RE: CSG 3.2 and Presenatation 4.5
Thank you Sir. That is good info. To get fully up to speed on this, not expert mind you but good enough. What materials would you suggest to read. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-644-3479 Cell 813-644-3476 Fax From: Webster [mailto:webs...@carlwebster.com] Sent: Friday, March 15, 2013 9:51 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 I have LOTS of customers who run CSG internally. Some require that all traffic is encrypted and they also have a Citrix policy that says everyone uses RC5 128-bit ICA Encryption. I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 (http://support.citrix.com/article/CTX133095). That is also more than likely the last version of CSG. I would also make sure you are running Web Interface 5.4.2 since it addresses known security vulnerabilities. http://support.citrix.com/article/CTX130660 This is also the last version of Web Interface. If this is PS4.5 on Server 2003, just make sure your customer knows that on March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS. I would recommend Hotfix Rollup Pack 7. http://support.citrix.com/article/CTX127926 Just make sure you read the prereqs first. Once you install HRP7, install the following updates: http://support.citrix.com/article/CTX133359 (security fix) http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5 install before the next fix) http://support.citrix.com/article/CTX126734 (Delivery Services Console 4.7.2, install after the previous update) While you are updating stuff to get them all current, I would also upgrade to License Server 11.10 for Windows since it no longer uses IIS. https://www.citrix.com/downloads/licensing/license-server.html You will need to take 1 minute to return your current license file and download a new license file that is formatted for 11.10. This will not affect any currently logged in users. This should get you all up-to-date for all the dead products your customer is using. Thanks Webster From: Ken Cornetet [mailto:ken.corne...@kimball.com] Sent: Friday, March 15, 2013 8:04 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Why would you run CSG internally? I run a Xenapp 5 farm with just a web interface for internal users. External users come through a different CSG/WI box in the DMZ. From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Monday, March 04, 2013 2:41 PM To: NT System Admin Issues Subject: CSG 3.2 and Presenatation 4.5 We have a client who their internal guy just left and he basically maintained a Citrix Farm on Xenapp 4.5 with CSG 3.2 They have asked us to take a look and fix a few things. I renewed their SSL cert which is running under their own PKI infrastructure, but the CSG service is disabled and the whole things is running through IIS. They can login and everything works, but I have never seen that configuration before. Usually the SSL on IIS is running 444 and the CSG runs 443. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Backup - Axcient, Dell AppAssure or Unitrends applaince
We use Appassure quite heavily. The product is solid and works. There are a few issues with v5 though. The reporting summary reports from v4 are not present currently in v5, but I have been told they are in process. V5 core requires a decent system to run it on. 4 gb ram minimum. Anything less it it hurts to use it. v4 was a little heavy too, but nothing like v5. Restoring is very easy, especially if you already have it virtualized. We snapshot hourly and have successfully restored, SQL, Exchange, AD and file services in a private network separate from the production network and had it back running in less than 15 mins using HyperV, backing up HyperV images. We have restored Vmware images, there are a few more things to do to get it working and we have to reenter IP info after the restore. Replication and reduplication are built in and work pretty good. Replication is not as resilient as Microsoft new HyperV replication over higher latency links, but it does a good job recovering. Haven't used Axcient or Unitrends. AppAssure is one product that hasn't been affected by dell except that they have thrown more resources at support. I can always reach someone in a few minutes. SOmetimes getting level 2 to respond takes a day, but we have become pretty familiar with the product so its only needed on real weird issues or an upgrade that goes bad. Greg Sweers CEO ACTS360.com http://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-644-3479 Cell On 2/25/13 3:58 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, Feb 25, 2013 at 12:21 PM, chipsh...@comcast.net wrote: Any one on the list using any of these three? Looking for feedback on the products listed, off list or on. Thanks. AOL, I mean, me too. :-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Managed service
Yes that's always a real possibility in any organization with outsourcing. Smaller organizations this is a real issue for, but mid and large companies not so much. However, we do a lot of work for organizations that frees up the internal IT resources to work on managing specific workflows, applications, development, IT Strategy. When we do that they usually don't let anyone go, they just are not hiring as many people as they would have. Its becomes much more skills focused for specific jobs and the day to day maintenance stuff, backups, reboots, patches, etc come to us. Special project work tens to flow to us as well. I am not going to apologize for business decisions, but I don't go out looking for ways to get my fellow IT guys fired if that's what you are insinuating. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell From: pdw1...@hotmail.com [mailto:pdw1...@hotmail.com] Sent: Monday, December 17, 2012 9:29 AM To: NT System Admin Issues Subject: RE: Managed service ...frees local IT up to focus... And to stand in the unemployment line. You forgot to add that little line which is a fact of life in IT. From: gswe...@acts360.commailto:gswe...@acts360.com To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Managed service Date: Sat, 15 Dec 2012 02:49:50 + I run what is a considered a Managed Services Organization. So I can speak to this pretty well. This is not a solicitation or pitch, its just what we do and answering the thread. The growing trend among IT business owners is to bid a monthly service for various levels of support. Our most common is AYCE (All You Can Eat), we charge a fee per device. Server/Workstation/Network Device(Switch, Wireless, Firewall) and Backup. Based on volume pricing is varied. Everything is covered within support of the servers/desktops/equipment. Dealing with vendors, identifying issues, optimizing performance, replacing equipment, and managing all aspects of covered equipment. Backup is completely image based with Log truncation and database mount verification with local full/incrementals for scoped length of terms and Warm Standby. Data is also replicated to a Top level datacenter where we can spin up the entire environment within a few minutes. Project work is a seperate scope unless built into the monthly, usually for a given # of hours each month. Goes towards VCIO/Consulting/Project work. In a typical managed environment you will pay to not worry about the maintenance, realtime monitoring, automated remediation with manual if thresholds do not rectify in short order. Patching, antivirus, performance tuning, application installations, image building, backups and offsite replication all included, verified, tested 24x7, software updates, and help desk support for a single monthly fee. When you factor the costs into managing this and ENSURING its 100% 24x7 for organizations the cost of labor, software, and servers to perform these tasks usually outstrips the cost of the monthly. We also offer Tier 2 services to support local IT guys who just need outsourced help for projects or to offload, or backup services so they never worry about it. Just get reports and confirmations of backups/work performed. Then we move this and apply it to our Cloud services with a different twist. This is the growing trend and what more and more providers are doing in terms of flat fees. Guarantees revenues, and we have built systems and processes that performs excellently with a minimal amount of manual intervention thereby lowering costs. When you build it to scale, you can do much more work with less people, which frees local IT up to focus the IT strategy to be in line with the business goals and not worry about keeping IT up. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell From: Tigran K tigr...@gmail.commailto:tigr...@gmail.com Reply-To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date: Friday, December 14, 2012 5:01 PM To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Managed service No, if they have an issue it covers, if not I sit at home and relax. --T On Fri, Dec 14, 2012 at 1:53 PM, David Lum david@nwea.orgmailto:david@nwea.org wrote: Searchable: http://www.mail-archive.com/ntsysadmin@lyris.sunbelt-software.com/http://www.mail-archive.com/ntsysadmin%40lyris.sunbelt-software.com/ Search for consulting Monthly fee? Tough call. Is the fee supposed to cover x hours of work? From: Tigran K [mailto:tigr
Re: Managed service
I run what is a considered a Managed Services Organization. So I can speak to this pretty well. This is not a solicitation or pitch, its just what we do and answering the thread. The growing trend among IT business owners is to bid a monthly service for various levels of support. Our most common is AYCE (All You Can Eat), we charge a fee per device. Server/Workstation/Network Device(Switch, Wireless, Firewall) and Backup. Based on volume pricing is varied. Everything is covered within support of the servers/desktops/equipment. Dealing with vendors, identifying issues, optimizing performance, replacing equipment, and managing all aspects of covered equipment. Backup is completely image based with Log truncation and database mount verification with local full/incrementals for scoped length of terms and Warm Standby. Data is also replicated to a Top level datacenter where we can spin up the entire environment within a few minutes. Project work is a seperate scope unless built into the monthly, usually for a given # of hours each month. Goes towards VCIO/Consulting/Project work. In a typical managed environment you will pay to not worry about the maintenance, realtime monitoring, automated remediation with manual if thresholds do not rectify in short order. Patching, antivirus, performance tuning, application installations, image building, backups and offsite replication all included, verified, tested 24x7, software updates, and help desk support for a single monthly fee. When you factor the costs into managing this and ENSURING its 100% 24x7 for organizations the cost of labor, software, and servers to perform these tasks usually outstrips the cost of the monthly. We also offer Tier 2 services to support local IT guys who just need outsourced help for projects or to offload, or backup services so they never worry about it. Just get reports and confirmations of backups/work performed. Then we move this and apply it to our Cloud services with a different twist. This is the growing trend and what more and more providers are doing in terms of flat fees. Guarantees revenues, and we have built systems and processes that performs excellently with a minimal amount of manual intervention thereby lowering costs. When you build it to scale, you can do much more work with less people, which frees local IT up to focus the IT strategy to be in line with the business goals and not worry about keeping IT up. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell From: Tigran K tigr...@gmail.commailto:tigr...@gmail.com Reply-To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date: Friday, December 14, 2012 5:01 PM To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Managed service No, if they have an issue it covers, if not I sit at home and relax. --T On Fri, Dec 14, 2012 at 1:53 PM, David Lum david@nwea.orgmailto:david@nwea.org wrote: Searchable: http://www.mail-archive.com/ntsysadmin@lyris.sunbelt-software.com/ Search for “consulting” Monthly fee? Tough call. Is the fee supposed to cover x hours of work? From: Tigran K [mailto:tigr...@gmail.commailto:tigr...@gmail.com] Sent: Friday, December 14, 2012 1:16 PM To: NT System Admin Issues Subject: Re: Managed service Thanks for the reply David. Two questions. Where is the archive? The company I'm working with wants to do a monthly fee type of a thing. For general support. Is this common? Do you know how much is reasonable for a monthly deal? We have a hourly rate set for projects. Thanks --T On Fri, Dec 14, 2012 at 6:39 AM, David Lum david@nwea.orgmailto:david@nwea.org wrote: There are many threads on this if you search the archives, but I love this topic, so… Rate: It depends where you are. Portland, OR Metro IT consultants charge between $80-$125/hr. In fact I’m the only one I know below $100/hr, granted I don’t know that many others, like three. Check the local competition and be aware of your differentiation from Geek squad, etc. will be the server side of things, so keep in mind they might consider that type of service and pricing as a barometer. Write up an SLA / expectations. Know what you’re willing to take on and emphasize quality to your clients vs. number of clients – it’s OK to say no to potential clients, as well as let this client know what you support and what you don’t. If possible, set them up with Log Mein or equivalent (I have Log Mein on a system per client, then remote to their other systems from there) so you can do timely remote work. I also charge less for remote work vs. onsite ($55/hr. vs. $80/hr. onsite), and have it identified up front
RE: Mobile app for password management
Lastpass.com Has mobile as well as PC/Mac Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell From: David Lum [mailto:david@nwea.org] Sent: Tuesday, December 04, 2012 11:51 AM To: NT System Admin Issues Subject: Mobile app for password management I use KeePass on my PC's to manage passwords, I'd like to use a mobile app to do the same thing . There are tons of apps available, do you guys have a recommendation? Device is an iPhone... David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Replicating VMs to DR?
Appassure makes a product called Replay that does this. We use it for all of our BDR appliances that we put into our customers. Allows it to run locally and then we replicate it to our central repository. Allows for local as well and offsite. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell From: Paul Gordon [mailto:paul_gor...@hotmail.com] Sent: Monday, November 26, 2012 2:24 PM To: NT System Admin Issues Subject: RE: Replicating VMs to DR? Veeam does exactly that kind of replication as well as backup... There is also a product from Doubletake that does it I believe. HTH Paul G. From: Derrenbacker, L. Jonathan [mailto:jderrenbac...@keitercpa.com]mailto:[mailto:jderrenbac...@keitercpa.com] Sent: 26 November 2012 18:41 To: NT System Admin Issues Subject: Replicating VMs to DR? For those who replicate their Virtual Servers to their Disaster Recovery site, I'm curious who uses what method. I don't have a second SAN in my disaster recovery site right now, and I'm looking for other methods to replicate my VMs without SAN-to-SAN. There's always the option of just taking a Veeam or Vranger backup and copying that to DR via robocopy every day. But something more real-time would be nice... Anyone have opinions/ideas? Thanks, Jon [cid:image001.png@01CDCBEB.20016D90] Jon Derrenbacker | Systems Engineer Manager | Keiter 4401 Dominion Boulevard, 2nd Floor, Glen Allen, VA 23060 phone: 804-273-6221 | fax: 804-747-3632 | keitercpa.comhttp://www.keitercpa.com/ Experience | Knowledge | Relationships | Insight Note: This communication, including any attachments, may contain privileged or other confidential information. If you are not the intended recipient, or believe you have received this communication in error, do not print, copy, retransmit, disseminate, or otherwise use the information contained within. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. IRS Circular 230 Disclosure: To ensure compliance with requirements imposed by the IRS, we inform you that any tax advice contained in this communication (including any attachments) is not intended or written to be used, and cannot be used, for the purpose of (i) avoiding any penalties under the Internal Revenue Code or (ii) promoting, marketing or recommending to another party any transaction(s) or tax-related matter(s) addressed herein. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.png
RE: Goobye for Now
Best of luck to you John! Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, November 05, 2012 12:38 PM To: NT System Admin Issues Subject: RE: Goobye for Now Good luck in the new endevavor... Z From: Guyer, Don [mailto:dgu...@che.org]mailto:[mailto:dgu...@che.org] Sent: Mon 11/5/2012 12:10 PM To: NT System Admin Issues Subject: RE: Goobye for Now Good luck, John! Regards, Don Guyer Catholic Health East - Information Technology Enterprise Directory Messaging Services 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 email: dgu...@che.orgmailto:dgu...@che.org Office: 610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440 For immediate assistance, please open a Service Desk ticket or call the helpdesk @ 610-492-3839. [Description: Description: Description: InfoService-Logo240] From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us]mailto:[mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Monday, November 05, 2012 12:03 PM To: NT System Admin Issues Subject: Goobye for Now For more years than I can recall, I've enjoyed the knowledge I've gained as a member of this list. I confess to being much more of an information consumer than producer; the knowledge possessed by the top posters here far exceeds mine. After around fourteen years in the same job, I'm getting out of my comfort zone and making a move. Later this month I'll be joining Florida State University to manage I.T. in the College of Business. Part of my tidying of loose ends before I leave is unsubscribing from various mailing lists, and I plan to drop off of this one in a few days. I strongly suspect that I'll subscribe again once I get to FSU, although I won't know until I get there how much I'll be responsible for myself and how much will fall on the university's centralized IT Services unit. If anyone here works for a Florida university and wants to ping me offline, I wouldn't complain. I've been in the K-12 field for ages and don't have any contacts at that level. John Hornbuckle, MSMIS, PMP MIS Department Taylor County School District http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail, including any attachments is the property of Catholic Health East and is intended for the sole use of the intended recipient(s). It may contain information that is privileged and confidential. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please delete this message, and reply to the sender regarding the error in a separate email. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.jpg
RE: DFS Server 2008 Greyed out
Did you raise the Domain functional level to 2008 or 2008 R2 ? Only if you don't have any other 2003 DC's FYI.. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell From: Matt Plahtinsky [mailto:cbusitl...@gmail.com] Sent: Thursday, October 04, 2012 12:12 PM To: NT System Admin Issues Subject: Re: DFS Server 2008 Greyed out That's the thing there is no names space created yet. I could try creating one then migrating it I was also just reading through the dsutil.exe commands and see that I can specify v2 (2008 Mode) if I create via the command line. Going to try that next to see if it will let you do it that way. On Thu, Oct 4, 2012 at 11:48 AM, Christopher Bodnar christopher_bod...@glic.commailto:christopher_bod...@glic.com wrote: Hmmm how about this? http://technet.microsoft.com/en-us/library/cc753875.aspx If you really do have a 2000 mode name space, this will allow you to migrate it. Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459tel:610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.commailto:christopher_bod...@glic.com [cid:image001.jpg@01CDA248.698855E0] The Guardian Life Insurance Company of America www.guardianlife.comhttp://www.guardianlife.com/ From:Matt Plahtinsky cbusitl...@gmail.commailto:cbusitl...@gmail.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date:10/04/2012 11:14 AM Subject:Re: DFS Server 2008 Greyed out Yes I have tried this with no luck I'm running into a time crunch so I might have to live with DFS 2000 mode If i can't find a solution. Thanks for the suggestion. Matt On Thu, Oct 4, 2012 at 8:42 AM, Christopher Bodnar christopher_bod...@glic.commailto:christopher_bod...@glic.com wrote: Have you tried this? http://www.petri.co.il/forums/showthread.php?t=46538 Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459tel:610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.commailto:christopher_bod...@glic.com [cid:image001.jpg@01CDA248.698855E0] The Guardian Life Insurance Company of America www.guardianlife.comhttp://www.guardianlife.com/ From:Matt Plahtinsky cbusitl...@gmail.commailto:cbusitl...@gmail.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date:10/03/2012 09:16 PM Subject:DFS Server 2008 Greyed out Getting ready to setup a multiple site DFS file shares. The domain was just recently upgraded from SBS 2003 to Server 2008 R2. The network is made up of 3 sites with each having 1 dc and 1 file server. The domain functional level is at Server 2008 R2. When creating the DFS Name Space the check box Enable Windows Server 2008 Mode is greyed out. After a few hours of searching the web I have not found out how to get the DFS level to 2008. My only guess is that at some point the old SBS 2003 (has been decommissioned) box had DFS enabled and somewhere the new file servers still see or have record of the old server and will not allow me to implement the new 2008 mode. Does anyone have any ideas? Thanks Matt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you
Re: 2008R2 DNS, Network Location issue
It's an communications software that runs on a separate ip range for vlans and the devices that they use. But it has to have communications to ad and exchange. It's old and going away but it's still needed for awhile. Sent from my iPhone On Sep 10, 2012, at 21:10, David Lum david@nwea.orgmailto:david@nwea.org wrote: Silly Andrew…stop trying to get to the root cause… From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, September 10, 2012 11:14 AM To: NT System Admin Issues Subject: Re: 2008R2 DNS, Network Location issue Can you tell us more about this app and why everyone needs a second IP to talk to it? ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market… On Mon, Sep 10, 2012 at 12:58 PM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: How do you handle servers that have 2 IP ranges on them and you get the wonderful Private network setting which really does not allow anything to communicate properly. We have a secondary IP range listed on these boxes to communicate to an app. The Domain Controllers also have this secondary IP range on their virtual adapter. While this is present, it all works just fine. When you remove this secondary IP range from the DC’s virtual adapter, none of the guest machines continue working properly and if you reboot it takes like 20 mins for anything to happen while NLA just holds up everything. Eventually the server comes up but things like Exchange, SQL, DFS don’t work. All resolution internally is fine. If we remove the secondary IP range from an affected server, it immediately goes to domain network and most everything works. A reboot and we are back in business on that box. Should I split that secondary IP to a separate NIC across all of our boxes? I know its something do to with how NLA is finding the DC’s on that secondary range. I just don’t know if I am going to have the same problem with just adding another NIC? Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Backup software
AppAssure's Replay, now owned by Dell. I have been using it for years. Works fantastic, backup failures are rare. Backup directly to standyVM, dedup, compression and encrypted replication to another Replay Core server. Doesn't do Linux though. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Friday, August 03, 2012 8:56 AM To: NT System Admin Issues Subject: RE: Backup software Seconded. It replaced NetBackup for us here, and it's been a positive move for the most part. -sc -Original Message- From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Friday, August 3, 2012 5:28 AM To: NT System Admin Issues Subject: RE: Backup software FWIW I would thoroughly recommend Commvault. I have no experience of their AIX stuff (we do backup a Linux box) but with everything else we do, it has its quirks as all backup software does, but I don't walk in of a morning with that wonderful How many will have failed last night then? feeling. Any questions yell. -Original Message- From: Nigel Parker [mailto:nigel.par...@ultraframe.co.uk] Sent: 03 August 2012 10:21 To: NT System Admin Issues Subject: RE: Backup software Hi Ok point noted :-) Thanks -Original Message- From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: 03 August 2012 09:47 To: NT System Admin Issues Subject: RE: Backup software Keep your licensing options in mind - a lot of vendors (I know Commvault do) now license either on traditional agents or off capacity - depending on quantity of data it can make a difference which way you go. Paul -Original Message- From: Nigel Parker [mailto:nigel.par...@ultraframe.co.uk] Sent: 03 August 2012 09:23 To: NT System Admin Issues Subject: RE: Backup software Hi Ok thanks for the suggestions So I will investigate Commvault and EMC I thinks the Microsoft solution would only support Microsoft clients As a lot of vendors do and that would be no use to use her :-( The problem for us is the old version of AIX that we HAVE to use one is a warehouse package and doesn't run on newer versions and of course would cost to upgrade it the other is an ERP system that wont work on a newer version and is about 60k to upgrade Thanks For the suggestions -Original Message- From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: 02 August 2012 15:59 To: NT System Admin Issues Subject: RE: Backup software At (very) face value Commvault will cover all of that. -Original Message- From: Nigel Parker [mailto:nigel.par...@ultraframe.co.uk] Sent: 02 August 2012 09:07 To: NT System Admin Issues Subject: Backup software Hi Looking to change our backup software and are open to recommendations Our servers are a range of Windows 2000 2003 with Exchange 2003 and a couple of version of Microsoft Sql server 2000 and 2005 We were looking at Symantec backup exec These machine will have a dedicated backup server and an lto5 tape drive We will backup to disk and then to tape (we have a requirement for an off site tape backup so this must remain) The backup will easily fit on 1 lto 5 tape and with data volumes this should be ok for 2-3 years HOWEVER We also have 2 IBM AIX servers running version 4.3.3 and version 5.1 These will backup again to a dedicated server with an ultrium 5 tape drive The IBM servers cant be upgraded! Looking for a supported solution We looked at backupexec and netbackup however only Older an now none supported version will work with our Aix versions the new version may work but would be unsupported! (no good for us) Also they are charging quite a high premium for backing up to tape Suggestions are welcome especially first hand experiences If any software is available that will do the whole thing (backup windows and Aix) this would be an advantage and of course keep down the costs Currently we are using OPENBACKUP now unsupported and are looking at ARKEIA (a spin-off of openbackup or parallel version) Nigel Parker Systems Engineer Ultraframe (UK) Ltd Tel: 01200 452329 Fax: 01200 452201 Web: www.ultraframe.com Email: mailto:nigel.par...@ultraframe.co.uk Please consider the environment before printing this e-mail. The statements and opinions expressed in this email are my own and may not represent those of Ultraframe (UK) Ltd. This email is subject to copyright and the information contained in it is confidential and may be legally privileged. It is sent out only for intended recipient(s). Access to this email by anyone else is unauthorised. If you are not an intended recipient, any disclosure, copying, distribution or other use or any action taken or omitted to be taken in reliance on it, is prohibited and unlawful. ~ Finally
Re: OT Cloud solutions for SMB
Thats exactly what we provide to our clients. Well one service type at least.
I will be happy to tell you about 4 providers I know that provide the
infrastructure, licenses, support and various levels of marketing and training.
We vetted most of them prior to choosing one to resell. Good and bad in
everyone of them, but I am happy to share what we have learned. Feel free to
call. There is good and bad in full cloud and we know them both pretty well.
Greg Sweers
ACTS360
gswe...@acts360.commailto:gswe...@acts360.com
813-657-0849
www.acts360.comhttp://www.acts360.com
On Jul 30, 2012, at 23:25, Jonathan Link
jonathan.l...@gmail.commailto:jonathan.l...@gmail.com wrote:
Right Networks.
On Monday, July 30, 2012, Jonathan Kadoo wrote:
Sorry for not being more specific. Take a client who would normally purchase
sbs 2011 for example with all the hardware they require for the server and
workstations. Now instead of buying the equipment they use the entire
environment in the cloud, instead of the capital outlay.
Yes they would still need computers to connect to the hosted environment
however all the config, apps, data would reside on the hosted cloud
environment.
That is what I am looking for
Thanks for the help
JK
On Monday, July 30, 2012, Maglinger, Paul wrote:
Cirrus, cumulus, stratus, cumulonimbus, stratocumulus, altocumulus,
nimbostratus, altostratus, and cirrostratus, and
supercalifragilisticexpialidocious.
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Monday, July 30, 2012 11:00 AM
To: NT System Admin Issues
Subject: RE: OT Cloud solutions for SMB
Points to the sky… white puffy cotton balls… (Aka the cloud, or at least one of
them)
Z
Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org
From: Roger Wright [mailto:rhw...@gmail.com]
Sent: Monday, July 30, 2012 11:32 AM
To: NT System Admin Issues
Subject: Re: OT Cloud solutions for SMB
Define cloud. grin
Roger Wright
___
Geocaching: Hide, Hunt, Find Repeat - It's FUN!
On Mon, Jul 30, 2012 at 11:23 AM, Jonathan Kadoo jka...@gmail.com wrote:
Good morning everyone, I have been looking for a good cloud provider for my
clients. I would love to provide a solution that allows the client to rdp to a
virtual cloud based desktop and then map drives to their file server or sql
server which would also be cloud based. Many of the clients are currently
using SBS but are interested in moving to the cloud. Has anyone found a
provider they are happy with? Recommendations?
Thanks everyone,
JK
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.su
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.comjavascript:_e({},%20'cvml',%20'listmana...@lyris.sunbeltsoftware.com');
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to
listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: Rant: local ISP and DNS entries for Office365
Namecheap works very well. Supports all records we have tried this far. Chat support is quick and very knowledgable. Sent from my iPhone On Jul 20, 2012, at 13:30, Ben Scott mailvor...@gmail.com wrote: On Fri, Jul 20, 2012 at 10:48 AM, Christopher Bodnar christopher_bod...@glic.com wrote: Been battling with the local ISP who hosts the clients DNS zone. I feel your pain. Bad ISPs are maddening. Especially when the only choices for a decent feed are the incumbent Big Bell and the incumbent big cable company. Really need to move the zone to another hosting provider. Indeed. Anyone like GoDaddy for DNS hosting? This is a small client with a single domain, and only a few DNS records. The GoDaddy DNS tools look decent and I think it's only $36/year. I've heard a number of horror stories about GoDaddy, so I've shied away from them. At %WORK%, we've got our domain registered through DomainMonger.com. They include DNS hosting, their prices are low, and we haven't had any outages (knock on wood). Their web UI is clunky but servicable. You can manage most of the record types yourself -- A, , NS, MX, SOA, TXT, and others, although checking now, I don't see SRV. They also claim to support slave and/or DDNS with TSIG, although I've never tried it. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: SBS 2003 to 2011
http://www.networkmigrationworkbook.com/ We have used his and Jeff Middleton to come up with our own checklist that varies client to client, but the majority of it is sound. We are doing less and less of this as we are migrating our clients to cloud solutions... (Okay so they are really just hosted solutions)...s. Cloud gets them excited. Our last several SBS Migrations had literally zero downtime to our customer and we completed it faster than any other migration strategies we used before. Looks like I wont be doing much more of the SBS migrations going forward though with the latest from MS. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: jesse-r...@wi.rr.com [mailto:jesse-r...@wi.rr.com] Sent: Thursday, July 05, 2012 6:39 PM To: NT System Admin Issues Cc: jmajorow...@gmail.com Subject: Re: SBS 2003 to 2011 Would you be willing to share that set of instructions you already came up with, privately? Understanble if you rather not... Original Message: - From: Jim Majorowicz jmajorow...@gmail.com Date: Thu, 5 Jul 2012 12:28:39 -0700 To: ntsysadmin@lyris.sunbelt-software.com Subject: Re: SBS 2003 to 2011 We've taken to using the New Domain method for our last 4 conversions, the last for an office of 18 users. So much so, that we've worked out a pretty good set of instructions for the cutovers. Even Jeff's SBSMIGRATION method has it's drawbacks. No matter what method you use, make your own set of checklists. That way you've got everything covered. On Wed, Jul 4, 2012 at 9:18 AM, Jesse Rink jesse-r...@wi.rr.com wrote: Customer purchased a brand new server to replacing aging SBS 2003 box. I have been going through the Microsoft SBS 2003 - SBS 2011 migration document and it's very lengthy and seems time consuming. I have also read a LOT of horror stories for this migration process and have a colleague who went through it a few months back and said it was awful. It seems like, based on the problems people face when attempting the migration process, it'd be easier, and take FAR fewer hours, to just set the new SBS 2011 box up as a new domain by itself. This way I don't even have to touch the old SBS 2003 server at all (even upgrading it with all the required service packs and patches for the MS migration process might take hours, geez). So I'm thinking. 1. Build new SBS 2011 physical server and setup new domain. 2. Setup new Sonic Wall firewall for internet access (replaces ISA 2004) 3. Login to each of the 9-10 user machines/laptops as the user and.. a. Backup their Exchange email to a PST file b. Document mapped drives and locations c. Backup their internet Favorites d. .what else might I be missing here? 4. Begin copying over files/data from various network shares/folders from SBS 2003 server to SBS 2011 server and re-create folder shares, setup NTFS permissions, etc. 5. Re-create each of the 9-10 user accounts in the new SBS 2011 domain 6. Un-join each of the 9-10 user machines/laptops from old SBS 2003 domain 7. Join each of the 9-10 user machines/laptops to the new SBS 2011 domain 8. Login to each of the 9-10 user machines/laptops as the user and.. a. Import their PST file into the SBS 2011 server b. Re-create mapped drives c. Restore Internet Favorites d. .what else might I be missing here? 9. Re-install GFI anti-spam software on SBS 2011 server (was previously installed on SBS 2003) 10. They have 3 member-servers running 2008. I would also need to un-join those from the SBS 2003 domain and join them to the new SBS 2011 domain. 11. Missing anything else? Seems like a workable plan which I can do over a Friday/Saturday. I've heard so many horror stories about the Microsoft method that I'm very leary about doing it (this is just one example of MANY issues like this I've read about: http://www.jephens.com/2011/07/29/upgrading-sbs-2003-to-sbs-2011/) In my scenario of just building a new domain, am I missing anything in my steps 1-12? Thanks J ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin mail2web.com
RE: VMM/Hyper-V question
This can be a huge issue if you are using CSV and failover. That requires the host servers to be part of AD and be able to access it otherwise it fails and nothing is available in the cluster, and none of your virtuals will come on. Even a BIGGER problem if your AD servers are in that cluster. We have a client with 2 host servers running about 18 guests between the two on an EQ SAN, each has an AD guest and both hosts are AD joined, we spun up a 3rd physical DC just for the fault tolerance in the event we cant talk to the AD guest servers. I suppose we could create a 2nd domain, join the Host servers and the 3rd physical to that new domain and all the guests would be on their own domain internally. But..then I have to worry about a second DC for fault tolerance and backups of this new perimeter domain. My customers would have to have some serious security needs or compliance issues to deal with that cost addition though. Where we play this isn’t as big of a concern. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: David Lum [mailto:david@nwea.org] Sent: Tuesday, July 03, 2012 11:22 AM To: NT System Admin Issues Subject: RE: VMM/Hyper-V question Not a big deal to join or disjoin them, as long as you know local admin creds. From: Christopher Bodnar [mailto:christopher_bod...@glic.com]mailto:[mailto:christopher_bod...@glic.com] Sent: Tuesday, July 03, 2012 7:38 AM To: NT System Admin Issues Subject: Re: VMM/Hyper-V question No, security is not the main consideration in this particular situation. Small office environment. I had always heard, not specifically read, that the Hyper-V hosts should not be domain joined. Should have done more reading before I set this up. Thanks Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.commailto: [cid:image001.jpg@01CD5AE3.0C5AB680] The Guardian Life Insurance Company of America www.guardianlife.comhttp://www.guardianlife.com/ From:Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date:07/03/2012 10:35 AM Subject:Re: VMM/Hyper-V question If you are concerned about security, consider a separate domain for the perimeter guests vs the internal guests, depending on your architecture. We configured totally different hosts for our DMZ guests than for our internal guests. ASB http://XeeMe.com/AndrewBakerhttp://xeeme.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market… On Tue, Jul 3, 2012 at 8:56 AM, Christopher Bodnar christopher_bod...@glic.commailto:christopher_bod...@glic.com wrote: Curious if anyone out there is keeping their Hyper-V hosts in a perimeter network. Or are most people domain joining them. My initial thought was to have them all in a perimeter network with no domain, but with VMM inside the domain. Finding some limitations to this configuration. Specifically in regards to the libraries. you can't transfer VM's from a host in a perimeter network to a library on the VMM server in the domain. Can't see thumbnails either, but that seems minor in comparison. Thanks Christopher Bodnar Enterprise Achitect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459tel:610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.commailto:christopher_bod...@glic.com [cid:image001.jpg@01CD5AE3.0C5AB680] The Guardian Life Insurance Company of America www.guardianlife.comhttp://www.guardianlife.com/ - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums
RE: Internet Monitoring
IPRISM is a solid device and has worked for a number of our clients for years. Override and reporting is pretty darn good. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: David Lloyd [mailto:da...@future-support.com] Sent: Wednesday, July 04, 2012 1:53 PM To: NT System Admin Issues Subject: RE: Internet Monitoring Thanks John, I'll take a look. David From: John C Owen [mailto:jo...@innovativefoto.com]mailto:[mailto:jo...@innovativefoto.com] Sent: 04 July 2012 18:00 To: NT System Admin Issues Subject: RE: Internet Monitoring We've used CyBlock by Wavecrest for years From: David Lloyd [mailto:da...@future-support.com]mailto:[mailto:da...@future-support.com] Sent: Wednesday, July 04, 2012 12:54 PM To: NT System Admin Issues Subject: Internet Monitoring Hi all, I'm looking for a recommendation for some Internet monitoring software. We would like to monitor what websites and services our students are going to during term time. Any recommendations would be appreciated. Thanks David ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin __ Information from ESET NOD32 Antivirus, version of virus signature database 7271 (20120704) __ The message was checked by ESET NOD32 Antivirus. http://www.eset.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: No more SBS
I would say for organizations with less than 200 people scheduled downtime is the norm. That is getting shorter with the combination of Cloud technologies and as hardware continues to get cheaper. I agree that larger organizations can afford the technology to prevent downtime as their downtime cost around a 24x7 schedule is easily justified with an ROI. I don’t know any SMB's that can't afford an hour downtime in the middle of the night for automatic patching, reboots, etc...and most of them do LOB apps upgrades once or twice a year for a few hours.. Hardly a business case for that kind of tech/software. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, July 05, 2012 7:15 PM To: NT System Admin Issues Subject: Re: No more SBS Scheduled downtime is a good thing, especially in SMBs - when you don't have monetary resources, you use time and energy. Most small businesses have times when they're not staffed, and those are good times to do patching, upgrading, reconfiguring, etc. Larger businesses have the resources to pull these things off behind the scenes. Kurt On Thu, Jul 5, 2012 at 3:11 PM, Michael B. Smith mich...@smithcons.com wrote: Eh, downtime is downtime. Call me oldschool. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, July 05, 2012 6:07 PM To: NT System Admin Issues Subject: Re: No more SBS There have been major outages of several hours each in several of the major cloud providers at the most inconvenient times - scheduled downtime is one thing, unscheduled outages another. On Thu, Jul 5, 2012 at 12:19 PM, Steven Peck sep...@gmail.com wrote: eh? Poor uptime records for clouds? On Thu, Jul 5, 2012 at 11:57 AM, Kurt Buff kurt.b...@gmail.com wrote: This is unfortunate thinking, given the poor uptime record for clouds in general, and it's worse when you consider connectivity issues as part of that equation. Kurt On Thu, Jul 5, 2012 at 11:16 AM, Rod Trent rodtr...@myitforum.com wrote: Microsoft assumes, as do a lot of others, that small business are the easiest to move to the cloud and actually get the most, immediate benefit. No need for on-premise hardware. From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, July 05, 2012 1:48 PM To: NT System Admin Issues Subject: RE: No more SBS There will continue to be a SBS 2011 Essentials. But it doesn’t include SQL or Exchange. I disagree with their decision, as does every SBS MVP. :-P However, I see it as an ongoing “move to the Enterprise” for Microsoft. They are abandoning their small business roots. From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, July 05, 2012 1:33 PM To: NT System Admin Issues Subject: No more SBS I don’t see the product in the environments I work in but Microsoft says no more SBS. http://www.zdnet.com/microsoft-goes-public-with-windows-server-201 2 -versions-licensing-700341/ http://download.microsoft.com/download/4/D/B/4DB352D1-C610-466A-9A A F-EEF4F4CFFF27/WS2012_Licensing-Pricing_FAQ.pdf Q33. Will there be a next version of Windows Small Business Server 2011 Standard? No. Windows Small Business Server 2011 Standard, which includes Exchange Server and Windows server component products, will be the final such Windows Server offering. This change is in response to small business market trends and behavior. The small business computing trends are moving in the direction of cloud computing for applications and services such as email, online back-up and line-of-business tools. 13 Q34. Will there be a next version of Windows Small Business 2011 Premium Add-on? No. Windows Small Business Server 2011 Premium Add-on, which includes SQL Server and Windows Server as component products, will be the final such Windows Server offering. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com
RE: Windows File Archive
Sorry was this Jon Harris, formerly in Lakeland FL, or John Harris and not based in the Tampa area.. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Don Kuhlman [mailto:drkuhl...@yahoo.com] Sent: Friday, March 09, 2012 11:51 AM To: NT System Admin Issues Subject: Re: Windows File Archive Sorry to hear. I'm sad for his family and would like to express condolences for their loss. Don K From: William Robbins dangerw...@gmail.commailto:dangerw...@gmail.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Sent: Friday, March 9, 2012 9:32 AM Subject: Re: Windows File Archive John Harris passed rather unexpectedly, don't know if you recall him from the other list or not Kurt. - WJR On Thu, Mar 8, 2012 at 23:01, Kurt Buff kurt.b...@gmail.commailto:kurt.b...@gmail.com wrote: Do tell. On Thu, Mar 8, 2012 at 19:23, Micheal Espinola Jr michealespin...@gmail.commailto:michealespin...@gmail.com wrote: Today is a sad day for many of us. Let it slide. -- Espi On Thu, Mar 8, 2012 at 7:07 PM, Rod Trent rodtr...@myitforum.commailto:rodtr...@myitforum.com wrote: Think it's about time to set a Gary rule. Gary Slinger gary.slin...@gmail.commailto:gary.slin...@gmail.com wrote: I bring my own. Fuckmonkey was a timely volunteer for me to vent. fuck him. From: Don Ely don@gmail.commailto:don@gmail.com Date: Thu, 8 Mar 2012 18:43:22 -0800 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Windows File Archive Hotel bar out of alcohol again? ;o) On Thu, Mar 8, 2012 at 6:39 PM, Gary Slinger gary.slin...@gmail.commailto:gary.slin...@gmail.com wrote: The problem with you damn do-gooders trying to answer his question is: * he hasn't stated what system he's working on, * or copying to, * or what he's tried, * or what he's considered. Is robocopy a windows only solution? (All I know it as, and I'm not interested enough to look it up). Suppose he's on unix, linux, or mac? (I understand some people use those?). Or even some old fashioned big iron or something in-between like an AS/400 (yes, I know what they're called now)... I realize it's not likely, given the third-grade nature of his question. But after all, he does work for a company billing itself as 'Your Technology Solutions Provider'. So be careful, folks, he's a 'professional'. Shit, for all I can tell from the original post, he's trying to copy PDF's from his SAN to his iPhone or something. Via his Outlook Server or Linux Email or something. Actually, I apologize. Carpet boy was probably smarter. And yes, I realize how dumb that sounds. FFS. From: Joseph L. Casale jcas...@activenetwerx.commailto:jcas...@activenetwerx.com Date: Fri, 9 Mar 2012 02:18:39 + To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: Windows File Archive Robocopy with /MINAGE switch. You can exclude any files newer than your limit. From: Cesare' A. Ramos [cra...@idfllc.commailto:cra...@idfllc.com] Sent: Thursday, March 08, 2012 7:09 PM To: NT System Admin Issues Subject: Windows File Archive Hellos all. Looking for a utility to scan a storage server and copy off files that have not been accessed in the past 180 days to an external archive solution. Any thoughts? CAR This e-Mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-Mail in error please notify the sender via returned e-Mail. Please note that any views or opinions presented in this e-Mail are solely those of the author and do not necessarily represent those of the company. Although IDF operates anti-virus programs, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. ** Think before you print this message. ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise
RE: R: R: Reinstallation of Windows 7
I think you know what the problem is just as well as I do. From: Richard McClary [mailto:richard.mccl...@aspca.org] Sent: Saturday, February 11, 2012 9:39 AM To: NT System Admin Issues Subject: RE: R: R: Reinstallation of Windows 7 Unfortunately, that is more like thinking back 43+ years (movie came out late summer, 1968). From: Jay Dale [jd...@unetek.com] Sent: Friday, February 10, 2012 3:25 PM To: NT System Admin Issues Subject: RE: R: R: Reinstallation of Windows 7 Think back 11 years...:) Jay Dale Senior Systems Administrator P:281-574-2414 From: Guyer, Donald [mailto:dgu...@che.org] Sent: Friday, February 10, 2012 2:56 PM To: NT System Admin Issues Subject: RE: R: R: Reinstallation of Windows 7 I know I should know what this is referencing Regards, Don Guyer Directory and Messaging Services Catholic Health East, ITSS From: Michael B. Smith [mailto:mich...@smithcons.com]mailto:[mailto:mich...@smithcons.com] Sent: Friday, February 10, 2012 3:41 PM To: NT System Admin Issues Subject: RE: R: R: Reinstallation of Windows 7 LOL!!! Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Richard McClary [mailto:richard.mccl...@aspca.org]mailto:[mailto:richard.mccl...@aspca.org] Sent: Friday, February 10, 2012 3:31 PM To: NT System Admin Issues Subject: RE: R: R: Reinstallation of Windows 7 No - a HAL problem would be a flashing red light and a voice saying, I am sorry, Guido, but I cannot allow you to do that HEY, it's Friday? From: Michael B. Smith [mailto:mich...@smithcons.com]mailto:[mailto:mich...@smithcons.com] Sent: Friday, February 10, 2012 2:21 PM To: NT System Admin Issues Subject: RE: R: R: Reinstallation of Windows 7 Or a HAL/driver problem - which is exactly what he's been trying to get around, as I read it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Rod Trent [mailto:rodtr...@myitforum.com]mailto:[mailto:rodtr...@myitforum.com] Sent: Friday, February 10, 2012 3:13 PM To: NT System Admin Issues Subject: RE: R: R: Reinstallation of Windows 7 Blue screen on boot...sounds like a hardware problem. Rod Trenthttp://myitforum.com/myitforumwp/community/members/rodtrent/ [Description: myITSMButton]http://www.myitforum.com/[Description: TwitterButton]http://twitter.com/rodtrent[Description: Facebookbutton]http://www.facebook.com/rodtrent[Description: LinkedInButton]http://www.linkedin.com/profile/view?id=2881785 From: Jonathan [mailto:ncm...@gmail.com]mailto:[mailto:ncm...@gmail.com] Sent: Friday, February 10, 2012 2:45 PM To: NT System Admin Issues Subject: Re: R: R: Reinstallation of Windows 7 Ok, i'll bite.what OS is installed that is giving the blue screen? On Feb 10, 2012 8:29 AM, HELP_PC g...@enter.itmailto:g...@enter.it wrote: Blue screen on boot Guido Elia HELPPC - HELPPC SERVICE Da: Jonathan [mailto:ncm...@gmail.commailto:ncm...@gmail.com] Inviato: venerdì 10 febbraio 2012 12.30 A: NT System Admin Issues Oggetto: Re: R: Reinstallation of Windows 7 Please be specific about what you mean by not booting/bootable. What exactly does your system do when you press the power button to turn it on? If your system is not bootable (will not POST) and you don't.get to the point where you have an Operating System not found or similar error/blue screen, then you most likely have a hardware error that no DVD will fix. I have installed Win7 from the dvd over top of an existing install more than once with success. I have also rolled back to an earlier restore point by booting from the dvd more than once. Jonathan On Feb 10, 2012 12:49 AM, HELP_PC g...@enter.itmailto:g...@enter.it wrote: I think everybody knows that with XP you could perform a repair install from the boot cd This exactly what you cannot do with windows 7. A repair install (upgrade) REQUIRES YOU HAVE A BOOTABLE SYSTEM Guido Elia HELPPC - HELPPC SERVICE -Messaggio originale- Da: Ben Scott [mailto:mailvor...@gmail.commailto:mailvor...@gmail.com] Inviato: giovedì 9 febbraio 2012 21.34 A: NT System Admin Issues Oggetto: Re: Reinstallation of Windows 7 On Thu, Feb 9, 2012 at 1:26 PM, HELP_PC g...@enter.itmailto:g...@enter.it wrote: Is there a way to install over Windows 7 starting from the DVD (In case of troubles of booting) http://www.lmgtfy.com/?q=reinstallation+of+Windows+7 Upgrade option requires you start from within Windows Do you want to upgrade, or do you want to reinstall? You asked for reinstall. None of the results found with the above link suggest that a (re)install cannot be done from DVD. For example, the first match is for Microsoft's procedure that explains exactly what you originally asked for. Have you tired them? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
RE: Server 2003 DC issues
Well one interesting issue that has creeped up overnight. The Server2 DC which is now the only DC on the network fails Advertising on DCDIAG. It shows that its not part of the replica set doing a dfsutil I have tried a burflags D4 but it's not even registering the change after a service restart. D4 stays in the registry. In the registry under NTFRS Parameter there is a registry key for cumulative sets but there is not anything under the regular replica set. This server2 is the exchange box, so I cant just stand up another DC, dcpromo this one down and backup.. There has to be a way to recreate itself in the replica set? Whats weird is that I have netlogon and sysvol folders, I can edit GP, but all of the machines and other member servers fail on gpupdates.. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Monday, December 19, 2011 11:46 PM To: NT System Admin Issues Subject: RE: Server 2003 DC issues Shazaam...Well that's what I was watching when I realized an important fact.. THAT CAME FROM YOUR COMMENT ABOUT PICKING ONE AD or the other and nuking the other. Server2 had a completely intact AD from about 30 days ago. The changes on server1 were part of a failed 2008 upgrade, they had somehow disabled server2 during the upgrade. I basically shutdown server2 again, did a backup and then dcpromo server1 completely out of domain. Started up server2, seized roles... except schema master... Somehow server2 went disabled in AD. Edited ADSI to reenable the computer account, rebooted. Seized schema, cleaned up AD from server1, purged DNS, checked DNS application partition and ran dcdiag and netdiag. All clean. Now to put server1 back in business and call it a night... Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, December 19, 2011 11:39 PM To: NT System Admin Issues Subject: Re: Server 2003 DC issues On Mon, Dec 19, 2011 at 11:14 PM, Greg Sweers gswe...@acts360.com wrote: Yeah that's probably it, and I have cleaned up a lot of AD before, but with Exchange as AD on one of them it's a bad deal. Fortunately they are not doing much with IIS and Exchange so that's what I have seen really screws up most, but time for a phone call.. Thx You might want to wait and see if Brian Desmond chimes in. He knows as much about Active Directory as just about anyone (he literally wrote the book on it), he may know of some better fix that's developed in the past ~7 years since I had to do this. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Server 2003 DC issues
Yeah that's probably it, and I have cleaned up a lot of AD before, but with Exchange as AD on one of them it's a bad deal. Fortunately they are not doing much with IIS and Exchange so that's what I have seen really screws up most, but time for a phone call.. Thx Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, December 19, 2011 9:31 PM To: NT System Admin Issues Subject: Re: Server 2003 DC issues On Mon, Dec 19, 2011 at 9:17 PM, Greg Sweers gswe...@acts360.com wrote: Server1 doesn't have Server2 listed and is giving the cannot find Server SPN. Nothing in AD Sites and Services other than itself. That's usually bad. What does Server2 show if you ask it the same questions? If it's a mirror image (i.e., Server2 only shows Server, and no Server1), then you actually have two different Active Directories, both with the same name. Each server has lost AD replication with the other server for so long they've forgotten about the other one. I've seen this twice. Both times I called MSFT because it's a complicated mess and paying $250 for expert help was money well spent. I'd recommend that here. The short version is you have to pick one AD, nuke the other. On the keeper you seize the FSMO roles, go into low-level tools and delete everything to do with the loser DC, and do metadata cleanup. On the loser, you forcible demote it, disjoin and then rejoin to the domain. Then you spend a bunch of time cleaning up loose ends. If the two ADs have diverged significantly it's a minor kind of hell. It's been awhile, too, maybe there's some new tool that can fix things up less drastically now. Call MSFT. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Server 2003 DC issues
Shazaam...Well that's what I was watching when I realized an important fact.. THAT CAME FROM YOUR COMMENT ABOUT PICKING ONE AD or the other and nuking the other. Server2 had a completely intact AD from about 30 days ago. The changes on server1 were part of a failed 2008 upgrade, they had somehow disabled server2 during the upgrade. I basically shutdown server2 again, did a backup and then dcpromo server1 completely out of domain. Started up server2, seized roles... except schema master... Somehow server2 went disabled in AD. Edited ADSI to reenable the computer account, rebooted. Seized schema, cleaned up AD from server1, purged DNS, checked DNS application partition and ran dcdiag and netdiag. All clean. Now to put server1 back in business and call it a night... Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, December 19, 2011 11:39 PM To: NT System Admin Issues Subject: Re: Server 2003 DC issues On Mon, Dec 19, 2011 at 11:14 PM, Greg Sweers gswe...@acts360.com wrote: Yeah that's probably it, and I have cleaned up a lot of AD before, but with Exchange as AD on one of them it's a bad deal. Fortunately they are not doing much with IIS and Exchange so that's what I have seen really screws up most, but time for a phone call.. Thx You might want to wait and see if Brian Desmond chimes in. He knows as much about Active Directory as just about anyone (he literally wrote the book on it), he may know of some better fix that's developed in the past ~7 years since I had to do this. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: 2008 R2 - System Event Notification Service
Sent from my iPhone. Yes my iPhone On Dec 12, 2011, at 10:46 AM, Patrick Hasenjager phasenja...@kcumb.edumailto:phasenja...@kcumb.edu wrote: We have some 2008 R2 servers (brand new installs) that are hanging up every few days to the point that we cannot RDP into them nor back them up with SyncSort BackupExpress. They run a combination of software ranging from SQL, to printers, to AD. The problem appears to be identical to an issue found in KB article 2383928, but that hotfix does not work on 2008 R2. On logout of an RDP session, the window hangs at a waiting for user event notification or something similar. New users cannot login to the server nor can new processes be run for already logged in sessions. The only fix is a hard reset of the server, which obviously is not always possible during the day. Anyone have a suggestion for this? It appears this is a known issue for 2008 but not for R2. None of the fixes I have found in my searches has resolved the issue. PATRICK HASENJAGER | Network Administrator Kansas City University of Medicine and Biosciences | Information Technology phone 816.654.7712 | fax 816.654.7701 email phasenja...@kcumb.edumailto:phasenja...@kcumb.edu | www.kcumb.eduhttp://www.kcumb.edu ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: 2008 R2 DNS strangeness
We do use forwarders on both servers. They are both currently set to 4.2.2.1 and 4.2.2.2, we have tried the local ISP provided DNS on both servers. We have no conditional forwaders enabled. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, November 30, 2011 3:27 PM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness Do you use forwarders? If so, are they the same for both servers? What about conditional forwarders? Are any setup? If so, are they the same for both servers? On Wed, Nov 30, 2011 at 3:08 PM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: No we have only a few clients on RR and none of them use it for anything but internet. All email is hosted. For the last 2 days since I have pointed them to another DC running DNS they have had no issues, but that DC is at another office. If I manually set one of them back to the suspect DNS they about every 15 to 20 mins hit a site or click an link inside of gmail, page cannot be displayed, hit F5 and bam the page comes up. I haven't been able to get on to run DNS queries at the same time, but I am going onsite to do some wifi stuff Friday so I will test then. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax -Original Message- From: Benjamin Zachary [mailto:li...@levelfive.usmailto:li...@levelfive.us] Sent: Monday, November 28, 2011 9:30 PM To: NT System Admin Issues Subject: RE: 2008 R2 DNS strangeness Hey Greg, just curious are you seeing any issues with rr.comhttp://rr.com/ up there? we have an office in Tampa and since last week are getting really weird connectivity coming out of roadrunner, and today we couldn't even email rr.comhttp://rr.com/ from down here I was getting no route to host ... we have 3 connections with this client, a T1 from Paetec, a Cable from Comcast, and a 10mb fiber from Host.Net and all are having weird routing/locating issues with roadrunner ... I don't know if that might shed some light on your situation either.. -Original Message- From: Greg Sweers [mailto:gswe...@acts360.commailto:gswe...@acts360.com] Sent: Monday, November 28, 2011 5:55 PM To: NT System Admin Issues Subject: RE: 2008 R2 DNS strangeness Thx Ben. I will get to test some more in the morning. I had to move them all to another DNS server in the office for some major projects today and they were flipping out. Tomorrow most of them are out so I will let you know. Thx Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.commailto:mailvor...@gmail.com] Sent: Monday, November 28, 2011 10:35 AM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness On Mon, Nov 28, 2011 at 9:51 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: Sorry should have been more clear. The NSlookup is to the internal DC server. When you try and query it comes up with service failure or timeout. Right, but the question is, do you get different behaviors depending on what name you query. If my DC/DNS server is 192.0.2.10, and my AD domain is example.nethttp://example.net/., I would compare: nslookup example.nethttp://example.net/. 192.0.2.10 with nslookup google.comhttp://google.com/. 192.0.2.10 I'd also check a site unlikely to be cached, such as: nslookup purple.comhttp://purple.com/. 192.0.2.10 I'd also run a query against an external resolver: nslookup google.comhttp://google.com/. 8.8.8.8 I'd also avoid NSLOOKUP and use DIG (you can get it from the ISC BIND distribution). NSLOOKUP is historically prone to giving bad diagnostics. I don't know if Microsoft has fixed their version, but DIG gives better information than NSLOOKUP even when both are working correctly. Example syntax: dig example.nethttp://example.net/. @192.0.2.10http://192.0.2.10/ When you try and query it comes up with service failure or timeout. Be aware that SERVFAIL is an actual DNS result code from a nameserver, while a timeout is NSLOOKUP getting tired of waiting for the nameserver to respond. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise
RE: 2008 R2 DNS strangeness
We already did that in testing. All of the articles were referring to Glue issues with DNS R2 and the solve was to add forwarders per MS articles. We have used the FIOS local DNS, several different public, 4.2.2.1 and .2 are just what we left it on at the moment. Very valid points, and I completely agree. We just use them for testing in situations like this. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, December 01, 2011 1:09 PM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness On Thu, Dec 1, 2011 at 11:48 AM, Greg Sweers gswe...@acts360.com wrote: We do use forwarders on both servers. They are both currently set to 4.2.2.1 and 4.2.2.2 ... Those are Level 3's full-service resolvers. Unless you're a Level 3 customer, you shouldn't be tying your corporate network infrastructure to those resolvers. They're easy to remember and thus useful for trouble-shooting, but using them in production is inappropriate. It means you're potentially traversing a potentially large part of the Internet with UDP DNS traffic. It also means you're depending on a public service which could go wonky or shut you off at any time. Forwarders should be fast, local, and reliable. Your local ISP's nameservers *may* meet that criteria -- or may not. Since you're having DNS trouble, remove the forwarders and see what happens. Eliminate the obvious potential problem. Even if you are a Level 3 customer, I'd take the forwarders out to see if the trouble goes away. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: 2008 R2 DNS strangeness
Thx, none of those fail. While we cannot do a query to mail.google.com we can resolve any internal DNS without issue. My original thoughts was that even though the registry is there its still sending out EDNS requests, because its only specific sites and nothing else does a page cannot be displayed. The problem is that within 10 secs resolutions work again which is usually why a F5 refresh pulls the page immediately. So its stinking hard to wait around for 15 to 30 mins clicking and getting 10 secs to do a bunch of queries and then it works again.. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Richard Stovall [mailto:rich...@gmail.com] Sent: Monday, November 28, 2011 10:25 AM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness I actually meant lookups of other internal hosts. E.g., nslookup host1.internaldomain.local. dc.internaldomain.local or even the DC itself - nslookup dc.internaldomain.local. dc.internaldomain.local On Mon, Nov 28, 2011 at 9:51 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: Sorry should have been more clear. The NSlookup is to the internal DC server. When you try and query it comes up with service failure or timeout. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax From: Richard Stovall [mailto:rich...@gmail.commailto:rich...@gmail.com] Sent: Monday, November 28, 2011 9:44 AM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness When you do an nslookup of an external host and it fails, have you tried doing internal nslookups to see if they continue to work? On Mon, Nov 28, 2011 at 9:19 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: We have a single site migrated from 2003 AD to 2008 R2. Physical. We do have the HyperV role loaded at the request of the client to add a small app that he might put on there. DCdiag reports no issues other than the RODC errors which we have not run. EDns has been shutoff. (Confirmed registry entry gets created after its run) IPV6 has been disabled. Tried it with it on and off. Users can be happily browsing the web for hours or minutes and then when they hit a google, especially gmail, page cannot be displayed. Usually a refresh and the page comes up. Sometimes it takes a few minutes and then all users can browse those sites. Streaming audio/video, network access, VPN to other site for IP Phone system all work without issue. All computers pull DHCP from server with single DNS of the DC. Firewall is a watchguard 11.4.2 XTM that has a single Packet Filter for DNS allowing all outbound from the trusted network. No proxy or DNS advanced mechanisms in place. When the computer cannot access the webpage, doing an nslookup fails because the DNS server does not respond. Give it a minute and then it works fine. If I move their DNS settings to the previous 2003 box which I configured with DNS for testing, it works without any issues. Once I move it back to the DC I get this randomness. The DNS server just randomly stops responding during this time. Any ideas??? I have been banging my head out on this for 2 weeks now. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body
RE: 2008 R2 DNS strangeness
No we have only a few clients on RR and none of them use it for anything but internet. All email is hosted. For the last 2 days since I have pointed them to another DC running DNS they have had no issues, but that DC is at another office. If I manually set one of them back to the suspect DNS they about every 15 to 20 mins hit a site or click an link inside of gmail, page cannot be displayed, hit F5 and bam the page comes up. I haven't been able to get on to run DNS queries at the same time, but I am going onsite to do some wifi stuff Friday so I will test then. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Benjamin Zachary [mailto:li...@levelfive.us] Sent: Monday, November 28, 2011 9:30 PM To: NT System Admin Issues Subject: RE: 2008 R2 DNS strangeness Hey Greg, just curious are you seeing any issues with rr.com up there? we have an office in Tampa and since last week are getting really weird connectivity coming out of roadrunner, and today we couldn't even email rr.com from down here I was getting no route to host ... we have 3 connections with this client, a T1 from Paetec, a Cable from Comcast, and a 10mb fiber from Host.Net and all are having weird routing/locating issues with roadrunner ... I don't know if that might shed some light on your situation either.. -Original Message- From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Monday, November 28, 2011 5:55 PM To: NT System Admin Issues Subject: RE: 2008 R2 DNS strangeness Thx Ben. I will get to test some more in the morning. I had to move them all to another DNS server in the office for some major projects today and they were flipping out. Tomorrow most of them are out so I will let you know. Thx Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, November 28, 2011 10:35 AM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness On Mon, Nov 28, 2011 at 9:51 AM, Greg Sweers gswe...@acts360.com wrote: Sorry should have been more clear. The NSlookup is to the internal DC server. When you try and query it comes up with service failure or timeout. Right, but the question is, do you get different behaviors depending on what name you query. If my DC/DNS server is 192.0.2.10, and my AD domain is example.net., I would compare: nslookup example.net. 192.0.2.10 with nslookup google.com. 192.0.2.10 I'd also check a site unlikely to be cached, such as: nslookup purple.com. 192.0.2.10 I'd also run a query against an external resolver: nslookup google.com. 8.8.8.8 I'd also avoid NSLOOKUP and use DIG (you can get it from the ISC BIND distribution). NSLOOKUP is historically prone to giving bad diagnostics. I don't know if Microsoft has fixed their version, but DIG gives better information than NSLOOKUP even when both are working correctly. Example syntax: dig example.net. @192.0.2.10 When you try and query it comes up with service failure or timeout. Be aware that SERVFAIL is an actual DNS result code from a nameserver, while a timeout is NSLOOKUP getting tired of waiting for the nameserver to respond. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
2008 R2 DNS strangeness
We have a single site migrated from 2003 AD to 2008 R2. Physical. We do have the HyperV role loaded at the request of the client to add a small app that he might put on there. DCdiag reports no issues other than the RODC errors which we have not run. EDns has been shutoff. (Confirmed registry entry gets created after its run) IPV6 has been disabled. Tried it with it on and off. Users can be happily browsing the web for hours or minutes and then when they hit a google, especially gmail, page cannot be displayed. Usually a refresh and the page comes up. Sometimes it takes a few minutes and then all users can browse those sites. Streaming audio/video, network access, VPN to other site for IP Phone system all work without issue. All computers pull DHCP from server with single DNS of the DC. Firewall is a watchguard 11.4.2 XTM that has a single Packet Filter for DNS allowing all outbound from the trusted network. No proxy or DNS advanced mechanisms in place. When the computer cannot access the webpage, doing an nslookup fails because the DNS server does not respond. Give it a minute and then it works fine. If I move their DNS settings to the previous 2003 box which I configured with DNS for testing, it works without any issues. Once I move it back to the DC I get this randomness. The DNS server just randomly stops responding during this time. Any ideas??? I have been banging my head out on this for 2 weeks now. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: 2008 R2 DNS strangeness
Sorry should have been more clear. The NSlookup is to the internal DC server. When you try and query it comes up with service failure or timeout. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Richard Stovall [mailto:rich...@gmail.com] Sent: Monday, November 28, 2011 9:44 AM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness When you do an nslookup of an external host and it fails, have you tried doing internal nslookups to see if they continue to work? On Mon, Nov 28, 2011 at 9:19 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: We have a single site migrated from 2003 AD to 2008 R2. Physical. We do have the HyperV role loaded at the request of the client to add a small app that he might put on there. DCdiag reports no issues other than the RODC errors which we have not run. EDns has been shutoff. (Confirmed registry entry gets created after its run) IPV6 has been disabled. Tried it with it on and off. Users can be happily browsing the web for hours or minutes and then when they hit a google, especially gmail, page cannot be displayed. Usually a refresh and the page comes up. Sometimes it takes a few minutes and then all users can browse those sites. Streaming audio/video, network access, VPN to other site for IP Phone system all work without issue. All computers pull DHCP from server with single DNS of the DC. Firewall is a watchguard 11.4.2 XTM that has a single Packet Filter for DNS allowing all outbound from the trusted network. No proxy or DNS advanced mechanisms in place. When the computer cannot access the webpage, doing an nslookup fails because the DNS server does not respond. Give it a minute and then it works fine. If I move their DNS settings to the previous 2003 box which I configured with DNS for testing, it works without any issues. Once I move it back to the DC I get this randomness. The DNS server just randomly stops responding during this time. Any ideas??? I have been banging my head out on this for 2 weeks now. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: 2008 R2 DNS strangeness
I have it running already. There were logs from before I turned off EDNS, but for the DNS logs there are not errors at all. I have logging on, and I cannot find any instances of it failing. I can post the log file somewhere for someone to review. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, November 28, 2011 9:50 AM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness On Mon, Nov 28, 2011 at 9:19 AM, Greg Sweers gswe...@acts360.com wrote: When the computer cannot access the webpage, doing an nslookup fails because the DNS server does not respond. Give it a minute and then it works fine. I'd start by looking at the logs. Check Event Spewer first (DNS has its own log under 2008). If nothing there, enable DNS debug logging: http://technet.microsoft.com/en-us/library/cc759581%28WS.10%29.aspx -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: 2008 R2 DNS strangeness
Thx Ben. I will get to test some more in the morning. I had to move them all to another DNS server in the office for some major projects today and they were flipping out. Tomorrow most of them are out so I will let you know. Thx Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, November 28, 2011 10:35 AM To: NT System Admin Issues Subject: Re: 2008 R2 DNS strangeness On Mon, Nov 28, 2011 at 9:51 AM, Greg Sweers gswe...@acts360.com wrote: Sorry should have been more clear. The NSlookup is to the internal DC server. When you try and query it comes up with service failure or timeout. Right, but the question is, do you get different behaviors depending on what name you query. If my DC/DNS server is 192.0.2.10, and my AD domain is example.net., I would compare: nslookup example.net. 192.0.2.10 with nslookup google.com. 192.0.2.10 I'd also check a site unlikely to be cached, such as: nslookup purple.com. 192.0.2.10 I'd also run a query against an external resolver: nslookup google.com. 8.8.8.8 I'd also avoid NSLOOKUP and use DIG (you can get it from the ISC BIND distribution). NSLOOKUP is historically prone to giving bad diagnostics. I don't know if Microsoft has fixed their version, but DIG gives better information than NSLOOKUP even when both are working correctly. Example syntax: dig example.net. @192.0.2.10 When you try and query it comes up with service failure or timeout. Be aware that SERVFAIL is an actual DNS result code from a nameserver, while a timeout is NSLOOKUP getting tired of waiting for the nameserver to respond. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: OpenCandy -- spyware/adware or misunderstood?
Interesting retort from opencandy. http://www.opencandy.com/2011/03/04/the-story-behind-the-opencandy-and-microsoft-adware-debacle/ Per them all their partners are required to provide an EULA that each person has to accept before installing any new software. I do classify this myself as adware since that is precisely what its doing. ..I don't classify it as malware where they don't notify you of installs and such and do a lot of subterfuge as you phrased it. You had to accept the opencandy eula to install it at some point either through a partner affiliation or direct EULA. There is no such thing as a free lunch this includes programs Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Saturday, October 08, 2011 12:09 PM To: NT System Admin Issues Subject: OpenCandy -- spyware/adware or misunderstood? I was scanning my system at home with Microsoft's Standalone System Scanner and it found OpenCandy on my system, which I'd never heard of before. Come to find out it's a piece of software that comes bundled with a lot of freeware apps that offers to install some 3rd party app for you while you're installing the app you originally downloaded. To me, that sounds like adware. What do y'all think? I understand a need by programmers to get paid for their software but to my way of thinking, this subterfuge stinks! -- Thanks, John Aldrich Blueridge Industries IT Manager ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Needing to encrypt a file
Its an Italian Medical organization that has him login, create an account, setup the information about his organization and then downloads a file to his desktop that he has to encrypt with their requirements. Once he does that he can then upload documents to their system for review... Haven't ever seen anything like it before. Sorry when I said signature, its really just signing the file digitally and uploading it back to their servers. Their instructions just indicate to sign the file offline using our encryption software... But it has to be in pkcs#7 Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, October 04, 2011 1:20 PM To: NT System Admin Issues Subject: Re: Needing to encrypt a file On Tue, Oct 4, 2011 at 10:06, Greg Sweers gswe...@acts360.com wrote: Have a customer that is needing to encrypt his signature. The organization wants it in PKCS#7, any suggestions on programs or ideas to get it done today.. They do not want to create a PKI infrastructure locally. Thx What is meant by encrypt his signature, and what process are they trying to further? Why the requirement for PKCS#7, vs. something else? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Needing to encrypt a file
Are these programs assuming that I have a certificate already... I got nailed by a customer for an all day sit down on some new stuff they are doing and this got put on my after dinner plate. :) I am about to read the manual, but any insight here. I don’t have the largest background on PKI.. Greg Sweers -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, October 04, 2011 3:12 PM To: NT System Admin Issues Subject: Re: Needing to encrypt a file Either GnuPG or OpenPGP might do that. Kurt On Tue, Oct 4, 2011 at 11:26, Greg Sweers gswe...@acts360.com wrote: Its an Italian Medical organization that has him login, create an account, setup the information about his organization and then downloads a file to his desktop that he has to encrypt with their requirements. Once he does that he can then upload documents to their system for review... Haven't ever seen anything like it before. Sorry when I said signature, its really just signing the file digitally and uploading it back to their servers. Their instructions just indicate to sign the file offline using our encryption software... But it has to be in pkcs#7 Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, October 04, 2011 1:20 PM To: NT System Admin Issues Subject: Re: Needing to encrypt a file On Tue, Oct 4, 2011 at 10:06, Greg Sweers gswe...@acts360.com wrote: Have a customer that is needing to encrypt his signature. The organization wants it in PKCS#7, any suggestions on programs or ideas to get it done today.. They do not want to create a PKI infrastructure locally. Thx What is meant by encrypt his signature, and what process are they trying to further? Why the requirement for PKCS#7, vs. something else? Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Needing to encrypt a file
our application: it is expected to have become V (validated) and, within the following 24 hours, to automatically become P (published). You can check the result of the signature using the feature described in the following chapter of our web application user manual for foreign manufacturer: 2.4.1.9.1 View the DM validation status . Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, October 04, 2011 8:57 PM To: NT System Admin Issues Subject: Re: Needing to encrypt a file On Tue, Oct 4, 2011 at 8:26 PM, Greg Sweers gswe...@acts360.com wrote: Are these programs assuming that I have a certificate already... GPG (GNU Privacy Guard) implements the OpenPGP standard. You can generate your own certificate (keypair) locally. Indeed, in classic PGP, this is the way it was usually done. Everyone generated their own keypair, and exchanged public keys. (Maybe you got your public key signed by others, to build a web of trust, but that's optional.) PKI came later to PGP. Alice generates a keypair -- public and private keys, which go together. Alice sends her public key to Bob. Alice writes a message, signs it with her private key, and mails that to Bob. Bob uses Alice's public key to authenticate the message. Bob takes a file, encrypts it with Alice's public key, and sends it to Alice. Alice uses her private key to decrypt the message. If Bob also sends a public key to Alice, they can do encrypted, authenticated mail. Alice encrypts her message with Bob's public key, and signs it with her private key. Only Bob can read it, and Bob can be sure Alice wrote it. All that said: Encryption can be a very bumpy road. A lot of people expect it to be like a toaster, where you plug it in and it works. Not so. Everyone has to be on the same page -- and the same set of standards and options -- for anything to work. The entity giving you the crypto requirement should really be giving you a detailed, formal spec. I can't count how many times someone at %WORK% has come to me saying %CUSTOMER% wants us to do crypto with them. I start asking the needed questions, and without fail, the customer end goes, Oh, you mean I don't just have to click a button? Then never mind. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Needing to encrypt a file
Thx Kurt, that’s good advice. I meet with the business owner tomorrow to discuss this project so I should have more details afterwards. Greg Sweers CEO ACTS360.com P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, October 04, 2011 9:58 PM To: NT System Admin Issues Subject: Re: Needing to encrypt a file On Tue, Oct 4, 2011 at 18:06, Greg Sweers gswe...@acts360.com wrote: snip but I think they are wanting it verified by a CA. snip Verify this. Have a nice long telephone conversation with writing utensil at hand, and document what is said. Then send your understanding via email to your opposite number with whom you've just had the conversation, saying This is what I understand from our conversation - can you please verify?. Then you'll have some better grounds for your next move. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Strange Time issue
A swap to new hardware resolved the issue. Thanks everyone. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Cameron [mailto:cameron.orl...@gmail.com] Sent: Tuesday, August 09, 2011 1:09 PM To: NT System Admin Issues Subject: Re: Strange Time issue Is the clock on the host running fast? If it's not, then it can't be physically running fast on the guest. On Tue, Aug 9, 2011 at 12:15 PM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: Pinky swear?? As my two year old came home for the first time last week and said to me when I promised him a snack... I will turn on the logging and let you know, I am really curious to see what is changing that. Am I wrong in thinking this is 2 issues. 1.The clock physically running fast. Independent of time sync 2. Time sync changing from external to Local CMOS when running a w32tm /resync /rediscover commands. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Tuesday, August 09, 2011 12:09 PM To: NT System Admin Issues Subject: RE: Strange Time issue So? Every time the source changes, something gets logged on 2008 and above. And you can turn on logging for 2003. The change doesn't happen by itself. I promise. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Greg Sweers [mailto:gswe...@acts360.com]mailto:[mailto:gswe...@acts360.com] Sent: Tuesday, August 09, 2011 12:04 PM To: NT System Admin Issues Subject: RE: Strange Time issue Well dang..If that doesn't beat all. Everytime I run the resync command the stupid thing goes back to Local CMOS when I run a /query /source. So I set it again, run the /query /source shows the time.windows.comhttp://time.windows.com/. Run the update, restart services, run the resync..bam back to local cmos. Its just my week for random MS issues... Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax From: Michael B. Smith [mailto:mich...@smithcons.com]mailto:[mailto:mich...@smithcons.com] Sent: Tuesday, August 09, 2011 11:55 AM To: NT System Admin Issues Subject: RE: Strange Time issue The definitive document. :) http://theessentialexchange.com/blogs/michael/archive/2010/01/29/a-brief-history-of-time-ok-ok-let-s-go-with-quot-an-introduction-to-the-windows-time-service-quot.aspx Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Andrew S. Baker [mailto:asbz...@gmail.com]mailto:[mailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 11:50 AM To: NT System Admin Issues Subject: Re: Strange Time issue Exactly the problem I've seen at two locations. That's why we moved away from the hosts managing the clock for the guests. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 11:24 AM, Senter, John john.sen...@etrade.commailto:john.sen...@etrade.com wrote: We kept getting time issues when we had ESX set the time on Windows servers because the domain will adjust the server time and then the ESX system adjust it back. This kept causing the time to go back and forth and it turned out the ESX systems were getting skewed from the NTP source at a greater rate. So let the domain do its thing with the servers by setting time. From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 11:18 AM To: NT System Admin Issues Subject: RE: Strange Time issue All domain machines. All VM guests sync to the ESX hosts. All workstations sync to physical DC's that use standard Windows time service. John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610tel:%28352%29%20244-1610 Cell (352) 215-6944tel:%28352%29%20215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Tuesday, August 09, 2011 10:49 AM To: NT System Admin Issues Subject: RE: Strange Time issue Are these domain machines? You don't sync them to a DC and sync the DC out to an external NTP server? David Lum Systems Engineer // NWEATM Office 503.548.5229tel:503.548.5229 // Cell (voice/text) 503.267.9764tel:503.267.9764 From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 7:21 AM To: NT System Admin Issues Subject: RE: Strange Time issue I actually use the VMWare tools time sync function on the guests and have my
RE: Strange Time issue
Tools are loaded, but we are not syncing with the Host. The DC is on another server, which is also running 2008 R2. Same setup. Not syncing with Host. The PDC is configured to sync with time.windows.com 0x1, per Microsoft time setup articles. All of our workstations and other servers have no issue with time sync. Never seen it before. We also have our Vmware time sync with time.windows.com as well. Had an issue way back when when guests were syncing with host regardless of settings so we just got in the habit. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: John Cook [mailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 10:21 AM To: NT System Admin Issues Subject: RE: Strange Time issue I actually use the VMWare tools time sync function on the guests and have my hosts sync to north-america.pool.ntp.org. I'm on ESX 4.1 not ESXi John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Andrew S. Baker [mailto:asbz...@gmail.com]mailto:[mailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 10:05 AM To: NT System Admin Issues Subject: Re: Strange Time issue As John notes, you should let the guests keep time for themselves, and not get their time from the hosts. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 9:53 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: We have a single VMware ESXi 4.1 running 1 Windows 2003 R2, and 1 x 2008 R2 server. The 2008 R2 server runs faster. Watching the clock it actually tickets about 3 real seconds to 5 seconds on the clock in the console. Needless to say this puts stuff out of sync pretty quick. Looked online and I found a few posts regarding some weird time services, but nothing Microsoft or VMware. Anyone seen this before? The 2003 Server runs normally. I can resync against the DC and they are out of sync by 15 seconds in under a minute. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Strange Time issue
All workstations and server sync to the DC, the DC syncs outside as well as the VMWARE host. Workstations have no issues and neither do most of the servers, its just these 2 servers on one host that run fast. I am thinking its hardware, I can actually watch the clock and for every 3 to 4 real seconds it runs 5. Never seen this happen before. Its not a sync issue it's the servers just running time fast and they get out of sync. We run some sleep software that is real sensitive so in between sync time periods they complain. I am real close to just taking out some new hardware and importing the VM's to the new box to rule out hardware. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: David Lum [mailto:david@nwea.org] Sent: Tuesday, August 09, 2011 10:49 AM To: NT System Admin Issues Subject: RE: Strange Time issue Are these domain machines? You don't sync them to a DC and sync the DC out to an external NTP server? David Lum Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 From: John Cook [mailto:john.c...@pfsf.org]mailto:[mailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 7:21 AM To: NT System Admin Issues Subject: RE: Strange Time issue I actually use the VMWare tools time sync function on the guests and have my hosts sync to north-america.pool.ntp.org. I'm on ESX 4.1 not ESXi John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Andrew S. Baker [mailto:asbz...@gmail.com]mailto:[mailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 10:05 AM To: NT System Admin Issues Subject: Re: Strange Time issue As John notes, you should let the guests keep time for themselves, and not get their time from the hosts. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 9:53 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: We have a single VMware ESXi 4.1 running 1 Windows 2003 R2, and 1 x 2008 R2 server. The 2008 R2 server runs faster. Watching the clock it actually tickets about 3 real seconds to 5 seconds on the clock in the console. Needless to say this puts stuff out of sync pretty quick. Looked online and I found a few posts regarding some weird time services, but nothing Microsoft or VMware. Anyone seen this before? The 2003 Server runs normally. I can resync against the DC and they are out of sync by 15 seconds in under a minute. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body
RE: Strange Time issue
Well dang..If that doesn't beat all. Everytime I run the resync command the stupid thing goes back to Local CMOS when I run a /query /source. So I set it again, run the /query /source shows the time.windows.com. Run the update, restart services, run the resync..bam back to local cmos. Its just my week for random MS issues... Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, August 09, 2011 11:55 AM To: NT System Admin Issues Subject: RE: Strange Time issue The definitive document. :) http://theessentialexchange.com/blogs/michael/archive/2010/01/29/a-brief-history-of-time-ok-ok-let-s-go-with-quot-an-introduction-to-the-windows-time-service-quot.aspx Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Andrew S. Baker [mailto:asbz...@gmail.com]mailto:[mailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 11:50 AM To: NT System Admin Issues Subject: Re: Strange Time issue Exactly the problem I've seen at two locations. That's why we moved away from the hosts managing the clock for the guests. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 11:24 AM, Senter, John john.sen...@etrade.commailto:john.sen...@etrade.com wrote: We kept getting time issues when we had ESX set the time on Windows servers because the domain will adjust the server time and then the ESX system adjust it back. This kept causing the time to go back and forth and it turned out the ESX systems were getting skewed from the NTP source at a greater rate. So let the domain do its thing with the servers by setting time. From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 11:18 AM To: NT System Admin Issues Subject: RE: Strange Time issue All domain machines. All VM guests sync to the ESX hosts. All workstations sync to physical DC's that use standard Windows time service. John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610tel:%28352%29%20244-1610 Cell (352) 215-6944tel:%28352%29%20215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Tuesday, August 09, 2011 10:49 AM To: NT System Admin Issues Subject: RE: Strange Time issue Are these domain machines? You don't sync them to a DC and sync the DC out to an external NTP server? David Lum Systems Engineer // NWEATM Office 503.548.5229tel:503.548.5229 // Cell (voice/text) 503.267.9764tel:503.267.9764 From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 7:21 AM To: NT System Admin Issues Subject: RE: Strange Time issue I actually use the VMWare tools time sync function on the guests and have my hosts sync to north-america.pool.ntp.orghttp://north-america.pool.ntp.org. I'm on ESX 4.1 not ESXi John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610tel:%28352%29%20244-1610 Cell (352) 215-6944tel:%28352%29%20215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 10:05 AM To: NT System Admin Issues Subject: Re: Strange Time issue As John notes, you should let the guests keep time for themselves, and not get their time from the hosts. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 9:53 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: We have a single VMware ESXi 4.1 running 1 Windows 2003 R2, and 1 x 2008 R2 server. The 2008 R2 server runs faster. Watching the clock it actually tickets about 3 real seconds to 5 seconds on the clock in the console. Needless to say this puts stuff out of sync pretty quick. Looked online and I found a few posts regarding some weird time services, but nothing Microsoft or VMware. Anyone seen this before? The 2003 Server runs normally. I can resync against the DC and they are out of sync by 15 seconds in under a minute. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849tel:813-657-0849 Office 813-758-6850tel:813-758-6850 Cell 813-341-1270tel:813-341-1270 Fax ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog
RE: Strange Time issue
Pinky swear?? As my two year old came home for the first time last week and said to me when I promised him a snack... I will turn on the logging and let you know, I am really curious to see what is changing that. Am I wrong in thinking this is 2 issues. 1.The clock physically running fast. Independent of time sync 2. Time sync changing from external to Local CMOS when running a w32tm /resync /rediscover commands. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, August 09, 2011 12:09 PM To: NT System Admin Issues Subject: RE: Strange Time issue So? Every time the source changes, something gets logged on 2008 and above. And you can turn on logging for 2003. The change doesn't happen by itself. I promise. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Greg Sweers [mailto:gswe...@acts360.com]mailto:[mailto:gswe...@acts360.com] Sent: Tuesday, August 09, 2011 12:04 PM To: NT System Admin Issues Subject: RE: Strange Time issue Well dang..If that doesn't beat all. Everytime I run the resync command the stupid thing goes back to Local CMOS when I run a /query /source. So I set it again, run the /query /source shows the time.windows.com. Run the update, restart services, run the resync..bam back to local cmos. Its just my week for random MS issues... Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Michael B. Smith [mailto:mich...@smithcons.com]mailto:[mailto:mich...@smithcons.com] Sent: Tuesday, August 09, 2011 11:55 AM To: NT System Admin Issues Subject: RE: Strange Time issue The definitive document. :) http://theessentialexchange.com/blogs/michael/archive/2010/01/29/a-brief-history-of-time-ok-ok-let-s-go-with-quot-an-introduction-to-the-windows-time-service-quot.aspx Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Andrew S. Baker [mailto:asbz...@gmail.com]mailto:[mailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 11:50 AM To: NT System Admin Issues Subject: Re: Strange Time issue Exactly the problem I've seen at two locations. That's why we moved away from the hosts managing the clock for the guests. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 11:24 AM, Senter, John john.sen...@etrade.commailto:john.sen...@etrade.com wrote: We kept getting time issues when we had ESX set the time on Windows servers because the domain will adjust the server time and then the ESX system adjust it back. This kept causing the time to go back and forth and it turned out the ESX systems were getting skewed from the NTP source at a greater rate. So let the domain do its thing with the servers by setting time. From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 11:18 AM To: NT System Admin Issues Subject: RE: Strange Time issue All domain machines. All VM guests sync to the ESX hosts. All workstations sync to physical DC's that use standard Windows time service. John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610tel:%28352%29%20244-1610 Cell (352) 215-6944tel:%28352%29%20215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Tuesday, August 09, 2011 10:49 AM To: NT System Admin Issues Subject: RE: Strange Time issue Are these domain machines? You don't sync them to a DC and sync the DC out to an external NTP server? David Lum Systems Engineer // NWEATM Office 503.548.5229tel:503.548.5229 // Cell (voice/text) 503.267.9764tel:503.267.9764 From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 7:21 AM To: NT System Admin Issues Subject: RE: Strange Time issue I actually use the VMWare tools time sync function on the guests and have my hosts sync to north-america.pool.ntp.orghttp://north-america.pool.ntp.org. I'm on ESX 4.1 not ESXi John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610tel:%28352%29%20244-1610 Cell (352) 215-6944tel:%28352%29%20215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 10:05 AM To: NT System Admin Issues Subject: Re: Strange Time issue As John notes, you should let the guests keep time for themselves, and not get their time from the hosts. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 9:53 AM, Greg Sweers
RE: Strange Time issue
Thanks Steve, I ran this and my time sync source set correctly. No more going back to Local CMOS for the /query /source command. Now to just figure out why this darn clock is running to its own drumbeat... Since none of my other devices are doing this and its only these 2 virtuals on this one host. I am going to move it to a different hardware. Needs to be swapped anyway. If that doesn't do it, I will start offering up the incentives. :) This is what I ran. w32tm /config /update /manualpeerlist:pool.ntp.org,0x1 /syncfromflags:MANUAL /reliable:YES w32tm /config /update net stop w32time net start w32time w32tm /resync /rediscover Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Steve Ens [mailto:stevey...@gmail.com] Sent: Tuesday, August 09, 2011 12:16 PM To: NT System Admin Issues Subject: Re: Strange Time issue Note Peers is a placeholder for a space-delimited list of peers from which your computer obtains time stamps. Each DNS name that is listed must be unique. You must append ,0x1 to the end of each DNS name. If you do not append ,0x1 to the end of each DNS name, the changes made in step 5 will not take effect. This was my issue...had to append the 0x1 On Tue, Aug 9, 2011 at 11:05 AM, Steve Ens stevey...@gmail.commailto:stevey...@gmail.com wrote: Your bet Saint M, read that one three weeks back to help fix a few issues. On Tue, Aug 9, 2011 at 10:55 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: The definitive document. :) http://theessentialexchange.com/blogs/michael/archive/2010/01/29/a-brief-history-of-time-ok-ok-let-s-go-with-quot-an-introduction-to-the-windows-time-service-quot.aspx Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 11:50 AM To: NT System Admin Issues Subject: Re: Strange Time issue Exactly the problem I've seen at two locations. That's why we moved away from the hosts managing the clock for the guests. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 11:24 AM, Senter, John john.sen...@etrade.commailto:john.sen...@etrade.com wrote: We kept getting time issues when we had ESX set the time on Windows servers because the domain will adjust the server time and then the ESX system adjust it back. This kept causing the time to go back and forth and it turned out the ESX systems were getting skewed from the NTP source at a greater rate. So let the domain do its thing with the servers by setting time. From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 11:18 AM To: NT System Admin Issues Subject: RE: Strange Time issue All domain machines. All VM guests sync to the ESX hosts. All workstations sync to physical DC's that use standard Windows time service. John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610tel:%28352%29%20244-1610 Cell (352) 215-6944tel:%28352%29%20215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Tuesday, August 09, 2011 10:49 AM To: NT System Admin Issues Subject: RE: Strange Time issue Are these domain machines? You don't sync them to a DC and sync the DC out to an external NTP server? David Lum Systems Engineer // NWEATM Office 503.548.5229tel:503.548.5229 // Cell (voice/text) 503.267.9764tel:503.267.9764 From: John Cook [mailto:john.c...@pfsf.orgmailto:john.c...@pfsf.org] Sent: Tuesday, August 09, 2011 7:21 AM To: NT System Admin Issues Subject: RE: Strange Time issue I actually use the VMWare tools time sync function on the guests and have my hosts sync to north-america.pool.ntp.orghttp://north-america.pool.ntp.org. I'm on ESX 4.1 not ESXi John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610tel:%28352%29%20244-1610 Cell (352) 215-6944tel:%28352%29%20215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Tuesday, August 09, 2011 10:05 AM To: NT System Admin Issues Subject: Re: Strange Time issue As John notes, you should let the guests keep time for themselves, and not get their time from the hosts. ASB http://about.me/Andrew.S.Baker Harnessing the Advantages of Technology for the SMB market... On Tue, Aug 9, 2011 at 9:53 AM, Greg Sweers gswe...@acts360.commailto:gswe...@acts360.com wrote: We have a single VMware ESXi 4.1 running 1 Windows 2003 R2, and 1 x 2008 R2 server. The 2008 R2 server runs faster. Watching the clock it actually tickets about 3 real seconds to 5 seconds on the clock in the console
re: Calling Security Experts..
Ben, Have you tried from another workstation connecting to the c$ drive using the local system credentials. This is assuming that its not a DC. net use z: \\servername\c$ /user:%computername%\localadminacct If this works and it should since its a network login not a local login, open the mmc and connect to the computer management on that machine. Go into local users and groups and remove authenticated users and interactive as users. This will make the administrator account effectively not a USER You should be able to log on locally afterwards. I know this worked for me on a 2k server. Not sure if it changes things for 2k3. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
re: Calling Security Experts..
Sorry I should have been more specific, under the users group in local users and groups, remove the authenticated user and interactive as members. Administrator account implicity inherits that as a result of those two. Removing them should make administrator not a user ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
