phantom.  Change the IP back to the desired one again, and am able to
ping it.  Reboot, and same problem again (can't login to domain-based
account, no response from IP).  When I do an IPCONFIG, it shows a
self-assigned address (169...).  When I do a NETSH INTERFACE IP SHOW
CONFIG, it shows my desired IP address (although it is not responding).
I try to use netsh to change it to that address again and it rejects it
(indicating it already exists).  I assume the address is hung somewhere,
but I can't find any sign of it in the registry or anywhere else.  I
also tried "netsh int ip reset" and "netsh winsock reset" (found while
googling) to no avail.

 

Basically, if I try to make this machine use the old/desired IP address,
it will not work.  Any other IP (that I have tested) works fine.  It
will work with the old IP until a reboot.  Any clue what I might do to
make this Windows 2008 R2 Server forget this old IP?

 

Thanks,

Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-softwar

RE: From SANS email...

[Richard McClary]

Better yet - what makes you think they (or others) are not trying?

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Friday, June 01, 2012 3:31 PM
To: NT System Admin Issues
Subject: Re: From SANS email...

Uh - that's exactly what happened. The plant was physically sabotaged
by agents of the US government.

Should that not be considered a war-like, or at least criminal, act?

What do you think the response would be if the reverse happened, and
some major piece of US infrastructure were damaged by agents of Iran?

Kurt

On Fri, Jun 1, 2012 at 12:17 PM, Chinnery, Paul  wrote:
> So if an agent for the US, physically sabotaged the plant, would that also be 
> an act of war?
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Friday, June 01, 2012 2:00 PM
> To: NT System Admin Issues
> Subject: Re: From SANS email...
>
> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul  wrote:
>>  FLASH: The New York Times reported this morning that President Obama
>> (and his predecessor) ordered a sophisticated campaign of cyberattacks
>> against Iran's nuclear program, and has either attacked or considered
>> attacking networks in China, Syria, and North Korea as well.  Because
>> the publication of this story is likely to herald substantive and
>> far-ranging changes in the way cybersecurity is managed in the US and
>> in many other countries, we have included an analysis by Gautham Nagesh.
>> Under normal circumstances, his thoughtful, in-depth analyses are
>> available only to paid subscribers to CQ Roll Call "Executive Briefing
>> on Technology."  This is an abnormal circumstance.  There is great
>> value in the security community understanding that the game has
>> changed, and what it means.
>>
>> Well DUH!!!
>
> Indeed, not surprising.
>
> It should lead to both Obama and Bush being criminally tried for committing 
> acts of war absent a proper declaration.
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



The information contained in this e-mail, and any attachments hereto, is from 
The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is 
intended only for use by the addressee(s) named herein and may contain legally 
privileged and/or confidential information. If you are not the intended 
recipient of this e-mail, you are hereby notified that any dissemination, 
distribution, copying or use of the contents of this e-mail, and any 
attachments hereto, is strictly prohibited. If you have received this e-mail in 
error, please immediately notify me by reply email and permanently delete the 
original and any copy of this e-mail and any printout thereof.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[John Cook]

Or China.
John W. Cook
Network Operations Manager
Partnership for Strong Families

- Original Message -
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, June 01, 2012 04:30 PM
To: NT System Admin Issues 
Subject: Re: From SANS email...

Uh - that's exactly what happened. The plant was physically sabotaged
by agents of the US government.

Should that not be considered a war-like, or at least criminal, act?

What do you think the response would be if the reverse happened, and
some major piece of US infrastructure were damaged by agents of Iran?

Kurt

On Fri, Jun 1, 2012 at 12:17 PM, Chinnery, Paul  wrote:
> So if an agent for the US, physically sabotaged the plant, would that also be 
> an act of war?
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Friday, June 01, 2012 2:00 PM
> To: NT System Admin Issues
> Subject: Re: From SANS email...
>
> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul  wrote:
>>  FLASH: The New York Times reported this morning that President Obama
>> (and his predecessor) ordered a sophisticated campaign of cyberattacks
>> against Iran's nuclear program, and has either attacked or considered
>> attacking networks in China, Syria, and North Korea as well.  Because
>> the publication of this story is likely to herald substantive and
>> far-ranging changes in the way cybersecurity is managed in the US and
>> in many other countries, we have included an analysis by Gautham Nagesh.
>> Under normal circumstances, his thoughtful, in-depth analyses are
>> available only to paid subscribers to CQ Roll Call "Executive Briefing
>> on Technology."  This is an abnormal circumstance.  There is great
>> value in the security community understanding that the game has
>> changed, and what it means.
>>
>> Well DUH!!!
>
> Indeed, not surprising.
>
> It should lead to both Obama and Bush being criminally tried for committing 
> acts of war absent a proper declaration.
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


CONFIDENTIALITY STATEMENT: The information transmitted, or contained or 
attached to or with this Notice is intended only for the person or entity to 
which it is addressed and may contain Protected Health Information (PHI), 
confidential and/or privileged material. Any review, transmission, 
dissemination, or other use of, and taking any action in reliance upon this 
information by persons or entities other than the intended recipient without 
the express written consent of the sender are prohibited. This information may 
be protected by the Health Insurance Portability and Accountability Act of 1996 
(HIPAA), and other Federal and Florida laws. Improper or unauthorized use or 
disclosure of this information could result in civil and/or criminal penalties.
 Consider the environment. Please don't print this e-mail unless you really 
need to.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Good for Enterprise / Good Dynamics

[Kevin Lundy]

Yes to the GFE.  Evaluating Dynamics with Quickoffice.

On 6/1/12, Maglinger, Paul  wrote:
> Anyone else out there using Good for Enterprise and Good Dynamics?
>
> -Paul
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

-- 
Sent from my mobile device

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 won't forget IP

[Crawford, Scott]

Tried searching for the IP in the registry?  Might turn up a clue.

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 3:28 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

No dupe on the other system.  It seems to be OK with it up until a reboot, 
where it has the issue.  All the event log errors I see are related to 
services, et al not being able to talk to the network.

When on a different IP, the only place it shows up in the registry is: 
HKLM\SOFTWARE\Microsoft\windows 
NT\CurrentVersion\NetworkList\Nla\Cache\IntranetAuth\1.1.x.x.x.x - where 
x.x.x.x represent the IP in question.  The values here are "Failures" and 
"Successes".  I did actually try wiping it out before to no avail 
(interestingly, it came back).

The only thing I would know to do like that is kill the adapter and re-add it 
(what I did in the first place), which is what someone else suggested.  I am 
able to workaround the issue by simply using a different IP, and I am OK doing 
that in this instance.  It is worth noting that I did the same process with a 
nearly identical server and had no issue.  I think I must have done something 
in a funky order the first time that caused the problem.

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
Sent: Friday, June 01, 2012 4:10 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

Hm... and you're sure there isn't a dupe out there on another system?  Very odd 
that it would go to an APIPA address, but that should show up in the event logs 
if it thinks it has a conflict.

While you have it on a different IP, if you search via regedit for the desired 
IP, do you find it anywhere?

I'm not familiar with VMWare, but if it were in Hyper-V, I'd maybe try to 
recreate the machine configuration after that, reattaching the vhds.  Is 
something like that an option?

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 12:09 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

That is the process I followed (shorthanded in my explanation).  There is no 
NIC showing other than the current one.

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
Sent: Friday, June 01, 2012 2:32 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

Run cmd as administrator
set devmgr_show_nonpresent_devices=1
devmgmt.msc
When device manager launches toggle it to show hidden devices again.
Look for NICs that don't belong and remove them.
Reboot

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 11:22 AM
To: NT System Admin Issues
Subject: Windows 2008 won't forget IP

I wanted to upgrade the NIC on a vSphere based virtual server, so I powered 
down and removed the existing NIC and added a new one.  The IP was statically 
assigned.  After rebooting, I got rid of the old NIC (show hidden devices in 
Device Manager, uninstall), and I set the IP of the new NIC to match that of 
the old and reboot.  After doing so, can't log into domain anymore and figure 
out IP is not responding.  After much troubleshooting, I am able to get the 
machine working by changing the IP to something else via netsh (network control 
panel hangs).  That's all working OK, reboot a couple of times, and confirm the 
old NIC is not a phantom.  Change the IP back to the desired one again, and am 
able to ping it.  Reboot, and same problem again (can't login to domain-based 
account, no response from IP).  When I do an IPCONFIG, it shows a self-assigned 
address (169...).  When I do a NETSH INTERFACE IP SHOW CONFIG, it shows my 
desired IP address (although it is not responding).  I try to use netsh to 
change it to that address again and it rejects it (indicating it already 
exists).  I assume the address is hung somewhere, but I can't find any sign of 
it in the registry or anywhere else.  I also tried "netsh int ip reset" and 
"netsh winsock reset" (found while googling) to no avail.

Basically, if I try to make this machine use the old/desired IP address, it 
will not work.  Any other IP (that I have tested) works fine.  It will work 
with the old IP until a reboot.  Any clue what I might do to make this Windows 
2008 R2 Server forget this old IP?

Thanks,
Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: uns

Re: From SANS email...

[Kurt Buff]

It's Friday - time to let off a little steam...

On Fri, Jun 1, 2012 at 1:21 PM, Lora Cates  wrote:
>
> Off-track?  :)  That never happens.
>
> -lc
>
> 
> From: Andrew S. Baker 
> To: NT System Admin Issues 
> Sent: Friday, June 1, 2012 2:40 PM
>
> Subject: Re: From SANS email...
>
> I see that we're on the verge of getting fair off-track on this thread...
>
> ASB
> http://XeeMe.com/AndrewBaker
> Harnessing the Advantages of Technology for the SMB market…
>
>
>
>
> On Fri, Jun 1, 2012 at 3:17 PM, Chinnery, Paul  wrote:
>
> So if an agent for the US, physically sabotaged the plant, would that also
> be an act of war?
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Friday, June 01, 2012 2:00 PM
> To: NT System Admin Issues
> Subject: Re: From SANS email...
>
> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul 
> wrote:
> >  FLASH: The New York Times reported this morning that President Obama
> > (and his predecessor) ordered a sophisticated campaign of cyberattacks
> > against Iran's nuclear program, and has either attacked or considered
> > attacking networks in China, Syria, and North Korea as well.  Because
> > the publication of this story is likely to herald substantive and
> > far-ranging changes in the way cybersecurity is managed in the US and
> > in many other countries, we have included an analysis by Gautham Nagesh.
> > Under normal circumstances, his thoughtful, in-depth analyses are
> > available only to paid subscribers to CQ Roll Call "Executive Briefing
> > on Technology."  This is an abnormal circumstance.  There is great
> > value in the security community understanding that the game has
> > changed, and what it means.
> >
> > Well DUH!!!
>
> Indeed, not surprising.
>
> It should lead to both Obama and Bush being criminally tried for
> committing acts of war absent a proper declaration.
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[Kurt Buff]

Uh - that's exactly what happened. The plant was physically sabotaged
by agents of the US government.

Should that not be considered a war-like, or at least criminal, act?

What do you think the response would be if the reverse happened, and
some major piece of US infrastructure were damaged by agents of Iran?

Kurt

On Fri, Jun 1, 2012 at 12:17 PM, Chinnery, Paul  wrote:
> So if an agent for the US, physically sabotaged the plant, would that also be 
> an act of war?
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Friday, June 01, 2012 2:00 PM
> To: NT System Admin Issues
> Subject: Re: From SANS email...
>
> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul  wrote:
>>  FLASH: The New York Times reported this morning that President Obama
>> (and his predecessor) ordered a sophisticated campaign of cyberattacks
>> against Iran's nuclear program, and has either attacked or considered
>> attacking networks in China, Syria, and North Korea as well.  Because
>> the publication of this story is likely to herald substantive and
>> far-ranging changes in the way cybersecurity is managed in the US and
>> in many other countries, we have included an analysis by Gautham Nagesh.
>> Under normal circumstances, his thoughtful, in-depth analyses are
>> available only to paid subscribers to CQ Roll Call "Executive Briefing
>> on Technology."  This is an abnormal circumstance.  There is great
>> value in the security community understanding that the game has
>> changed, and what it means.
>>
>> Well DUH!!!
>
> Indeed, not surprising.
>
> It should lead to both Obama and Bush being criminally tried for committing 
> acts of war absent a proper declaration.
>
> Kurt
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: From SANS email...

[Richard McClary]

Well, I think it was Tuesday, this generated traffic under the subject "Flame 
bait".  In a manner of speaking, one could say that we have wandered back 
ON-track.

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Friday, June 01, 2012 2:41 PM
To: NT System Admin Issues
Subject: Re: From SANS email...

I see that we're on the verge of getting fair off-track on this thread...
ASB

http://XeeMe.com/AndrewBaker

Harnessing the Advantages of Technology for the SMB market...



On Fri, Jun 1, 2012 at 3:17 PM, Chinnery, Paul 
mailto:pa...@mmcwm.com>> wrote:
So if an agent for the US, physically sabotaged the plant, would that also be 
an act of war?

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Friday, June 01, 2012 2:00 PM
To: NT System Admin Issues
Subject: Re: From SANS email...
On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul 
mailto:pmaglin...@scvl.com>> wrote:
>  FLASH: The New York Times reported this morning that President Obama
> (and his predecessor) ordered a sophisticated campaign of cyberattacks
> against Iran's nuclear program, and has either attacked or considered
> attacking networks in China, Syria, and North Korea as well.  Because
> the publication of this story is likely to herald substantive and
> far-ranging changes in the way cybersecurity is managed in the US and
> in many other countries, we have included an analysis by Gautham Nagesh.
> Under normal circumstances, his thoughtful, in-depth analyses are
> available only to paid subscribers to CQ Roll Call "Executive Briefing
> on Technology."  This is an abnormal circumstance.  There is great
> value in the security community understanding that the game has
> changed, and what it means.
>
> Well DUH!!!

Indeed, not surprising.

It should lead to both Obama and Bush being criminally tried for committing 
acts of war absent a proper declaration.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


The information contained in this e-mail, and any attachments hereto, is from 
The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and 
is intended only for use by the addressee(s) named herein and may contain 
legally privileged and/or confidential information. If you are not the intended 
recipient of this e-mail, you are hereby notified that any dissemination, 
distribution, copying or use of the contents of this e-mail, and any 
attachments hereto, is strictly prohibited. If you have received this e-mail in 
error, please immediately notify me by reply email and permanently delete the 
original and any copy of this e-mail and any printout thereof.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 won't forget IP

[Mayo, Bill]

No dupe on the other system.  It seems to be OK with it up until a
reboot, where it has the issue.  All the event log errors I see are
related to services, et al not being able to talk to the network.

 

When on a different IP, the only place it shows up in the registry is:
HKLM\SOFTWARE\Microsoft\windows
NT\CurrentVersion\NetworkList\Nla\Cache\IntranetAuth\1.1.x.x.x.x - where
x.x.x.x represent the IP in question.  The values here are "Failures"
and "Successes".  I did actually try wiping it out before to no avail
(interestingly, it came back).

 

The only thing I would know to do like that is kill the adapter and
re-add it (what I did in the first place), which is what someone else
suggested.  I am able to workaround the issue by simply using a
different IP, and I am OK doing that in this instance.  It is worth
noting that I did the same process with a nearly identical server and
had no issue.  I think I must have done something in a funky order the
first time that caused the problem.

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Friday, June 01, 2012 4:10 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

Hm... and you're sure there isn't a dupe out there on another system?
Very odd that it would go to an APIPA address, but that should show up
in the event logs if it thinks it has a conflict.

 

While you have it on a different IP, if you search via regedit for the
desired IP, do you find it anywhere?

 

I'm not familiar with VMWare, but if it were in Hyper-V, I'd maybe try
to recreate the machine configuration after that, reattaching the vhds.
Is something like that an option?

 

From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Friday, June 01, 2012 12:09 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

That is the process I followed (shorthanded in my explanation).  There
is no NIC showing other than the current one.

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Friday, June 01, 2012 2:32 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

Run cmd as administrator

set devmgr_show_nonpresent_devices=1

devmgmt.msc

When device manager launches toggle it to show hidden devices again.

Look for NICs that don't belong and remove them.

Reboot

 

From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Friday, June 01, 2012 11:22 AM
To: NT System Admin Issues
Subject: Windows 2008 won't forget IP

 

I wanted to upgrade the NIC on a vSphere based virtual server, so I
powered down and removed the existing NIC and added a new one.  The IP
was statically assigned.  After rebooting, I got rid of the old NIC
(show hidden devices in Device Manager, uninstall), and I set the IP of
the new NIC to match that of the old and reboot.  After doing so, can't
log into domain anymore and figure out IP is not responding.  After much
troubleshooting, I am able to get the machine working by changing the IP
to something else via netsh (network control panel hangs).  That's all
working OK, reboot a couple of times, and confirm the old NIC is not a
phantom.  Change the IP back to the desired one again, and am able to
ping it.  Reboot, and same problem again (can't login to domain-based
account, no response from IP).  When I do an IPCONFIG, it shows a
self-assigned address (169...).  When I do a NETSH INTERFACE IP SHOW
CONFIG, it shows my desired IP address (although it is not responding).
I try to use netsh to change it to that address again and it rejects it
(indicating it already exists).  I assume the address is hung somewhere,
but I can't find any sign of it in the registry or anywhere else.  I
also tried "netsh int ip reset" and "netsh winsock reset" (found while
googling) to no avail.

 

Basically, if I try to make this machine use the old/desired IP address,
it will not work.  Any other IP (that I have tested) works fine.  It
will work with the old IP until a reboot.  Any clue what I might do to
make this Windows 2008 R2 Server forget this old IP?

 

Thanks,

Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with t

Re: From SANS email...

[Lora Cates]

Off-track?  :)  That never happens.

 
-lc


>
> From: Andrew S. Baker 
>To: NT System Admin Issues  
>Sent: Friday, June 1, 2012 2:40 PM
>Subject: Re: From SANS email...
> 
>
>I see that we're on the verge of getting fair off-track on this thread...
>
>
>ASB 
>http://XeeMe.com/AndrewBaker 
>Harnessing the Advantages of Technology for the SMB market…
>
> 
>
>
>
>On Fri, Jun 1, 2012 at 3:17 PM, Chinnery, Paul  wrote:
>
>So if an agent for the US, physically sabotaged the plant, would that also be 
>an act of war?
>>
>>
>>-Original Message-
>>From: Kurt Buff [mailto:kurt.b...@gmail.com]
>>
>>Sent: Friday, June 01, 2012 2:00 PM
>>To: NT System Admin Issues
>>Subject: Re: From SANS email...
>>
>>
>>On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul  wrote:
>>>  FLASH: The New York Times reported this morning that President Obama
>>> (and his predecessor) ordered a sophisticated campaign of cyberattacks
>>> against Iran's nuclear program, and has either attacked or considered
>>> attacking networks in China, Syria, and North Korea as well.  Because
>>> the publication of this story is likely to herald substantive and
>>> far-ranging changes in the way cybersecurity is managed in the US and
>>> in many other countries, we have included an analysis by Gautham Nagesh.
>>> Under normal circumstances, his thoughtful, in-depth analyses are
>>> available only to paid subscribers to CQ Roll Call "Executive Briefing
>>> on Technology."  This is an abnormal circumstance.  There is great
>>> value in the security community understanding that the game has
>>> changed, and what it means.
>>>
>>> Well DUH!!!
>>
>>Indeed, not surprising.
>>
>>It should lead to both Obama and Bush being criminally tried for committing 
>>acts of war absent a proper declaration.
>>
>>Kurt
>>
>>
>~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>~   ~
>
>---
>To manage subscriptions click here: 
>http://lyris.sunbelt-software.com/read/my_forums/
>or send an email to listmana...@lyris.sunbeltsoftware.com
>with the body: unsubscribe ntsysadmin
>
>
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 won't forget IP

[Miller Bonnie L .]

Hm... and you're sure there isn't a dupe out there on another system?  Very odd 
that it would go to an APIPA address, but that should show up in the event logs 
if it thinks it has a conflict.

While you have it on a different IP, if you search via regedit for the desired 
IP, do you find it anywhere?

I'm not familiar with VMWare, but if it were in Hyper-V, I'd maybe try to 
recreate the machine configuration after that, reattaching the vhds.  Is 
something like that an option?

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 12:09 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

That is the process I followed (shorthanded in my explanation).  There is no 
NIC showing other than the current one.

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
Sent: Friday, June 01, 2012 2:32 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

Run cmd as administrator
set devmgr_show_nonpresent_devices=1
devmgmt.msc
When device manager launches toggle it to show hidden devices again.
Look for NICs that don't belong and remove them.
Reboot

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 11:22 AM
To: NT System Admin Issues
Subject: Windows 2008 won't forget IP

I wanted to upgrade the NIC on a vSphere based virtual server, so I powered 
down and removed the existing NIC and added a new one.  The IP was statically 
assigned.  After rebooting, I got rid of the old NIC (show hidden devices in 
Device Manager, uninstall), and I set the IP of the new NIC to match that of 
the old and reboot.  After doing so, can't log into domain anymore and figure 
out IP is not responding.  After much troubleshooting, I am able to get the 
machine working by changing the IP to something else via netsh (network control 
panel hangs).  That's all working OK, reboot a couple of times, and confirm the 
old NIC is not a phantom.  Change the IP back to the desired one again, and am 
able to ping it.  Reboot, and same problem again (can't login to domain-based 
account, no response from IP).  When I do an IPCONFIG, it shows a self-assigned 
address (169...).  When I do a NETSH INTERFACE IP SHOW CONFIG, it shows my 
desired IP address (although it is not responding).  I try to use netsh to 
change it to that address again and it rejects it (indicating it already 
exists).  I assume the address is hung somewhere, but I can't find any sign of 
it in the registry or anywhere else.  I also tried "netsh int ip reset" and 
"netsh winsock reset" (found while googling) to no avail.

Basically, if I try to make this machine use the old/desired IP address, it 
will not work.  Any other IP (that I have tested) works fine.  It will work 
with the old IP until a reboot.  Any clue what I might do to make this Windows 
2008 R2 Server forget this old IP?

Thanks,
Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Server 2012 RC available

[Doug Hampshire]

Oh piss boy..

On Thu, May 31, 2012 at 10:16 PM, Steve Ens  wrote:

> Cool, will give it a shake.
>
> On Thu, May 31, 2012 at 5:20 PM, Rod Trent  wrote:
>
>> The updated Windows 8 is, too…
>>
>> ** **
>>
>>
>> http://myitforum.com/myitforumwp/2012/05/31/windows-8-release-preview-is-now-available/
>> 
>>
>> ** **
>>
>> *From:* Steve Ens [mailto:stevey...@gmail.com]
>> *Sent:* Thursday, May 31, 2012 5:45 PM
>>
>> *To:* NT System Admin Issues
>> *Subject:* Server 2012 RC available
>>
>> ** **
>>
>> it's up!
>>
>> ** **
>>
>> http://technet.microsoft.com/en-us/evalcenter/hh670538.aspx 
>>
>> ** **
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Good for Enterprise / Good Dynamics

[Maglinger, Paul]

Anyone else out there using Good for Enterprise and Good Dynamics?
 
-Paul

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[Jonathan Link]

On the verge?  That barn door was opened by someone else who decided he'd
make a political statement.

On Fri, Jun 1, 2012 at 3:40 PM, Andrew S. Baker  wrote:

> I see that we're on the verge of getting fair off-track on this thread...
>
> * *
>
> *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
> Technology for the SMB market…
>
> *
>
>
>
> On Fri, Jun 1, 2012 at 3:17 PM, Chinnery, Paul  wrote:
>
>> So if an agent for the US, physically sabotaged the plant, would that
>> also be an act of war?
>>
>> -Original Message-
>> From: Kurt Buff [mailto:kurt.b...@gmail.com]
>> Sent: Friday, June 01, 2012 2:00 PM
>> To: NT System Admin Issues
>> Subject: Re: From SANS email...
>>
>> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul 
>> wrote:
>> >  FLASH: The New York Times reported this morning that President Obama
>> > (and his predecessor) ordered a sophisticated campaign of cyberattacks
>> > against Iran's nuclear program, and has either attacked or considered
>> > attacking networks in China, Syria, and North Korea as well.  Because
>> > the publication of this story is likely to herald substantive and
>> > far-ranging changes in the way cybersecurity is managed in the US and
>> > in many other countries, we have included an analysis by Gautham Nagesh.
>> > Under normal circumstances, his thoughtful, in-depth analyses are
>> > available only to paid subscribers to CQ Roll Call "Executive Briefing
>> > on Technology."  This is an abnormal circumstance.  There is great
>> > value in the security community understanding that the game has
>> > changed, and what it means.
>> >
>> > Well DUH!!!
>>
>> Indeed, not surprising.
>>
>> It should lead to both Obama and Bush being criminally tried for
>> committing acts of war absent a proper declaration.
>>
>> Kurt
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[Andrew S. Baker]

I see that we're on the verge of getting fair off-track on this thread...

* *

*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
Technology for the SMB market…

*



On Fri, Jun 1, 2012 at 3:17 PM, Chinnery, Paul  wrote:

> So if an agent for the US, physically sabotaged the plant, would that also
> be an act of war?
>
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Friday, June 01, 2012 2:00 PM
> To: NT System Admin Issues
> Subject: Re: From SANS email...
>
> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul 
> wrote:
> >  FLASH: The New York Times reported this morning that President Obama
> > (and his predecessor) ordered a sophisticated campaign of cyberattacks
> > against Iran's nuclear program, and has either attacked or considered
> > attacking networks in China, Syria, and North Korea as well.  Because
> > the publication of this story is likely to herald substantive and
> > far-ranging changes in the way cybersecurity is managed in the US and
> > in many other countries, we have included an analysis by Gautham Nagesh.
> > Under normal circumstances, his thoughtful, in-depth analyses are
> > available only to paid subscribers to CQ Roll Call "Executive Briefing
> > on Technology."  This is an abnormal circumstance.  There is great
> > value in the security community understanding that the game has
> > changed, and what it means.
> >
> > Well DUH!!!
>
> Indeed, not surprising.
>
> It should lead to both Obama and Bush being criminally tried for
> committing acts of war absent a proper declaration.
>
> Kurt
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Ping attack attempts

[Kurt Buff]

Yes - live with it.

If it's only a a few dozen pings an hour, it isn't worth it.

I suppose you could send an email to the owner of the block.

It's most likely something like smokeping or other network measurement
tool that's been set up incorrectly.

Kurt

On Fri, Jun 1, 2012 at 11:59 AM, Richard McClary
 wrote:
> Greetings!
>
>
>
> Second time this has happened (that I know of, anyway) to us…
>
>
>
> Every 10  minutes  (for the past 2 hours), some * sends about 2 dozen ping
> attempts to our firewall.  Obviously scripted, and probably spoofed IPs as
> well.  (Firewall is set to block external ICMP traffic.)
>
>
>
> In ARIN, the IP addresses are assigned to an on-line video service
> (OVGuide.com).  That IP is part of the Internap system.  Again, though, the
> IPs are likely spoofed.
>
>
>
> Other than turning off the alarms so that such attempts are no longer
> reported (which would reduce mail traffic), is this just something to live
> with?
>
> --
>
> Richard D. McClary
>
> Jr Infrastructure Architect, Information Technology Group
>
> ASPCA®
>
> 1717 S. Philo Rd, Ste 36
>
> Urbana, IL 61802
>
> richard.mccl...@aspca.org
>
> P: 217-337-9761
>
> C: 217-417-1182
>
> F: 217-337-9761
>
> www.aspca.org
>
>
>
>
>
> The information contained in this e-mail, and any attachments hereto, is
> from The American Society for the Prevention of Cruelty to Animals® (ASPCA®)
> and is intended only for use by the addressee(s) named herein and may
> contain legally privileged and/or confidential information. If you are not
> the intended recipient of this e-mail, you are hereby notified that any
> dissemination, distribution, copying or use of the contents of this e-mail,
> and any attachments hereto, is strictly prohibited. If you have received
> this e-mail in error, please immediately notify me by reply email and
> permanently delete the original and any copy of this e-mail and any printout
> thereof.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: From SANS email...

[Chinnery, Paul]

So if an agent for the US, physically sabotaged the plant, would that also be 
an act of war?

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Friday, June 01, 2012 2:00 PM
To: NT System Admin Issues
Subject: Re: From SANS email...

On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul  wrote:
>  FLASH: The New York Times reported this morning that President Obama 
> (and his predecessor) ordered a sophisticated campaign of cyberattacks 
> against Iran's nuclear program, and has either attacked or considered 
> attacking networks in China, Syria, and North Korea as well.  Because 
> the publication of this story is likely to herald substantive and 
> far-ranging changes in the way cybersecurity is managed in the US and 
> in many other countries, we have included an analysis by Gautham Nagesh.
> Under normal circumstances, his thoughtful, in-depth analyses are 
> available only to paid subscribers to CQ Roll Call "Executive Briefing 
> on Technology."  This is an abnormal circumstance.  There is great 
> value in the security community understanding that the game has 
> changed, and what it means.
>
> Well DUH!!!

Indeed, not surprising.

It should lead to both Obama and Bush being criminally tried for committing 
acts of war absent a proper declaration.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Windows 2008 won't forget IP

[Steven Peck]

Sometimes very rare, the NIC information in the registry gets all
borked up.   This occasionally happens on physical as well.  One trick is
to nuke the NICs and do over.  If that doesn't work, there are three
different places in the registry that store this stuff regarding NIC
information and static IP Addresses that will have to manually
addressed/cleaned up.  I am sorry I am being a little vague but this has
only happened twice to me and we sort of 'felt' are way through it with a
few web searches, registry searches and experimentation.  The last was
about 2 years ago (co-incidentally during a VMware upgrade :)

Hope that helps some, if not hope you don't follow the rabbit hole down to
far.




On Fri, Jun 1, 2012 at 12:09 PM, Mayo, Bill  wrote:

> That is the process I followed (shorthanded in my explanation).  There is
> no NIC showing other than the current one.
>
> ** **
>
> *From:* Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
> *Sent:* Friday, June 01, 2012 2:32 PM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Windows 2008 won't forget IP
>
> ** **
>
> Run cmd as administrator
>
> set devmgr_show_nonpresent_devices=1
>
> devmgmt.msc
>
> When device manager launches toggle it to show hidden devices again.
>
> Look for NICs that don’t belong and remove them.
>
> Reboot
>
> ** **
>
> *From:* Mayo, Bill [mailto:bem...@pittcountync.gov]
> *Sent:* Friday, June 01, 2012 11:22 AM
> *To:* NT System Admin Issues
> *Subject:* Windows 2008 won't forget IP
>
> ** **
>
> I wanted to upgrade the NIC on a vSphere based virtual server, so I
> powered down and removed the existing NIC and added a new one.  The IP was
> statically assigned.  After rebooting, I got rid of the old NIC (show
> hidden devices in Device Manager, uninstall), and I set the IP of the new
> NIC to match that of the old and reboot.  After doing so, can’t log into
> domain anymore and figure out IP is not responding.  After much
> troubleshooting, I am able to get the machine working by changing the IP to
> something else via netsh (network control panel hangs).  That’s all working
> OK, reboot a couple of times, and confirm the old NIC is not a phantom.
> Change the IP back to the desired one again, and am able to ping it.
> Reboot, and same problem again (can’t login to domain-based account, no
> response from IP).  When I do an IPCONFIG, it shows a self-assigned address
> (169…).  When I do a NETSH INTERFACE IP SHOW CONFIG, it shows my desired IP
> address (although it is not responding).  I try to use netsh to change it
> to that address again and it rejects it (indicating it already exists).  I
> assume the address is hung somewhere, but I can’t find any sign of it in
> the registry or anywhere else.  I also tried “netsh int ip reset” and
> “netsh winsock reset” (found while googling) to no avail.
>
> ** **
>
> Basically, if I try to make this machine use the old/desired IP address,
> it will not work.  Any other IP (that I have tested) works fine.  It will
> work with the old IP until a reboot.  Any clue what I might do to make this
> Windows 2008 R2 Server forget this old IP?
>
> ** **
>
> Thanks,
>
> Bill Mayo
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 won't forget IP

[Mayo, Bill]

That is the process I followed (shorthanded in my explanation).  There
is no NIC showing other than the current one.

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Friday, June 01, 2012 2:32 PM
To: NT System Admin Issues
Subject: RE: Windows 2008 won't forget IP

 

Run cmd as administrator

set devmgr_show_nonpresent_devices=1

devmgmt.msc

When device manager launches toggle it to show hidden devices again.

Look for NICs that don't belong and remove them.

Reboot

 

From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Friday, June 01, 2012 11:22 AM
To: NT System Admin Issues
Subject: Windows 2008 won't forget IP

 

I wanted to upgrade the NIC on a vSphere based virtual server, so I
powered down and removed the existing NIC and added a new one.  The IP
was statically assigned.  After rebooting, I got rid of the old NIC
(show hidden devices in Device Manager, uninstall), and I set the IP of
the new NIC to match that of the old and reboot.  After doing so, can't
log into domain anymore and figure out IP is not responding.  After much
troubleshooting, I am able to get the machine working by changing the IP
to something else via netsh (network control panel hangs).  That's all
working OK, reboot a couple of times, and confirm the old NIC is not a
phantom.  Change the IP back to the desired one again, and am able to
ping it.  Reboot, and same problem again (can't login to domain-based
account, no response from IP).  When I do an IPCONFIG, it shows a
self-assigned address (169...).  When I do a NETSH INTERFACE IP SHOW
CONFIG, it shows my desired IP address (although it is not responding).
I try to use netsh to change it to that address again and it rejects it
(indicating it already exists).  I assume the address is hung somewhere,
but I can't find any sign of it in the registry or anywhere else.  I
also tried "netsh int ip reset" and "netsh winsock reset" (found while
googling) to no avail.

 

Basically, if I try to make this machine use the old/desired IP address,
it will not work.  Any other IP (that I have tested) works fine.  It
will work with the old IP until a reboot.  Any clue what I might do to
make this Windows 2008 R2 Server forget this old IP?

 

Thanks,

Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Ping attack attempts

[Richard McClary]

Greetings!

Second time this has happened (that I know of, anyway) to us...

Every 10  minutes  (for the past 2 hours), some * sends about 2 dozen ping 
attempts to our firewall.  Obviously scripted, and probably spoofed IPs as 
well.  (Firewall is set to block external ICMP traffic.)

In ARIN, the IP addresses are assigned to an on-line video service 
(OVGuide.com).  That IP is part of the Internap system.  Again, though, the IPs 
are likely spoofed.

Other than turning off the alarms so that such attempts are no longer reported 
(which would reduce mail traffic), is this just something to live with?
--
Richard D. McClary
Jr Infrastructure Architect, Information Technology Group
ASPCA(r)
1717 S. Philo Rd, Ste 36
Urbana, IL 61802
richard.mccl...@aspca.org
P: 217-337-9761
C: 217-417-1182
F: 217-337-9761
www.aspca.org



The information contained in this e-mail, and any attachments hereto, is from 
The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and 
is intended only for use by the addressee(s) named herein and may contain 
legally privileged and/or confidential information. If you are not the intended 
recipient of this e-mail, you are hereby notified that any dissemination, 
distribution, copying or use of the contents of this e-mail, and any 
attachments hereto, is strictly prohibited. If you have received this e-mail in 
error, please immediately notify me by reply email and permanently delete the 
original and any copy of this e-mail and any printout thereof.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[Jonathan Link]

Beware the EULA!

On Fri, Jun 1, 2012 at 2:35 PM, Andrew S. Baker  wrote:

> Your views are odd. I would like to subscribe to your newsletter.
>
> * *
>
> *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
> Technology for the SMB market…
>
> *
>
>
>
> On Fri, Jun 1, 2012 at 1:59 PM, Kurt Buff  wrote:
>
>> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul 
>> wrote:
>> >  FLASH: The New York Times reported this morning that President Obama
>> > (and his predecessor) ordered a sophisticated campaign of cyberattacks
>> > against Iran's nuclear program, and has either attacked or considered
>> > attacking networks in China, Syria, and North Korea as well.  Because
>> > the publication of this story is likely to herald substantive and
>> > far-ranging changes in the way cybersecurity is managed in the US and
>> > in many other countries, we have included an analysis by Gautham Nagesh.
>> > Under normal circumstances, his thoughtful, in-depth analyses are
>> > available only to paid subscribers to CQ Roll Call "Executive Briefing
>> > on Technology."  This is an abnormal circumstance.  There is great value
>> > in the security community understanding that the game has changed, and
>> > what it means.
>> >
>> > Well DUH!!!
>>
>> Indeed, not surprising.
>>
>> It should lead to both Obama and Bush being criminally tried for
>> committing acts of war absent a proper declaration.
>>
>> Kurt
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 won't forget IP

[Miller Bonnie L .]

Run cmd as administrator
set devmgr_show_nonpresent_devices=1
devmgmt.msc
When device manager launches toggle it to show hidden devices again.
Look for NICs that don't belong and remove them.
Reboot

From: Mayo, Bill [mailto:bem...@pittcountync.gov]
Sent: Friday, June 01, 2012 11:22 AM
To: NT System Admin Issues
Subject: Windows 2008 won't forget IP

I wanted to upgrade the NIC on a vSphere based virtual server, so I powered 
down and removed the existing NIC and added a new one.  The IP was statically 
assigned.  After rebooting, I got rid of the old NIC (show hidden devices in 
Device Manager, uninstall), and I set the IP of the new NIC to match that of 
the old and reboot.  After doing so, can't log into domain anymore and figure 
out IP is not responding.  After much troubleshooting, I am able to get the 
machine working by changing the IP to something else via netsh (network control 
panel hangs).  That's all working OK, reboot a couple of times, and confirm the 
old NIC is not a phantom.  Change the IP back to the desired one again, and am 
able to ping it.  Reboot, and same problem again (can't login to domain-based 
account, no response from IP).  When I do an IPCONFIG, it shows a self-assigned 
address (169...).  When I do a NETSH INTERFACE IP SHOW CONFIG, it shows my 
desired IP address (although it is not responding).  I try to use netsh to 
change it to that address again and it rejects it (indicating it already 
exists).  I assume the address is hung somewhere, but I can't find any sign of 
it in the registry or anywhere else.  I also tried "netsh int ip reset" and 
"netsh winsock reset" (found while googling) to no avail.

Basically, if I try to make this machine use the old/desired IP address, it 
will not work.  Any other IP (that I have tested) works fine.  It will work 
with the old IP until a reboot.  Any clue what I might do to make this Windows 
2008 R2 Server forget this old IP?

Thanks,
Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[Andrew S. Baker]

Your views are odd. I would like to subscribe to your newsletter.

* *

*ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of
Technology for the SMB market…

*



On Fri, Jun 1, 2012 at 1:59 PM, Kurt Buff  wrote:

> On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul 
> wrote:
> >  FLASH: The New York Times reported this morning that President Obama
> > (and his predecessor) ordered a sophisticated campaign of cyberattacks
> > against Iran's nuclear program, and has either attacked or considered
> > attacking networks in China, Syria, and North Korea as well.  Because
> > the publication of this story is likely to herald substantive and
> > far-ranging changes in the way cybersecurity is managed in the US and
> > in many other countries, we have included an analysis by Gautham Nagesh.
> > Under normal circumstances, his thoughtful, in-depth analyses are
> > available only to paid subscribers to CQ Roll Call "Executive Briefing
> > on Technology."  This is an abnormal circumstance.  There is great value
> > in the security community understanding that the game has changed, and
> > what it means.
> >
> > Well DUH!!!
>
> Indeed, not surprising.
>
> It should lead to both Obama and Bush being criminally tried for
> committing acts of war absent a proper declaration.
>
> Kurt
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Windows 2008 won't forget IP

[Mayo, Bill]

I have done that (sorry that was not clear).  The old NIC did have that
address, but it has been removed using that process.

 

From: Rankin, James R [mailto:kz2...@googlemail.com] 
Sent: Friday, June 01, 2012 2:26 PM
To: NT System Admin Issues
Subject: Re: Windows 2008 won't forget IP

 

Is it one of those "phantom" nics? You need to run devmgmt.msc from a
command prompt after setting the flag to show nonpresent devices to
check (Google about, I am stuck watching SpongeBob with my kids)

---Blackberried



From: "Mayo, Bill"  

Date: Fri, 1 Jun 2012 14:21:38 -0400

To: NT System Admin Issues

ReplyTo: "NT System Admin Issues"


Subject: Windows 2008 won't forget IP

 

I wanted to upgrade the NIC on a vSphere based virtual server, so I
powered down and removed the existing NIC and added a new one.  The IP
was statically assigned.  After rebooting, I got rid of the old NIC
(show hidden devices in Device Manager, uninstall), and I set the IP of
the new NIC to match that of the old and reboot.  After doing so, can't
log into domain anymore and figure out IP is not responding.  After much
troubleshooting, I am able to get the machine working by changing the IP
to something else via netsh (network control panel hangs).  That's all
working OK, reboot a couple of times, and confirm the old NIC is not a
phantom.  Change the IP back to the desired one again, and am able to
ping it.  Reboot, and same problem again (can't login to domain-based
account, no response from IP).  When I do an IPCONFIG, it shows a
self-assigned address (169...).  When I do a NETSH INTERFACE IP SHOW
CONFIG, it shows my desired IP address (although it is not responding).
I try to use netsh to change it to that address again and it rejects it
(indicating it already exists).  I assume the address is hung somewhere,
but I can't find any sign of it in the registry or anywhere else.  I
also tried "netsh int ip reset" and "netsh winsock reset" (found while
googling) to no avail.

 

Basically, if I try to make this machine use the old/desired IP address,
it will not work.  Any other IP (that I have tested) works fine.  It
will work with the old IP until a reboot.  Any clue what I might do to
make this Windows 2008 R2 Server forget this old IP?

 

Thanks,

Bill Mayo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Windows 2008 won't forget IP

[Rankin, James R]

Is it one of those "phantom" nics? You need to run devmgmt.msc from a command 
prompt after setting the flag to show nonpresent devices to check (Google 
about, I am stuck watching SpongeBob with my kids)

---Blackberried

-Original Message-
From: "Mayo, Bill" 
Date: Fri, 1 Jun 2012 14:21:38 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Windows 2008 won't forget IP

I wanted to upgrade the NIC on a vSphere based virtual server, so I
powered down and removed the existing NIC and added a new one.  The IP
was statically assigned.  After rebooting, I got rid of the old NIC
(show hidden devices in Device Manager, uninstall), and I set the IP of
the new NIC to match that of the old and reboot.  After doing so, can't
log into domain anymore and figure out IP is not responding.  After much
troubleshooting, I am able to get the machine working by changing the IP
to something else via netsh (network control panel hangs).  That's all
working OK, reboot a couple of times, and confirm the old NIC is not a
phantom.  Change the IP back to the desired one again, and am able to
ping it.  Reboot, and same problem again (can't login to domain-based
account, no response from IP).  When I do an IPCONFIG, it shows a
self-assigned address (169...).  When I do a NETSH INTERFACE IP SHOW
CONFIG, it shows my desired IP address (although it is not responding).
I try to use netsh to change it to that address again and it rejects it
(indicating it already exists).  I assume the address is hung somewhere,
but I can't find any sign of it in the registry or anywhere else.  I
also tried "netsh int ip reset" and "netsh winsock reset" (found while
googling) to no avail.

 

Basically, if I try to make this machine use the old/desired IP address,
it will not work.  Any other IP (that I have tested) works fine.  It
will work with the old IP until a reboot.  Any clue what I might do to
make this Windows 2008 R2 Server forget this old IP?

 

Thanks,

Bill Mayo


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: From SANS email...

[David Lum]

Different than other presidents...how? I suspect every major power is doing 
things along these same lines and have been for decades, you don't think there 
was any sabotage going on during the cold war, for example? Computer software 
is simply a different medium for carrying these actions out and, like 
biological weapons, can go places and do things the originators never imagined. 
Armed warfare is far more predictable than this stuff.

Stuxnet was a different form of smart bomb and it created a different version 
of collateral damage.

Dave

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Friday, June 01, 2012 11:00 AM
To: NT System Admin Issues
Subject: Re: From SANS email...

On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul  wrote:
>  FLASH: The New York Times reported this morning that President Obama 
> (and his predecessor) ordered a sophisticated campaign of cyberattacks 
> against Iran's nuclear program, and has either attacked or considered 
> attacking networks in China, Syria, and North Korea as well.  Because 
> the publication of this story is likely to herald substantive and 
> far-ranging changes in the way cybersecurity is managed in the US and 
> in many other countries, we have included an analysis by Gautham Nagesh.
> Under normal circumstances, his thoughtful, in-depth analyses are 
> available only to paid subscribers to CQ Roll Call "Executive Briefing 
> on Technology."  This is an abnormal circumstance.  There is great 
> value in the security community understanding that the game has 
> changed, and what it means.
>
> Well DUH!!!

Indeed, not surprising.

It should lead to both Obama and Bush being criminally tried for committing 
acts of war absent a proper declaration.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[Rankin, James R]

OK, if they're getting away with it...I will 'fess up to writing Blaster back 
in 2003 (now waiting for door to get busted in by CIA ninjas)

(This is a joke, BTW) #paranoia
---Blackberried

-Original Message-
From: "Crawford, Scott" 
Date: Fri, 1 Jun 2012 18:01:28 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: From SANS email...

Cool.  US admits to writing Stuxnet

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Friday, June 01, 2012 12:32 PM
To: NT System Admin Issues
Subject: Re: From SANS email...

http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/
ASB

http://XeeMe.com/AndrewBaker

Harnessing the Advantages of Technology for the SMB market...



On Fri, Jun 1, 2012 at 1:03 PM, Maglinger, Paul 
mailto:pmaglin...@scvl.com>> wrote:
 FLASH: The New York Times reported this morning that President Obama
(and his predecessor) ordered a sophisticated campaign of cyberattacks
against Iran's nuclear program, and has either attacked or considered
attacking networks in China, Syria, and North Korea as well.  Because
the publication of this story is likely to herald substantive and
far-ranging changes in the way cybersecurity is managed in the US and
in many other countries, we have included an analysis by Gautham Nagesh.
Under normal circumstances, his thoughtful, in-depth analyses are
available only to paid subscribers to CQ Roll Call "Executive Briefing
on Technology."  This is an abnormal circumstance.  There is great value
in the security community understanding that the game has changed, and
what it means.

Well DUH!!!

-Paul

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: From SANS email...

[Kurt Buff]

On Fri, Jun 1, 2012 at 10:03 AM, Maglinger, Paul  wrote:
>  FLASH: The New York Times reported this morning that President Obama
> (and his predecessor) ordered a sophisticated campaign of cyberattacks
> against Iran's nuclear program, and has either attacked or considered
> attacking networks in China, Syria, and North Korea as well.  Because
> the publication of this story is likely to herald substantive and
> far-ranging changes in the way cybersecurity is managed in the US and
> in many other countries, we have included an analysis by Gautham Nagesh.
> Under normal circumstances, his thoughtful, in-depth analyses are
> available only to paid subscribers to CQ Roll Call "Executive Briefing
> on Technology."  This is an abnormal circumstance.  There is great value
> in the security community understanding that the game has changed, and
> what it means.
>
> Well DUH!!!

Indeed, not surprising.

It should lead to both Obama and Bush being criminally tried for
committing acts of war absent a proper declaration.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: iPad and corporate docs

[Rankin, James R]

Forgive me if I'm misunderstanding your needs or goals, but can't you use 
XenApp to do offline streamed apps? Or does this feature not work on the Ipad? 
If the Receiver works though, I'd assume it would

---Blackberried

-Original Message-
From: "Tom Miller" 
Date: Fri, 1 Jun 2012 13:12:37 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: iPad and corporate docs

Thanks, and I will take a look.  But I think part of the challenge is
how to get the docs other and XenApp or some sort of VPN.

>>> Daniel Chenault  6/1/2012 10:20 AM
>>>

What kind of documents? If you are referring to Office documents take a
look at Quickoffice Pro HD in the iTunes store. I’ve not used it but
know someone that has and she was pleased with it.
 

Daniel Chenault
dchena...@lgnetworksinc.com


 

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Friday, June 01, 2012 5:51 AM
To: NT System Admin Issues
Subject: iPad and corporate docs

 

Hi All,

 

Are there any apps that corporate iPad users here can use to modify
documents on our corporate network?  

 

I haven't found any, and so far have been having staff use our XenApp
system to access whatever corporate apps may be needed.  Aside from the
sensitive mouse, this seems to work fine.  

 

Thanks,

Tom

 
Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Confidentiality Notice:  This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information.  Any unauthorized review, use,
disclosure, or distribution is prohibited.  If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: iPad and corporate docs

[Tom Miller]

Thanks, and I will take a look.  But I think part of the challenge is how to get the docs other and XenApp or some sort of VPN.>>> Daniel Chenault  6/1/2012 10:20 AM >>>

What kind of documents? If you are referring to Office documents take a look at Quickoffice Pro HD in the iTunes store. I’ve not used it but know someone that has and she was pleased with it.
 

Daniel Chenault
dchena...@lgnetworksinc.com

 


From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Friday, June 01, 2012 5:51 AMTo: NT System Admin IssuesSubject: iPad and corporate docs
 

Hi All,

 

Are there any apps that corporate iPad users here can use to modify documents on our corporate network?  

 

I haven't found any, and so far have been having staff use our XenApp system to access whatever corporate apps may be needed.  Aside from the sensitive mouse, this seems to work fine.  

 

Thanks,

Tom
 
Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~~   ~---To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/or send an email to listmana...@lyris.sunbeltsoftware.comwith the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~~   ~---To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/or send an email to listmana...@lyris.sunbeltsoftware.comwith the body: unsubscribe ntsysadmin


  Confidentiality Notice: This e-mail message, 
  including attachments, is for the sole use of the intended recipient(s) 
  and may contain confidential and privileged information. Any 
  unauthorized review, use, disclosure, or distribution is prohibited. If 
  you are not the intended recipient, please contact the sender by reply 
  e-mail and destroy all copies of the original message.

  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

From SANS email...

[Maglinger, Paul]

 FLASH: The New York Times reported this morning that President Obama
(and his predecessor) ordered a sophisticated campaign of cyberattacks
against Iran's nuclear program, and has either attacked or considered
attacking networks in China, Syria, and North Korea as well.  Because
the publication of this story is likely to herald substantive and
far-ranging changes in the way cybersecurity is managed in the US and
in many other countries, we have included an analysis by Gautham Nagesh.
Under normal circumstances, his thoughtful, in-depth analyses are
available only to paid subscribers to CQ Roll Call "Executive Briefing
on Technology."  This is an abnormal circumstance.  There is great value
in the security community understanding that the game has changed, and
what it means.
 
Well DUH!!!

-Paul

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

re: Server 2012 RC available

[Christopher Bodnar]

Can anyone confirm that this won't work on ESX 4.1? I'm running into the 
HAL_INITIALIZATION_FAILED error on ESX 4. Seems the latest build of ESX 5 will 
support this, but we won't be there for a few more months. I can load this on a 
stand alone box, or load a W7 VM and load vmWorkstation on that, then load W12 
into VMWorkstation, but I hate that as a workaround. 

Anyone find a fix for this? 

Thanks,

Chris
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: 2008 R2 SP1 GPO Drive Mappings

[Chipshead]

Item level targeting is not enabled on any of the drive mappings. Nothing 
relative in event viewer. 

Thanks. 



- Original Message -




From: "James R Rankin"  
To: "NT System Admin Issues" < ntsysadmin @ lyris .sunbelt-software.com> 
Sent: Friday, June 1, 2012 11:35:20 AM 
Subject: Re: 2008 R2 SP1 GPO Drive Mappings 

Does it have item-level targeting selected? What does the event viewer say? 

--- Blackberried 

From: Chipshead @comcast.net 
Date: Fri, 1 Jun 2012 15:30:56 + ( UTC ) 
To: NT System Admin Issues< ntsysadmin @ lyris .sunbelt-software.com> 
ReplyTo : "NT System Admin Issues" < ntsysadmin @ lyris .sunbelt-software.com> 
Subject: 2008 R2 SP1 GPO Drive Mappings 




Mapping a total of 12 drives via GPO applicable to 2 distinct indexing servers. 
11 drives map fine. Mapping M: to \\ servername \ sharename does not work 
although the mapping has a green bang in GPO as do all the other drives. If I 
map the drive manually it works just fine. net use shows all but the M: drive 
when mapped manually and not when mapped via GPO. Googlefu fails me. Any ideas? 
Thanks. 

Steve 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
~ < http :// www . sunbeltsoftware .com/Business/VIPRE-Enterprise/ >  ~ 

--- 
To manage subscriptions click here: http :// lyris 
.sunbelt-software.com/read/my_forums/ 
or send an email to listmanager @ lyris . sunbeltsoftware .com 
with the body: unsubscribe ntsysadmin 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
~ < http :// www . sunbeltsoftware .com/Business/VIPRE-Enterprise/ >  ~ 

--- 
To manage subscriptions click here: http :// lyris 
.sunbelt-software.com/read/my_forums/ 
or send an email to listmanager @ lyris . sunbeltsoftware .com 
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Need some help with a Beta Test

[Graeme Carstairs]

Done,

Very interesting and well done training would be good for all users to have
to sit this before being allowed near a computer

Well done


On 1 June 2012 15:38, Stu Sjouwerman  wrote:

> HI All, 
>
> ** **
>
> Know anyone that can jump on this and help out? Please forward to anyone
> you know.
>
> ** **
>
> Make 30 Bucks In 30 Minutes!: Beta Test
>
> We need immediate Beta Testers for our Internet Security Awareness
> Training! This is a THIS WEEKEND thing. We need your feedback before Sunday
> night. You can make 30 bucks in 30 minutes. Do the training, fill out the
> survey and the first 10 people to respond get a $30 Amazon Gift Cert sent
> to them on Monday. Anyone else still gets a very nice surprise reward. Help
> keep the Internet safe and please do this immediately!? Thanks so much in
> advance.
>
> ** **
>
> http://blog.knowbe4.com/make-30-bucks-in-30-minutes-beta-test/
>
> ** **
>
> Warm regards,
>
>
> Stu
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>



-- 
Good news everyone, you have just received an e-mail from me!

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: moving Exchange

[Michael B. Smith]

You COULD call me lazy. But I personally think that:

[1] limiting the amount of memory that you allow Exchange to consume, and
[2] bumping the actual memory in that box to, say, 16 GB

Would be a lot easier. But whatever works for you.

From: Daniel Chenault [mailto:dchena...@lgnetworksinc.com]
Sent: Friday, June 01, 2012 9:54 AM
To: NT System Admin Issues
Subject: RE: moving Exchange

Machine is doing other things (AD, two databases, file/print) and is bogging 
down badly. I could migrate the two databases to the beefier box but I already 
know from experience it's a PITA (the MySQL one isn't too bad, but the Sage 
Timberline based on the Pervasive engine is rough). I COULD throw more RAM at 
the box but my perfmon analysis is saying that moving Exchange to the other box 
is my best bet; the 8G in this current box will be enough to handle what I 
leave on there.

Daniel Chenault
dchena...@lgnetworksinc.com
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]

From: Michael B. Smith 
[mailto:mich...@smithcons.com]
Sent: Thursday, May 31, 2012 5:37 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

You didn't answer my memory question.

40 users in a 12 GB DB is tiny. A single RAID-5 array should be able to handle 
that even during a rebuild situation without breaking a sweat.

How much memory is in the box and how much can you add?

From: Daniel Chenault 
[mailto:dchena...@lgnetworksinc.com]
Sent: Thursday, May 31, 2012 5:40 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

Yes

Almost all, about 40 heavy, over 12G, single RAID 5 array.

Like I said in another post, I'm just dealing with the fallout, wasn't my 
design or my call.

Daniel Chenault
dchena...@lgnetworksinc.com
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]

From: Michael B. Smith 
[mailto:mich...@smithcons.com]
Sent: Thursday, May 31, 2012 4:23 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

Memory? Or IO?

How much memory? How many users? How large is the store? What is the disk 
subsystem?

From: Daniel Chenault 
[mailto:dchena...@lgnetworksinc.com]
Sent: Thursday, May 31, 2012 5:07 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

It's the only Ex box in the org. Perfmon is showing me that the IS is what is 
dragging the box down (and it is used for some other things as well that will 
be much harder to move) thus I want to get Exchange off it.

Daniel Chenault
dchena...@lgnetworksinc.com
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]

From: Damien Solodow 
[mailto:damien.solo...@harrison.edu]
Sent: Thursday, May 31, 2012 3:49 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

What role(s) are on this under-sized box?

DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE

From: Daniel Chenault 
[mailto:dchena...@lgnetworksinc.com]
Sent: Thursday, May 31, 2012 4:41 PM
To: NT System Admin Issues
Subject: moving Exchange

Ex2010 currently on an underpowered box. Plan is:

1)  Install Ex on beefier box (member server of same domain)

2)  Move mailboxes to new box

3)  Uninstall Ex from old box and re-use serial

First: it's my understanding that Outlook profiles will be automagically 
updated to point to the mailbox's new location. Correct?
Second: Anyone see a problem re-using the serial key?

Seems a simple plan but you know how that goes

Daniel Chenault
dchena...@lgnetworksinc.com
Office: 972-528-6546 x 1002
Fax: 972-982-0054
9550 Skillman Road
Suite 500
Dallas, TX 75243
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
l

Re: 2008 R2 SP1 GPO Drive Mappings

[Chipshead]

Correction: net use shows the M: drive when mapped manually. 

- Original Message -
From: chipsh...@comcast.net 
To: "NT System Admin Issues"  
Sent: Friday, June 1, 2012 11:30:56 AM 
Subject: 2008 R2 SP1 GPO Drive Mappings 




Mapping a total of 12 drives via GPO applicable to 2 distinct indexing servers. 
11 drives map fine. Mapping M: to \\servername\sharename does not work although 
the mapping has a green bang in GPO as do all the other drives. If I map the 
drive manually it works just fine. net use shows all but the M: drive when 
mapped manually and not when mapped via GPO. Googlefu fails me. Any ideas? 
Thanks. 

Steve 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
~ < http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ >  ~ 

--- 
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: 2008 R2 SP1 GPO Drive Mappings

[Rankin, James R]

Does it have item-level targeting selected? What does the event viewer say?

---Blackberried

-Original Message-
From: chipsh...@comcast.net
Date: Fri, 1 Jun 2012 15:30:56 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: 2008 R2 SP1 GPO Drive Mappings



Mapping a total of 12 drives via GPO applicable to 2 distinct indexing servers. 
11 drives map fine. Mapping M: to \\ servername \sharename does not work 
although the mapping has a green bang in GPO as do all the other drives. If I 
map the drive manually it works just fine. net use shows all but the M: drive 
when mapped manually and not when mapped via GPO. Googlefu fails me. Any ideas? 
Thanks . 

Steve 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Nitro/Adiscon question

[Christopher Bodnar]

We are using EvenReporter (10.1.344) as the syslog forwarder to get the 
windows security logs into Nitro. Audit recently came to us and wants to 
be able to track certain AD events. I've got auditing enabled and the logs 
are getting to Nitro, the problem we are running into is that the GUIDs 
are not being resolved before being sent to Nitro. Not sure why. So for 
example, something like this from a 566 Event in the Event Log:

Object Name:CN=Jane Doe,OU=ClientOU3,OU=Users,OU=Sales,DC=Acme,DC=com

Which does show the resolved name, will show up like this in Nitro:

String[%4]:%{e93fed32-8ca3-4122-994f-dcfae8fa212d}

Has anyone run into this issue before? 

Thanks


Christopher Bodnar 
Enterprise Achitect I, Corporate Office of Technology:Enterprise 
Architecture and Engineering Services 
Tel 610-807-6459 
3900 Burgess Place, Bethlehem, PA 18017 
christopher_bod...@glic.com 




The Guardian Life Insurance Company of America

www.guardianlife.com 





-
This message, and any attachments to it, may contain information
that is privileged, confidential, and exempt from disclosure under
applicable law.  If the reader of this message is not the intended
recipient, you are notified that any use, dissemination,
distribution, copying, or communication of this message is strictly
prohibited.  If you have received this message in error, please
notify the sender immediately by return e-mail and delete the
message and any attachments.  Thank you.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

2008 R2 SP1 GPO Drive Mappings

[Chipshead]

Mapping a total of 12 drives via GPO applicable to 2 distinct indexing servers. 
11 drives map fine. Mapping M: to \\ servername \sharename does not work 
although the mapping has a green bang in GPO as do all the other drives. If I 
map the drive manually it works just fine. net use shows all but the M: drive 
when mapped manually and not when mapped via GPO. Googlefu fails me. Any ideas? 
Thanks . 

Steve 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: http:///owa works interally but not externally - progress

[David Lum]

Oops missed that one. The IIS logs don't show anything on the failures.

Other checking with SSL forced:


1.   Internal machines can still get to the site, but external ones.

2.   If I use https://remote.mydomain.com/owa instead of 
webmail.mydomain.com/owa it works externally.

I think it's an Exchange 2010/SBS2011 setting, as there's a setting in E2K10 to 
specify the internal and external web site URL, and SBS2011 default is 
remote.mydomain.com, and I am not inclined to change SBS stuff away from the 
defaults...

Dave

From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Thursday, May 31, 2012 9:43 PM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not externally - progress

As per what Desmond asked you before: look at the IIS log files to see what 
requests are actually being received, and what error codes are being returned.

Cheers
Ken

From: David Lum [mailto:david@nwea.org]
Sent: Friday, 1 June 2012 2:41 AM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not 
externally - progress

The made a change,  I can now get to https:///owa 
UNELSS I set /owa to *require* SSL. Huh?

Dave

From: David Lum [mailto:david@nwea.org]
Sent: Thursday, May 31, 2012 8:34 AM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not 
externally

Nope, handled by the county (my client is a city who is in the 
county-controlled network. But at least I know what the issue is, thanks for 
the pointer, I simply wasn't understanding it.

From: Steven M. Caesare 
[mailto:scaes...@caesare.com]
Sent: Thursday, May 31, 2012 7:58 AM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not 
externally

Good deal. The external FW/proxy is something you can control directly?

-sc

From: David Lum [mailto:david@nwea.org]
Sent: Thursday, May 31, 2012 10:23 AM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not 
externally

We have a winner! :80 works, :443 does not.   Not requiring SSL gets me to the 
website, so I need to make sure 443 is being allowed.

Makes me wonder how it was configured before, but thanks!

Dave

From: Steven M. Caesare 
[mailto:scaes...@caesare.com]
Sent: Thursday, May 31, 2012 7:02 AM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not 
externally

Tried telnetting to that FQDN:port and see if you get any response?

-sc

From: David Lum [mailto:david@nwea.org]
Sent: Thursday, May 31, 2012 9:54 AM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not 
externally

There is a proxy of some kinds, because http://http://%3cfqdn>> from the 
Internet is a different IP than what the real box is.

It acts very much like /owa simply drops the connection if it's an external 
connection attempt.   It's just bizarre to me that via the Internet I can get 
to http://http://%3cfqdn>> and 
http:///exchange (it at least throws an error 
on this page) but not /owa...nuthin.

From: Brian Desmond 
[mailto:br...@briandesmond.com]
Sent: Wednesday, May 30, 2012 3:21 PM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not 
externally

Does the request show up in the IIS log? What's the status code?

What's between the CAS server and the user - firewalls, load balancers, reverse 
proxies, etc?

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c   - 312.731.3132

From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, May 30, 2012 5:38 PM
To: NT System Admin Issues
Subject: http:///owa works interally but not 
externally


1.   Inside the network, http://webmail.mydomain.com/owa works

2.   From the Internet that URL does not

However,  http://webmail.mydomain.com gets me to the IIS7 landing page on the 
server, so I know the server is available in some fashion via Internet, but 
adding /owa doesn't even get me a 404 error, simple a "Internet Explorer cannot 
display this page".

Putting /Exchange instead of /owa I get a runtime error page.

Anyone have ideas on what to look for? I have tried HTTP redirect and the IIS7 
redirect but those give me the same non-result.
David Lum
Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-s

RE: iPad and corporate docs

[Daniel Chenault]

What kind of documents? If you are referring to Office documents take a look at 
Quickoffice Pro HD in the iTunes store. I've not used it but know someone that 
has and she was pleased with it.

Daniel Chenault
dchena...@lgnetworksinc.com
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]

From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Friday, June 01, 2012 5:51 AM
To: NT System Admin Issues
Subject: iPad and corporate docs

Hi All,

Are there any apps that corporate iPad users here can use to modify documents 
on our corporate network?

I haven't found any, and so far have been having staff use our XenApp system to 
access whatever corporate apps may be needed.  Aside from the sensitive mouse, 
this seems to work fine.

Thanks,
Tom


Confidentiality Notice: This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information. Any unauthorized review, use, disclosure, or 
distribution is prohibited. If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<>

Re: moving Exchange

[Steve Ens]

So I was right, you do get 30.  And then another 30.  And so on...;-)

On Thu, May 31, 2012 at 5:34 PM, Michael B. Smith wrote:

>  Actually it’s 120.
>
> ** **
>
> *From:* Steve Ens [mailto:stevey...@gmail.com]
> *Sent:* Thursday, May 31, 2012 5:52 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: moving Exchange
>
> ** **
>
> I wouldn't worry about the key...you get 30 days grace I believe.
>
> On Thu, May 31, 2012 at 4:31 PM, Daniel Chenault <
> dchena...@lgnetworksinc.com> wrote:
>
> Yes, I know that, but didn't' want to bog the list down with the devil's
> details. I can handle all that stuff; it's the reuse of the key that
> concerns me most.
>
> Daniel Chenault
> dchena...@lgnetworksinc.com
>
>
>
>
> -Original Message-
> From: Charlie Kaiser [mailto:charl...@golden-eagle.org]
> Sent: Thursday, May 31, 2012 4:20 PM
> To: NT System Admin Issues
> Subject: RE: moving Exchange
>
>  More than just mailboxes; there's connectors, OABs, PFs, routing, DNS,
> autodiscover, etc. While the general idea is OK, the devil is in the
> details...
>
> ***
> Charlie Kaiser
> charl...@golden-eagle.org
> Kingman, AZ
> ***
>
>
> -Original Message-
>
> From: Daniel Chenault [mailto:dchena...@lgnetworksinc.com]
>
> Sent: Thursday, May 31, 2012 1:41 PM
> To: NT System Admin Issues
> Subject: moving Exchange
>
> Ex2010 currently on an underpowered box. Plan is:
>
> 1)  Install Ex on beefier box (member server of same domain)
>
> 2)  Move mailboxes to new box
>
> 3)  Uninstall Ex from old box and re-use serial
>
>
>
> First: it's my understanding that Outlook profiles will be automagically
> updated to point to the mailbox's new location. Correct?
>
> Second: Anyone see a problem re-using the serial key?
>
>
> 
>
> Seems a simple plan but you know how that goes..
>
>
>
>
> Daniel Chenault
>
> dchena...@lgnetworksinc.com
>
> Office: 972-528-6546 x 1002
>
> Fax: 972-982-0054
>
> 9550 Skillman Road
>
> Suite 500
>
> Dallas, TX 75243
>
> Description: Description: cid:image001.jpg@01CCF24C.F9B05160
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <
> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <
> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>   ** **
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: moving Exchange

[Daniel Chenault]

Machine is doing other things (AD, two databases, file/print) and is bogging 
down badly. I could migrate the two databases to the beefier box but I already 
know from experience it's a PITA (the MySQL one isn't too bad, but the Sage 
Timberline based on the Pervasive engine is rough). I COULD throw more RAM at 
the box but my perfmon analysis is saying that moving Exchange to the other box 
is my best bet; the 8G in this current box will be enough to handle what I 
leave on there.

Daniel Chenault
dchena...@lgnetworksinc.com
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Thursday, May 31, 2012 5:37 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

You didn't answer my memory question.

40 users in a 12 GB DB is tiny. A single RAID-5 array should be able to handle 
that even during a rebuild situation without breaking a sweat.

How much memory is in the box and how much can you add?

From: Daniel Chenault 
[mailto:dchena...@lgnetworksinc.com]
Sent: Thursday, May 31, 2012 5:40 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

Yes

Almost all, about 40 heavy, over 12G, single RAID 5 array.

Like I said in another post, I'm just dealing with the fallout, wasn't my 
design or my call.

Daniel Chenault
dchena...@lgnetworksinc.com
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]

From: Michael B. Smith 
[mailto:mich...@smithcons.com]
Sent: Thursday, May 31, 2012 4:23 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

Memory? Or IO?

How much memory? How many users? How large is the store? What is the disk 
subsystem?

From: Daniel Chenault 
[mailto:dchena...@lgnetworksinc.com]
Sent: Thursday, May 31, 2012 5:07 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

It's the only Ex box in the org. Perfmon is showing me that the IS is what is 
dragging the box down (and it is used for some other things as well that will 
be much harder to move) thus I want to get Exchange off it.

Daniel Chenault
dchena...@lgnetworksinc.com
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]

From: Damien Solodow 
[mailto:damien.solo...@harrison.edu]
Sent: Thursday, May 31, 2012 3:49 PM
To: NT System Admin Issues
Subject: RE: moving Exchange

What role(s) are on this under-sized box?

DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE

From: Daniel Chenault 
[mailto:dchena...@lgnetworksinc.com]
Sent: Thursday, May 31, 2012 4:41 PM
To: NT System Admin Issues
Subject: moving Exchange

Ex2010 currently on an underpowered box. Plan is:

1)  Install Ex on beefier box (member server of same domain)

2)  Move mailboxes to new box

3)  Uninstall Ex from old box and re-use serial

First: it's my understanding that Outlook profiles will be automagically 
updated to point to the mailbox's new location. Correct?
Second: Anyone see a problem re-using the serial key?

Seems a simple plan but you know how that goes

Daniel Chenault
dchena...@lgnetworksinc.com
Office: 972-528-6546 x 1002
Fax: 972-982-0054
9550 Skillman Road
Suite 500
Dallas, TX 75243
[Description: Description: cid:image001.jpg@01CCF24C.F9B05160]


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: 

RE: http:///owa works interally but not externally - progress

[Ziots, Edward]

Also based on what Ken and Brian said, you can look at it from the
computer side of things with fidder http proxy which is a really nice
tool when you are troubleshooting problems with web applications. (It
shows everything happening from a client-prespective)

 

Z

 

Edward Ziots

CISSP, Security +, Network +

Security Engineer

Lifespan Organization

ezi...@lifespan.org

 

From: Ken Schaefer [mailto:k...@adopenstatic.com] 
Sent: Friday, June 01, 2012 12:43 AM
To: NT System Admin Issues
Subject: RE: http:///owa works interally but not externally -
progress

 

As per what Desmond asked you before: look at the IIS log files to see
what requests are actually being received, and what error codes are
being returned.

 

Cheers

Ken

 

From: David Lum [mailto:david@nwea.org] 
Sent: Friday, 1 June 2012 2:41 AM
To: NT System Admin Issues
Subject: RE: http:///owa   works interally
but not externally - progress

 

The made a change,  I can now get to https:///owa
  UNELSS I set /owa to *require* SSL. Huh?

 

Dave

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, May 31, 2012 8:34 AM
To: NT System Admin Issues
Subject: RE: http:///owa   works interally
but not externally

 

Nope, handled by the county (my client is a city who is in the
county-controlled network. But at least I know what the issue is, thanks
for the pointer, I simply wasn't understanding it.

 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Thursday, May 31, 2012 7:58 AM
To: NT System Admin Issues
Subject: RE: http:///owa   works interally
but not externally

 

Good deal. The external FW/proxy is something you can control directly?

 

-sc

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, May 31, 2012 10:23 AM
To: NT System Admin Issues
Subject: RE: http:///owa   works interally
but not externally

 

We have a winner! :80 works, :443 does not.   Not requiring SSL gets me
to the website, so I need to make sure 443 is being allowed.

 

Makes me wonder how it was configured before, but thanks!

 

Dave

 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Thursday, May 31, 2012 7:02 AM
To: NT System Admin Issues
Subject: RE: http:///owa   works interally
but not externally

 

Tried telnetting to that FQDN:port and see if you get any response?

 

-sc

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, May 31, 2012 9:54 AM
To: NT System Admin Issues
Subject: RE: http:///owa   works interally
but not externally

 

There is a proxy of some kinds, because http://http://%3cfqdn> >
from the Internet is a different IP than what the real box is.

 

It acts very much like /owa simply drops the connection if it's an
external connection attempt.   It's just bizarre to me that via the
Internet I can get to http://http://%3cfqdn> > and
http:///exchange   (it at least throws
an error on this page) but not /owa...nuthin.

 

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Wednesday, May 30, 2012 3:21 PM
To: NT System Admin Issues
Subject: RE: http:///owa   works interally
but not externally

 

Does the request show up in the IIS log? What's the status code?

 

What's between the CAS server and the user - firewalls, load balancers,
reverse proxies, etc?

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

w - 312.625.1438 | c   - 312.731.3132

 

From: David Lum [mailto:david@nwea.org] 
Sent: Wednesday, May 30, 2012 5:38 PM
To: NT System Admin Issues
Subject: http:///owa   works interally but
not externally

 

1.   Inside the network, http://webmail.mydomain.com/owa works

2.   From the Internet that URL does not

 

However,  http://webmail.mydomain.com gets me to the IIS7 landing page
on the server, so I know the server is available in some fashion via
Internet, but adding /owa doesn't even get me a 404 error, simple a
"Internet Explorer cannot display this page".

 

Putting /Exchange instead of /owa I get a runtime error page.

 

Anyone have ideas on what to look for? I have tried HTTP redirect and
the IIS7 redirect but those give me the same non-result.

David Lum 
Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.

iPad and corporate docs

[Tom Miller]

Hi All,
 
Are there any apps that corporate iPad users here can use to modify documents 
on our corporate network?  
 
I haven't found any, and so far have been having staff use our XenApp system to 
access whatever corporate apps may be needed.  Aside from the sensitive mouse, 
this seems to work fine.  
 
Thanks,
Tom

Confidentiality Notice:  This e-mail message, including attachments, is for the 
sole use of the intended recipient(s) and may contain confidential and 
privileged information.  Any unauthorized review, use, disclosure, or 
distribution is prohibited.  If you are not the intended recipient, please 
contact the sender by reply e-mail and destroy all copies of the original 
message.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin