Remembering Custom Search Web Page of old Michael
Many years ago --at least 5 -- a Michael in this group provided a custom web page where one could search in Google, Google groups, EventID etc etc. by selecting a radio button for them. I would very much like to get code of such a webpage, especially since search box in Google bar often freezes in my IE7 of Vista. I am willing to pay for such a page. Thanks. Jay Kulsh So. Pasadena, CA ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: Page file of Exchange 2003, 1.05 times the RAM or 1.5 times?
Todd, I cannot say what will go wrong, but ExBPA tool gives error that pagefile is too large. We could get rid of this error only after making the pagefile 1.05 x RAM. Management wanted an ExBPA report without such errors showing, so we decided to do this though it is contrary to our understanding of what is optimum size of a pagefile. By the way, on our front end Exchange 2003 (on Windows 2003 with 2 GB RAM), we get Event ID 9665 warning if we don't use /3GB and /USERVA=3030 switches in boot.ini -- and when we do use these switches, ExBPA and/or ExPTA complain that /3GB should not be used on a front-end server. Looks like various Exchange teams of Microsoft are not talking to each other. Jay - Original Message - From: Todd Lemmiksoo [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Wednesday, June 25, 2008 10:45 AM Subject: RE: Page file of Exchange 2003, 1.05 times the RAM or 1.5 times? What would go wrong if the page file was larger than 1.5 times memory? Ex4gig pagefile for 2gb memory. Todd -Original Message- From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 25, 2008 7:14 AM To: NT System Admin Issues Subject: RE: Page file of Exchange 2003, 1.05 times the RAM or 1.5 times? 1.5 is the right number. Can you tell me the rule number link, so I can have it fixed? Regards, Michael B. Smith MCITP:EM/MCSE/Exchange MVP http://TheEssentialExchange.com -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2008 10:39 PM To: NT System Admin Issues Subject: Page file of Exchange 2003, 1.05 times the RAM or 1.5 times? In most place, we read that the pagefile of a Windows server should be at least 1.5 X RAM. However, latest version of ExBPA tool gives error in such a case and tell us to make pagefile only 1.05 X RAM. Should we reduce the file size on Exchange server to only 1.05 X RAM? Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Page file of Exchange 2003, 1.05 times the RAM or 1.5 times?
Michael, Here is the link to which ExPBA points: PageFile Size Larger Than Total Physical Memory http://technet.microsoft.com/en-us/library/bb738135.aspx ExPBA keeps giving error that pagefile is too large, so it needs to be fixed as well. Jay - Original Message - From: Michael B. Smith [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Wednesday, June 25, 2008 4:14 AM Subject: RE: Page file of Exchange 2003, 1.05 times the RAM or 1.5 times? 1.5 is the right number. Can you tell me the rule number link, so I can have it fixed? Regards, Michael B. Smith MCITP:EM/MCSE/Exchange MVP http://TheEssentialExchange.com -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2008 10:39 PM To: NT System Admin Issues Subject: Page file of Exchange 2003, 1.05 times the RAM or 1.5 times? In most place, we read that the pagefile of a Windows server should be at least 1.5 X RAM. However, latest version of ExBPA tool gives error in such a case and tell us to make pagefile only 1.05 X RAM. Should we reduce the file size on Exchange server to only 1.05 X RAM? Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
RDP in console mode -- often it is not so
When using Microft Remote Desktops MMC, you can check a box to have RDP session via console. You can also use mstsc.exe with /console switch to use console mode. However, once I connect using these options and run Set command on the connected server, often it shows that the session is NOT in console mode; rather it is in a terminal session mode. Does anyone know what causes this inconsistent behavior and how to remedy it? Thanks. - Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: RDP in console mode -- often it is not so
Carl, Thanks. We had noticed what you describe, though it is not clear to me why Microsoft would do that. In any case, we will follow your suggestion to do autologon whenever possible. Of course, this also means, we have to configure a very short duration of lockout for security reasons. Correct? Jay - Original Message - From: Carl Houseman [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, June 24, 2008 6:39 PM Subject: RE: RDP in console mode -- often it is not so If the console session was first logged on at the PHYSICAL console before you connected to it with RDP, then the environment will reflect: SESSIONNAME=Console If the console session was logged out and you connect to it with RDP, then you get this or similar: SESSIONNAME=RDP-Tcp#5 The remedy? Establish autologon so the console is logged on as soon as the system boots, and be careful never to logout from the console session - only disconnect. This presumes the same username can be used and password known to anyone who would take remote control of the console. Carl -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2008 9:17 PM To: NT System Admin Issues Subject: RDP in console mode -- often it is not so When using Microft Remote Desktops MMC, you can check a box to have RDP session via console. You can also use mstsc.exe with /console switch to use console mode. However, once I connect using these options and run Set command on the connected server, often it shows that the session is NOT in console mode; rather it is in a terminal session mode. Does anyone know what causes this inconsistent behavior and how to remedy it? Thanks. - Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: RDP in console mode -- often it is not so
Michael. Thanks. Actually we have only 2003 servers. Glad to know about /admin switch. Jay - Original Message - From: Michael B. Smith [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, June 24, 2008 6:32 PM Subject: RE: RDP in console mode -- often it is not so That command (/console) only works for Server 2003. Server 2000 didn't recognize it, and neither does Server 2008 (/admin instead - the difference isn't a 10 sentence explanation). Regards, Michael B. Smith MCITP:EM/MCSE/Exchange MVP http://TheEssentialExchange.com -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2008 9:17 PM To: NT System Admin Issues Subject: RDP in console mode -- often it is not so When using Microft Remote Desktops MMC, you can check a box to have RDP session via console. You can also use mstsc.exe with /console switch to use console mode. However, once I connect using these options and run Set command on the connected server, often it shows that the session is NOT in console mode; rather it is in a terminal session mode. Does anyone know what causes this inconsistent behavior and how to remedy it? Thanks. - Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: RDP in console mode -- often it is not so
Thanks. Jay - Original Message - From: Carl Houseman [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, June 24, 2008 7:28 PM Subject: RE: RDP in console mode -- often it is not so You can do better than a short duration password-protected screen saver -- just run this from a login script: %windir%\System32\rundll32.exe user32.dll,LockWorkStation Carl -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2008 10:08 PM To: NT System Admin Issues Subject: Re: RDP in console mode -- often it is not so Carl, Thanks. We had noticed what you describe, though it is not clear to me why Microsoft would do that. In any case, we will follow your suggestion to do autologon whenever possible. Of course, this also means, we have to configure a very short duration of lockout for security reasons. Correct? Jay - Original Message - From: Carl Houseman [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, June 24, 2008 6:39 PM Subject: RE: RDP in console mode -- often it is not so If the console session was first logged on at the PHYSICAL console before you connected to it with RDP, then the environment will reflect: SESSIONNAME=Console If the console session was logged out and you connect to it with RDP, then you get this or similar: SESSIONNAME=RDP-Tcp#5 The remedy? Establish autologon so the console is logged on as soon as the system boots, and be careful never to logout from the console session - only disconnect. This presumes the same username can be used and password known to anyone who would take remote control of the console. Carl -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2008 9:17 PM To: NT System Admin Issues Subject: RDP in console mode -- often it is not so When using Microft Remote Desktops MMC, you can check a box to have RDP session via console. You can also use mstsc.exe with /console switch to use console mode. However, once I connect using these options and run Set command on the connected server, often it shows that the session is NOT in console mode; rather it is in a terminal session mode. Does anyone know what causes this inconsistent behavior and how to remedy it? Thanks. - Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Page file of Exchange 2003, 1.05 times the RAM or 1.5 times?
In most place, we read that the pagefile of a Windows server should be at least 1.5 X RAM. However, latest version of ExBPA tool gives error in such a case and tell us to make pagefile only 1.05 X RAM. Should we reduce the file size on Exchange server to only 1.05 X RAM? Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Pros and Cons of Merging/Not-merging two independent AD domains of a company
We have to tell the management Pros and Cons of these 2 scenarios: 1. Keeping two domains (with their own AD forests) separate but with trusts between the two domains. 2. Merging one AD domain in to other AD forest as a child domain. (Both forests have Exchange 2K3.) Of course, the biggest advantage of 1st option is no money or time needed. Disadvantage will be lack of ease in coordinate meetings, appointments. (Interorg replication will help). I would appreciate if you guys can suggest some other points. Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Extending Win 2003 AD schema for Secure Computing
Ken and Greg, Thanks for replying. I am aware that there is one schema per forest and that is why I asked the question. I presume the new objects will be a very small fraction of current objects (less than 1%) so replication impact should be minimal. I just wanted to be sure that installing secure computing application in one domain has no impact on other domains in terms of how they accept authentication. (It seems Greg's assurance is from his experience.) Thanks again. Jay - Original Message - From: Ken Schaefer [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Friday, May 02, 2008 11:03 PM Subject: RE: Extending Win 2003 AD schema for Secure Computing There is only one schema per forest. Again, unlikely to be any negative impact, but it will impact all domains in the forest (e.g. replication of new objects) Cheers Ken -Original Message- From: Greg Ewy [mailto:[EMAIL PROTECTED] Sent: Saturday, 3 May 2008 9:15 AM To: NT System Admin Issues Subject: RE: Extending Win 2003 AD schema for Secure Computing You should beit fine setting up, the other domains should not be adversely impacted. Greg Ewy -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Friday, May 02, 2008 3:33 PM To: NT System Admin Issues Subject: Extending Win 2003 AD schema for Secure Computing Have anyone gone thru extending AD schema for Secure Computing's SafeWord RemoteAccess tokens? Is it rather safe to do on production DC or did you isolate a root DC before doing the schema change. In our AD forest, only one domain will be using these tokens, and we hope other 6 domains are not adversely affected. Thanks for any input. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Extending Win 2003 AD schema for Secure Computing
Have anyone gone thru extending AD schema for Secure Computing's SafeWord RemoteAccess tokens? Is it rather safe to do on production DC or did you isolate a root DC before doing the schema change. In our AD forest, only one domain will be using these tokens, and we hope other 6 domains are not adversely affected. Thanks for any input. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Why Domain GPO gets applied to the Non-domain NIC?
We hava laptops with wired and wireless NICs. These laptops are member of the 'Corp' domain. This domain has GPO that should Prohibit use of internet connection firewall on your DNS domain. LAN NIC is getting IP and DNS suffix from corporate DHCP server and should have firewall disabled but the wireless NICs are getting IP and non-corp DNS suffix from a DSL router, but the firewall is still disabled (grayed out) on these wireless NICs. Why should GPO apply to these wireless NICs if they are neither on a Corp subnet nor have corp DNS suffix? How can we enable firewall on these wireless connections? Thanks. Jay ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Alternative to Network Solutions?
Thank you all for your suggestions. To wrap up this thread, can anyone give any strong reason not to go with GoDaddy -- other than they charging $80 to renew the expired domain? BTW, does someone want to defend Network Solutions and their high prices? Jay - Original Message - From: Christopher Boggs [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Wednesday, April 02, 2008 7:13 AM Subject: RE: Alternative to Network Solutions? Oh well I guess I went overboard, OP isn't really looking for web hosting, just domain hosting and DNS... gotta finish reading before I start typing. Either way, I host several domains with Dreamhost, and other than the problem I mentioned with odd domains, everything's been great. Not sure on the SPF record part though -Original Message- From: Christopher Boggs [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 02, 2008 9:09 AM To: NT System Admin Issues Subject: RE: Alternative to Network Solutions? I've been using Dreamhost for over two years now, hosting multiple sites. Yeah, they majorly oversell, but my service has been consistent and rarely interrupted. YMMV. I guess it all depends what server you get put on. They've got a great support system, the control panels are all custom built, you get shell access and real users, lots of other goodies... and they've got a great sense of humor. I can provide discount codes if you want them. Domains are 10 bucks a year, but beware - they couldn't take a .biz domain I tried to transfer from NS, I don't think they take the odd ones like .info, -cb -Original Message- From: David Lum [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 02, 2008 8:52 AM To: NT System Admin Issues Subject: RE: Alternative to Network Solutions? Netfirms.com here. $60/yr for hosting my website (10GB), $10/yr for domain renewals. Dave Lum - Systems Engineer [EMAIL PROTECTED] - (971)-222-1025 When you step on the brakes your life is in your foot's hands -Original Message- From: James Kerr [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 02, 2008 6:43 AM To: NT System Admin Issues Subject: Re: Alternative to Network Solutions? We switched from NetSol years ago due to the same reasons you are unhappy. We started using godaddy and have been happy with them. I also use them for my personal domains as well. James - Original Message - From: Ajay Kulsh [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tuesday, April 01, 2008 10:19 PM Subject: Alternative to Network Solutions? Hi folks, At this time, most of our clients have their domain registered and DNS servers kept at Network Solutions. However, we are finding their charges high and services minimal. For example, they do not support creation of SPF records -- and tech-support refuses to send us an email stating so. Is GoDaddy a good choice? Any other companies with which you have had good experience? Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Alternative to Network Solutions?
Hi folks, At this time, most of our clients have their domain registered and DNS servers kept at Network Solutions. However, we are finding their charges high and services minimal. For example, they do not support creation of SPF records -- and tech-support refuses to send us an email stating so. Is GoDaddy a good choice? Any other companies with which you have had good experience? Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
File and Print Sharing on workstations - Security Risk?
Management of this company thinks that turning on file and print sharing on workstations is a security vulnerability. In my opinion, this hampers remote control of workstations like in Computer Management and does not provide any significant security advantage. What do you guys think? Any story from trenches?Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Inventory Software and Info. about Mapped drives
Ben, Thanks for a great suggestion. By the way, .Asset Tracker of Alchemy-Lab does provide info about mapped drives -- if you deploy client agents.. On the subject of Inventory Software, Microsoft Application Compatibility Toolkit (ACT) 5.0 provides this information Free but you do have to install SQL 2005 Express, configure GPO etc -- a little bit more work compared to a 3rd party tool like Asset Tracker. Jay - Original Message - From: Ben Scott [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, February 11, 2008 2:09 PM Subject: Re: Inventory Software and Info. about Mapped drives On Feb 11, 2008 5:04 PM, Ajay Kulsh [EMAIL PROTECTED] wrote: Do any of you know of a software inventory program that can give complete information about the mapped drives? Poor man's answer -- put something like the following in a logon script: ECHO %DATE% %TIME% %ComputerName% %UserName% \\mgmt_server\mgmt_share\logfile.txt NET USE \\mgmt_server\mgmt_share\logfile.txt Be aware that mapped drives are part of a user's profile, are not tied to any particular machine, can vary from user to user, etc. -- Ben ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Inventory Software and Info. about Mapped drives
I parsed thru many old discussions here about Inventory Softwares and tested quite a few suggested programs. I seem to like AssetTracker of Alchemy-Lab. However, it claims to provide information about logical drives but at best can just name the letter like S: without saying to what share it is mapped. Do any of you know of a software inventory program that can give complete information about the mapped drives? Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Documenting a Windows domain -- Many thanks to this list
Don, I certainly did not want to give that impression. I shared my own solutions in case someone else needs them. I have been a member of this list for about 10 years, though I am mostly invisible. I could not have survived without this list when I started out in IT field. All you gurus have bailed me out many a times. So once again thanks to all of you and to Sunbelt. Jay So. Pasadena, CA - Original Message - From: Don Ely To: NT System Admin Issues Sent: Thursday, January 24, 2008 7:03 AM Subject: Re: Documenting a Windows domain Geee, we might all be too stupid for you... You ask and answer your own questions On Jan 24, 2008 4:24 AM, Ajay Kulsh [EMAIL PROTECTED] wrote: Let me once again answer my own question: Best tool to dump AD information is a script. Multiple scripts are available at: http://www.microsoft.com/technet/scriptcenter/scripts/default.mspx?mfr=true Jay - Original Message - From: Ajay Kulsh [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thursday, January 24, 2008 2:28 AM Subject: Re: Documenting a Windows domain -- a subjecting propostion? Thanks but I will not be able to install Visio in that domain. I am using SrvInfo tool to gather information about servers. GPMC creates nice report about GPOs. But using csvde -f command gives information about AD but that file has too verbose to be useful. Are there some other tools that dump AD and other network information? Thanks. Jay - Original Message - From: Free, Bob [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Wednesday, January 23, 2008 4:25 PM Subject: RE: Documenting a Windows domain -- a subjecting propostion? admap will get you a good start. Ooops...that's the 'old' name :-) ADTD will get you a good startit has selectable levels of detail, which you choose really depends on the complexity of your environment and the intended audience. Once you have the topology mapped, you can add other stuff to your heart's content. It's a free D/L from MS now but it does require VISIO. http://www.microsoft.com/downloads/details.aspx?FamilyID=cb42fc06-50c7-4 7ed-a65c-862661742764DisplayLang=en -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 23, 2008 4:12 PM To: NT System Admin Issues Subject: Documenting a Windows domain -- a subjecting propostion? I have been told to document a Windows 2003 domain -- without instructions on what to include. I am thinking of listing all DCs, sites, connectors, servers-and-their-applications, user and group names, group membership and GPOs. Any suggestions on what else I should include and if there is a tool to do this? Thanks. Jay So. Pasadena ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Documenting a Windows domain -- a subjecting propostion?
Thanks but I will not be able to install Visio in that domain. I am using SrvInfo tool to gather information about servers. GPMC creates nice report about GPOs. But using csvde -f command gives information about AD but that file has too verbose to be useful. Are there some other tools that dump AD and other network information? Thanks. Jay - Original Message - From: Free, Bob [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Wednesday, January 23, 2008 4:25 PM Subject: RE: Documenting a Windows domain -- a subjecting propostion? admap will get you a good start. Ooops...that's the 'old' name :-) ADTD will get you a good startit has selectable levels of detail, which you choose really depends on the complexity of your environment and the intended audience. Once you have the topology mapped, you can add other stuff to your heart's content. It's a free D/L from MS now but it does require VISIO. http://www.microsoft.com/downloads/details.aspx?FamilyID=cb42fc06-50c7-4 7ed-a65c-862661742764DisplayLang=en -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 23, 2008 4:12 PM To: NT System Admin Issues Subject: Documenting a Windows domain -- a subjecting propostion? I have been told to document a Windows 2003 domain -- without instructions on what to include. I am thinking of listing all DCs, sites, connectors, servers-and-their-applications, user and group names, group membership and GPOs. Any suggestions on what else I should include and if there is a tool to do this? Thanks. Jay So. Pasadena ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Documenting a Windows domain
Let me once again answer my own question: Best tool to dump AD information is a script. Multiple scripts are available at: http://www.microsoft.com/technet/scriptcenter/scripts/default.mspx?mfr=true Jay - Original Message - From: Ajay Kulsh [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thursday, January 24, 2008 2:28 AM Subject: Re: Documenting a Windows domain -- a subjecting propostion? Thanks but I will not be able to install Visio in that domain. I am using SrvInfo tool to gather information about servers. GPMC creates nice report about GPOs. But using csvde -f command gives information about AD but that file has too verbose to be useful. Are there some other tools that dump AD and other network information? Thanks. Jay - Original Message - From: Free, Bob [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Wednesday, January 23, 2008 4:25 PM Subject: RE: Documenting a Windows domain -- a subjecting propostion? admap will get you a good start. Ooops...that's the 'old' name :-) ADTD will get you a good startit has selectable levels of detail, which you choose really depends on the complexity of your environment and the intended audience. Once you have the topology mapped, you can add other stuff to your heart's content. It's a free D/L from MS now but it does require VISIO. http://www.microsoft.com/downloads/details.aspx?FamilyID=cb42fc06-50c7-4 7ed-a65c-862661742764DisplayLang=en -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Wednesday, January 23, 2008 4:12 PM To: NT System Admin Issues Subject: Documenting a Windows domain -- a subjecting propostion? I have been told to document a Windows 2003 domain -- without instructions on what to include. I am thinking of listing all DCs, sites, connectors, servers-and-their-applications, user and group names, group membership and GPOs. Any suggestions on what else I should include and if there is a tool to do this? Thanks. Jay So. Pasadena ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Documenting a Windows domain -- a subjecting propostion?
I have been told to document a Windows 2003 domain -- without instructions on what to include. I am thinking of listing all DCs, sites, connectors, servers-and-their-applications, user and group names, group membership and GPOs. Any suggestions on what else I should include and if there is a tool to do this? Thanks. Jay So. Pasadena ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Sharing Contacts and Calendar between 2 AD forests
Ken, I think that can be achieved by using the Microsoft Exchange Server InterOrg Replication tool: http://support.microsoft.com/kb/238573 Jay - Original Message - From: Ken Schaefer [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Friday, January 18, 2008 7:07 PM Subject: RE: Sharing Contacts and Calendar between 2 AD forests IIFP (Identity Integration Feature Pack) will do GAL sync, but does it automate calendar sharing? Cheers Ken -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Saturday, 19 January 2008 6:38 AM To: NT System Admin Issues Subject: RE: Sharing Contacts and Calendar between 2 AD forests Look at MIIS, the free version will do what your want. Shook http://www.linkedin.com/in/andyshook -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Friday, January 18, 2008 2:35 PM To: NT System Admin Issues Subject: Sharing Contacts and Calendar between 2 AD forests Hi folks, Our company with Windows 2003 AD and Exch 2003 is merging with another one that has its own similar AD forest and Exchange. At this time we don't want to migrate one forest into another. What would be the most efficient/economical way to share contacts and calendars between the two companies, assuming it is possible? I am already studying options presented in this article: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technolog ies/directory/activedirectory/mtfstwp.mspx but would like to hear from someone who has actually implemented a solution. Thanks. Jay So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Sharing Contacts and Calendar between 2 AD forests
Hi folks, Our company with Windows 2003 AD and Exch 2003 is merging with another one that has its own similar AD forest and Exchange. At this time we don't want to migrate one forest into another. What would be the most efficient/economical way to share contacts and calendars between the two companies, assuming it is possible? I am already studying options presented in this article: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/mtfstwp.mspx but would like to hear from someone who has actually implemented a solution. Thanks. Jay So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Bit OT - a Major Annoyance -- Cannot size the window (Goes from Min to Max)
Ken, The portion of the webpage that helped me see the mid-size window had to do with how to Move the window using keyboard. The midsize (restore in many cases) window was *totally hidden* in the top left corner and became visible when I could move it. Then I resized that tiny window. So Sizing and Moving were sort of intertwined. Jay P.S.: No, I never do a reinstall so such minor issues. - Original Message - From: Ken Schaefer [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, January 14, 2008 7:31 PM Subject: RE: Bit OT - a Major Annoyance -- Cannot size the window (Goes from Min to Max) Which part of that document solved your problem? It seems to be describing how to resize a window using a mouse, or alternatively, the keyboard. There isn't any problem there that I can see... Cheers Ken -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, 15 January 2008 2:26 PM To: NT System Admin Issues Subject: Re: Bit OT - a Major Annoyance -- Cannot size the window (Goes from Min to Max) Found solution myself, thru Google on searching for sizing the window (other similar phrases had not helped.) In case any of you are interested, this website has the solution -- without any registry key entry: http://www.computer-2tr.com/tips/06/20061101.html Jay - Original Message - From: Ajay Kulsh [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, January 14, 2008 7:14 PM Subject: Bit OT - a Major Annoyance -- Cannot size the window (Goes from Min to Max) Hi folks, I have had this problem now and then with different softwares -- and I think most of you might have experienced it as well -- where Window either covers the whole screen (Max mode) or just stays on Taskbar (Min mode). This is quite annoying and usually I restore the whole desktop to an earlier date. This time even that trick is not working. The program is PowerDeskPro 6 on Vista Ultimate. Does anyone know any registry entry that might fix this? Or any other solution? (Hard to search on Google due to difficulty in phrasing the problem in unique words...) Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Bit OT - a Major Annoyance -- Cannot size the window (Goes from Min to Max)
Hi folks, I have had this problem now and then with different softwares -- and I think most of you might have experienced it as well -- where Window either covers the whole screen (Max mode) or just stays on Taskbar (Min mode). This is quite annoying and usually I restore the whole desktop to an earlier date. This time even that trick is not working. The program is PowerDeskPro 6 on Vista Ultimate. Does anyone know any registry entry that might fix this? Or any other solution? (Hard to search on Google due to difficulty in phrasing the problem in unique words...) Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: Bit OT - a Major Annoyance -- Cannot size the window (Goes from Min to Max)
Found solution myself, thru Google on searching for sizing the window (other similar phrases had not helped.) In case any of you are interested, this website has the solution -- without any registry key entry: http://www.computer-2tr.com/tips/06/20061101.html Jay - Original Message - From: Ajay Kulsh [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, January 14, 2008 7:14 PM Subject: Bit OT - a Major Annoyance -- Cannot size the window (Goes from Min to Max) Hi folks, I have had this problem now and then with different softwares -- and I think most of you might have experienced it as well -- where Window either covers the whole screen (Max mode) or just stays on Taskbar (Min mode). This is quite annoying and usually I restore the whole desktop to an earlier date. This time even that trick is not working. The program is PowerDeskPro 6 on Vista Ultimate. Does anyone know any registry entry that might fix this? Or any other solution? (Hard to search on Google due to difficulty in phrasing the problem in unique words...) Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
DNS dynamic updates - Secure vs. Nonsecure
Can anyone tell me what is the harm in having Nonsecure Dynamic DNS updates in Windows 2003 DNS server, if any? For some reason, from some of our subnets, clients (thru DHCP server or directly) cannot register their A and PTR records with the DNS server if we choose to have Secure Only updates, so we have enable both Secure and Nonsecure. Has anyone had this kind of problem before? Thanks. Jay Kulsh So. Pasadena, CA ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: DNS dynamic updates - Secure vs. Nonsecure
Carl, Thanks for replying. I had gone thru that long article and still was not sure what is the harm in having no secure updates. Also that article does not say why secure updates might fail. That article also states that secure dynamic updates functionality can be compromised if the following conditions are true: . You run a DHCP server on a Windows Server 2003-based domain controller and . The DHCP server is configured to perform registration of DNS records on behalf of its clients. As a consultant, I often find DHCP servers configured on DCs and they, by default, register DNS on behalf of clients, so Secure dynamic updates functionality is hardly used... Jay - Original Message - From: Carl Webster [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, January 07, 2008 12:21 PM Subject: Re: DNS dynamic updates - Secure vs. Nonsecure http://support.microsoft.com/kb/816592 Webster - Original Message From: Ajay Kulsh [EMAIL PROTECTED] Subject: DNS dynamic updates - Secure vs. Nonsecure Can anyone tell me what is the harm in having Nonsecure Dynamic DNS updates in Windows 2003 DNS server, if any? For some reason, from some of our subnets, clients (thru DHCP server or directly) cannot register their A and PTR records with the DNS server if we choose to have Secure Only updates, so we have enable both Secure and Nonsecure. Has anyone had this kind of problem before? Thanks. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
Re: DNS dynamic updates - Secure vs. Nonsecure
Ken, That is the definition of nonsecure update - but how can this be harmful, if your network is physically secure? Jay - Original Message - From: Ken Schaefer [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, January 07, 2008 4:05 PM Subject: RE: DNS dynamic updates - Secure vs. Nonsecure Non-secure updates means that anyone can update a dynamic DNS entry, because there's no workstation level authentication required in order to update the entry. Anyone can create a new entry, and anyone can update and existing entry. Cheers Ken -Original Message- From: Ajay Kulsh [mailto:[EMAIL PROTECTED] Sent: Tuesday, 8 January 2008 7:45 AM To: NT System Admin Issues Subject: Re: DNS dynamic updates - Secure vs. Nonsecure Carl, Thanks for replying. I had gone thru that long article and still was not sure what is the harm in having nonsecure updates. Also that article does not say why secure updates might fail. That article also states that secure dynamic updates functionality can be compromised if the following conditions are true: . You run a DHCP server on a Windows Server 2003-based domain controller and . The DHCP server is configured to perform registration of DNS records on behalf of its clients. As a consultant, I often find DHCP servers configured on DCs and they, by default, register DNS on behalf of clients, so Secure dynamic updates functionality is hardly used... Jay - Original Message - From: Carl Webster [EMAIL PROTECTED] To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, January 07, 2008 12:21 PM Subject: Re: DNS dynamic updates - Secure vs. Nonsecure http://support.microsoft.com/kb/816592 Webster - Original Message From: Ajay Kulsh [EMAIL PROTECTED] Subject: DNS dynamic updates - Secure vs. Nonsecure Can anyone tell me what is the harm in having Nonsecure Dynamic DNS updates in Windows 2003 DNS server, if any? For some reason, from some of our subnets, clients (thru DHCP server or directly) cannot register their A and PTR records with the DNS server if we choose to have Secure Only updates, so we have enable both Secure and Nonsecure. Has anyone had this kind of problem before? Thanks. ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~ ~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm ~
