RE: Visio Viewer FAIL

[Joe Tinney]

What version are you using? 

 

Visio Viewer 2007 SP2 is required to function, per the FAQ on the
Security Bulletin for the Killbits article you referenced, when this
security update has been applied:

 

I had been using Microsoft Office Visio Viewer 2002 or Microsoft Office
Visio Viewer 2003 for which this bulletin, MS09-055, has set the kill
bit. From where can I download the latest Visio Viewer? 
You can download Microsoft Office Visio Viewer 2007 Service Pack 2 from
the Microsoft Office Online site, Viewers for Visio 2007
 .
Then, in order to be protected from the vulnerabilities described in
MS09-060  , you must
apply the update for Microsoft Office Visio Viewer 2007 Service Pack 2
(KB973709) from the same bulletin. Alternatively, Automatic Updates can
apply the latter update for you if you have set Automatic Updates on.

I had been using Microsoft Office Visio Viewer 2007 or Microsoft Office
Visio Viewer 2007 Service Pack 1. After applying the update from this
bulletin, MS09-055, my Visio Viewer stopped working. What do I do now? 
In order to use Visio Viewer, you can download Microsoft Office Visio
Viewer 2007 Service Pack 2 from the Microsoft Office Online site,
Viewers for Visio 2007
 .
Then, in order to be protected from the vulnerabilities described in
MS09-060  , you must
apply the update for Microsoft Office Visio Viewer 2007 Service Pack 2
(KB973709) from the same bulletin. Alternatively, Automatic Updates can
apply the latter update for you if you have set Automatic Updates on.

I have Microsoft Office Visio Viewer 2007 Service Pack 2 and have
applied the update from MS09-060. Do I still need to set the kill bit
for Visio Viewer using the update from this bulletin, MS09-055? 
Yes, Microsoft recommends applying the update from this bulletin because
the update includes kill bits for other vulnerable controls. For more
information, see the FAQ section of CVE-2009-2493.

We have no issues here with Visio Viewer 2007 Service Pack 2.

 

Good luck,

Joe

 

From: Sam Cayze [mailto:sam.ca...@rollouts.com] 
Sent: Thursday, September 16, 2010 3:53 PM
To: NT System Admin Issues
Subject: Visio Viewer FAIL

 

Has anyone successfully deployed Visio Viewer in their environment?

 

I can't seem to get it to work.

 

1.  Apparently, the KillBit's in KB 973525 destroyed it.

2. If you delete HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet
Explorer\ActiveX Compatibility
{279D6C9A-652E-4833-BEFC-312CA8887857}

It should work according to many...  doesn't for me.

 

I have googled everywhere, everyone has problems...

I can't get it to work, and I am not going to buy 20 licenses for the
Full version just because of this.

 

I have tried the 2003, 2007, and the 2010 version.  Most of the time, a
red 'x' displays in IE.  In a few machines, I can get it to work, but
get an ActiveX error every time I open a VSD file.

 

Environment:

XP Pro SP3, with Office 2003 SP.Latest

 

Thanks in advance,


Sam

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Powershell to get all users details from AD

[Joe Tinney]

.NET in PowerShell (no additional tools or modules needed):

 

http://www.sapienpress.com/downloads/ADChap5_secure.pdf

 

AD Syntax for all users is:

 

Get-aduser -filter * -properties *

 

Quest Syntax for all users:

 

Get-QADUser * -IncludeAllProperties

 

From: KenM [mailto:kenmli...@gmail.com] 
Sent: Thursday, September 23, 2010 10:03 AM
To: NT System Admin Issues
Subject: Re: Powershell to get all users details from AD

 

Typo in first MS should be get-aduser.

 

and if you want all users. Test first syntax may not be correct did not
test.

 

get-qaduser | %{get-qaduser $_ -properties * | fl}

 

get-aduser -filter * | %{get-aduser USERNAME -properties * | fl}

On Thu, Sep 23, 2010 at 10:00 AM, KenM  wrote:

Quest cmdlets

 

get-qaduser USERNAME -includedproperties * | fl

 

MS AD cmdlets

 

get-aduser USERNAME -properties * | fl

 

 

 



 

On Thu, Sep 23, 2010 at 5:56 AM, Oliver Marshall <
oliver.marsh...@g2support.com> wrote:

Hi

 

Does anyone know of a powershell script/syntax that I can use to
get a list of all the users from the AD, their OU location, name, phone
details, address, profile, organisation details...basically as much as
possible from the properties for each user account?

 

Olly

 

 

 

 

Network Support 
Online Backups
Server Management

Tel: 0845 307 3443 

Email: oliver.marsh...@g2support.com

Web: http://www.g2support.com  

Twitter: g2support  

Newsletter: http://www.g2support.com/newsletter
 

Mail: 2 Roundhill Road, Brighton, Sussex, BN2 3RF

 

Have you said something nice about us to a friend or colleague ?


Let us say thanks. Find out more at www.g2support.com/referral

 

G2 Support LLP is registered at Mill House, 103 Holmes Avenue,
HOVE

BN3 7LE. Our registered company number is OC316341. 

 

~ Finally, powerful endpoint security that ISN'T a resource hog!
~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin<><>

RE: Mails Lost during Uninstall/Reinstall of Entourage 2008

[Joe Tinney]

The mail is stored in a database in the Microsoft Identities folder for
each user. If you point Entourage to it for an Import you might be able
to get your mail back.. or you might duplicate everything you already
have. :-)

I normally turn to Google and this site when I get in too deep with
Entourage: http://www.entourage.mvps.org/.

Good luck!

-Original Message-
From: Juma, Lumumba [mailto:lcj...@icipe.org] 
Sent: Tuesday, October 05, 2010 10:00 AM
To: NT System Admin Issues
Subject: Mails Lost during Uninstall/Reinstall of Entourage 2008

Hi All,

We have a really crazy case here. One of the IT Support guys opted to
uninstall Office 2008 and reinstall afresh because mails being delivered
in Entourae showed the recipient as the previous owner of the IMac. I am
being told the installation was successful, but the database prompted
for a rebuild which it also did successfully. The user had created a
whole folder structure in "My Computer"and moved mails from the Exchange
mailbox. The strange thing is the structure is intact after the
reinstallation but some mails have disappeared in many of the folders.

Any idea how to recover these mails? I am particularly not a Mac fan, we
just seem to land into issues with Macs.

Cheers,

Lumumba.
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: PSTs on file cluster

[Joe Tinney]

Digging around in some links given by the Performance Team (which
alludes that there are things you can do) I found:

 

http://support.microsoft.com/kb/228766/

http://support.microsoft.com/default.aspx?scid=kb;EN-US;312362

 

Original Link:
http://blogs.technet.com/b/askperf/archive/2007/01/21/network-stored-pst
-files-don-t-do-it.aspx

 

I've not personally made changes to the Server service and certainly
couldn't advise on how that works in a file cluster, but those seem to
be the primary remediation for this issue.

 

Good luck!

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Monday, October 11, 2010 6:22 AM
To: NT System Admin Issues
Subject: PSTs on file cluster

 

Got a file cluster with hundreds of TS user PSTs stored on it (yes, I
know, it's idiotic, but I've just inherited this). The file cluster,
unsurprisingly, is struggling. We are building a new environment where
PSTs will not be stored on the networkin the meantime, is there
anything I can do to let the existing file cluster stop struggling so
much? I know that "don't store PSTs on the network" would be the ideal
thing - but that's unlikely to change until we implement the new
infrastructure in a few months.

All of the usual performance monitor counters are showing low work items
in the server service and the usual indicators of PSTs causing issues,
so I'm pretty sure of the root cause of the file cluster performance
issues.

TIA,



JRR

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Adobe Reader X

[Joe Tinney]

Adobe posted an announcement for the next version of Reader/Acrobat:

http://blogs.adobe.com/adobereader/2010/10/announcing-adobe-reader-x.htm
l

 

The interesting tidbit for me was the new Protected Mode (initially said
to prevent writes to the system per some set of rules). This is a
Microsoft sandboxing technique. Adobe says they've consulted with MS and
Google's Chrome developers along with others to develop the sandbox for
Reader/Acrobat.

http://blogs.adobe.com/asset/2010/07/introducing-adobe-reader-protected-
mode.html

 

Preorder for Acrobat ends November 30th, so I'm guessing this would be
released by the end of the year.

 

Most of the infections I've dug into at %WORK% have had some PDF
involvement so I'm really hoping this helps!


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: CPUCount tool

[Joe Tinney]

I'm not exactly sure of your requirements, but I'll assume this is a Windows 
OS. The WMI object "Win32_Processor" should have a listing for each physical 
processor in the machine.

PowerShell one-liner (if you don't count the semicolon as a new line): 
[array]$ProcList = Get-WMIObject Win32_Processor; $ProcList.Count

That could also very easily be done in a very short VBScript.

From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, February 16, 2011 12:44 PM
To: NT System Admin Issues
Subject: CPUCount tool

Does anyone have/know of a current CPU count tool? He have Intel's old CPU 
count tool but when we run it on a sparticualr server it generates no output 
(but it works on most other systems).

The system in question is an IBM (not a blade) server.
David Lum // SYSTEMS ENGINEER
NORTHWEST EVALUATION ASSOCIATION
(Desk) 503.548.5229 // (Cell) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: PowerShell scripts in PrimalScript

[Joe Tinney]

Powershell.exe will return an exit code for the script when you use the 
-command or -file parameter.

How are you calling PowerShell? I have a few provisioning scripts written in 
PowerShell that I use the Kace KBOX agent to run. Syntax is very similar to 
this blog: 
http://blogs.msdn.com/b/powershell/archive/2006/10/14/windows-powershell-exit-codes.aspx

The blog just runs a command, but with -file you can call a script.

You can also set the exit codes by making the last command or line "exit ##" 
where ## is the code you want to return.

Regards,
Joe

From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Friday, April 01, 2011 3:17 PM
To: NT System Admin Issues
Subject: PowerShell scripts in PrimalScript

Windows Server 2008 R2 SP1
PrimalScript 2009 version 5.0.644

OK, if I run a PS script in PrimalScript, and it completes successfully, should 
I seen an exit code like I do with a VBScript? Right now it looks like 
PowerShell is still running after the script completes. I need to manually 
terminate it (Script -> Stop Script). Just doing something as basic as a 
process list:

GET-PROCESS

Same results. Like PowerShell just doesn't know to terminate. I've loaded it on 
another machine (Windows Server 2003 SP2) with the exact same results. I'm 
thinking this is just a configuration issue on my side, but I'm not sure what? 
Something with my PowerShell profile?

Also if I launch PowerShell separately, and run a script everything is fine. 
This is just inside PrimalScript.




Thanks,

Chris Bodnar, MCSE, MCITP
Technical Support III
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003 - This message, and 
any attachments to it, may contain information that is privileged, 
confidential, and exempt from disclosure under applicable law. If the reader of 
this message is not the intended recipient, you are notified that any use, 
dissemination, distribution, copying, or communication of this message is 
strictly prohibited. If you have received this message in error, please notify 
the sender immediately by return e-mail and delete the message and any 
attachments. Thank you.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: web cam with sound

[Joe Tinney]

+1 - about 20 of these in deployment. Quality is great - especially with
Skype. 

 

It is one of the "approved high quality" cameras and will let you jack
up the quality a notch.

 

From: Roger Wright [mailto:rhw...@gmail.com] 
Sent: Wednesday, December 01, 2010 12:15 PM
To: NT System Admin Issues
Subject: Re: web cam with sound

 

We use Logitech's QuckCam 9000 for video web conferences between
branches and the quality is more than adequate.

http://preview.tinyurl.com/33937dd

 


Roger Wright
___

Life isn't like a box of chocolates. It's more like a jar of jalapenos:
what you do today might burn your butt tomorrow.






On Wed, Dec 1, 2010 at 11:53 AM, Andy Shook 
wrote:

NT crew,

Due to some family members that can't be with us on Christmas morning,
I'd like to setup a web cam with audio capabilities so they can view my
youngn's excitement on Christmas morning.  What camera would you
recommend for this?  I'm willing to pay for a decent solution but I
don't want to drop several bills for a one time application.  

 

TIA, 

 

Shook 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Unlock a Win7 PC

[Joe Tinney]

You should be able to view the other logged in users in Task Manager under the 
Users tab, IIRC. You can log them off from there.

From: James Kerr [mailto:cluster...@gmail.com]
Sent: Thursday, January 06, 2011 3:35 PM
To: NT System Admin Issues
Subject: Unlock a Win7 PC

So anyway, I ran into this small issue with Windows 7 as we roll it out on our 
network. When a user locked their PC an admin could unlock it and cause the 
user to be logged out. Now with Win7 I dont seem to have that option. What are 
my options other then shutting down the PC?

James

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: What is a Dynamic Installer

[Joe Tinney]

I just looked this up yesterday myself. The dynamic installer is what
IE7 and IE8 uses to install. If you install IE7/8 you'll notice a
section where it will get the latest updates prior to installation. That
is the dynamic part of it. Having this in WSUS should allow that
installer to find those updates from WSUS instead of from Microsoft.

If you don't deploy/install IE with the MS installer (and use WSUS
instead) then you don't need that product group.

-Original Message-
From: Jim Dandy [mailto:jda...@asmail.ucdavis.edu] 
Sent: Thursday, July 30, 2009 5:21 PM
To: NT System Admin Issues
Subject: What is a Dynamic Installer

In WSUS some of the products you can update are Windows Vista Dynamic
Installer, Windows Media Dynamic Installer, IE Dynamic Installer, 
What is a dynamic installer and how do you get a product that needs a
updates for a dynamic installer?  I've got those products checked but
I've never had a computer that needed updates for them.  Thanks for your
help.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Any one have a copy of R2 for W2K3 Enterprise

[Joe Tinney]

Todd,
Your messages prior to this made it sound like you had bought R2
but did not receive media for it. This reply to Ben makes it seem like
you did not buy R2 and as such you can't just get media for it and
install it. 2003 R2 is a separately licensed, pay-for upgrade from 2003
Server. It isn't like a service pack that you can apply at no cost.

If what I am assuming is correct the best course of action for you (if
you require a homogeneous environment) is to downgrade your 2003 R2
Server installation to 2003 Server. Otherwise, you can purchase (one at
a time even, for your President's sake) 2008 licenses and downgrade them
to 2003 R2 (after you get the media for it as mentioned previously).

I've not tried this myself but I'd bet a good bit that your non-R2 keys
aren't going to work even if you do get the media and likewise that any
R2 keys you had won't install 2003. So, if you installed 2003 Server
then you probably had that license and not an R2 license to begin with,
as retail does not provide you with keys to previous versions like the
Open License program does.

For more information on downgrading I encourage you to read the EULA for
Windows Server 2003:
http://www.microsoft.com/windowsserver2003/eulas/default.mspx.


Good luck!

-Original Message-
From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com] 
Sent: Thursday, July 30, 2009 5:33 PM
To: NT System Admin Issues
Subject: RE: Any one have a copy of R2 for W2K3 Enterprise

I'm not sure if R2 had been released at that time, anyway I was not
installing R2 then on any of my servers. 

Thanks!

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Black Hat / Visual studio / I-phones....

[Joe Tinney]

For a moment I thought I was going to avoid death from all of this.. but
then your summary email came and smacked me right in the head with some
death. Thanks. :-)

 

From: Devin Meade [mailto:devin.me...@gmail.com] 
Sent: Friday, July 31, 2009 5:54 PM
To: NT System Admin Issues
Subject: Black Hat / Visual studio / I-phones

 

This week in conclusion:

1. Any developers that use Visual Studio must patch it, recompile and
redistribute all apps.  Nice.
 1. A. It seems that all our doze boxes have the run time version of
this and must get the dev patch, not just the iE patch (done yesterday
btw).
2. Patch I.E. (relatively easy).
3. Patch I-phones with I-tunes (pphf  . . .).  The carrier can't
patch it wirelessly?
4. Watch closely for a Windows Mobile patch.
5. Watch for a text message with one single character ... a box.
6. Lookout for laptop BIOS level security packages (computrace, et.al.).
We have none of these.
7. Have a good weekend!



 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: BB outage?

[Joe Tinney]

Good in Dayton and Iowa.

-Original Message-
From: wjh [mailto:nt...@hedgedigger.com] 
Sent: Friday, July 31, 2009 5:44 PM
To: NT System Admin Issues
Subject: BB outage?

Anyone having issues with blackberry service?  I'm in Atlanta.

Bill

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Favorite Tools

[Joe Tinney]

..trying.. to resist.. googling.. !!!

 

From: Martin Blackstone [mailto:mblackst...@gmail.com] 
Sent: Monday, August 03, 2009 4:49 PM
To: NT System Admin Issues
Subject: RE: Favorite Tools

 

iVibe Rabbit is a big hit around our house.

 

From: Matt Plahtinsky [mailto:cbusitl...@gmail.com] 
Sent: Monday, August 03, 2009 6:34 AM
To: NT System Admin Issues
Subject: Favorite Tools

 

I am always looking for cool new tools to add to my tool bag that I take
with me to clients.  Here is a list of some of my most used tools.  

 

If you have some tools that you use a lot please share.

 

Thanks.

 

 

SpinRite Boot CD  -  Hard Disk recovery tool

http://www.grc.com/sr/spinrite.htm

 

GParted Live - Resize partitions

http://gparted.sourceforge.net/livecd.php

 

Knoppix 5.11 - Live linux boot CD with a ton of tools.  

http://www.knoppix.net/

 

UBCD for Windows - Run windows xp from a CD.  Has a ton of tools

http://www.ubcd4win.com/

 

Offline NT Password & Registry Editor - Boot CD that can change local
account passwords

http://home.eunet.no/pnordahl/ntpasswd/

 

Kon-Boot  - Log into any local or domain account on a pc without a
password.  Very cool tool.

http://www.piotrbania.com/all/kon-boot/  

 

Acronis True Image with Universal Restore - Disk Imaging tool

http://www.acronis.com/

 

HDClone Pro - Hard Drive cloning tool

http://www.hdclone.com/

 

Malwarebytes - Anti-Virus/Malware

http://www.malwarebytes.org/

 

VIPRE Rescue - Anti-Virus/Malware

http://live.sunbeltsoftware.com/

 

JKDefrag-3.36/MyDefrag-4.0 - Hard Drive Defrag program

http://www.kessels.com/Jkdefrag/

 

Sysinternals - An sysadmin's best friend

http://technet.microsoft.com/en-us/sysinternals/default.aspx

 

Putty - Telnet/SSH Client

http://www.chiark.greenend.org.uk/~sgtatham/putty/

 

nmap - Security/Port scanner

http://nmap.org/

 

Superscan 3.0 - fast little port scanner.  A quick way to tell whats on
the network.

http://www.foundstone.com/us/resources/proddesc/superscan3.htm

 

Wireshark - sniffer

http://www.wireshark.org/

 

Lua BugLight - For finding out where a program hangs with it run under
restricted mode.

http://blogs.msdn.com/aaron_margosis/archive/2006/08/07/LuaBuglight.aspx

 

Belarc Advisor - Audits installed software, list keys, hardware,
Microsoft patches, ect and generates a report.  *** this tool is for
home use only according to their website 

http://www.belarc.com/free_download.html

 

DBAN - Securely wipes hard drives to DOD standards

http://www.dban.org/

 

Virtual Box - Run Virtual Machines.  I use it to run everything from
Windows 95 to Windows 7, and Ubuntu.  What's best is it has 3D support
for windows and Linux so it's functional and pretty.

http://www.virtualbox.org/

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: The "Duh" Question of the Day 8/4/09

[Joe Tinney]

I'm betting that the mounting infrastructure alone is more than I'd want
to pay for a setup like that.

 

From: Gavin Wilby [mailto:gavin.wi...@gmail.com] 
Sent: Wednesday, August 05, 2009 10:35 AM
To: NT System Admin Issues
Subject: Re: The "Duh" Question of the Day 8/4/09

 

http://www.flickr.com/photos/gavsta/3262638773/

On Wed, Aug 5, 2009 at 3:33 PM, Steven M. Caesare 
wrote:

Old enuff to know better, yet still manage to be an idiot most of the
time.

 

I've needed corrective lenses since 7th grade. Glasses for several
years, then contacts. I had Lasik a year ago[1]. I need about +2.5
diopters of correction in each eye.

 

-sc

 

[1] Lasik rocks.

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Wednesday, August 05, 2009 10:17 AM 


To: NT System Admin Issues

Subject: Re: The "Duh" Question of the Day 8/4/09

 

Out of curiosity, how old are you?

On Wed, Aug 5, 2009 at 9:31 AM, Steven M. Caesare 
wrote:

I prefer to shrink the scale on most docs and have _TWO_ side by side
pages.

 

Well, actually, that's a lie. I'm almost always bouncing between
multiple windows, so when I'm editing I actually have a full height doc
(@ 80%)on the right and then room on the left to get at other things
(CMD windows, emails, etc...)

 

With a decent resolution monitor, and ClearType enabled, there are very
few cases where I find I need to use the Office Apps or a browser at
100% scale. I find 75-80% works well, and I can usually get a full page
in there. 

 

Ditto for CMD windows I permanently crank the font down to a ~9
point(as well as go green-on-black) and can get a couple of 50-line tall
windows rolling without sucking up all the screen real estate.

 

Lasik not included.

 

-sc

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Wednesday, August 05, 2009 9:23 AM 


To: NT System Admin Issues

Subject: Re: The "Duh" Question of the Day 8/4/09

 

Two words: protrait mode.

 

I changed my 22" to portrait and have never looked back.  PDF files,
page at a time and readable.  Websites, no scrolling to get to the
bottom (or significantly less).  Since most websites are aligned for
1024 horizontal resolution, you won't have to scroll left or right.
And, I find I prefer a long screen than a wide screen when remoting into
servers.  

On Wed, Aug 5, 2009 at 9:03 AM, Sherry Abercrombie 
wrote:

So yesterday afternoon just before I leave for the day, the
HelpDesk/Desktop lead comes to my cube and asks this question:  "Would
you be willing to give up one of your 19" monitors for a new 23"
monitor?"Well DUH.

So now I get to setup my new 23" Samsung monitor.

-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

 

 

 

 

 

 

 

 

 

 






-- 
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: The "Duh" Question of the Day 8/4/09

[Joe Tinney]

>  She got a big rock. ;-)

..for 97 seconds.

-Original Message-
From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Wednesday, August 05, 2009 12:48 PM
To: NT System Admin Issues
Subject: RE: The "Duh" Question of the Day 8/4/09

Hehe... ya.

Got mine as a anniversary gift from the wife (she works at a Optical Surgeon's 
office)

One of the best gifts ever.

She got a big rock. ;-)

-sc

> -Original Message-
> From: John Cook [mailto:john.c...@pfsf.org]
> Sent: Wednesday, August 05, 2009 12:35 PM
> To: NT System Admin Issues
> Subject: Re: The "Duh" Question of the Day 8/4/09
> 
> Best $3000 I ever spent. I still don't need reading glasses, my arms 
> are long enough.
> John W. Cook
> Systems Administrator
> Partnership For Strong Families
>  Sent to you from my Blackberry in the Cloud
> 
> - Original Message -
> From: Kurt Buff 
> To: NT System Admin Issues 
> Sent: Wed Aug 05 12:32:35 2009
> Subject: Re: The "Duh" Question of the Day 8/4/09
> 
> I got lasik done when I was 41. That was, uh, some number of years ago.
> 
> I was seeing at distance - blurred a bit by the drops and the 
> protective plastic lenses - on my way home. No, I didn't drive, but 
> being able to see the road signs on the way home added to the 
> blurriness, if you catch my meaning. It's something I hadn't been able 
> to do since the 5th grade.
> 
> Yes, that was a long time ago, and as a relatively early adopter, it 
> cost a lot of money. I've never regretted it, despite the fact that I 
> needed reading glasses immediately thereafter.
> 
> Kurt
> 
> On Wed, Aug 5, 2009 at 07:33, Steven M. Caesare
> wrote:
> > Old enuff to know better, yet still manage to be an idiot most of 
> > the
> time.
> >
> >
> >
> > Ive needed corrective lenses since 7th grade. Glasses for several
> years,
> > then contacts. I had Lasik a year ago[1]. I need about +2.5 diopters
> of
> > correction in each eye.
> >
> >
> >
> > -sc
> >
> >
> >
> > [1] Lasik rocks.
> >
> >
> >
> > From: Jonathan Link [mailto:jonathan.l...@gmail.com]
> > Sent: Wednesday, August 05, 2009 10:17 AM
> > To: NT System Admin Issues
> > Subject: Re: The "Duh" Question of the Day 8/4/09
> >
> >
> >
> > Out of curiosity, how old are you?
> >
> > On Wed, Aug 5, 2009 at 9:31 AM, Steven M. Caesare
> 
> > wrote:
> >
> > I prefer to shrink the scale on most docs and have _TWO_ side by 
> > side
> pages.
> >
> >
> >
> > Well, actually, thats a lie. m almost always bouncing between
> multiple
> > windows, so when m editing I actually have a full height doc (@
> 80%)on the
> > right and then room on the left to get at other things (CMD windows,
> emails,
> > et)
> >
> >
> >
> > With a decent resolution monitor, and ClearType enabled, there are
> very few
> > cases where I find I need to use the Office Apps or a browser at 
> > 100%
> scale.
> > I find 75-80% works well, and I can usually get a full page in there.
> >
> >
> >
> > Ditto for CMD window. I permanently crank the font down to a ~9
> point(as
> > well as go green-on-black) and can get a couple of 50-line tall
> windows
> > rolling without sucking up all the screen real estate.
> >
> >
> >
> > Lasik not included.
> >
> >
> >
> > -sc
> >
> >
> >
> > From: Jonathan Link [mailto:jonathan.l...@gmail.com]
> > Sent: Wednesday, August 05, 2009 9:23 AM
> >
> > To: NT System Admin Issues
> > Subject: Re: The "Duh" Question of the Day 8/4/09
> >
> >
> >
> > Two words: protrait mode.
> >
> >
> >
> > I changed my 22" to portrait and have never looked back.  PDF files,
> page at
> > a time and readable.  Websites, no scrolling to get to the bottom 
> > (or significantly less).  Since most websites are aligned for 1024
> horizontal
> > resolution, you won't have to scroll left or right.  And, I find I
> prefer a
> > long screen than a wide screen when remoting into servers.
> >
> > On Wed, Aug 5, 2009 at 9:03 AM, Sherry Abercrombie
> 
> > wrote:
> >
> > So yesterday afternoon just before I leave for the day, the
> HelpDesk/Desktop
> > lead comes to my cube and asks this question:  "Would you be willing
> to give
> > up one of your 19" monitors for a new 23" monitor?"Well DUH.
> >
> > So now I get to setup my new 23" Samsung monitor.
> >
> > --
> > Sherry Abercrombie
> >
> > "Any sufficiently advanced technology is indistinguishable from
> magic."
> > Arthur C. Clarke
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
> 
> 
> CONFIDENTIALITY STATEMENT: The information transmitted, or contained 
> or attached to or with this Notice is intended only for the person or 
> entity to which it is addressed and may contain Protected Health 
> Information (PHI), confidential and/or privileged material. Any 
> review, transmission, dissemination, or other use of, and taking any 
> action in reliance upon this information by person

RE: Exiting from a Start command

[Joe Tinney]

I believe you are looking for the command START. From the help:

Starts a separate window to run a specified program or command.

START ["title"] [/Dpath] [/I] [/MIN] [/MAX] [/SEPARATE | /SHARED]
  [/LOW | /NORMAL | /HIGH | /REALTIME | /ABOVENORMAL | /BELOWNORMAL]
  [/WAIT] [/B] [command/program]
  [parameters]

"title" Title to display in  window title bar.
pathStarting directory
B   Start application without creating a new window. The
application has ^C handling ignored. Unless the application
enables ^C processing, ^Break is the only way to interrupt
the application
I   The new environment will be the original environment passed
to the cmd.exe and not the current environment.
MIN Start window minimized
MAX Start window maximized
SEPARATEStart 16-bit Windows program in separate memory space
SHARED  Start 16-bit Windows program in shared memory space
LOW Start application in the IDLE priority class
NORMAL  Start application in the NORMAL priority class
HIGHStart application in the HIGH priority class
REALTIMEStart application in the REALTIME priority class
ABOVENORMAL Start application in the ABOVENORMAL priority class
BELOWNORMAL Start application in the BELOWNORMAL priority class
WAITStart application and wait for it to terminate
command/program
If it is an internal cmd command or a batch file then
the command processor is run with the /K switch to cmd.exe.
This means that the window will remain after the command
has been run.

If it is not an internal cmd command or batch file then
it is a program and will run as either a windowed application
or a console application.

parameters  These are the parameters passed to the command/program


If Command Extensions are enabled, external command invocation
through the command line or the START command changes as follows:

non-executable files may be invoked through their file association just
by typing the name of the file as a command.  (e.g.  WORD.DOC would
launch the application associated with the .DOC file extension).
See the ASSOC and FTYPE commands for how to create these
associations from within a command script.

When executing an application that is a 32-bit GUI application, CMD.EXE
does not wait for the application to terminate before returning to
the command prompt.  This new behavior does NOT occur if executing
within a command script.

When executing a command line whose first token is the string "CMD "
without an extension or path qualifier, then "CMD" is replaced with
the value of the COMSPEC variable.  This prevents picking up CMD.EXE
from the current directory.

When executing a command line whose first token does NOT contain an
extension, then CMD.EXE uses the value of the PATHEXT
environment variable to determine which extensions to look for
and in what order.  The default value for the PATHEXT variable
is:

.COM;.EXE;.BAT;.CMD

Notice the syntax is the same as the PATH variable, with
semicolons separating the different elements.

When searching for an executable, if there is no match on any extension,
then looks to see if the name matches a directory name.  If it does, the
START command launches the Explorer on that path.  If done from the
command line, it is the equivalent to doing a CD /D to that path.


-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Friday, August 07, 2009 10:54 AM
To: NT System Admin Issues
Subject: RE: Exiting from a Start command

Isn't there another command instead of CALL? CALL returns to the script doesn't 
it? I think RUN is what you want because it means "exit this command shell and 
run this app", I think CALL keeps the command shell running.

Or maybe I'm confused with SHELL, been a long time...

Dave


-Original Message-
From: Juned Shaikh [mailto:jsha...@gmail.com]
Sent: Friday, August 07, 2009 7:45 AM
To: NT System Admin Issues
Subject: Exiting from a Start command

Need an URGENT help:

I am trying to launch the ePOP Alert client from WiredRed from my login script 
by using the following command :
 
Call "Program Files\WiredRed\Epop\EPOPCLIENT.EXE" 

the launch is fine but the DOS window after launch gets hung. What are the 
methods where I can launch the .EXE and quick leave the process and continue 
with the script.

Thanks in advance,


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

~ Finally, powerful endpoint security that ISN'T a resource h

RE: Scheduled Tasks/Batch logons, etc

[Joe Tinney]

Christopher,

If you scroll beneath all the advertisements on the
Experts Exchange page you can see the responses, typically. If that
doesn't work then send me the link and I'll send you the responses to
see if they help.

 

Have you used Process Explorer to verify the credentials and rights the
process has when it is running? You should be able to see that.
http://live.sysinternals.com/procexp.exe 

 

Good luck,

Joe 

 

From: Christopher [mailto:c.bo...@gmail.com] 
Sent: Friday, August 07, 2009 2:21 PM
To: NT System Admin Issues
Subject: Scheduled Tasks/Batch logons, etc

 

OK - here's the scenario. Windows XP, SP2 workstaions joined to a
domain..  User has several scheduled tasks that run every 5 minutes.
The tasks basically just run a batch file that looks for a specific file
in a direcory. If it finds it, it runs another batch file that performs
a few other misc. checks and then actually calls an executable to
process these large data sets.

 

This is all basically to allow the user to have these data processing
runs happen automatically, no matter who has the workstation locked,
etc.. all he has to do is drop data in a specific folder and create one
file over the network and within the next 5 minutes, it starts up.

 

After working out a few GPO issues that were kicking the users out of
the "Log on as batch job" user right, the jobs run fine.  The problem
now, is that if the owner of the job (whoever's credentials it's running
under) is logged in when the job kicks off, the processes that were
started by the scheduled task are killed.  This doesn't happen if the
owner of the job is not logged on, or any other user is logged on, of
course.  My assumption is that only the initial batch file called by the
scheduled task is run under the batch login type, so if the scheduled
task was directly calling the executable then it would stay running, but
since this the job is runnig a batch file that is calling another batch
file, which in turn is actually calling the executable, the exe doesn't
run under the batch type login and is killed just like every other user
proccess when he logs off.

 

I looked at a few shell commands to see if there was any specific way to
call the 2nd batch file, or executable, that would run it under the same
logon that the original batch file was run under but didn't hae any
luck.  I also googled a bit, but could only find an Expert's Exchange
question (that sounded exactly like my problem) but of course I'm not
signing up and paying any cash for it.

 

Any thoughts, suggestions, flames?  Also, if there is a better way to
accomplish this, I wouldn't mind hearing it.   Thanks in advance..

 

-cb

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: The network path not found

[Joe Tinney]

Take this for what it's worth, I've not messed with Vista much in a managed 
environment too much and just use it at home primarily. However, I do recall 
that Vista maintained different firewalls for different 'locations' (domain, 
private, public, etc). Have you went into the Windows Firewall with Advanced 
Security application to see if it is indeed turned off for the domain (or check 
to see if Vista is aware that its current location is the domain and not 
private, or something). Anyway, it would be somewhere else to check in case you 
haven't.

Best of luck.

-Original Message-
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Tuesday, August 11, 2009 4:02 PM
To: NT System Admin Issues
Subject: RE: The network path not found

Good question, whenever we find the issue it will be something simple I missed. 
But this is Enterprise 7 and it is joined to the domain.

-Original Message-
From: Alan Monaghan [mailto:al...@gardnerweb.com]
Sent: Tuesday, August 11, 2009 4:01 PM
To: NT System Admin Issues
Subject: RE: The network path not found

Just to be sure.
This is the version of Vista that can talk to the network and join a domain.
The only reason I ask is there were a few versions there that could not do that 
and don't want to overlook the obvious.



Felis demulcta mitis ...
Alan G. Monaghan 
   [ MCSE+I - Win4.0/ MCSE - Win2k/ BJCP # C0389(Recognized)  Ò¿Ó¬ ] Systems 
Administrator Gardner Publications, Inc.

*Phone .. 1-513-527-8867
*Fax  1-513-527-8801
*Cell ... 1-513-378-0919
*E-mail . al...@gardnerweb.com
*URL  http://Bullwinkle.GardnerWeb.Com/



>> -Original Message-
>> From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
>> Sent: Tuesday, August 11, 2009 3:55 PM
>> To: NT System Admin Issues
>> Subject: RE: The network path not found
>> 
>> Saw those just a bit ago. They are all enabled and started, netbios 
>> over
tcp/ip is also enabled. Yep,
>> I have an everyone full control folder shared and cannot even hit 
>> that
directly. Tried by IP address
>> also. For now Windows Firewall is disabled.
>> 
>> -Original Message-
>> From: Bob Smith [mailto:b...@neconsulting.net]
>> Sent: Tuesday, August 11, 2009 3:16 PM
>> To: NT System Admin Issues
>> Subject: Re: The network path not found
>> 
>> Jim,
>> 
>> Check that the following services are started:
>> 
>>  Workstation, DHCP Client, DNS Client, Server, TCP/IP Netbios helper, 
>> Computer Browser.
>> 
>> Have you tried to create a share on the system to see if you can 
>> browse it then, also try enabling NETBIOS over TCP/IP
>> 
>> HTH,
>> Bob Smith
>> 
>> --
>> From: "Jim Dandy" 
>> Sent: Tuesday, August 11, 2009 11:50 AM
>> To: "NT System Admin Issues" 
>> Subject: The network path not found
>> 
>> > I've got a Server 2003 domain.  One Vista computer on that domain 
>> > doesn't show up in "Network Neighborhood".  From an XP machine if 
>> > you do start run  \\computername\sharename I get
>> >
>> >  \\computername\sharename
>> >  The network path not found
>> >
>> > I've also tried \\FQDN\sharename and \\ipaddress\sharename and get 
>> > the same results.  If you try to access the Vista machine from 
>> > another Vista machine it fails with the error
>> >
>> >  Windows cannot access \\comptuername\Sharename
>> >
>> >  Check the spelling of the name.  Otherwise there might be a 
>> > problem with your network.  To  try to identify and resolve the 
>> > network problems, click Diagnose.
>> >
>> > I get the same error if trying to access with either FQDN or ipaddress.
>> > If you click on diagnose it says the most likely problem is that 
>> > port
>> > 445 is closed.
>> >
>> > Here is some additional info
>> > 1) I can ping the computer using either it's NetBIOS name, FQDN or 
>> > IP address
>> > 2) File and printer sharing is enabled
>> > 3) For testing purposes, the firewall is disabled on the Vista box.
>> > 4) If I bring up "Network Neighborhood" on the Vista computer it 
>> > can see itself but other computers can't see it
>> > 5) I tried removing the Vista computer from the domain and adding 
>> > it back
>> >
>> > Any other suggestions on what I might do to get this working?  
>> > Perhaps there is some service that is not running that should be 
>> > running?  It used to work on this computer.  I'm not sure why it stopped.
>> >
>> > Thanks for your help.
>> >
>> > Curt Finley
>> >
>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ 
>> > ~   ~
>> >
>> 
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>>   ~
>> 
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>>   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 

RE: Home drive mapping quizzler

[Joe Tinney]

+1. Was XP SP2 in a 2003 domain. The issue persisted building moves (all 
clients and servers moved to a new location, existing infrastructure equipment 
was kept but new wiring, of course).

 

Wve not had it happen since we���ve moved our home drive mappings from AD 
to a kix login script. However, this occurrence is rare and not always reported 
so it may still continue to happen and we are not being informed.

 

From: Robert Cato [mailto:cato.rob...@gmail.com] 
Sent: Tuesday, August 11, 2009 6:23 PM
To: NT System Admin Issues
Subject: Re: Home drive mapping quizzler

 

 

We're having the exact same issue, so I hope someone out there has some 
insight. 

 

All workstations here are XPSP3 fully patched in a Server 2008 domain. The two 
users that happen frequently have similar user names (eg TPain and TMPain) 
although it does happen to others. I have been focusing on other issues so I 
have not dug through the event logs as it is an easy fix and does not happen 
all that often...maybe once or twice a week.

Other facts: Completely new infrastructure: new switches, all LAN drops tested 
to CAT5E specs as part of a VoIP roll out, new servers, new racks, new patch 
cords, new image on the workstations.

 

Thanks,

Robert

On Tue, Aug 11, 2009 at 5:40 PM, Eisenberg, Wayne  
wrote:


My google-fu is below par right now, maybe some of you have the answer:

We use the AD home folder info (on the profile tab) to map users' H:
drive to \\fileserver\users\username   . 
97% of the time it works as
advertised. However, sometimes it just maps the H: drive to
\\fileserver\users   and doesn't go all the way to 
the next level. We
unmap and remap the user to the proper location manually and life goes
on. But why is this happening at all? Is it just a Microsoft-ism? Is
there some bizarre glitch running amok? Any ideas?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Network link state slow to propagate; UI freezes

[Joe Tinney]

I've not noticed this behavior in our E5500 but frequent
disconnecting/reconnecting isn't something that it typical in my
environment (docking station, so the whole system is wacky for a bit
after dock/undock). If Dell reports anything I would be very interested
in knowing and I'll be sure to test this out on a machine tomorrow. I'm
uncertain of the exact model NIC.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Tuesday, August 11, 2009 7:56 PM
To: NT System Admin Issues
Subject: Network link state slow to propagate; UI freezes

Hey all,

PROBLEM SUMMARY

  When plugging in or unplugging the network cable, the link state
change does not propagate to the whole system immediately.
Network-related UI elements may freeze until the system "notices" the
change.  The "network cable is unplugged" and/or "now connected"
balloons do not appear until the system notices the change.

ENVIRONMENT

Dell Latitude E6500
Win XP Pro, SP2 or SP3
Intel 82567LM gigabit Ethernet NIC (E1Y5132.SYS)

SYMPTOMS

  Intermittent, but fairly consistent and reproducible.  Doesn't happen
all the time, but happens more often than not, and frequently several
times in a row.

  When you unplug the cable, the system tray icon shows the network as
connected for several seconds.  Conversely, when plugging in a network
cable, the tray icon will show disconnected for several seconds.

  While this is happening, the tray icon will "freeze" -- the
send/receive indications "get stuck", and if you click on it (to open
the network status window), nothing immediately happens.  If the status
window was open and you unplug, the counters stop, the send/receive
indicators freeze as they were, and the whole thing sits there,
non-responsive.  Once Windows notices the change in link state, all the
UI events that have queued since it froze fire at once, opening windows
or popping up menus.  If you unplug/re-plug multiple times while it is
frozen, you'll see the "... is now connected" and "Network cable
unplugged" balloons flicker back and forth.

  Sometimes the UI will freeze for several even *after* it reports the
link state change.  Then all the mouse clicks fire at once.

  Occasionally, this will cause the system to keep using a DHCP lease it
got for one network, despite having been plugged into a different
network.

  On rare occasions (much less than the more general problem), the
system *never* notices the cable is (un)plugged.  You have to reboot to
get it unstuck.

INVESTIGATION

If I run a "ping -t" at the same time, I can see ping showing
instantaneous response.  As soon as I unplug, it starts giving "Hardware
error".  After a few moments, that changes to "Destination host
unreachable".  The GUI may still be reporting the link as connected.
When I plug back in, ping will start reporting replies again within a
few seconds.  It may take the GUI several more seconds before it notices
the link is back.

  This is our first (and so far only) E series Latitude.  We loaded with
the same RIS image we've been using for all our other computers for
years, with the addition of drivers new or updated for this model
computer.  It doesn't happen on any of our other computers.

  Things I've tried that didn't help:

* Endless reboots
* Shutdown, power off, battery out, unplug cord, press power button to
discharge
* Update to latest NIC driver from Dell (driver file ver 9.50.14.2,
dated 4/4/2008)
* Update to latest NIC driver from Intel (ProSet 14.3; driver file ver
9.52.25.0, dated 3/26/2009)
* Confirmed we have the latest BIOS (A13)
* Disabling all non-Microsoft-Windows services and startup items
* Docking and undocking
* Installing Win XP Service Pack 3 (started at SP2)
* Installing "Dell Notebook System Software", which is a collection of
Microsoft hotfixes
* Different network cables
* Unplugging at the laptop and at the switch
* Disabling the switch port while leaving the cables plugged in
* Different switch port
* Different model switch (100 megabit only)
* Digging out an old 10 megabit repeater and plugging into that
* Running on just battery (no line-in)
* Running on just line-in (no battery)
* Confirmed we have the latest video driver (from Intel) and sound
driver (from Dell)

  No change in problem behavior across any of that.  Trouble persists.

  Tried disabling Windows Firewall and ALG.  That caused ping to report
"Request timed out" instead of "Hardware error" (before moving on to
"host unreachable"), but otherwise, same behavior.


  I'll be calling Dell, but I wanted to see if anyone here had seen this
before and/or had any ideas.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Home drive mapping quizzler

[Joe Tinney]

We are using the command USE:

 

http://www.scriptlogic.com/Kixtart/htmlhelp/Commands/use.htm

 

Also looks like we delete the connection if it exists (using USE) and
then delete the registry key for the remembered connection from
HKEY_CURRENT_USER\Network\.

 

From: Eisenberg, Wayne [mailto:wayne.eisenb...@pbvllc.com] 
Sent: Tuesday, August 11, 2009 10:39 PM
To: NT System Admin Issues
Subject: RE: Home drive mapping quizzler

 

Michael,

 

We are all XP with a mix of SP2 and SP3 in a Win2003 native domain. It
happens in both SPs, as far as I am informed. Joe, what kind of kixtart
script command did you use? I have been thinking about converting us
over from batch files to kix.

 

Wayne

 



From: Robert Cato [mailto:cato.rob...@gmail.com] 
Sent: Tuesday, August 11, 2009 6:23 PM
To: NT System Admin Issues
Subject: Re: Home drive mapping quizzler

 

We're having the exact same issue, so I hope someone out there has some
insight. 

 

All workstations here are XPSP3 fully patched in a Server 2008 domain.
The two users that happen frequently have similar user names (eg TPain
and TMPain) although it does happen to others. I have been focusing on
other issues so I have not dug through the event logs as it is an easy
fix and does not happen all that often...maybe once or twice a week.

Other facts: Completely new infrastructure: new switches, all LAN drops
tested to CAT5E specs as part of a VoIP roll out, new servers, new
racks, new patch cords, new image on the workstations.

 

Thanks,

Robert

On Tue, Aug 11, 2009 at 5:40 PM, Eisenberg, Wayne
 wrote:


My google-fu is below par right now, maybe some of you have the answer:

We use the AD home folder info (on the profile tab) to map users' H:
drive to \\fileserver\users\username
  . 97% of the time it works as
advertised. However, sometimes it just maps the H: drive to
\\fileserver\users   and doesn't go all the
way to the next level. We
unmap and remap the user to the proper location manually and life goes
on. But why is this happening at all? Is it just a Microsoft-ism? Is
there some bizarre glitch running amok? Any ideas?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Slow desktop logons.

[Joe Tinney]

WMI Filters enabled for GPOs? 

-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Friday, August 21, 2009 8:40 AM
To: NT System Admin Issues
Subject: Re: Slow desktop logons.

Wireless service disabled?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New Attack Cracks WPA in a Minute

[Joe Tinney]

I'd turn broadcasting on (with WPA2) and change my SSID to creepy
messages like: "I'm watching you" and "This backseat is so comfy".

 

From: Murray Freeman [mailto:mfree...@alanet.org] 
Sent: Friday, August 28, 2009 11:45 AM
To: NT System Admin Issues
Subject: RE: New Attack Cracks WPA in a Minute

 

Well, there are at least 8 or 9 other wifi nets in my neighborhood, but
I have my radio broadcast turned off. I know that won't stop an "expert"
but it will stop some idiot trying to "just have some fun". But, I am
somewhat paranoid as many times, and I do mean MANY, cars stop after
dark, right in front of my house, and with the motor running, they just
sit in the car. I don't go out to look up close, but they do not have a
cell phone glued to their ears and they are looking down as though
typing on a keyboard. They don't just sit for a few moments, but rather
15 or 20 minutes at a time. So, am I being t anul, or are those
people trying to hack into a wifi. All but one or two of the local wifi
nets are protected, most are WEP or WAP except my backyard neighbor and
I who are WPA2.

 

Murray

 

 



From: Jeff Brown [mailto:2jbr...@gmail.com] 
Sent: Friday, August 28, 2009 9:47 AM
To: NT System Admin Issues
Subject: Re: New Attack Cracks WPA in a Minute

Seriously, what are the odds someone in your neighborhood is lurking
around with the technology/desire to break into your home network?  I've
seen guys post the "my daughter could do it" response, but really, where
do you people live that you are that paranoid about your home network?
I am NOT suggesting that you leave it open, but I'll be shocked if
someone doesn't suggest that you run out and buy a new router so you'll
be "safe".  I'm just wondering, safe from whom?

On Fri, Aug 28, 2009 at 9:40 AM, Lee Douglas 
wrote:

My home network is on an old D-Link DIR-635 (latest firmware but it hit
end of life in 2007!) which only supports WPA personal and WPA
Enterprise - but it only supports WPA Enterprise via a Radius Server.
It's fast enough and works fine so i'm reluctant to trash it unless I
have to.

I have Windows Home Server, and several XP Pro computers.

My question - should I set up a radius server - does a radius server and
WPA Enterprise offer enough additional protection to be worth the hassle
of setting up a Radius Server -  on my Windows Home Server box or go out
an buy a newer router? 

If a newer router, any recommendations?

TIA! 






On Fri, Aug 28, 2009 at 9:09 AM, Sam Cayze 
wrote:

http://tech.yahoo.com/news/pcworld/20090827/tc_pcworld/newattackcracksco
mmonwifiencryptioninaminute 

Summary:  Use WPA2 and AES.  Get off WPA and TKIP if you are still using
them.

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: New Attack Cracks WPA in a Minute

[Joe Tinney]

Regarding the 'Public WiFi' SSID you always see being broadcast as an ad
hoc network: http://www.nmrc.org/pub/advise/20060114.txt. In short, once
you try and join one of those ad hoc networks your system then begins to
rebroadcast that SSID. That is what I attribute to the constant 'Free
Public Wifi' offerings I see constantly. 

That means that someone was still 'Patient Zero' and they probably are
used as honeypots to grab peoples personal info some of the time. But
when a rash of them appeared here at work I went digging and that is
when I found this info.

This was released in 2006, along with this:
http://blogs.chron.com/techblog/archives/2006/09/free_public_wif.html
and was tested with XP SP2. Anyone happen to know if it was, in fact,
updated with Service Pack 3 and Vista/Win 7?

-Original Message-
From: Murray Freeman [mailto:mfree...@alanet.org] 
Sent: Friday, August 28, 2009 3:05 PM
To: NT System Admin Issues
Subject: RE: New Attack Cracks WPA in a Minute

Another concer, but for people who don't have a WIFI, or who just like
to mooch, is the fake "Public WIFI" that are 'default' and unsecured. I
understand that these are used by unscrupulous people to capture
personal info. Every now and then, I see one of those in my
neighborhood. 


Murray 


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Friday, August 28, 2009 2:01 PM
To: NT System Admin Issues
Subject: Re: New Attack Cracks WPA in a Minute

On Fri, Aug 28, 2009 at 10:46 AM, Jeff Brown<2jbr...@gmail.com> wrote:
> Seriously, what are the odds someone in your neighborhood is lurking 
> around with the technology/desire to break into your home network?

  For a home network, the biggest threat is probabbly someone looking to
mooch Internet access.  Possibly a criminal looking to cover their
tracks.  (How would you like kiddie porn being traced to your IP
address?)  These aren't targeted attacks; anyone will do.  For this sort
of thing, the best countermeasure is to have a neighbor with a less
secure access point.  Same principle as car alarms: Car alarms don't
make it impossible to steal your car; rather, they just make it easier
to steal the car parked next to yours.

  Targeted attacks seem a lot less likely for home networks.

  Certainly, some people/organizations scan for networks to break in to
for data mining purposes.  I'd guess the most likely attack here would
actually come from someone looking for corporate networks (they
typically are of higher value).  In this case, enacting sophisticated
countermeasures -- like turning off SSID broadcast -- might (*might*)
actually draw attention: Attackers scanning the area might see that as a
sign that your network has something to hide.

  I suppose someone could go looking for home networks to steal credit
card numbers, etc., that might be stored on home PCs, but that seems
unlikely.  It's high risk (requires local physical presence) and offers
little reward, and there are much easier alternatives (spyware).

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: File replication query.

[Joe Tinney]

Because Office 2010 made pulling it up so easy:

/\
-Original Message-
From: Ian Roche [mailto:iro...@curamsoftware.com] 
Sent: Wednesday, February 18, 2009 4:22 AM
To: NT System Admin Issues
Subject: File replication query.

I may have a requirment to configure File replication . This will be from our 
main File server which is a standard two node mscs cluster to a standalone 
server in a remote office connected by an MPLS line. Has anyone configured this 
before . I understand that DFS is not an option as its not cluster aware. If 
anyone could recommend a way of doing this nativley in windows if possible . I 
fnot what applications/tools would be best suited in your opinions.. 
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~
\/

-Original Message-
From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Wednesday, September 02, 2009 10:29 AM
To: NT System Admin Issues
Subject: Re: File replication query.

This bump doesnt have the original post.  Care to repost?

--
ME2



On Wed, Sep 2, 2009 at 10:27 AM, Ian Roche wrote:
> Bump ... any ideas on this one anyone??
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Remote desktop changed?

[Joe Tinney]

I've seen this behavior on machines with UltraVNC on them. I'm not sure
what order the connections have to occur but using VNC in conjunction
with RDP has resulted in the station being unlocked AFTER the RDP
session had been closed (and I assume it was unlocked during the
session). 

 

From: Russ [mailto:shouldab...@gmail.com] 
Sent: Friday, September 04, 2009 12:24 PM
To: NT System Admin Issues
Subject: Remote desktop changed?

 

I'm curious of some behavior we have been seeing that seems to be out of
the ordinary.

Normally when you remote desktop to a machine, the remote machine locks
and someone on the other side can't see what you are doing.  Just
recently I've gotten a couple reports of remote desktop sessions leaving
the remote end open so that it can be seen.  I didn't think this was
even possible.  Is there a setting that can be set to allow this, or
anyone else know what might be going on?

These are XP machines with SP3 installed generally.  I know it doesn't
seem to happen every time, but I have multiple reports of it happening.

Please reply if you've seen anything like this or have any insight!
Thanks!

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Disable F keys

[Joe Tinney]

Michael, 

 

Short of someone knowing this out and out you could use Sysinternals'
Process Monitor (procmon) to view the changes being made while you run
the programs. Generally, you would just filter on the executable name
that is making these changes for you. 

 

HTH,

Joe

 

From: Owens, Michael [mailto:michael.ow...@dys.ohio.gov] 
Sent: Thursday, September 10, 2009 3:25 PM
To: NT System Admin Issues
Subject: Disable F keys

 

Does anyone know how to disable the F keys via registry? I found
programs that do it, but id rather have reg keys so I can run them on
new images. For windows XP

 



This message, and any response to it, may constitute a public record and
thus may be publicly available to anyone who requests it in accordance
with Chapter 149 of the Ohio Revised Code.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: WSUS

[Joe Tinney]

David,

I've never seen this issue myself so these are just 
troubleshooting ideas running through my brain:

1.   Does running 'wuauclt /reportnow' on the affected clients resolve the 
issue for the client? 

2.   Is it the last report date that you are not seeing getting updated or 
some other behavior that pointed out the issue to you? 

3.   Have you checked your WSUS server to make sure everything is running 
okay? 

a.   Free disk space

b.  Database still running? 

4.   How is your WSUS configured? 

5.   You might check out 'wsusutil checkhealth' command: 
http://technet.microsoft.com/en-us/library/cc708604%28WS.10%29.aspx. 

6.   Check out this KB article on dealing with the WindowsUpdate.log file: 
http://support.microsoft.com/kb/902093. In addition to explaining its structure 
(it is tab-delimited, by the way, if you want to open it in something like 
Excel to analyze it better), it also provides info on how to increase logging 
to Extended Logging at the end of the document.

 

 

Good luck and Happy New year,

Joe

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, December 31, 2009 4:06 PM
To: NT System Admin Issues
Subject: WSUS

 

It seems I have about ½ my PC's getting updated from WSUS but not reporting 
back to it. I seem to find a ton of near-misses via Google. The 
WindowsUpdate.log on the client doesn't show any errors and in fact the client 
thinks it's reporting to the server. Clients are Win7 and XP SP3.  Any here see 
this type of behavior before? 

 

Same WSUS GPO for all systems, etc.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: WSUS

[Joe Tinney]

No problem. With the behavior you are seeing (patched systems but non-existent 
in WSUS) it is almost certainly the problem that Richard describes. I assumed 
that sysprep took care of this, but it looks like that isn't the case until you 
get to Windows Vista and above: http://support.microsoft.com/kb/903262:

 

"When you use Sysprep to generalize an image for a virtual machine, or when you 
use a unique SID-generating technology to create the images, the SusClientId 
registry value is not cleared if it is populated within the image before the 
image is deployed.

Note In WSUS 3.0, the client changes its SusClientID if the hardware 
configuration changes. For Windows Vista, for Windows Server 2008, and for 
later versions, Sysprep is changed to reset the SusClientID. Therefore, this 
problem affects only virtual machines that run pre-Windows Vista operating 
systems, or that were not created by using Sysprep."

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, December 31, 2009 4:35 PM
To: NT System Admin Issues
Subject: RE: WSUS

 

Hi Joe, thanks for the suggestions!

 

1)  No. windowsupdate.log has always given "Report Reporter successfully 
uploaded 3 events."

2)  The machines in question aren't appearing in WSUS at all. I do have 239 
systems reporting successfully

3)  239 systems report in OK

 

I have run both the WSUS server and client reporting tools and both come back 
good. The fix Richard sent worked on one system and makes sense why we would 
have so many working and not.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

From: Joe Tinney [mailto:jtin...@lastar.com] 
Sent: Thursday, December 31, 2009 1:18 PM
To: NT System Admin Issues
Subject: RE: WSUS

 

David,

I've never seen this issue myself so these are just 
troubleshooting ideas running through my brain:

1.   Does running 'wuauclt /reportnow' on the affected clients resolve the 
issue for the client? 

2.   Is it the last report date that you are not seeing getting updated or 
some other behavior that pointed out the issue to you? 

3.   Have you checked your WSUS server to make sure everything is running 
okay? 

a.   Free disk space

b.  Database still running? 

4.   How is your WSUS configured? 

5.   You might check out 'wsusutil checkhealth' command: 
http://technet.microsoft.com/en-us/library/cc708604%28WS.10%29.aspx. 

6.   Check out this KB article on dealing with the WindowsUpdate.log file: 
http://support.microsoft.com/kb/902093. In addition to explaining its structure 
(it is tab-delimited, by the way, if you want to open it in something like 
Excel to analyze it better), it also provides info on how to increase logging 
to Extended Logging at the end of the document.

 

 

Good luck and Happy New year,

Joe

 

From: David Lum [mailto:david@nwea.org] 
Sent: Thursday, December 31, 2009 4:06 PM
To: NT System Admin Issues
Subject: WSUS

 

It seems I have about ½ my PC's getting updated from WSUS but not reporting 
back to it. I seem to find a ton of near-misses via Google. The 
WindowsUpdate.log on the client doesn't show any errors and in fact the client 
thinks it's reporting to the server. Clients are Win7 and XP SP3.  Any here see 
this type of behavior before? 

 

Same WSUS GPO for all systems, etc.

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: psexec and WMIC

[Joe Tinney]

I've never been able to use WMIC with PSEXEC. Same message/behavior. I
usually use PowerShell's Get-WmiObject (GWMI for short) cmdlet since it
can connect to a remote machine and run WMI queries.

 

From: Christopher Bodnar [mailto:christopher_bod...@glic.com] 
Sent: Wednesday, January 13, 2010 8:25 AM
To: NT System Admin Issues
Subject: psexec and WMIC

 

I'm trying to run a WMIC command remotely using PSEXEC on a bunch of
servers and getting this:

 

Please wait while WMIC compiles updated MOF files.

 

And it just hangs there. If I log on to the remote machine and run the
WMIC command it works fine. 

 

Anyone see this before? 

 

Chris Bodnar, MCSE
Sr. Systems Engineer
Infrastructure Service Delivery
Distributed Systems Service Delivery - Intel Services
Guardian Life Insurance Company of America
Email: christopher_bod...@glic.com
Phone: 610-807-6459
Fax: 610-807-6003

 

 

 



This message, and any attachments to it, may contain information that is
privileged, confidential, and exempt from disclosure under applicable
law. If the reader of this message is not the intended recipient, you
are notified that any use, dissemination, distribution, copying, or
communication of this message is strictly prohibited. If you have
received this message in error, please notify the sender immediately by
return e-mail and delete the message and any attachments. Thank you. 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Powershell return values

[Joe Tinney]

My gut would be to use variables, but then you need to create variables
with a scope such that the variables exist outside of the function.

http://blogs.msdn.com/powershell/archive/2007/04/14/controlling-the-scop
e-of-variables.aspx

Running 'Get-Help Set-Variable' led me down this rabbit hole, for what
it's worth.

Good luck!

-Original Message-
From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] 
Sent: Tuesday, January 19, 2010 2:46 PM
To: NT System Admin Issues
Subject: RE: Powershell return values

>I may be dense this afternoon, but huh?

Lol,

Ok, an example (stupid, but an example)...

Function Test_Time {
$a = Get-Date
If ($a.Minute -gt 30) { Return 1 } 
Else { Return 0 }
}

If (Test_Time) { Write-Host 'gt 30...' }
Else { Write-Host 'lt 30...' }


This works only by fluke as the only output is the return.
What if the function necessarily generates loads of output?


Function Test_Time {
$a = Get-Date
Get-Alias
If ($a.Minute -gt 30) { Return 1 } 
Else { Return 0 }
}

If (Test_Time) { Write-Host 'gt 30...' }
Else { Write-Host 'lt 30...' }


This always evals to true as a result of the slew of output that
gets written out. So how do you deal with this? I know I can hide
the output of that Get-Alias, but what if you can't avoid some output?

Thanks!
jlc

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Powershell return values

[Joe Tinney]

Alright, using your example your variable is available while inside the
function. I tested this (Win 7, so Powershell v2) by creating your
function:

function my_function { set-variable -name backupstatus -value 1;
$backupstatus}

Then I ran your function:

my_function

This printed the number 1 as the output.

Now, while outside of the function I checked for the value of
$backupstatus, which should be 1. It returned nothing. The variable set
inside the function is not available to me once I am outside of the
function. This is where the Scope of the variable comes into play.

Changing the function to include Scope:

function my_function { set-variable -name backupstatus -value 1
-Scope 1 }

Now you are able to query $backupstatus outside of the function and
returns the value 1.

Also, you can check this by running the cmdlet 'Variable'. When no scope
is set (actually it defaults to Scope 0) and the function is ran the
variable is not shown as being set. When Scope 1 is set it is shown with
a value of 1.

---
PowerShell Commands:

PS > function my_function { set-variable -name backupstatus -value 1 }
PS > my_function
PS > $backupstatus
PS > function my_function { set-variable -name backupstatus -value 1
-Scope 1 }
PS > my_function
PS > $backupstatus
1
-

So, if you were to change the Return portion of your test code and add
in variables with a scope of 1 you could execute your function and then
test for the variable values.

As to getting custom functions to work with the pipeline, that is
something I am not experienced with and I haven't had need to try or use
data created in a function outside of the function yet. 

-Original Message-
From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] 
Sent: Tuesday, January 19, 2010 3:28 PM
To: NT System Admin Issues
Subject: RE: Powershell return values

>My gut would be to use variables, but then you need to create variables
>with a scope such that the variables exist outside of the function.
>
>http://blogs.msdn.com/powershell/archive/2007/04/14/controlling-the-sco
p
>e-of-variables.aspx

Ok Guys,
If you say it always can, it's just me:)
I did find that article actually but my variables seem to exist outside
the
function after its called so I wasn't 100% sure of the scope and its
impact
on my case?

If I do:

my_function {
Set-Variable -Name backupStatus -Value 1
}

Then test it, it always appears. So what is an example when the scope is
required?
Except maybe to limit it to within the function?

BTW, found that k.hill article, just inept at programming:)

Thanks everyone!
jlc

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: GPO Best Practices

[Joe Tinney]

The blog that Andy O linked to seems to indicate that, depending on how
you apply this, you can actually append the local admin list and not
erase it. 

 

Has anyone tried this out following this guidance?

 

From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Wednesday, January 20, 2010 10:06 AM
To: NT System Admin Issues
Subject: RE: GPO Best Practices

 

Yes, that is how restricted groups work, it over writes whatever is
existing on the current machine. The best way to do it, then your GPO is
the definitive authority on who is a local admin. So yes, servers should
be in separate OU's so they can have their own GPO's on this issue and
all the others that you decide to do.

 

 

 

From: John Bowles [mailto:john.bow...@wlkmmas.org] 
Sent: Wednesday, January 20, 2010 10:00 AM
To: NT System Admin Issues
Subject: GPO Best Practices

 

I have a customer who is looking to implement a GPO to add Domain Admins
to all the workstations and servers.  I was looking into using
Restricted Groups to tackle this task, but it seems if you use
Restricted Groups you will lose anything outside of the groups you have
listed in the restricted groups, that reside in local admin group of
workstations or servers.

 

My question is, if I recall a finely tuned AD the concept was to have
your workstations and servers in seperate OU's right?  This way you can
have seperate sets of GPO's for each class, either workstations or
servers?

 

Or, is there just a flat out easier way to push certain accounts to the
servers and workstations?

 

Thanks,

 

 

John Bowles 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Google-Fu=Fail: Shockwave player scripted uninstall

[Joe Tinney]

David,

What is in the UninstallString key for Shockwave in
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall? If it is a
MSIEXEC command you can pretty easily and silently (most of the time)
uninstall it by issuing:

 

MSIEXEC.EXE /X {GUID-FROM-UNINSTALLSTRING} /qn /quiet /norestart

 

That generally works without too much trouble. QN means No user
interface, quiet will suppress prompts and norestart suppresses a
restart if requested.

 

The GUID typically changes from version to version (minor versions
included), so it can be a pain to get them ALL. You may have to dump
that key and mine all the GUIDs.

 

Good luck!

 

Joe

 

From: David Lum [mailto:david@nwea.org] 
Sent: Friday, January 29, 2010 10:54 AM
To: NT System Admin Issues
Subject: Google-Fu=Fail: Shockwave player scripted uninstall

 

I need to script a Shockwave Player v11 uninstall to remove it from 150
machines: 

 

"Summary: Critical vulnerabilities have been identified in Adobe
Shockwave Player 11.5.2.602 and earlier versions, on the Windows and
Macintosh operating systems"

 

Solution: Adobe recommends Shockwave Player users uninstall Shockwave
version 11.5.2.602 and earlier on their systems, restart their systems,
and install Shockwave version 11.5.6.606"

 

http://www.adobe.com/support/security/bulletins/apsb10-03.html

 

I can push the new player easily enough, but I have looked and can't
find anything for removing  v11. This page covers how to clean v10, but
v11 doesn't have an UNWISE.EXE

http://kb2.adobe.com/cps/155/tn_15508.html#10_2

 

I've searched the registry for "Shockwave" in hopes of finding a
registry key that will help, but I found nothing. There is an Add/Remove
entry for the old version, I just don't know how to find how it "hooks
up".

 

I even uninstalled it via Add/Remove watching it via Process Explorer
but the only executable I saw was MSIEXEC.EXE...

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Reader, Acrobat, and Flash security updates

[Joe Tinney]

It's only necessary to stay compliant to their licensing requirements. 

 

For what it's worth, posting those links violates their licensing agreements 
for that software as well.

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Friday, February 12, 2010 2:50 PM
To: NT System Admin Issues
Subject: RE: Reader, Acrobat, and Flash security updates

 

ActiveX:

http://www.adobe.com/go/full_flashplayer_win_msi

http://www.adobe.com/go/full_flashplayer_win_ie

 

Plugin:

http://www.adobe.com/go/full_flashplayer_win_pl_msi

http://www.adobe.com/go/full_flashplayer_win

 

These have been posted on other websites.  Doesn't seem that filling out the 
redistribution form is really necessary.

 

Carl

 

From: Sean Rector [mailto:sean.rec...@vaopera.org] 
Sent: Friday, February 12, 2010 1:15 PM
To: NT System Admin Issues
Subject: RE: Reader, Acrobat, and Flash security updates

 

How do we get just the patch(s) to distribute?  I'm not seeing that on their 
site.

 

Sean Rector, MCSE

 

From: David Lum [mailto:david@nwea.org] 
Sent: Friday, February 12, 2010 9:30 AM
To: NT System Admin Issues
Subject: Reader, Acrobat, and Flash security updates

 

Adobe Flash (fix is ready now):

http://www.adobe.com/support/security/bulletins/apsb10-06.html

 

Acrobat and Reader (Fix is coming out the 16th):

http://www.adobe.com/support/security/bulletins/apsb10-07.html

 

Party on Wayne!

David Lum // SYSTEMS ENGINEER 
NORTHWEST EVALUATION ASSOCIATION
(Desk) 971.222.1025 // (Cell) 503.267.9764

 

 

 

Information Technology Manager
Virginia Opera Association 

E-Mail: sean.rec...@vaopera.org  
Phone:(757) 213-4548 (direct line)
{+}

Virginia Opera's 35th Anniversary Season    The One You 
Love

Celebrate with a 2009-2010 subscription: 
La Bohème |   The 
Daughter of the Regiment  
   |   Don Giovanni | 
  Porgy and BessSM  

Visit us online at www.VaOpera.org   or call 
1-866-OPERA-VA

The vision of Virginia Opera is to enrich lives through the powerful 
integration of music, voice and human drama.



This e-mail and any attached files are confidential and intended solely for the 
intended recipient(s). Unless otherwise specified, persons unnamed as 
recipients may not read, distribute, copy or alter this e-mail. Any views or 
opinions expressed in this e-mail belong to the author and may not necessarily 
represent those of Virginia Opera. Although precautions have been taken to 
ensure no viruses are present, Virginia Opera cannot accept responsibility for 
any loss or damage that may arise from the use of this e-mail or attachments.

{*}

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Need Website Tested

[Joe Tinney]

Have you tried putting quotes around the path to iexplore.exe? I
wouldn't expect it to view that path as a single argument. 

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Friday, February 12, 2010 1:33 PM
To: NT System Admin Issues
Subject: RE: Need Website Tested

 

My IE version is identical.

 

Never used fsum before. I'm trying, but getting empty output:

 

 

C:\ fsum -sha1 c:\program files\internet explorer\iexplore.exe

 

SlavaSoft Optimizing Checksum Utility - fsum 2.52.00337

Implemented using SlavaSoft QuickHash Library 

Copyright (C) SlavaSoft Inc. 1999-2007. All rights reserved.

 

; SlavaSoft Optimizing Checksum Utility - fsum 2.52.00337


;

; Generated on 02/12/10 at 13:29:59

;

 

C:\

 

 

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Friday, February 12, 2010 1:00 PM
To: NT System Admin Issues
Subject: RE: Need Website Tested

 

What version you using on Win7 32bit of IE. 

 

Mine is 8.0.7600.16385 using 256BIT Cipher strength, with the latest IE
Patch applied. 

f948199016079eded0320b6245d59ef3d50ebd93  iexplore.exe(Sha-1 Hash)

 

Can anyone else verify with fsum there Iexplore hash value on Windows 7
32bit as a comparison. 

 

Simple command fsum -sha1 Path_to_iexplore.exe (C:\Program
Files\Internet Explorer\Iexplore.exe)

 

Z

 

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Friday, February 12, 2010 10:01 AM
To: NT System Admin Issues
Subject: RE: Need Website Tested

 

Fine with Win7 32-bit, IE8 in compat mode.

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Friday, February 12, 2010 9:57 AM
To: NT System Admin Issues
Subject: RE: Need Website Tested

 

Works on IE8 and Windows XP Pro SP3.

 

  

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Friday, February 12, 2010 8:52 AM
To: NT System Admin Issues
Subject: Need Website Tested

 

Our Windows 7 machines crash when accessing the following site with IE8:

 

http://www.suwannee.k12.fl.us/

 

The module causing the fault is mshtml.dll. We've tested from multiple
Win7 machines (different brands/models/images) on our end with the same
result, but Vista and XP seem to work fine.

 

Could any of you with Win7 try the site through IE8 and let me know if
you see the same thing?

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

www.taylor.k12.fl.us

 

 

 

 
 
 
NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.

 

 

 

 

 

 

 

 
 
 
NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Password Change History

[Joe Tinney]

A colleague of mine has found that they can use the 'additional account
info' DLL in MMC 32-bit. You can launch mmc in 32-bit mode by using the
/32 switch: "mmc.exe /32"

 

Personally, I use LockoutStatus.exe (from MS available on their site).
It doesn't invoke AAM when UAC is on so you may have to do that manually
if you want to use it to interact with any DC logs, and I can't reset
passwords from it (in any OS on a 2003 AD domain). It continually chokes
on password complexity requirements.

 

Other than that, great to see how many last bad passwords, when they
were, and when the password was set along with how long they have until
it expires.

 

I believe that LockoutStatus uses the same DLL required for the
'additional account info' tab, also. Same set of tools: ALTools. 

 

From: Glen Johnson [mailto:gjohn...@vhcc.edu] 
Sent: Monday, March 01, 2010 11:01 AM
To: NT System Admin Issues
Subject: RE: Password Change History

 

I sure wish they would update that to work with 64bit and 2008 ADU&C.

Got used to it on 2003 and now I miss it.

 

From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Monday, March 01, 2010 10:50 AM
To: NT System Admin Issues
Subject: RE: Password Change History

 

You can add "additional account info" into Active Directory Users and
Computers:

 

http://www.petri.co.il/view_additional_user_information_in_aduc.htm

 

This will tell you when her password was last changed, and when it is
set to expire next.

 

 



From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Monday, March 01, 2010 10:09 AM
To: NT System Admin Issues
Subject: Password Change History

We have a group policy requiring setting a maximum password age of 90
days. I have a user who swears she's having to change hers more
frequently than that. I'm not really sure how to troubleshoot... Is
there some way I can confirm whether or not what she's saying is
accurate? It seems likely that it just FEELS like more frequently than
90 days to her, but you never know-weird things can happen sometimes.
And since we only implemented password expiration relatively recently,
it's possible that I did something wrong. Although I'd have expected to
hear from a lot more people than just one if that's the case.

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

www.taylor.k12.fl.us

 

 
 
NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.


.

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win7 licensing question

[Joe Tinney]

Kurt,
We just inked an EA with MS at the start of the year and were told by 
our CDW rep that Enterprise was only available when you engaged into a 
Microsoft Enterprise (or similar, I'm sure) Agreement.

The SKU for Enterprise Edition with MDOP and SA: M7D-5
Description: EntDsktpwMDOP ALNG LicSAPk MVL

Microsoft has an online agreement creator/quote mechanism and I believe that 
provides you with SKU information.

Best of luck,
Joe

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Wednesday, March 10, 2010 4:14 PM
To: NT System Admin Issues
Subject: Win7 licensing question

All,

Our CDW rep has told our IT manager that there isn't actually a
separate SKU for Enterprise - it's just Pro with SA.

Huh? This doesn't make sense to me.

Can anyone confirm/disconfirm?

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Firefox forms issue

[Joe Tinney]

FWIW, I've been using Vista Home Premium at home for 2 years and use
Firefox religiously. It's seen version 2 and every upgrade since and
I've not seen a problem on my home machine, or any machine.

 

Good luck!

 

From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Monday, March 15, 2010 5:40 PM
To: NT System Admin Issues
Subject: Firefox forms issue

 

Hey guys I have a consulting client that is having an issue with Firefox
on Vista and forms.  Has anyone run into issues either displaying or
filling out web forms.  I just can't get the customer to let me have
access long enough to find the problem.  Thanks for any ideas of where
to look.  FYI testing with Firefox on 7 is NOT showing the same issue.
It is only being seen when it is Firefox on Vista.

 

Thanks again,

 

Jon

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Installing Win2K8 Server as DC Issue

[Joe Tinney]

Do you have any domain policies that may be applied to this machine
regarding the firewall or RDP?

 

From: John Bowles [mailto:john.bow...@wlkmmas.org] 
Sent: Thursday, March 18, 2010 4:29 PM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

Outside of enabling RDP on the DC, what can be preventing me from
RDP'ing into the server?  I have this issue with my Exchange 2K7 server
as well as DC.   I keep getting access is denied when trying to turn on
Windows Firewall on the DC.  

 

 

From: John Bowles [mailto:john.bow...@wlkmmas.org] 
Sent: Thursday, March 18, 2010 2:46 PM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

 

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, March 18, 2010 2:43 PM
To: NT System Admin Issues
Subject: Re: Installing Win2K8 Server as DC Issue

 

>>I cannot access the server remotely

 

Error message? No error message, after running DS role I am no longer
able to connect to server via RDP

 

 

 

>> the windows firewall service won't start

 

How are you determining this? This is determined by the service on the
server set to automatic but doesn't show's not started

 

What does the eventlog say?   Etc and so on.  Event log is throwing MS
DTC errors saying service cannot start.

 

 

>>The Windows Firewall is a pain in the arse if you ask me.

 

Because? Because it's always been a pain in the arss.  J

 


-ASB: http://XeeSM.com/AndrewBaker

On Thu, Mar 18, 2010 at 2:29 PM, John Bowles 
wrote:

All-


I'm trying to join a w2k8 r2 server to a windows 2003 domain.  

 

I've ran adprep /forestprep

Adprep /domain prep

Installed domain services under roles.. rebooted

 

Now when the server came up I cannot access the server remotely and the
windows firewall service won't start.  Just wondering what I did wrong
here?  The Windows Firewall is a pain in the arse if you ask me.  Any
help would be appreciated.

 

Thank you,

 

 

 

John Bowles

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Installing Win2K8 Server as DC Issue

[Joe Tinney]

I’d try running  RSoP against the machine while it is joined to the domain and 
review the policies/settings that are being applied to it.

 

Best of luck,

Joe

 

From: John Bowles [mailto:john.bow...@wlkmmas.org] 
Sent: Friday, March 19, 2010 10:36 AM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

Just another update.  

 

When I bring the server online and it’s sitting there in a workgroup everything 
works fine.  When I join it to the domain is when I start experiencing these 
issues.  So it sounds to me it’s a Group Policy issue, but where in GPO would 
it turn Windows Firewall off and prevent it from working properly.


Symptoms:

 

-Windows Firewall not working, nor will allow me to start it.

-Click on Windows Firewall in Server Manager and it gives me error (Windows 
Firewall w/Advanced Security failed to load.  Restart Windows Firewall on 
computer “Error code: 0X6D9”)

-Cannot RDP to server

-No ports open to Server

 

Thank you

 

John B.

From: John Bowles [mailto:john.bow...@wlkmmas.org] 
Sent: Friday, March 19, 2010 10:21 AM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

I keep getting an error that pop up that says: One or more logs in the query 
have errors

 

Directory Service Access Denied

 

 

This just keeps popping up out of nowhere.

 

From: John Cook [mailto:john.c...@pfsf.org] 
Sent: Thursday, March 18, 2010 8:10 PM
To: NT System Admin Issues
Subject: Re: Installing Win2K8 Server as DC Issue

 

What are the startup dependencies? What about the account it runs under? 



From: John Bowles 
To: NT System Admin Issues 
Sent: Thu Mar 18 19:30:19 2010
Subject: RE: Installing Win2K8 Server as DC Issue 

+1 

 

Jeff, that’s exactly the issue I’m having.  The Windows Firewall will not even 
start up or allow me to start it up to allow traffic to the DC.

 

From: Jackson, Jeff [mailto:jeff.jack...@rbza.com] 
Sent: Thursday, March 18, 2010 5:35 PM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

If I stop the Windows Firewall service on my 2008 servers, I can no longer RDP 
to it. So, what I meant by off is, the service is stopped, which is the case 
for John, who’s firewall service won’t start at all.

 

From: N Parr [mailto:npar...@mortonind.com] 
Sent: Thursday, March 18, 2010 2:22 PM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

What?  Firewall Off = Traffic Allowed

I have the firewall's off on my 2008 server and RDP to them just fine.

 



From: Jackson, Jeff [mailto:jeff.jack...@rbza.com] 
Sent: Thursday, March 18, 2010 4:17 PM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

The 2008 firewall is conservative. In my experience, if it’s turned off, no 
traffic is allowed inbound. So, you can’t RDP into because your firewall won’t 
start up to allow traffic in.

 

Jeff

 

From: John Bowles [mailto:john.bow...@wlkmmas.org] 
Sent: Thursday, March 18, 2010 1:29 PM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

Outside of enabling RDP on the DC, what can be preventing me from RDP’ing into 
the server?  I have this issue with my Exchange 2K7 server as well as DC.   I 
keep getting access is denied when trying to turn on Windows Firewall on the 
DC.  

 

 

From: John Bowles [mailto:john.bow...@wlkmmas.org] 
Sent: Thursday, March 18, 2010 2:46 PM
To: NT System Admin Issues
Subject: RE: Installing Win2K8 Server as DC Issue

 

 

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Thursday, March 18, 2010 2:43 PM
To: NT System Admin Issues
Subject: Re: Installing Win2K8 Server as DC Issue

 

>>I cannot access the server remotely

 

Error message? No error message, after running DS role I am no longer able to 
connect to server via RDP

 

 

 

>> the windows firewall service won’t start

 

How are you determining this? This is determined by the service on the server 
set to automatic but doesn’t show’s not started

 

What does the eventlog say?   Etc and so on.  Event log is throwing MS DTC 
errors saying service cannot start.

 

 

>>The Windows Firewall is a pain in the arse if you ask me.

 

Because? Because it’s always been a pain in the arss.  J

 


-ASB: http://XeeSM.com/AndrewBaker

On Thu, Mar 18, 2010 at 2:29 PM, John Bowles  wrote:

All-


I’m trying to join a w2k8 r2 server to a windows 2003 domain.  

 

I’ve ran adprep /forestprep

Adprep /domain prep

Installed domain services under roles.. rebooted

 

Now when the server came up I cannot access the server remotely and the windows 
firewall service won’t start.  Just wondering what I did wrong here?  The 
Windows Firewall is a pain in the arse if you ask me.  Any help would be 
appreciated.

 

Thank you,

 

 

 

John Bowles

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 



CONFIDENTIALITY STATEM

RE: Determining Password Complexity Requirements

[Joe Tinney]

John,

Try running secpol.msc (Local Security Policy) and looking at 
Account Policies > Password Policies and see if that differs from the 
information you are seeing in gpedit.msc (Local Group Policy). I can’t recall 
if they are different or if they operate independently, but it can’t hurt. 
Also, from my experience, this is one of those settings that doesn’t revert 
itself once the policy is no longer applied to the machine. I’ve had to go in 
and manually change this when we’ve needed to take the machines off the domain 
and use them for other purposes.

 

Best of luck,

Joe

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Friday, March 19, 2010 11:26 AM
To: NT System Admin Issues
Subject: Determining Password Complexity Requirements

 

We have a machine that the Army sent our ROTC folks, and it’s giving us a hard 
time. It’s not our standard machine, and came pre-configured from the Army. We 
joined it to our domain, and it seems to be picking up group policy from the 
domain—but a couple of things still aren’t right.

 

The biggest issue is that something on the machine seems to be requiring 
passwords of greater complexity than our domain policy requires. What I can’t 
figure out is (A.) why that is and (B.) what those requirements are. I had my 
technician run gpedit.msc on the machine and look under Computer Configuration 
-> Windows Settings -> Security Settings -> Account Policies -> Password 
Policy. All of the settings there match our regular domain settings. And yet 
every time she tries to set a local account’s password to one that we know 
meets those requirements (because it’s one we use on multiple machines with no 
problems), Windows pops up a dialog saying it doesn’t meet the requirements. 
But if we put in a (much) longer and more complex password, the system will 
take it.

 

I ran through the fix from MSKB 313222, but to no avail (although that did fix 
several other settings the Army had imposed on the machine).

 

So, what the heck? Where is this machine getting its ideas about password 
requirements from? And how can I determine what those requirements are?

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

www.taylor.k12.fl.us

 

 

 

 
 
 
NOTICE: Florida has a broad public records law. Most written communications to 
or from this entity are public records that will be disclosed to the public and 
the media upon request. E-mail communications may be subject to public 
disclosure.
 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Outlook 2007, constant hard disk thrashing.

[Joe Tinney]

PST = Personal Storage File. This is a file created by the user to store
mail to 'locally'. That is, not on the server. If you aren't using
Exchange, then all of your mail in Outlook goes into a PST. If you are
using Exchange, you move your mail there when you hit your quota.

OST = Offline Storage. This enables 'Cached Mode' - aka, the ability to
view your mail that is on the server without having connectivity to the
server.

Both files exist off the server. I won't say they reside on the local
machine because you can choose to put them where you wish. By default,
they live in %USERPROFILE%\Local Settings\Application
Data\Microsoft\Outlook. Not that PSTs exist by default.

If you want mail that you've moved to a PST (note the word move and not
copy) then you'll need to back it up. The OST for all intents and
purposes is disposable as it is meant to be an offline copy of the
server's information.

They do hold the mail in its entirety, including attachments.

-- This is all information I've picked up and discerned from using and
supporting the product and is as I understand it now. --

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Wednesday, October 21, 2009 5:44 PM
To: NT System Admin Issues
Subject: Re: Outlook 2007, constant hard disk thrashing.

Okay, I've been trying to following this, and as I know nothing of
Exchange/Outlook... perhaps I misunderstood something... Help me clear
this up:

These PST/OST files, they are located on the Client, or on the Server?

Because a 5TB partition just for a database on the server doesn't sound
so bad. But each client with a spare partition for a Mail client's
database file... that sounds ridiculous. And maybe that's where I'm
mistaken... am I?

If they're on the client, what does it hold? A copy of all the email
including attachments?

Does it need to be backed up?


--Matt Ross
Ephrata School District


- Original Message -
From: Ben Scott
[mailto:mailvor...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysad...@lyris.sunbelt-software.com]
Sent: Wed, 21 Oct 2009
11:25:30 -0700
Subject: Re: Outlook 2007, constant hard disk thrashing.


> On Wed, Oct 21, 2009 at 2:10 PM, Phillip Partipilo 
wrote:
> > Sure my PST file is about 5 gigs, but 2003 never did this.
> 
>   FWIW, we've found that for large PST/OST files, putting them on a
> dedicated hard disk partition helps Outlook 2003 performance
> significantly.  When mixed in with everything else, they fragment like
> crazy and performance goes to hell.  (And FYI, the Microsoft defrag
> utility apparently can't handle files > 2 GB.)
> 
> -- Ben
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Constantly getting locked of 2003 domain

[Joe Tinney]

A colleague of mine recently encountered this with his account. It turned out 
that he had stored his credentials on the machine and then, after he had to 
change his password, he started getting locked out. 

For Windows XP, there seem to be user-level and system-level stored passwords. 
You view them both similarly, but administrators stored passwords seem to 
always be stored at the system level. To view them, go to: Control Panel > User 
Accounts > Advanced > Manage Passwords.

Unfortunately, you can't view the user-level passwords from there and the only 
way I've found to view it via the GUI is to be logged in as that user. To view 
them when you are a non-admin, go to Control Panel > User Accounts. It will ask 
for an admin password but do not give it one. That would result in seeing the 
system level passwords you could see as an admin. At the bottom of that dialog 
box there is a link to manage your passwords. If you click on that link you can 
see your user-level stored passwords.

You can also run "rundll32.exe keymgr.dll, KRShowKeyMgr" without the quotes and 
it will pull up the Stored Passwords window.

It may not be the issue at all but it has been in the past here.

Good luck!

-Original Message-
From: Jimmy Tran [mailto:jt...@teachtci.com] 
Sent: Wednesday, October 21, 2009 6:56 PM
To: NT System Admin Issues
Subject: RE: Constantly getting locked of 2003 domain

I went to the link and everything checked out ok.  This machine isn't mission 
critical so I could reimage it but I'd like to try to figure out the problem.

Thanks,

Jimmy

-Original Message-
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Tuesday, October 20, 2009 6:20 PM
To: NT System Admin Issues
Subject: RE: Constantly getting locked of 2003 domain


Those random letter strings at the bottom are not good. This worm usually 
blocks most of the anti-virus websites. See if you can get to trendmicro.com or 
mcafee or symantec. Or hit this link and see if you can see their logo's

http://www.confickerworkinggroup.org/infection_test/cfeyechart.html

Can you just fdisk this machine, or is it mission critical?


From: Jason Morris [jmor...@mjmc.com]
Sent: Tuesday, October 20, 2009 4:46 PM
To: NT System Admin Issues
Subject: RE: Constantly getting locked of 2003 domain

Sorry, missed CurrentVersion

[cid:image002.png@01CA519C.8D4C8230]

From: Jimmy Tran [mailto:jt...@teachtci.com]
Sent: Tuesday, October 20, 2009 3:33 PM
To: NT System Admin Issues
Subject: RE: Constantly getting locked of 2003 domain

This is what I get which looks normal:



[cid:image003.png@01CA519C.8D4C8230]

Jimmy

From: Jason Morris [mailto:jmor...@mjmc.com]
Sent: Tuesday, October 20, 2009 1:10 PM
To: NT System Admin Issues
Subject: RE: Constantly getting locked of 2003 domain

Thats because Conficker runs as the Network Services Account.

Look under:
HKLM\Software\Microsoft\Windows NT\SVCHost\NETSVCS and see if there is any 
gobbledygook at the bottom of the entries. Ths your DLL that is running under 
Windows\System32.



From: Jimmy Tran [mailto:jt...@teachtci.com]
Sent: Tuesday, October 20, 2009 3:08 PM
To: NT System Admin Issues
Subject: RE: Constantly getting locked of 2003 domain

No services running under my account when logged in as a different user.
Jimmy


From: Roger Wright [mailto:rhw...@gmail.com]
Sent: Tuesday, October 20, 2009 1:06 PM
To: NT System Admin Issues
Subject: Re: Constantly getting locked of 2003 domain

Any services running under your account with an old password?


Roger Wright
___

Sent from Tampa, FL, United States
On Tue, Oct 20, 2009 at 4:00 PM, Jimmy Tran 
mailto:jt...@teachtci.com>> wrote:
Every 5 minutes or so, I get lock out of our domain.  I ran EventCombMT and 
traced it back to a specific machine.  Does anyone have any suggestions on what 
I can do to figure out what program/service is attempting to contact the DC 
with an incorrect password?ve been dealing with this all morning and it is 
driving me crazy.


Windows 2003 Domain
Windows XP SP3 machine

Thanks,

Jimmy


















--

The pages accompanying this email transmission contain information from MJMC, 
Inc., which

is confidential and/or privileged. The information is to be for the use of the 
individual

or entity named on this cover sheet. If you are not the intended recipient, you 
are

hereby notified that any disclosure, dissemination, distribution, or copying of 
this

communication is strictly prohibited. If you received this transmission in 
error, please

immediately notify us by telephone so that we can arrange for the retrieval of 
the original

document.









--
The pages accompanying this email transmission contain information from MJMC, 
Inc., which
is confidential and/or privileged. The informati

RE: Outlook 2007, constant hard disk thrashing.

[Joe Tinney]

I like Sysinternals contig.exe to do my 'on the spot' defragmentation.
It is just simply a defragmenter so other applications, like Defraggler,
would surely find some space to add value.

The note about Outlook being closed is still valid concerning contig:
Outlook locks OSTs and PSTs when it opens them.

-Original Message-
From: Sam Cayze [mailto:sam.ca...@rollouts.com] 
Sent: Wednesday, October 21, 2009 10:55 PM
To: NT System Admin Issues
Subject: RE: Outlook 2007, constant hard disk thrashing.

I've been testing Defraggler file-level defrag for OST's (Mine range
from 2GB to 15GB for our users).  We have NO issues with Outlook speed,
but I figured it might help and be good measure.  It's hard to really
gauge the benefit...

df.exe C:\Users\Sam\AppData\Local\Microsoft\Outlook\outlook.ost /large

Will defrag just that file, and move it to the end of the drive.
Obviously it would have to run when outlook isn't open.  (Startup
script).

http://docs.piriform.com/defraggler

Sam


-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Wednesday, October 21, 2009 8:30 PM
To: NT System Admin Issues
Subject: Re: Outlook 2007, constant hard disk thrashing.

On Wed, Oct 21, 2009 at 5:43 PM, Matthew W. Ross
 wrote:
> These PST/OST files, they are located on the Client, or on the Server?

  Joe Tinney answered this pretty well, I'll just add that starting
with Outlook 2003, by default, the OST (Offline Store) is used to keep
a cached copy of the server mailbox even when nominally online.
Outlook uses that cache for most operations, and only sync's it to the
server every few minutes or so.

> But each client with a spare partition for a Mail
> client's database file... that sounds ridiculous.

  It is severely annoying, to be sure.  We only do it for those with
the giant mondo mailboxes, basically anything over 2 GB in size.  What
we really need is an archiving solution, but haven't been able to get
money for one yet.  Exchange 2010 is supposed to have a basic solution
in that area, and I'm hoping that will be good for us.

  Again, we're talking a single file, several GB in size, that gets
highly fragmented.  I don't really put too much blame on Outlook here.
 While I suspect Outlook could probably be more efficient, there's
only so much you can do under those conditions.

  Clients that never leave the LAN have cached mode disabled.  They
always talk to the server then.  Exchange performs very well, even
with a 70 GB plus server database in a single file that's probably
more fragmented than I want to think about.

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: "Post" instead of "Send" button in Outlook 2007?

[Joe Tinney]

You can post to any mail folder in Outlook. 

I'm not sure how you would have gotten it when doing a reply but you can
go to New > Post in this Folder and see the behavior described by Mike.

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Friday, October 23, 2009 4:35 PM
To: NT System Admin Issues
Subject: RE: "Post" instead of "Send" button in Outlook 2007?

 

"post" = send to public folder.  Are you reading list messages in a
public folder?  Checked all the public folders for your missing post?

 

Carl

 

 

From: Mike Gill [mailto:lis...@canbyfoursquare.com] 
Sent: Friday, October 23, 2009 4:30 PM
To: NT System Admin Issues
Subject: "Post" instead of "Send" button in Outlook 2007?

 

I just replied to a post in the Mac thread (ctrl+r, like I usually do),
and when I went to hit Send, the button said "Post" instead. There was
no CC/BCC fields, and the rest of the window looked had a different feel
to it. Gah, I was too quick and hit "Post" before I realized "hey this
is different" and missed taking a screenshot or remembering the details.
After a few minutes, it appears my reply didn't make it through, and
it's not in my Sent Items folder either. I tried replying over and over
again to the same post and others to get the window back. Weird. Anyone
seen this?

 

-- 
Mike Gill

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Kace KBOX systems

[Joe Tinney]

We just bought the Virtual KBOX 1100 and are currently going through
their training and implementation. Anything specific you are looking
for? 

So far, everything is working as advertised and it hasn't ruined the 11
machines I have the agent on. 

 

I'm pleased with it so far.

 

From: tony patton [mailto:tony.pat...@quinn-insurance.com] 
Sent: Thursday, October 29, 2009 5:39 AM
To: NT System Admin Issues
Subject: Kace KBOX systems

 

Morning all, 

Anyone here have any experience with Kace? 

In particular their Kbox 1100 Sysmtems Management Appliances. 
http://www.kace.com/products/systems-management-appliance/index.php
  

All comments appreciated. 

Regards

Tony Patton
Desktop Operations Cavan
Ext 8078
Direct Dial 049 435 2878
email: tony.pat...@quinn-insurance.com


http://www.quinn-insurance.com
 
This e-mail is intended only for the addressee named above. The contents
should not be copied nor disclosed to any other person. Any views or
opinions expressed are solely those of the sender and
do not necessarily represent those of QUINN-Insurance, unless otherwise
specifically stated . As internet communications are not secure,
QUINN-Insurance is not responsible for the contents of this message nor
responsible for any change made to this message after it was sent by the
original sender. Although virus scanning is used on all inbound and
outbound e-mail, we advise you to carry out your own virus check before
opening any attachment. We cannot accept liability for any damage
sustained
as a result of any software viruses.
 

 
QUINN-Life Direct Limited is regulated by the Financial Regulator.
QUINN-Insurance Limited is regulated by the Financial Regulator and
regulated by the Financial Services Authority for the conduct of UK
business.
 

 
QUINN-Life Direct Limited is registered in Ireland, registration number
292374 and is a private company limited by shares.
QUINN-Insurance Limited is registered in Ireland, registration number
240768 and is a private company limited by shares.
Both companies have their head office at Dublin Road, Cavan, Co. Cavan.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Kace KBOX systems

[Joe Tinney]

Right now, with the agent dormant on my machine, it is taking up 7MB of
memory. The memory usage does jump up there when it is actually doing
stuff, but that shouldn't be too often. If you did a patch detection
once a week you would still be detecting 4 times more often than patches
are generally released.

 

You are correct in that you cannot create a Managed Software
Installation for a product that has not yet been detected but it can be
deployed via the Scripting functionality if you needed to get it done. I
wish they would let you give all the details of the software to be
deployed in the case that it hasn't been installed anywhere yet and
therefore not detected..

 

KBOX can update drivers for any product that Dell supports with their
Open Manage platform. I believe that starts at Dell's Optiplex 7xx
series and greater for desktops and Latitude E5xxx series and greater
for laptops. Servers are in the Open Manage platform, also, so they have
drivers for that.

 

I have deployed a handful of patches and Adobe Reader 9 as a test. 

 

The Adobe deployment went great but the patching took a while to
execute. It was over a WAN and also on some old Dell Dimension desktops
so I was going more for success than speed on those tests.

 

I have been into Reporting but I haven't had a real cause to report on
anything yet so I've just used the standard reports.

 

From: tony patton [mailto:tony.pat...@quinn-insurance.com] 
Sent: Thursday, October 29, 2009 10:38 AM
To: NT System Admin Issues
Subject: RE: Kace KBOX systems

 

I installed the eval vm last night, found it pretty good, but it's the
previous version. 
Noticed the agent was a bit heavy at ~20mb, other than that I liked it. 
Found it a bit strange that you couldn't add software for distribution
until it had been installed on a PC and picked up in the inventory. 

We would be looking at it for inventory, patch management and software
distribution mainly. 

We're also evaluating Symantec Altiris Management Console as we're a
dell shop and it allows us to control the hardware, but it's not very
intuitive and it's slower than an elephant in a tarpit. 

Have you played much yet with deploying apps/patches or the reporting
aspect of it? 

Regards

Tony Patton
Desktop Operations Cavan
Ext 8078
Direct Dial 049 435 2878
email: tony.pat...@quinn-insurance.com 



From: 

"Joe Tinney"  

To: 

"NT System Admin Issues"  

Date: 

29/10/2009 13:33 

Subject: 

RE: Kace KBOX systems

 






We just bought the Virtual KBOX 1100 and are currently going through
their training and implementation. Anything specific you are looking
for? 
So far, everything is working as advertised and it hasn't ruined the 11
machines I have the agent on. 
  
I'm pleased with it so far. 
  
From: tony patton [mailto:tony.pat...@quinn-insurance.com
<mailto:tony.pat...@quinn-insurance.com> ] 
Sent: Thursday, October 29, 2009 5:39 AM
To: NT System Admin Issues
Subject: Kace KBOX systems 
  
Morning all, 

Anyone here have any experience with Kace? 

In particular their Kbox 1100 Sysmtems Management Appliances. 
http://www.kace.com/products/systems-management-appliance/index.php
<http://www.kace.com/products/systems-management-appliance/index.php>  

All comments appreciated. 

Regards

Tony Patton
Desktop Operations Cavan
Ext 8078
Direct Dial 049 435 2878
email: tony.pat...@quinn-insurance.com 
 
http://www.quinn-insurance.com <http://www.quinn-insurance.com/>  
  
This e-mail is intended only for the addressee named above. The contents

should not be copied nor disclosed to any other person. Any views or 
opinions expressed are solely those of the sender and 
do not necessarily represent those of QUINN-Insurance, unless otherwise 
specifically stated . As internet communications are not secure, 
QUINN-Insurance is not responsible for the contents of this message nor 
responsible for any change made to this message after it was sent by the

original sender. Although virus scanning is used on all inbound and 
outbound e-mail, we advise you to carry out your own virus check before 
opening any attachment. We cannot accept liability for any damage
sustained 
as a result of any software viruses. 
  
 
  
QUINN-Life Direct Limited is regulated by the Financial Regulator. 
QUINN-Insurance Limited is regulated by the Financial Regulator and 
regulated by the Financial Services Authority for the conduct of UK 
business. 
  
 
  
QUINN-Life Direct Limited is registered in Ireland, registration number 
292374 and is a private company limited by shares. 
QUINN-Insurance Limited is registered in Ireland, registration number 
240768 and is a pri

RE: Kace KBOX systems

[Joe Tinney]

Jimmy,

Any issues in particular that you've had that you can
share with regards to managing Macs? We have a handful that will be
going on the KBOX. During our 'Test Drive' I upgraded one of them to the
latest release of 10.5 without issue but I didn't do anything fancy.

 

TIA,

Joe

 

From: Jimmy Tran [mailto:jt...@teachtci.com] 
Sent: Thursday, October 29, 2009 11:55 AM
To: NT System Admin Issues
Subject: RE: Kace KBOX systems

 

I use that on my network here.  It has its pro's and con's.  It's
Windows support is great.  My Macs here haven't worked very well with
KBOX.  Their patching has improved but I'm still having some issues with
Macs.  Is there anything specific you want to know?

 

Jimmy

 

From: tony patton [mailto:tony.pat...@quinn-insurance.com] 
Sent: Thursday, October 29, 2009 2:39 AM
To: NT System Admin Issues
Subject: Kace KBOX systems

 

Morning all, 

Anyone here have any experience with Kace? 

In particular their Kbox 1100 Sysmtems Management Appliances. 
http://www.kace.com/products/systems-management-appliance/index.php
  

All comments appreciated. 

Regards

Tony Patton
Desktop Operations Cavan
Ext 8078
Direct Dial 049 435 2878
email: tony.pat...@quinn-insurance.com


http://www.quinn-insurance.com
 
This e-mail is intended only for the addressee named above. The contents
should not be copied nor disclosed to any other person. Any views or
opinions expressed are solely those of the sender and
do not necessarily represent those of QUINN-Insurance, unless otherwise
specifically stated . As internet communications are not secure,
QUINN-Insurance is not responsible for the contents of this message nor
responsible for any change made to this message after it was sent by the
original sender. Although virus scanning is used on all inbound and
outbound e-mail, we advise you to carry out your own virus check before
opening any attachment. We cannot accept liability for any damage
sustained
as a result of any software viruses.
 

 
QUINN-Life Direct Limited is regulated by the Financial Regulator.
QUINN-Insurance Limited is regulated by the Financial Regulator and
regulated by the Financial Services Authority for the conduct of UK
business.
 

 
QUINN-Life Direct Limited is registered in Ireland, registration number
292374 and is a private company limited by shares.
QUINN-Insurance Limited is registered in Ireland, registration number
240768 and is a private company limited by shares.
Both companies have their head office at Dublin Road, Cavan, Co. Cavan.

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

OT: Smartboard Software Recommendations

[Joe Tinney]

Guys and gals,

I'm looking for suggestions/options on smartboard
software. I've been tasked with the planning (on the IT side of things)
on how to implement two smart boards, a SMART brand mobile board and a
wall mounted Promethean board. I am a total n00b to this so any general
pointers would be great as well. The equipment has already been
purchased but the software has not.

 

A few general questions:

1)  What is everyone using for software? (the free version, pay for
version, etc)

2)  Is there 'universal' software that can be used? (looking to only
have to deploy one package instead of 2)

3)  Are there any good/great 3rd party products that can be used to
enhance this in a business environment?

4)  Does anyone have any experience deploying the software required
for Promethean and SMART boards that doesn't involve the use of the
sneakernet and user interaction?

 

It looks like this technology is primarily used in an educational
environment. We are not an educational facility and our goal is to use
these to enhance business meetings and presentations. Any information
that you have to contribute from that angle would be great.

 

Thanks in advance,

Joe 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Smartboard Software Recommendations

[Joe Tinney]

That's a good thought. On the similar KBOX note, they have a 'software
portal' that allows users to initiate the install of software that has
been approved of them. This may be the first bit of software that we put
in that space. The rest of our software is pretty standard.

 

From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] 
Sent: Friday, October 30, 2009 2:21 PM
To: NT System Admin Issues
Subject: RE: Smartboard Software Recommendations

 

Sorry, didn't answer the deploy issue.

 

We deploy software that requires admin privs via a web page. We put the
install up on a share, then use Wingnut Software's RUNas utility to run
it with an elevated account. Anyone wants the software they go there and
click the download. The RunAs was a real deal...like a hundred bucks or
so for a our whole domain. JoeWare also has a free version but I like
Wingnut's because it is encrypted.

 

 

 

From: Kennedy, Jim 
Sent: Friday, October 30, 2009 2:17 PM
To: NT System Admin Issues
Subject: RE: Smartboard Software Recommendations

 

If you bought a SMART brand then you got a license for Smart Notebook
and that is what I would recommend. We are edu but the software is not
at all specific to edu needs. It will do a good job for you and we have
found it to be very stable and dependable. Just turn off the automatic
updates when you install it. The nags for none admin users will drive
them crazy, they update the software 10 or 15 times a day. Ok, not that
much but it seems like it.

 

 

 

From: Joe Tinney [mailto:jtin...@lastar.com] 
Sent: Friday, October 30, 2009 2:14 PM
To: NT System Admin Issues
Subject: OT: Smartboard Software Recommendations

 

Guys and gals,

I'm looking for suggestions/options on smartboard
software. I've been tasked with the planning (on the IT side of things)
on how to implement two smart boards, a SMART brand mobile board and a
wall mounted Promethean board. I am a total n00b to this so any general
pointers would be great as well. The equipment has already been
purchased but the software has not.

 

A few general questions:

1)  What is everyone using for software? (the free version, pay for
version, etc)

2)  Is there 'universal' software that can be used? (looking to only
have to deploy one package instead of 2)

3)  Are there any good/great 3rd party products that can be used to
enhance this in a business environment?

4)  Does anyone have any experience deploying the software required
for Promethean and SMART boards that doesn't involve the use of the
sneakernet and user interaction?

 

It looks like this technology is primarily used in an educational
environment. We are not an educational facility and our goal is to use
these to enhance business meetings and presentations. Any information
that you have to contribute from that angle would be great.

 

Thanks in advance,

Joe 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Smartboard Software Recommendations

[Joe Tinney]

That requirement is one that I also have to work out. We have discussed
deployment and installation on individual laptops if the licensing and
deployment options allow for that easily and affordably. Otherwise, we
would look at putting up standalone stations. Those bring other
challenges regarding file retrieval, etc, that would have to be worked
out. 

 

From: Kevin Lundy [mailto:klu...@gmail.com] 
Sent: Friday, October 30, 2009 2:26 PM
To: NT System Admin Issues
Subject: Re: Smartboard Software Recommendations

 

Just curious - are users needing it for laptops they bring into a room?
Or is there some functionality I may have missed?

 

We have a dedicated computer in each conference room, so we install it
there.

On Fri, Oct 30, 2009 at 2:20 PM, Kennedy, Jim
 wrote:

Sorry, didn't answer the deploy issue.

 

We deploy software that requires admin privs via a web page. We put the
install up on a share, then use Wingnut Software's RUNas utility to run
it with an elevated account. Anyone wants the software they go there and
click the download. The RunAs was a real deal...like a hundred bucks or
so for a our whole domain. JoeWare also has a free version but I like
Wingnut's because it is encrypted.

 

 

 

From: Kennedy, Jim 
Sent: Friday, October 30, 2009 2:17 PM 


To: NT System Admin Issues

Subject: RE: Smartboard Software Recommendations 

 

If you bought a SMART brand then you got a license for Smart Notebook
and that is what I would recommend. We are edu but the software is not
at all specific to edu needs. It will do a good job for you and we have
found it to be very stable and dependable. Just turn off the automatic
updates when you install it. The nags for none admin users will drive
them crazy, they update the software 10 or 15 times a day. Ok, not that
much but it seems like it.

 

 

 

From: Joe Tinney [mailto:jtin...@lastar.com] 
Sent: Friday, October 30, 2009 2:14 PM
To: NT System Admin Issues
Subject: OT: Smartboard Software Recommendations

 

Guys and gals,

I'm looking for suggestions/options on smartboard
software. I've been tasked with the planning (on the IT side of things)
on how to implement two smart boards, a SMART brand mobile board and a
wall mounted Promethean board. I am a total n00b to this so any general
pointers would be great as well. The equipment has already been
purchased but the software has not.

 

A few general questions:

1)  What is everyone using for software? (the free version, pay for
version, etc)

2)  Is there 'universal' software that can be used? (looking to only
have to deploy one package instead of 2)

3)  Are there any good/great 3rd party products that can be used to
enhance this in a business environment?

4)  Does anyone have any experience deploying the software required
for Promethean and SMART boards that doesn't involve the use of the
sneakernet and user interaction?

 

It looks like this technology is primarily used in an educational
environment. We are not an educational facility and our goal is to use
these to enhance business meetings and presentations. Any information
that you have to contribute from that angle would be great.

 

Thanks in advance,

Joe 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Smartboard Software Recommendations

[Joe Tinney]

Thanks to everyone for their responses and experiences.

 

From: Kevin Lundy [mailto:klu...@gmail.com] 
Sent: Friday, October 30, 2009 3:32 PM
To: NT System Admin Issues
Subject: Re: Smartboard Software Recommendations

 

Ahh.  We aren't using them like that.  We just use the software to make
it a touch screen and to capture any drawings.

On Fri, Oct 30, 2009 at 2:27 PM, Kennedy, Jim
 wrote:

We too have dedicated machines for the screens but what happens is they
want to make presentations on their own computer so they want the
software on it to create then they show it on the dedicated machines.

 

 

 

From: Kevin Lundy [mailto:klu...@gmail.com] 
Sent: Friday, October 30, 2009 2:26 PM 


To: NT System Admin Issues

Subject: Re: Smartboard Software Recommendations 

 

Just curious - are users needing it for laptops they bring into a room?
Or is there some functionality I may have missed?

 

We have a dedicated computer in each conference room, so we install it
there.

On Fri, Oct 30, 2009 at 2:20 PM, Kennedy, Jim
 wrote:

Sorry, didn't answer the deploy issue.

 

We deploy software that requires admin privs via a web page. We put the
install up on a share, then use Wingnut Software's RUNas utility to run
it with an elevated account. Anyone wants the software they go there and
click the download. The RunAs was a real deal...like a hundred bucks or
so for a our whole domain. JoeWare also has a free version but I like
Wingnut's because it is encrypted.

 

 

 

From: Kennedy, Jim 
Sent: Friday, October 30, 2009 2:17 PM 


To: NT System Admin Issues

Subject: RE: Smartboard Software Recommendations 

 

If you bought a SMART brand then you got a license for Smart Notebook
and that is what I would recommend. We are edu but the software is not
at all specific to edu needs. It will do a good job for you and we have
found it to be very stable and dependable. Just turn off the automatic
updates when you install it. The nags for none admin users will drive
them crazy, they update the software 10 or 15 times a day. Ok, not that
much but it seems like it.

 

 

 

From: Joe Tinney [mailto:jtin...@lastar.com] 
Sent: Friday, October 30, 2009 2:14 PM
To: NT System Admin Issues
Subject: OT: Smartboard Software Recommendations

 

Guys and gals,

I'm looking for suggestions/options on smartboard
software. I've been tasked with the planning (on the IT side of things)
on how to implement two smart boards, a SMART brand mobile board and a
wall mounted Promethean board. I am a total n00b to this so any general
pointers would be great as well. The equipment has already been
purchased but the software has not.

 

A few general questions:

1)  What is everyone using for software? (the free version, pay for
version, etc)

2)  Is there 'universal' software that can be used? (looking to only
have to deploy one package instead of 2)

3)  Are there any good/great 3rd party products that can be used to
enhance this in a business environment?

4)  Does anyone have any experience deploying the software required
for Promethean and SMART boards that doesn't involve the use of the
sneakernet and user interaction?

 

It looks like this technology is primarily used in an educational
environment. We are not an educational facility and our goal is to use
these to enhance business meetings and presentations. Any information
that you have to contribute from that angle would be great.

 

Thanks in advance,

Joe 

 

 

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Trying to get IAS to log to SQL

[Joe Tinney]

What version of SQL?

 

From: David W. McSpadden [mailto:dav...@imcu.com] 
Sent: Thursday, November 05, 2009 10:37 AM
To: NT System Admin Issues
Subject: Re: Trying to get IAS to log to SQL

 

Got it all set up.

ODBC connection to my SQL server on another box.

Nothing.

 

From: Chris Orovet   

Sent: Friday, October 30, 2009 3:24 PM

To: NT System Admin Issues
  

Subject: RE: Trying to get IAS to log to SQL

 

http://technet.microsoft.com/en-us/library/cc778830(WS.10).aspx 

 

Regards,

 

Chris Orovet  Technical Support

 
O: (727)812-0276 Ext. 125

F: (727)812-0278

Email: supp...@atsi-inc.com

Web: http://www.atsi-inc.com

 

 

"Whatever relationships you have attracted in your life at this moment,
are precisely the ones you need in your life at this moment. There is a
hidden meaning behind all events, and this hidden meaning is serving
your own evolution." ~Chopra

 

Confidentiality Notice: This e-mail message and any attachments are for
the sole use of the intended recipient and may contain proprietary,
confidential, trade secret or privileged information. Any unauthorized
review, use, disclosure, or distribution is prohibited and may be a
violation of law. If you are not the intended recipient or a person
responsible for delivering this message to an intended recipient, please
contact the sender by reply e-mail and destroy all copies of the
original message immediately. 

 

From: David W. McSpadden [mailto:dav...@imcu.com] 
Sent: Friday, October 30, 2009 2:29 PM
To: NT System Admin Issues
Subject: Trying to get IAS to log to SQL

 

I have failed.

How do I get SQL to accept the incoming traffic?

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: NewSID retired - The Machine SID Duplication Myth

[Joe Tinney]

The verbage was that SID regeneration was _optional_ in new versions of
sysprep.
See the section of the article marked "The New Best Practice":
"Microsoft's official policy on SID duplication will also now change and
look for Sysprep to be updated in the future to skip SID generation as
an option."

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Thursday, November 05, 2009 2:18 PM
To: NT System Admin Issues
Subject: Re: NewSID retired - The Machine SID Duplication Myth

On Thu, Nov 5, 2009 at 9:32 AM, Andrew S. Baker 
wrote:
> I don't think that Mark was saying that the local machine SID doesn't
> matter ...

  Not in those words, but I can't see any other way to interpret
things.  He said that there was no need to worry about it being
unique, and so NewSID is now retired, and the SID functionality is
slated to be removed from SYSPREP.

> He is pretty much concluding that there are no known scenarios where
the
> machine SID is needed outside of the machine, and thus no need for it
to be
> unique across machines.

  Indeed, and I think that's the problem a lot of people have.  There
is a world of difference between "There is no known problem" and "It
is known there are no problems".

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Disk benchmark

[Joe Tinney]

Microsoft SQLIO. No reboot, single executable. Command line.

 

From: Glen Johnson [mailto:gjohn...@vhcc.edu] 
Sent: Monday, November 09, 2009 1:32 PM
To: NT System Admin Issues
Subject: Disk benchmark

 

I've got a couple servers here that don't seem to be as responsive as I
think they should be.

Network and CPU usage is not maxed out and so I'm thinking maybe the
disk isn't optimum.

Anyone have a quick and dirty script or program that will give me read
and write speed for the drives.

What I really like to do is compare performance between two or three
machines.

Also, would rather not have to install a program and one that requires a
reboot is out of the question.

TIA.

Glen.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Moving LOCAL users from one computer to another

[Joe Tinney]

Microsoft USMT (User State Migration Tool) will scan and move all users
or a list of users to another machine, both local and domain users. You
can configure what USMT moves by editing the XML files it uses.

 

Definitely read up about it on TechNet as they will give you example
command lines and explain how it functions.

 

From: Marty Nelson [mailto:mnel...@transdyn.com] 
Sent: Thursday, November 19, 2009 11:40 AM
To: NT System Admin Issues
Subject: RE: Moving LOCAL users from one computer to another

 

I'll bump this once hoping to catch those who didn't see it the first
time. 

 

Is there a way to transfer local users from one machine to another.
Both machines are W2K3 patched, and neither are domain controllers.

 

Or am I stuck recreating each account?

 

-Marty

 

From: Marty Nelson [mailto:mnel...@transdyn.com] 
Sent: Tuesday, November 17, 2009 1:47 PM
To: NT System Admin Issues
Subject: RE: Moving LOCAL users from one computer to another

 

Please let me apologize!

 

Both servers are running Windows Server 2003 (Patched to the gills).
The users are local users created to use a resource on that specific
machine and because some are people who do not work here, in fact come
are clients, creating domain accounts on the server itself seemed like
the best thing to do at the time.  They have no access to anything, no
permissions to do anything else, nada.  

 

I was really hoping I wouldn't have to create all new accounts.  L  

 

-Marty

 

From: Ben Schorr [mailto:b...@rolandschorr.com] 
Sent: Tuesday, November 17, 2009 1:04 PM
To: NT System Admin Issues
Subject: RE: Moving LOCAL users from one computer to another

 

Which OS?

 

Ben M. Schorr
Chief Executive Officer
__
Roland Schorr & Tower
www.rolandschorr.com  
b...@rolandschorr.com

 

From: Marty Nelson [mailto:mnel...@transdyn.com] 
Sent: Tuesday, November 17, 2009 10:50 AM
To: NT System Admin Issues
Subject: Moving LOCAL users from one computer to another

 

Is there a way out there that would allow me to do that without having
to recreate all of the users manually?

 

I'm currently on Google looking around but most articles deal with
moving user accounts on a domain.

 

Any help would be appreciated.

 

Thanks!

 

-Marty

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: A bit OT: home networking quirk

[Joe Tinney]

The icon you are talking about is for shared media, etc. Sounds like the
Windows 7 machines options for sharing media (in Vista, this option is
controlled from within Media Player > Library > Sharing or something
like that). That is all well and good, but that is really a function of
allowing the two media players and/or centers talking to each other
freely and sharing media. It doesn't do anything for your in regards to
accessing explicit network shares via Windows Exporer.

 

Have you tried turning off the Windows 7 firewall to see if you can
connect then? You may need to put in some rules to allow the Vista box
to connect.

 

What have you defined the network connection as: home/work/public? The
firewall settings will be different depending on that choice.

 

From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] 
Sent: Monday, November 23, 2009 11:05 AM
To: NT System Admin Issues
Subject: A bit OT: home networking quirk

 


Greetings! 

I bought a new laptop that came with Win7 Home Premium.  My destkop box
is Vista Home Premium.  I decided to "connect" them... 

The Win7 box "sees" the Vista shares (and the printer) just fine. 

The Vista box apparently sees the Win7 box as some sort of media.  When
I try to open the Win7 share from Vista, it insists on opening in Media
Player.  ("Open with..." is not an option.  It also has some strange
little icon which, to my surgically altered eyes, looks like a little
strip of movie film.  The local Vista file and folder icons in the
network view show as file and folder icons and not "media" icons.) 

As far as grabbing bookmarks, etc, from the Vista machine, I can do that
from the Win7 end.  Any ideas as to why things are screwy at the Vista
end?  (That it is Vista Home Premium is a possible explanation.) 

Thanks!
-- 
Richard D. McClary 
Systems Administrator, Information Technology Group 
  
ASPCA(r) 
1717 S. Philo Rd, Ste 36 
Urbana, IL  61802 
  
richardmccl...@aspca.org 
  
P: 217-337-9761 
C: 217-417-1182 
F: 217-337-9761 
www.aspca.org   
  

The information contained in this e-mail, and any attachments hereto, is
from The American Society for the Prevention of Cruelty to Animals(r)
(ASPCA(r)) and is intended only for use by the addressee(s) named herein
and may contain legally privileged and/or confidential information. If
you are not the intended recipient of this e-mail, you are hereby
notified that any dissemination, distribution, copying or use of the
contents of this e-mail, and any attachments hereto, is strictly
prohibited. If you have received this e-mail in error, please
immediately notify me by reply email and permanently delete the original
and any copy of this e-mail and any printout thereof. 
  

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Anyone Seeing Weird WSUS behavior with Root Cert Updates this morning?

[Joe Tinney]

+1 on all accounts here. Two machines at least right now. I tried
restarting the Automatic Updates services and removing the
SoftwareDistribution folder but no dice. It still came back. 

 

From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] 
Sent: Tuesday, November 24, 2009 8:41 AM
To: NT System Admin Issues
Subject: RE: Anyone Seeing Weird WSUS behavior with Root Cert Updates
this morning?

 

Mine says it is a "expired update"

 

 

 



From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Tuesday, November 24, 2009 8:38 AM
To: NT System Admin Issues
Subject: Re: Anyone Seeing Weird WSUS behavior with Root Cert Updates
this morning?

Yes, I did. I got that sick of it I declined the updatesprobably not
the best move, but as far as I was aware these updates were installed
quite a while ago.

2009/11/24 N Parr 

For some reason my WSUS said there was a new Root Cert update available
(May) last night.  Now I have some workstations stuck looping the
install for the Sept and the latest update.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: Anyone Seeing Weird WSUS behavior with Root Cert Updates this morning?

[Joe Tinney]

I got the issue to go away by declining all of the superseded updates
for 931125. The latest one is still approved for install. Honestly, they
should have been anyway. I'd been warned of this by my predecessor and
this is the first time I've seen the updates fight. 

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Tuesday, November 24, 2009 8:38 AM
To: NT System Admin Issues
Subject: Re: Anyone Seeing Weird WSUS behavior with Root Cert Updates
this morning?

 

Yes, I did. I got that sick of it I declined the updatesprobably not
the best move, but as far as I was aware these updates were installed
quite a while ago.

2009/11/24 N Parr 

For some reason my WSUS said there was a new Root Cert update available
(May) last night.  Now I have some workstations stuck looping the
install for the Sept and the latest update.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Powershell and enumerating/removing group membership

[Joe Tinney]

This should just return the name of the manager of a user. 

Get-QADUser (Get-QADUser user).Manager | Select Name

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Monday, November 30, 2009 3:00 PM
To: NT System Admin Issues
Subject: Re: Powershell and enumerating/removing group membership

On Mon, Nov 30, 2009 at 10:33, Steven Peck  wrote:



> However, a little 'select' work will clear that up.
> get-qadmemberof sepeck | select Name

This works well. Thanks for that.

>
> Get-QADMemberOf sepeck | Get-QADGroup | select Name, managedby
>
> Now that will get you the fqdn of managed by field which is annoying.
> I have a script somewhere that filters it better but have a meeting to
> go to.  So maybe that will get you started on data collection part and
> will look for the script after the meeting gets out.

Sorry, I was not clear - this gets the manager of the group, and what
I want is the manager of the employee. I've found an incantation that
returns the DN of the manager:

 'get-qadobject -displayname "kbuff" | select manager'

so I should be able to work out how to slice that up and return just
the name, or to clear the field, I think. I may come back for some
advice on that.

> Automatically doing something in exchange 2003 is not something I have
> done a lot of.  Just wmi stuff for data gathering.

This is probably not about Exchange stuff, but I mentioned it just in case.

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Black Screen woes could affect millions on Windows 7, Vista and XP

[Joe Tinney]

MSRC Team response:
http://blogs.technet.com/msrc/archive/2009/12/01/reports-of-issues-with-
november-security-updates.aspx


-Original Message-
From: Angus Scott-Fleming [mailto:angu...@geoapps.com] 
Sent: Wednesday, December 02, 2009 2:47 PM
To: NT System Admin Issues
Subject: Re: Black Screen woes could affect millions on Windows 7, Vista
and XP

On 1 Dec 2009 at 10:28, Sam Cayze  wrote:

> 
> Anyone actually seeing this?
> http://blogs.zdnet.com/hardware/?p=6311

SANS report on this here:

Microsoft Black Screen of Death - Fact of Fiction?
http://isc.sans.org/diary.html?storyid=7672

PrevX blog entry here:

--- Included Stuff Follows --- 
Windows Black Screen recap

"Following our most recent post last night we believe there may
still be 
confusion related to the Windows Black Screen issue. Following the
issue 
of our fix, which continues to receive significant downloads, we
believe 
that this problem is still affecting a very large number of users in
a 
very diverse range of windows environments. There have been more
than 
50,000 downloads of the free fix tool since we made it available 5
days 
ago. "

- Included Stuff Ends -
http://www.prevx.com/blog/142/Windows-Black-Screen-recap.html

--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+---+




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OT Kinda: Interesting Message on Web Page

[Joe Tinney]

I doubt that admins are the target audience for those messages. In fact,
this thread pretty much proves that. :-)

 

I'm just guessing, but I bet the target for that is for those true users
looking for answers via a search engine and coming across a KB article
for Windows (enter ancient version here). So, then they go hacking up
their registry without ever looking at the 'Applies To' section of the
article, which is at the bottom of the page.

 

This would be the same target audience for the 'Fix It' button.

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Wednesday, December 09, 2009 2:07 PM
To: NT System Admin Issues
Subject: Re: OT Kinda: Interesting Message on Web Page

 

Thanks Andy and Angus, I 'know' how it's happening, but you're both
missing my point.  Why the heck does Microsoft need to know what OS I'm
on when I'm browsing their site & telling me I may be on the wrong page?
I'm a network admin, I try to keep browsing from an actual server to a
minimum, if I'm researching an issue then I'm going to be doing it from
my workstation.  

On Wed, Dec 9, 2009 at 12:36 PM, Angus Scott-Fleming
 wrote:

On 9 Dec 2009 at 11:00, Sherry Abercrombie  wrote:

 

> So I'm clicking on a link for a Microsoft KB article sent to me by 

> Sunbelt support pertaining to Windows 2000 & 2003 Server OS from my
pc. 

> The top of the screen has this rather interesting message on it: "This


> article applies to a different version of Windows than the one you are


> using. Content in this article may not be relevant to you.

> Visit the Windows XP Solution Center"

> 

> Kinda scary I think.. 

 

Not at all.  If you change your browser's UserAgent you can fool the web
server into thinking you're anything, including an iPhone or the
GoogleBot  (this last one is very useful for reading news sites which
require accounts -- they almost all let the GoogleBot in).

 

If you're curious about what your browser is divulging, go here:

 

Whats My User Agent?

http://whatsmyuseragent.com/

 

Firefox has a nice add-on that makes changing your UA on the fly
trivial.

 

User Agent Switcher

http://chrispederick.com/work/user-agent-switcher/

 

My default UA is

Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.5)
Gecko/20091102 Firefox/3.5.5

But I can also "be" a Mac:

Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10)
Gecko/20050717 Firefox/1.0.7

or even a Palm Pre:

Mozilla/5.0 (webOS/1.0; U; en-US) AppleWebKit/525.27.1 (KHTML, like
Gecko) Version/1.0 Safari/525.27.1 Pre/1.0

 

HTH!

 

Angus

 

 

--

Angus Scott-Fleming

GeoApps, Tucson, Arizona

1-520-895-3270

~!

 

  

 

 




-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Search strangeness

[Joe Tinney]

Have you checked the HOSTS file?

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Friday, December 18, 2009 3:16 PM
To: NT System Admin Issues
Subject: Search strangeness

 

One of my users is unable to get to any search engine. I tried loading
FireFox on there as well as IE and in both cases the browser times out
before loading any search site. I can get to the front page of Yahoo,
but when I attempt to search for something, it gives me a timeout error.
PC is a Dell Optiplex 740 with about a Gig of RAM, Windows XP Pro SP3,
with Vipre Enterprise loaded on it.

Any suggestions? I've seen where malware will block IE, but never seen
it block FireFox, and everything else in IE and Firefox seem to work,
just no searching allowed. Also, Vipre has not found any malware on
there.

 

  

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: Dumping users and groups from AD into csv

[Joe Tinney]

In the interest of answering the question/request here is a rough script
that still needs tweaking:

 

## Script begins here

## Quest's PowerShell tools for AD are required for this to work. 

 

 

$output = "C:\list.csv" #Output filename

foreach ($user in get-qaduser) { #Gets a list of users to loop through

$displayname = $user.DisplayName; #Store their display name

foreach ($group in $user.MemberOf) { #Gets a list of user memberships

$groupname = $(get-qadgroup $group).Name; #Store the display name of the
group

$a = [char]34 #Creates a variable with a double-quote as the value to
format the output

"$a$DisplayName$a,$a$groupname$a" | Out-File -filePath $output -append
-noclobber; #Writes the output to file

}

}

 

## Script ends here

 

Outputs a comma separated, double-quote encapsulated (Just the way Excel
likes it) file to C:\list.csv. One line per group membership. You could
use PowerShell's array mechanisms to make it all one line per user if
desired.

 

After playing around with it some I definitely agree with Michael. There
must be a better way. J

 

From: Michael B. Smith [mailto:mich...@owa.smithcons.com] 
Sent: Friday, May 08, 2009 9:27 AM
To: NT System Admin Issues
Subject: RE: Dumping users and groups from AD into csv

 

why powershell?

 

adfind -default -f "(&(objectcategory=user)(objectclass=person))"
samaccountname memberof -csv -nodn

 

(and believe me, if I thought that PowerShell was the best tool for the
job, I would tell you.)

 

adfind is available at http://www.joeware.net  

 



From: Stefan Jafs [sj...@amico.com]
Sent: Friday, May 08, 2009 9:16 AM
To: NT System Admin Issues
Subject: Dumping users and groups from AD into csv

I have been doing some Googeling but drawing a blank.

 

I would like to have a PowerShell to dump all my users with group member
ships to a csv file any ideas?

 

Thanks

 

___

Stefan Jafs

 

This email and any attached files are confidential and intended solely
for the intended recipient(s). If you are not the named recipient you
should not read, distribute, copy or alter this email. Any views or
opinions expressed in this email are those of the author and do not
represent those of the Amico Corpoartion company. Warning: Although
precautions have been taken to make sure no viruses are present in this
email, the company cannot accept responsibility for any loss or damage
that arise from the use of this email or attachments.

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Account Unknown profiles

[Joe Tinney]

+1. I've seen this on folders used by MS updates to store their
decompressed files in during the install. Taking ownership of them
allowed me to delete them. The error message was that they were 'in
use'.

 

From: Andy Shook [mailto:andy.sh...@peak10.com] 
Sent: Tuesday, May 26, 2009 1:47 PM
To: NT System Admin Issues
Subject: RE: Account Unknown profiles

 

Joe,

Check your permissions on those files "in use" .  When I've seen this in
the past, it was due to the account I was logged in with didn't have
full control of the file(s) in question.  In that case, I would take
ownership of said files, modify permissions as needed, then kill it.
IME, those files were never in use via some process.

 

My $.02,

 

Shook

 

(BTW, its good to be back...had to take three months off due to a killer
1st quarter)

 

From: Joe Heaton [mailto:jhea...@etp.ca.gov] 
Sent: Tuesday, May 26, 2009 12:36 PM
To: NT System Admin Issues
Subject: Account Unknown profiles

 

Server 2k3

 

I've got a couple profiles on my server that are listed as Account
Unknown.  The delete button is greyed out for them.  I'd like to delete
them, but can't figure out how.  When I look under C:\Documents and
Settings, I see two folders there for personnel that have not been with
the organization for a couple of years now.  I'm assuming that these
profile folders are the ones showing up as Account Unknown, since they
are not listed otherwise under the Profile list.  I tried to manually
delete the folders themselves, but get an error saying the NTUSER.DAT is
being used by another user or program.

 

Any ideas on how I can get rid of these?

 

Thanks,

 

Joe Heaton

AISA

Employment Training Panel

1100 J Street, 4th Floor

Sacramento, CA  95814

(916) 327-5276

jhea...@etp.ca.gov

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Amusing

[Joe Tinney]

26+ GB L

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Thursday, May 28, 2009 4:12 PM
To: NT System Admin Issues
Subject: RE: Amusing

 

I'll have to ponder that one a bit. Not sure I like it. Disks may be
cheap, but eliminating SIS would cause storage requirements to increase
by an order of magnitude. The OP's situation is a prime example...
Suddenly a 9 MB storage requirement becomes 2.7 GB storage requirement
(if my math is right).

 

 

 

From: Brian Desmond [mailto:br...@briandesmond.com] 
Sent: Thursday, May 28, 2009 4:10 PM
To: NT System Admin Issues
Subject: RE: Amusing

 

3000x9

 

Disks are cheap, Exchange 2010 is designed to run RAID-less on large
SATA (e.g. 1TB) drives. 1 database per SATA drive - TX logs & DB on the
same volume. 

 

 

Thanks,

Brian Desmond

br...@briandesmond.com

 

c - 312.731.3132

 

Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
 

Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
 

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Thursday, May 28, 2009 2:57 PM
To: NT System Admin Issues
Subject: RE: Amusing

 

How does Ex 2010 work regarding SIS? If it doesn't use it, does it use
some similar technology? Or would the OP's 9 MB file now take 3000x9 MB
of space?

 

 

 

John Hornbuckle

MIS Department

Taylor County School District

318 North Clark Street

Perry, FL 32347

 

www.taylor.k12.fl.us

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Copy profile local to domain

[Joe Tinney]

I've used USMT (User State Migration Tool, available from Microsoft.com)
to migrate domain profiles from one machine to another. Not sure if it
can help you out but it may be worth a look. It is a command line tool.

 

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Monday, June 01, 2009 12:38 PM
To: NT System Admin Issues
Subject: Copy profile local to domain

 

Hi Gurus:

 

I'm looking for util that will copy/merge a local profile to a domain
profile.  I wrote a script to call netdom to join the domain, but I need
something to merge/copy the local to the domain profile.  I'm trying to
keep my user local profile settings as part of a migration.  I'm using
the Quest utils but they so far don't do what I want on the workstation
level.

 

Tom

 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Windows 2003 Server Issue.

[Joe Tinney]

d try unplugging the machine from the network and booting it. It probably 
won���t help but if the network initialization is causing the problem then take 
away the network. It would seem the drivers are the problem or part of it, 
though, and that wouldt stop them from loading. Wild shot.

 

HTH,

Joe

 

From: Daniel Rodriguez [mailto:drod...@gmail.com] 
Sent: Monday, June 01, 2009 7:52 PM
To: NT System Admin Issues
Subject: Re: Windows 2003 Server Issue.

 

The only message that I am getting is the failed service or driver message 
while Windows is loading. I get the grey screen, I see the Status messages, but 
just as it is getting to the Configuring Network Resources(?) is when the error 
message comes up. And I don't have to click 'ok' to get rid of the message, 
either, because just as the login screen appears, it changes over to Windows is 
Shutting down.

 

How do I go and look at the Event Viewer in Recovery Console? I thought it 
could be done...but memory fails me... been busy day... 

On Mon, Jun 1, 2009 at 7:29 PM, Jeff  wrote:

is there an error when it shuts down? does shutdown -a help? there are only a 
few reasons i can think of for an immediate shutdown, such as csrss or lsass 
being compromised.

On Mon, Jun 1, 2009 at 4:25 PM, Daniel Rodriguez  wrote:

Well, Chkdsk was run and I rebooted into Safemode. Now I am not getting 
the error message, but Windows shutdown. 

 

Other suggestions? Could I try a ReInstall Repair?

On Mon, Jun 1, 2009 at 7:13 PM, Richard Stovall 
 wrote:

Yup.  Though I have to admit that the recovery console has only 
helped me in 3 or 4 cases over the years.  The advent of BartPE and the like 
have made it a heck of a lot easier for the majority of cases.  Can you edit 
the appropriate parts of the registry to disable drivers and services from a 
Bart boot disk?  I don't think I've never tried.


-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Monday, June 01, 2009 6:56 PM
To: NT System Admin Issues
Subject: Re: Windows 2003 Server Issue.

Heh.

Great minds...

On Mon, Jun 1, 2009 at 15:48, Richard Stovall
 wrote:
> You could always blank the password with ntpasswd
> (http://home.eunet.no/pnordahl/ntpasswd/), then use the 
windows recovery
> console to disable whatever services/drivers you need to 
prevent from
> starting.
>
>
>
> From: Daniel Rodriguez [mailto:drod...@gmail.com]
> Sent: Monday, June 01, 2009 6:41 PM
> To: NT System Admin Issues
> Subject: Re: Windows 2003 Server Issue.
>
>
>
> I have tried Safe Mode, Safe Mode Command Prompt, Last Known 
Good Settings,
> and selected the option to Not to reboot on System Error.
>
>
>
> I am at a total loss on how to recover from this. All I know 
is, the person
> who had the admin rights tried to change the password and it 
not here and
> there is now one here who remembers what that password was. I 
am thinking
> that maybe there is a sevice that is/was tied to the Admin 
password.
>
> On Mon, Jun 1, 2009 at 6:35 PM, Jeff  
wrote:
>
> how about last known good?
>
>
>
> On Mon, Jun 1, 2009 at 3:18 PM, Daniel Rodriguez 
 wrote:
>
> I have a Dell PowerEdge with Windows 2003 Standard Server.
>
>
>
> Someone with admin rights has done something to the server.
>
>
>
> Issue: When powering up the server, shows that it is loading, 
gets to the
> grey screen with status messages. When it gets to 'Network 
Connections'
> there is an error message stating that a service or drivers 
did not load and
> to look at the Event View for more details. It then shows the 
login screen
> for a split second and then Windows performs a shutdown.
>
>
>
> This happens when I try to go into Safe Mode, as well.
>
>
>
> Ideas?
>
>
>
>
>
>
>
>
>
>
>
  

RE: Reports of Outlook automatic archiving activating after patching this weekend

[Joe Tinney]

This isn't the MS Office 2007 SP2 'converting the PST' function, is it?
Is SP2 on the list of patches that are in question?

 

From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Monday, June 15, 2009 12:11 PM
To: NT System Admin Issues
Subject: RE: Reports of Outlook automatic archiving activating after
patching this weekend

 

I had a problem with Outlook "starting for the first time" last week
when I installed some updates from Microsoft Update. It was annoying and
Outlook (2007) was flaky until I forced it to shut down and restarted
it. Now it's behaving as it should!

 

  

 

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Monday, June 15, 2009 11:48 AM
To: NT System Admin Issues
Subject: FYI: Reports of Outlook automatic archiving activating after
patching this weekend

 

I've seen sporadic reports online, and can confirm sporadic instances
within an organization I deal with, that some systems that had patches
applied over the weekend that were installed via AU caused Outlook to
"try to start for the first time".  This process, along with the
standard startup dialog that many of us are familiar with also came with
a dialog box that appeared to be an automatic archive (two folders
passing papers with a changing list of folders being processed.)

In every case I am aware of; automatic updates was *not* enabled.

I have been unable at this time to research further or confirm if an
archiving actually took place.  Someone also posted about it in the MS
forums:

http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=mi
crosoft.public.outlook.general&tid=f53bb4ee-9c15-434d-aab9-05c45017ba4e&
cat=&lang=&cr=&sloc=&p=1&mid=f53bb4ee-9c15-434d-aab9-05c45017ba4e



--
ME2

 

 

No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.364 / Virus Database: 270.12.70/2177 - Release Date:
06/15/09 05:54:00

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<><>

RE: FYI: Reports of Outlook automatic archiving activating after patching this weekend

[Joe Tinney]

Am I invisible here? Do I need more life points or something? First my version 
questions skims by and now a repeat suggestion (though those do happen quite 
often and you can't always catch every reply). Candee at least had a link and 
that is more useful than me just throwing it out there. Oh, well.

WTB LifePoints4NTSysAdmin

-Original Message-
From: Candee Vaglica [mailto:can...@gmail.com] 
Sent: Monday, June 15, 2009 2:37 PM
To: NT System Admin Issues
Subject: Re: FYI: Reports of Outlook automatic archiving activating after 
patching this weekend

This happened to me when I installed Office SP2.
I found this:
http://almostdailytech.com/tag/office-2007-sp2/


On Mon, Jun 15, 2009 at 12:42 PM, Micheal Espinola
Jr wrote:
> Sorry for neglecting that bit.  For the people I am involved with, its been
> 2007.  But it hasn't been everyone.
>
> --
> ME2
>
>
> On Mon, Jun 15, 2009 at 12:33 PM, Rob Bonfiglio 
> wrote:
>>
>> What verion(s) of Outlook?
>>
>> On Mon, Jun 15, 2009 at 11:47 AM, Micheal Espinola Jr
>>  wrote:
>>>
>>> I've seen sporadic reports online, and can confirm sporadic instances
>>> within an organization I deal with, that some systems that had patches
>>> applied over the weekend that were installed via AU caused Outlook to "try
>>> to start for the first time".  This process, along with the standard startup
>>> dialog that many of us are familiar with also came with a dialog box that
>>> appeared to be an automatic archive (two folders passing papers with a
>>> changing list of folders being processed.)
>>>
>>> In every case I am aware of; automatic updates was *not* enabled.
>>>
>>> I have been unable at this time to research further or confirm if an
>>> archiving actually took place.  Someone also posted about it in the MS
>>> forums:
>>>
>>>
>>> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.outlook.general&tid=f53bb4ee-9c15-434d-aab9-05c45017ba4e&cat=&lang=&cr=&sloc=&p=1&mid=f53bb4ee-9c15-434d-aab9-05c45017ba4e
>>>
>>> --
>>> ME2
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: FYI: Reports of Outlook automatic archiving activating after patching this weekend

[Joe Tinney]

I'm not all warmed up. :-)

I totally listed the possibility that you didn't see my reply right after I 
mentioned that it was a repeat. This isn't 'at' anyone.. just more of a general 
question, I suppose. 

And, admittedly, a bit of a whinefest.

It's frustrating to learn so much from a community and then try and give back 
multiple times to be seemingly 'ignored'. That's all. 

-Original Message-
From: Candee Vaglica [mailto:can...@gmail.com] 
Sent: Monday, June 15, 2009 2:49 PM
To: NT System Admin Issues
Subject: Re: FYI: Reports of Outlook automatic archiving activating after 
patching this weekend

Dude?
Chill out.
I didn't see your suggestion.



On Mon, Jun 15, 2009 at 2:42 PM, Joe Tinney wrote:
> Am I invisible here? Do I need more life points or something? First my 
> version questions skims by and now a repeat suggestion (though those do 
> happen quite often and you can't always catch every reply). Candee at least 
> had a link and that is more useful than me just throwing it out there. Oh, 
> well.
>
> WTB LifePoints4NTSysAdmin
>
> -Original Message-
> From: Candee Vaglica [mailto:can...@gmail.com]
> Sent: Monday, June 15, 2009 2:37 PM
> To: NT System Admin Issues
> Subject: Re: FYI: Reports of Outlook automatic archiving activating after 
> patching this weekend
>
> This happened to me when I installed Office SP2.
> I found this:
> http://almostdailytech.com/tag/office-2007-sp2/
>
>
> On Mon, Jun 15, 2009 at 12:42 PM, Micheal Espinola
> Jr wrote:
>> Sorry for neglecting that bit.  For the people I am involved with, its been
>> 2007.  But it hasn't been everyone.
>>
>> --
>> ME2
>>
>>
>> On Mon, Jun 15, 2009 at 12:33 PM, Rob Bonfiglio 
>> wrote:
>>>
>>> What verion(s) of Outlook?
>>>
>>> On Mon, Jun 15, 2009 at 11:47 AM, Micheal Espinola Jr
>>>  wrote:
>>>>
>>>> I've seen sporadic reports online, and can confirm sporadic instances
>>>> within an organization I deal with, that some systems that had patches
>>>> applied over the weekend that were installed via AU caused Outlook to "try
>>>> to start for the first time".  This process, along with the standard 
>>>> startup
>>>> dialog that many of us are familiar with also came with a dialog box that
>>>> appeared to be an automatic archive (two folders passing papers with a
>>>> changing list of folders being processed.)
>>>>
>>>> In every case I am aware of; automatic updates was *not* enabled.
>>>>
>>>> I have been unable at this time to research further or confirm if an
>>>> archiving actually took place.  Someone also posted about it in the MS
>>>> forums:
>>>>
>>>>
>>>> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.outlook.general&tid=f53bb4ee-9c15-434d-aab9-05c45017ba4e&cat=&lang=&cr=&sloc=&p=1&mid=f53bb4ee-9c15-434d-aab9-05c45017ba4e
>>>>
>>>> --
>>>> ME2
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: FYI: Reports of Outlook automatic archiving activating after patching this weekend

[Joe Tinney]

I'm subscribed via email.

Invisible by email = sad. Invisible in person = superpower. Who knew! 

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Monday, June 15, 2009 3:04 PM
To: NT System Admin Issues
Subject: Re: FYI: Reports of Outlook automatic archiving activating after 
patching this weekend

You are invisible.

This is the first post I've seen from you in a while.

Are you using the forum interface, or subscribed via email?

On Mon, Jun 15, 2009 at 11:42, Joe Tinney wrote:
> Am I invisible here? Do I need more life points or something? First my 
> version questions skims by and now a repeat suggestion (though those do 
> happen quite often and you can't always catch every reply). Candee at least 
> had a link and that is more useful than me just throwing it out there. Oh, 
> well.
>
> WTB LifePoints4NTSysAdmin
>
> -Original Message-
> From: Candee Vaglica [mailto:can...@gmail.com]
> Sent: Monday, June 15, 2009 2:37 PM
> To: NT System Admin Issues
> Subject: Re: FYI: Reports of Outlook automatic archiving activating after 
> patching this weekend
>
> This happened to me when I installed Office SP2.
> I found this:
> http://almostdailytech.com/tag/office-2007-sp2/
>
>
> On Mon, Jun 15, 2009 at 12:42 PM, Micheal Espinola
> Jr wrote:
>> Sorry for neglecting that bit��� For the people I am involved with, its been
>> 2007.�� But it hasn't been everyone.
>>
>> --
>> ME2
>>
>>
>> On Mon, Jun 15, 2009 at 12:33 PM, Rob Bonfiglio 
>> wrote:
>>>
>>> What verion(s) of Outlook?
>>>
>>> On Mon, Jun 15, 2009 at 11:47 AM, Micheal Espinola Jr
>>>  wrote:
>>>>
>>>> I've seen sporadic reports online, and can confirm sporadic instances
>>>> within an organization I deal with, that some systems that had patches
>>>> applied over the weekend that were installed via AU caused Outlook to "try
>>>> to start for the first time��  This process, along with the standard 
>>>> startup
>>>> dialog that many of us are familiar with also came with a dialog box that
>>>> appeared to be an automatic archive (two folders passing papers with a
>>>> changing list of folders being processed.)
>>>>
>>>> In every case I am aware of; automatic updates was *not* enabled.
>>>>
>>>> I have been unable at this time to research further or confirm if an
>>>> archiving actually took plac��  Someone also posted about it in the MS
>>>> forums:
>>>>
>>>>
>>>> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=microsoft.public.outlook.general&tid=f53bb4ee-9c15-434d-aab9-05c45017ba4e&cat=&lang=&cr=&sloc=&p=1&mid=f53bb4ee-9c15-434d-aab9-05c45017ba4e
>>>>
>>>> --
>>>> ME2
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/�� ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ��~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: FYI: Reports of Outlook automatic archiving activating after patching this weekend

[Joe Tinney]

Seems to be? I'll dig up the lists support email address and see if
Sunbelt knows what might be going on. Thanks for letting me know and
glad to see the issue explained/resolved. 

 

We've not yet rolled out SP2 (in testing for the moment) but plan on
issuing some corporate communication regarding the PST optimization to
mitigate the calls. But, oh, will there be calls, anyway! :) 

 

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Monday, June 15, 2009 3:07 PM
To: NT System Admin Issues
Cc: Joe Tinney
Subject: Re: FYI: Reports of Outlook automatic archiving activating
after patching this weekend

 

Same here.  You have been invisible, Joe.  Your posts haven't making it
through the list.  Not kidding.

Seems to be OK now though?

--
ME2



On Mon, Jun 15, 2009 at 3:03 PM, Kurt Buff  wrote:

You are invisible.

This is the first post I've seen from you in a while.

Are you using the forum interface, or subscribed via email?


On Mon, Jun 15, 2009 at 11:42, Joe Tinney wrote:
> Am I invisible here? Do I need more life points or something? First my
version questions skims by and now a repeat suggestion (though those do
happen quite often and you can't always catch every reply). Candee at
least had a link and that is more useful than me just throwing it out
there. Oh, well.
>
> WTB LifePoints4NTSysAdmin
>
> -Original Message-
> From: Candee Vaglica [mailto:can...@gmail.com]
> Sent: Monday, June 15, 2009 2:37 PM
> To: NT System Admin Issues
> Subject: Re: FYI: Reports of Outlook automatic archiving activating
after patching this weekend
>
> This happened to me when I installed Office SP2.
> I found this:
> http://almostdailytech.com/tag/office-2007-sp2/
>
>
> On Mon, Jun 15, 2009 at 12:42 PM, Micheal Espinola
> Jr wrote:
>> Sorry for neglecting that bit.  For the people I am involved with,
its been
>> 2007.  But it hasn't been everyone.
>>
>> --
>> ME2
>>
>>
>> On Mon, Jun 15, 2009 at 12:33 PM, Rob Bonfiglio

>> wrote:
>>>
>>> What verion(s) of Outlook?
>>>
>>> On Mon, Jun 15, 2009 at 11:47 AM, Micheal Espinola Jr
>>>  wrote:
>>>>
>>>> I've seen sporadic reports online, and can confirm sporadic
instances
>>>> within an organization I deal with, that some systems that had
patches
>>>> applied over the weekend that were installed via AU caused Outlook
to "try
>>>> to start for the first time".  This process, along with the
standard startup
>>>> dialog that many of us are familiar with also came with a dialog
box that
>>>> appeared to be an automatic archive (two folders passing papers
with a
>>>> changing list of folders being processed.)
>>>>
>>>> In every case I am aware of; automatic updates was *not* enabled.
>>>>
>>>> I have been unable at this time to research further or confirm if
an
>>>> archiving actually took place.  Someone also posted about it in the
MS
>>>> forums:
>>>>
>>>>
>>>>
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx?dg=mi
crosoft.public.outlook.general&tid=f53bb4ee-9c15-434d-aab9-05c45017ba4e&
cat=&lang=&cr=&sloc=&p=1&mid=f53bb4ee-9c15-434d-aab9-05c45017ba4e
>>>>
>>>> --
>>>> ME2
>>>>
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>>
>>
>>
>>
>>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Remote query mapped network drives

[Joe Tinney]

HK_CU is just an alias to the HKUsers/SID hive. You can find their SID a
number of different ways but I use PowerShell and the Quest tools: 

$(get-qaduser $user).sid | Select Value



Assuming you are using an AD domain, too.

 

HTH

 

Joe



 

From: cs [mailto:chr...@gmail.com] 
Sent: Monday, June 15, 2009 4:11 PM
To: NT System Admin Issues
Subject: Re: Remote query mapped network drives

 

OK, re querying the registry - how could I find this without being
logged on locally to the PC? I mean I know I can remotely connect via
regedit but this only lets me query HK_LM/HK_USERS - it doesn't let me
directly query HK_CU which is where I presume any reference to a
statically mapped drive would be??

On Mon, Jun 15, 2009 at 9:05 PM, Damien Solodow
 wrote:

That won't work, psexec would only show the mapped drives for the user
running it.

 

Statically mapped drives (aka ones where the "reconnect at login" is
checked) can be read from the registry. Hopefully any other mapped
drives come from your login script. ;)

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Monday, June 15, 2009 4:03 PM


To: NT System Admin Issues

Subject: RE: Remote query mapped network drives

 

Maybe psexec \\net use ? to the box? 

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: cs [mailto:chr...@gmail.com] 
Sent: Monday, June 15, 2009 3:57 PM
To: NT System Admin Issues
Subject: Remote query mapped network drives

 

Is there a way to remotely determine what network drives a user is
mapped to, i.e. in the event a user has locked their login session and
company policy dictates that I can't just go in and change their
password.

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: www.msn.com just brought my citrix servers to a screeching hault!

[Joe Tinney]

I am not experiencing the issue with IE8 and Flash 10.0.22.87, FWIW. 

 

From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Tuesday, June 16, 2009 11:38 AM
To: NT System Admin Issues
Subject: RE: www.msn.com just brought my citrix servers to a screeching
hault!

 

Disable Flash in the IE add-ons, its what is causing the problem, or the
site and how its using the flash10b.ocx file, 

 

Open IE: Tools, Manage Add-ons,  Addons that have been used by Internet
Explorer, Shockware Flash Object, Flash10b.ocx, and click disabled, and
reload IE, you will see IE processor time calm right now...

 

Z

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505



From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Tuesday, June 16, 2009 11:30 AM
To: NT System Admin Issues
Subject: RE: www.msn.com just brought my citrix servers to a screeching
hault!

 

Opening another window makes it worse: 

 

Both sessions go up to 40-50%

 

 

 

Edward Ziots

Network Engineer

Lifespan Organization

MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +

ezi...@lifespan.org

Phone:401-639-3505

 

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Tuesday, June 16, 2009 11:09 AM
To: NT System Admin Issues
Subject: Re: www.msn.com just brought my citrix servers to a screeching
hault!

 

On Tue, Jun 16, 2009 at 10:19 AM, David Mazzaccaro

 wrote:

> Starting at  9:49am Eastern, anyone who opened Internet explorer and
went to www.msn.com,

> brought my citrix farm to 99% CPU (iexplorer.exe for each user was
around 20-50% CPU).

>  Strange It is still happening...

 

  Sounds like an issue I posted about here, back in May.

 

http://www.mail-archive.com/ntsysadmin@lyris.sunbelt-software.com/msg446
21.html

 

  If you wait six minutes or so, does IEXPLORE unwedge itself?

 

  If you open a second IEXPLORE window, does that window open okay?

 

-- Ben

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~

~   ~

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: Re[2]: www.msn.com just brought my citrix servers to a screeching hault!

[Joe Tinney]

XP SP3, IE 8.0.6001.18702, Flash 10.0.22.87 ActiveX Control.

 

No problems.

 

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Tuesday, June 16, 2009 1:38 PM
To: NT System Admin Issues
Subject: Re: Re[2]: www.msn.com just brought my citrix servers to a
screeching hault!

 

Peeps: If we want to isolate this problem, we are gonna need flash and
browser versions.

--
ME2

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Unable to View FLASH Video

[Joe Tinney]

Try the Adobe Flash uninstaller to completely remove Flash. I do this in case 
there are some older legacy files laying around. I've never had this problem 
but may be worth a shot. It is available as a separate download from Adobe.com.

-Original Message-
From: Andy Ognenoff [mailto:andyognen...@gmail.com] 
Sent: Thursday, June 18, 2009 11:17 AM
To: NT System Admin Issues
Subject: RE: Unable to View FLASH Video

I've had this exact issue recently with a few users but with the plugin
version of Flash 10 in Firefox 3.  Video works fine in IE7 but not Firefox
even after uninstalling/reinstalling Firefox and Flash.  No solution at this
point.

 - Andy O. 

From: Roger Wright [mailto:rwri...@evatone.com] 
Sent: Thursday, June 18, 2009 9:32 AM
To: NT System Admin Issues
Subject: Unable to View FLASH Video

I have one user (a manager) with XP Pro,  IE8 and Flash 10.x who is unable
to view Flash videos from either MSNBC or CNN sites.  In both cases, he's
informed he needs to upgrade his Flash Player.  Flash is enabled in the
browser, I've removed his temporary Internet files, manually installed Adobe
Flash 10.x - still the same message and no video.  All was good a couple
weeks ago, so I'm thinking it's related to recent updates.

What else should I be checking?



Roger Wright
Network Administrator
Evatone, Inc.
727.572.7076  x388
  

_


Don't smother each other. No one can grow in the shade. 
 
 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Scheduled task Windows 2003 R2

[Joe Tinney]

Out of curiosity, are you testing on the command line with the same user
credentials that the scheduled task is running under? 

Barring something like that being the problem it sounds like the batch
file is waiting for user input, perhaps?

Have you tried monitoring the process with Systinerals ProcMon to see if
it is looping endlessly somewhere or getting Access Denied on anything? 

 

From: Scott Schneider [mailto:sschnei...@inscapesolutions.com] 
Sent: Wednesday, June 24, 2009 12:02 PM
To: NT System Admin Issues
Subject: Scheduled task Windows 2003 R2

 

I have some nightly scripts (5 in total) which copy files from a server
out to  shopfloor PC.'s 2 out of 5 scripts finish in an extended period
of time. The other 3 run for hours and hours and never finish before 24
hours is over. If I manually run the .bat files from a command prompt at
the server, they finish in about 20 minutes. I assume if they run fine
at a command prompt that it is not a networking issue. I have even tried
manually running from the scheduled tasks and get the same slow result.
I kill the task, and run it from a command prompt  all is fine.

 

Any ideas?

 

Thanks

 

The server is 2003 R2 and the shop floor PCs XP with SP2

 

 

This is an example of the one line of the copy command from the .bat
file. It repeats anywhere from a few hundred times to a around a 1000
times

 

IF EXIST d:\ptc\vaults\INS_V02\195418.anc copy
d:\ptc\vaults\INS_V02\195418.anc \\fab-1140\c$\ncload\26402-58-r.anc
 

 

Scott Schneider
Senior Network Admin

P Please consider the environment before printing this e-mail 



 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Michael Jackson dead?

[Joe Tinney]

Ay yi yi! Shameful, Don, shameful! LoL

 

From: Don Guyer [mailto:don.gu...@prufoxroach.com] 
Sent: Friday, June 26, 2009 10:15 AM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

 

Read somewhere that because he was made of so much plastic, they are
going to recycle him into Legos, so the kids can play with him now.

 

Don Guyer

Systems Engineer - Information Services

Prudential, Fox & Roach/Trident Group

431 W. Lancaster Avenue

Devon, PA 19333

Direct: (610) 993-3299

Fax: (610) 650-5306

don.gu...@prufoxroach.com

 

From: Steven M. Caesare [mailto:scaes...@caesare.com] 
Sent: Friday, June 26, 2009 10:12 AM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

 

Good thing... that would be a Thriller.

 

-sc

 

From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Friday, June 26, 2009 10:10 AM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

 

Shookie Baby is not my lover.

 



From: Jake Gardner [mailto:jgard...@ttcdas.com] 
Sent: Friday, June 26, 2009 9:59 AM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

Shook==BillieJean

 

Thanks,

 

Jake Gardner

TTC Network Administrator

Ext. 246

 

 



From: Andy Shook [mailto:andy.sh...@peak10.com] 
Sent: Friday, June 26, 2009 9:45 AM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

But the thread is mine; the dog-gone thread is mine

 

Shook

 

From: Jonathan Link [mailto:jonathan.l...@gmail.com] 
Sent: Friday, June 26, 2009 9:43 AM
To: NT System Admin Issues
Subject: Re: Michael Jackson dead?

 

Yeah, let's Beat it.

On Fri, Jun 26, 2009 at 9:42 AM, Martin Blackstone
 wrote:

Not that Im one to bitch but this thread is old already.


-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]

Sent: Friday, June 26, 2009 6:27 AM
To: NT System Admin Issues

Subject: Re: Michael Jackson dead?

ABC...123.
John W. Cook
Systems Administrator
Partnership For Strong Families
 Sent to you from my Blackberry in the Cloud

- Original Message -
From: Glen Johnson 
To: NT System Admin Issues 
Sent: Fri Jun 26 09:13:00 2009
Subject: RE: Michael Jackson dead?

Nope  "Another One Bites the Dust"

-Original Message-
From: Klint Price [mailto:kpr...@arizonaitpro.com]
Sent: Friday, June 26, 2009 2:17 AM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

I heard the Dr's tried to recessitate him using CPR to  the rhythm of
"Beat it"

 wow, that was bad.  I think I am going to go throw HIStory on the
player now.

Klint



From: Gene Giannamore [gene.giannam...@abideinternational.com]
Sent: Thursday, June 25, 2009 4:18 PM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

+1
I agree. What makes a celebrity more important than family, friend, or
friend of friend?



Gene Giannamore
Abide International Inc.
Technical Support
561 1st Street West
Sonoma,Ca.95476
(707) 935-1577Office
(707) 935-9387Fax
(707) 766-4185Cell
gene.giannam...@abideinternational.com


-Original Message-
From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Thursday, June 25, 2009 4:13 PM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

Think maybe they're worried about people taking souvenirs ... Check eBay
for
his nose in a jar ...  ( yep, I'm callous, but there's way more tragedy
in
the world to worry about in my opinion )



Erik Goldoff
IT  Consultant
Systems, Networks, & Security


-Original Message-
From: Gene Giannamore [mailto:gene.giannam...@abideinternational.com]
Sent: Thursday, June 25, 2009 7:09 PM
To: NT System Admin Issues
Subject: RE: Michael Jackson dead?

Why? Just because it's a celebrity?



Gene Giannamore
Abide International Inc.
Technical Support
561 1st Street West
Sonoma,Ca.95476
(707) 935-1577Office
(707) 935-9387Fax
(707) 766-4185Cell
gene.giannam...@abideinternational.com



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


CONFIDENTIALITY STATEMENT: The information transmitted, or contained or
attached to or with this Notice is intended only for the person or
entity to which it is addressed and may contain Protected Health
Information (PHI), confidential and/or privileged material. Any review,
transmission, dissemination, or other use of, and taking any action in
reliance upon this information by persons or entities other than the
intended recipient without the express written consent of the sender 

RE: Windows Script Host Error

[Joe Tinney]

Can you verify if the user running the logon script (logon scripts run
as the user logging in) has permissions to pull that attribute from AD?
You could verify this by actually trying to get this information logged
in as that user (or a copy of that user) and using Active Directory User
and Computers. 

Also, to verify, check to see if this behavior is always consistent with
that user no matter what machine they use.

 

From: Myung Bang [mailto:myung.b...@jlab.org] 
Sent: Friday, June 26, 2009 2:32 PM
To: NT System Admin Issues
Subject: Windows Script Host Error

 

Hello, I need some help. I just converted our logon batch file to a vbs
script and some systems are displaying Windows Script Host error. The
message is:

Script: \\adserver\NETLOGON\script_name.vbs
Line: 15
Char: 1
Error: The directory property cannot be found in the cache.
Code: 8000500D
Source: Active Directory

The line 15 is:
arrMemberOf = objUser.GetEx("memberOf")

This script works without an error for many hundreds of systems. Only
happening on couple of dozen of computers. Another confusing thing is on
the same system, some people get the message and some people don't.

Any idea?
Thanks,
Myung

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Win 7 license gotchas: Limits on upgrade from Vista, downgrade to XP

[Joe Tinney]

[1] [Editor's note: Since this story appeared, Microsoft has extended
the downgrade-to-XP period from six to 18 months.] <
http://www.infoworld.com/d/windows/microsoft-backtracks-extends-xp-avail
ability-2011-093>

Not that 18 months is much better, but it is better.

-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com] 
Sent: Monday, June 29, 2009 2:29 PM
To: NT System Admin Issues
Subject: Win 7 license gotchas: Limits on upgrade from Vista, downgrade
to XP


  Acquire an OEM license for Win 7 before 23 April 2010, and you can
downgrade to Vista or XP.  But buy on or after that date, and you can
only downgrade to Vista -- *not* XP.[1]

  Acquire an OEM license for Vista from before the Win 7 release, and
you can upgrade to Win 7 when it comes out -- but for no more than 25
computers within an organization.[2]

  Why is Microsoft making it more difficult for customers to decide to
give them money?  I would think that, as long as they're getting paid,
they wouldn't care what release of Windows we run.  G.  Now we
have to accelerate our upgrade schedule, pay for each seat twice (OEM
and VL), and/or decide to jump ship entirely for another platform.
Every time they pull a stunt like this, that last option becomes a
little more attractive.

[1]
http://www.infoworld.com/d/windows/microsofts-looming-windows-7-licensin
g-disaster-xp-shops-639

[2]
http://www.infoworld.com/d/windows/windows-7-upgrade-campaign-savings-li
mited-enterprises-166

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server 2008 SP2

[Joe Tinney]

I've seen this behavior on XP SP2 systems using our WSUS server. SP3
isn't offered until some initial updates have been installed. The
updates that it wants to install don't seem to be 'Windows Installer'
updates or updates to WUAUCLT, but I haven't investigated it much. I
just install and move on.

-Original Message-
From: Kelsey, John [mailto:jckel...@drmc.org] 
Sent: Tuesday, June 30, 2009 3:46 PM
To: NT System Admin Issues
Subject: RE: Server 2008 SP2

I've seen that if you have previous patches not applied yet, you have to
either apply them or hide them from showing up.  Then SP2 becomes
available as an option to install.

***
John C. Kelsey
DuBois Regional Medical Center
(:  814.375.3073  
*:   jckel...@drmc.org 
***


-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Tuesday, June 30, 2009 15:33
To: NT System Admin Issues
Subject: RE: Server 2008 SP2


We're not using WSUS, though--well, at least not for patching servers.
All of my servers go straight to MS through Windows Update to check for
updates. WU as showing some servers as needing SP2, and others as not.

I know I can use the standalone installer, but that shouldn't be
necessary...



-Original Message-
From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] 
Sent: Tuesday, June 30, 2009 3:33 PM
To: NT System Admin Issues
Subject: RE: Server 2008 SP2

Yeah, we're seeing it in WSUS on our SBS 2008 boxes as being required by
those SBS 2008 boxes, but NOT in Windows Update on the same boxes.


--
G2 Support
Network Support : Online Backups : Server Management

Web: www.g2support.com
Twitter: g2support
Newsletter: www.g2support.com/newsletter




-Original Message-
From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: 30 June 2009 20:25
To: NT System Admin Issues
Subject: Server 2008 SP2

Shouldn't SP2 for Server 2008 be showing up in Windows Update now?

I can't quite figure out why, but when I check for updates on some of my
Server 2008 machines WU offers SP2 as an option, but it doesn't offer it
for some others. I can't seem to figure out the pattern, though...



John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us





NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~



NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they are
addressed. If you have received this email in error please notify the
system manager. This message contains confidential information and is
intended only for the individual named. If you are not the named
addressee you should not disseminate, distribute or copy this e-mail.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: OT: Netbooks

[Joe Tinney]

At any rate, you are free to downgrade at will with the appropriate
versions of Vista (Business and Ultimate) to XP Pro. The only issue I
see with that is driver availability and I don't even know enough to
know if it is an issue.

 

From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] 
Sent: Thursday, July 02, 2009 1:09 PM
To: NT System Admin Issues
Subject: RE: OT: Netbooks

 

I may be looking at the wrong vendors, but the models I'm finding aren't
listing XP Pro as an option at all.

 

 

 

From: Mike Gill [mailto:lis...@canbyfoursquare.com] 
Sent: Wednesday, July 01, 2009 7:07 PM
To: NT System Admin Issues
Subject: RE: OT: Netbooks

 

I am setting up an EeePC 1000HE now. I think you mean you can't get XP
Pro on one new. It can be installed, though the purchase price goes up
obviously. The keyboard and mouse on this unit are nice. All the keys
are where they should be, and the keyboard goes edge to edge so it's as
large as it could be. The one that gets me is when they put the Fn key
in the bottom left where the CTRL key is suppose to be. I don't like the
HP because the mouse buttons are on the sides of the pad. It's just
plain crazy.

 

-- 
Mike Gill

 

From: Alex Eckelberry [mailto:al...@sunbelt-software.com] 
Sent: Wednesday, July 01, 2009 2:56 PM
To: NT System Admin Issues
Subject: RE: OT: Netbooks

 

I have bought two Netbooks -- a Dell Mini and a Lenovo. 

 

As you probably know, Vista is so slow as to be unusable on a Netbook,
and you can't get XP Pro on one.  You'll need to wait for the Windows 7,
or buy HP, which does have Vista pre-installed on their netbooks.  It's
worth noting that AFAIK the HP Netbook requires a dongle to connect to a
monitor, which was a deal-killer for me, but may not matter for you. 

 

Whatever you decide, really take a look at the keyboards.  The Dell Mini
is completely unusable IMHO.  The Lenovo is better, but still
challenging. For students with tiny fingers, it may work.  But in the
case of the Dell, they made the keyboard truly unusuable, as the
apostrophe/quote key is located in the weirdest place.  

 

Alex

 

 



From: Jon Harris [mailto:jk.har...@gmail.com] 
Sent: Wednesday, July 01, 2009 10:37 AM
To: NT System Admin Issues
Subject: Re: OT: Netbooks

I was looking at the Atom's from Dell when we began the process of
replacing desktops.  I liked what I saw and the price was very good but
I could not get one in my hands to try out.  I am waiting until I see
some of these new types of machines before ordering any.  Like your
budget mine is super tight at the moment.

 

Jon

On Wed, Jul 1, 2009 at 10:25 AM, John Hornbuckle
 wrote:

Anyone have any experiences on netbooks in the enterprise?

We're a school district, and are just now looking at them. But the ones
I'm seeing all come with Windows XP Home Edition, which presents
manageability problems for us.

Are we better off just waiting for Windows 7? My understanding is that
all flavors of it will run on netbooks.



John Hornbuckle
MIS Department
Taylor County School District
318 North Clark Street
Perry, FL 32347

www.taylor.k12.fl.us  



NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

 

 

 

 

 

 
 
 
NOTICE: Florida has a broad public records law. Most written
communications to or from this entity are public records that will be
disclosed to the public and the media upon request. E-mail
communications may be subject to public disclosure.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: The install that wouldn't stop

[Joe Tinney]

I recently ran into this problem (not with this product, but a different
one) and I used Process Explorer to determine its parent process. In
this case it happened to be HP's "awesome" Printer/Scanner/Copier
software that someone didn't complete the installation of. Removing the
installed software that was causing this to launch fixed the problem.
You can access Sysinternals Process Explorer by pasting
'http://live.sysinternals.com/procexp.exe' (no quotes) into your Run
dialog. It is about 4 megs to download and run. You can use the Target
icon   (click on the target and drag it onto the window) and it will
highlight the process running that window in the listing of processes
that are running on your system. To view the details of that process
once it is highlighted you can either double-click it or go to Process >
Properties (helpful if the process is bouncing around on the List view).

Viewing the processes in Tree view (View > Show Process Tree) will show
the parent/child process relationship to help you investigate further.

Best of luck!

 

From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] 
Sent: Monday, July 06, 2009 2:45 PM
To: NT System Admin Issues
Subject: RE: The install that wouldn't stop

 

Its not a start menu or reg/run issue.
It's a windows installer issue. Check the web, I don't have the link
handy but the fix is related the service.

jlc

 

From: Tom Miller [mailto:tmil...@hnncsb.org] 
Sent: Monday, July 06, 2009 12:25 PM
To: NT System Admin Issues
Subject: The install that wouldn't stop

 

Hi Folks,

 

I have some sort of run away install/uninstall on one of my user's PCs
for AdminStudio.  It keeps asking for the install media, which I don't
have.  I select cancel, it "undoes" whatever, then starts the whole
process again.

 

I don't see anywhere in the registry or Start menu that keeps kicking
this thing off on boot.  Suggestions?  

 

Thanks,

 

 

 

Tom Miller
Engineer, Information Technology
Hampton-Newport News Community Services Board
757-788-0528 

Confidentiality Notice: This e-mail message, including attachments, is
for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message. 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: IE zero day exploit Microsoft new for 1+ yrs of this flaw

[Joe Tinney]

That's the feeling I got from the MSRC Team blog..

 

"Customers who have already implemented the killbits manually or through the 
FixIt workaround won't need to implement next week's security update, though we 
recommend that you apply the update to ensure that reporting accurately shows 
that the systems are fully protected."

 

http://blogs.technet.com/msrc/archive/2009/07/09/questions-about-timing-and-microsoft-security-advisory-972890.aspx

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Friday, July 10, 2009 11:54 AM
To: NT System Admin Issues
Subject: RE: IE zero day exploit Microsoft new for 1+ yrs of this flaw

 

They're probably just setting the same killbits that most of us already did 
this week.

 

Carl

 

From: Rob Bonfiglio [mailto:robbonfig...@gmail.com] 
Sent: Friday, July 10, 2009 10:08 AM
To: NT System Admin Issues
Subject: Re: IE zero day exploit Microsoft new for 1+ yrs of this flaw

 

It won't be.  They say so in the article.

On Fri, Jul 10, 2009 at 9:55 AM, HELP_PC  wrote:


 

And who will assure us that Tuesday patches will be really definitive ?

 

GuidoElia

HELPPC

 

 



Da: Rob Bonfiglio [mailto:robbonfig...@gmail.com] 
Inviato: venerdì 10 luglio 2009 14.56
A: NT System Admin Issues
Oggetto: Re: IE zero day exploit Microsoft new for 1+ yrs of this flaw

I'm not defending themnot knowing much about how the attack works it's hard 
for me to defend them; 16-18 months does seem like an excessive amount of time. 
 But the fact that one of the discoverers of the vulnerability did kind of 
defend them in the article should be taken into account.  This is a quote from 
the article:

Although Reavey declined to get specific today, Smith, one of the researchers 
who reported the vulnerability, hinted at reasons. "The nature of this flaw is 
sort of unique," he said. "The mechanics of this are sort of unique as well. It 
was those unique qualities that required more time than Microsoft would 
normally need."

Smith refused to criticize Microsoft for not patching sooner. "All along the 
way, they've told me how far things have progressed," he said of Microsoft's 
security team. "They would ping me every time they reached a milestone on the 
fix."

On Fri, Jul 10, 2009 at 8:37 AM, Ziots, Edward  wrote:

http://www.computerworld.com/s/article/9135370/Microsoft_admits_it_knew_of_critical_IE_bug_in_early_08?source=CTWNLE_nlt_dailyam_2009-07-10

You know this type of stuff really burns me up, they knew since early 08 of 
this flaw, and did nothing about it, to fix it and get a patch out. No they 
gotta wait till hackers start exploiting this on a mass scale, and then they 
start paying attention. Scary part is how many other exploits do they know 
about that could have system-compromise type payloads, and haven't done 
anything about it.

Again another PR nightmare and another black-eye for M$ because of there lack 
of due-diligence, has put customers at risk.

Now note the fix is supposed to be coming out Tuesday for the various reported 
flaws ( including the last 2 IE ones) but it's a little too late when the bad 
guys already have plowed through thousands of computers and websites, with 
there exploits, and now those machines are apart of botnets, that are probably 
behind the spamming, and DDOS/DOS of GOVT sites, which has been posted on ISC 
from SANS.

Any thoughts folks? Tell yeah TAM's

Z


Edward Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I, ME, CCA, Security +, Network +
ezi...@lifespan.org
Phone:401-639-3505

From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com]
Sent: Thursday, July 09, 2009 6:35 PM
To: NT System Admin Issues
Subject: Re: Trend Micro and IE zero day exploit

hmm, makes me wonder if OpenDNS is offering something like this.  I think I'll 
take a look.
On Thu, Jul 9, 2009 at 5:07 PM, Devin Meade  wrote:
FYI - If you have Trend Micro Office Scan and are using the web reputation 
feature, you are covered:

http://us.trendmicro.com/us/threats/microsoft-mpeg-vulnerability/index.html
"Trend Micro products with Web Reputation technology currently block malicious 
URLs associated with this exploit."

-- Devin
 
 

 
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: WSUS and IE8

[Joe Tinney]

Probably from the same Patch Management list, but this just in:

 

There appears to be a coding boo-boo in the POLICY
{37B03544-A4C8-11D2-B634-00C04F79498E} portion of the X86.adm file.

It is missing this:

ITEMLIST

NAME "dword:0400" VALUE NUMERIC 1024

END ITEMLIST

 

Thanks

Gordon Pegue

 

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Friday, July 10, 2009 2:59 PM
To: NT System Admin Issues
Subject: Re: WSUS and IE8

 

Someone posted the link to the Patch Management list that I used

http://blogs.msdn.com/askie/archive/2009/07/08/quick-and-dirty-group-pol
icy-adm-template-to-implement-the-workaround-from-kb972890.aspx

Looks like there was a coding error in it, apparently

2009/7/10 Carl Houseman 

Is there a URL for those ".adm files available from MS"?  No one else
has mentioned them nor were they part of the "workarounds" section of
the SB.  It seems like such things would have been tested and not
hazardous to use. 

 

Carl

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Friday, July 10, 2009 2:28 PM


To: NT System Admin Issues
Subject: Re: WSUS and IE8

 

Yeah, I was intending to do it with a group policy preference, but when
I saw the .adm files available from MS, I thought I would save myself a
bit of time and apply them through a "normal" GPO, registry settings
from a .adm file

As usual, it turned out to be more work, and not less :-)

2009/7/10 Carl Houseman 

What do you mean by "standard GPO"?  A custom .adm file?

 

I think most of us are doing this in GPO by running a startup script to
run a .reg file.

 

Carl

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: Friday, July 10, 2009 5:57 AM
To: NT System Admin Issues
Subject: Re: WSUS and IE8

 

I managed to solve the problem here, but I am at a loss to explain it.

This morning I used Microsoft's .adm file to set the forty-odd killbits
via GPO for my server systems. Pretty soon after this I noticed IE8
being offered on a number of servers. For some reason all the WSUS
settings, which are applied via GPO, were gone from the Registry.
Running a gpupdate threw a few "parameter incorrect" errors in the
Application log on the GPO just created, which then seemed to choke the
rest of the GPOs off - even though it reported successful application.

Seems, in the absence of the WSUS settings, my servers went "running
home to mama" and decided to pull in the IE8 update, the XML Core
Services stuff, and the June Malicious Software Removal tool from
Windows Update. Deleting the link to the new GPO, and running a
gpupdate, then a wuauclt /detectnow, has made them disappear again.

Pretty weird. I am now going to have the nice job of entering all those
killbits into a Group Policy Preference instead of a standard GPO. Just
thought I would share in case anyone else notices the same thing.

2009/7/10 James Rankin 

Is it just me, or has everyone just noticed IE8 offering itself as an
update through WSUS? I am pretty sure I have not approved it, yet here
it is, along with an updare for Microsoft XML Core Services. I was sure
that it wasn't due to come through WSUS until August - and even then it
shouldn't have made it through the approval process without some
intervention.

-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

 

 




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

 

 




-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put
into the machine wrong figures, will the right answers come out?' I am
not able rightly to apprehend the kind of confusion of ideas that could
provoke such a question."

http://raythestray.blogspot.com

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Find text in files

[Joe Tinney]

Have you tried findstr.exe? I've not used it much but I know that what
you are asking for is exactly what it does. Looks like the /m switch
will output just file names that have the string and if you output that
to a file it should get you what you need.

 

http://technet.microsoft.com/en-us/library/bb490907.aspx

 

HTH

 

From: Glen Johnson [mailto:gjohn...@vhcc.edu] 
Sent: Friday, July 10, 2009 10:35 PM
To: NT System Admin Issues
Subject: Find text in files

 

I desperately need a pointer to get me going on this.

We have a machine somewhere that has been sending tons of spam through
our exchange server.

I stopped the smtp relay server before all of them got sent but now have
a problem.

The outgoing queue has 4000 plus files that I need to either delete or
move to a different folder based on the text in each file.

I tried using the dos find command but its output lists every file even
if it doesn't include the text.

So here is what I need.

Something that will search a file for a string, if the string is found,
output the name of the file to a text file.

Then I can use the for command to move the file to a junk folder.

Run this a couple of times to get rid of the spam and what I have left
are the legit emails that need to be processed.

Any help/suggestions/pointers appreciated.

Glen.

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Find text in files

[Joe Tinney]

No problem!

 

From: Glen Johnson [mailto:gjohn...@vhcc.edu] 
Sent: Saturday, July 11, 2009 2:57 PM
To: NT System Admin Issues
Subject: RE: Find text in files

 

Joe.

Thanks for the suggestion.  The findstr /m worked perfect.

Problem solved.

Glen

 

From: Joe Tinney [mailto:jtin...@lastar.com] 
Sent: Saturday, July 11, 2009 12:24 AM
To: NT System Admin Issues
Subject: RE: Find text in files

 

Have you tried findstr.exe? I've not used it much but I know that what
you are asking for is exactly what it does. Looks like the /m switch
will output just file names that have the string and if you output that
to a file it should get you what you need.

 

http://technet.microsoft.com/en-us/library/bb490907.aspx

 

HTH

 

From: Glen Johnson [mailto:gjohn...@vhcc.edu] 
Sent: Friday, July 10, 2009 10:35 PM
To: NT System Admin Issues
Subject: Find text in files

 

I desperately need a pointer to get me going on this.

We have a machine somewhere that has been sending tons of spam through
our exchange server.

I stopped the smtp relay server before all of them got sent but now have
a problem.

The outgoing queue has 4000 plus files that I need to either delete or
move to a different folder based on the text in each file.

I tried using the dos find command but its output lists every file even
if it doesn't include the text.

So here is what I need.

Something that will search a file for a string, if the string is found,
output the name of the file to a text file.

Then I can use the for command to move the file to a junk folder.

Run this a couple of times to get rid of the spam and what I have left
are the legit emails that need to be processed.

Any help/suggestions/pointers appreciated.

Glen.

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

RE: Installing Outlook 2007 on a server?

[Joe Tinney]

Are you looking to keep it running 24/7 to do rules that are client-side
only? The rules setup on the mailbox that are server-side do not require
the client to be running to process. The rules you create will be marked
as Client Only in your rules list after you create the rule if they are
not able to be processed client-side:

 

 

 

Client-side rules are processed only when the client is open.

 

Of course, that doesn't answer any of your questions and if you knew
that already then just ignore this. :)

 

From: Evan Brastow [mailto:ebras...@automatedemblem.com] 
Sent: Monday, July 13, 2009 10:51 AM
To: NT System Admin Issues
Subject: Installing Outlook 2007 on a server?

 

Hi guys,

 

Yes, I know this is flame bait.

 

Assuming adequate CPU power, is there any known reason why I couldn't
installed Outlook 2007 on a server? It would either be a W2k3 Server
domain controller, or a W2k Server box (non-dc) running Exchange 2003
Enterprise. I'm leaning toward putting it on the former. 

 

The purpose of this is that I have a mailbox that my customer service
people attach to that receives all of our orders-related emails. I'd
like to have a box with guaranteed uptime available to run the Outlook
client on so that it can do rule-based filing and marking of items as
they come in.

 

Downsides?

 

Thanks for your time  J

 

Evan

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~<>

RE: Apple vs Microsoft?

[Joe Tinney]

I can't answer your question but I can direct you to the Mac mailing lists 
hosted by Apple. http://lists.apple.com/mailman/listinfo

The Macos-x-server list is quite active:
http://lists.apple.com/mailman/listinfo/macos-x-server

The Interoperability list has virtually no traffic, unfortunately: 
http://lists.apple.com/mailman/listinfo/macosx-interop

Good luck!

-Original Message-
From: Shawn [mailto:sh...@loprestohome.com] 
Sent: Tuesday, July 14, 2009 10:01 PM
To: NT System Admin Issues
Subject: Apple vs Microsoft?

Does anyone here have any experience, good or bad, regarding the Apple XSERVE 
being utilized to host email, data storage, open directory, etc as an 
equivalent replacement for Microsoft Server? We are currently running SBS 2003 
and have 40 users, but will soon be upping that number to 150. My boss insists 
that moving everything over to a Mac environment will be a better long term 
move, but I am a bit hesitant without having some outside data to back that up.

I have been told that 150 users can be better managed on two XSERVE's than on a 
Windows Active directory network, yet I have had a rough time finding any 
direct comparisons.

If any of you have experience running either a mixed environment with both OS X 
Server and Windows Server or just a pure OS X environment w/ Mac clients as 
well, I would be interested to hear what your take on this is. 

I would also be very interested to here from anyone that has done a migration 
from Active directory to Open directory, along with any challenges on the user 
end. What challenges did you face? Are there any specifics that you can offer 
regarding stability, administration, etc? 

Thanks in advance for any input you can provide.

Shawn
~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Server 2008 and Windows Updates

[Joe Tinney]

Not specific to this error or anything.. but something I always try is
downloading the latest Windows Update Agent and install it. That has
resolved a lot of issues for me:

http://support.microsoft.com/kb/949104

-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Friday, July 17, 2009 10:21 AM
To: NT System Admin Issues
Subject: Server 2008 and Windows Updates

Has anyone had issues with Windows 2008 Server giving error when you try
to manually check for windows updates?
I have a fresh install, and it's doing it. After spending a day messing
with it, I rebuilt it and same thing. Fresh install, nothing custom.
The error code is 80072EE2. I've google it for several hours, and none
of the suggestions I've found work.
Weird thing is it will randomly work, but not consistantly.

This is running inside a VMWare ESX box. That shouldn't matter I don't
think.
It's not part of the domain yet, so no GPOs are applied.

Any ideas? Anyone seen this before?

Things I've tried:
- Rebuild
- Add 8530 to windows firewall
- Turn off windows firewall
- Restart windows update service
- Install Server 2008 SP2
- Delete the windows update temp directory
- Turn off all the IE security settings that I could find


Thanks in advance,
Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Google Home Page Today

[Joe Tinney]

Same here. Normal Google logo. I saw the Comic(" "|-|"")Con Google logo
last night from home, though.

 

From: Jim Majorowicz [mailto:jmajorow...@gmail.com] 
Sent: Friday, July 24, 2009 1:46 PM
To: NT System Admin Issues
Subject: RE: Google Home Page Today

 

I just see the normal Google logo...

 

From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] 
Sent: Friday, July 24, 2009 10:22 AM
To: NT System Admin Issues
Subject: Re: Google Home Page Today

 

You see a normal Google logo, or just don't care for DC comics
superheros? 

--
ME2

On Fri, Jul 24, 2009 at 1:15 PM, Jim Majorowicz 
wrote:

I see nothing special.  It must not think I'm cool or geeky enough.

 

From: Sherry Abercrombie [mailto:saber...@gmail.com] 
Sent: Friday, July 24, 2009 7:15 AM


To: NT System Admin Issues
Subject: OT: Google Home Page Today

 

Very cool Google home page today if you haven't seen it.

-- 
Sherry Abercrombie

"Any sufficiently advanced technology is indistinguishable from magic." 
Arthur C. Clarke
Sent from Azle, TX, United States 

 

 

 

 

 

 

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Office install audit

[Joe Tinney]

ProduKey. Has command line parameters to generate different types of
files and can use a computer list or the entire domain.

 

From: Gavin Wilby [mailto:gavin.wi...@gmail.com] 
Sent: Tuesday, March 23, 2010 11:21 AM
To: NT System Admin Issues
Subject: Office install audit

 

Hi,

 

I need to run something at login that will interrogate a few PC's on a
domain, and return to me their Office serial number that they have
installed.

 

I realise that Jelly bean can get this off, but I could do with
something automated?

 

Ideas please?

-- 
Gavin Wilby,
Twitter: http://twitter.com/gavin_wilby
GSXR Blog: http://www.stoof.co.uk

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Roaming profiles issue

[Joe Tinney]

The document below suggests that it is available on Windows 2000 and
Windows 2003, but is unclear if it means on the hard drive or the media:
http://download.microsoft.com/download/9/8/5/98558ea1-3754-4650-9e8d-8c1
72649f351/E2k3TransnRouting.doc

I could not find it on the system drive of a Windows Server 2003 SP2
Standard system.


-Original Message-
From: Eric Brouwer [mailto:er...@forestpost.com] 
Sent: Thursday, April 08, 2010 3:35 PM
To: NT System Admin Issues
Subject: Re: Roaming profiles issue

Where might one acquire nltest.exe if they don't have access to the NT  
Resource Kit?

On Apr 8, 2010, at 11:47 AM, Miller Bonnie L. wrote:

> Try to use nltest to verify the secure channel--you'll want to use  
> sc_query:
> http://support.microsoft.com/kb/158148/EN-US/
>
>
> -Original Message-
> From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
> Sent: Thursday, April 08, 2010 8:44 AM
> To: NT System Admin Issues
> Subject: RE: Roaming profiles issue
>
> Yeah--and the same thing doesn't work from the PDC, right?  Also,  
> from the BDC, can you connect to a share on the PDC, such as \\pdc 
> \netlogon, or does that fail?  If so, then the BDC's computer  
> account might be out of sync with the domain.
>
> -Original Message-
> From: Eric Brouwer [mailto:er...@forestpost.com]
> Sent: Thursday, April 08, 2010 8:35 AM
> To: NT System Admin Issues
> Subject: Re: Roaming profiles issue
>
> The only way I could think of to test this was to fire up IE, and  
> put \
> \BDC_name\profiles_share into the address bar.  This did return a
> directory listing of the profiles.  Is this kind of what you were
> referring to?
>
> On Apr 8, 2010, at 11:14 AM, Miller Bonnie L. wrote:
>
>> Assuming the server service is running, can you connect back to a
>> UNC path share of the BDC while on the BDC?  If so, the suggestion
>> about the DCs being out of sync could be correct and you might have
>> to look at using tools to reset the computer account on the BDC--
>> IIRC that would be nltest and/or netdom?
>>
>> -bonnie
>>
>> -Original Message-
>> From: Eric Brouwer [mailto:er...@forestpost.com]
>> Sent: Thursday, April 08, 2010 7:47 AM
>> To: NT System Admin Issues
>> Subject: Re: Roaming profiles issue
>>
>> There are no WINS servers set on the BDC, and I don't believe WINS is
>> running anywhere.  There is no WINS service on the PDC.  The BDC is
>> using LMHOSTS.  I can ping the PDC both by name and IP.
>>
>> On Apr 8, 2010, at 10:39 AM, Miller Bonnie L. wrote:
>>
>>> How is WINS?  Can the BDC get name lookups to the PDC and the domain
>>> name that way?
>>>
>>> -Original Message-
>>> From: Eric Brouwer [mailto:er...@forestpost.com]
>>> Sent: Thursday, April 08, 2010 7:30 AM
>>> To: NT System Admin Issues
>>> Subject: Roaming profiles issue
>>>
>>> Good morning,
>>>
>>> I'm having a roaming profile issue this morning on a (don't laugh)
>>> Windows NT domain.  A few of our legacy PCs login to the old NT
>>> domain
>>> for their roaming profiles.  When users login, they get an error  
>>> that
>>> their profile is not available.
>>>
>>> There is a PDC and a DBC.  Profiles are on the BDC.  The PDC and BDC
>>> can see each other, and I can browse the shares on both, but when I
>>> go
>>> into the shares, I get an inaccessible error.  From my laptop, which
>>> is not part of the domain, I can open files on the PDC, but not on
>>> the
>>> BDC.  In the event viewer of the BDC I'm getting an Event ID:3096.
>>> The Windows NT domain controller for this domain could not be
>>> located.
>>>
>>> Any idea what might be wrong?  We had a power outage last night, but
>>> this is the only issue we're running into.
>>>
>>> Thanks,
>>>
>>> Eric Brouwer
>>> IT Manager
>>> www.forestpost.com
>>> er...@forestpost.com
>>> 248.855.4333
>>>
>>>
>>>
>>>
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~   ~
>>>
>>
>>
>> Eric Brouwer
>> IT Manager
>> www.forestpost.com
>> er...@forestpost.com
>> 248.855.4333
>>
>>
>>
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>
>
> Eric Brouwer
> IT Manager
> www.forestpost.com
> er...@forestpost.com
> 248.855.4333
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ 

RE: Roaming profiles issue

[Joe Tinney]

It is on the Windows 2003 Server CD in: \SUPPORT\TOOLS\SUPPORT.CAB\

Installing SUPTOOLS.MSI should get you there.

-Original Message-
From: Joe Tinney [mailto:jtin...@lastar.com] 
Sent: Thursday, April 08, 2010 3:44 PM
To: NT System Admin Issues
Subject: RE: Roaming profiles issue

The document below suggests that it is available on Windows 2000 and
Windows 2003, but is unclear if it means on the hard drive or the media:
http://download.microsoft.com/download/9/8/5/98558ea1-3754-4650-9e8d-8c1
72649f351/E2k3TransnRouting.doc

I could not find it on the system drive of a Windows Server 2003 SP2
Standard system.


-Original Message-
From: Eric Brouwer [mailto:er...@forestpost.com] 
Sent: Thursday, April 08, 2010 3:35 PM
To: NT System Admin Issues
Subject: Re: Roaming profiles issue

Where might one acquire nltest.exe if they don't have access to the NT  
Resource Kit?

On Apr 8, 2010, at 11:47 AM, Miller Bonnie L. wrote:

> Try to use nltest to verify the secure channel--you'll want to use  
> sc_query:
> http://support.microsoft.com/kb/158148/EN-US/
>
>
> -Original Message-
> From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu]
> Sent: Thursday, April 08, 2010 8:44 AM
> To: NT System Admin Issues
> Subject: RE: Roaming profiles issue
>
> Yeah--and the same thing doesn't work from the PDC, right?  Also,  
> from the BDC, can you connect to a share on the PDC, such as \\pdc 
> \netlogon, or does that fail?  If so, then the BDC's computer  
> account might be out of sync with the domain.
>
> -Original Message-
> From: Eric Brouwer [mailto:er...@forestpost.com]
> Sent: Thursday, April 08, 2010 8:35 AM
> To: NT System Admin Issues
> Subject: Re: Roaming profiles issue
>
> The only way I could think of to test this was to fire up IE, and  
> put \
> \BDC_name\profiles_share into the address bar.  This did return a
> directory listing of the profiles.  Is this kind of what you were
> referring to?
>
> On Apr 8, 2010, at 11:14 AM, Miller Bonnie L. wrote:
>
>> Assuming the server service is running, can you connect back to a
>> UNC path share of the BDC while on the BDC?  If so, the suggestion
>> about the DCs being out of sync could be correct and you might have
>> to look at using tools to reset the computer account on the BDC--
>> IIRC that would be nltest and/or netdom?
>>
>> -bonnie
>>
>> -Original Message-
>> From: Eric Brouwer [mailto:er...@forestpost.com]
>> Sent: Thursday, April 08, 2010 7:47 AM
>> To: NT System Admin Issues
>> Subject: Re: Roaming profiles issue
>>
>> There are no WINS servers set on the BDC, and I don't believe WINS is
>> running anywhere.  There is no WINS service on the PDC.  The BDC is
>> using LMHOSTS.  I can ping the PDC both by name and IP.
>>
>> On Apr 8, 2010, at 10:39 AM, Miller Bonnie L. wrote:
>>
>>> How is WINS?  Can the BDC get name lookups to the PDC and the domain
>>> name that way?
>>>
>>> -Original Message-
>>> From: Eric Brouwer [mailto:er...@forestpost.com]
>>> Sent: Thursday, April 08, 2010 7:30 AM
>>> To: NT System Admin Issues
>>> Subject: Roaming profiles issue
>>>
>>> Good morning,
>>>
>>> I'm having a roaming profile issue this morning on a (don't laugh)
>>> Windows NT domain.  A few of our legacy PCs login to the old NT
>>> domain
>>> for their roaming profiles.  When users login, they get an error  
>>> that
>>> their profile is not available.
>>>
>>> There is a PDC and a DBC.  Profiles are on the BDC.  The PDC and BDC
>>> can see each other, and I can browse the shares on both, but when I
>>> go
>>> into the shares, I get an inaccessible error.  From my laptop, which
>>> is not part of the domain, I can open files on the PDC, but not on
>>> the
>>> BDC.  In the event viewer of the BDC I'm getting an Event ID:3096.
>>> The Windows NT domain controller for this domain could not be
>>> located.
>>>
>>> Any idea what might be wrong?  We had a power outage last night, but
>>> this is the only issue we're running into.
>>>
>>> Thanks,
>>>
>>> Eric Brouwer
>>> IT Manager
>>> www.forestpost.com
>>> er...@forestpost.com
>>> 248.855.4333
>>>
>>>
>>>
>>>
>>>
>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>>
>>> ~ Finally, powerful endpo

RE: Outlook 2007 Strangeness

[Joe Tinney]

Cameron,

 

What is the entire error message? 

 

Thanks,

Joe

 

From: Cameron [mailto:cameron.orl...@gmail.com] 
Sent: Friday, April 09, 2010 3:07 PM
To: NT System Admin Issues
Subject: Outlook 2007 Strangeness

 

Hello all,

Exchange 2003 & Outlook 2007

 

I have one user that when she tries to send vcard information (internal
and external), she immediately gets back a "you do not have permission
to send to this recipient, etc". It is *only* when she sends the vcard,
all other emails to the same people work fine. I can test the same
addresses with a vcard (same setup) and it works fine.

 

Ideas?

 

TIA

Cameron

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: msvcrt.dll error: _except_handler4_common

[Joe Tinney]

You might try Process Explorer and using the Find function to find
msvcrt.dll. That would at least tell you the processes that are using
it. This usually works for me whenever the erroring application actually
hangs and doesn't just exit and note the error. If it just continues on
and actually exits you may have a difficult time indeed tracking it
down.

 

Doing a search on my Win 7 64-bit system found 36 processes using that
DLL at the moment.

 

Good luck!

 

Joe 

 

From: Mike Gill [mailto:lis...@canbyfoursquare.com] 
Sent: Monday, April 12, 2010 8:20 PM
To: NT System Admin Issues
Subject: msvcrt.dll error: _except_handler4_common

 

This is on Windows 2003 std 32bit. I get this error when trying to run
the management console for Soapbox Server (an xmpp messaging package).
This was working months ago, but I had to stop working on it until now
due to lack of time.  Even trying to reinstall gives me the same message
just as it comes to the screen for creating/using the SQLExpress
database.

 

Searching online mentions using depends.exe to try and figure out what
is hitting the msvcrt.dll, but I can't seem to figure out how to make
depends.exe do that. I've tried process monitor and only see registry
paths come up. Other people have found dwmapi.dll on their system and
solved this error by renaming or deleting that file, but it's not
present on my system.

 

This function is present in the Vista msvcrt.dll, but not the XP/2003
version. Looking for answers or tips on how to solve this. TIA.

 

-- 
Mike Gill

 

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

RE: Bug in Win7 dir command

[Joe Tinney]

I can put in a web support ticket later today. 

 

I have no idea how to submit a bug to them other than going through
support channels, and it seems that Google doesn't, either. A shame you
can't just let them know somehow.

 

I'm tempted to call our account rep and see what she recommends for
general bug submissions. Maybe you could post it to some blogs, like the
Core Team?

 

http://blogs.technet.com/askcore/contact.aspx

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Wednesday, April 14, 2010 2:23 PM
To: NT System Admin Issues
Subject: RE: Bug in Win7 dir command

 

Thanks Joe.

 

Is there any way to find out if MS knows about this bug (besides calling
PSS)?  I was going to post about it on Microsoft Answers but every time
I try to "ask a question" it gives me "The page you are attempting to
view is temporarily unavailable due to system maintenance. Please try
again later."  That's what makes life using the cloud so much fun, the
incredible reliability of it all...

 

Carl

 

From: Joe Tinney [mailto:jtin...@lastar.com] 
Sent: Wednesday, April 14, 2010 2:08 PM
To: NT System Admin Issues
Subject: RE: Bug in Win7 dir command

 

+1 - Offline Folders enabled and synchronized - not the root - 8.3 name
only

 

H:\FOLDERS\FOLDERS\ZIP>dir

 Volume in drive H is New Volume

 Volume Serial Number is 3235-0D55

 

 Directory of H:\FOLDERS\FOLDERS\ZIP

 

03/17/2010  03:56 PM  .

03/17/2010  03:56 PM  ..

08/15/2008  03:48 PM 6,464,440 Creative.zip

01/24/2008  04:38 PM53,232 Default.zip

08/13/2008  12:13 PM   660,972 duplicate_finder.zip

06/18/2008  03:14 PM 2,353,840 Leve0.pdf.zip

06/06/2008  03:50 PM 4,510,532 Personal PDF.zip

   5 File(s) 14,043,016 bytes

   2 Dir(s)  526,708,776,960 bytes free

 

H:\FOLDERS\FOLDERS\ZIP>dir Creative.zip

 Volume in drive H is New Volume

 Volume Serial Number is 3235-0D55

 

 Directory of H:\FOLDERS\FOLDERS\ZIP

 

08/15/2008  03:48 PM 0 Creative.zip

   1 File(s)  0 bytes

   0 Dir(s)  526,707,916,800 bytes free

 

H:\FOLDERS\FOLDERS\ZIP>dir Leve0.pdf.zip

 Volume in drive H is New Volume

 Volume Serial Number is 3235-0D55

 

 Directory of H:\FOLDERS\FOLDERS\ZIP

 

06/18/2008  03:14 PM 2,353,840 Leve0.pdf.zip

   1 File(s)  2,353,840 bytes

   0 Dir(s)  526,707,916,800 bytes free

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Wednesday, April 14, 2010 12:12 PM
To: NT System Admin Issues
Subject: RE: Bug in Win7 dir command

 

That exe in my first screenshot was 9.3 and of course .docx is .4.  I
took the first vncviewer.exe and copied it to an 8.3 name.  Dir on that
8.3 file name shows 0 as well, so I think you have it right.

 

 

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Wednesday, April 14, 2010 8:53 AM
To: NT System Admin Issues
Subject: RE: Bug in Win7 dir command

 

Thanks.  Mine is 2003 R1 and no DFS, doesn't matter if it's redirected
or not.  It would appear if the path and file name components conform to
8.3 naming they are affected, otherwise not.

 

Carl

 

From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] 
Sent: Wednesday, April 14, 2010 11:40 AM
To: NT System Admin Issues
Subject: RE: Bug in Win7 dir command

 

I think I can replicate it here.  Win7x64 +patches.  Mapped to a drive,
in my case it's also a folder redirected drive and mapped using DFS-R,
on a WS03 R2 SP2 + patches server.  DFS-R root servers could be WS03 R2
SP2, WS08 SP2, or WS08 R2 (+ patches).  Folder is available offline and
showing as synchronized.

 

What's interesting is that it doesn't happen on every file.  For
example, a *.docx and a *.exe file are both reporting correctly, but a
*.txt and a *.cmd file are reporting 0 bytes when they are not.

 

 

-Bonnie

 

From: Carl Houseman [mailto:c.house...@gmail.com] 
Sent: Wednesday, April 14, 2010 8:05 AM
To: NT System Admin Issues
Subject: Bug in Win7 dir command

 

Can anyone reproduce this?  The required conditions, so far, appear to
be:

 

Using Windows 7 x64, haven't tried other flavors of 7 yet.

Drive is mapped to a server (in my case 2003 SP2).

Must be in a folder, not at the root.

Folder is available offline.

Folder name(s) must not contain spaces or other chars that require
quoting.

 

M:\test>dir

 Volume in drive M is Data

 Volume Serial Number is 0A01-AAFA

 

 Directory of M:\test

 

04/14/2010  10:53 AM  .

04/14/2010  10:53 AM  ..

01/16/2010  02:38 AM 2,477 backup.cmd

   1 File(s)  2,477 bytes

   2 Dir(s)  35,857,784,832 bytes free

 

M:\test>dir backup.cmd

 Volume in drive M is Data

 Volume Serial Number is 0A01-AAFA

 

 Directory of M:\test

 

01/16/2010  02:38 AM