RE: DFSR
It depends. There are 2 parts to DFS- the DFS namespace and DHS Replication. You can use the namespace without doing replication, but you can do replication without the namespace. I use the DFS namespace on all shares so that when I replace a file server, all of the links to it will still work. I.e. DFS namespace domain.com\dfs\share points to \\server\mysharefile:///\\server\myshare. I can plug in \\newserver\newsharefile:///\\newserver\newshare and people can till access it using the same DFS path. DFS replication doesn't do you any good unless you have multiple locations involved, so I don't use it there. The other thing to keep in mind with DFSR is that it doesn't do distributed file locking, so even though you have the data in multiple locations, you can't let people edit the same files from different locations. I use it mainly for backup and RO data for my users. ...Tim From: David Lum [mailto:david@nwea.org] Sent: Monday, April 29, 2013 2:03 PM To: NT System Admin Issues Subject: DFSR I resolved my DFS issue from last week (pilot error :)). My question is this: Is there a reason not to leverage DFS for most file shares? It seems to me like it's a good way to be able to down a server (read: patch and reboot) and keep the file shares available, but I also know with something that's new to me makes it easy to overlook something simple. I'd guess it's not a good idea to DFS *every* file share, just mission-critical ones? In the scenario I care about the sites are all connected at 10Mbit or better and there's no more than 40 users connected to any one server at a time and 55 is the total user count. All storage is local, no SAN /iSCSI, etc. I did find this too: http://blogs.technet.com/b/askds/archive/2010/11/01/common-dfsr-configuration-mistakes-and-oversights.aspx Seems like the only downside - as long as you're paying attention to things listed in the link above - is using 2x/3x+ of the overall disk space as without DFSR, and possible traffic if you are a huge environment with very slow connections. David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: End of month plan B for list shutdown.
They were cool, right? …Tim -Original Message- From: Ryan Finnesey [mailto:r...@finnesey.com] Sent: Monday, April 29, 2013 8:17 PM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. I remember lots of chatter and banter back in the day on the old exchange list regarding PSTs and brick-level backups lol -Original Message- From: Maglinger, Paul [mailto:pmaglin...@scvl.com] Sent: Monday, April 29, 2013 3:08 PM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. ➢ Just hate the web based forums Me too, but I think most of the people that migrated over there didn't like the chatter on the list. From: Ryan Finnesey [mailto:r...@finnesey.com] Sent: Monday, April 29, 2013 1:57 PM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. I need to pop over there and check it out….. Just hate the web based forums…… maybe we can get them back on the new listserv. From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Monday, April 29, 2013 1:42 PM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. Many of the Exchange swynk people are on the Microsoft forums; some of them have moved on (into management, ownership, and other career changes); some of them have retired. From: Ryan Finnesey [mailto:r...@finnesey.com] Sent: Monday, April 29, 2013 12:55 PM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. I really miss the old Swynk exchange list. Great group of people, good time had on the list and even more fun meeting up with them at MECs. Cheers Ryan From: Pete Howard [mailto:pchow...@yahoo.com] Sent: Monday, April 29, 2013 11:16 AM To: NT System Admin Issues Subject: Re: End of month plan B for list shutdown. Rods lists at myitorum have a long history in tech lists that go way back to when most of the old Swynk lists of from the late 90s to early 00s migrated there. Swynk had a great sms and exchange community and I know all the SMS\SCCM people went to myitforum. Not sure what happened to the exchange community but it never seemed the same. From: Kennedy, Jim kennedy...@elyriaschools.org To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, April 29, 2013 10:44 AM Subject: RE: End of month plan B for list shutdown. Rob’s list has picked up a few peeps already. It is fast, it is both email and web so people can do it the way they want. Consensus seems to be Rob’s. From: Richard McClary [mailto:richard.mccl...@aspca.org] Sent: Monday, April 29, 2013 10:43 AM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. Question – we’ve had both Rod and Ben offer to host, and both have given links. Do those wishing to continue a mail-based (rather than web-based) forum go with Rod’s? Is that what the agreement seems to be? Thanks to both Rod and Ben! -- richard From: Rod Trent [mailto:rodtr...@myitforum.com] Sent: Monday, April 29, 2013 9:29 AM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. Done. Link is here: http://myitforum.com/myitforumwp/services/email-lists/ Rod Trent From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, April 29, 2013 10:18 AM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. Sounds good to me and post the link so we can start over there… Z Edward E. Ziots, CISSP, CISA, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org Work:401-444-9081 This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. From: David Lum [mailto:david@nwea.org] Sent: Monday, April 29, 2013 9:05 AM To: NT System Admin Issues Subject: RE: End of month plan B for list shutdown. I vote do it. I prefer e-mail to web forum for this stuff. From: rodtr...@myitforum.com [mailto:rodtr...@myitforum.com] Sent: Monday, April 29, 2013 5:23 AM To: NT System Admin Issues Subject: Re: End of month plan B for list shutdown. I can set up a list in a few minutes, just say the word. We already host over 25 lists and have plenty of bandwidth to spare. Sent from Microsoft Surface Pro From: Kennedy, Jim Sent: Monday, April 29, 2013 8:14 AM To: NT System Admin Issues The end of the month and allegedly the end of the list is tomorrow. We need a plan B to get back in contact to get this
RE: Virtualization
That sounds like what these guys did: http://blogs.technet.com/b/privatecloud/archive/2013/02/21/surface-pro-hijinks-video.aspx Install Server 2012 on 4 Surface Pro tablets, enable Hyper-V, create some VMs, and then use Shared-Nothing Live Migration to move them around over a WiFi Hotspot. …Tim From: Pete Howard [mailto:pchow...@yahoo.com] Sent: Friday, April 26, 2013 6:32 AM To: NT System Admin Issues Subject: Re: Virtualization I have a clustered mobile san based on iphone farm storage with that same pdf. From: Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Sent: Friday, April 26, 2013 9:05 AM Subject: RE: Virtualization I have a PDF on my SAN somewhere that addresses this.. I’ll send it with my Linux email client. -sc From: itli...@imcu.commailto:itli...@imcu.com [mailto:itli...@imcu.com] Sent: Friday, April 26, 2013 7:10 AM To: NT System Admin Issues Subject: Virtualization Looking to virtualize 7 windows 2008 servers. A couple of questions: How do I size a Virtualized server and san? Which virtual server software is best? Hyper V, VMware, citrix Any guidance in this area is appreciated… ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Google Drive
When we first started to migrate to that new 10-BaseT thing, we used Cabletron transceivers that allowed us to connect the cable to the AUI connector on our old 3-COM nics. I just checked and you can still buy one of them on EBay for $25. I think we used to pay something like $100 for them back in the day, but it was cheaper than buying new nics. Good times! From: Richard McClary [mailto:richard.mccl...@aspca.org] Sent: Friday, April 12, 2013 1:17 PM To: NT System Admin Issues Subject: RE: Google Drive University of Illinois (UIUC) still had vampire tapping (some locations) in the mid-90's. When I moved from being a research biologist to a sysadmin, my department had lots of thin net, Canary boxes, and protocol converters in a serious tripping hazard throughout the call center. I still treasure my 3Com card that has an RJ-45, a BNC, and an AUI port (I also have both the BNC and RJ-45 AUI adapters, and yes, I know, the AUI's were really for the vampire clamps). More advanced setups had 10-Base-3 but with proprietary wiring. We had to go to one particular shop on campus to have our cables made. (The big 10-Base-T standard wiring conversion didn't happen until I was safely away from UIUC.) -- richard From: Guyer, Don [mailto:dgu...@che.org] Sent: Friday, April 12, 2013 3:06 PM To: NT System Admin Issues Subject: RE: Google Drive That is old! Bet people were Vampire-tapping back then...or maybe it was 4-wire phone cable. Regards, Don Guyer Catholic Health East - Information Technology Enterprise Directory Messaging Services 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 email: dgu...@che.orgmailto:dgu...@che.org Office: 610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440 For immediate assistance, please open a Service Desk ticket or call the helpdesk @ 610-492-3839. [Description: Description: Description: InfoService-Logo240] From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, April 12, 2013 3:54 PM To: NT System Admin Issues Subject: Re: Google Drive I remember 8 floppies, too, but you couldn't fold them as well, because they had to fold smaller. But, they were pretty durable. ASB http://XeeMe.com/AndrewBakerhttp://xeeme.com/AndrewBaker Providing Virtual CIO Services (IT Operations Information Security) for the SMB market... On Fri, Apr 12, 2013 at 3:47 PM, Scott Schneider sschnei...@inscapesolutions.commailto:sschnei...@inscapesolutions.com wrote: Your just a young'un. I remember 8 floppies, both hard and soft sectored. We used to have to change a pulley to get European drives to work in North America. There are CNC machines on our shop floor that can still read paper tape (we use an RS232 interface instead) :o) From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: April-12-13 1:28 PM To: NT System Admin Issues Subject: Re: Google Drive 5.25 floppies were the ultimate in reliability. You could put them into your pocket, folder them up, and even spill soda on them. (I recovered data from two different soda spill scenarios) I suspect that the feeble density of the data is what helped us with those, and what kills us with everything else. :) ASB http://XeeMe.com/AndrewBakerhttp://xeeme.com/AndrewBaker Providing Virtual CIO Services (IT Operations Information Security) for the SMB market... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail, including any attachments is the property of Catholic Health East and is intended for the sole use of the intended recipient(s). It may contain information that is privileged and confidential. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please delete this message, and reply to the sender regarding the error in a separate email. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
RE: Google Drive
My favorite programming language is profanity. From: Jon Harris [mailto:jk.har...@live.com] Sent: Friday, April 12, 2013 5:25 PM To: NT System Admin Issues Subject: RE: Google Drive You talk to machines much too? ROFLMAO Jon From: richard.mccl...@aspca.orgmailto:richard.mccl...@aspca.org To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date: Fri, 12 Apr 2013 18:25:59 + Subject: RE: Google Drive I've been through too many software upgrades where having the office door closed is appropriate and proper. -- richard From: kz2...@googlemail.commailto:kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Friday, April 12, 2013 1:18 PM To: NT System Admin Issues Subject: Re: Google Drive I once remember talking a customer through a software upgrade using 5.25 disks. When I told him to shut the door (of the drive), I can still recall hearing the sound of his office door closing down the phone. One of many priceless moments as I learned my trade on the front line of support. Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: Guyer, Don dgu...@che.orgmailto:dgu...@che.org Date: Fri, 12 Apr 2013 14:12:43 -0400 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: Google Drive and use them as Chinese Stars... Regards, Don Guyer Catholic Health East - Information Technology Enterprise Directory Messaging Services 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 email: dgu...@che.orgmailto:dgu...@che.org Office: 610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440 For immediate assistance, please open a Service Desk ticket or call the helpdesk @ 610-492-3839. [Description: Description: Description: InfoService-Logo240] From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, April 12, 2013 1:28 PM To: NT System Admin Issues Subject: Re: Google Drive 5.25 floppies were the ultimate in reliability. You could put them into your pocket, folder them up, and even spill soda on them. (I recovered data from two different soda spill scenarios) I suspect that the feeble density of the data is what helped us with those, and what kills us with everything else. :) ASB http://XeeMe.com/AndrewBakerhttp://xeeme.com/AndrewBaker Providing Virtual CIO Services (IT Operations Information Security) for the SMB market... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail, including any attachments is the property of Catholic Health East and is intended for the sole use of the intended recipient(s). It may contain information that is privileged and confidential. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please delete this message, and reply to the sender regarding the error in a separate email. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
RE: OT: Just A Bunch of Noise, or The Beginning of The End?
Woody Leonhard was just commenting on the same thing: http://www.infoworld.com/t/microsoft-windows/gartner-and-idc-predictions-oops-forget-what-we-said-last-time-215830 ...Tim -Original Message- From: Bill Humphries [mailto:nt...@hedgedigger.com] Sent: Friday, April 05, 2013 9:05 AM To: NT System Admin Issues Subject: Re: OT: Just A Bunch of Noise, or The Beginning of The End? I just wish the media would just ignore everything Gartner says. I don't know why anyone takes their opinions seriously. They also said that Apple should get out of the hardware business and partner with Dell at some point. They predicted years ago that HP would be out of the PC business. Bill Roger Wright wrote: http://usmarketbuzz.com/msft-microsoft-corporation-nasdaqmsft-will-grow-obsolete-by-2017-gartner-3206# Roger Wright ___ You can't believe most of the quotes you read on the internet. - Abraham Lincoln ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com mailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Details of the February 22nd 2013 Windows Azure Storage Disruption
I suspect, if you check the terms of service for Azure, you wouldn't be able to sue them for anything more than whatever your SLA says you will get. I'm sure their liability is limited up front, not matter what they admit to have done or not. FWIW, I thought it was a pretty straightforward explanation of what happened and the steps they took to prevent it from happening again. …Tim -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Tuesday, March 05, 2013 12:38 PM To: NT System Admin Issues Subject: Re: Details of the February 22nd 2013 Windows Azure Storage Disruption What more can be said? Having had very similar issues where I work (co-worker patched and rebooted all the production servers in a small resource domain 3 days early because he clicked the wrong box) why wouldn't you take this at face value? Because Microsoft wouldn't want to be sued by everybody who lost business during the outage. It is in their best interest to say Yup, it was a problem, and we fixed it. It is _not_ in their best interest to say Yup, it was a problem. We forgot to do something we were supposed to do. We fixed it. It's a small thing, but it's still important to those pesky lawyers. cynicAnd why wouldn't they lie, if it makes them look better anyways? Maybe they had a much more major issue. Sure, it's more likely that they had their certificate issue, but who knows./cynic --Matt Ross Ephrata School District - Original Message - From: Steven Peck [mailto:sep...@gmail.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Tue, 05 Mar 2013 12:11:41 -0800 Subject: Re: Details of the February 22nd 2013 Windows Azure Storage Disruption Did you just manage to agree and also imply Sure, they released it but are probably still not telling us what 'really happened? Because that's sort of what it seems like you just did. They said they had a process and human error entered the process. Now that they know what happened they can take steps to hopefully reduce the chance of it happening again. What more can be said? Having had very similar issues where I work (co-worker patched and rebooted all the production servers in a small resource domain 3 days early because he clicked the wrong box) why wouldn't you take this at face value? Steven Peck http://www.blkmtn.org On Tue, Mar 5, 2013 at 10:36 AM, Matthew W. Ross mr...@ephrataschools.orgwrote: Agreed, but I also know that all released information goes through PR. I'm sure this released report was scrubbed clean of anything that could have made Microsoft liable. Heck, I'm guilty of a bit of spin. I accidentally plugged a switch back into itself, causing a loop? My internal release states A network configuration error occurred. Sm:)e. --Matt Ross Ephrata School District - Original Message - From: Ben Scott [mailto:mailvor...@gmail.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Tue, 05 Mar 2013 10:28:00 -0800 Subject: Re: Details of the February 22nd 2013 Windows Azure Storage Disruption On Tue, Mar 5, 2013 at 12:43 PM, Tim Evans tev...@sparling.com wrote: http://blogs.msdn.com/b/windowsazure/archive/2013/03/01/details-of-the-february-22nd-2013-windows-azure-storage-disruption.aspx I give MSFT credit for doing a good analysis and *publishing it*. A lot of companies just say Sorry, we've fixed it, and we promise it'll never happen again (and this time, we really mean it) over and over. Good on them for that. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally
RE: IIS reporting/monitoring free tool
Nice trick. I didn't know that was there. Looks pretty useful. ...Tim From: Steven Peck [mailto:sep...@gmail.com] Sent: Thursday, February 28, 2013 1:24 PM To: NT System Admin Issues Subject: Re: IIS reporting/monitoring free tool For basic testing from a client machine you can also use F12 in IE. Go to Network, Start Capture Type in the URL Click around, do stuff. Stop Capture. It will at least get you response request information, various calls etc. and it's most likely on the client system already. That said, play around with the other tools, this just happens to already be there. :) On Thu, Feb 28, 2013 at 12:47 PM, Ziots, Edward ezi...@lifespan.orgmailto:ezi...@lifespan.org wrote: Fiddler can tell you some of the same information but httpwatch is a good tool to troubleshoot client side issues when looking at web information. Z Edward E. Ziots, CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.orgmailto:ezi...@lifespan.org This electronic message and any attachments may be privileged and confidential and protected from disclosure. If you are reading this message, but are not the intended recipient, nor an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that you are strictly prohibited from copying, printing, forwarding or otherwise disseminating this communication. If you have received this communication in error, please immediately notify the sender by replying to the message. Then, delete the message from your computer. Thank you. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.commailto:kurt.b...@gmail.com] Sent: Thursday, February 28, 2013 3:19 PM To: NT System Admin Issues Subject: Re: IIS reporting/monitoring free tool That's pretty cool. I'm going to try that. Kurt On Thu, Feb 28, 2013 at 12:02 PM, Kevin Lundy klu...@gmail.commailto:klu...@gmail.com wrote: I think you are looking for something like http watch http://www.httpwatch.com/ On Thu, Feb 28, 2013 at 1:13 PM, itli...@imcu.commailto:itli...@imcu.com itli...@imcu.commailto:itli...@imcu.com wrote: That is basically it. The application developer says that brute force testing on my server shows response time for 1000 pages on 10 accounts concurrently have an average 1.55 second response with is below their required 2.00 response. But the users are showing as much as 5 minutes from Get to Post. On their workstation on a 10/100 switch. No WAN traffic all on the same LAN and same SWITCH for 20 of the 23 users. So I am game for anything I can do to show the developer there are issues my users can not live with. But for now I am limited to their tools and their results. Thanks for all the help. From: Ken Schaefer [mailto:k...@adopenstatic.commailto:k...@adopenstatic.com] Posted At: Wednesday, February 27, 2013 5:01 PM Posted To: itli...@imcu.commailto:itli...@imcu.com Conversation: IIS reporting/monitoring free tool Subject: RE: IIS reporting/monitoring free tool The best way you are going to get a true picture of this if is you run the tool on the client machine, or at the client's location. Not on the server. On the server you can look at the Time-Taken field in the IIS logs to get some idea of how long it takes IIS to put the page onto the wire. That's not the same as the client actually receiving the packet, and doesn't take into account any proxies, accelerators, caches etc. between the server and the client. Anyway, if you have some more requirements, then perhaps we can help with your searching. Cheers Ken From: itli...@imcu.commailto:itli...@imcu.com [mailto:itli...@imcu.commailto:itli...@imcu.com] Sent: Thursday, 28 February 2013 7:56 AM To: NT System Admin Issues Subject: RE: IIS reporting/monitoring free tool Solarwinds, didn't give me the results I wanted, I need to know how long each page is taken to return to the client workstations for a particular app. Couldn't get AWSTATS to even give me one result.(Had it working on another server last year but can not get this one to configure properly.) IIS reporter but it is only giving me active connections to IIS not per page or duration times? I saw Beta 7.0 had a IIS reporting tool but dev decided it wasn't need for admin tools of IIS 7.5??? Seems like that would be a good thing, unless they were borrowing someones code to get their results??? Anyways, thought I would try here?? From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Posted At: Tuesday, February 26, 2013 10:31 AM Posted To: itli...@imcu.commailto:itli...@imcu.com Conversation: IIS reporting/monitoring free tool Subject: Re: IIS reporting/monitoring free tool Given the number of google entries that cover this request, what have you already ruled out and why? ASB http://XeeMe.com/AndrewBaker Providing Virtual CIO Services (IT Operations
RE: This has been in the news a lot lately, and it's interesting
HIV, ROFL! I heard he wasn't wearing any pants either. Seriously, I thought it was a pretty good interview. …Tim -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Wednesday, February 20, 2013 12:27 PM To: NT System Admin Issues Subject: RE: This has been in the news a lot lately, and it's interesting Correction, Martin Bros made up the new buzzword on twitter. -Original Message- From: Kennedy, Jim Sent: Wednesday, February 20, 2013 3:23 PM To: NT System Admin Issues Subject: RE: This has been in the news a lot lately, and it's interesting Thanks Kurt! Been trying to figure out how to work this into the list and you came through. My kid was on CNN yesterday on this topic. He comes in about 1:30 Kudos to whoever spots the new buzzword he made up and worked in there for laughs for those of us that knew it was comming. And bonus points for getting the acronym. http://www.youtube.com/watch?v=pYbtbqIb-Rg -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, February 20, 2013 2:54 PM To: NT System Admin Issues Subject: This has been in the news a lot lately, and it's interesting China's computer misbehavior https://isc.sans.edu/diary/APT1%2C+Unit+61398+and+are+state+sponsored+attacks+real/15190 The Mandiant report is pretty good, I must say, though I haven't looked at the video. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: MS site?
There are quite a few tweets this morning about problems with Office 365, SkyDrive, etc, so this may be related. FWIW, it loads OK from Seattle ...Tim From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Friday, February 01, 2013 6:54 AM To: NT System Admin Issues Subject: MS site? Anyone else having trouble getting to this link? http://support.microsoft.comhttp://support.microsoft.com/ Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.commailto: [cid:image001.jpg@01CE004F.412D3060] The Guardian Life Insurance Company of America www.guardianlife.comhttp://www.guardianlife.com/ - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.jpg
RE: Favorite VPN solution?
I was looking at OpenVPN, but it looks to me like it won't work in our environment. We have multiple subnets on our internal network, and it looks like the OpenVPN client needs admin rights on the endpoint to update routes. Our users don't have admin rights and that's not something I'm looking to change. Have you found a workaround for this or is it not an issue in your environment? ...Tim -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, January 29, 2013 8:53 AM To: NT System Admin Issues Subject: Re: Favorite VPN solution? On Tue, Jan 29, 2013 at 7:46 AM, Tom Miller tmil...@sfgtrust.com wrote: The clients work fine, but I'm wondering if there are other solutions out there. We're using OpenVPN because (1) it's based on extremely well-tested code, (2) it's light-weight, and (3) it's free. The main UI is extremely limited. Basically an on/off indication. That can be disconcerting to users. OTOH, the log is quite detailed and useful. It provides no PKI management infrastructure of its own. We use OpenSSL. I'm told Windows Certificate Services also work. OpenVPN has nothing in the way of sophisticated management facilities. Just text config files and text log files. We only have one site/policy/config, so it's no problem for us, but in a larger environment with many differing policies that could get burdensome. Thoughts? Anyone using clientless VPN with a PIX? clientless VPNs just mean they dynamically install/run the client via a Java applet/ActiveX control. Deciding whether or not this is a good idea is left as an exercise to the reader, but I note that allowing such things in general is a common security problem. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Favorite VPN solution?
Thanks, that gives me a couple of things to look into: I didn't know there was an OpenVPN service and the idea of supernetting, which should work for us. ...Tim -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, January 29, 2013 12:45 PM To: NT System Admin Issues Subject: Re: Favorite VPN solution? On Tue, Jan 29, 2013 at 12:47 PM, Tim Evans tev...@sparling.com wrote: I was looking at OpenVPN, but it looks to me like it won't work in our environment. We have multiple subnets on our internal network, and it looks like the OpenVPN client needs admin rights on the endpoint to update routes. Our users don't have admin rights and that's not something I'm looking to change. Have you found a workaround for this or is it not an issue in your environment? Nobody here runs with admin rights, either. We use the OpenVPN service, which runs with admin rights and thus can do what's needed to configure the routes and network interface. We then change permissions on the service (using GPO) such that users can start/stop it. But, if you have multiple subnets behind a single VPN gateway, and all the subnets fall within a the same supernet, then you can just create one route on the client, and do your routing at/past the gateway. For example, we use the 10.0.0.0/8 network internally. Our main HQ LAN is 10.0.0.0/23, but we also have various other nets for weird things, e.g., 10.0.14.48/30 is something. But the OpenVPN client just gets a route to 10.0.0.0/8 and our router at HQ does the rest. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Mobile app for password management
I use Keepass on my iPhone too. They have several different iPhone/iPad ports, as well as Blackberry, Windows 7, Android, Linux, etc ...Tim From: David Lum [mailto:david@nwea.org] Sent: Tuesday, December 04, 2012 8:51 AM To: NT System Admin Issues Subject: Mobile app for password management I use KeePass on my PC's to manage passwords, I'd like to use a mobile app to do the same thing . There are tons of apps available, do you guys have a recommendation? Device is an iPhone... David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Window 8 on your PC
Mark Minasi has a good one in his latest newsletter: http://www.minasi.com/newsletters/nws1211.htm ...Tim From: Guyer, Don [mailto:dgu...@che.org] Sent: Wednesday, November 21, 2012 10:31 AM To: NT System Admin Issues Subject: RE: Window 8 on your PC Here are 2 reviews that I'm currently perusing through: http://www.pcworld.com/article/2012830/windows-8-the-official-review.html http://www.engadget.com/2012/10/30/windows-8-review/ Regards, Don Guyer Catholic Health East - Information Technology Enterprise Directory Messaging Services 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 email: dgu...@che.orgmailto:dgu...@che.org Office: 610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440 For immediate assistance, please open a Service Desk ticket or call the helpdesk @ 610-492-3839. [cid:image001.jpg@01CDC80F.8F88E330] From: Stefan Jafs [mailto:stefan.j...@gmail.com]mailto:[mailto:stefan.j...@gmail.com] Sent: Wednesday, November 21, 2012 1:25 PM To: NT System Admin Issues Subject: Re: Window 8 on your PC But if you don't know the name of the Application and you would like to browse the installed Applications, can't that be done? Stefan On Wed, Nov 21, 2012 at 12:03 PM, Rod Trent rodtr...@myitforum.commailto:rodtr...@myitforum.com wrote: Hit the Start button on the keyboard, and just start typing the name of the app. From: Stefan Jafs [mailto:stefan.j...@gmail.commailto:stefan.j...@gmail.com] Sent: Wednesday, November 21, 2012 11:37 AM To: NT System Admin Issues Subject: Re: Window 8 on your PC OK, this may be a really stupid question, I know search works very well but working on the desktop how do I get to my programs with no Start button? Bing gives me now aswers. Stefan On Wed, Nov 21, 2012 at 9:43 AM, Rod Trent rodtr...@myitforum.commailto:rodtr...@myitforum.com wrote: Also, consider that Windows 8 is built for devices that are never meant to be shut off. Why give easy access to a function that we are moving beyond? From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] Sent: Wednesday, November 21, 2012 8:56 AM To: NT System Admin Issues Subject: RE: Window 8 on your PC You no longer have to pre-tell Windows that you want to shut down and let it handle everything for you. Windows is now hardware aware enough that you just hit the power and Windows does whatever you told it to do (Power Settings) How enlightening! We've gotten so used to the scenario where we couldn't use the power button to turn a device off that now being able to do so seems weird. What? I can use the device's power button to turn the Windows device off? That's CRAZY!. Amazing what mind shift just one sentence can make... From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Tuesday, November 20, 2012 5:06 PM To: NT System Admin Issues Subject: RE: Window 8 on your PC Running the same 4 here, except we went with the Samsung Slates instead of the Surface, they are excellent machines. Once I demonstrated to users that the Start Page is just where their Start Button went to they were totally onboard. It is a total mind shift (just like Office 2003 to Office 2007, but once you make that shift it is much more useful. As for Shutdown being hard to get to, what I was told by a friend at Microsoft (and which makes perfect sense once you think about it) is just use the power button on your device (whatever it might be). You no longer have to pre-tell Windows that you want to shut down and let it handle everything for you. Windows is now hardware aware enough that you just hit the power and Windows does whatever you told it to do (Power Settings). This won't work in some environments where the power button is not accessible, but for the majority of businesses it works just fine, and it is incredibly fast! Going to Sleep and waking back up take my machines on average 2 seconds. Tim From: Rod Trent [mailto:rodtr...@myitforum.com] Sent: Tuesday, November 20, 2012 3:59 PM To: NT System Admin Issues Subject: RE: Window 8 on your PC :) I'm running all three - plus a desktop. From: Guyer, Don [mailto:dgu...@che.org] Sent: Tuesday, November 20, 2012 4:25 PM To: NT System Admin Issues Subject: RE: Window 8 on your PC Keep the Win 8 info coming! I've been tasked with kicking it around in our environment. Laptop, Surface and a phone. Regards, Don Guyer Catholic Health East - Information Technology Enterprise Directory Messaging Services 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 email: dgu...@che.orgmailto:dgu...@che.org Office: 610.550.3595tel:610.550.3595 | Cell: 610.955.6528tel:610.955.6528 | Fax: 610.271.9440tel:610.271.9440 For immediate assistance, please open a Service Desk ticket or call the helpdesk @ 610-492-3839tel:610-492-3839. [cid:image001.jpg@01CDC80F.8F88E330] From: Rod Trent [mailto:rodtr...@myitforum.com] Sent: Tuesday, November 20, 2012 4:16 PM To: NT System Admin Issues Subject: RE: Window 8 on your PC Unless all of your apps
RE: Windows 2012 RDS - Start Screen
http://technet.microsoft.com/en-us/library/jj134269.aspx ...Tim From: Steven Peck [mailto:sep...@gmail.com] Sent: Monday, October 08, 2012 9:15 AM To: NT System Admin Issues Subject: Re: Windows 2012 RDS - Start Screen I was curious so did some random searches. This threa was the only one that looked interesting. http://social.technet.microsoft.com/Forums/en/w8itprogeneral/thread/4765d750-2925-48aa-8cc0-f68cbf827872 There doesn't appear to be a whole lot of documentation out there at the moment. On Mon, Oct 8, 2012 at 8:15 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: It's possible to restrict the appearance of some tiles, but I am not aware of any way to wholesale control them. From: Ryan Finnesey [mailto:r...@finnesey.commailto:r...@finnesey.com] Sent: Monday, October 8, 2012 6:09 AM To: NT System Admin Issues Subject: RE: Windows 2012 RDS - Start Screen This is what I get for staying up so late... I am looking to control the tiles From: Ryan Finnesey [mailto:r...@finnesey.com]mailto:[mailto:r...@finnesey.com] Sent: Monday, October 08, 2012 4:27 AM To: NT System Admin Issues Subject: Windows 2012 RDS - Start Screen Is there a way to control what titles are displayed to a user when they login? I was hoping this was something that can be controlled via GP. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: One pooch, screwed Adobe style
Wouldn't that be ironic if the compromised build server was compromised by an infected PDF file? …Tim -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, September 27, 2012 3:57 PM To: NT System Admin Issues Subject: One pooch, screwed Adobe style http://blogs.adobe.com/asset/2012/09/inappropriate-use-of-adobe-code-signing-certificate.html ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Variables in AD group policy preferences
On one of our XP systems: %SystemDrive%=C: %SystemRoot%=C:\WINDOWS %ProgramFiles%=C:\Program Files These are set by default ...Tim From: Rankin, James R [mailto:kz2...@googlemail.com] Sent: Tuesday, September 18, 2012 12:55 PM To: NT System Admin Issues Subject: Re: Variables in AD group policy preferences I've never had to do that to get them to work, to be fair. The %systemdrive% should resolve though, if that doesn't there's something up. ---Blackberried From: Tom Miller tmil...@hnncsb.org Date: Tue, 18 Sep 2012 15:47:56 -0400 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Re: Variables in AD group policy preferences I think I need to add them to the PC's variables first - I can do that via GPP as well. Using the SET command doesn't show them, so I''ll try that first. Rankin, James R kz2...@googlemail.com 9/18/2012 3:37 PM Daft question...do those variables resolve on the clients? If they are XP, do they have the Group Policy Client Side Extensions installed? ---Blackberried From: Tom Miller tmil...@hnncsb.org Date: Tue, 18 Sep 2012 15:23:51 -0400 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: Variables in AD group policy preferences I am trying to change from GPP items from directories like c:\windows\system32 to %SystemDir%. I push a number of icons to staff PCs, and use those icons for various desktop links. It works fine when I use the full path for destination. It never works when I use variables. I also have desktop icons that used to point to c:\program files\microsoft officeexcel.exe. Works fine, When I change it to %ProgramDir%\microsoft office..\ecxel.exe it never works. Am I missing something? Thanks, Tom Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Server 2012 available to volume licensees
Sweet! Thanks for the heads up. ...Tim From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, August 17, 2012 3:30 PM To: NT System Admin Issues Subject: Server 2012 available to volume licensees I'm downloading as we speak from https://www.microsoft.com/Licensing/servicecenter/default.aspx. ymmv ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: SPF record question
I see a softfail as: If the SPF record doesn't match, just ignore it. What's the point? If someone went to the trouble of setting a SPF record up, it should means something. Our MTA is set to override softfails and make them just fails. ...Tim From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, July 17, 2012 9:36 AM To: NT System Admin Issues Subject: RE: SPF record question Softfail will still deliver the message but mark it as spam depending upon the receiving server setup. A great way to test your setup. Fail will reject the message. Fair warning, some MTA's are broke and will fail on Softfail anyway. From: Richard McClary [mailto:richard.mccl...@aspca.org] Sent: Tuesday, July 17, 2012 12:26 PM To: NT System Admin Issues Subject: SPF record question Greetings! I am needing to modify an SPF record. I've spent some time going through OPENSPF.ORG and still have one question... What is the difference between a Fail (-) and a SoftFail (~)? -- Richard The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: SPF record question
Yes, I am familiar with RFC4408. It seems there is many systems out there that are either in testing or don't know where their email is authorized to be delivered from. Maybe the companies we deal with or more clueless than most, but I see many ~all and very few -all. ...Tim -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, July 18, 2012 7:48 AM To: NT System Admin Issues Subject: Re: SPF record question On Wed, Jul 18, 2012 at 10:27 AM, Tim Evans tev...@sparling.com wrote: I see a softfail as: If the SPF record doesn't match, just ignore it. No, that's what Neutral is. Geez, people, RTFMing is quite easy for this one. :-) Direct quotes from http://tools.ietf.org/html/rfc4408: None = no records were published by the domain Neutral = domain owner has explicitly stated that he cannot or does not want to assert whether or not the IP address is authorized Pass = the client is authorized to inject mail with the given identity Fail = an explicit statement that the client is not authorized to use the domain SoftFail = The domain believes the host is not authorized but is not willing to make that strong of a statement [end quotes] One application of softfail is testing. It lets you deploy an SPF record and see how it would fly in the real world, without actually telling people to deny failures. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
I believe you can put the hosts file in a nonstandard location specified by HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath The one in %windir%\System32\drivers\etc could be a decoy. …Tim From: Tammy Stewart [mailto:copper...@personainternet.com] Sent: Thursday, January 12, 2012 1:40 PM To: NT System Admin Issues Subject: RE: PC that can't Google Possible file was set to read-only. read only attributes wouldn't let you edit it. That ::1 is ivp6 address. Further down in that hosts.junk should be some funny addresses there with a ton of blank space between the ::1 the end of file. Tammy From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: January-12-12 12:26 PM To: NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Windows 8 dev preview video
Mark Minasi has a nice write up on win8 server here: http://www.minasi.com/newsletters/nws1109.htm Sounds like some really cool stuff is in the works. ...Tim From: Steven Peck [mailto:sep...@gmail.com] Sent: Tuesday, September 13, 2011 3:08 PM To: NT System Admin Issues Subject: Windows 8 dev preview video For those under a rock. Here's the video http://www.buildwindows.com/ I believe they said dev downloads would be available tonight I could be remembering it wrong. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DigiNotar compromise
And they should be dead as soon as possible, if not sooner. Maybe I can interest someone in a cert from Tim's CA - I run it at home on a Win95 machine. Seems good enough to me don't you think? ...Tim From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Tuesday, September 06, 2011 2:10 PM To: NT System Admin Issues Subject: Re: DigiNotar compromise Hi Tim, Perhaps you should say, former CA They'll be dead before the paint dries on this investigation. BTW, this is one reason why I never buy it that any particular vendor is likely to be secure or robust or whatever because of the line of business they're in. Just because they're a bank, hospital, security vendor, CA, etc, doesn't mean that they're doing all the right things. DigiNotar had every reason (except short-term profits) to pursue an effective security strategy, but didn't. And now their profits have ended, too... ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Tue, Sep 6, 2011 at 4:01 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: If this is true, I find this absolutely unacceptable that a commercial CA would run a system like this. Incredible http://computer-forensics.sans.org/blog/2011/09/06/diginotar-incident-response-report-no-logging-weak-password-no-protected-network Tim Evans Associate, Information Technology Manager S P A R L I N G (206) 667-0509tel:%28206%29%20667-0509-Direct (206) 391-8004tel:%28206%29%20391-8004-Mobile www.sparling.comhttp://www.sparling.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DigiNotar compromise
You really have to question the Dutch government here. What kind of review (If any) did they do before approving them to issue government certs? Even now, they have asked Microsoft to hold off releasing the patch to Windows Update for the Netherlands. ...Tim From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Tuesday, September 06, 2011 3:36 PM To: NT System Admin Issues Subject: Re: DigiNotar compromise Ah but maybe the lawsuits are about to start. Even the Dutch government is now pulling the plug on their Certs. Since DigiNotar has been closed mouthed about the extent of the hack and even may have mislead people as to not only the extent of the hack but the probable start date for the initial hack I would hope the rest of their business including the digital signature business would go away as well. I wonder since they say that root was save and secure if it really was and how many documents got a forged digital signature. Jon Harris On Tue, Sep 6, 2011 at 5:09 PM, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: Hi Tim, Perhaps you should say, former CA They'll be dead before the paint dries on this investigation. BTW, this is one reason why I never buy it that any particular vendor is likely to be secure or robust or whatever because of the line of business they're in. Just because they're a bank, hospital, security vendor, CA, etc, doesn't mean that they're doing all the right things. DigiNotar had every reason (except short-term profits) to pursue an effective security strategy, but didn't. And now their profits have ended, too... ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Tue, Sep 6, 2011 at 4:01 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: If this is true, I find this absolutely unacceptable that a commercial CA would run a system like this. Incredible http://computer-forensics.sans.org/blog/2011/09/06/diginotar-incident-response-report-no-logging-weak-password-no-protected-network Tim Evans Associate, Information Technology Manager S P A R L I N G (206) 667-0509tel:%28206%29%20667-0509-Direct (206) 391-8004tel:%28206%29%20391-8004-Mobile www.sparling.comhttp://www.sparling.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DigiNotar compromise
I'm afraid you are right. Maybe I'm naïve, but I'm surprised that they didn't take any apparent steps to secure their infrastructure. ...Tim From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Wednesday, September 07, 2011 7:30 AM To: NT System Admin Issues Subject: RE: DigiNotar compromise Honestly, It doesn't surprise me on this one, I am sure there are others that are just as bad or worse, that will get owned at sometime in the future and the same kind of stuff will be un-earthed. Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 [cid:image001.jpg@01CC6D33.220B5730] From: Tim Evans [mailto:tev...@sparling.com] Sent: Tuesday, September 06, 2011 4:02 PM To: NT System Admin Issues Subject: DigiNotar compromise If this is true, I find this absolutely unacceptable that a commercial CA would run a system like this. Incredible http://computer-forensics.sans.org/blog/2011/09/06/diginotar-incident-response-report-no-logging-weak-password-no-protected-network Tim Evans Associate, Information Technology Manager S P A R L I N G (206) 667-0509-Direct (206) 391-8004-Mobile www.sparling.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.jpg
RE: Checking shortcut properties
Does this help? ' VBScript Set Shell = CreateObject(WScript.Shell) DesktopPath = Shell.SpecialFolders(Desktop) Set link = Shell.CreateShortcut(DesktopPath \Test.lnk) wscript.echo link.Arguments wscript.echo link.Description wscript.echo link.HotKey wscript.echo link.IconLocation wscript.echo link.TargetPath wscript.echo link.WindowStyle wscript.echo link.WorkingDirectory ...Tim From: James Rankin [mailto:kz2...@googlemail.com] Sent: Friday, September 02, 2011 8:05 AM To: NT System Admin Issues Subject: Checking shortcut properties Does anyone know of any way I could check for a comment in a shortcut (*.lnk) file, either from a command prompt or through some sort of script? I have some shortcuts I want to remove at logoff from user profiles but the only way of identifying them from user-created shortcuts is by the comment field (shown highlighted below). Google-fu seems to yield very little (although it is getting late on a Friday afternoon, when Google powers are traditionally weak). [cid:image001.png@01CC6948.D2C80F30] TIA, JRR -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. * IMPORTANT INFORMATION/DISCLAIMER * This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress.. The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets At Home yesterday. We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.png
RE: When DNS for your ISP goes down...
Due to problems like this, we've moved our DNS to DNS Made Easy (http://www.dnsmadeeasy.com/). There are others that can do it too, but these guys do a good job for us for not much money, ...Tim From: Mike Sullivan [mailto:neog...@gmail.com] Sent: Wednesday, August 31, 2011 8:10 AM To: NT System Admin Issues Subject: When DNS for your ISP goes down... Yesterday I stayed home since I was sick and I still am not 100% (I promise not to cough on you) when I start getting calls from my users saying they cannot reach our Citrix servers and web based email. So I try from home and sure enough, I cannot connect either. I also tried our main website to see it is not reachable as well. I try and nslookup only to find we no longer exist. OK, I call the ISP and tell them we are no longer on their DNS servers. The tech on the other end looks up our account and wants to know who we are using as our DNS provider. I bite my tongue so I don't just say we use you stupid and tell him we are on the o1.comhttp://o1.com name servers. He responds who is o1.comhttp://o1.com? I bite my tongue harder, you purchased them last year! He is now very confused by this whole situation and gives me a ticket number and says he will have someone call me back when they get this sorted out. Great. Two hours pass with no call back so I call them back only to find they still do not know what is wrong. Really? Come on now! I want to go to bed and get better. To cut this story short it took them 7 hours from the time I opened the ticket to resolution. We ended up on new name servers still on o1.comhttp://o1.com. I wonder why they didn't move our stuff to TelePacific's name servers? They did say this was not just us so I think something happened to their name servers and they built new ones. We never had problems when o1.comhttp://o1.com was their own company. So far, I am not impressed by TelePacific. I do actually have a question here. Was there anything I could have done to get us up and running? -- Thank you, Mike Sullivan ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Acrobat Alternatives - PDF-XChange?
We use it here. It's a good product. I personally have no complaints with it. We've run into basically two issues with it, neither insurmountable: * Incompatibility with new Adobe PDF features It seems like Adobe, in their attempt to keep their lead in the software vulnerability department, keeps adding features to the PDF format. The most recent that I'm aware of is the ability to package multiple documents into a single PDF file. When you open one of these in a non-Acrobat reader, all you see is a page saying that you need Adobe reader to view this document. PDFXchange was about 6 months behind in releasing version that could deal with these files. Now, we have a training issue in telling people that they don't need Acrobat and showing them how to access the enclosed files. It's not difficult, just not immediately obvious to the normal user. We also had issues for a while with an inability to fill out Acrobat generated forms. Their support was very good to work with on this, and they came out with an update that fixed it about 3 months after we sent them samples of the problematic files. * Interface Differences The interface is very different from the standard Acrobat interface. We get a lot of push back from people that are used to Acrobat about how much more work it is to use. IME, once we sit down with people and show them how to use it, there are no complaints. The problem is usually that they are too busy to bother to learn (or be shown) the different interface. HTH ...Tim From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Tuesday, August 16, 2011 12:24 PM To: NT System Admin Issues Subject: Acrobat Alternatives - PDF-XChange? We currently use Adobe Acrobat Standard or Pro to create anything other than basic PDF's. Acrobat isn't cheap, each new version of Windows and Office seems to break something unless you're running the latest version, and it's overkill for creating PDFs from Word documents or inserting/deleting the odd page from a PDF and perhaps adding a few stamps and saving it with some document security. A couple of people have recommended PDF-XChange which I hadn't heard of until today. I'll download the demo's and give them a try, but does anyone have any first-hand feedback on their products? Thanks, Paul MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Acrobat Alternatives - PDF-XChange?
We've found their support to consistently be very responsive. ...Tim From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Thursday, August 18, 2011 10:19 AM To: NT System Admin Issues Subject: RE: Acrobat Alternatives - PDF-XChange? Thanks Tim. I've just purchased a 3 user license to trial with some users, myself included. It's a learning curve for me because generating PDF's isn't something I'm usually involved in, so I have as much to learn and gain as anyone else. I take the point about the interface, but I suspect that's familiarity, and in our case I don't think we're looking to replace our PDF reader product, only the creation side. The good thing is I had some questions and emailed support and got a reply quickly, and that addressed my question(s) - prompt and not scripted which is encouraging. I'll get some people using it in anger and see how it performs over the next few weeks. From: Tim Evans [tev...@sparling.com] Sent: 18 August 2011 4:05 PM To: NT System Admin Issues Subject: RE: Acrobat Alternatives - PDF-XChange? We use it here. It's a good product. I personally have no complaints with it. We've run into basically two issues with it, neither insurmountable: * Incompatibility with new Adobe PDF features It seems like Adobe, in their attempt to keep their lead in the software vulnerability department, keeps adding features to the PDF format. The most recent that I'm aware of is the ability to package multiple documents into a single PDF file. When you open one of these in a non-Acrobat reader, all you see is a page saying that you need Adobe reader to view this document. PDFXchange was about 6 months behind in releasing version that could deal with these files. Now, we have a training issue in telling people that they don't need Acrobat and showing them how to access the enclosed files. It's not difficult, just not immediately obvious to the normal user. We also had issues for a while with an inability to fill out Acrobat generated forms. Their support was very good to work with on this, and they came out with an update that fixed it about 3 months after we sent them samples of the problematic files. * Interface Differences The interface is very different from the standard Acrobat interface. We get a lot of push back from people that are used to Acrobat about how much more work it is to use. IME, once we sit down with people and show them how to use it, there are no complaints. The problem is usually that they are too busy to bother to learn (or be shown) the different interface. HTH ...Tim From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Tuesday, August 16, 2011 12:24 PM To: NT System Admin Issues Subject: Acrobat Alternatives - PDF-XChange? We currently use Adobe Acrobat Standard or Pro to create anything other than basic PDF's. Acrobat isn't cheap, each new version of Windows and Office seems to break something unless you're running the latest version, and it's overkill for creating PDFs from Word documents or inserting/deleting the odd page from a PDF and perhaps adding a few stamps and saving it with some document security. A couple of people have recommended PDF-XChange which I hadn't heard of until today. I'll download the demo's and give them a try, but does anyone have any first-hand feedback on their products? Thanks, Paul MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe
RE: [OT] The infection continues to spread (HP)
It may be starting already. I received an email this morning with the subject: Critical Alert for your Modular Ethernet Switches and Fixed Port L3 Managed Ethernet Switches. It said: K.15.05.0002 removed from web due to unexpected reboots. K.15.05.0002 was released June 20 but the advisory is dated August 5. Over 6 weeks to figure it out. Ouch! If anyone is interested in details, see: http://h2.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02952762jumpid=em_alerts_us-us_Aug11_xbu_all_all_1384404_92646_networking_critical_006_9701 (probably wrapped) ...Tim -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Wednesday, August 17, 2011 9:39 AM To: NT System Admin Issues Subject: Re: [OT] The infection continues to spread (HP) We can only hope that doesn't happen. Ever. Ben Scott mailvor...@gmail.com 8/16/2011 7:12 PM The suck which has infested HP for the past several years continues to spread. We just today took a delivery of a brand new DesignJet T790. $4500 wide-format printer. The control panel UI is slow and often doesn't respond to finger presses. It does, however, have lots of high color graphics and animations. Web UI has two different credential schemes depending on what page you're on. Some pages want you to leave the username field blank; other pages want you to use admin for the username. Won't load paper. Seems like it's not actually trying to feed. After trying to a bit, it says Edge of roll not found. Prompts me to lift the lever and unload paper. I lift the lever. New message: Lever unexpectedly lifted. Lather, rinse, repeat. Support guidance says load the latest firmware. Look for firmware. It's not under Download drivers and software. Eventually find it under a howto section. 309 MB file! Get download started. Since I'm downloading, decide to grab drivers. Check under Download drivers and software. Don't see drivers. Mainly just this HP ePrint and Share: Easy printing thing. That claims to be a radical new technology that lets me print without drivers or software. To use it, all I have to do is download and install this software. Umm... Eventually find drivers under some other howto page. Firmware download finished. It's just a binary blob, no checksum info, no wrapper like ZIP or anything. I just have to hope for the best. Takes several minutes to load. Since then the machine's gone offline and hasn't come back. I'm dreading the day the corruption reaches the ProCurve division. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: USMT 4.0
You need to install the WAIK. You'll find USMT in the TOOLS\USMT subdirectory ...Tim From: Jimmy Tran [mailto:jt...@teachtci.com] Sent: Monday, August 01, 2011 10:16 AM To: NT System Admin Issues Subject: USMT 4.0 Hi Guys, I'm having a brain fart this morning. I'm trying install/load USMT 4.0. From everything I'm reading, it is supposed to be included in WAIK. We'll I have WAIK installed and cannot seem to find it anywhere. Can anyone give me any tips on how to find this tool? Thanks, Jimmy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Lab Resources and other educational things
Channel 9 has all (most) of the recent TechEd sessions on line - http://channel9.msdn.com/Events/TechEd/NorthAmerica/2011 There are a lot of other videos on just about every subject you can think of there. Start at http://channel9.msdn.com/ Just about every MS Technology has a home page, like say http://technet.microsoft.com/en-us/windowsserver/grouppolicy/default.aspx for group policy. There are evaluation downloads, white papers, videos, you name it. All free, it just takes time to go thru them all. You could become an expert in pretty much anything Microsoft by spending enough time on the Microsoft.com site. There are also a bunch of TechNet resources that are free on line. Start at http://technet.microsoft.com/en-us/bb291022. This will get you to the labs, videos, eval software and much more. I've found it all to be pretty good, but some of the older stuff might come up with missing links here and there. ...Tim From: Steven Peck [mailto:sep...@gmail.com] Sent: Monday, August 01, 2011 9:38 AM To: NT System Admin Issues Subject: Lab Resources and other educational things Let's start a new thread. Lab Resources and test environments. Microsoft has some nice stuff at their virtual labs. This is all free. It's not in depth but can often provide a nice overview 'this is how it looks like' environment before doing something if you have no resources. You can do them several times. I generally download the pdf lab and do the lab once. http://www.microsoft.com/events/vlabs/default.mspx I have an older HP Media Center Pavilion system with 8GB ram at home. I run WIndows 2008r2 with HyperV on it with the base system being a DC. I can get 4 to 5 very slow guests up on it but frankly don't care about the speed. I have 3 320GB drives I run guests on. http://www.microsoft.com/windowsserver2008/en/us/hyperv-faq.aspx NOTE: You can download time limited iso's from Microsoft. The downside is you have to rebuild your environment every 120 days. http://www.microsoft.com/windowsserver2008/en/us/trial-software.aspx Get good at scripting setups for your environment and this is less painful then it could be. (user account creation/password, etc) Currently I blew up my test lab and it's getting rebuilt. If I need to expand my guests, I run Virtual Box on my own system which I game with. It's a few years old but can get 2-3 guests up if I don't task them much. http://www.virtualbox.org/ Your own domain name. They are cheap. It's useful to have something that is 'yours'. Nothing teaches you like getting something real to interact on the Internet. Steven Peck http://www.blkmtn.org ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Windows clustering question
Interesting question. I've got a 2008R2 cluster, running several VM's, but no services. When I RDP to the clustername, Iconnecti the passive node, which is hosting none of the VM's and is not the owner of the CSV. It is the owner of the disk witness share, so my guess is that is what determines it. ...Tim -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 8:43 AM To: NT System Admin Issues Subject: RE: Windows clustering question One cluster group, which currently is being hosted on the passive node. Not sure how that happened, but I do have the solution. Mayo, Bill bem...@pittcountync.gov 7/25/2011 8:27 AM To clarify, do you have multiple resource groups? I am assuming that when you say cluster name, you mean the resource type of network name that is associated with a particular resource group. If you have only one, that should also be the name that was originally associated with the cluster group when it was created. Because clustering relies on a particular node taking over that network name when it is active, it should be the server that responds to that name at all times, including when you RDP to it. If you have multiple resource groups, then they can be active on different nodes. Which node responds would then depend on which network name you were using. So, scenario is cluster resource group 1 and cluster resource group 2 running on a cluster containing server1 and server2, and they each have a corresponding network name of cluster1/2. Cluster resource group 1 is online/active on server1 and likewise for 2. If you RDP to cluster1, server1 should respond. If you RDP to cluster2, server2 should respond. If that is not the case, then I would assume that something is not registering/deregistering correctly in DNS. If the node is not properly taking ownership of the network name, then I would expect all kinds of problems. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 11:17 AM To: NT System Admin Issues Subject: RE: Windows clustering question Something's wrong with mine, then. I RDP into the cluster name, and it connects to the passive node. Which is a real bummer for backups, since they fail due to not seeing the clustered resources... Thanks guys, off to troubleshoot. Damien Solodow damien.solo...@harrison.edu 7/25/2011 8:08 AM Yep, and yep. DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 11:07 AM To: NT System Admin Issues Subject: RE: Windows clustering question That's what I was thinking. Does anyone out there have a Windows Failover Cluster set up, that could verify that? Mayo, Bill bem...@pittcountync.gov 7/25/2011 8:05 AM Should be the active node (i.e. the one that currently has the name resource online). -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 11:00 AM To: NT System Admin Issues Subject: Windows clustering question I have a couple of Windows Failover Clusters setup, in Server 2008 (not R2). My question: If I RDP into the cluster name (not individual nodes), what node should that connect to? Should it connect to the active node, passive node, or is it random? My thought is that it should connect to the active node, so that I can see the clustered resources, but is that correct? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here:
RE: Windows clustering question
The server I am connecting to is listed as the current host server, although none of the VM's are running on it. I guess ownership of the witness share must be what determines that ...Tim -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 8:59 AM To: NT System Admin Issues Subject: RE: Windows clustering question If you look in the Failover Cluster Management console, which node is listed as the Current Host Server? active, or passive node? Tim Evans tev...@sparling.com 7/25/2011 8:48 AM Interesting question. I've got a 2008R2 cluster, running several VM's, but no services. When I RDP to the clustername, Iconnecti the passive node, which is hosting none of the VM's and is not the owner of the CSV. It is the owner of the disk witness share, so my guess is that is what determines it. ...Tim -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 8:43 AM To: NT System Admin Issues Subject: RE: Windows clustering question One cluster group, which currently is being hosted on the passive node. Not sure how that happened, but I do have the solution. Mayo, Bill bem...@pittcountync.gov 7/25/2011 8:27 AM To clarify, do you have multiple resource groups? I am assuming that when you say cluster name, you mean the resource type of network name that is associated with a particular resource group. If you have only one, that should also be the name that was originally associated with the cluster group when it was created. Because clustering relies on a particular node taking over that network name when it is active, it should be the server that responds to that name at all times, including when you RDP to it. If you have multiple resource groups, then they can be active on different nodes. Which node responds would then depend on which network name you were using. So, scenario is cluster resource group 1 and cluster resource group 2 running on a cluster containing server1 and server2, and they each have a corresponding network name of cluster1/2. Cluster resource group 1 is online/active on server1 and likewise for 2. If you RDP to cluster1, server1 should respond. If you RDP to cluster2, server2 should respond. If that is not the case, then I would assume that something is not registering/deregistering correctly in DNS. If the node is not properly taking ownership of the network name, then I would expect all kinds of problems. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 11:17 AM To: NT System Admin Issues Subject: RE: Windows clustering question Something's wrong with mine, then. I RDP into the cluster name, and it connects to the passive node. Which is a real bummer for backups, since they fail due to not seeing the clustered resources... Thanks guys, off to troubleshoot. Damien Solodow damien.solo...@harrison.edu 7/25/2011 8:08 AM Yep, and yep. DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 11:07 AM To: NT System Admin Issues Subject: RE: Windows clustering question That's what I was thinking. Does anyone out there have a Windows Failover Cluster set up, that could verify that? Mayo, Bill bem...@pittcountync.gov 7/25/2011 8:05 AM Should be the active node (i.e. the one that currently has the name resource online). -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Monday, July 25, 2011 11:00 AM To: NT System Admin Issues Subject: Windows clustering question I have a couple of Windows Failover Clusters setup, in Server 2008 (not R2). My question: If I RDP into the cluster name (not individual nodes), what node should that connect to? Should it connect to the active node, passive node, or is it random? My thought is that it should connect to the active node, so that I can see the clustered resources, but is that correct? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana
RE: Pacific NW folks: Office 365 presentation at WNUG meeting in July
I'm planning on being there. Those meetings are usually pretty good. ...Tim From: David Lum [mailto:david@nwea.org] Sent: Wednesday, June 15, 2011 7:12 AM To: NT System Admin Issues Subject: Pacific NW folks: Office 365 presentation at WNUG meeting in July Any Seattle-area folks going to this? From: WNUG Admin [mailto:winnetad...@winnetusergroup.com] Sent: Wednesday, June 15, 2011 7:01 AM To: winnetad...@winnetusergroup.com Subject: WNUG monthly meeting on July 6, 2011 Hello members, Our next monthly meeting is scheduled for Wednesday, July 6, 2011 at Lincoln Square Center in Bellevue at 6:00PM. Session Details Our guest speaker will be Jono Luk who is a Program Manager at Microsoft. The topic of his presentation is Office 365 Platform and Services: An Overview. Microsoft Office 365 for professionals and small businesses is a subscription service that combines Microsoft Office Web Apps with a set of Web-enabled tools that work with your existing hardware. Office 365, which is Office in the cloud, replaces the Business Productivity Online Suite (BPOS). The Office 365 service offerings enable you to work with e-mail, documents, and data from virtually anywhere and on nearly any device with a familiar productivity experience on PCs, phones, and in browsers. In his presentation Jono will walk through the Services that are offered as part of Office 365, as well as some of the new features available to customers, with a heavy focus on Identity and Directory Management solutions in the Enterprise space. Jono is the Program Manager owner for the Directory Synchronization and Hybrid Deployment features of the Office 365 Service. His complete bio is available herehttp://www.winnetusergroup.com/Speaker_Bios/Jono_Luk.aspx. New Members If you are a new member, directions to the Lincoln Center are available on our Web site, or you can click herehttp://www.winnetusergroup.com/SitePages/Directions.aspx. Meeting agenda and other details are available in the Announcementshttp://www.winnetusergroup.com/Lists/Announcements/AllItems.aspx link. Feel free to contact us if you have any questions. RSVP Please make sure that you RSVPhttp://www.winnetusergroup.com/Lists/RSVP/NewForm.aspx?Source=http://www.winnetusergroup.com/Shared%20Resources/ThankYouRSVP.aspx?PageView=SharedContentEditorPopUp=True so we can plan for the meeting accordingly. We look forward to seeing you at the meeting. Zubair Alexander WNUG Coordinator Windows Networking User Group www.winnetusergroup.comhttp://www.winnetusergroup.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DNS Services with malware blocking?
We only used the free service. My understanding is that the paid service only removed the ads. Do you know if the paid filter is more effective than the free version? ...Tim From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Saturday, June 11, 2011 5:41 PM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Did you use the paid service from OpenDNS, our the free service only? -ASB: http://about.me/Andrew.S.Baker Sent from my Motorola Droid On Jun 11, 2011 9:07 AM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: ClearCloud works well. We used OpenDNS before and got way too many of the fake AV infections. We changed so ClearCloud and have only gotten one since, so I am very disappointed that it is going away. It sounds like that functionalit is being rolled into Vipre Premium's URL Filtering. Poking around, I see that Comodo has a similar service at http://www.comodo.com/secure-dns I don't know anything more about it than that, so if anyone else has any input, I'd be interested in what they have to say ...Tim From: Paul Hutchings [mailto:paul.hutchi...@mira.co.ukmailto:paul.hutchi...@mira.co.uk] Sent: Friday, June 10, 2011 11:55 AM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Sunbelt's was ClearCloud which they're discontinuing. OpenDNS may be a little too commercial/ad-laden for my tastes. I guess that's the issue - there aren't many commercial offerings out there than I know of, but anything free has to pay its way so you end up with ads/sponsored links etc. From: Michael B. Smith [mich...@smithcons.commailto:mich...@smithcons.com] Sent: 10 June 2011 7:50 PM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Our list vendor has a solution, as does OpenDNS. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Paul Hutchings [mailto:paul.hutchi...@mira.co.ukmailto:paul.hutchi...@mira.co.uk] Sent: Friday, June 10, 2011 2:49 PM To: NT System Admin Issues Subject: DNS Services with malware blocking? Does anyone have any experience of the various DNS services out there that claim to block malicious sites? The usual stuff about layered approach etc. is understood so this is in the context of one layer. ClearCloud looked interesting but I never tried it, and as they're discontinuing it there seems little point. Thanks, Paul MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana
RE: DNS Services with malware blocking?
I'll have to give that a try and see how effective it is. Thanks for the tip. ...Tim From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, June 13, 2011 12:52 PM To: NT System Admin Issues Subject: Re: DNS Services with malware blocking? The enterprise (work) service supports more filtering and security features than the basic service: http://www.opendns.com/work/security It's not just about ad removal ASB (Professional Biohttp://about.me/Andrew.S.Baker/bio) Harnessing the Advantages of Technology for the SMB market... On Mon, Jun 13, 2011 at 3:42 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: We only used the free service. My understanding is that the paid service only removed the ads. Do you know if the paid filter is more effective than the free version? ...Tim From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Saturday, June 11, 2011 5:41 PM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Did you use the paid service from OpenDNS, our the free service only? -ASB: http://about.me/Andrew.S.Baker Sent from my Motorola Droid On Jun 11, 2011 9:07 AM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: ClearCloud works well. We used OpenDNS before and got way too many of the fake AV infections. We changed so ClearCloud and have only gotten one since, so I am very disappointed that it is going away. It sounds like that functionalit is being rolled into Vipre Premium's URL Filtering. Poking around, I see that Comodo has a similar service at http://www.comodo.com/secure-dns I don't know anything more about it than that, so if anyone else has any input, I'd be interested in what they have to say ...Tim From: Paul Hutchings [mailto:paul.hutchi...@mira.co.ukmailto:paul.hutchi...@mira.co.uk] Sent: Friday, June 10, 2011 11:55 AM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Sunbelt's was ClearCloud which they're discontinuing. OpenDNS may be a little too commercial/ad-laden for my tastes. I guess that's the issue - there aren't many commercial offerings out there than I know of, but anything free has to pay its way so you end up with ads/sponsored links etc. From: Michael B. Smith [mich...@smithcons.commailto:mich...@smithcons.com] Sent: 10 June 2011 7:50 PM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Our list vendor has a solution, as does OpenDNS. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Paul Hutchings [mailto:paul.hutchi...@mira.co.ukmailto:paul.hutchi...@mira.co.uk] Sent: Friday, June 10, 2011 2:49 PM To: NT System Admin Issues Subject: DNS Services with malware blocking? Does anyone have any experience of the various DNS services out there that claim to block malicious sites? The usual stuff about layered approach etc. is understood so this is in the context of one layer. ClearCloud looked interesting but I never tried it, and as they're discontinuing it there seems little point. Thanks, Paul MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Capturing video from YouTube?
Me too! …Tim From: Gary Slinger [mailto:gary.slin...@gmail.com] Sent: Monday, June 13, 2011 8:23 PM To: NT System Admin Issues Subject: Re: Capturing video from YouTube? Cock-gobblin' monkey nuts. I think I'll randomly post that whenever I feel like it now, as it adds exactly as much frigging value as an unqualified waste of space '+1'. There's not even a goddamn post-count, which is the BS origination of it. -- Gary K. Slinger On Jun 13, 2011, at 5:56 PM, Shauna Hensala she...@msn.commailto:she...@msn.com wrote: +1 [https://gfx6.hotmail.com/mail/w4/pr04/ltr/emo/ids_emoticon_rose.gif]Shauna Hensala From: sca...@gmail.commailto:sca...@gmail.com To: ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: Capturing video from YouTube? Date: Mon, 13 Jun 2011 15:15:13 -0500 VLC Player will. Which is the only Media Player I ever use. Even deployed it at work because of all the weird formats of audio/video we get handed to us from various projects. Sam -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]mailto:[mailto:jaldr...@blueridgecarpet.com] Sent: Monday, June 13, 2011 2:42 PM To: NT System Admin Issues Subject: RE: Capturing video from YouTube? Well, for one, youtube stores the files in .FLV format, and not too many players I've found understand that format. :D From: Micheal Espinola Jr [mailto:michealespin...@gmail.com]mailto:[mailto:michealespin...@gmail.com] Sent: Monday, June 13, 2011 3:38 PM To: NT System Admin Issues Subject: Re: Capturing video from YouTube? +1 -- ME2 On Mon, Jun 13, 2011 at 9:17 AM, Joseph L. Casale jcas...@activenetwerx.commailto:jcas...@activenetwerx.com wrote: Uh, that would degrade the quality significantly? Why not dump the actual movie file sent to you from youtube? From: Rod Trent [mailto:rodtr...@myitforum.com]mailto:[mailto:rodtr...@myitforum.com] Sent: Monday, June 13, 2011 10:19 AM To: NT System Admin Issues Subject: RE: Capturing video from YouTube? There are multiple YouTube downloaders out there, but you have to be careful. Some contain scumware. The safest way is to use something like SnagIT to capture/record the video while it’s playing. From: James Rankin [mailto:kz2...@googlemail.com]mailto:[mailto:kz2...@googlemail.com] Sent: Monday, June 13, 2011 12:10 PM To: NT System Admin Issues Subject: OT: Capturing video from YouTube? Is there any way to snag a video from YouTube or other online site? I know there are various copyright issues attached to this, but it's just that one of my little lads is obsessed with planes (mostly the F14, for some reason) and loves to watch a particular video of it. It's just that booting up my laptop, attaching it to the TV, switching the TV to VGA mode, and then firing up the video for him is a bit of a chore, and I was just wondering if anyone knew any way it could be streamlined. TIA, JRR -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. IMPORTANT: The information in this email is CONFIDENTIAL. If its contents are disclosed in any way my lawyers will swoop down from black helicopters like Seal Team Six and drag you away with a black bag over your head. They will then take you to a secret prison and make you fight to the death with other people who dared to share this email. You will be given a large bowie knife and a supply of methamphetamines while I watch the said deathmatch and wager vast sums of money on who will be the winner. If the fight becomes boring or there is a stalemate, I will release rabid dogs and my two-stone cat into the arena to liven things up a bit. If these animals become in any way docile, I will squirt them with water pistols until they become a bit more temperamental. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email
RE: DNS Services with malware blocking?
ClearCloud works well. We used OpenDNS before and got way too many of the fake AV infections. We changed so ClearCloud and have only gotten one since, so I am very disappointed that it is going away. It sounds like that functionalit is being rolled into Vipre Premium's URL Filtering. Poking around, I see that Comodo has a similar service at http://www.comodo.com/secure-dns I don't know anything more about it than that, so if anyone else has any input, I'd be interested in what they have to say ...Tim From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Friday, June 10, 2011 11:55 AM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Sunbelt's was ClearCloud which they're discontinuing. OpenDNS may be a little too commercial/ad-laden for my tastes. I guess that's the issue - there aren't many commercial offerings out there than I know of, but anything free has to pay its way so you end up with ads/sponsored links etc. From: Michael B. Smith [mich...@smithcons.com] Sent: 10 June 2011 7:50 PM To: NT System Admin Issues Subject: RE: DNS Services with malware blocking? Our list vendor has a solution, as does OpenDNS. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Friday, June 10, 2011 2:49 PM To: NT System Admin Issues Subject: DNS Services with malware blocking? Does anyone have any experience of the various DNS services out there that claim to block malicious sites? The usual stuff about layered approach etc. is understood so this is in the context of one layer. ClearCloud looked interesting but I never tried it, and as they're discontinuing it there seems little point. Thanks, Paul MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 100 1464 84 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Antivirus Center
We used to get a fair amount of these fake AV infections too. I changed our DNS forwarder to ClearCloud and haven't had any more for several months now. .Tim -Original Message- From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Wednesday, May 04, 2011 4:31 PM To: NT System Admin Issues Subject: RE: Antivirus Center Because none of the AV/antimalware companies can keep up. I have had quite of few of these fake AV infections show up on my desk lately on peoples home laptops. A couple of them involved rootkits running from the MBR. Unless the AV software checks the MBR, and has def's that could see it anyway, you're not going to detect it. In those cases re-writing the MBR from a Windows recovery environment got rid of the symptoms. In my last two cases The last symptom was searching for something using Google/Bing/etc., seeing the results, but clicking the links took you to a rogue site. Copy link location and paste in URL bar worked fine, but don't click the links! The users opted not to have me reinstall the OS despite me recommending it mostly due to installed software they no longer have the install source for. What I'm seeing lately: 1) malware using the task scheduler instead of more common startup methods (e.g. Registry) for executing the malware 2) always check the hosts file and DNS 3) delete temp and temp internet folder contents, reset browsers to defaults 4) empty recycle bin (seen the malware live from in there a couple times lately) 5) just go ahead and rewrite the MBR just because 6) use msconfig, process explorer, listdlls and other sysinternals tools 7) hitman pro works well as second opinion AV (free one time use, but not for domain joined machines) This is just the short list and changes from machine to machine depending on what I see. There's more that needs to be done most of the time. Google image searches seem to be what is getting people a lot lately and they're not looking for porn either. The domains some of these images are on have just been hijacked, or bought and repurposed to deliver the bad wares now. I suspect ads on Facebook too. -- Mike Gill -Original Message- From: N Parr [mailto:npar...@mortonind.com] Sent: Wednesday, May 04, 2011 12:05 PM To: NT System Admin Issues Subject: RE: Antivirus Center I've never had luck with Viper detecting, let alone stopping, any of these fake AV's over the years. It's really my only big issue with the product. Probably had a dozen or so home and work users get a variation and Viper's failed every time. Most of the time I can do a system restore back to point in time where Virus wasn't installed and scan with other products to get rid of infected files. -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Wednesday, May 04, 2011 1:58 PM To: NT System Admin Issues Subject: RE: Antivirus Center Richard, this is an end-user we're talking about. :D I found instructions on bleeping computer on how to get rid of it, but the end user is barely computer literate and he's in Texas, while I'm in Georgia. He decided he'd rather ship me his computer than take it to a local tech. I was just curious as to why Vipre Rescue didn't find it and whack it... From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Wednesday, May 04, 2011 2:55 PM To: NT System Admin Issues Subject: Re: Antivirus Center Can you run the task manager w/o the bug blocking it? How about cmd? Windows Explorer (NOT IE!)? Although a bug whacked the registry, we had one where we could see what process was starting when something triggered the fake AV window. We noted the name of the process, then killed that process. We went into Explorer and were actually able to delete the process file. We have been able to open the registy, go looking for (in HKLM, HKCurrentUser, and HKUsers.Default) .\windows\CurrentVersion\Run something that obviously does not belong there. We whack that value and reboot. THEN we can find things with VIPRE and MBytes scans. John Aldrich jaldr...@blueridgecarpet.com wrote on 05/04/2011 01:21:55 PM: I just had a remote user infected with Antivirus Center fake antivirus. I had him try to run Vipre Rescue, but it didn't find anything. Any idea why VR didn't find it? [image removed] [image removed] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an
RE: videos from hulu
Does this help: http://www.wikihow.com/Save-Flash-Animation-from-Website I've used applian apps for other things (not saving videos) and they have worked well. I thought that snagit only captured images. Camtasia can do it, but that seems like overkill to me. I guess it depends on how badly you want to save the files. ...Tim -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, December 30, 2010 8:30 AM To: NT System Admin Issues Subject: videos from hulu So, there are some videos on hulu (Good Eats holiday recipes, actually, like http://www.hulu.com/watch/179670/good-eats-ultimate-mashed-potatoes) I'd like to get digitally and save. Any easy/reasonable way to do that? Thanks. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: integra telecom support in Seattle Portland
We have them for MPLS, PRI internet service. Their NOC people are not the sharpest I've run across - in fact IMO some of them have no business being in a NOC. Once we got things configured properly, there have been no further problems. If you are looking at them for just phone service (and it isn't anything special like SIP trunking) I wouldn't see any problems. Once I told them how to configure our PRI, it was fine. I would have more reservations if you were looking at anything like MPLS and you care about QOS, etc. ...Tim From: Bill Songstad [mailto:bsongs...@gmail.com] Sent: Thursday, December 02, 2010 5:32 PM To: NT System Admin Issues Subject: OT: integra telecom support in Seattle Portland I'm evaluating a new service provider to install a phone system in Seattle and our branch office in Portland Oregon. Does anyone have experience with Integra Telecom in the Northwest? Their pricing is pretty good, but their competitors, predictably, say their service is shoddy. So I've learned not to trust salespeople when they are in a dogfight over your business, so I thought I'd check to see if anyone had any real-world experience with this company. I'm trying to save money, but not I don't want to buy a cheap headache. Thanks for any thoughts, -Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Registering keywords
Sans had a recent diary entry on this too: http://isc.sans.edu/diary.html?storyid=9967 ...Tim -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Wednesday, November 24, 2010 6:16 AM To: NT System Admin Issues Subject: RE: Registering keywords Gotcha! Thanks! -Original Message- From: Rick Berry [mailto:rbe...@elevativenetworks.com] Sent: Wednesday, November 24, 2010 8:47 AM To: NT System Admin Issues Subject: RE: Registering keywords IMHO it's just an extension of the fishing expeditions out of China/Hong Kong looking for cash. Tear it up, throw it away, and ignore it. -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Wednesday, November 24, 2010 8:30 AM To: NT System Admin Issues Subject: Registering keywords I keep receiving notifications from foreign registrars that someone is trying to register keywords for our domain. Normally I just dismiss them as an extortion attempt, however, this morning, we received a message from our website feedback form from m-w-w.com, the Chinese anti-cybersquatting organization (at least that's what their website says they are) claiming that someone was trying to register the keyword blueridgecarpet. Should I just ignore this one as well, or should we go ahead and register the keyword ourselves? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Kace software deployment
We evaluated them about a year ago. Seemed to be a pretty complete solution except for the help desk part. It was easy to set up. I downloaded a VM, deployed a few agents and was deploying software with a couple of days. We needed a more functional help desk, so we ended up with Altiris (Symantec), a *much* more complicated solution. ...Tim -Original Message- From: John Cook [mailto:john.c...@pfsf.org] Sent: Monday, October 25, 2010 12:16 PM To: NT System Admin Issues Subject: RE: Kace software deployment Yes, I knew Dell had acquired them but I doubt it's as bad as if Symantec or McAfee had bought them ;-). I've heard good things too but I need some real experience horror stories as we're seriously considering them. -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Monday, October 25, 2010 3:09 PM To: NT System Admin Issues Subject: RE: Kace software deployment No personal experience but have heard good things about them. But bear in mind somewhere in the last 3 months or so they were acquired by Dell, and I don't know if the acquisition has any effect on their operations. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' -Original Message- From: John Cook [mailto:john.c...@pfsf.org] Sent: Monday, October 25, 2010 2:46 PM To: NT System Admin Issues Subject: Kace software deployment Anyone want to share any experiences with these guys? John W. Cook Systems Administrator Partnership for Strong Families CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: How big are your LUNs?
We use it that way, but only allow writing to one location. The other is a backup/failover share. ...Tim From: sdewilliman [mailto:sdewilli...@g2.com] Sent: Sunday, September 05, 2010 2:45 PM To: NT System Admin Issues Subject: Re: How big are your LUNs? Out of curiosity, is everyone using actively DFS-R with dynamically changing contents (e.g. Files that are frequently accessed/modifiedby more than one person?)? Does it not cause problems with file locking/last-write wins? On 9/5/10 12:00 PM, Paul Hutchings paul.hutchi...@mira.co.uk wrote: I suspect we'd want to use Windows features such as DFS-R and other things which I believe rules CIFS on a filer of any sort out. Thin, I have similar reservations, but I'm just chewing over options so that we don't end up with the proverbial one LUN that's nearly full whilst another LUN has lots of free space and so on. From: Martin Blackstone [mailto:mblackst...@gmail.com] Sent: 05 September 2010 16:52 To: NT System Admin Issues Subject: RE: How big are your LUNs? If you had a NetApp, you could use it as a NAS and serve files directly from there. No need for a file server. Use flexvols and grow them on the fly. As for thin provisioning, I strongly advise people not to use it. More often than not it bites them in the ass since they don't keep a close enough eye on the storage system and suddenly they are out of disk space. I've seen it happen WAY too many times and explaining how you need to buy a new shelf of disk is not a fun convo with the CFO. From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Sunday, September 05, 2010 8:44 AM To: NT System Admin Issues Subject: How big are your LUNs? As per my other thread I'm looking at SAN vendors. Our main file server has around 8tb on it right now, spread across multiple thick LUNs of around 2tb each. Assuming we're going to be running Windows 2008 R2, what are people's opinions on provisioning storage to a file server as multiple smaller LUNs or fewer larger LUNs? For example if the SAN supports it why would you allocate 5x2tb LUNs instead of a single 10tb thin LUN? MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 114 5409 96 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: How big are your LUNs?
No, we just disable referrals on the backup copy. The users connect to and make changes to a local copy and their changes are replicated to the remote site. The backup copy is RW, but they can't get to it. The bandwidth is minimal, once the initial replication has been done. DFS-R doesn't replicate file locks, so you are right, edits to the same file in different locations would be a problem. ...Tim From: sdewilliman [mailto:sdewilli...@g2.com] Sent: Monday, September 06, 2010 7:39 AM To: NT System Admin Issues Subject: Re: How big are your LUNs? Hi Tim, Are you using the read-only replicated folder feature ( http://www.dario.co.il/blog/?p=369) if I'm reading this correctly, your users in the remote offices wd open the read-only copy (local to their office) but write the changes only to the hub hosting the r-w share? Biggest problem at this point for our remote users is that they are connecting over low-bandwidth pulling down files from the central DFS share has been painful but we also don't want to set up a replicated share in their office in case multiple users from various locations make edit to the same file. On 9/6/10 10:21 AM, Tim Evans tev...@sparling.com wrote: We use it that way, but only allow writing to one location. The other is a backup/failover share. ...Tim From: sdewilliman [mailto:sdewilli...@g2.com] Sent: Sunday, September 05, 2010 2:45 PM To: NT System Admin Issues Subject: Re: How big are your LUNs? Out of curiosity, is everyone using actively DFS-R with dynamically changing contents (e.g. Files that are frequently accessed/modifiedby more than one person?)? Does it not cause problems with file locking/last-write wins? On 9/5/10 12:00 PM, Paul Hutchings paul.hutchi...@mira.co.uk wrote: I suspect we'd want to use Windows features such as DFS-R and other things which I believe rules CIFS on a filer of any sort out. Thin, I have similar reservations, but I'm just chewing over options so that we don't end up with the proverbial one LUN that's nearly full whilst another LUN has lots of free space and so on. From: Martin Blackstone [mailto:mblackst...@gmail.com] Sent: 05 September 2010 16:52 To: NT System Admin Issues Subject: RE: How big are your LUNs? If you had a NetApp, you could use it as a NAS and serve files directly from there. No need for a file server. Use flexvols and grow them on the fly. As for thin provisioning, I strongly advise people not to use it. More often than not it bites them in the ass since they don't keep a close enough eye on the storage system and suddenly they are out of disk space. I've seen it happen WAY too many times and explaining how you need to buy a new shelf of disk is not a fun convo with the CFO. From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Sunday, September 05, 2010 8:44 AM To: NT System Admin Issues Subject: How big are your LUNs? As per my other thread I'm looking at SAN vendors. Our main file server has around 8tb on it right now, spread across multiple thick LUNs of around 2tb each. Assuming we're going to be running Windows 2008 R2, what are people's opinions on provisioning storage to a file server as multiple smaller LUNs or fewer larger LUNs? For example if the SAN supports it why would you allocate 5x2tb LUNs instead of a single 10tb thin LUN? MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 114 5409 96 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com
RE: Panda Antivirus
I downloaded an eval copy from them years ago and I still get spam from them. I've pretty well crossed them of my list for any future consideration. ...Tim From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Wednesday, August 04, 2010 7:28 AM To: NT System Admin Issues Subject: Panda Antivirus Is anyone else being spammed by Panda? We have never been a Panda customer, although we did evaluate their A/V a couple years go. I have been receiving at least one or two emails per week from them, despite unsubscribing from all mailing lists on their website. I don't know if I'm too easily annoyed or what, but I am bothered when I keep receiving emails from a company that I have told to stop sending me email! [cid:image001.jpg@01CB33AB.40402180][cid:image002@01cb33ab.40402180] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: RE: SAN Solution
Yes, thanks for taking the time to post this ...Tim -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Wednesday, June 09, 2010 10:37 AM To: NT System Admin Issues Subject: RE: RE: SAN Solution Thank you! That information is extremely useful. --Matt Ross Ephrata School District - Original Message - From: Bob Hartung [mailto:bhart...@wiscoind.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Wed, 09 Jun 2010 08:40:55 -0700 Subject: RE: RE: SAN Solution Well, I can't attach SATA drives to my servers but here's the test I ran. Server: Dell PowerEdge 2650 with * E: Drive - internal PERC3 SCSI RAID 5 (Ultra320) E: Drive * F: Drive - external SCSI Drive Array attached to PERC4 SCSI RAID 5 (Ultra 320) * G: Drive - Drobo Elite connected via Gigabit Ethernet I copied 2.1 GB from E: to F: in 4:36 or 476.9 MB/Min. I copied 2.1 GB from E: to G: in 5:18 or 413.9 MB/Min. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: Tim Evans [mailto:tev...@sparling.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Tue, 08 Jun 2010 18:13:23 -0500 Subject: RE: RE: SAN Solution How's the iSCSI performance on that unit? Compared to direct attached SATA for example? ...Tim From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Tuesday, June 08, 2010 8:09 AM To: NT System Admin Issues Subject: RE: RE: SAN Solution The Elite is bundled with WD drives, either a consumer grade or an enterprise. We went with the enterprise (DREL1A21-WD2002FYPS-8). You should be able to pick the unit up for around $6000. For connection, I'm using a stand-alone HP Procurve Gigabit switch. Each server has 2 nics. Each server's 2nd nic card is connected to the HP Procurve and setup on different subnet than the regular network uses. It took me awhile to work out the MS ISCSI initiator stuff since I'd had no experience with it before. And I don't know if I'd characterize it as instead of a SAN. As far as I can see, it's a SAN. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Tue, 08 Jun 2010 09:01:18 -0500 Subject: RE: RE: SAN Solution Nifty. I’m assuming these are “Enterprise” SATA drives? How does it connect to your existing servers, and approximately how much does something like that cost? That might be something I would want to look at using instead of a SAN. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Tuesday, June 08, 2010 9:42 AM To: NT System Admin Issues Subject: RE: RE: SAN Solution I'm using the Drobo Elite for backups as well. It's where I store workstation images I create in Acronis. It is also the disk-to-disk storage I use for Arcserve server backups. I chose the somewhat more expensive Drobo Elite over a number of NAS alternatives for a number of reasons... * Rather than simulate MS network privaleges like most NASs do, I preferred being able to simply share the Drobo's space via my existing servers. That way I'm using MS sharing and security. * It's a SAN network which segregates storage traffic from the rest of the network. * It supplies a pool of storage that I can parcel out to any of my servers as conditions evolve. * I've got 16 TB of space. And it's all dynamically available to each partition. It took me a while to get this. You make every partition a 16 TB partition. That way, all partitions can use available storage without having to change partition sizes by destroying them and recreating them. * You can stick in any size SATA drive and it's added to the storage pool. Right now I have 8 2TB drives but when 3 and 4TB drives come out, I can swap out a 2TB drive and increase storage. Doesn't matter which slot you stick a drive in either. * Currently I'm using 2 drives for fault tolerance so if one fails, the RAID continues to operate with redundancy. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com
RE: RE: SAN Solution
How's the iSCSI performance on that unit? Compared to direct attached SATA for example? ...Tim From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Tuesday, June 08, 2010 8:09 AM To: NT System Admin Issues Subject: RE: RE: SAN Solution The Elite is bundled with WD drives, either a consumer grade or an enterprise. We went with the enterprise (DREL1A21-WD2002FYPS-8). You should be able to pick the unit up for around $6000. For connection, I'm using a stand-alone HP Procurve Gigabit switch. Each server has 2 nics. Each server's 2nd nic card is connected to the HP Procurve and setup on different subnet than the regular network uses. It took me awhile to work out the MS ISCSI initiator stuff since I'd had no experience with it before. And I don't know if I'd characterize it as instead of a SAN. As far as I can see, it's a SAN. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Tue, 08 Jun 2010 09:01:18 -0500 Subject: RE: RE: SAN Solution Nifty. I’m assuming these are “Enterprise” SATA drives? How does it connect to your existing servers, and approximately how much does something like that cost? That might be something I would want to look at using instead of a SAN. [cid:image001.jpg@01CB06F1.8A4788E0][cid:image002@01cb06f1.8a4788e0] From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Tuesday, June 08, 2010 9:42 AM To: NT System Admin Issues Subject: RE: RE: SAN Solution I'm using the Drobo Elite for backups as well. It's where I store workstation images I create in Acronis. It is also the disk-to-disk storage I use for Arcserve server backups. I chose the somewhat more expensive Drobo Elite over a number of NAS alternatives for a number of reasons... * Rather than simulate MS network privaleges like most NASs do, I preferred being able to simply share the Drobo's space via my existing servers. That way I'm using MS sharing and security. * It's a SAN network which segregates storage traffic from the rest of the network. * It supplies a pool of storage that I can parcel out to any of my servers as conditions evolve. * I've got 16 TB of space. And it's all dynamically available to each partition. It took me a while to get this. You make every partition a 16 TB partition. That way, all partitions can use available storage without having to change partition sizes by destroying them and recreating them. * You can stick in any size SATA drive and it's added to the storage pool. Right now I have 8 2TB drives but when 3 and 4TB drives come out, I can swap out a 2TB drive and increase storage. Doesn't matter which slot you stick a drive in either. * Currently I'm using 2 drives for fault tolerance so if one fails, the RAID continues to operate with redundancy. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: Jay Dale [mailto:jay.d...@3-gig.commailto:jay.d...@3-gig.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Tue, 08 Jun 2010 08:17:07 -0500 Subject: RE: RE: SAN Solution Exactly what we use it for..:) Jay Dale I.T. Manager, 3GiG Mobile: 713.299.2541 Email: jay.d...@3-gig.commailto:jay.d...@3-gig.com Confidentiality Notice: This e-mail, including any attached files, may contain confidential and/or privileged information for the sole use of the intended recipient. If you are not the intended recipient, you are hereby notified that any review, dissemination or copying of this e-mail and attachments, if any, or the information contained herein, is strictly prohibited. If you are not the intended recipient (or authorized to receive information for the intended recipient), please contact the sender by reply e-mail and delete all copies of this message. From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Monday, June 07, 2010 8:07 PM To: NT System Admin Issues Subject: Re: RE: SAN Solution As I recall from the specs, it only supports one client...which would be good for backups, or a small single (physical) server environment. On Mon, Jun 7, 2010 at 8:52 PM, Jay Dale jay.d...@3-gig.commailto:jay.d...@3-gig.com wrote: It works fine for just the backups, but we want something that not only can hold the backups but also a data repo for the VM's as well as the user data and image backups of laptops. Jay From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Monday, June 07, 2010 5:22 PM To: NT System Admin Issues Subject: Re: RE: SAN
RE: OTish: Help with a job advert?
Ask for experience in LUA configuration. If they know what it is, that's a good first step. ...Tim -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Monday, June 07, 2010 10:51 AM To: NT System Admin Issues Subject: RE: OTish: Help with a job advert? Experience with moving an environment away from users who are local admins on their PC's a big plus... Dave -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, June 07, 2010 10:40 AM To: NT System Admin Issues Subject: OTish: Help with a job advert? I've got a minion who's given notice, and I want someone who's got a bit bigger skillset if possible, but don't know if what I want is reasonable for what the company believes to be a beginning position. The one thing I'm really looking for (aside from a decent customer service skills) is someone who has been through the process of locking down desktops so that folks aren't administrators on their machines. I haven't had time to do this, and if we can bring in someone who has that experience, that would be really nice. I also realize that it is probably not considered a beginner's skill, so we might not get that person for the pay we're offering, but it can't hurt to ask. I also don't know exactly how to word it in the advert - have any of you placed an ad asking for this kind of skill, and if so, what did you ask for? Thanks, Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VPN stuff
That page looks to be pretty old. I don't think Mudge has gone by that name since the L0pght/@Stake days in the late 90's early 2000's I know that MS's initial (NT4 days) PPTP implementation had some real problems. They released PPTPv2 in the Win2000 time frame, which was supposed to address the problems with the original implementation. I've looked and can't find anything on the fixed version - all the write ups are like this and are usually undated and don't specify which version of the protocol ...Tim From: Richard Stovall [mailto:rich...@gmail.com] Sent: Thursday, May 06, 2010 12:36 PM To: NT System Admin Issues Subject: Re: VPN stuff http://www.schneier.com/pptp-faq.html I suppose, as with many things, it's all about what your security needs are. I agree with the less is more/better philosophy in general, but usually that's thought to be true because of 2 things - reduced risk from insecure apps and better performance due to fewer apps running. In this case it could be reasonably argued that your vulnerability profile actually goes up by not installing the SSL VPN software. On Thu, May 6, 2010 at 3:24 PM, Phillip Partipilo p...@psnet.commailto:p...@psnet.com wrote: There are a lot of things in transition here, but one little one has been implementation of a Watchguard UTM box. Recently remote SSL VPN users have been having issues. I'm taking that up with support, so not asking about that. But call me an old stubborn fart, but I have things working with PPTP, which Windows has a built in client for, and now theres the addition of SSL which needs additional software. Maybe call me a minimalist, but the less 3rd party crap I have to install on my PC, the more streamlined it stays. Comments? Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VPN stuff
Nice, thanks for the link. That confirms my understanding that they basically did fix all the original problems. It sounds like a good enough implementation if you implement reasonable password measures - long enough length, complexity, etc. ...Tim From: Richard Stovall [mailto:rich...@gmail.com] Sent: Thursday, May 06, 2010 2:21 PM To: NT System Admin Issues Subject: Re: VPN stuff You are correct sir. I realize now that the link was to criticism of the original implementation. Here is one about PPTPv2 http://www.schneier.com/pptp.html On Thu, May 6, 2010 at 4:56 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: That page looks to be pretty old. I don't think Mudge has gone by that name since the L0pght/@Stake days in the late 90's early 2000's I know that MS's initial (NT4 days) PPTP implementation had some real problems. They released PPTPv2 in the Win2000 time frame, which was supposed to address the problems with the original implementation. I've looked and can't find anything on the fixed version - all the write ups are like this and are usually undated and don't specify which version of the protocol ...Tim From: Richard Stovall [mailto:rich...@gmail.commailto:rich...@gmail.com] Sent: Thursday, May 06, 2010 12:36 PM To: NT System Admin Issues Subject: Re: VPN stuff http://www.schneier.com/pptp-faq.html I suppose, as with many things, it's all about what your security needs are. I agree with the less is more/better philosophy in general, but usually that's thought to be true because of 2 things - reduced risk from insecure apps and better performance due to fewer apps running. In this case it could be reasonably argued that your vulnerability profile actually goes up by not installing the SSL VPN software. On Thu, May 6, 2010 at 3:24 PM, Phillip Partipilo p...@psnet.commailto:p...@psnet.com wrote: There are a lot of things in transition here, but one little one has been implementation of a Watchguard UTM box. Recently remote SSL VPN users have been having issues. I'm taking that up with support, so not asking about that. But call me an old stubborn fart, but I have things working with PPTP, which Windows has a built in client for, and now theres the addition of SSL which needs additional software. Maybe call me a minimalist, but the less 3rd party crap I have to install on my PC, the more streamlined it stays. Comments? Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Kind of OT: Generic Accounts
You can get passgen from Jesper's site: http://msinfluentials.com/media/p/6532.aspx ...Tim -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Wednesday, May 05, 2010 8:30 PM To: NT System Admin Issues Subject: Re: Kind of OT: Generic Accounts On 5 May 2010 at 14:27, Charlie Kaiser wrote: Our MO at my last larger multi-site client was to have individual accounts, one for each PC. That way there was no compromise of any other machine if one pw was passed around. I used Steve Riley's Passgen tool to create and retrieve strong pws. Some scripting allowed me to change the local account on each machine as long as I had connectivity to it. Here's a link to some info about the tool... http://blogs.technet.com/steriley/archive/2008/09/29/passgen-tool-from- my-bo ok.aspx FWIW the Passgen tool is no longer available from his Skydrive. I use the old freeware DCPC (Danish Company Password Changer) tool to change passwords on multiple computers simultaneously. Of course PSEXEC \\computername NET USER username password will set a password remotely -- if you have admin rights to the remote box already. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Internet Policies
We redirect ours to an internal webpage that lets the user know the site was blocked and then we can look thru the logs to see who has been trying to go where. ...Tim From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Tuesday, May 04, 2010 12:22 PM To: NT System Admin Issues Subject: RE: Internet Policies Yep the good old blackhole technique, most of the naughty domains are going to 127.0.0.1 which helps if the malware is programmed to go back to a specific domain name, but that doesn't help those malware that is using google or other public available sites, that might have been compromised to get back to its instruction set. Also there is the fast-flux domains which is usually tied with malware/botnets, that this approach has a good affect on. Again nothing is full proof but if you can reduce your risk and quickly, that is better than sitting there praying for forgiveness after you get owned. Z Edward Ziots CISSP,MCSA,MCP+I,Security +,Network +,CCA Network Engineer Lifespan Organization 401-639-3505 ezi...@lifespan.org From: Devin Meade [mailto:devin.me...@gmail.com] Sent: Tuesday, May 04, 2010 2:44 PM To: NT System Admin Issues Subject: Re: Internet Policies I used a fake DNS entry for twitter.comhttp://twitter.com and the others that I found in the ISA log. I made a new forward lookup zone for each one in our Active Dir integrated DNS system. I know it wont block sub-domains but it made the point. It has since been removed. I can use Trend micro officescan if we want to actively block though. Devin On Tue, May 4, 2010 at 1:22 PM, John Aldrich jaldr...@blueridgecarpet.commailto:jaldr...@blueridgecarpet.com wrote: I was aware of that, but I was wondering what Devin's company used. :) Personally, I'd go for either DNS (if there was a blackhole or something easily implemented like that) or web filtering appliance. [cid:image001.jpg@01CAEB85.31F92630][cid:image002@01caeb85.31f92630] From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Tuesday, May 04, 2010 2:20 PM To: NT System Admin Issues Subject: Re: Internet Policies They can be blocked via DNS, via Firewalls, via Web Filtering technologies. -ASB: http://XeeSM.com/AndrewBaker On Tue, May 4, 2010 at 2:11 PM, John Aldrich jaldr...@blueridgecarpet.commailto:jaldr...@blueridgecarpet.com wrote: How did you block them? Do you have an appliance or did you put in some sort of DNS entries? [cid:image001.jpg@01CAEB85.31F92630][cid:image002@01caeb85.31f92630] From: Devin Meade [mailto:devin.me...@gmail.commailto:devin.me...@gmail.com] Sent: Tuesday, May 04, 2010 1:21 PM To: NT System Admin Issues Subject: Re: Internet Policies Up until last month we blocked all the social networking sites. Now our firm is marketing on them. We are adjusting our policies for this. It will be on a user-by-user basis though. Devin On Tue, May 4, 2010 at 11:38 AM, John Aldrich jaldr...@blueridgecarpet.commailto:jaldr...@blueridgecarpet.com wrote: What restrictions, if any, do your organizations place on things like IM or social networking sites? I sent out a warning to the office personnel this morning regarding the new IM Virus and got an email back from the CEO basically stating shouldn't that be a violation of company policy anyway? and I had to tell him, I knew of no policies regarding that; and that in fact, my former supervisor was fully aware of at least one person (who's child is overseas in the military) who used IM on a semi-regular basis. For this reason, I'm working on coming up with a company policy. I've looked at the sample template from SANS as well as another one that someone sent me off-list. I'm planning on incorporating the best of everything I get, so if anyone has any suggested language regarding IM or social networking, please let me have it. :) [cid:image001.jpg@01CAEB85.31F92630][cid:image002@01caeb85.31f92630] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: Outlook 2010 bug
Can't duplicate it here - same setup except for 32 bit Win7 From: James Hill [mailto:james.h...@superamart.com.au] Sent: Tuesday, May 04, 2010 8:35 PM To: NT System Admin Issues Subject: Outlook 2010 bug Just wondering if anyone can replicate this bug:- * Outlook 2010 is open and a new email is received. The new email notification popup/preview appears on the bottom right of the desktop. Clicking on the notification opens the email but places the window behind the current active window. So it opens the message, but you have to select it in the taskbar to bring the window to the foreground. This is on Outlook 2010 Pro Plus RTM/Final on Windows 7 X64. James. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DNSSEC and the root Domain Name Servers Changeover May 5th
My understanding of the issue is that normal DNS traffic uses small DNS UDP packets, less than 512 bytes. Because of this, some pieces of firewalls or DNS servers are configured to reject UDP packets larger than 512 bytes, figuring that it's broken or malicious. Signed DNSSEC packets are much larger, than 512 bytes, potentially as large as 4K. Sensational claims in the Register notwithstanding (http://www.theregister.co.uk/2010/04/13/dnssec), my understanding is that the root servers will only return the longer DNSSEC responses when they are requested, otherwise there will be no change. There is a test at https://www.dns-oarc.net/oarc/services/replysizetest you can run to see if your network server can handle the larger packets. Interestingly, although I've heard that OpenDNS will support DNSSEC, when I run the test from here (we use OpenDNS), the response comes back that their DNS server has limited the packet size to 512 bytes. I guess they don't have it in place yet. ...Tim -Original Message- From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, May 03, 2010 5:40 AM To: NT System Admin Issues Subject: DNSSEC and the root Domain Name Servers Changeover May 5th Folks, I have been getting some questions about the issues surrounding the changing of the root DNS servers implementing DNSSEC as of MAY 5th, and how this might affect the zone transfers, and DNS in general for organizations that aren’t implementing DNSSEC yet, or don’t have DNSSEC compliant DNS Servers ( Bind/Windows etc etc). From what I am reading non DNSSEC aware DNS servers will get the DNS responses in the older non-compliant format. So this will work for resolvers ( say Windows XP and below) but what about organizations/business that are hosting there zones accordingly, do they need to be upgraded to DNSSEC just to participate in the DNS hierarchy or not? I was under the assumption this is really going to affect the TLD’s more and the ISP’s, but I defintely wrong about that. Like to hear everyones ideas about this, reading some stuff, and not all the info is telling me the same things. Z Edward Ziots CISSP,MCSA,MCP+I,Security +,Network +,CCA Network Engineer Lifespan Organization 401-639-3505 ezi...@lifespan.org ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Open source 'ghost' product?
+1 How do you find out what works and what doesn't? Or figure out how to optimize it for your environment? ...Tim -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Saturday, May 01, 2010 9:02 AM To: NT System Admin Issues Subject: RE: Open source 'ghost' product? And a really engaged IT wouldn't waste time in experiments and trials . If I have to image a server of a customer I feel more quiet using Storage craft or other paid products requiring one shot only Wow, so I guess everything in the world running *nix is all by little boys in small infrastructures with time to play and learn complicated methods w/ a cli versus the big one click gui boys. Yeah, the admins who run: The IBM Roadrunner, the world's second fastest supercomputer operated by the US National Nuclear Security Administration uses Red Hat Enterprise Linux and Fedora as its operating systems. and University of Toronto's $50-million supercomputer - the fastest such machine in Canada that run Linux are noobs with nothing to do? What's your guess those bad ass toys are managed by a shinny one click gui? What you or I feel comfortable with has nothing to do competency and level of engagement, sorry... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Open source 'ghost' product?
Imagex generates a file based image rather than a block based image like ghost and the others do. You can mount an Imagex wim file and go in and easily add/remove/replace files. ...Tim -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Friday, April 30, 2010 9:14 AM To: NT System Admin Issues Subject: Re: Open source 'ghost' product? On 4/30/2010 11:03 AM, Ben Scott wrote: Aside from ghost (which pretty well is flawless) the next best free thing is probably imagex properly configured for _windows_. Is ImageX available for Windows XP? ImageX will capture XP disk images. You don't get all the fancy deployment image servicing features you get with with NT6.0+ though (ie add drivers directly to image, slipstream .msu packages directly into image). That statement worries me. What does ImageX actually do if it's not a true image? I believe the thinking is the only true image is a dd dump. ImageX gets everything that Ghost and Acronis TrueImage and DriveImage XML and insert endless product list here does. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Open source 'ghost' product?
I'm aware of tools like Ghost Explorer. The last time I looked at Ghost (which has been a few years, admittedly) it copied used blocks on drive. AFAIK, that what most imaging programs do. ImageX reads the file system, not the raw disk blocks. ...Tim -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Friday, April 30, 2010 9:44 AM To: NT System Admin Issues Subject: Re: Open source 'ghost' product? Most of the imaging products I listed are file based then, as most (or all) of them will let you access the image and add/remove files... Ghost included. Modern versions of Ghost include this thing called Ghost Explorer that will let you open .gho files specifically for the purpose of manipulating the contents. On 4/30/2010 11:16 AM, Tim Evans wrote: Imagex generates a file based image rather than a block based image like ghost and the others do. You can mount an Imagex wim file and go in and easily add/remove/replace files. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Open source 'ghost' product?
It's not bad as long as you don't mind using the command line. You can script it to make it even easier. It takes a few minutes to set a WinPE image up, but once you've got it done, you're set until you need to add more drivers. Mark Minasi had a great set of instructions on setting up WinPE and using ImageX in his newsletter a while back. see http://www.minasi.com/showdoc.asp?docname=nws0701orig.htm for the first one in the series, which explains how to set up a WinPE image. ...Tim -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Friday, April 30, 2010 11:12 AM To: NT System Admin Issues Subject: Re: Open source 'ghost' product? Yes! But the support for using imagex.exe is only available for XP SP3 (and it's version of Sysprep), not with SP2 or earlier. That being said, making a WinPE CD is not super easy, nor is using imagex. I think there are some projects out there that are trying to make it easier, though... and I've used gimagex, which is an AutoIT frontend to MS's imagex.exe. (See this page on gimagex: http://www.autoitscript.com/gimagex) My solution is to boot from a Windows Vista, 7, or Server 2008 DVD (or PXE boot from WDS), press Shift-F10 to get a console, net use to a share witch has imagex.exe and gimagex... and viola! --Matt Ross Ephrata School District - Original Message - From: Ben Scott [mailto:mailvor...@gmail.com] Is ImageX available for Windows XP? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: www.Sunbelt-software.com down?
And a very fine talk it was too. Complete with a diagram of a self healing fiber ring. I've got to say, you weren't wrong in recommending TEC. The level of expertise was simply astounding. ...Tim From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, April 29, 2010 12:10 PM To: NT System Admin Issues Subject: RE: www.Sunbelt-software.com down? Can you say redundant AND diverse? :) I knew you could. (This particular issue was part of a talk I gave earlier this week at TEC'2010 on high availability.) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Jeff Cain [mailto:je...@sunbelt-software.com] Sent: Thursday, April 29, 2010 3:06 PM To: NT System Admin Issues Subject: RE: www.Sunbelt-software.com down? Hey everyone, There was a major fiber cut that brought down our phone lines and internet access. During this time we were unable make/receive calls as well as emails. The problem has been resolved so we will be fine moving forward. The cut that happened was to 3 separate systems which included our backup internet connection. They all ran through this particular trunk that was taken out. Thanks, Jeff Cain Technical Support Analyst Sunbelt Software Email: supp...@sunbeltsoftware.commailto:supp...@sunbeltsoftware.com Voice: 1-877-673-1153 Fax: 1-727-562-5199 Web: http://www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com/ Physical Address: 33 N Garden Ave Suite 1200 Clearwater, FL 33755 United States If you do not want further email from us, please forward this message to listmana...@sunbelt-software.commailto:listmana...@sunbelt-software.com with the word 'unsubscribe' in the subject of your email. Helpful Sunbelt Software Links: Knowledge Basehttp://support.sunbeltsoftware.com/ Open a New Support Tickethttp://www.sunbeltsoftware.com/Support/Contact/ Sunbelt Software Product Support Communitieshttp://www.sunbeltsoftware.com/communities/ From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, April 29, 2010 3:03 PM To: NT System Admin Issues Subject: RE: www.Sunbelt-software.com down? Seems they may have all their eggs in one basket? Their websites, as well as AV definitions point here: 64.128.133.140 Matter of fact: wxpnews.net, w2knews.com, wxpnews.com, stusnews.com, win7news.net and at least 66 other hosts point to 64.128.133.140 Is that best practice? From: James Kerr [mailto:cluster...@gmail.com] Sent: Thursday, April 29, 2010 2:53 PM To: NT System Admin Issues Subject: Re: www.Sunbelt-software.com down? not only that but their friggin phones were down as well!!! - Original Message - From: Jonathan Linkmailto:jonathan.l...@gmail.com To: NT System Admin Issuesmailto:ntsysadmin@lyris.sunbelt-software.com Sent: Thursday, April 29, 2010 2:33 PM Subject: Re: www.Sunbelt-software.comhttp://www.Sunbelt-software.com down? And the lists appeared to be down as well. What happened Stu? :-) On Thu, Apr 29, 2010 at 2:30 PM, Jay Dale jay.d...@3-gig.commailto:jay.d...@3-gig.com wrote: Working now...it was down earlier... Jay Dale I.T. Manager, 3GiG Mobile: 713.299.2541 Email: jay.d...@3-gig.commailto:jay.d...@3-gig.com Confidentiality Notice: This e-mail, including any attached files, may contain confidential and/or privileged information for the sole use of the intended recipient. If you are not the intended recipient, you are hereby notified that any review, dissemination or copying of this e-mail and attachments, if any, or the information contained herein, is strictly prohibited. If you are not the intended recipient (or authorized to receive information for the intended recipient), please contact the sender by reply e-mail and delete all copies of this message. From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.commailto:david.mazzacc...@hudsonhhc.com] Sent: Thursday, April 29, 2010 9:29 AM To: NT System Admin Issues Subject: www.Sunbelt-software.comhttp://www.sunbelt-software.com/ down? Can't there from here...anyone? Also can't get to sunbeltsoftware.comhttp://sunbeltsoftware.com/ . . ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Security - Marc Maiffret
Cool! I'm looking forward to your workshop and meeting you guys. This will be my first TEC. I'm doing it this year instead of Tech Ed. ...Tim From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, April 16, 2010 9:06 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret /waves backglad you got approved to go! I've finished my presentation slides and am madly working to get my pre-conference workshop material done... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Free, Bob [mailto:r...@pge.com] Sent: Friday, April 16, 2010 11:59 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret Yes, he has for a number of years. It was really ironic that my manager and I were chatting about him Wed night as his firm was doing some work with our infosec team because she knew he and I used to keep in contact, then this article hit the newsfeeds the next day. Maybe more eerily coincidental :) He and I chatted a little yesterday and I hope to meet up with him when I'm down there at the end of the month for TEC. /waves at MBS- See you the 25th From: Steve Ens [mailto:stevey...@gmail.com] Sent: Friday, April 16, 2010 8:27 AM To: NT System Admin Issues Subject: Security - Marc Maiffret http://news.cnet.com/8301-27080_3-20002317-245.html Doesn't Marc post here from time to time? Good interview. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Security - Marc Maiffret
And it is because of your comments (and Joe Richards') about TEC that I decided it give it a try. So, if I don't learn anything there, it must be your fault :-) ...Tim From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, April 16, 2010 10:07 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret And I will say that I personally find TEC more valuable than TechEd. Lots of very smart people willing to sit down with a beer and answer questions for you. No 100/200 level presentations. 350/400. Great stuff. I've known Bob for probably 10 years now on this mailing list. First met him physically at TEC (it was DEC - Directory Experts Conference then). Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, April 16, 2010 1:02 PM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret The Experts Conference. They have AD, IdM, Exchange, and SharePoint tracks. www.tec2010.comhttp://www.tec2010.com Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Steve Ens [mailto:stevey...@gmail.com] Sent: Friday, April 16, 2010 1:00 PM To: NT System Admin Issues Subject: Re: Security - Marc Maiffret What is this TEC everyone is speaking about? June always is not a good time for me for Tech Ed, an April or May conference would be preferrable. On Fri, Apr 16, 2010 at 11:55 AM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: Cool! I'm looking forward to your workshop and meeting you guys. This will be my first TEC. I'm doing it this year instead of Tech Ed. ...Tim From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Friday, April 16, 2010 9:06 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret /waves backglad you got approved to go! I've finished my presentation slides and am madly working to get my pre-conference workshop material done... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Free, Bob [mailto:r...@pge.commailto:r...@pge.com] Sent: Friday, April 16, 2010 11:59 AM To: NT System Admin Issues Subject: RE: Security - Marc Maiffret Yes, he has for a number of years. It was really ironic that my manager and I were chatting about him Wed night as his firm was doing some work with our infosec team because she knew he and I used to keep in contact, then this article hit the newsfeeds the next day. Maybe more eerily coincidental :) He and I chatted a little yesterday and I hope to meet up with him when I'm down there at the end of the month for TEC. /waves at MBS- See you the 25th From: Steve Ens [mailto:stevey...@gmail.commailto:stevey...@gmail.com] Sent: Friday, April 16, 2010 8:27 AM To: NT System Admin Issues Subject: Security - Marc Maiffret http://news.cnet.com/8301-27080_3-20002317-245.html Doesn't Marc post here from time to time? Good interview. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: OT: Comcast Business Docsis 3.0
Thanks. There are some good questions here to ask before we sign up. ...Tim From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Wednesday, March 24, 2010 1:11 PM To: NT System Admin Issues Subject: RE: OT: Comcast Business Docsis 3.0 Ok, I have a little more time now to rant on this... iirc, the Docsis or whatever it's called doesn't have any SLA. They did have something when we used it... but it was like: for a day long outage they would refund a small part of your bill. Great... not. We actually had a 20 HOUR outage with them once. They had no idea how to fix it. Many people on their support staff didn't even know what docsis 3 was, they only knew how to support docsis 2.0. There was also like 3 pieces of equipment that they had to install - and they all were consumer grade. And they always froze up. I finally installed a telephone operated power supply to all 3 units because I had to reboot them all the time. Also, no local support after hours. Everything is routed to (Denver?) - and they are complete idiots there. Local support always bitches about the people in Denver, and vice versa. Each (Local vs. Denver) had a COMPLETLY different was of doing thinks. Seriously, even one of their actually brilliant techs drew out the backbone of their network to my on my whiteboard. It's terrible. If you have comcast business, do a tracert. Then do the same tracert on another isp - you will notice MANY more hops on Comcast. They never let us out of the contract even though everyone at Comcast agreed we had a terrible experience. I didn't bother fighting it, I just dumbed it down to the $59 a month plan. I got back on fiber VERY quickly. Luckily . Also, they TREAT SMTP TRAFFIC LIKE THE DEVIL. Do NOT ever put a SMTP server behind this. (Their techs told me this). They will just sporadically drop SMTP traffic out of the blue. It's something that carried over from the consumer side. Everybody at Comcast hates this and wants this practice to go away - they seriously just don't know how to un-implement it, technically and on paper. Red tape is everywhere in the company. Luckily they told me this upfront, so I didn't put our SMTP traffic on their IPs. -Sam I wrote this in flash, sorry for any typos. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, March 23, 2010 5:44 PM To: NT System Admin Issues Subject: Re: OT: Comcast Business Docsis 3.0 On Tue, Mar 23, 2010 at 11:36 AM, Richard Stovall rich...@gmail.com wrote: Anyone have the 50/10 service from Comcast? Any thoughts or experiences? I can't speak to the 50/10 service level, but we've had Comcast for a few years here. It's fine for what I call disposable bandwidth -- web browsing, downloads, etc. Blazing fast and dirt cheap. But I would never put anything mission critical on it. We have another feed (fixed wireless, through a local ISP) for that. Comcast still basically sees everything as TV. If TV is out, it's an inconvenience, you have some upset customers, you maybe loose some PPV dollars, but ultimately, it's just not that big a deal. Their phones and Internet are the same way. They actually work okay most of the time, but hey, if they go down, no big deal, right? Don't put a mail server on it. Simply being on Comcast weighs against you in many spam filters. Maybe 2 or 3 times per year, it flakes out. We have to power off the CPE, wait a minute, power on to get it to resume. Comcast is an HFC (hybrid fiber-coax) system. HFC runs fiber to optical nodes, which are large boxes hung off utility poles. Coax runs from the nodes to your premises. The nodes need elecricity and are supplied by city power. They might have batteries, but they don't last very long. No generators. So if power is out in your area for more than an hour or two, you *will* go down, and you'll be out for the duration. We've had two big storms in the past two years where Comcast was out for days. No power at the node, though we had power at our plant. Our copper telephone lines never even flickered. The telcos know how to build a robust system, I'll give them that. (Or they used to know -- consumer FTTP is another story entirely.) Comcast's SLAs are a joke. Their standard SLA says, If you don't like the service, you're free to cancel. Their Symmetric SLA says if it does down for long enough, you can get some money back, but it's prorated down to the hour and *they* decide what down means. So packet loss is 30% and next-hop RTT is 300 ms might qualify as up. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Comcast Business Docsis 3.0
Really? Yes, I'd like to hear more details. They are trying to get into one of our buildings and $190/mo for 50mb down/10mb up sounds like a pretty good deal. We'd be using it as a backup link and for local internet service. ...Tim -Original Message- From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Tuesday, March 23, 2010 9:10 AM To: NT System Admin Issues Subject: RE: Comcast Business Docsis 3.0 RUN FOR YOUR LIFE! It's horrid. Made my home internet look business grade. We ran back to fibre very quickly. I'll give more details if needed, but I'm trying to block that experience out. Sam -Original Message- From: Richard Stovall [mailto:rich...@gmail.com] Sent: Tuesday, March 23, 2010 10:37 AM To: NT System Admin Issues Subject: OT: Comcast Business Docsis 3.0 Anyone have the 50/10 service from Comcast? Any thoughts or experiences? I normally wouldn't think about Cable for work, but if it's any good we could save ~$14,000 / year. Thanks, RS ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: I wonder how VIPRE would have done...
Even a blind squirrel find the nut sometimes ...Tim -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Tuesday, March 16, 2010 4:53 PM To: NT System Admin Issues Subject: Re: I wonder how VIPRE would have done... Ouch! Why'd it have to be McAfee that stopped it? Have they actually gotten better over the years? Kurt Buff kurt.b...@gmail.com 3/16/2010 12:17 PM From SANS Newsbites: TOP OF THE NEWS --Six of Seven AV Programs Tested Did Not Detect Aurora Attack Variants (March 11, 2010) A test of seven of commonly used anti-virus programs found that just one detected variants of the malware that exploited the IE vulnerability used in the Aurora attacks, which affected Google, Adobe and other US companies. Rick Moy, president of NSS Labs, the company that performed the tests, said that vendors need to put more focus on the vulnerability than on exploit protection. Threat detection and mitigation need to evolve to meet the challenge of the emerging attacks. OS and client software vendors need to shoulder their share of the security burden. http://www.computerworld.com/s/article/9169658/Update_Security_industry_faces_attacks_it_cannot_stop?taxonomyId=13pageNumber=1 http://darkreading.com/vulnerability_management/security/antivirus/showArticle.jhtml?articleID=223600014subSection=Antivirus ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: propogating permissions to subfolders
cd \home for /d %f in (user*) do icacls %f /reset ...Tim -Original Message- From: jesse-r...@wi.rr.com [mailto:jesse-r...@wi.rr.com] Sent: Tuesday, March 16, 2010 12:30 PM To: NT System Admin Issues Subject: RE: propogating permissions to subfolders Looks like you are right, icacls.exe will do the trick. icacls User1\* /reset /t /c ... will reset the entire subdirectory tree underneath the User1 folder. However, since i have thousands of these folders to do, is there a way to automatically script having it run icacls User1\* /reset /t /c icacls User2\* /reset /t /c icacls User3\* /reset /t /c icacls User4\* /reset /t /c , etc... One after the other? Can this be achieved using the FOR command in from a batch? My days of remembering context for the FOR command is long gone. J Original Message: - From: Michael B. Smith mich...@smithcons.com Date: Tue, 16 Mar 2010 18:23:47 + To: ntsysadmin@lyris.sunbelt-software.com Subject: RE: propogating permissions to subfolders Xcacls will do it (although depending on what OS you are running you might want to download the update from Microsoft downloads). However, icacls has an easier syntax (which is less powerful but should meet your needs in this case). Take a look at it. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: jesse-r...@wi.rr.com [mailto:jesse-r...@wi.rr.com] Sent: Tuesday, March 16, 2010 1:49 PM To: NT System Admin Issues Subject: propogating permissions to subfolders I think xcalcs.exe might do what I want, but I can't figure out the proper format. My directory structure is as follows: -Volume --Home ---User1 ---User2 ---User3 ---User4 etc. At the User1, User2, folder permissions are set the way we want. Domain admins have full control, user has modify, and the helpdesk group has read permissions. However, the subfolders underneath each user folder are NOT all set to inherit from the parent (for one reason or another). I want to FORCE the permissions from the User1 folder to ALL the subfolders under User1, and FORCE the permissions on the User2 folder to ALL the subfolders under User2, etc. I can do this from the GUI by selecting User1 folder and enabling the Replace permission entries However, I want to automate this. How can I FORCE the Allow inheritable permissions checkbox to be enabled on all user subfolders and FORCE the Replace permission entries... checkbox to be enabled on ALL the subfolders underneath my User1, User2, User3, etc. folders? I think xcalcs should do it, but, I'm confused how exactly... Thanks. mail2web.com - What can On Demand Business Solutions do for you? http://link.mail2web.com/Business/SharePoint ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ mail2web.com - Enhanced email for the mobile individual based on Microsoft(r) Exchange - http://link.mail2web.com/Personal/EnhancedEmail ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DNS Server service shuts down shortly after the DC boots
Yes, very good point. Thanks for pointing that out Brian. Fortunately, I don't run the delete all very often. It looks like I'll have to revisit this again in the near future. ...Tim From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, March 10, 2010 1:14 PM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots That is an extremely good point. One I had not thought of. I have pretty much decided from the playpen experience that I won't do this on my AD DNS servers. I might, however, set up a forwarding server that does all the lookups for external zones and place these zones there. Maybe. Lots of playing left to do to see whether or how to implement it. RS On Wed, Mar 10, 2010 at 4:08 PM, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com wrote: Keep in mind that with this script (particularly recycle bin enabled), I'd expect to see quite a bit of DIT growth. Every single time you delete all these zones and start again, they're going to sit hidden in the DIT for 180 days, and then an additional 180 days as stripped down tombstones. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com c - 312.731.3132 From: Richard Stovall [mailto:rich...@gmail.commailto:rich...@gmail.com] Sent: Wednesday, March 10, 2010 3:05 PM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots I just set this up on a sandboxed test VM and it was effective. I had to chuckle, though, because it took over an hour to create the zones. This VM is also a DC for a 5 machine domain and the ntds.dit file went from around 38MB to 106MB. On Tue, Mar 9, 2010 at 4:41 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: I run this batch file: ** begin batch file * @echo off set server=mydnsserver set /p delold=Delete old domains? if /I %delold% NEQ Y goto getit echo Deleting old domains... pause for /F %%f in (mal_list.txt) do dnscmd %server% /zonedelete %%f /dsdel /f :getit if exist domains.txt del domains.txt wget http://www.malwaredomains.com/files/domains.txt || goto end if exist mal_list.txt del mal_list.txt rem ignore lines beginning with # echo 1st word only for /F eol=# tokens=1 %%i in (domains.txt) do @echo %%i mal_list.txt for /F %%f in (mal_list.txt) do (dnscmd %server% /zoneadd %%f /DsPrimary /DP /forest dnscmd %server% /recordadd %%f * A 192.168.0.6) :end ** end batch file * This adds a wildcard zone for each domain which points to an internal web server at 192.168.0.6. It displays a web site blocked due to malware page whenever anyone hits it. I go thru the logs regularly and investigate any host on that server. It's a bit crude in that it just attempts to add all the domains each time it is run, but it works from me. Occasionally, they delete a bunch of domains and I couldn't figure out a better way to handle it, so if I answer Y to tor prompt, it deletes all domains and readds them from the downloaded list. ...Tim From: Richard Stovall [mailto:rich...@gmail.commailto:rich...@gmail.com] Sent: Tuesday, March 09, 2010 1:13 PM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots Very intriguing. How do you accomplish the loading of the domain list? Using a boot file per the directions here: http://www.malwaredomains.com/wordpress/?page_id=6#MS? Do you refresh the list manually every once and a while? Thanks, RS On Tue, Mar 9, 2010 at 3:58 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: FWIW, I load the entire domain list from http://www.malwaredomains.com/ into my AD integrated DNS without any problems. over 18000 domains are currently included. I've got a 2003 native domain/forest too. DC's include WS08R2, WS08, WS03 SP2. I have not seen anything like this here. ...Tim From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 11:53 AM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It appears that background zone loading is a feature of 2008 and later... maybe I just need to hurry up the upgrade to 2008. Carl From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 2:44 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Oh! Yes, now that you say that I bet what's happening is that it's timing out. There is a flag (and I'm sorry that I don't remember the details) that says do the initial zone load in the background. You probably need to set that. That should be enough to biggle with... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 2:40 PM To: NT System Admin Issues Subject: RE: DNS Server service
RE: DNS Server service shuts down shortly after the DC boots
http://en.wikipedia.org/wiki/Wget Curl would work too: http://en.wikipedia.org/wiki/CURL ...Tim From: David W. McSpadden [mailto:dav...@imcu.com] Sent: Thursday, March 11, 2010 6:54 AM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots what is the wget From: Richard Stovallmailto:rich...@gmail.com Sent: Wednesday, March 10, 2010 4:05 PM To: NT System Admin Issuesmailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: DNS Server service shuts down shortly after the DC boots I just set this up on a sandboxed test VM and it was effective. I had to chuckle, though, because it took over an hour to create the zones. This VM is also a DC for a 5 machine domain and the ntds.dit file went from around 38MB to 106MB. On Tue, Mar 9, 2010 at 4:41 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: I run this batch file: ** begin batch file * @echo off set server=mydnsserver set /p delold=Delete old domains? if /I %delold% NEQ Y goto getit echo Deleting old domains... pause for /F %%f in (mal_list.txt) do dnscmd %server% /zonedelete %%f /dsdel /f :getit if exist domains.txt del domains.txt wget http://www.malwaredomains.com/files/domains.txt || goto end if exist mal_list.txt del mal_list.txt rem ignore lines beginning with # echo 1st word only for /F eol=# tokens=1 %%i in (domains.txt) do @echo %%i mal_list.txt for /F %%f in (mal_list.txt) do (dnscmd %server% /zoneadd %%f /DsPrimary /DP /forest dnscmd %server% /recordadd %%f * A 192.168.0.6) :end ** end batch file * This adds a wildcard zone for each domain which points to an internal web server at 192.168.0.6. It displays a web site blocked due to malware page whenever anyone hits it. I go thru the logs regularly and investigate any host on that server. It's a bit crude in that it just attempts to add all the domains each time it is run, but it works from me. Occasionally, they delete a bunch of domains and I couldn't figure out a better way to handle it, so if I answer Y to tor prompt, it deletes all domains and readds them from the downloaded list. ...Tim From: Richard Stovall [mailto:rich...@gmail.commailto:rich...@gmail.com] Sent: Tuesday, March 09, 2010 1:13 PM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots Very intriguing. How do you accomplish the loading of the domain list? Using a boot file per the directions here: http://www.malwaredomains.com/wordpress/?page_id=6#MS? Do you refresh the list manually every once and a while? Thanks, RS On Tue, Mar 9, 2010 at 3:58 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: FWIW, I load the entire domain list from http://www.malwaredomains.com/ into my AD integrated DNS without any problems. over 18000 domains are currently included. I've got a 2003 native domain/forest too. DC's include WS08R2, WS08, WS03 SP2. I have not seen anything like this here. ...Tim From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 11:53 AM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It appears that background zone loading is a feature of 2008 and later... maybe I just need to hurry up the upgrade to 2008. Carl From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 2:44 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Oh! Yes, now that you say that I bet what's happening is that it's timing out. There is a flag (and I'm sorry that I don't remember the details) that says do the initial zone load in the background. You probably need to set that. That should be enough to biggle with... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 2:40 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Debug logging will log DNS packets to a text file. I guess the last DNS packet received before the shutdown could tell me something if it was shutting down randomly at any time. But the fact that the service stays running forever after restarting suggests that bad DNS packets on the wire aren't likely causing this. So if bad DNS traffic is the problem, the only explanation would be a DNS query from the DC to itself. DC DOS's its own DNS server service? One thing I may have that is less common is a lot of DNS authoritative zones for well known bad (malware hosting) domain names. There's over 1000 of 'em. I have to say I'm not up for an extended debugging journey on this one, just wondering if this behavior triggered any memories for anyone. Carl From: Brian Desmond [mailto:br...@briandesmond.commailto:br...@briandesmond.com] Sent: Tuesday
RE: Malware DNS
I posted a batch file here yesterday that does just that. See the DNS Server service shuts down... thread ...Tim From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Wednesday, March 10, 2010 5:52 AM To: NT System Admin Issues Subject: Malware DNS I was looking at adding the Malware DNS entries, but I'm not sure how to do that. I was thinking it would be really nice if there were a hosts file to just add to the DNS servers, but I'm not sure that would propagate out on DNS queries by the client machines. How does one add a DNS file like the MalwareDomains.com entries? [cid:image001.jpg@01CAC020.2CD937C0][cid:image002@01cac020.2cd937c0] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: DNS Server service shuts down shortly after the DC boots
FWIW, I load the entire domain list from http://www.malwaredomains.com/ into my AD integrated DNS without any problems. over 18000 domains are currently included. I've got a 2003 native domain/forest too. DC's include WS08R2, WS08, WS03 SP2. I have not seen anything like this here. ...Tim From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 11:53 AM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It appears that background zone loading is a feature of 2008 and later... maybe I just need to hurry up the upgrade to 2008. Carl From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 2:44 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Oh! Yes, now that you say that I bet what's happening is that it's timing out. There is a flag (and I'm sorry that I don't remember the details) that says do the initial zone load in the background. You probably need to set that. That should be enough to biggle with... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 2:40 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Debug logging will log DNS packets to a text file. I guess the last DNS packet received before the shutdown could tell me something if it was shutting down randomly at any time. But the fact that the service stays running forever after restarting suggests that bad DNS packets on the wire aren't likely causing this. So if bad DNS traffic is the problem, the only explanation would be a DNS query from the DC to itself. DC DOS's its own DNS server service? One thing I may have that is less common is a lot of DNS authoritative zones for well known bad (malware hosting) domain names. There's over 1000 of 'em. I have to say I'm not up for an extended debugging journey on this one, just wondering if this behavior triggered any memories for anyone. Carl From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Tuesday, March 09, 2010 1:53 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It should be able to kick out more info to a text file. The scenario you mention of branch DCs not having connectivity is completely normal. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com c - 312.731.3132 From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 12:46 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Good idea, but the DNS Server's event logging option has been on all events all this time. That must be the default, I don't recall ever changing it. Carl From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 1:39 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots This would seem to indicate to me that while the DNS Server service was initiated, it never actually finished initializing. Aren't there some logging options on the DNS server property tab? I'd probably ratchet those up to max for a while and see if they helped gather more info... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 1:22 PM To: NT System Admin Issues Subject: DNS Server service shuts down shortly after the DC boots Curious thing, started a few months ago after I moved the FSMO roles from this DC to another one. This DC frequently boots in a vacuum - no other DC's can be contacted, so it takes a long time sniffing around before it finally starts Active Directory and its own DNS Server service. A few minutes after that, the DNS Server service shuts down. There's nothing in the System or Application event log to explain it, and the DNS Server event log records simply that The DNS server has shutdown. (event ID 3). The recovery options are set to restart the service, but that doesn't happen because the service appears to have been shut down on purpose. But no human (for sure) and 99.9% sure no software is issuing the command. Another interesting thing from the event logs, under System, when I start the service there's an event 7036 logged The DNS Server has entered the running state. But I see NO event 7036 for DNS at the time of booting. Obviously, it must be started, else the DNS event log wouldn't record that it had shut down! And I see no 7036 events for it stopping either. When this happens, I can manually start the DNS Server service and all is well until the next boot, which may or may not have the problem. I think it's happening about 50% of the time. I've scripted a solution to recover from the problem,
RE: DNS Server service shuts down shortly after the DC boots
I run this batch file: ** begin batch file * @echo off set server=mydnsserver set /p delold=Delete old domains? if /I %delold% NEQ Y goto getit echo Deleting old domains... pause for /F %%f in (mal_list.txt) do dnscmd %server% /zonedelete %%f /dsdel /f :getit if exist domains.txt del domains.txt wget http://www.malwaredomains.com/files/domains.txt || goto end if exist mal_list.txt del mal_list.txt rem ignore lines beginning with # echo 1st word only for /F eol=# tokens=1 %%i in (domains.txt) do @echo %%i mal_list.txt for /F %%f in (mal_list.txt) do (dnscmd %server% /zoneadd %%f /DsPrimary /DP /forest dnscmd %server% /recordadd %%f * A 192.168.0.6) :end ** end batch file * This adds a wildcard zone for each domain which points to an internal web server at 192.168.0.6. It displays a web site blocked due to malware page whenever anyone hits it. I go thru the logs regularly and investigate any host on that server. It's a bit crude in that it just attempts to add all the domains each time it is run, but it works from me. Occasionally, they delete a bunch of domains and I couldn't figure out a better way to handle it, so if I answer Y to tor prompt, it deletes all domains and readds them from the downloaded list. ...Tim From: Richard Stovall [mailto:rich...@gmail.com] Sent: Tuesday, March 09, 2010 1:13 PM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots Very intriguing. How do you accomplish the loading of the domain list? Using a boot file per the directions here: http://www.malwaredomains.com/wordpress/?page_id=6#MS? Do you refresh the list manually every once and a while? Thanks, RS On Tue, Mar 9, 2010 at 3:58 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: FWIW, I load the entire domain list from http://www.malwaredomains.com/ into my AD integrated DNS without any problems. over 18000 domains are currently included. I've got a 2003 native domain/forest too. DC's include WS08R2, WS08, WS03 SP2. I have not seen anything like this here. ...Tim From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 11:53 AM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It appears that background zone loading is a feature of 2008 and later... maybe I just need to hurry up the upgrade to 2008. Carl From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 2:44 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Oh! Yes, now that you say that I bet what's happening is that it's timing out. There is a flag (and I'm sorry that I don't remember the details) that says do the initial zone load in the background. You probably need to set that. That should be enough to biggle with... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 2:40 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Debug logging will log DNS packets to a text file. I guess the last DNS packet received before the shutdown could tell me something if it was shutting down randomly at any time. But the fact that the service stays running forever after restarting suggests that bad DNS packets on the wire aren't likely causing this. So if bad DNS traffic is the problem, the only explanation would be a DNS query from the DC to itself. DC DOS's its own DNS server service? One thing I may have that is less common is a lot of DNS authoritative zones for well known bad (malware hosting) domain names. There's over 1000 of 'em. I have to say I'm not up for an extended debugging journey on this one, just wondering if this behavior triggered any memories for anyone. Carl From: Brian Desmond [mailto:br...@briandesmond.commailto:br...@briandesmond.com] Sent: Tuesday, March 09, 2010 1:53 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It should be able to kick out more info to a text file. The scenario you mention of branch DCs not having connectivity is completely normal. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com c - 312.731.3132 From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 12:46 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Good idea, but the DNS Server's event logging option has been on all events all this time. That must be the default, I don't recall ever changing it. Carl From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 1:39 PM To: NT System Admin Issues Subject: RE: DNS
RE: DNS Server service shuts down shortly after the DC boots
Not that I can see. OpenDNS doesn't give me a log of the malware domains my users have attempted to visit. I think the malwaredomains list is more complete than OpenDNS, but I don't know that for a fact. ...Tim From: David Lum [mailto:david@nwea.org] Sent: Tuesday, March 09, 2010 1:20 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Doesn't going through OpenDNS achieve pretty much the same thing? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Tim Evans [mailto:tev...@sparling.com] Sent: Tuesday, March 09, 2010 12:59 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots FWIW, I load the entire domain list from http://www.malwaredomains.com/ into my AD integrated DNS without any problems. over 18000 domains are currently included. I've got a 2003 native domain/forest too. DC's include WS08R2, WS08, WS03 SP2. I have not seen anything like this here. ...Tim From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 11:53 AM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It appears that background zone loading is a feature of 2008 and later... maybe I just need to hurry up the upgrade to 2008. Carl From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 2:44 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Oh! Yes, now that you say that I bet what's happening is that it's timing out. There is a flag (and I'm sorry that I don't remember the details) that says do the initial zone load in the background. You probably need to set that. That should be enough to biggle with... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 2:40 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Debug logging will log DNS packets to a text file. I guess the last DNS packet received before the shutdown could tell me something if it was shutting down randomly at any time. But the fact that the service stays running forever after restarting suggests that bad DNS packets on the wire aren't likely causing this. So if bad DNS traffic is the problem, the only explanation would be a DNS query from the DC to itself. DC DOS's its own DNS server service? One thing I may have that is less common is a lot of DNS authoritative zones for well known bad (malware hosting) domain names. There's over 1000 of 'em. I have to say I'm not up for an extended debugging journey on this one, just wondering if this behavior triggered any memories for anyone. Carl From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Tuesday, March 09, 2010 1:53 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It should be able to kick out more info to a text file. The scenario you mention of branch DCs not having connectivity is completely normal. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com c - 312.731.3132 From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 12:46 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Good idea, but the DNS Server's event logging option has been on all events all this time. That must be the default, I don't recall ever changing it. Carl From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 1:39 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots This would seem to indicate to me that while the DNS Server service was initiated, it never actually finished initializing. Aren't there some logging options on the DNS server property tab? I'd probably ratchet those up to max for a while and see if they helped gather more info... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 1:22 PM To: NT System Admin Issues Subject: DNS Server service shuts down shortly after the DC boots Curious thing, started a few months ago after I moved the FSMO roles from this DC to another one. This DC frequently boots in a vacuum - no other DC's can be contacted, so it takes a long time sniffing around before it finally starts Active Directory and its own DNS Server service. A few minutes after that, the DNS Server service shuts down. There's nothing in the System or Application event log to explain it, and the DNS Server event log records simply that The DNS server has shutdown. (event ID 3). The recovery options are set to restart the service, but that doesn't happen
RE: DNS Server service shuts down shortly after the DC boots
I'd be interested to see what kind of improvements you come up for it. This was something quick dirty I whipped up and haven't ever gotten the time to go back and clean up. ...Tim From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Tuesday, March 09, 2010 2:01 PM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots Indeed! This is a project that I have wanted to attempt myself - and this just saved me a whole lot of start-up time. Thanks, Tim! -- ME2 On Tue, Mar 9, 2010 at 1:45 PM, Richard Stovall rich...@gmail.commailto:rich...@gmail.com wrote: Most excellent. Thank you very much. I'll give this a whirl at home and see how it goes. Much obliged, RS On Tue, Mar 9, 2010 at 4:41 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: I run this batch file: ** begin batch file * @echo off set server=mydnsserver set /p delold=Delete old domains? if /I %delold% NEQ Y goto getit echo Deleting old domains... pause for /F %%f in (mal_list.txt) do dnscmd %server% /zonedelete %%f /dsdel /f :getit if exist domains.txt del domains.txt wget http://www.malwaredomains.com/files/domains.txt || goto end if exist mal_list.txt del mal_list.txt rem ignore lines beginning with # echo 1st word only for /F eol=# tokens=1 %%i in (domains.txt) do @echo %%i mal_list.txt for /F %%f in (mal_list.txt) do (dnscmd %server% /zoneadd %%f /DsPrimary /DP /forest dnscmd %server% /recordadd %%f * A 192.168.0.6) :end ** end batch file * This adds a wildcard zone for each domain which points to an internal web server at 192.168.0.6. It displays a web site blocked due to malware page whenever anyone hits it. I go thru the logs regularly and investigate any host on that server. It's a bit crude in that it just attempts to add all the domains each time it is run, but it works from me. Occasionally, they delete a bunch of domains and I couldn't figure out a better way to handle it, so if I answer Y to tor prompt, it deletes all domains and readds them from the downloaded list. ...Tim From: Richard Stovall [mailto:rich...@gmail.commailto:rich...@gmail.com] Sent: Tuesday, March 09, 2010 1:13 PM To: NT System Admin Issues Subject: Re: DNS Server service shuts down shortly after the DC boots Very intriguing. How do you accomplish the loading of the domain list? Using a boot file per the directions here: http://www.malwaredomains.com/wordpress/?page_id=6#MS? Do you refresh the list manually every once and a while? Thanks, RS On Tue, Mar 9, 2010 at 3:58 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: FWIW, I load the entire domain list from http://www.malwaredomains.com/ into my AD integrated DNS without any problems. over 18000 domains are currently included. I've got a 2003 native domain/forest too. DC's include WS08R2, WS08, WS03 SP2. I have not seen anything like this here. ...Tim From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 11:53 AM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots It appears that background zone loading is a feature of 2008 and later... maybe I just need to hurry up the upgrade to 2008. Carl From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Tuesday, March 09, 2010 2:44 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Oh! Yes, now that you say that I bet what's happening is that it's timing out. There is a flag (and I'm sorry that I don't remember the details) that says do the initial zone load in the background. You probably need to set that. That should be enough to biggle with... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Carl Houseman [mailto:c.house...@gmail.commailto:c.house...@gmail.com] Sent: Tuesday, March 09, 2010 2:40 PM To: NT System Admin Issues Subject: RE: DNS Server service shuts down shortly after the DC boots Debug logging will log DNS packets to a text file. I guess the last DNS packet received before the shutdown could tell me something if it was shutting down randomly at any time. But the fact that the service stays running forever after restarting suggests that bad DNS packets on the wire aren't likely causing this. So if bad DNS traffic is the problem, the only explanation would be a DNS query from the DC to itself. DC DOS's its own DNS server service? One thing I may have that is less common is a lot of DNS authoritative zones for well known bad (malware hosting) domain names. There's over 1000 of 'em. I have to say I'm not up for an extended debugging journey on this one, just wondering if this behavior triggered any memories for anyone. Carl From: Brian Desmond [mailto:br...@briandesmond.commailto:br...@briandesmond.com] Sent: Tuesday, March 09, 2010 1:53 PM To: NT System Admin
RE: Sat Radio for your PBX on hold?
This is legal: http://www.royaltyfreemusic.com/ ...Tim -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, March 04, 2010 8:44 AM To: NT System Admin Issues Subject: RE: Sat Radio for your PBX on hold? Well, I don't think that is *technically* legal, but you can probably get away with it. You could just rip some CDs to MP3 files and put something like WinAmp on there to play the MP3 files in a random or specified order. That's not legal either, but unlikely to get caught either. :-) -Original Message- From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, March 04, 2010 11:28 AM To: NT System Admin Issues Subject: Sat Radio for your PBX on hold? Stupid question, been wanting to do this for years and Management finally told me to do it. Anyway, say I sign up for the Sirius internet streaming and just plunk an old laptop on the top of the PBX rack. Does the internet stream ever time out or will it stay on indefinitely? Would be kind of hard to put a physical unit in, would have to get an antenna outside. Noticed they also have a tabletop radio that uses internet connection for it's feed. Suppose that would work also if the feed never times out. Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Policy for external devices
To avoid all the me-too's, I'll just post ours here. This is our Portable Computing and Data Storage Device Policy. IANAL and I didn't write this, but here it is: Sparling may provide a portable computing device (e.g. a laptop computer, smartphone, or personal digital assistant) and/or mass data storage devices (e.g. USB thumb drives, Smart Digital cards, CD/DVDs, external hard drives) to staff members whose regular duties include use of such devices. In some cases, a portable computing device and portable data storage device may be the same device. Sparling may also permit staff members to access its network using a portable computing device to perform their job duties. Personal Use of Company-Issued Portable Computing and Data Storage Devices Sparling's portable computing and data storage devices and the networks they access are intended for business use. Staff members may use such computing devices for occasional personal purposes, but any use must be on personal time. Personal use of portable computing and data storage devices must not interfere in any way with job duties or performance. Use of Portable Computing and Data Storage Devices Is Not Private Sparling has the ability to access and review all information stored on its portable computing and data storage devices and network. The Company reserves the right to perform such an inspection at any time. Staff members should not expect that any files, records, or other data stored on the Company's equipment and network are private, even with privacy protections in place (e.g. using a password or designating it as personal). Content Rules for Portable Computing and Data Storage Devices All of Sparling's policies and rules of conduct apply to staff member use of Company-issued portable computing and data storage devices. All communications (e.g. email, instant messaging, and Internet access) on Company-issued portable computing devices are subject to the Company's policies on appropriate use. This means, for example, that staff members may not send or store harassing messages, access pornographic or gambling websites, or violate any of the Company's other rules on appropriate communications content. Security of Portable Computing and Data Storage Devices Although portable computing equipment and convenient portable data storage devices can greatly improve the Company's communications and efficiency, they can also pose a risk to the security of the Company's proprietary information. If these devices are lost, stolen, or hacked into, an outsider could have access to Company data or the Company's network. To prevent theft and loss of data, staff members who receive Company-issued portable computing equipment and data storage devices must follow these guidelines: * Staff members should not download confidential Company information to a portable computing or data storage device unless it is absolutely necessary. If confidential Company information is stored on a portable computing or data storage device, it must be encrypted using Company-approved encryption software and it must be securely deleted as soon as that information is no longer needed. * Staff members should log off or sign off before leaving a portable computing device unattended. Likewise, portable computing devices must also require a password or PIN to use the device at power-on or boot-up. * If Company-issued portable computing devices are equipped with antivirus software, automatic updates to this software may not be blocked. * Staff members may not download, install, or use any software programs on a Company-issued portable computing device unless that program has been approved and installed by the IT department. * The same anti-virus and malware precautions are required for portable computing device as are required for Company computers. Email or IM attachments from unknown senders should not be opened. Internet files may not be opened, read, or downloaded without first allowing for a virus scan. * Staff members are responsible for the security of portable computing and data storage devices issued to them. These devices should be kept in one's possession whenever possible. If a portable computing or data storage device must be left unattended, it should be stored out of sight in a secure location, such as in a hotel safe or in a locked filing cabinet at home. Portable computing or data storage devices should not be left unattended in vehicles. * Staff members must immediately notify their manager and the Company's IT department if their portable computing or data storage device is lost or stolen so the Company may attempt to remotely delete or secure all data stored on the device. Don't Use Personal Portable Computing or Data Storage Devices for Work Storing Company information on a personal portable computing or data storage device, or using such a device to access or attach to the Company's
RE: Need Website Tested
Win7 x 64, 32bit IE - no problems here ...Tim From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Friday, February 12, 2010 5:52 AM To: NT System Admin Issues Subject: Need Website Tested Our Windows 7 machines crash when accessing the following site with IE8: http://www.suwannee.k12.fl.us/ The module causing the fault is mshtml.dll. We've tested from multiple Win7 machines (different brands/models/images) on our end with the same result, but Vista and XP seem to work fine. Could any of you with Win7 try the site through IE8 and let me know if you see the same thing? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: vSphere 4.0 Update 1 and MS Forefront
Contacted MS and was informed they don't support Server 2008 R2 in virtual environments. Go figure... WTF? Really - just a blanket statement like that? That seems particularly out of touch with things today. ...Tim From: Roger Wright [mailto:rhw...@gmail.com] Sent: Wednesday, January 27, 2010 8:15 AM To: NT System Admin Issues Subject: Re: vSphere 4.0 Update 1 and MS Forefront Yes, got them done, too. The machines took about 20 minutes to reboot and would stop serving until FF was removed. Contacted MS and was informed they don't support Server 2008 R2 in virtual environments. Go figure... Roger Wright ___ Sent from Tampa, Florida, United States On Wed, Jan 27, 2010 at 11:11 AM, Straub, Patrick patrick.str...@lanexpert.chmailto:patrick.str...@lanexpert.ch wrote: Did you also update the VMware tools on your VMs? From: Roger Wright [rhw...@gmail.commailto:rhw...@gmail.com] Sent: Wednesday, January 27, 2010 17:04 To: NT System Admin Issues Subject: vSphere 4.0 Update 1 and MS Forefront We recently updated our VMware servers to update 1 and immediately had issues on at least 2 of them with MS Forefront. The VMs slowed to a crawl and we ended up removing FF from those VMs. We're migrating to VIPRE and want to know if anyone has experienced similar issues with vSphere 4.0 Update 1 in conjunction with VIPRE. Roger Wright ___ Of course I can keep secrets - it's the people I tell them to who can't keep them. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: KMS count question
I'm pretty sure it is a combined value. Once you have the 5 server licenses, you only need 20 more to start activating the clients. I've never seen it documented anywhere, but that's the way it seemed to work here From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Friday, January 15, 2010 11:34 AM To: NT System Admin Issues Subject: KMS count question I've got (2) KMS hosts on the network for activating Windows Server 2008 systems. Up until now, we haven't had any Vista or Windows 7 systems to worry about. The desktop group is starting to test windows 7 and I will begin testing Windows 2008 R2 soon. I have updated the KMS keys on the hosts with the new keys that support Windows 2008 R2 and Windows 7. My question is regarding the count. It retained the count (10 in my case) so the Windows 2008 R2 systems I bring up should be activated right away (since the count is over 5). What I don't understand is where the 25 count for Windows 7 systems come into play. When I do a SLMGR.VBS /dli it shows me a count value. But it doesn't break it down between 2008 and Windows 7. So how will that increment? And is it a cumulative count of both OSs? So right now my count is 10, does that mean I need 15 Windows 7 systems in order to reach the 25? Or do I need 25 Windows 7 systems, since none of the computers that have added to the count so far have been Windows 7? Can someone clarify this for me? I have read all the Volume Activation 2.0 guides and this topic is not very clear in the documentation. Thank you, Chris Bodnar, MCSE Sr. Systems Engineer Infrastructure Service Delivery Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.commailto:christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: KMS count question
Good to know for sure, thanks From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Friday, January 15, 2010 12:05 PM To: NT System Admin Issues Subject: RE: KMS count question Thanks I think I found the answer on Technet: http://technet.microsoft.com/en-us/library/dd979804.aspx KMS can activate both physical computers and virtual machines. To qualify for KMS activation, a network must meet the activation threshold: KMS hosts activate client computers only after meeting this threshold. To ensure that the activation threshold is met, a KMS host counts the number of computers that are requesting activation on the network. For computers running Windows Server 2008 or Windows Server 2008 R2, the activation threshold is five. For computers running Windows Vista or Windows 7, the activation threshold is 25. The thresholds include client computers and servers that are running on physical computers or virtual machines. A KMS host responds to each valid activation request from a KMS client with the count of how many computers have contacted the KMS host for activation. Clients that receive a count below their activation threshold are not activated. For example, if the first two computers that contact the KMS host are running Windows 7, the first receives an activation count of 1, and the second receives an activation count of 2. If the next computer is a Windows 7 virtual machine, it receives an activation count of 3, and so on. None of these computers is activated, because computers running Windows 7 must receive an activation count ≥25 to be activated. KMS clients in the grace state that are not activated because the activation count is too low connect to the KMS host every two hours to get the current activation count and will be activated when the threshold is met. If the next computer that contacts the KMS host is running Windows Server 2008 R2, it receives an activation count of 4, because activation counts are a combination of computers running Windows Server 2008 R2 and Windows 7. If a computer running Windows Server 2008 or Windows Server 2008 R2 receives an activation count that is ≥5, it is activated. If a computer running Windows 7 receives an activation count ≥25, it is activated. Chris Bodnar, MCSE Sr. Systems Engineer Infrastructure Service Delivery Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.commailto:christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From: tev...@sparling.com [mailto:tev...@sparling.com] Sent: Friday, January 15, 2010 2:59 PM To: NT System Admin Issues Subject: RE: KMS count question I'm pretty sure it is a combined value. Once you have the 5 server licenses, you only need 20 more to start activating the clients. I've never seen it documented anywhere, but that's the way it seemed to work here From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Friday, January 15, 2010 11:34 AM To: NT System Admin Issues Subject: KMS count question I've got (2) KMS hosts on the network for activating Windows Server 2008 systems. Up until now, we haven't had any Vista or Windows 7 systems to worry about. The desktop group is starting to test windows 7 and I will begin testing Windows 2008 R2 soon. I have updated the KMS keys on the hosts with the new keys that support Windows 2008 R2 and Windows 7. My question is regarding the count. It retained the count (10 in my case) so the Windows 2008 R2 systems I bring up should be activated right away (since the count is over 5). What I don't understand is where the 25 count for Windows 7 systems come into play. When I do a SLMGR.VBS /dli it shows me a count value. But it doesn't break it down between 2008 and Windows 7. So how will that increment? And is it a cumulative count of both OSs? So right now my count is 10, does that mean I need 15 Windows 7 systems in order to reach the 25? Or do I need 25 Windows 7 systems, since none of the computers that have added to the count so far have been Windows 7? Can someone clarify this for me? I have read all the Volume Activation 2.0 guides and this topic is not very clear in the documentation. Thank you, Chris Bodnar, MCSE Sr. Systems Engineer Infrastructure Service Delivery Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.commailto:christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error,
RE: RMDIR and Wildcards
for %f in (path\directory*) do rd /s %f Add /Q if you're brave and don't want to be prompted for each one ...Tim From: Gavin Wilby [mailto:gavin.wi...@gmail.com] Sent: Thursday, January 14, 2010 8:05 AM To: NT System Admin Issues Subject: RMDIR and Wildcards Hi, For one reason or another I have a need to automatically remove certain directories (full or otherwise) from a few windows server systems. As rmdir path\directory* /S doesnt appear to work, is there any other way that this can be batched and scheduled? The directories are all called randomnumber.tmp and so I want to wildcard the rmdir. Yes, these are directories NOT tmp files. -- Gavin Wilby, Twitter: http://twitter.com/gavin_wilby GSXR Blog: http://www.stoof.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: RMDIR and Wildcards
correct, sorry about that. ...Tim From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, January 14, 2010 8:39 AM To: NT System Admin Issues Subject: RE: RMDIR and Wildcards You need to throw in a /d if you want to match against directories For /d %f in (path\directory*) do rd /s %f From: Gavin Wilby [mailto:gavin.wi...@gmail.com] Sent: Thursday, January 14, 2010 10:38 AM To: NT System Admin Issues Subject: Re: RMDIR and Wildcards Hi Tim, Are you sure that syntax is correct, as it doesnt appear to work here :( Gavin. On Thu, Jan 14, 2010 at 4:25 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: for %f in (path\directory*) do rd /s %f Add /Q if you're brave and don't want to be prompted for each one ...Tim From: Gavin Wilby [mailto:gavin.wi...@gmail.commailto:gavin.wi...@gmail.com] Sent: Thursday, January 14, 2010 8:05 AM To: NT System Admin Issues Subject: RMDIR and Wildcards Hi, For one reason or another I have a need to automatically remove certain directories (full or otherwise) from a few windows server systems. As rmdir path\directory* /S doesnt appear to work, is there any other way that this can be batched and scheduled? The directories are all called randomnumber.tmp and so I want to wildcard the rmdir. Yes, these are directories NOT tmp files. -- Gavin Wilby, Twitter: http://twitter.com/gavin_wilby GSXR Blog: http://www.stoof.co.ukhttp://www.stoof.co.uk/ -- Gavin Wilby, Twitter: http://twitter.com/gavin_wilby GSXR Blog: http://www.stoof.co.uk Sent from Whitehaven, Eng, United Kingdom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Using Windows Easy Transfer
I haven't used Easy Transfer, but I did use USMT4 which I understand is the same thing ...Tim From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com] Sent: Friday, January 08, 2010 12:51 PM To: NT System Admin Issues Subject: Using Windows Easy Transfer Has anyone got Windows Easy Transfer to work going from XP to Win7? I am trying to transfer from a XP laptop to a Win7 laptop. Todd Lemmiksoo Network Administrator All-Mode Communications, Inc. 1725 Dryden Road Freeville, New York 13068 (607) 347-4164 x440 1-877-ALLMODE (toll free) http://www.all-mode.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: How do you feel about bloatware?
don't forget Symantec ...Tim From: David Lum [mailto:david@nwea.org] Sent: Wednesday, January 06, 2010 6:20 AM To: NT System Admin Issues Subject: RE: How do you feel about bloatware? And Java... From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, January 06, 2010 6:17 AM To: NT System Admin Issues Subject: Re: How do you feel about bloatware? There are only three words that can explain how I hate bloatware and how to deal with it...Make Adobe Bankrupt 2010/1/6 Stu Sjouwerman s...@sunbelt-software.commailto:s...@sunbelt-software.com Hi Guys! (This is one of Stu's '30-second' surveys...) How do you feel about bloatware? We're looking for a slogan of just a few words, remember the one we had for CounterSpy?: Hit Spyware Hard. Which phrase expresses best how you feel about bloatware? Feel free to use the textbox at the end if you think you have a better one. If that gets chosen, you'll get an exclusive VIPRE t-shirt with that slogan. Here is the link. Thanks so much in advance!!! http://www.surveymonkey.com/s/V8F2RN9 Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.commailto:s...@sunbelt-software.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Win7 God mode?
Do you use the search box in control panel? I've never had any problems finding things in the new control panel layout with it, as opposed to trying to guess where Microsoft hid it. ...Tim From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Wednesday, January 06, 2010 7:33 AM To: NT System Admin Issues Subject: RE: Win7 God mode? IMO God Mode = The missing Control Panel. I remember when settings were so much easier to find... From: David Lum [mailto:david@nwea.org] Sent: Tuesday, January 05, 2010 9:43 AM To: NT System Admin Issues Subject: Win7 God mode? Anyone? http://news.cnet.com/8301-13860_3-10423985-56.html David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Wipe server Hard drives
It depends on the controller. I'm currently wiping several drives on a perc2 controller. I had to boot with the noverify option to get it to come up. There are other boot options you can play with too that might help. ...Tim From: Stefan Jafs [mailto:stefan.j...@gmail.com] Sent: Tuesday, January 05, 2010 10:13 AM To: NT System Admin Issues Subject: Wipe server Hard drives I have an old Dell 4400 that I would like to donate to charity, I need to wipe all the drives, I tried DBAN, it gave me non-fatal error and did not do anything, I assume it cant deal with the SCSI drives. Anyone have any suggestions? -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
WS08R2 eBook
http://download.microsoft.com/download/5/C/0/5C0BD0AB-040D-4C56-A60B-661001012DDA/Windows_Server_2008_R2_e-book.pdf pretty basic, but it seems to cover all the new features. It may be helpful for those working on WS03 - WS08 sales pitch ...Tim ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Retrieving deleted IE and Firefox history Urgent
Sans has a good blog at https://blogs.sans.org/computer-forensics/ …Tim From: bambi.j.saas...@seagate.com [mailto:bambi.j.saas...@seagate.com] Sent: Friday, December 18, 2009 9:00 AM To: NT System Admin Issues Subject: Fw: Retrieving deleted IE and Firefox history Urgent Does any one know any good forensic sites or forums? TIA . . SAVE THE EARTH.. IT'S THE ONLY PLANET WITH CHOCOLATE - Forwarded by Bambi J Saastad/Seagate on 12/18/2009 10:59 AM - John Meyers jrmeyer...@hotmail.com No Phone Info Available 12/18/2009 09:01 AM Please respond to NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com To NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com cc Subject RE: Retrieving deleted IE and Firefox history Urgent Sorry but how exactly do I do that? TIA From: jaldr...@blueridgecarpet.com To: ntsysadmin@lyris.sunbelt-software.com Subject: RE: Retrieving deleted IE and Firefox history Urgent Date: Fri, 18 Dec 2009 08:48:14 -0500 You might be able to look at the date/time stamp on the cached objects to get that information. From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Friday, December 18, 2009 8:25 AM To: NT System Admin Issues Subject: RE: Retrieving deleted IE and Firefox history Urgent IEHistoryView from www.nirsoft.nethttp://www.nirsoft.net/ might give you some info from IE. I don’t think it works with FF though. From: John Meyers [mailto:jrmeyer...@hotmail.com] Sent: Friday, December 18, 2009 7:01 AM To: NT System Admin Issues Subject: Retrieving deleted IE and Firefox history Urgent Good morning I have a laptop I need to somehow salvage ALL the deleted internet history from. IE was set to only keep for 20 days, not sure what Firefox was at. But I need to retrieve EVERYTHING I possibly can. I think the user at some point did a defrag, which is making it more difficult. I tried several analyzer programs that I loaded directly onto the pc to search with for recent activity, which I provided, then they brought it back and told me I needed to go deeper. At that point I removed the HD from it and only accessed it as an external drive to do the below listed attempts to retrieve the data. This is not normally my job, but I was asked to do it, and I'm not having much luck. I MUST have dates and times for the history, not just the sites. I imaged it with ghost and tried to use FireFox History recovery, but it found nothing. I tried Armor Forensic's NAT Stealth, but it only gives sites accessed. I tried File Scavenger from quetek, and it finds lots of things like index.dat files, but when I try to read them with index.dat analyzer they mostly say that they are not index.dat files. It doesn't seem to find any history.dat's. Can someone suggest what else I might try or some good forums for forensics? Thanks JR Hotmail: Trusted email with powerful SPAM protection. Sign up now.http://clk.atdmt.com/GBL/go/177141665/direct/01/ Hotmail: Powerful Free email with security by Microsoft. Get it now.http://clk.atdmt.com/GBL/go/171222986/direct/01/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ inline: image002.pnginline: image003.png
MVLS site is back up
For now anyways. It seems much snappier than before. That would be nice if it stays that way. ...Tim ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: MVLS site is back up
while I didn't time it, my download seemed pretty quick. From: David W. McSpadden [mailto:dav...@imcu.com] Sent: Friday, December 18, 2009 10:29 AM To: NT System Admin Issues Subject: Re: MVLS site is back up snappier yes. Slow for downloads though. I think all of us hungry users are going to break it. From: Tim Evansmailto:tev...@sparling.com Sent: Friday, December 18, 2009 1:14 PM To: NT System Admin Issuesmailto:ntsysadmin@lyris.sunbelt-software.com Subject: MVLS site is back up For now anyways. It seems much snappier than before. That would be nice if it stays that way. ...Tim ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: MVLS site up?
Yesterday, they were saying that their targeting it back on line today, but I'm not getting anything at all this morning. I was told yesterday that it was a problem with the back end database and that not even Microsoft staff has access to the information. It seems to me that someone screwed up big time. I know that if I tried an upgrade without a roll back plan, I'd get strung up. From: David W. McSpadden [mailto:dav...@imcu.com] Sent: Wednesday, December 16, 2009 8:27 AM To: NT System Admin Issues Subject: MVLS site up? Anyone have an ETA on when this will be back up? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Windows KMS licensing
The KMS for Vista/WS08 didn't count VM's towards the total count. The one with Win7/WS08R2 does count them. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Monday, December 14, 2009 5:12 AM To: NT System Admin Issues Subject: RE: Windows KMS licensing Huh? Hadn't heard that, but I also didn't watch the vid. We also have VMs that are using KMS licensing and seem to need to activate just like any other install. Maybe they are referring to the fact that depending on your installed server OS, VMs don't necessarily take a license? For example, WS08 Ent. Gets 4 server VMs to run on it and you only pay for the one server license. From: David Lum [mailto:david@nwea.org] Sent: Friday, December 11, 2009 2:12 PM To: NT System Admin Issues Subject: RE: Windows KMS licensing Thanks Bonnie, that (and the video link sent by Andrew) are the missing links I needed. I do show 2008 R2 KMS B as an available license. I don't plan on standing up 5 physical 2008 servers very quickly, so it's MAK'ing I go... It's a bummer that VM's won't count toward the activation limit, which makes me wonder if you are a mostly VM shop you're stuck with MAK's. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, December 11, 2009 1:52 PM To: NT System Admin Issues Subject: RE: Windows KMS licensing Yeah, but it also depends on your Key level. With our KMS B key for WS08 R2 (WS08 is the same), it only require 5 machines to check in before they start licensing. But, the same server won't activate Vista/W7 until that count hits 25. Basically unless you stand up 5+ servers quickly, you have to license them with your MAK key first and then change it back later using the default key. My boss, who does our licensing, had to call to get a MAK for WS08 R2 as it wasn't available on the Volume Licensing DL site-don't know if they've changed that or if it's still that way. -Bonnie From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Friday, December 11, 2009 1:40 PM To: NT System Admin Issues Subject: RE: Windows KMS licensing That sums it up. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: David Lum [mailto:david@nwea.org] Sent: Friday, December 11, 2009 4:37 PM To: NT System Admin Issues Subject: Windows KMS licensing Has anyone here implemented Windows KMS activation at their site? I only sort of understand it - you stand up ONE 2008 server and give it a KMS key and it becomes the activation server once what...25 other systems check in... David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Consultant PC on your network
Do you issue them ID's individually? How does that work? From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Tuesday, December 08, 2009 5:50 AM To: NT System Admin Issues Subject: Re: Consultant PC on your network We have a guest wireless access point in our DMZ for this, all they get is internet access from the DMZ and nothing on our network. Guest ID's expire at the end of the work day. On Mon, Dec 7, 2009 at 10:44 AM, David Lum david@nwea.orgmailto:david@nwea.org wrote: What process do you guys use for allowing a consultant to put their PC on your wire? Surely there are some questions needing to be asked, like does it have AV and is patched, probably need to make sure it's not running some DHCP or other service that might disrupt your network, right? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Missing find now button
Yes, I get the same thing here on both WS08R2 and WS08 SP2 From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Tuesday, December 08, 2009 2:02 PM To: NT System Admin Issues Subject: RE: Missing find now button So, is anyone able to either replicate this or refute that it happens on their WS08 R2 boxen? I even have a brand new R2 DC that was just built from DVD where this is happening. If it looks like a bug, I'll probably ask our desktop admin to call PSS. -B From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Tuesday, December 08, 2009 6:58 AM To: NT System Admin Issues Subject: RE: Missing find now button Yep-running GPMC as admin on both. From: David Lum [mailto:david@nwea.org] Sent: Tuesday, December 08, 2009 6:39 AM To: NT System Admin Issues Subject: RE: Missing find now button You running that snap-in as an administrator? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Tuesday, December 08, 2009 6:20 AM To: NT System Admin Issues Subject: Missing find now button Not finding much on this on google... On WS08 R2, run GPMC, edit a policy, expand User config\Preferences\Control Panel Settings\Printers Add a printer and use the ... button to browse On WS08 x64 SP2, I get this in the top half of the window: [cid:image001.png@01CA7810.6E6D09D0] On WS08 R2, I get this, with several (needed) buttons missing: [cid:image002.png@01CA7810.6E6D09D0] Can anyone else replicate this? I am getting the same behavior on several WS08 R2 dcs and a member server, pretty much anywhere in the scriptmaker preferences engine where you need to browse AD. Browsing OUs for printers or browsing folders for drive maps are a few more examples. Thanks, -Bonnie ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.pnginline: image002.png
RE: Missing find now button
Neither do I. I meant to say that I get the same results as Bonnie on both -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Tuesday, December 08, 2009 2:32 PM To: NT System Admin Issues Subject: Re: Missing find now button I don't see it on 2008 SP2. Tim Evans wrote: Yes, I get the same thing here on both WS08R2 and WS08 SP2 -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Latitude access problem
Thanks for the feedback. I've never tried to use it that way, so I'll be sure to remember safe boot. From: Len Hammond [mailto:lenhammo...@gmail.com] Sent: Thursday, December 03, 2009 5:24 PM To: NT System Admin Issues Subject: Re: Latitude access problem It failed to reset the user password - for the user account that had admin privs. Ended up using KonBoot to get to safe mode and went in to the Administrator account and reset the user password from there. He's in. Hopefully this time he'll remember what he chose for a password. I guess I didn't remember there were so many choices to get where we needed to go. Thanks again for everyone that replied. Len Hammond CSI:Hartland lenhamm...@gmail.commailto:lenhamm...@gmail.com On Thu, Dec 3, 2009 at 5:45 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: reset the administrator password? From: Len Hammond [mailto:lenhammo...@gmail.commailto:lenhammo...@gmail.com] Sent: Thursday, December 03, 2009 2:44 PM To: NT System Admin Issues Subject: Re: Latitude access problem That gets me in to the box but I don't seem to be able to change the password to his account. It says that it can't do it. At least we can easily get to his data. Thanks for the help. Len Hammond CSI:Hartland lenhamm...@gmail.commailto:lenhamm...@gmail.com On Thu, Dec 3, 2009 at 4:52 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: Have him boot off of http://www.piotrbania.com/all/kon-boot/ and reset the password. No reinstall needed From: Len Hammond [mailto:lenhammo...@gmail.commailto:lenhammo...@gmail.com] Sent: Thursday, December 03, 2009 1:45 PM To: NT System Admin Issues Subject: Latitude access problem Dell Latitude Genuises: Just had a call from a customer. He decided to set an account password on his Latitude laptop three days ago. He did this after drinking a bottle of wine, and now he can't remember his password. He either typed it wrong twice when setting it or doesn't remember it. Either way he can't get into his machine. He also doesn't remember or can't figure out what the Admin password is either. He does own the box and apparently he recently talked with Dell about this specific Service Tag to get drivers for a refresh. This is the box he has been using for some class he is taking so he needs to get the data off of it. It runs fine, he just can't get into it. He can pull the HDD and put it in an external case and attach it to another machine to grab the data before he wipes and reinstalls the OS. I have never tried to repair an operating system installation to reset passwords and I really think that will not work. Anyway, he is going to try a repair before he pulls the drive and recovers his data and then rebuilds. I believe that there are no viruses involved, but it did sound like alcohol was involved grin. Anyone have any thoughts, I can try or pass on to him? Len Hammond CSI:Hartland lenhamm...@gmail.commailto:lenhamm...@gmail.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Latitude access problem
Have him boot off of http://www.piotrbania.com/all/kon-boot/ and reset the password. No reinstall needed From: Len Hammond [mailto:lenhammo...@gmail.com] Sent: Thursday, December 03, 2009 1:45 PM To: NT System Admin Issues Subject: Latitude access problem Dell Latitude Genuises: Just had a call from a customer. He decided to set an account password on his Latitude laptop three days ago. He did this after drinking a bottle of wine, and now he can't remember his password. He either typed it wrong twice when setting it or doesn't remember it. Either way he can't get into his machine. He also doesn't remember or can't figure out what the Admin password is either. He does own the box and apparently he recently talked with Dell about this specific Service Tag to get drivers for a refresh. This is the box he has been using for some class he is taking so he needs to get the data off of it. It runs fine, he just can't get into it. He can pull the HDD and put it in an external case and attach it to another machine to grab the data before he wipes and reinstalls the OS. I have never tried to repair an operating system installation to reset passwords and I really think that will not work. Anyway, he is going to try a repair before he pulls the drive and recovers his data and then rebuilds. I believe that there are no viruses involved, but it did sound like alcohol was involved grin. Anyone have any thoughts, I can try or pass on to him? Len Hammond CSI:Hartland lenhamm...@gmail.commailto:lenhamm...@gmail.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Latitude access problem
reset the administrator password? From: Len Hammond [mailto:lenhammo...@gmail.com] Sent: Thursday, December 03, 2009 2:44 PM To: NT System Admin Issues Subject: Re: Latitude access problem That gets me in to the box but I don't seem to be able to change the password to his account. It says that it can't do it. At least we can easily get to his data. Thanks for the help. Len Hammond CSI:Hartland lenhamm...@gmail.commailto:lenhamm...@gmail.com On Thu, Dec 3, 2009 at 4:52 PM, Tim Evans tev...@sparling.commailto:tev...@sparling.com wrote: Have him boot off of http://www.piotrbania.com/all/kon-boot/ and reset the password. No reinstall needed From: Len Hammond [mailto:lenhammo...@gmail.commailto:lenhammo...@gmail.com] Sent: Thursday, December 03, 2009 1:45 PM To: NT System Admin Issues Subject: Latitude access problem Dell Latitude Genuises: Just had a call from a customer. He decided to set an account password on his Latitude laptop three days ago. He did this after drinking a bottle of wine, and now he can't remember his password. He either typed it wrong twice when setting it or doesn't remember it. Either way he can't get into his machine. He also doesn't remember or can't figure out what the Admin password is either. He does own the box and apparently he recently talked with Dell about this specific Service Tag to get drivers for a refresh. This is the box he has been using for some class he is taking so he needs to get the data off of it. It runs fine, he just can't get into it. He can pull the HDD and put it in an external case and attach it to another machine to grab the data before he wipes and reinstalls the OS. I have never tried to repair an operating system installation to reset passwords and I really think that will not work. Anyway, he is going to try a repair before he pulls the drive and recovers his data and then rebuilds. I believe that there are no viruses involved, but it did sound like alcohol was involved grin. Anyone have any thoughts, I can try or pass on to him? Len Hammond CSI:Hartland lenhamm...@gmail.commailto:lenhamm...@gmail.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Re: ANNOUNCEMENT: Job Hunting Assistance
Hi Andrew, I'd be interested in hearing what Kevin has to say.Please send the conference bridge info when it is available. Thanks ...Tim On Fri, Nov 20, 2009 at 4:29 AM, Andrew S. Baker asbz...@gmail.com wrote: Here's a follow-up (and a needed distraction from the silly political diversion) A colleague of mine is working with Kevin Donlin (http://www.linkedin.com/in/donlin) to put together a conference call (probably 30 min long) where Kevin would present a number of techniques that have been used by his clients to get new opportunities in recent months. If you would like to be in on this, please send me an email offline, and let me know and I will be able to ensure that we have the minimum 30 people needed for this event. Thanks!!! Also, thanks to those who have joined my LinkedIn network... ASB (My XeeSM Profile) Providing Competitive Advantage through Effective IT Leadership On Thu, Nov 19, 2009 at 10:44 AM, Andrew S. Baker asbz...@gmail.com wrote: I can't speak for all parts of the country, but in the NY/NJ metro area, things have started to pickup again on the recruitment front for IT opportunities. And I get the impression that a few other metro areas are also recovering a little. There has been quite a bit of activity in the 4th quarter, and I expect to see even more after the holidays. (Q1 should be a lot more like 2006 than we've seen in the past 18 or so months.) If you are looking, or preparing yourself for opportunities in any way, be sure to let me know. Also, feel free to connect to me via LinkedIn. I am receiving inquiries from recruiters almost daily at this point, for a variety of sysadmin and development roles in the North East US, and a few other parts of the country. I am more than happy to forward profiles of people I know who are looking, or do other things to facilitate connections to companies and opportunities. As long as I know, I can help. Let's take advantage of technology to help each other out and get through these tough times. My LinkedIn profile can be accessed below... Thanks ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Wierd Acrobat issue
+1 and/or use a postscript driver if available From: Steve Ens [mailto:stevey...@gmail.com] Sent: Wednesday, November 18, 2009 7:49 AM To: NT System Admin Issues Subject: Re: Wierd Acrobat issue Yes, almost always print as image. Will cause you less grief. Adobe products don't play well with most print drivers. On Wed, Nov 18, 2009 at 9:46 AM, Maglinger, Paul pmaglin...@scvl.commailto:pmaglin...@scvl.com wrote: Do you have the option to print text as graphics? From: Scott Schneider [mailto:sschnei...@inscapesolutions.commailto:sschnei...@inscapesolutions.com] Sent: Wednesday, November 18, 2009 9:37 AM To: NT System Admin Issues Subject: RE: Wierd Acrobat issue We have had similar issues with a older model Kyocera. We had to update the printer drivers to resolve it. From: John Aldrich [mailto:jaldr...@blueridgecarpet.commailto:jaldr...@blueridgecarpet.com] Sent: November-18-09 10:25 AM To: NT System Admin Issues Subject: Wierd Acrobat issue I have a user who was trying to print to a Lexmark laser printer from Adobe Acrobat (not acrobat reader, Acrobat Standard.) It gummed up his printer and caused it to refuse to print until it was power-cycled. Printing from Adobe Reader is just fine. Anyone know what the deal may be and how to fix it? Acrobat is 8.1 Standard. Adobe Reader 8.1 works fine as previously mentioned. Thanks! [cid:image001.jpg@01CA6829.E5C3E950][cid:image002@01ca6829.e5c3e950] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
