RE: New Attack Cracks WPA in a Minute
So the exploit is WPA using TKIP, it doesn't matter if you are using PSK or Radius on the backend, so don't waste your time rolling out a new service for home (unless you totally want to J ) Switch over to AES encryption with WPA and until that becomes flavor of the day, you should be fine. IIRC the details of this exploit were based on short and easy keys so consider longer keys or phrases (since they are most likely saved in your wifi profile anyway.) That being said, a dd-wrt compatible AP is the best way to go. Run WPA2 and utilize some of the other fun stuff like VPN J -troy From: Lee Douglas [mailto:lee.doug...@gmail.com] Sent: Friday, August 28, 2009 7:40 AM To: NT System Admin Issues Subject: Re: New Attack Cracks WPA in a Minute My home network is on an old D-Link DIR-635 (latest firmware but it hit end of life in 2007!) which only supports WPA personal and WPA Enterprise - but it only supports WPA Enterprise via a Radius Server. It's fast enough and works fine so i'm reluctant to trash it unless I have to. I have Windows Home Server, and several XP Pro computers. My question - should I set up a radius server - does a radius server and WPA Enterprise offer enough additional protection to be worth the hassle of setting up a Radius Server - on my Windows Home Server box or go out an buy a newer router? If a newer router, any recommendations? TIA! On Fri, Aug 28, 2009 at 9:09 AM, Sam Cayze sam.ca...@rollouts.com wrote: http://tech.yahoo.com/news/pcworld/20090827/tc_pcworld/newattackcracksco mmonwifiencryptioninaminute Summary: Use WPA2 and AES. Get off WPA and TKIP if you are still using them. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: OT: SharePoint design
You make a good point Shook, but one real neat feature that is often overlooked in MOSS is the ability to crawl/index file shares. So you can use Sharepoint to compliment you file servers. When you have tons of documents in different spots a custom search page can be a huge tool to finding your items no matter if they exist on a site or a share. -troy From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Thursday, August 27, 2009 10:44 AM To: NT System Admin Issues Subject: RE: OT: SharePoint design OK. Sharepoint is IIS on steroids with everything stored in a SQL backend. Keep that framework in mind as you design and also accept that you will _NEVER_ get rid of email as file transport. EVER. Shook From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Thursday, August 27, 2009 1:39 PM To: NT System Admin Issues Subject: RE: OT: SharePoint design I am fine with public discussion, so here is where I am starting from. Currently we have multiple sites, each with at least one file server. Each file server is home for user profiles and a large number of shares. Users share documents across sites and across VPN from these shares. Obviously it is a nightmare with locked files, deleted files, permissions, and bandwidth. Bandwidth is 45mpbs Internet (VPN) and sites range from 12mpbs to 6mpbs (MPLS). My Exchange store is nearing 300GB. My goal as stated before it to eliminate Outlook as file transport and also make it easier for users to share files from their pages. What I need to understand better is where the files will be stored in SP and if it would make sense to have only one main SP server (probably a cluster). At this point, it seems one would be the best option with a large storage array. I would like to hear about implementations some of you have running now and how you might do it differently, or if you are happy with how it is working as you designed. Thanks to all! From: paul chinnery [mailto:pdw1...@hotmail.com] Sent: Thursday, August 27, 2009 1:30 PM To: NT System Admin Issues Subject: RE: OT: SharePoint design +1 Subject: RE: OT: SharePoint design Date: Thu, 27 Aug 2009 13:20:27 -0400 From: scaes...@caesare.com To: ntsysadmin@lyris.sunbelt-software.com I'd like to see the discussion here, rather than by offline phone call... we are wading in to SharePoint as well and would like to hear any tips and/or war stories. -sc From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Thursday, August 27, 2009 12:36 PM To: NT System Admin Issues Subject: Re: OT: SharePoint design Before you get started make a decision on which one you will use, Sharepoint Services or Sharepoint server. It will make a difference with the design and what you can do later. Jon On Thu, Aug 27, 2009 at 12:15 PM, Bob Fronk b...@btrfronk.com wrote: I am heading into a SharePoint rollout to help with our file share nightmare and Outlook as a file transport problems. Data is at multiple sites. If any SharePoint experts out there would be able to discuss this with me via email or phone call, please contact me off list at: bfr...@davishelliot.com Thanks. Bob Hotmail(r) is up to 70% faster. Now good news travels really fast. Try it now. http://windowslive.com/online/hotmail?ocid=PID23391::T:WLMTAGL:ON:WL:en -US:WM_HYGN_faster:082009 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Paging the scripting Guru's - mass shortcut properties rename???
Gavin, Depending on your skillset, this is fairly easy to do in powershell. The article here presents most of the important points http://www.microsoft.com/technet/scriptcenter/resources/qanda/nov08/hey1 103.mspx Basically you are getting a list of files, traversing them and if they are a .lnk you change the targerpath. Something like this: $filelist = get-childitem c:\linkdir\* -include *.lnk -recurse $shortmaker = new-object -comobject wscript.shell Foreach ($linkfile in $filelist) { $scut = $shortmaker.createshortcut($linkfile) #creates the shortcut object $filebreakdown = $scut.targetpath.split(\) #gives you each folder in the target path $n = $filebreakdown.length #how many levels of folders in path $t = 3 #miss the first two spaces and old servername to prepare new path $newlocation = \\newservername While ($t -le $n) { $newlocation = $newlocation + \ + $filebreakdown($t) ; $t++ } $scut.targetpath = $newlocation $scut.save() } I haven't tested this so YMMV. You might want to add some logging to an additional file(what you change, how many changes, etc). But it's a good start. Happy sysadmins day. -troy From: Gavin Wilby [mailto:gavin.wi...@gmail.com] Sent: Friday, July 31, 2009 1:50 AM To: NT System Admin Issues Subject: Paging the scripting Guru's - mass shortcut properties rename??? Hi, I'm on a site that uses a Document Management system that was recently (not by me) moved to a different server. There are thousands of files that live in a repository: \\server01\documents\clients\ file:///\\server01\documents\clients\ * Unfortunately, what we have now found is that the users use shortcuts inside this structure to point to other parts of the repository, these obviously reference the old server, that no longer exists. I thought of removing the DNS name of the old server and using a cname to redirect it, but that's a bit of a cludge IMO. Can I go to the root of the store, and get a script to look at all the shortcuts and change the path from say: \\server01\documents\clients\document.doc file:///\\server01\documents\clients\document.doc to \\server02\documents\clients\document.doc file:///\\server02\documents\clients\document.doc This needs to be done with no danger to the containers or the folders within... Any ideas? -- Gavin Wilby, Twitter: http://twitter.com/gavin_wilby GSXR Blog: http://www.stoof.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Is there a SharePoint Expert that can help me out? 2.0 - 3.0 PROBLEMS
No kidding! In defense of Sharepoint though, many times these sites are setup by consultants or employees that leave with no transfer of administration or knowledge. The time you hear about Sharepoint pain is when they then start looking at upgrading to the next version. Make that a little harder by changing a lot of how things function and are managed in the new version and OUCH OUCH OUCH. And its not necessarily just that product, any service that is specialized where lots of people use it but d�t understand the backend could have the same results. Imagine if you had never seen an exchange server before and suddenly you are assigned to upgrade from 5.5 to 2007 (ugh). Anyway, Brian makes a good point, Premier support IS nice (I do miss TAM SPAM). But the fact that standard call back support fixed a fairly complex issue remotely in ~4 hours leads me to believe those folks have their schnicken together as well. -troy -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, July 31, 2009 10:32 AM To: NT System Admin Issues Subject: Re: Is there a SharePoint Expert that can help me out? 2.0 - 3.0 PROBLEMS Just how much does a premier contract cost? When you are a manufacturing company of less than 300 people, I doubt you can afford it. So far all this discussion does is warn me to stay away from SharePoint. Kurt On Fri, Jul 31, 2009 at 07:24, Brian Desmondbr...@briandesmond.com wrote: A lot of this is also a function of the fact that you get totally different support if yore calling on a pro case (when you call and put it on a credit card) versus a premier contract. Premiere support comes with SLAs, a TAM to complain to, etc. The pro cases folks are outsourced and come with none of that. You get what you pay for essential� Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 From: Rob Bonfiglio [mailto:robbonfig...@gmail.com] Sent: Friday, July 31, 2009 9:03 AM To: NT System Admin Issues Subject: Re: Is there a SharePoint Expert that can help me out? 2.0 - 3.0 PROBLEMS I had a call once that last for about 12 hours...but that was mostly b/c the SharePoint engineer didn't seem to know much about SQL...after about 10-11 hours of working he got a SQL engineer on the phone and it was fixed pretty quickly. On Fri, Jul 31, 2009 at 9:42 AM, Carol Fee c...@massbar.org wrote: +1 on that��� You really did get luck�� PSS for SharePoint and MOSS is not spiffy. CFee From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, July 30, 2009 8:05 PM To: NT System Admin Issues Subject: RE: Is there a SharePoint Expert that can help me out? 2.0 - 3.0 PROBLEMS Four hours is nothing ;-) �ve had PSS calls open for weeks with SharePoint. Had another SharePoint + DPM issue that went all the way back to the PGs to have them figure out which of the two products (or how they were interacting) was breaking DPM. I think that was 6 weeks all up. Cheers Ken From: Marty Nelson [mailto:mnel...@transdyn.com] Sent: Friday, 31 July 2009 1:03 AM To: NT System Admin Issues Subject: RE: Is there a SharePoint Expert that can help me out? 2.0 - 3.0 PROBLEMS I ended up on the phone with MS for four hours so something went really wrong and thank god they knew where to fix it! Thanks again for the suggestions. -Marty From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Wednesday, July 29, 2009 6:20 PM To: NT System Admin Issues Subject: RE: Is there a SharePoint Expert that can help me out? 2.0 - 3.0 PROBLEMS The Configuration Database is an SQL Server (or MSDE) database somewhere. Is usually called SharePoint_Config (for MOSS at least). So, you have to have SQL Server or MSDE somewhere, and it needs to be hosting this database. You can run the SharePoint Technologies Configuration Wizard to reconnect to the database, but you obviously need to know what your SQL Server name/instance is... Cheers Ken From: Marty Nelson [mailto:mnel...@transdyn.com] Sent: Thursday, 30 July 2009 3:49 AM To: NT System Admin Issues Subject: RE: Is there a SharePoint Expert that can help me out? 2.0 - 3.0 PROBLEMS Sorry, a little more info.�� This is running on a W2K3 SP@ machine with IE7. Now it���s degraded to the point to where I cannot even connect to the central management pag�� SaysCannot connect to the configuration database Now when I set this up originally YEARS ago, I accepted all of the defaults and now have no idea where the data reside�� I have ~* very lightly used SharePoint sites, none of which are available at the moment. This database error is a new phenomenon since I last posted Thanks, -Marty From: Marty Nelson [mailto:mnel...@transdyn.com] Sent: Wednesday, July 29, 2009 10:20 AM To: NT System Admin Issues Subject: Is there a SharePoint Expert that can help me
RE: WOW64
John, What is failing? Why do you think it isn���t working? I bet you have a c:\program files (x86) folder I bet you have a c:\windows\syswow64 folder Both are culprits of WOW64 -tm From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, July 30, 2009 8:20 AM To: NT System Admin Issues Subject: Re: WOW64 Anyway I can check if it's enabled? __ John Bowles 301.473.2260 On Jul 30, 2009, at 11:15 AM, Brian Desmond br...@briandesmond.com wrote: Is enabled out of the bo Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ http://www.briandesmond.com/ad4/ Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian https://mvp.support.microsoft.com/profile/Brian From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, July 30, 2009 9:59 AM To: NT System Admin Issues Subject: WOW64 How in the world do I enable WOW64 on a WIndows 2008 SP2 server? Thanks, _ John Bowles ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: WOW64
Just for the sake of paranoia, you could always download a 32bit portable app to a thumb drive and run that to verify http://portableapps.com/ I am guessing your application manufacturer put that check in their documentation, when really it i�t necessary. -troy From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, July 30, 2009 8:34 AM To: NT System Admin Issues Subject: RE: WOW64 I'm not having any issues per say.. Just wondering if it's enabled. Installing an application that requires that to be enabled. _ John Bowles From: Troy Meyer [tme...@uoregon.edu] Sent: Thursday, July 30, 2009 11:25 AM To: NT System Admin Issues Subject: RE: WOW64 John, What is failing? Why do you think itt working? I bet you have a c:\program files (x86) folder I bet you have a c:\windows\syswow64 folder Both are culprits of WOW64 -tm From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, July 30, 2009 8:20 AM To: NT System Admin Issues Subject: Re: WOW64 Anyway I can check if it's enabled? __ John Bowles 301.473.2260 On Jul 30, 2009, at 11:15 AM, Brian Desmond br...@briandesmond.com wrote: Is enabled out of the bo Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 Active Directory, 4th Ed - http://www.briandesmond.com/ad4/ http://www.briandesmond.com/ad4/ Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian https://mvp.support.microsoft.com/profile/Brian From: John Bowles [mailto:john.bow...@wlkmmas.org] Sent: Thursday, July 30, 2009 9:59 AM To: NT System Admin Issues Subject: WOW64 How in the world do I enable WOW64 on a WIndows 2008 SP2 server? Thanks, _ John Bowles ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: OTish: Got me a new toy
Wow a bar-code scanner for organizing your book and movie collections? ***Kurt climbs to top of nerd pyle*** I wonder other handy things that guy could be used for. -troy -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, July 30, 2009 1:38 PM To: NT System Admin Issues Subject: OTish: Got me a new toy I'm a book freak, and have a few movies as well. I just got some help organizing it all: http://www.microvision.com/store/ROV-Scanner-p-1.html It only comes with a serial cable, so I got this to go with it: http://www.microvision.com/store/Docking-Station-USB-p-4.html $215, with shipping and tax. Slicker than Vaseline on a door knob, my friends. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Windows 7 RTM
Let me guess, you heard this from the team blog? http://windowsteamblog.com/blogs/windows7/archive/2009/07/21/when-will-y ou-get-windows-7-rtm.aspx b/c that is probably the authoritative source as of now. -troy From: Brian Clark [mailto:brianclark2...@googlemail.com] Sent: Wednesday, July 22, 2009 10:42 AM To: NT System Admin Issues Subject: Windows 7 RTM I have heard it will be available for Volume licensing Customers on the 7th August and technet subscribers on the 6th can anyone confirm this? Regards -- Brian Clark ICT Network Services Ltd br...@ictnetworkservices.co.uk Tel: 01892 800104 Fax: 01892 800105 Mobile: 07736050043 The information in this e-mail and any file transmitted with it is confidential, may be legally privileged and is intended solely for the addressee(s). If you are not the intended addressee, any disclosure, copying, retention, modification or distribution by you is prohibited and may be unlawful: please accept our apologies, delete it immediately and notify the originator. Any views or opinions expressed may be those of the author and do not necessarily represent those of ICT Network Services Ltd. Although this email has been checked for viruses, ICT Network Services Ltd cannot accept liability for any resulting loss or damage. ICT Network Services Ltd. Registered Company Number: 5810121.VAT Number: 901 2432 77 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Port 443 Question
Seems to be topic of the day. Your risk is that you now have 443 open to the internet, pure and simple. Is that good/bad/ugly, that is for you to decide. It is my personal opinion that the server holding my mailbox databases is the holy grail. If that goes down for some reason every single user with mail on that server notices. And as such, I try to minimize risks that can take down entire mb server. When you bring up a FE or CAS you separate your holy grail from the internet and try to minimize the risk. If some attack on 443 (say a modified DDOS that your machine doesn't know how to deal with) takes down a FE server you have limited functionality for phones and owa, if that were a mailbox server, you might have a whole office of people unable to utilize any exchange functionality. As previously stated by Carl, people understand the need for a BES server, they should also understand the need for a FE for activesync. It is the right way to do it. Have a good weekend -troy From: Weatherford, Chad [mailto:cweatherf...@scvl.com] Sent: Friday, July 17, 2009 12:21 PM To: NT System Admin Issues Subject: Port 443 Question If port 443 were opened up to our internal exchange server so iPhone's could send and receive email (testing phase; we do not have a front end OWA server or ISA server yet) what kind of risks are we opening ourselves up to? Thanks! Chad ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Scriptable SFTP client for Windows
Oooh wait you mean server side support. But of course they added client support for ftps too right? -troy -Original Message- From: Michael B. Smith [mailto:mich...@owa.smithcons.com] Sent: Thursday, July 16, 2009 9:32 AM To: NT System Admin Issues Subject: RE: Scriptable SFTP client for Windows didn't windows 2008/iis 7 add native support for sftp? (goes away and googles) Oh. It's FTPS not SFTP. Never mind... From: Don Kuhlman [drkuhl...@yahoo.com] Sent: Thursday, July 16, 2009 11:22 AM To: NT System Admin Issues Subject: Re: Scriptable SFTP client for Windows We use putty for a lot of our scripting needs: http://www.chiark.greenend.org.uk/~sgtatham/putty/ Don K - Original Message From: Richard Stovall richard.stov...@researchdata.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thursday, July 16, 2009 9:49:46 AM Subject: Scriptable SFTP client for Windows Does anyone have a recommendation for a scriptable app that does SFTP (SSH) under Windows? By scriptable I mean something I can call from a batch file kicked off by a scheduled task. Thanks, RS ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Security by obscurity?
Next to make sure your company site doesn't get hacked change it from www.nwea.org to phh.nwea.org Super secure. While extra steps to provide security are ok, if the benefit they provide doesn't exceed the cost (help desk, etc) seems like from the business side it isn't worth it. I personally wouldn't advocate the change solely on that obscurity as a reason. -troy From: David Lum [mailto:david@nwea.org] Sent: Thursday, July 16, 2009 1:42 PM To: NT System Admin Issues Subject: Security by obscurity? I am having a discussion with some of my fellow SE's, they think having OWA's address be hostname.domain.com/exchange instead of mail.companyname.com for security by obscurity reasons. I think it's more overhead/help tickets than it worth. Comments? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: For those that use multipathing solutions with your servers NON Paged memory pool leak
WOW Thanks for the post Ed. In a previous life I spent hours troubleshooting this issue and never came to this conclusion. I have forwarded your links on to the guys that are at my old gig and I am sure they will appreciate it. -troy From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Tuesday, June 30, 2009 4:34 AM To: NT System Admin Issues Subject: For those that use multipathing solutions with your servers NON Paged memory pool leak All, http://seer.entsupport.symantec.com/docs/317378.htm http://blogs.technet.com/andym/archive/2008/12/04/powerpath-5-2-and-mpio -causing-npp-leak.aspx The culprit in EMC land is the 5.2 and 5.2 SP1 PowerPath Drivers ( MPIO.sys of 1.22.3790.2358) and the EMCMPIO.sys of 5.2.1.6 (5.2 SP1) The fix: Move up to EMC multipath drivers Version 5.3 which will load Microsoft's MPIO.sys updated to 1.23.3790.2451 which seems for the time being to address the Non-Page Memory Pool leak, this was driving one of my Exchange 2003 SP2 2-node clusters insane over the last few months, it was discovered if the NON-Paged Memory counter you see on the Task manager gets about 106-108MB for a X86 32bit system, the http service for the Exchange Cluster will fail, and cause the Exchange group to fail because the resource is marked to affect the group. HTH with some folks out there, Z Edward Ziots Network Engineer Lifespan Organization MCSE,MCSA,MCP+I, ME, CCA, Security +, Network + ezi...@lifespan.org Phone:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: connect TV to internet?
Check out the new Sony Bravias. They natively run a slimmed down version of the PS3 GUI interface and have native youtube and simple web services direct to the tv (weird seeing a tv with an Ethernet jack). -troy From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Monday, June 29, 2009 12:17 PM To: NT System Admin Issues Subject: OT: connect TV to internet? Hi Folks, We have a number of large conference rooms here that have dedicated wall-mounts TVs, DVD players, and PCs. We have a few small conference rooms and I'd like to be able to provide Internet connectivity in a similar manner. There are a number of Internet-based training videos that staff would use, but I hate to provide a dedicated PC/receiver system for small rooms. Wireless preferred, since I don't have data drops in these small rooms but do have wireless around our site. Suggestions? Thanks, Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Script wireless settngs
Couple different choices: 1) GPO - have/do use this method. Super easy, applies to XP and Vista 2) Script via Netsh - haven't used this method, but appears easy. Requires Vista http://www.windowsnetworking.com/kbase/WindowsTips/WindowsVista/AdminTip s/Networking/UsingNetshtoManageWirelessConnections.html If you create a post sysprep script using netsh I would be curious to see the final product. -troy From: Jimmy Tran [mailto:jt...@teachtci.com] Sent: Monday, June 22, 2009 6:09 PM To: NT System Admin Issues Subject: Script wireless settngs Does anyone know if it is possible to create a script that will run once after sysprep is complete to configure wireless settings? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Mandatory profiles?
It's a setting in the GPO. It simply adds permissions, it wont remove existing permissions if the folder exists. Haven't looked to see if it doesn't affect parent permissions that apply to child objects when the folder doesn't exist initially, but I would assume it doesn't. May have to test that one (our provisioning creates the user folder(s) so I have not run into it yet). -troy From: Owens, Michael [mailto:michael.ow...@dys.ohio.gov] Sent: Wednesday, June 17, 2009 9:11 AM To: NT System Admin Issues Subject: RE: Mandatory profiles? When you say exclusive do you mean full control, or are they the only ones that have access? From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, June 17, 2009 10:50 AM To: NT System Admin Issues Subject: Re: Mandatory profiles? Are your profile areas set to give the user exclusive access? I found problems with GPO application from 2008 AD till I overrode that setting 2009/6/17 Owens, Michael michael.ow...@dys.ohio.gov Actually no one from XP will be logging on to it, only Server 2008. I just tried the XP because I was out of ideas. I took what I learned from you guys, applied it, and now the profiles are working flawlessly. But here is what is wierd. If the profile takes, the group policies do not apply. If I remove the users access to the profile (something I would thinl would be completely unrelated to GPO) the group policy doesnt apply? I've tinkered with it for the last few days and can't put my finger on it. Also, in the v2 profile there is no ntuser.dat? there is an ntuser.dat.log. is this correct? From: Kelsey, John [mailto:jckel...@drmc.org] Sent: Monday, June 15, 2009 1:28 PM To: NT System Admin Issues Subject: RE: Mandatory profiles? Vista profiles are stored in a completely different folder structure than XP. If you need to use the same profile on both XP and Vista, the 'recommended' way is with folder redirection in a GPO. Here is a good link. http://technet.microsoft.com/en-us/library/cc766489.aspx *** John C. Kelsey DuBois Regional Medical Center (: 814.375.3073 *: jckel...@drmc.org mailto:jckel...@drmc.org *** -Original Message- From: Owens, Michael [mailto:michael.ow...@dys.ohio.gov] Sent: Monday, June 15, 2009 12:46 To: NT System Admin Issues Subject: RE: Mandatory profiles? I see. We are having an issue where event viewer says that it cannot gain access to the profiles, but it works on an XP machine and I can navigate to it. Very strange. From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Monday, June 15, 2009 12:30 PM To: NT System Admin Issues Subject: RE: Mandatory profiles? We have had issues with roaming profiles, but it was due to lack of understanding (on my part) about changes in roaming profiles and redirection in Vista. - Bob Fronk P Please print only as needed. From: Owens, Michael [mailto:michael.ow...@dys.ohio.gov] Sent: Monday, June 15, 2009 11:11 AM To: NT System Admin Issues Subject: Mandatory profiles? Has anyone had any problem with mandatory profiles in vista, or server 2008? This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised Code. This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised Code. This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised Code. This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised
RE: User Folders - Server 2008 best practices
Agreed. Although I prefer your solution, the given solution is functional and can be setup to work correctly (though as stated ...nightmare for specific items). What are the feelings about this from management? Is there someone inside high up that wants this to happen, because there will be some pain (albeit moderate) and that needs to be directed at leaders, not IT. If not... maybe not a good gig? -troy From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Wednesday, June 17, 2009 5:08 PM To: NT System Admin Issues Subject: Re: User Folders - Server 2008 best practices Don't mean to sound flippant, but if you're brought in to clean up, then clean up. Maximize availability of services, explain and plan downtime to minimize impact on the business, but ultimately, you're brought in to cleanup. If you don't have enough flexibility to clean up a mess, then you need to consider walking away. On Wed, Jun 17, 2009 at 3:13 PM, aci tkcont...@yahoo.com wrote: TIA for any and all replies to this inquiry... I am coming in to clean up previous tech's migration/setup of a 2003 to 2008 windows domain. The existing network shares and user folders are a complete mess whereby everything is currently in one directory \\servername\netshare\*.* which is of course mapped at the root as a network drive accessible to all users on the domain. This includes a dozen security groups, SQL data, application directories and shared user folders. Typically when I am setting things up from scratch I put user data, database data and shared folders in completely different directories secured with share and NTFS permissions, mapping drives only to specific folders based upon need to access policies. In this case, with everything already set up, and several things difficult (not impossible) to move, I would like recommendations on best practices that I could apply to this situation 1. User's files (not to be saved to local workstation) a. manually map persistent U:\ drive to manually created shared users directory (70 users) b. designated home directories in account properties\profile tab and add to logon script c. my doc's redirection to server \\servername\department\username (folder not shared) d. combination of some of the above 2. I know this is classic reverse darwinism, but My advisers see nothing wrong with mapping to the root of the netshare directory as long as permissions are set to deny/grant access as needed to folders and files. Of course, administering this is a permissions auditors nightmare, and I would rather do this on a mapped drive via group membership GPO's... thoughts on best way for me to make the recommendation [that it is always better to go with what your IT group advises given that is what you are paying them to do...] I mean that it is worth the effort to consolidate folders, create, test and assign GPO based mappings? All recommendations are highly appreciated. Thanks! Aci ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SAS5/iR multiple raid question
Ken is right this should totally work from the Perc Bios, but I would be surprised if you couldn't do this from the SA tool as well. Have you looked at the Dell site to make sure you are using the current version of the SA tool? Seems like open manage updates come out every 15 minutes, and that is always the Dell first response to a support call. -troy -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Friday, June 05, 2009 1:33 AM To: NT System Admin Issues Subject: RE: SAS5/iR multiple raid question I'm pretty sure it supports multiple RAID1 arrays. But I recall creating them in the RAID controller BIOS... Cheers Ken From: Oliver Marshall [oliver.marsh...@g2support.com] Sent: Friday, 5 June 2009 6:25 PM To: NT System Admin Issues Subject: SAS5/iR multiple raid question Hi chaps, Anyone know if a Dell SAS 5/iR card support multiple raid 1 arrays? The reason I ask is that we've just put in a couple more SAS drives in to our Dell 1900 server and can't find an option to create a new raid1 array anywhere in the Server Management app. The drives show up and look fine, but there isn't a 'create new virtual disk' option anywhere in the Storage node like I remember there being. Does the SAS 5/iR only support one Raid1 or am I being dim (mer) ? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: My OS is better than your OS
Why wait for 7? Turn off autoruns in group policy XP: Computer Policy\Computer Configuration\Administrative Templates\System Vista: Local Computer Policy\Computer Configuration\Administrative Templates\Windows Components\AutoPlay Policies -troy From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Friday, June 05, 2009 4:59 AM To: NT System Admin Issues Subject: Re: My OS is better than your OS I hope it does but I missed the Security presentation held locally last night as part of the Tiki Hut Tour by Microsoft. I did get to hear part of the BitLocker, BitLocker-to-go, and AppLocker presentations but not enough to help me. I will be playing with the RC shortly so I hope to tell you later. Jon On Fri, Jun 5, 2009 at 7:46 AM, John Hornbuckle john.hornbuc...@taylor.k12.fl.us wrote: Did I read somewhere that Win7 disables autorun for removable storage? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us -Original Message- From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Friday, June 05, 2009 7:25 AM To: NT System Admin Issues Subject: RE: My OS is better than your OS Indeed. I liked the toss some old USB flash drives around the parking lot with autorun.inf files on them and your malware of choice, and watch users plug their new find in to their machine... -sc -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Friday, June 05, 2009 1:26 AM To: NT System Admin Issues Subject: Re: My OS is better than your OS I'm not convinced it's one that can be fixed. There will always be gullible users vulnerable to social engineering, no matter how much the non-gullible types try to educate them. Ken Schaefer wrote: b) (a) notwithstanding, the biggest problem at the moment is PEBKAC, and that's a platform agnostic problem. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vista Backup
I cheat and use what I am familiar with: http://www.petri.co.il/installing_windows_xp_ntbackup_on_windows_vista.htm -troy -Original Message- From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Friday, March 13, 2009 2:56 PM To: NT System Admin Issues Subject: Vista Backup I helped a person purchase a Thinkpad SL500 after her el-cheapo HP tossed its bits. This brought up the question of backing her stuff up, so trying to offer her the easiest advice I could think of, mentioned the built in backup Vista has. I copied over roughly 4.5g of stuff from the old hard drive, so I know there isn't that much stuff on it. I showed her how it worked and we attempted Files backup while at my desk, but after 20 minutes of that, I had other things to do. I just canceled it, told her it probably wouldn't take much longer overall and she could do it at home. Well, she tried. After 7 hours or so it's still going on one DVD. I didn't see TONS of complaining online about the speed of Vista's backup, but there isn't exactly a lot to configure here. Is this other peoples experience? -- Mike Gill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Userenv errors
Craig, Assuming these are XP workstations, what is the output from running gpresult from the command line? Are they finding the domain controller and the correct GPs? Seeing as you have it on several machines, I would look at the DCs and run DCdiag to make sure things look good from the top. -troy -Original Message- From: Craig Gauss [mailto:gau...@rhahealthcare.org] Sent: Thursday, March 12, 2009 5:45 AM To: NT System Admin Issues Subject: Userenv errors I have been searching Google for the past few days and havent really found a good solution. Wondering if anyone on the list has ever had issues like this. We have a large amount of workstations with the following error: Windows cannot access the file gpt.ini for GPO The file must be present at the location . (). Group Policy processing aborted. Any ideas? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DNS
Do you need external ip addresses in DNS at all? If not, don't have those adapters automatically update DNS and remove the entries from your DNS server. I generally don't like the idea of multi-homed servers if possible and would rather have a nice switch do the work for me. You might consider that to save some headaches. -troy -Original Message- From: Cameron Cooper [mailto:ccoo...@aurico.com] Sent: Wednesday, March 11, 2009 11:01 AM To: NT System Admin Issues Subject: DNS Would like some help in resolving this... we have two different sites, our main office and our datacenter. We currently have a leased Point-2-Point T1 running from the datacenter to our main office. There is a DNS and DC at each of the sites, and the DC at our main office holds all of the FSMO roles. The DC and all other servers at the datacenter have two different NICs in them and two different subnets... ie 11.x and 10.x The DC at our main office has two NICS, one enabled and the other disabled. The DC at the datacenter has DNS setup on both NICs. When we try to resolve the IP of the DC at the datacenter from the DC at our main office, the IP that shows up is the external IP and not the internal IP. Which in turn is causing FRS and replication issues between the two sites. I'm trying to find a way to only show the internal IPs, of our datacenter, in DNS at our main office. Both DCs are Windows Server 2003 R2. The one at the datacenter is also our Exchange server (I know, you shouldn't run exchange on a DC) and is 32bit. The DC at our main site is 64bit. ___ Cameron Cooper IT Director - CompTIA A+ Certified Aurico Reports, Inc Phone: 847-890-4021Fax: 847-255-1896 ccoo...@aurico.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Wireless access for visitors
Ever consider an aircard router, something like this: http://www.evdoinfo.com/content/view/2455/64/ We have the older version that take the PC-cards from either Verizon or Sprint and it works like a charm. Vistors can cable in or use the wifi from the router and they never smell our local network. -troy -Original Message- From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Saturday, March 07, 2009 6:00 AM To: NT System Admin Issues Subject: Wireless access for visitors Hi Folks: I'm looking for a basic wireless device that can provide secure connections for internal users (via key or some sort of authentication) but also provide a hotel-style access for our visitors. I just need two, one for each of our large conference rooms in one of our buildings. I picked up a Belkin wireless device and it is supposed to do that. However the management interface is very weak, and the hotel-syle really isn't, since those users can still access internal resources once they enter the assigned password. We are a 3COM shop and I'm sure 3COM has something (that isn't cheap). Recommendations? Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Best way to print all AD Users (SOX req)
If your audience is anything like the ones I have to report to you will be better served piping that to dsget to remove DNs. Something like: Dsquery user * -limit 0 | dsget user -fn -ln -email reporty.txt -troy -Original Message- From: Scott Kaufman at HQ [mailto:skauf...@ittesi.com] Sent: Monday, March 09, 2009 10:54 AM To: NT System Admin Issues Subject: RE: Best way to print all AD Users (SOX req) Dsquery user -limit 0 myuserlist.txt Will just dump the DN's of all user accounts. But just wait, they'll keep asking for more user information Scott Kaufman Lead Network Analyst ITT ESI, Inc. From: Marty Nelson [mailto:mnel...@transdyn.com] Sent: Monday, March 09, 2009 1:51 PM To: NT System Admin Issues Subject: Best way to print all AD Users (SOX req) Happy Monday all. Quick question, what's the best way to get a list of all of my AD users? It's one of the many SOX requirements that are being asked for, and it's getting old taking screen shots! Thanks, -Marty ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Best way to print all AD Users (SOX req) - Software Package?
Because SOX reporting is VERY subjective to the person/firm that reviews/audits your company, what they are looking for can be moderately/greatly different for your specific circumstance. We script most of our audits and populate results into SharePoint for record keeping and reporting. It isn't a quick and easy app you can buy, but its super customizable and when external auditors change their mind about how nitty gritty they want to be (happens almost every year in either direction of how fine of data they want) you can easily complete the task. Can't say I am going to miss SOX audits. They failed to improve either accountability or transparency IMO. -troy -Original Message- From: Marty Nelson [mailto:mnel...@transdyn.com] Sent: Monday, March 09, 2009 11:08 AM To: NT System Admin Issues Subject: RE: Best way to print all AD Users (SOX req) - Software Package? No worries, I was able to deduce! Thanks all for the tips. Let me ask this, is there a package out there that anyone recommends picking up that puts all of these SOX type of reporting utilities into a nice GUI package? Thanks, -Marty From: MarvinC [mailto:marv...@gmail.com] Sent: Monday, March 09, 2009 11:00 AM To: NT System Admin Issues Subject: Re: Best way to print all AD Users (SOX req) Looks like I blundered and mispelt ADFind. sowry.. On Mon, Mar 9, 2009 at 1:58 PM, MarvinC marv...@gmail.com wrote: Yep! or AFDind.exe which can be downloaded from Joeware: C:\Temp\adfind -b dc=YOURDOMAIN,dc=local -f objectcategory=person -csv -nodn title sAMAccountName givenName initials sn mail title physicalDeliveryOfficeName employeeNumber department departmentNumber streetAddress l st postalCode telephoneNumber mobile manager description C:\Temp\ http://mail.google.com/mail/ aduserdump.csv They're never satisfied, them SOX'ys. They keep coming back for more, AND MORE... gl On Mon, Mar 9, 2009 at 1:53 PM, Phil Brutsche p...@optimumdata.com wrote: dsquery command line utility with output to CSV for easy input into Excel? Marty Nelson wrote: Happy Monday all. Quick question, what's the best way to get a list of all of my AD users? It's one of the many SOX requirements that are being asked for, and it's getting old taking screen shots! Thanks, -Marty -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Locating and listing event IDs
I agree with Michael's response based on usefulness, but depending on your scripting ability, you can do something like this in Powershell or VB. This sounds very similar to a custom report for an SMTP connector I wrote a while back; it looks for a single instance (user sending/receiving) and then tabulates data for that user. I imagine the same logic would apply to what you are trying to do with event logs. Basically you create a custom object that includes all the information you want along with an index number attribute and for each item you process you search the custom object list and return the index if it exists or null if it doesn't. Then you either add the data to the existing object at the returned index or create a new object. Good luck, I am curious if you are using this simply for audits or for actual routine log analysis. -troy -Original Message- From: MarvinC [mailto:marv...@gmail.com] Sent: Friday, March 06, 2009 6:45 AM To: NT System Admin Issues Subject: Locating and listing event IDs Anyone have a script or method for listing event IDs? With any server you're gonna have a slew of events well what I want to do is list the single instance of each event. So lets say I have 400 warning for event ID: 9646, several for event ID: 333, 50 for event ID: 1023. Well I would want to grab the following: Type Date Time Source Category Event User Computer Error 1/1/2009 12:00 Crypt32 None 8 N/A Server1 Error 2/1/2008 1:00 EXCDO General8199N/A Server2 So instead of seeing multiple instances of the alerts I only see the single instance. Any responses appreciated. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: File server question
+1 Our file servers have greatly increased performance from RAM increases (backend is gig EMC FC SAN with SAS disks). We do have a large number of folks who open files directly from the server though, so it really depends on your situation and what your performance goals are. -troy -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Friday, March 06, 2009 7:26 AM To: NT System Admin Issues Subject: RE: File server question My experience watching performance with PSS on our file servers was that ram helped when the disk subsystem was overwhelmed. That being said, make sure if you're not using generic 7500k SATA's or don't expect 15k SAS performance, by any means:) jlc -Original Message- From: Eric Brouwer [mailto:er...@forestpost.com] Sent: Friday, March 06, 2009 8:09 AM To: NT System Admin Issues Subject: File server question Good morning, We're looking at implementing a new file server at work. It will store a healthy amount of data (6-8 TB). Our editors will work on projects locally, and backup their projects nightly to the file server via a Robocopy routine. Only changed files will be copied across the network. We have four editors, and a gigabit network. How important will the processor and memory be in this situation? I assume our biggest bottlenecks will be the SATA controllers and network speed. Am I correct? Thank you, Eric Brouwer IT Manager www.forestpost.com er...@forestpost.com 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Antivirus
In the process of upgrading from Symantec Antivirus Corporate 10 to Symantec Endpoint Protection (the new name). I dislike the new console and management and I dislike the way the product is put together. (my biggest rant, their documentation uses the word 'DOMAIN' throughout referring to both AD domains and Symantec protection domains. Worst name choice ever for them) The new client is not any faster from my tests and if you don't know what you are doing you get a heuristic scanner and NAP client installed at the same time (which I do notice significant performance decreases from). I am neither PRO or CON Symantec, but I do have an expectation that when a company has been building this stuff for a such a long time that newer version shouldn't be c...@ppier than the last. Based on our current financial circumstances there is no other option for us. I personally agree with a comment made recently regarding the hunger of smaller companies working to get into a larger market versus the complacency of larger companies maintaining market share. IMO try out Vipre before you discount it too much. -troy -Original Message- From: Evan Brastow [mailto:ebras...@automatedemblem.com] Sent: Friday, March 06, 2009 11:00 AM To: NT System Admin Issues Subject: Antivirus Okay, I don't mean to start a big debate... but I'm curious... I was reading Maximum PC magazine and their review of 10 antivirus products. Symantec Internet Security 2009 came out on top because of its scanning speed and small size (two things I do not associate with Symantec) as well as ESET Smart Security for many of the same reasons. Granted, these are reviews based on home use... not corporate use with central distribution and tracking of clients. I've been using Trend Micro OfficeScan for antivirus for years, but sometimes I like to look over the side of the fence to see if the neighbors have anything better. I know this list is sponsored by the manufacturer of VIPRE, but I'm going to stick with more mature products for now while VIPRE ages. I also know the Symantec bashing that goes on on the list (I have contributed to it!), but I'm intrigued by something that is small and fast and might be ready to try. Anyone have any thoughts, particularly on Symantec's current corporate antivirus stuff? Thanks, Evan ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Offline patching Vista / Microsoft Update Catalog searching
Ben, Have you looked at this project? http://www.heise.de/ct/projekte/offlineupdate/download_uk.shtml We have used this for remote systems with no network access with good success. I can't vouch for the scriptability (its used so sparingly that we use the GUI), but from the interface I am betting you can automate a lot of the process. -troy -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, March 05, 2009 4:04 PM To: NT System Admin Issues Subject: Offline patching Vista / Microsoft Update Catalog searching Hi all, I'm working on getting our first stand-alone Vista computers set up. By stand-alone, I mean these computers are not and cannot be connected to *ANY* network -- including the Internet. No Ethernet, no modem, no nuttin'. The only way files get to these computers is by sneakernet -- carried on removable media like diskettes or CDs. I'm looking for a way to easily obtain the various Microsoft critical/security updates for Vista. Then I can burn them to a CD for installation on these PCs. Keeping these sorts of computers current with all patches is a new requirement for us, so I've got nothing in place for this. On the corporate network, I use WSUS 2.0, but that doesn't help for this. The MS Office site at least gives you a way to drill down to this stuff. I was hoping I could go to the Microsoft Update Catalog http://catalog.update.microsoft.com/ and get a list of the needed updates. I could then download them all, and script something to install them. But I'm not having much luck searching the catalog. I'd like it to show me all post-SP1 critical and security updates for i386 (x86-32). That doesn't seem to be possible. The search syntax appears to be fixed at a boolean AND of all search terms, with no NOT operator or anything. :-( I also couldn't find a way to select just i386. All my searches are finding hundreds and hundreds of matches. The Microsoft Download site appears equally ineffective. I can't easily find a way to specify post-SP1 updates, or i386. Even selecting the Security Updates category seems to find stuff that's not really a security update. If a payware product is the only way to do this, I can go that route, but it has to support offline usage as described above. Suggestions welcomed! advTHANKSance -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: OT - Reduction in hours, forced to use PTO
Hey Scott, Interest timing, we just got layoff notices this morning. We had a similar situation last December and they made us use vacation for days off and once vacation was used up it was without pay. I don't know the legality, but it was explained to me as reducing their vacation pay liability while also ramping down production. That isn't super helpful, but just to let you know other companies are doing it as well (Oregon, NYSE). Anybody know of a good gig on the West Coast? -troy -Original Message- From: Scott Williamson [mailto:scottwilliamson...@yahoo.com] Sent: Monday, March 02, 2009 10:12 AM To: NT System Admin Issues Subject: OT - Reduction in hours, forced to use PTO Our hours have been reduced from 40 hours a week to 32 hours a week. The office will now be closed on Fridays. My question, can the company force employees to take paid time off to for the Fridays closed. The company memo states that employees will still incur paid time off at regular rates, but those with enough time must use a paid time off day for the Fridays the company is not working. Can a company force an employee to use a paid time off day? In California if that helps. Thanks Scott ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Help Desk Software
Just a followup, MSFT released a free call center and help desk template for WSS/MOSS. We don't use it, but it wouldn't be a bad way to get a free ticketing and knowledge base system setup. Google fab 40 templates -troy -Original Message- From: Cameron Cooper [mailto:ccoo...@aurico.com] Sent: Thursday, February 26, 2009 8:52 AM To: NT System Admin Issues Subject: RE: Help Desk Software Have thought about setting up a sharepoint site that users can go to for the common issues that they would be able to resolve before calling me. The best is when you ask if the user has restarted their computer and they go off on why you need to stop asking them if they have or not. ___ Cameron Cooper IT Director - CompTIA A+ Certified Aurico Reports, Inc Phone: 847-890-4021Fax: 847-255-1896 ccoo...@aurico.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Another screen sharing gizmo (free) from Microsoft SharedView
ME2, Totally agree, all that stupid encapsulation c...@p for work purposes. We all know what HTTP was intended for: http://www.cnet.com/8301-18603_1-10170726-73.html -troy -Original Message- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Wednesday, February 25, 2009 6:43 AM To: NT System Admin Issues Subject: Re: Another screen sharing gizmo (free) from Microsoft SharedView True, but I just dont like seeing apps like this encapsulated through HTTP. Its not what it was intended for. They should at least have the decency to pick another port for this sort of thing. Plus, I had to come in a couple of hours early today, and I needed to complain about something. ;-) -- ME2 On Wed, Feb 25, 2009 at 8:47 AM, Michael B. Smith mich...@theessentialexchange.com wrote: Well, encapsulated connections are here to stay. I agree that they should be encrypted. It's not exactly as if it is a Microsoft specific thing. SSL VPNs, ssh tunneling - lots of examples in the OSS world too. -Original Message- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Wednesday, February 25, 2009 8:38 AM To: NT System Admin Issues Subject: Re: Another screen sharing gizmo (free) from Microsoft SharedView Decisions, decisions! :-) -- ME2 On Wed, Feb 25, 2009 at 8:19 AM, Michael B. Smith mich...@theessentialexchange.com wrote: Are you saying that encapsulated communications are bad? Or that unencrypted encapsulated communications are bad? -Original Message- From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Wednesday, February 25, 2009 8:14 AM To: NT System Admin Issues Subject: Re: Another screen sharing gizmo (free) from Microsoft SharedView Good to see Microsoft still supports bitching things through port 80. Way to go - not. -- ME2 On Tue, Feb 24, 2009 at 4:49 PM, Alverson, Tom (Xetron) tom.alver...@ngc.com wrote: Similar but different. Netmeeting is point to point. SharedView appears to communicate through Microsoft servers on ports 80 and 443 so firewalls should not be a problem. In netmeeting you have an optional ILS server which is basically just a list of names and IP addresses. Sharedview requires you to login to a passport type of login and then you can easily send an email to the other end which has a URL with the session name and password embedded (they just need to click the link and you need to accept). Tom -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, February 24, 2009 4:19 PM To: NT System Admin Issues Subject: Re: Another screen sharing gizmo (free) from Microsoft SharedView On Tue, Feb 24, 2009 at 4:10 PM, Alverson, Tom (Xetron) tom.alver...@ngc.com wrote: http://en.wikipedia.org/wiki/Microsoft_SharedView Sounds like NetMeeting all over again. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Supporting former employer
My first response is like Sean's but it's a small world and like people to think nice things about me, so I probably give them one for free. After its working, I email the solution to the dt support guy along with CCing my previous manager and let them know that in the future I will be happy to contract with them for support. -troy -Original Message- From: Chris Blair [mailto:chris_bl...@identisys.com] Sent: Monday, February 23, 2009 9:19 AM To: NT System Admin Issues Subject: Supporting former employer I changed jobs last December and left on good terms with everyone. I gave my 2-week notice, worked long hours to train the desktop support person so he could take over my duties. Well I got a call from them today that the network is down. I know what the issue is and I even trained the desktop person on how to fix it before I left (and numerous times before that). So how would you handle the situation? Would you take the time to fix it by walking the desktop person through it over the phone? Would you offer up your services as a consultant? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SECURING WIFI ROUTER
Murray, Another thing to check perhaps would be cached connections in your wireless settings. Something isn't kosher though, I have both XP sp3 and Vista sp1 mobiles that connect to my WPA2 network (dd-wrt on a Linksys 54GL) using default windows wifi management and have never seen that message. BTW, Your 11 digit password is a PSK, that is the alternative to using certificates for encryption with WPA2. http://en.wikipedia.org/wiki/Pre-shared_key -troy -Original Message- From: Murray Freeman [mailto:mfree...@alanet.org] Sent: Thursday, February 19, 2009 1:26 PM To: NT System Admin Issues Subject: RE: SECURING WIFI ROUTER Thanks to everyone for your comments. I am using WPA2 and I do have my SSID broadcast turned off. This is a home network. On any given evening, I can see anywhere from 5 to 9 wifi signals of neighbors routers, and I figure that anyone looking to hack into a wifi won't waste their time looking beyond my neighbors routers. I have an 11 digit password, but I am not using PSK. I suspect I can change that this evening. But the point of my question is why am I getting the baloon with the message that my network is unsecured? Is that an error or is it correct. when i view the other wifi's in range of me, I'm always connected to my network, and all but one of the wifi's that I see are secured with WPA2, WPA or WEP. The one unsecured wifi that I see regularly is a very weak signal, and I've tried to connect, and can never do it. So, it's obvious that I'm connecting ONLY to my network. It's just the message that I'm unsecured that concerns me. A couple of people who responded to my initial post indicated that they have seen the same message on their laptops, but apparently haven't done any further research. Murray From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Thursday, February 19, 2009 2:47 PM To: NT System Admin Issues Subject: RE: SECURING WIFI ROUTER No no no. Those recommendations should be dismissed, they are so yesterday's idea of security. For anyone who really wants to get in, working around MAC filtering and non-broadcast SID's is a piece of cake. Secure the router or access point with WPA2 and a strong PSK if you can't do 802.1x authentication. When properly secured, it doesn't matter if you're visible or whether your MAC is allowed or not. Further reading: http://blogs.zdnet.com/Ou/index.php?p=43 http://blogs.zdnet.com/Ou/?p=454 http://www.icsalabs.com/icsa/docs/html/communities/WLAN/wp_ssid_hiding.pdf Carl From: Lee Douglas [mailto:lee.doug...@gmail.com] Sent: Thursday, February 19, 2009 3:14 PM To: NT System Admin Issues Subject: Re: SECURING WIFI ROUTER In terms of securing, I've seen recommendations to NOT have the router broadcast its SID as well as using MAC filtering. I'm sure all can likely be circumvented, but they just add extra layers and make your neighbors that much more attractive.. On Thu, Feb 19, 2009 at 3:02 PM, Webb, Brian (Corp) brian.w...@teldta.com wrote: I've seen the same message as well with an HP laptop going to a D-Link WIFI using WPA. The message seems to indicate that you are connected to unsecured network, but I've always been connected to my secured network when I've checked. -Brian -Original Message- From: Andy Ognenoff [mailto:andyognen...@gmail.com] Sent: Thursday, February 19, 2009 1:57 PM To: NT System Admin Issues Subject: RE: SECURING WIFI ROUTER I've seen that happen too, with the plain old Windows wireless client. WPA2 in my instance, as well. I never did figure out what the problem was but I stopped using WIFI a year ago and just wired my house with CAT5e. At the time it was a Linksys WRT54GL with DD-WRT and an Intel integrated wlan card in a ThinkPad T60. - Andy O. From: Sam Cayze [mailto:sam.ca...@rollouts.com] Sent: Thursday, February 19, 2009 1:40 PM To: NT System Admin Issues Subject: RE: SECURING WIFI ROUTER Mmm... this doesn't sound like a popup that I am familiar with Windows being capable of generating. It won't even pop up that message with a Wide Open wireless connection (No password needed). Could it be the security center letting you know that the firewall is off, windows update is off, or that virus defs are old? If not that, I suspect it's your AV telling you something, or spyware. From: Murray Freeman [mailto:mfree...@alanet.org] Sent: Thursday, February 19, 2009 1:33 PM To: NT System Admin Issues Subject: SECURING WIFI ROUTER I hope this is on topic. I have a Dell 700m laptop and a Netgear rangemax mimo G router. I'm using WPA2, but from time to time, a baloon pops up from the icon in the systray stating that my connection is unsecure. If I right click and select view wireless networks it indicates that my network is in fact secured with WPA2. Any ideas why I get the baloon, and is
RE: Win7 beta on IdeaPad
I believe Ken installed it on his dell mini from a posting on the list a month back or so. I have it on a fairly weak Precision M70 and it way out performs Vista on the same hardware. Another option: http://www.vlite.net/about.html -troy -Original Message- From: Michael B. Smith [mailto:mich...@theessentialexchange.com] Sent: Wednesday, February 18, 2009 1:01 PM To: NT System Admin Issues Subject: Win7 beta on IdeaPad Anyone tried installing Windows 7 beta on a netbook? I CAN'T go back to XP. It just feels old and clunky to me... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Dell Latitude E Series 1st Impression
Am I the only person reading these threads and thinking ... Bitlocker? -troy -Original Message- From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Wednesday, February 18, 2009 4:57 PM To: NT System Admin Issues Subject: RE: Dell Latitude E Series 1st Impression I'm considering just using the ATA password feature. I know it's not encryption, but it travels with the drive if removed. Does anyone know what some of the vendor policies are for getting the drive reset? Do you have to prove ownership? Are there known tools available that can crack this feature? -- Mike Gill From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Wednesday, February 18, 2009 11:10 AM To: NT System Admin Issues Subject: Re: Dell Latitude E Series 1st Impression I had some issues with the E-series and Whole Disk Encryption. Drive wouldn't encrypt unless a thumbdrive was installed, once the thumbdrive was installed you could manually encrypt, but if you ever inserted and then later ejected the thumbdrive you would blue screen Windows. Some threads on the PGP message boards suggested it was a driver issue, which I never did resolve (uninstalling the driver would not fix the problem). I suspected that the Control Point software was tied to the problem, too. Eventually I gave up and wiped, avoiding the driver and the Control Point software altogether, for expediency. Just a word of warning if you're using PGP WDE. On Tue, Feb 17, 2009 at 7:45 PM, Sam Cayze sam.ca...@rollouts.com wrote: E6500 here too, very impressed. Solid as a rock. Not too found of the new Dell Control Point software though... From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Tuesday, February 17, 2009 4:58 PM To: NT System Admin Issues Subject: RE: Dell Latitude E Series 1st Impression I just got my E6500, and I have to say so far I'm impressed. Its internal components are all accessible from the bottom and the magnesium chassis feels much stronger than the plastic ones. -- Mike Gill From: Jim Majorowicz [mailto:jmajorow...@gmail.com] Sent: Tuesday, February 17, 2009 2:37 PM To: NT System Admin Issues Subject: Dell Latitude E Series 1st Impression This is my first time really getting my hands on a Dell Latitude E4500 since Dell went away from the D series. (The ones we have sold in the last couple months have been installed by my lakey.) Is it me, or are these being made in the same factory as the Lenovo's? It looks to me like they could use the same docking station, batteries and other accessories. Is this by design and I totally missed that memo or what? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Times
Open source of course http://sourceforge.net/projects/goomediacenter/ -troy -Original Message- From: andy [mailto:afo...@psu.edu] Sent: Tuesday, February 17, 2009 5:29 AM To: NT System Admin Issues Subject: Re: Times cool, but how do I get them on my iTouch? At 09:51 PM 2/16/2009, Kurt Buff wrote: This looks more fun to me... http://www.thinkgeek.com/electronics/digital-conversion/a956/ http://www.thinkgeek.com/electronics/digital-conversion/a956/ On Mon, Feb 16, 2009 at 1:24 PM, Peter van Houten peter...@gmail.com wrote: So slay me for a few $$$ more: Option #1 (easy but boring): http://tinyurl.com/b5qty4 http://tinyurl.com/b5qty4 Option #2 (lots more funn): http://tinyurl.com/b2vym9 http://tinyurl.com/b2vym9 http://tinyurl.com/d2ft4d http://tinyurl.com/d2ft4d On Mon, Feb 16, 2009 at 2:13 PM, andyafo...@psu.edu wrote: how do you rip a VHS tape to DVD for under $20.00? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/%3E%A0 ~ Andy-Ofalt---863-3449--405-Ag-Admin-Bldg--for more information go to http://ict.cas.psu.edu/Contacts.html http://ict.cas.psu.edu/Contacts.html%A0 http://ict.cas.psu.edu/Contacts.html%A0 -- My little blurb to eat up bandwidth and make your mail box even larger +++ The real problem is that IP, a connectionless protocol, was never developed to be the universal protocol. ATM was developed to serve that purpose and failed. +++ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Windows 2003 wont boot up help!!!
Do you mean the service tag? Do you have powershell installed on any computers on your network? Gwmi -class win32computersystemproduct -computername DennisBox -troy -Original Message- From: Dennis Rogov [mailto:dennis_rogov2...@yahoo.com] Sent: Monday, February 16, 2009 11:39 AM To: NT System Admin Issues Subject: RE: Windows 2003 wont boot up help!!! I am going to give that a try.. I rather not wipe the box as their is important dev work on this drive... My other question does anyone know of a software that will allow me to see what this machine serial number. I cant seem to find a serial number anywhere? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Exchange 2007 Cert Requests and Win2008 CA's
I don't know that you can do it through the MMC, but you don't have to do it through the webpage. Try using certreq.exe http://technet.microsoft.com/en-us/library/cc736326.aspx I don't have a 2008 CA setup, but I assume it works similar to a 2003 ECA. -troy -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Friday, February 13, 2009 8:48 AM To: NT System Admin Issues Subject: Exchange 2007 Cert Requests and Win2008 CA's Is there any way to get the output from the cmdlet that generates the request to make it in a form usable for the MMC and not the online cert request? Thanks! jlc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: nslookup and ping disagree
When nslookup (your DNS server) disagrees with ping (your local box), it sounds like a host file configuration somewhere. Did you setup a static host entry for testing at one time and leave it on this one machine? -troy -Original Message- From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Thursday, February 12, 2009 4:11 PM To: NT System Admin Issues Subject: nslookup and ping disagree I have an odd problem with a Windows Vista client (2008 domain) that can't resolve a website properly. Pinging the site from other machines on the same network and outside of the network shows the website at the correct address. Running nslookup on the problem machine and any other machine on the network shows the correct address. But pinging the site, or browsing to the website on the problem machine shows the old address switched away from months ago. I've tried flushing the DNS, cleaning browser caches, creating new user profiles, etc. I've tried enabling only the DC as the name server with no secondary, then reflushing... I can't find where the old IP is being resolved from. When the site was first moved, we had this problem with just the wireless clients (which this is) but it cleared itself out in a couple days before I had a chance to really look into it. It appears there is one machine left still that can't get it right. ipconfig shows the same info as any other workstation wired or wireless. Any suggestions? -- Mike Gill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: UPS recommendations
+ 1 APC is nice, but isn't the bees knees. At my last job we ran some products from Server Tech (www.servertech.com) and I was really impressed. They seem to be the little guy in a big room and their service and expertise made the transaction real pleasant. In our case I miscounted and needed an additional L style cable that no one had locally, when I called to cry to our sales guy I got one shipped next day at no cost (on my mistake which I stated up front). Their customer philosophy is the exact opposite of APC. $0.02 -troy -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday, February 10, 2009 3:31 AM To: NT System Admin Issues Subject: RE: UPS recommendations For first line UPSes, just about every enterprise I've been at seems to use APC. Probably because of the centralised monitoring tools (though I think they are pretty craptastic, but at least they exist) Cheers Ken -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, 10 February 2009 3:57 PM To: NT System Admin Issues Subject: UPS recommendations Hi all, We had a power outage today. I looked over at the server rack just in time to see one of the UPSes light up like a Christmas tree, shriek like an injured parakeet, and then kill itself. (Admitted it was old, but a graceful failure this was not.) The servers with redundant supplies failed over to the other UPS, which promptly went into over-current alarm and dropped the load. Either said UPS's management software has been grossly misreporting its load, or two UPSes at 40% load doesn't include enough margin during transfer. Any which way you slice it, it's time to buy some new UPSes. I'm going to ask for two entirely new 1400 or 2200 VA units (existing were 1000 VA), although budget may be an issue. What do people like for UPSes, *and why*? I don't see much variation across manufactures in a given price band. At a given dollar amount, it seems I get roughly the same capacity, features, etc. I'm thinking differences in management software and quality of support don't show up in a spec sheet. Comments on that front are especially welcomed. In particular, I'm interested in how to manage a multiple-server, multiple-UPS scenario. Our two biggest servers have redundant supplies. I'd like to plug each supply into a different UPS. So each UPS will be powering multiple servers, and each server will be drawing power from multiple UPSes. I imagine that makes the management software configuration a bit trickier, specially since a lot of management packages used to assume one-UPS-per-server. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Cracking into MS SQL2005
Not a sql guy, but here is google hit #2. http://www.mssqlcity.com/FAQ/Admin/forgot_sa_password.htm -Original Message- From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Tuesday, February 10, 2009 1:21 PM To: NT System Admin Issues Subject: Cracking into MS SQL2005 Greetings! As a part of a system, a MS SQL-2005 server was set up. Now it seems the guy who installed it ran away with the password for the SA account. Another person from that company set up another SQL admin account (said SA couldn't be re-set). However, when I try to open the Management Studio, I get this Error 233: A connection was successfully established with the server, but then an error occurred during the login process. (provider: Shared Memory Provider, error: 0 - No process is on the other end of the pipe.)(Microsoft SQL Server, Error: 233) So, does this mean the account created is not a DBA on this system (it is a local admin), or that only sa has access to the Managemen Suite, or that something is broken and the account ought to be able to open the management suite, or (To aggrivate things, none of us here are MS-SQL folks. Plenty of IBM DB2, MySQL, etc, but no MS-SQL.) -- Richard McClary, Systems Administrator ASPCA Knowledge Management 1717 S Philo Rd, Ste 36, Urbana, IL 61802 217-337-9761 http://www.aspca.org ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Cell phone questions
Hey Joe, We support a slew of phones on Verizon and Sprint, here are the ones I am experienced with: XV6900: users hate it because of the lack of keyboard and we get reports of sluggish performance Palm Centro: quick and compact, does run activesync even though it isn't WM (still no office apps). Moto Q9c: users like this one, it's the closest form factor to the BB and it is MUCH improved from the original XV6800: I have the Sprint version of this phone (mogul) and find it acceptable, but can get sluggish at times I tend to question folks and ask how much time they spend talking on the phone. If they are sales peeps or are using the phone a ton I recommend configurations with actual phone keys (like the Q9c or a SAGA) rather than screen keys. Folks like me that use their phones more like mini computers are less likely to have issues with a touch screen. Its sad, but the BB phones are generally a lot more responsive than the WM phones (no touch pros here, so they may be better). I wish a manufacturer would come out with a WM phone that had better hardware and better performance, even if it was slightly more expensive (Toshiba, we are waiting on that new one...) Good luck -troy -Original Message- From: Joe Heaton [mailto:jhea...@etp.ca.gov] Sent: Monday, February 09, 2009 9:42 AM To: NT System Admin Issues Subject: Cell phone questions Anyone using the XV6900? If so, how do you like the keyboard options? We're looking for replacement phones, and I need some experienced advice. We are under contract with Verizon, so our choices are limited to what they offer. We've been using the Treo700wx, but we've been told that it is now obsolete and not offered. The following are our choices: XV6900 Samsung i760 HTC Touch Pro XV6800 - I'm leaning towards this one, but I fear it will be unavailable soon... Palm Centro - I'm not looking at this very seriously, as it doesn't come with WM6, or Mobile Office apps Motorola Q9c - I've heard bad reviews of this one, don't know if they've fixed the issues or not. Samsung Saga i770 Samsung Omnia We could also go Blackberry, but we don't really want to, as that would add additional management overhead for us, with needing to get BES, etc. Any personal experiences/recommendations would be greatly appreciated. Thanks, Joe Heaton AISA Employment Training Panel 1100 J Street, 4th Floor Sacramento, CA 95814 (916) 327-5276 jhea...@etp.ca.gov ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: WSUS In a child Domain
What does the local administrators group contain on the child WSUS server? -troy -Original Message- From: Jeremy Anderson [mailto:jer...@mapiadmin.net] Sent: Friday, February 06, 2009 8:41 AM To: NT System Admin Issues Subject: WSUS In a child Domain I am trying to manager my Child domain WSUS server from the parent domain. I am logging in to my workstation as an Enterprise admin ( I know - don't yell at me about Security) and my user account is in the WSUS Admins group. The WSUS admin security group only exist in the parent domain, not the child domain. The Child domain WSUS server is a downstream server to the Parent domain WSUS server and it is syncing properly. Whan I try to add the child domain WSUS server to the WSUS Console, (By using the FQDN) I recieve the error : Cannot connect to Server.FQDN.local. You do not have premission required to access thiss WSUS Server. To Connect to the server you must be a member of the WSUS Administrators or WSUS Reporters Security Groups I am a member of thoes groups in the parent domain, and thoes groups dont exist in the child domain. What am I missing here? TIA Jeremy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: WSUS In a child Domain
Those groups that its requiring membership in are local groups on the child server. Add your parent domain admin group to that local group and you shouldn't have any issues adding it to the console. -troy -Original Message- From: Jeremy Anderson [mailto:jer...@mapiadmin.net] Sent: Friday, February 06, 2009 10:21 AM To: NT System Admin Issues Subject: RE: WSUS In a child Domain Local Admins Groups has localPC\Administrator and ChildDomain\domain Admins -Original Message- From: Troy Meyer [mailto:troy.me...@monacocoach.com] Sent: Friday, February 06, 2009 8:49 AM To: NT System Admin Issues Subject: RE: WSUS In a child Domain What does the local administrators group contain on the child WSUS server? -troy -Original Message- From: Jeremy Anderson [mailto:jer...@mapiadmin.net] Sent: Friday, February 06, 2009 8:41 AM To: NT System Admin Issues Subject: WSUS In a child Domain I am trying to manager my Child domain WSUS server from the parent domain. I am logging in to my workstation as an Enterprise admin ( I know - don't yell at me about Security) and my user account is in the WSUS Admins group. The WSUS admin security group only exist in the parent domain, not the child domain. The Child domain WSUS server is a downstream server to the Parent domain WSUS server and it is syncing properly. Whan I try to add the child domain WSUS server to the WSUS Console, (By using the FQDN) I recieve the error : Cannot connect to Server.FQDN.local. You do not have premission required to access thiss WSUS Server. To Connect to the server you must be a member of the WSUS Administrators or WSUS Reporters Security Groups I am a member of thoes groups in the parent domain, and thoes groups dont exist in the child domain. What am I missing here? TIA Jeremy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SUSPECT: RE: MCSE question
You're traveling through another dimension -- a dimension not only of sight and sound but of mind. A journey into a wondrous land whose boundaries are that of imagination. That's a signpost up ahead: your next stop: the fail train AND the thread that wont die. Seriously, what happened to Friday funny? -troy -Original Message- From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Friday, February 06, 2009 1:21 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question Beer = men Shook From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Friday, February 06, 2009 4:15 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question TVK is always down for free beer.. Z Edward E. Ziots Network Engineer Lifespan Organization Email: ezi...@lifespan.org Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Friday, February 06, 2009 4:13 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question I'm there...As long as you're buying Sherry. J From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Friday, February 06, 2009 3:09 PM To: NT System Admin Issues Subject: Re: SUSPECT: RE: MCSE question Sheesh, sounds like somebody needs to find a happy hour pub and go there now.. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SUSPECT: RE: MCSE question
Ok to those of you that don't follow the links from Wserver news http://www.flixxy.com/cars-and-drivers.htm btw Stu, really like the live.sunbeltsoftware.com setup. Really good idea. -troy -Original Message- From: Troy Meyer [mailto:troy.me...@monacocoach.com] Sent: Friday, February 06, 2009 1:54 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question You're traveling through another dimension -- a dimension not only of sight and sound but of mind. A journey into a wondrous land whose boundaries are that of imagination. That's a signpost up ahead: your next stop: the fail train AND the thread that wont die. Seriously, what happened to Friday funny? -troy -Original Message- From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Friday, February 06, 2009 1:21 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question Beer = men Shook From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Friday, February 06, 2009 4:15 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question TVK is always down for free beer.. Z Edward E. Ziots Network Engineer Lifespan Organization Email: ezi...@lifespan.org Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Friday, February 06, 2009 4:13 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question I'm there...As long as you're buying Sherry. J From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Friday, February 06, 2009 3:09 PM To: NT System Admin Issues Subject: Re: SUSPECT: RE: MCSE question Sheesh, sounds like somebody needs to find a happy hour pub and go there now.. -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Scripting: How to tell if login was cached or domain?
Pretty sure kerbtray cant be scripted since its interactive from the desktop. Try using WMI and the Win32_LogonSession class. It looks like there is a logontype property that will give you that info. http://msdn.microsoft.com/en-us/library/aa394189(VS.85).aspx -troy -Original Message- From: Devin Meade [mailto:devin.me...@gmail.com] Sent: Thursday, February 05, 2009 10:26 AM To: NT System Admin Issues Subject: Re: Scripting: How to tell if login was cached or domain? kerbtray - I don't know if it can be scripted. hth Devin On Thu, Feb 5, 2009 at 11:04 AM, Stephen Wimberly riverside...@gmail.com wrote: I have a script that I want to run, but only when the user login was cached. Is there a way to tell whether the current user login was cached or verified by a domain controller? I _thought_ I'd use the %logonserver% variable, but apparently it shows the domain controller that last authenticated the user even when the current login was cached. Most scripts I've seen ping a server that is only available on the LAN and look for the reply. In this case though I don't care if they are on LAN or not, I care if they are cached or not. I found a script that looks through the event log for Last cache login and displays the date/time, but it doesn't effectively tell me what my current login is. Anyone know a way to tell? I know the XP firewall has settings for a domain profile, is it using a domain profile for all cached logins? Thanks In Advance for pointers! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Bluescreen Issue
What are you network connections labeled? Local Area 57 and 58 ? Could you have removed cards/connections that have the same IP address making it tank? You wanna borrow my NE2000 ISA adapter. It has the BNCs AND TP. -troy -Original Message- From: Martin Blackstone [mailto:mblackst...@gmail.com] Sent: Thursday, February 05, 2009 11:05 AM To: NT System Admin Issues Subject: RE: Bluescreen Issue Did that From: Sean Rector [mailto:sean.rec...@vaopera.org] Sent: Thursday, February 05, 2009 10:53 AM To: NT System Admin Issues Subject: RE: Bluescreen Issue Your drivers are probably corrupted. Download them on another workstation and sneakernet them to this server. Sean Rector, MCSE From: Martin Blackstone [mailto:mblackst...@gmail.com] Sent: Thursday, February 05, 2009 1:49 PM To: NT System Admin Issues Subject: Bluescreen Issue I have an older Dell 1650 in my lab that has Intel XT cards in it. Whenever it connects to a network, it will blue screen. If I boot it connected it will blue screen on preparing network connections. If I boot without network and then plug in it will blue screen. This is using static of DHCP. I'm sort of at a loss here. I'm pretty close to flattening it, but thought I would toss this out and see if anyone has an idea. Information Technology Manager Virginia Opera Association E-Mail: sean.rec...@vaopera.org mailto:sean.rec...@vaopera.org Phone:(757) 213-4548 (direct line) {+} 2008-2009 Season: Tosca http://www.vaopera.org/tosca | The Barber of Seville http://www.vaopera.org/barber Recently Announced: Virginia Opera's 35th Anniversary Season 2009-2010 http://www.vaopera.org/upcoming Visit us online at www.vaopera.org http://www.vaopera.org or call 1-866-OPERA-VA This e-mail and any attached files are confidential and intended solely for the intended recipient(s). Unless otherwise specified, persons unnamed as recipients may not read, distribute, copy or alter this e-mail. Any views or opinions expressed in this e-mail belong to the author and may not necessarily represent those of Virginia Opera. Although precautions have been taken to ensure no viruses are present, Virginia Opera cannot accept responsibility for any loss or damage that may arise from the use of this e-mail or attachments. {*} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SUSPECT: RE: MCSE question
Seriously though... Did you ask any questions in the interview? It's always nice to see the bi-annual rant about certs here but how about some accountability to hiring managers? If you are hiring someone shouldn't you ask questions like: Please give us an example from your experience where you worked with multiple sites and subnets Tell us about your experience with environments that had 5000 users Tell us about a moderately complex exchange script you have written My favorite question to ask a potential employee is tell me about the coolest IT thing you have done recently or more professionally tell me about an IT achievement you are most proud of. That answer generally tells me what type of person I am talking to. -troy -Original Message- From: Jacob [mailto:ja...@excaliburfilms.com] Sent: Thursday, February 05, 2009 2:45 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question We hired an MCSE who did not know how to create a shortcut on a desktop. Not kidding. Really.. not kidding. He lasted about one week. From: Garcia-Moran, Carlos [mailto:cgarciamo...@spragueenergy.com] Sent: Thursday, February 05, 2009 1:42 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question For the most part I'm a firm believer that Certs and Test's are no longer what they used to be. I've been doing IT for around 15+ years, I had an MCP, never bothered to make it into an MCSE. It wasn't worth it to me. I wouldn't have learned nothing taking a class that I didn't learn from mentors / peers / my own research and reading. Requiring an MCSE for a position is a joke, would you pay the person more? Salaries rarely ever go up it you take Certs. Let me tell you a quick story about certs I was working for a company once and I was the supervisor of a 5 person desktop IT team. They decided to hire a more senior guy once one of my team members left, I wasn't involved in the process except for giving my bosses needs /wants for the position. Well they hired an MCSE guy that had more certs that I could shake a stick at. Well after about two months of working together and him consistently failing to do simple things, like If 4 of us could print and he couldn't he would start taking the printer network device apart since that had to be the problem. I sat down and drilled him about his skills , prior to his hiring he was a carpenter but decided to switch jobs he did a 6 month tech stint a small company as desktop support and then took a Boot camp MCSE, which was the major factor in the hiring process that my bosses used. He was USELESS! From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, February 05, 2009 4:29 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question Someone who knows what they're doing should be able to demonstrate that they can do that without an MCSE. I know a bunch of REALLY good Windows people who have no MS certs and never will. Likewise, someone who knows pretty much nothing but is good at taking tests can be an MCSE without much trouble. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 From: Dennis Rogov [mailto:dennis_rogov2...@yahoo.com] Sent: Thursday, February 05, 2009 3:25 PM To: NT System Admin Issues Subject: Re: SUSPECT: RE: MCSE question i think it really depands on your IT department and the task that you handle. I strongly belive that for someone who has been in IT and works with Windows platform should have an MCSE. When i look to hire engineers to my team for mid and senior admin position i require MCSE. As far as other vendor certs in my eyes VCP and CCA are something that each mid and senior level engineer should posses. But once again it depands on your infastructure as there is no sense to have a CCA if you dont run citrix... As the senior egineer and network manager i am investigating Project manager certification let faceit most task you do in windows is a project and requires involment multiple departments. From: Ziots, Edward ezi...@lifespan.org To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thursday, February 5, 2009 3:57:54 PM Subject: RE: SUSPECT: RE: MCSE question Point taken, Just too burnt out trying to be everyones go-to guy, so might be time for a change... Z Edward E. Ziots Network Engineer Lifespan Organization Email: ezi...@lifespan.org Phone: 401-639-3505 MCSE, MCP+I, ME, CCA, Security +, Network + From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Thursday, February 05, 2009 3:54 PM To: NT System Admin Issues Subject: SUSPECT: RE: MCSE question For those into security ISC is great. For those of us who are not security folks, it is of little to no value. Some of us like being Sys Admins. J From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, February
RE: SUSPECT: RE: MCSE question
As long as you can create a shortcut on the desktop -Original Message- From: David McSpadden [mailto:dav...@imcu.org] Sent: Thursday, February 05, 2009 3:03 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question IT achievement: I was almost able to completely document our Business Recovery process for the Mortgage server but the hard drives failed and I had to start over :-) I wouldn't be a good candidate for your company I am sorry I have wasted both of our time... -Original Message- From: Troy Meyer [mailto:troy.me...@monacocoach.com] Sent: Thursday, February 05, 2009 5:59 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question Seriously though... Did you ask any questions in the interview? It's always nice to see the bi-annual rant about certs here but how about some accountability to hiring managers? If you are hiring someone shouldn't you ask questions like: Please give us an example from your experience where you worked with multiple sites and subnets Tell us about your experience with environments that had 5000 users Tell us about a moderately complex exchange script you have written My favorite question to ask a potential employee is tell me about the coolest IT thing you have done recently or more professionally tell me about an IT achievement you are most proud of. That answer generally tells me what type of person I am talking to. -troy -Original Message- From: Jacob [mailto:ja...@excaliburfilms.com] Sent: Thursday, February 05, 2009 2:45 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question We hired an MCSE who did not know how to create a shortcut on a desktop. Not kidding. Really.. not kidding. He lasted about one week. From: Garcia-Moran, Carlos [mailto:cgarciamo...@spragueenergy.com] Sent: Thursday, February 05, 2009 1:42 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question For the most part I'm a firm believer that Certs and Test's are no longer what they used to be. I've been doing IT for around 15+ years, I had an MCP, never bothered to make it into an MCSE. It wasn't worth it to me. I wouldn't have learned nothing taking a class that I didn't learn from mentors / peers / my own research and reading. Requiring an MCSE for a position is a joke, would you pay the person more? Salaries rarely ever go up it you take Certs. Let me tell you a quick story about certs I was working for a company once and I was the supervisor of a 5 person desktop IT team. They decided to hire a more senior guy once one of my team members left, I wasn't involved in the process except for giving my bosses needs /wants for the position. Well they hired an MCSE guy that had more certs that I could shake a stick at. Well after about two months of working together and him consistently failing to do simple things, like If 4 of us could print and he couldn't he would start taking the printer network device apart since that had to be the problem. I sat down and drilled him about his skills , prior to his hiring he was a carpenter but decided to switch jobs he did a 6 month tech stint a small company as desktop support and then took a Boot camp MCSE, which was the major factor in the hiring process that my bosses used. He was USELESS! From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, February 05, 2009 4:29 PM To: NT System Admin Issues Subject: RE: SUSPECT: RE: MCSE question Someone who knows what they're doing should be able to demonstrate that they can do that without an MCSE. I know a bunch of REALLY good Windows people who have no MS certs and never will. Likewise, someone who knows pretty much nothing but is good at taking tests can be an MCSE without much trouble. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 From: Dennis Rogov [mailto:dennis_rogov2...@yahoo.com] Sent: Thursday, February 05, 2009 3:25 PM To: NT System Admin Issues Subject: Re: SUSPECT: RE: MCSE question i think it really depands on your IT department and the task that you handle. I strongly belive that for someone who has been in IT and works with Windows platform should have an MCSE. When i look to hire engineers to my team for mid and senior admin position i require MCSE. As far as other vendor certs in my eyes VCP and CCA are something that each mid and senior level engineer should posses. But once again it depands on your infastructure as there is no sense to have a CCA if you dont run citrix... As the senior egineer and network manager i am investigating Project manager certification let faceit most task you do in windows is a project and requires involment multiple departments. From: Ziots, Edward ezi...@lifespan.org To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thursday, February 5, 2009 3:57:54 PM Subject: RE: SUSPECT: RE: MCSE question Point taken, Just too
RE: Stolen PC
Last week, a technician noticed that the receiver was missing from a room. In its place was a cardboard box, covered with blue construction paper, with Front Row written on it with a Sharpie. We're not sure how long ago it happened; the teacher(s) in the room never noticed. ..hilarious! No matter how p*ssed you are at the loss, that one is funny. -troy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sharepoint list
We upgraded late last year from 3 departmental sharepoint sites (one SPS 3, one WSS 2.0, and one WSS 2.0 w/project) to a single unified MOSS farm. The new version works so much nicer, much easier to configure and administer. For those of you migrating large environments or looking for the easy route, I REALLY like the software from Avepoint. I cant speak to their DR or auditing software, but their migration software worked like a champ.(install a client and verify DB perms and you are good to go. No prescan, no upgrading WSS 2.0 (or earlier) installs, few issues with even custom items.) Not only was it cheap, but when I exceeded my licensed amount of migration data I called them up and rather than hard sell me additional licenses, they reset my existing license amount so I could finish my migration for free. end sales pitch That being said, no I don't know of any good lists for sharepoint administration, but the team blog is usually pretty good reading http://blogs.msdn.com/sharepoint/default.aspx -troy -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Friday, January 23, 2009 7:56 AM To: NT System Admin Issues Subject: RE: Sharepoint list I haven't found any SharePoint resources that are anywhere close to the equivalent of this list. Are there many on THIS list that use SharePoint? We do here and are in the process of moving from SharePoint 2.0 to MOSS2K7. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Kevin Lundy [mailto:klu...@gmail.com] Sent: Friday, January 23, 2009 6:10 AM To: NT System Admin Issues Subject: Re: Sharepoint list There are 2 on Yahoo. Not high volume. http://tech.groups.yahoo.com/group/sharepointdiscussions/ http://tech.groups.yahoo.com/group/sharepoint/ Only ones I know of. On Fri, Jan 23, 2009 at 5:28 AM, Oliver Marshall oliver.marsh...@g2support.com wrote: Anyone know of a good Sharepoint list at all ? Olly -- G2 Support Online Backups Email: oliver.marsh...@g2support.com Web:http://www.g2support.com http://www.g2support.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: To server core or not to server core...
Do you have another W2K8 system or a Vista system to manage your server core? If I couldn't run Hyper-V manager from my Vista laptop, I probably would want to be able to TS into the W2K8 box to see it. -troy -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Wednesday, January 21, 2009 7:02 AM To: NT System Admin Issues Subject: To server core or not to server core... Customer bought a new Dell PowerEdge, and it came with 2008 Server w/ Hyper-V. The plan is to virtualize (P2V) their SBS 2003 Server onto this box. I installed System Center Virtual Machine Manager and did a test VM of a couple machines and it was fast (2K3 R2 Server with 9GB), easy, and everything was easier than I had expected. I'm ready for the final preparations for production and my question is this: The OEM install is full Server 2008 - should I blow away this install and go to Server Core, install Hyper-V and re-load everything from scratch, or am I not really going to gain much benefit (I'm thinking reduction of surface area/attach as much as anything) vs the current base 2K8 install? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Training -- Where do you go?
+1 We use multiple MS Partners and its amazing how some places do certain subjects better. I would also recommend contacting a rep from the training provider and asking about the qualifications and experience that the instructor has with the product. I took a troubleshooting Exchange 2007 class once from an instructor who obviously had never used the product IRL. Later when I accessed the training company's website they had resumes for all instructors, showing that this guy consulted on Exchange 2000 and 2003 only. (SA credits well spent) YMMV -troy -Original Message- From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Tuesday, January 20, 2009 11:15 AM To: NT System Admin Issues Subject: RE: Training -- Where do you go? In my opinion, your best bet is to get to know the people at your local training centers and base your decision on that. Global Knowledge might be great by you but awful by me, simply because of the caliber of trainers in our areas. This also allows you to find out who is best at which products. (Someone who could really help you with Server 2008 AD may not be the best choice for learning about SharePoint.) We use New Horizons and a couple of other local Microsoft training partners in Tulsa, but GK doesn't have an office here, so they aren't a real option for us. Every training center has its own strengths and weaknesses. TVK -Original Message- From: Jon D [mailto:rekcahp...@gmail.com] Sent: Tuesday, January 20, 2009 12:17 PM To: NT System Admin Issues Subject: Training -- Where do you go? For the last several years I've been going to Global Knowledge for my IT training. I'm wondering where everyone else goes? If there is anywhere better or not. Thanks in advance . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Schedule Job with AT
Don't sweat it, MSFT has already done the code for you. http://msdn.microsoft.com/en-us/library/aa394601(VS.85).aspx -troy -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Friday, January 16, 2009 11:17 AM To: NT System Admin Issues Subject: RE: Schedule Job with AT Thought of that, and seeing as its actually a VB script its doable. I think Win32_ScheduledJob Class has an applicable input form, now I just have to write the VB code to get the time, and add 1 minute. then execute the statement. I don't use VB enough, so this should take all day J jlc From: David L Herrick [mailto:davidherr...@nincal.com] Sent: Friday, January 16, 2009 12:10 PM To: NT System Admin Issues Subject: RE: Schedule Job with AT Can't your script get current time, add 1 minute and use that as the scheduled time? From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Friday, January 16, 2009 10:58 AM To: NT System Admin Issues Subject: Schedule Job with AT Anyone know if it's possible to schedule a job with AT in 1 minute from now? I want to make a script and need to shutdown this way as opposed to simply shutting down with shutdown.exe and a time. Thanks! jlc This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of Names in the News. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Enterprise Faxing - information gathering
Hey Tim, Make sure you identify all your needs before you start looking too deep. In our case we needed the ability to have users send direct from their email client AND to have the ability to fax out from our custom applications (custom cover sheets, pulling numbers and names from our ERP system OR from SQL, etc). We chose Faxsys from emFast.com which provides native email client fax out (via a custom SMTP fax connector in exchange), a desktop application for sending/managing faxes for powerusers, and a full API for our developers to play with. Faxsys has the ability to use analog modem lines or an IP gateway, and requires its own server to run on. From the admin side we basically set it and forget about it, the service just works. The few times we have had to call in, tech support is very understanding that we are not fax experts. -troy -Original Message- From: Tim Wagerle [mailto:jostssad...@gmail.com] Sent: Friday, January 16, 2009 1:53 PM To: NT System Admin Issues Subject: Enterprise Faxing - information gathering I am looking into an enterprise solution for Faxing, think of a large company (2000+ employees). Any information would be helpful (companies you like or dislike, standards and of course any do's or don'ts that you've learned). Something on best practices? Thanks to the list ahead of time. Tim Wagerle, TSS Josephine County Circuit Court Oregon Judicial Department timjos...@gmail.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Article ideas....
+1 WSRM would be excellent -Original Message- From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Thursday, January 15, 2009 8:28 AM To: NT System Admin Issues Subject: RE: Article ideas Here are my suggestions: Windows System Resource Manager. An in-depth analysis of how to use this tool with real world examples. I've used it in a lab and it seems like a very powerful tool. Network Policy server. Specifically items like Identity Type, MS-Service Class, NAP enforcement, extended state, authentication methods. EtcAgain I've seen very brief examples of this in a lab but know that a more detailed look at it with real examples would be of great use. Just my 2 cents. Chris Bodnar, MCSE Sr. Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Thursday, January 15, 2009 9:11 AM To: NT System Admin Issues Subject: Re: Article ideas This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sharepoint question
Olly, I have never done this, but assuming powershell can see that dav UNC, couldn’t you just use it to copy files that were newer than say one day? Something like: Get-childitem -path \\server\folder | where {$_.lastwritetime -gt (get-date).adddays(-1) -and $_.length -ne $null } | copy-item -destination \\SharePointdav\library You could expand that to move those items to a different folder for archiving and delete archive folders on a weekly/monthly/quarterly basis assuming you didn’t need to store two copies. -troy -Original Message- From: Oliver Marshall [mailto:oliver.marsh...@g2support.com] Sent: Thursday, January 15, 2009 6:10 AM To: NT System Admin Issues Subject: Sharepoint question Is there a way to create a workflow or script that will suck in files from a folder on the network and store them in a Sharepoint library automatically, say once ever hour ? I want to store scans from our MFPs in Sharepoint. The scan-to-UNC feature of the MFPs doesn’t like the webdav unc shares of sharepoint, and the MFPs don’t suppose scanning to email from the unit itself. So, I want to setup scanning to a folder on a network share, then have an automated script that will move the files to sharepoint (prob using \\companyweb\davwwwroot file:///\\companyweb\davwwwroot ) but to exclude files that have already been copied over (so as not to get an infinite number of previous versions of scans). Any suggestions? Olly -- G2 Support Online Backups Email: oliver.marsh...@g2support.com mailto:oliver.marsh...@g2support.com Web:http://www.g2support.com http://www.g2support.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Server 2008 GUID for backup devices
Greg, Thanks for following up with the solution. I have yet to use the 2008 Backup utility, and this is good to know. -troy -Original Message- From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] Sent: Wednesday, January 14, 2009 3:53 PM To: NT System Admin Issues Subject: RE: Server 2008 GUID for backup devices Okay googlefu did not fail me. Found this and it works, although using the method it does not utilize the VSS snapshots that the full server backup program uses, so it creates whole new files each backup. Not great for offsite backup solutions, but better than nothing. http://support.microsoft.com/kb/944530 Greg From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] Sent: Wednesday, January 14, 2009 6:20 PM To: NT System Admin Issues Subject: Server 2008 GUID for backup devices Well those of you running 2008 for sure know that the native backup tools in 08 have been significantly altered and you can no longer perform system state to critical volumes This presents a problem for applications that replicate offsite by creating a systemstate file locally and sending it off, or for clients that send systemstate volumes to network locations for backup. My specific question is.. Does anyone know how to make Server 08 present a network drive or remapped path on an existing volume as a NEW GUID volume to the OS. Subst command does not present a GUID for the volume you map according to a WMI lookup of Win32_volume We are trying to work around this until the software vendors come out with a workaround or MS provides some kind of interface for doing this again. Thanks Greg Sweers ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Win2003 DNS DNS CName issue
Sounds like you have dns suffixes set in your NIC properties. See if this command fixes it in nslookup Set srchlist= That should eliminate adding on the suffixes. -troy -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Thursday, January 08, 2009 12:06 PM To: NT System Admin Issues Subject: Win2003 DNS DNS CName issue Existing CNames in my dns work, but when I add a new one I get this w/ nslookup: existing Server: localhost Address: 127.0.0.1 Name:foo.domain.local Address: 192.168.0.15 Aliases: existing.domain.local bar Server: localhost Address: 127.0.0.1 Name:bar.domain.local Anyone know WTH is going on? Thanks! jlc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: P2V SBS aka two DC's
Dave, We don't have an SBS environment, but we have P2V'd multiple production DCs both 2000 and 2003 without noticeable issue. We did it similar to what you said and the VM DC comes up and thinks it has a new nic, but joins in with replication right away. Be careful on your reliance on going back to physical after you have been using your virtual. Ideally this would work ok as the security token between DC and AD shouldn't have changed and hopefully the SYSVOL data would simply realize it has an old version number and replicate with the other DC(s). I am curious if folks have tried this running the VM for a bit and then floating back to the physical due to issues. What types of issues caused the need to roll-back? I guess if all else fails in a worst case scenario a restore from backup including a non-authoritative restore of system state should bring you back to square one. It shouldn't matter but ours was all on ESX infrastructure. -Troy -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Tuesday, January 06, 2009 2:25 PM To: NT System Admin Issues Subject: P2V SBS aka two DC's Has anyone here P2V'd a couple of DC's? I P2V'd an SBS server in test and it went fine - my concern is how to handle it in production when there's a SBS server AND a 2nd DC involved. At some point I need to make the 2nd DC think that the first DC was just powered off for a bit. Would it work if I: 1) Do an offline P2V (read: the system (ServerA) P2V does a PXE boot into the host Hyper-V machine to get VM'd), 2) Leave physical ServerA off once it's P2V'd 3) Bring up the VM of ServerA? My thinking here is each DC would just think ServerA was powered off for a few hours, does this sound correct? Question 2: If I need to roll back to physical ServerAServerB (the 2nd DC) will now have thought it's talked to ServerA since the P2V outage, but effectively ServerA will have suffered a time warp by several hours, right? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VMWare Product Confusion
Sal, Yes the backend data files for ESX/ESXi are the same and you can SCP them to the new server or use Vmotion if you are licensed for that option. Much easier if its new hardware you are moving to, if upgrading the existing hardware it may take a little planning, especially if you are moving from local to SAN disks. -Troy -Original Message- From: Salvador Manzo [mailto:ma...@usc.edu] Sent: Monday, January 05, 2009 4:37 PM To: NT System Admin Issues Subject: RE: VMWare Product Confusion Well, I'm asking as I'm in the position where I may need to install ESXi now to get some functionality in place, but not have the money for VC/ESX full until next fiscal year. From: Greg Mulholland [mailto:g...@krystaltek.com] Sent: Monday, January 05, 2009 4:06 PM To: NT System Admin Issues Subject: RE: VMWare Product Confusion No. You can license it with the same functionality pretty much but as I said if you buy a full license then why wouldn't you use the full product. To use ESX you need to install ESX. To use ESXI you need to install ESXI. They are two different products From: Salvador Manzo [mailto:ma...@usc.edu] Sent: Tuesday, 6 January 2009 10:54 AM To: NT System Admin Issues Subject: RE: VMWare Product Confusion Can you move from ESXi to full ESX without having to rebuild the VM host? From: Greg Mulholland [mailto:g...@krystaltek.com] Sent: Monday, January 05, 2009 3:45 PM To: NT System Admin Issues Subject: RE: VMWare Product Confusion Those features are part of Virtual Centre. So you can use the ESXi embedded or installable version and purchase a foundation license file which provides a VC agent. Hence you can manage the host with Virtual Center etc etc. Mind you you cant use Vmotion unless you buy an Enterprise license and I don't know why you would ever do that and not use the full version anyway. Greg From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] Sent: Tuesday, 6 January 2009 10:17 AM To: NT System Admin Issues Subject: RE: VMWare Product Confusion ESXi does not allow Vmotion, Centralized Mgmt of multiple servers, etc. basically it's the essentials of ESX..Just virtualization and nothing of the advanced feature sets that the full (Paid) versions of ESX allow. From: Roger Wright [mailto:rwri...@evatone.com] Sent: Monday, January 05, 2009 6:04 PM To: NT System Admin Issues Subject: RE: VMWare Product Confusion Simple and concise! Thanks... Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: Klint Price - ArizonaITPro [mailto:kpr...@arizonaitpro.com] Sent: Monday, January 05, 2009 5:39 PM To: NT System Admin Issues Subject: Re: VMWare Product Confusion 1.x and 2.x run on top of Windows while ESXi has it's own OS, and runs independent of Windows. ESXi is a stripped down version of ESX. You will see huge increases in VM performance under ESXi. Klint Roger Wright wrote: So what are the primary differences between v1.x , and v2.0 and ESXi? Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ From: gswe...@actsconsulting.net [mailto:gswe...@actsconsulting.net] Sent: Monday, January 05, 2009 5:05 PM To: NT System Admin Issues Subject: RE: VMWare Product Confusion We have moved all of our clients to ESXi that were using Server 1.x or 2.0 unless there was some specific reason the Host OS had to stay online. Not many cases of those though. The only main issue was some NIC driver issues on some whitebox machines we have been begging to get rid of. From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Monday, January 05, 2009 5:00 PM To: NT System Admin Issues Subject: RE: VMWare Product Confusion No, ESXi is free now, and I would use it in a heartbeat over server. jlc From: Roger Wright [mailto:rwri...@evatone.com] Sent: Monday, January 05, 2009 2:55 PM To: NT System Admin Issues Subject: VMWare Product Confusion I'm running with several VMs under VMware Server 1.0.8, primarily because it was free and gave us an opportunity to move into the virtual arena. Is VMware Server 2.0 also free to use? If so, any reason not to move to 2.0? Is this the highest level VMWare product which is available at no cost? Roger Wright Network Administrator Evatone, Inc. 727.572.7076 x388 _ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Hackers create rogue CA certificate using MD5 collisions
Thanks for the clarification Ken. Your last comment said the only way to prevent the issue would be to examine each cert presented and see if the sig is encrypted with MD5, but following up on Tim's comment: if you removed all CAs from your Trusted Root Store that used MD5 on their sigs (all of the CAs that would be vulnerable to this attack) wouldn't that mean remove the risk? Thought being: if a hacker created a fake intermediate CA, but your machine doesn't trust the CA at the top of the chain (because you removed it from your trusted root store), wouldn't you in turn not trust that fake intermediate (and any of its falsely issued certificates)? -troy -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Wednesday, December 31, 2008 7:32 PM To: NT System Admin Issues Subject: RE: Hackers create rogue CA certificate using MD5 collisions This isn't the issue at all at the moment. Root CA certs can be signed in crayon, as long as you trust the integrity of the cert, you are OK. No one is cracking root CA certs. They are generating certificate requests (two of them - one for an end point purpose e.g. web server authentication, and one for an intermediate CA) that will result in the same signing hash from the CA if the CA is using MD5 Cheers Ken -Original Message- From: Troy Meyer [mailto:troy.me...@monacocoach.com] Sent: Thursday, 1 January 2009 9:09 AM To: NT System Admin Issues Subject: RE: Hackers create rogue CA certificate using MD5 collisions If the PS3 guys can crack an MD5 encrypted root certificate, they can create their own CA that looks like a trusted authority and in turn the CA can issue certificates that appear to be from that fake trusted authority. If a public CA has a root cert that is encrypted with SHA1 they aren't susceptible (yet) to having their certs faked. Faked certs could be used to make false websites look secure or genuine, could be used to deploy software that appears to be from a trusted vendor, or could be used to gain access to services/systems authenticated through public certs. Hopefully this will be a kick in the rear to CAs using MD5. If you run a site or service that uses certs from CAs like Equifax, Thawte, or GTE (all have at least one valid CA with a root cert encrypted with MD5), check your cert and the encryption of the signature at the top of the certificate path. If your root cert was encrypted with MD5, I would get your CA on the phone and have a conversation about possible risks. -troy -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, December 31, 2008 1:06 PM To: NT System Admin Issues Subject: Re: Hackers create rogue CA certificate using MD5 collisions On Wed, Dec 31, 2008 at 11:13 AM, David Lum david@nwea.org wrote: Microsoft is not aware of specific attacks against MD5, so previously issued certificates that were signed using MD5 are not affected and do not need to be revoked. This issue only affects certificates being signed using MD5 after the publication of the attack method. I thought the idea was that an attacker would forge a certificate, with info matching an existing certificate, but using a private key of their own, and then set their fleet of PlayStation 3's to work to come up with an MD5 collision, so they could use the signature from a real certificate to sign their forgery. Or something like that. So not only does this affect already-issued certificates, it depends on them. Or am I misunderstanding? Most public Certificate Authority roots no longer use MD5 to sign certificates, but have upgraded to the more secure SHA-1 algorithm. But as long as browsers still accept the older certificates, they'd still be vulnerable, right? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Win 2k8 Enterprise 240-day Eval Terminal Serivces licenses for 25 users.
Yes, the 2008 box will completely ignore CALS/licensing during the trial period. You get that familiar you have X days to configure a TS licensing server down in the task bar. During install our 2008 TS test setup detected our 2003 licensing server and said it didn't have any compatible licenses, but that didn't stop us from continuing the install and testing some of the sweet dt application serving and TS gateway functionality. -troy -Original Message- From: Klint Price - ArizonaITPro [mailto:kpr...@arizonaitpro.com] Sent: Wednesday, December 31, 2008 7:38 AM To: NT System Admin Issues Subject: Re: Win 2k8 Enterprise 240-day Eval Terminal Serivces licenses for 25 users. Backing up a little bit This is going to be utilized in a Windows 2003 domain environment. I have plenty of 2003 CALS, but no 2008 CALs. During the test time frame, do I not have to worry about 2008 CALs? Does 2008 ignore the fact they are missing until the trial period ends? Thanks, I think I am getting close. Klint and Enterprise comes with 25, and not just 5? I can't find it on the MS site, and have never dealt wi Damien Solodow wrote: Should. In my experience the trial versions are complete and full function, just time-bombed. From: Klint Price - ArizonaITPro [mailto:kpr...@arizonaitpro.com] Sent: Wednesday, December 31, 2008 10:23 AM To: NT System Admin Issues Subject: Re: Win 2k8 Enterprise 240-day Eval Terminal Serivces licenses for 25 users. as follow up, with the free trial from MS, will windows allow for 25 simultaneous users during the grace period? Klint Webster wrote: From: Klint Price - ArizonaITPro [mailto:kpr...@arizonaitpro.com] Subject: Win 2k8 Enterprise 240-day Eval Terminal Serivces licenses for 25 users. I need to throw together a test server with 25 terminal services users. Does the 60 day eval (which can be increased to 240 days), allow for 25 simultaneous users via terminal services In either per-user or per-device mode the TS will issue temporary 120-day licenses. If the TS is in workgroup mode then per-user licenses are not tracked. [Windows Server 2008 TS Resource Kit pages 121 and 122] Webster ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Hackers create rogue CA certificate using MD5 collisions
If the PS3 guys can crack an MD5 encrypted root certificate, they can create their own CA that looks like a trusted authority and in turn the CA can issue certificates that appear to be from that fake trusted authority. If a public CA has a root cert that is encrypted with SHA1 they aren't susceptible (yet) to having their certs faked. Faked certs could be used to make false websites look secure or genuine, could be used to deploy software that appears to be from a trusted vendor, or could be used to gain access to services/systems authenticated through public certs. Hopefully this will be a kick in the rear to CAs using MD5. If you run a site or service that uses certs from CAs like Equifax, Thawte, or GTE (all have at least one valid CA with a root cert encrypted with MD5), check your cert and the encryption of the signature at the top of the certificate path. If your root cert was encrypted with MD5, I would get your CA on the phone and have a conversation about possible risks. -troy -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, December 31, 2008 1:06 PM To: NT System Admin Issues Subject: Re: Hackers create rogue CA certificate using MD5 collisions On Wed, Dec 31, 2008 at 11:13 AM, David Lum david@nwea.org wrote: Microsoft is not aware of specific attacks against MD5, so previously issued certificates that were signed using MD5 are not affected and do not need to be revoked. This issue only affects certificates being signed using MD5 after the publication of the attack method. I thought the idea was that an attacker would forge a certificate, with info matching an existing certificate, but using a private key of their own, and then set their fleet of PlayStation 3's to work to come up with an MD5 collision, so they could use the signature from a real certificate to sign their forgery. Or something like that. So not only does this affect already-issued certificates, it depends on them. Or am I misunderstanding? Most public Certificate Authority roots no longer use MD5 to sign certificates, but have upgraded to the more secure SHA-1 algorithm. But as long as browsers still accept the older certificates, they'd still be vulnerable, right? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: IIS redirect?
Google javascript http redirect http://www.pageresource.com/jscript/jredir.htm so if I go to http://mail.daves.com you automatically route me to https://mail.daves.com/exchange -troy -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Tuesday, December 30, 2008 10:17 AM To: NT System Admin Issues Subject: IIS redirect? Say I want to redirect mail.myplace.com to www.myplace.com/Exchange, how do I do that? It's a DNS entry andwhat? I'm looking to make it so users don't have to include the /Exchange piece in the URL, so them typing mail.myplace.com takes them to the OWA page (Exchange 2003). Caveat: Server in question also hosts a regular www site and is not dedicated to just Exchange. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Aaaiiiyyyeeeeee!!! OOO notices! (OT)
John, Sure did on 12/24, something wasn't firing right. I will be out of the office Saturday, December 20 through Sunday December 28, 2008 . In the event you cannot avoid any computer related issues please contact us via the IT Support link on the Homepage. ;) - troy -Original Message- From: John Cook [mailto:john.c...@pfsf.org] Sent: Monday, December 29, 2008 10:20 AM To: NT System Admin Issues Subject: RE: Aaaiiiyyyee!!! OOO notices! (OT) Did you get an OOO from me last week? I'm on E2007 and Olk2007 and specifically said no OOF outside of my domain. John W. Cook Systems Administrator Partnership For Strong Families 315 SE 2nd Ave Gainesville, Fl 32601 Office (352) 393-2741 x320 Cell (352) 215-6944 Fax (352) 393-2746 MCSE, MCTS, MCP+I,CompTIA A+, N+ -Original Message- From: Martin Blackstone [mailto:mblackst...@gmail.com] Sent: Monday, December 29, 2008 1:20 PM To: NT System Admin Issues Subject: RE: Aaaiiiyyyee!!! OOO notices! (OT) You must be new around here. :) -Original Message- From: Edward B. DREGER [mailto:eddy+public+s...@noc.everquick.net] Sent: Monday, December 29, 2008 10:03 AM To: NT System Admin Issues Subject: Aaaiiiyyyee!!! OOO notices! (OT) I normally get a few OOOs in response to a post... but _thirteen_ just now?! Hint: If a message is addressed to a list (not to oneself), from a list server, et cetera, an OOO response might not be appropriate. And telling random people that you'll be out of state for two months is unwise from a security perspective. Eddy -- Everquick Internet - http://www.everquick.net/ A division of Brotsman Dreger, Inc. - http://www.brotsman.com/ Bandwidth, consulting, e-commerce, hosting, and network building Phone: +1 785 865 5885 Lawrence and [inter]national Phone: +1 316 794 8922 Wichita DO NOT send mail to the following addresses: dav...@brics.com -*- jfconmaa...@intc.net -*- s...@everquick.net Sending mail to spambait addresses is a great way to get blocked. Ditto for broken OOO autoresponders and foolish AV software backscatter. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: File share
+1 One of the lesser known features in IIS, but worth its weight in gold when you do this kind of stuff. Watch out for timeouts if you have to do large files. troy -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday, December 23, 2008 6:26 PM To: NT System Admin Issues Subject: RE: File share I'd go WebDAV. Client part is built into XP and Vista. Server part exists in most web servers (including IIS). You can secure it using TLS/SSL (and require client certs if you want in addition to server certs) Cheers Ken -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, 23 December 2008 6:08 AM To: NT System Admin Issues Subject: Re: File share On Mon, Dec 22, 2008 at 11:47 AM, Glen Johnson gjohn...@vhcc.edu wrote: What would be the groups recommendation for giving users access to file shares via the internet. VPN isn't an option due to security concerns. Well, if you're *really* concerned about security, I would suggest SFTP with public key authentication. You can get pretty decent client and server software for free. Public keys mean you're protected against password guessing and man-in-the-middle attacks. However, this would require software install on the client, exchange of keys, and possibly some user training. So it's a non-trivial deployment. I can't speak to web-based file access front ends so much. WebDAV (built in to IIS, Apache) and SharePoint get recommended a lot. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Issue joining 2003 domain
Hey Eric, Is the W2K box already a member of another domain? Is there anything filtering traffic between the DC and the old server? I think occasionally we also had to use the complete dns name when trying to add. (ie domain.com not just domain). Weird though, never seen that before. -Troy -Original Message- From: Eric Brouwer [mailto:[EMAIL PROTECTED] Sent: Thursday, December 11, 2008 5:55 AM To: NT System Admin Issues Subject: Issue joining 2003 domain Good morning, I am trying to join one of our legacy W2K boxes to our W2K3 domain. I am logged in as the local administrator, and when I try to join I am passing my domain admin credentials like new_domain\administrator. I am getting the following error: Network Identification The following error occurred attempting to join the domain new_domain: No mapping between account names and security IDs was done. I can ping the new_domain DC by name and IP, and I can see the new_domain from Network Places. Any one ever run into this? Thanks, Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Issue joining 2003 domain
Try removing it from your current domain and placing it in a workgroup before rejoining. Make sure that from the W2K machine when you ping new_domain.local you get back an active domain controller. -Troy -Original Message- From: Eric Brouwer [mailto:[EMAIL PROTECTED] Sent: Thursday, December 11, 2008 9:13 AM To: NT System Admin Issues Subject: Re: Issue joining 2003 domain Yes, it is joined to an old NT domain I am trying desperately to decommission. Nothing besides the switches are between the PC and the DC. The funny thing is, XP machines join fine. When I try joining new_domain.local as opposed to new_domain, I get a different error: Network Identification The following error occurred attempting to join the domain new_domain.local: The network path was not found. On Dec 11, 2008, at 11:34 AM, Troy Meyer wrote: Hey Eric, Is the W2K box already a member of another domain? Is there anything filtering traffic between the DC and the old server? I think occasionally we also had to use the complete dns name when trying to add. (ie domain.com not just domain). Weird though, never seen that before. -Troy -Original Message- From: Eric Brouwer [mailto:[EMAIL PROTECTED] Sent: Thursday, December 11, 2008 5:55 AM To: NT System Admin Issues Subject: Issue joining 2003 domain Good morning, I am trying to join one of our legacy W2K boxes to our W2K3 domain. I am logged in as the local administrator, and when I try to join I am passing my domain admin credentials like new_domain\administrator. I am getting the following error: Network Identification The following error occurred attempting to join the domain new_domain: No mapping between account names and security IDs was done. I can ping the new_domain DC by name and IP, and I can see the new_domain from Network Places. Any one ever run into this? Thanks, Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Eric Brouwer IT Manager www.forestpost.com [EMAIL PROTECTED] 248.855.4333 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: The Death of Windows 3.x
Interesting, I also incorrectly assumed these were the same product. http://en.wikipedia.org/wiki/Windows_3.11 Guess I should have spent less time on my Mac Plus. -troy -Original Message- From: Steven M. Caesare [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 10, 2008 11:44 AM To: NT System Admin Issues Subject: RE: The Death of Windows 3.x There was both a Windows 3.11 and a Windows for Workgroups 3.11. Different products. -sc -Original Message- From: Chinnery, Paul [mailto:[EMAIL PROTECTED] Sent: Saturday, November 15, 2008 9:53 PM To: NT System Admin Issues Subject: RE: The Death of Windows 3.x My first was a Radio Shack Color Computer. My first work network was a Win 3.11 (commonly referred to as Windows for Workgroups). Moved from that to NT 3.51. Paul Chinnery Network Administrator Memorial Medical Center 231-845-2319 -Original Message- From: Benjamin Zachary - Lists [mailto:[EMAIL PROTECTED] Sent: Friday, November 14, 2008 5:09 PM To: NT System Admin Issues Subject: RE: The Death of Windows 3.x Haha I had an Amiga, a Mac classic, and an HP/UX at work (jr admin) and never actually 'used' windows 3.1 or any dos. My first windows box was nt4 workstation. -Original Message- From: Alex Carroll [mailto:[EMAIL PROTECTED] Sent: Friday, November 14, 2008 11:14 To: NT System Admin Issues Subject: The Death of Windows 3.x Just found this interesting... Microsoft has just stopped issuing licenses for Windows 3.x on Nov.1. Ahh the memories of windows 3.x I remember back in the day when it was just coming out. I was still a youngster back then :). http://www.crn.com/software/212001291 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Personal SSL Cert disappearing
Does it ever work to access the bank? Has this machine or user ever been renamed? We have had issues on permissions to the physical folder that holds the personal certificate store on select XP machines, most of the time caused by computer/user name change flubbubs. This happened very seldom with some of our dealers, but was always fixed by booting into safe mode and removing/re-adding user permissions to the folder at (and propagating all changes to child objects) C:\Documents and Settings\%username%\Application Data\Microsoft\Crypto Before I did that though, I would try that user logged into a different machine to see if that gives you any love. -Troy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 09, 2008 6:42 AM To: NT System Admin Issues Subject: RE: Personal SSL Cert disappearing It's a personal cert that's installed via the banks website. I have even exported it, then imported it. It shows as imported fine, but when I open IE, it does not show up under personal certs. The bank claims that it belongs under personal certs. I have also tried to install it in other locations such as trusted publishers, and while it saves there, it will not show up when the bank looks for it. This is a Widows XP Pro machine, SP2, IE7 on 2003 AD. Dave === Beach Computers Affordable Hosting Solutions http://www.beachcomp.com === Cheap Domain Warehouse Get Your Own Dot! http://www.cheapdomainwarehouse.com Disclaimer and confidentiality note: The contents of this communication are intended/meant only for addressee(s) and may contain information that is privileged or otherwise confidential. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. The contents of this e-mail shall not be forwarded to any third party. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email, so that the sender's address records can be corrected. Views and opinions are solely those of the sender unless clearly indicated as being that of Beach Computers or any of it's affiliated companies. Beach Computers cannot assure that the integrity of this communication has been maintained or that it is free of errors, virus, interception or interference. From: Ken Schaefer [mailto:[EMAIL PROTECTED] Sent: Monday, December 08, 2008 7:35 PM To: NT System Admin Issues Subject: RE: Personal SSL Cert disappearing Is the cert a client authentication cert? Or a server authentication cert? If the latter, then it shouldn't be installed in Personal Certs Instead, the CA's cert (that issued the server auth cert) should be installed in Trusted Root CAs. If it's a client authN cert, use MMC (add the Certificates snapin) - does the cert disappear by itself? Cheers Ken From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Tuesday, 9 December 2008 10:35 AM To: NT System Admin Issues Subject: Personal SSL Cert disappearing Hi all, Got a very odd issue. We have a domain user who is trying to log onto a bank website. The bank requires an SSL cert to be installed. The cert installs and shows as installed under personals certs, but, once IE is closed and reopened, it's gone. Anyone have any ideas? Thanks! Dave === Beach Computers Affordable Hosting Solutions http://www.beachcomp.com === Cheap Domain Warehouse Get Your Own Dot! http://www.cheapdomainwarehouse.com Disclaimer and confidentiality note: The contents of this communication are intended/meant only for addressee(s) and may contain information that is privileged or otherwise confidential. If you are not the intended recipient you are hereby notified that any disclosure, copying, distribution or taking any action in reliance on the contents of this information is strictly prohibited and may be unlawful. The contents of this e-mail shall not be forwarded to any third party. If you have received this electronic mail transmission in error, please delete it from your system without copying or forwarding it, and notify the sender of the error by reply email, so that the sender's address records can be corrected. Views and opinions are solely those of the sender unless clearly indicated as being that of Beach Computers or any of it's affiliated companies. Beach Computers cannot assure that the integrity of this communication has been maintained or that it is free of errors, virus, interception or interference. ~
RE: SharePoint Server
Check out some of the resources at wssdemo.com. One thing we did that seems to have been nice is install the Microsoft online MOSS end-user training. This is a nice package from Microsoft that runs as its own site collection (we gave it a separate internal domain name) and you can send users there and have them see\participate in different types of interactive training within SharePoint. We barely scrape the surface of its possibilities, and its an easy sell (free) Good luck on the deployment, as previously stated by David, planning now will make a world of difference later. -Troy -Original Message- From: Bob Fronk [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 09, 2008 12:29 PM To: NT System Admin Issues Subject: RE: SharePoint Server I have setup a test machine... Looks like I need to buy some books or find a hands-on class nearby. Bob From: Steven M. Caesare [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 09, 2008 2:40 PM To: NT System Admin Issues Subject: RE: SharePoint Server We are getting ready to pilot SP for much the same purpose. The potential SQL server size scares me. -sc From: Bob Fronk [mailto:[EMAIL PROTECTED] Sent: Thursday, November 13, 2008 2:16 PM To: NT System Admin Issues Subject: SharePoint Server I am gearing up to deploy SharePoint Server 2007. The main goal is to help eliminate Outlook as a file transport, but eliminate the 100's of file shares we have. But I also know there is much more to the product. I would appreciate replies from those that have deployed SharePoint or have SharePoint experience on what your deployment experience was and what you would or wouldn't do again. Also, anyone have SharePoint running in a VM? As I type this, I am loading up a test server to experience the install process and do some testing. Thanks for any info. Bob Fronk [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Print Management Systems
Just a quick add-on. While centralized print servers are a must (expecially in R2 and 2008 environments where its much sweeter) That wont stop random people from finding an IP and sending print jobs to printers directly. Your outside firewall should block LPD (TCP 515) and any other port your network printers use for receiving data. Also to make sure students and folks inside the firewall don't send print jobs they shouldn't, most printers will allow some sort of ACL setup so only specific IPs are accepted. -Troy -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Friday, December 05, 2008 1:15 PM To: NT System Admin Issues Subject: RE: Print Management Systems A print server will bring you many benefits, the biggest being consolidation and a single point of management\control. You'll need a print server to do any type of job control or filtering like you have been tasked to research. Also, you'll be able to setup security on the print queues so only certain users or groups can print to them. I could go on but 2003 server R2 and server 2008 have made major strides in print management. I would check it out. Sorry for the quick reply but let me know if any other questions come up... Shook -Original Message- From: Matthew W. Ross [mailto:[EMAIL PROTECTED] Sent: Friday, December 05, 2008 4:04 PM To: NT System Admin Issues Subject: Print Management Systems Hey List, Being a school, we have a lot of network printers. Currently, they are all setup directly to the comptuters as needed. We're begining to see print jobs come from unknown locations, and unessesary large print jobs... So the question of Print Management has come up. I'm curous what the community is using. I've also not touched a Windows print server, so what are the pros and cons? I will need something that works with Windows and Mac OS X. Thanks for any input, --Matt Ross Ephrata School District ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Print Management Systems
Now you are starting to get hard core. Don't think that default Windows Print Services have that functionality, but these guys do, and a whole lot more http://www.pharos.com/ -troy -Original Message- From: Matthew W. Ross [mailto:[EMAIL PROTECTED] Sent: Friday, December 05, 2008 2:05 PM To: NT System Admin Issues Subject: RE: Print Management Systems Thank you all for the good information on the Windows 2008 print management... I'm looking at it now, and it looks very promising. (Especially the ACLs, which may allow me to block students from printing to some printers altogether!) Is there a way in the Windows 2008 system to block a printout from a user which is, say 10 pages or larger? Or is that beyond the capabilities of the MS solution? (I'm not seeing it, poking around.) --Matt Ross Ephrata School District - Original Message - From: Troy Meyer [mailto:[EMAIL PROTECTED] To: NT System Admin Issues [mailto:[EMAIL PROTECTED] Sent: Fri, 05 Dec 2008 13:22:10 -0800 Subject: RE: Print Management Systems Just a quick add-on. While centralized print servers are a must (expecially in R2 and 2008 environments where its much sweeter) That wont stop random people from finding an IP and sending print jobs to printers directly. Your outside firewall should block LPD (TCP 515) and any other port your network printers use for receiving data. Also to make sure students and folks inside the firewall don't send print jobs they shouldn't, most printers will allow some sort of ACL setup so only specific IPs are accepted. -Troy -Original Message- From: Andy Shook [mailto:[EMAIL PROTECTED] Sent: Friday, December 05, 2008 1:15 PM To: NT System Admin Issues Subject: RE: Print Management Systems A print server will bring you many benefits, the biggest being consolidation and a single point of management\control. You'll need a print server to do any type of job control or filtering like you have been tasked to research. Also, you'll be able to setup security on the print queues so only certain users or groups can print to them. I could go on but 2003 server R2 and server 2008 have made major strides in print management. I would check it out. Sorry for the quick reply but let me know if any other questions come up... Shook -Original Message- From: Matthew W. Ross [mailto:[EMAIL PROTECTED] Sent: Friday, December 05, 2008 4:04 PM To: NT System Admin Issues Subject: Print Management Systems Hey List, Being a school, we have a lot of network printers. Currently, they are all setup directly to the comptuters as needed. We're begining to see print jobs come from unknown locations, and unessesary large print jobs... So the question of Print Management has come up. I'm curous what the community is using. I've also not touched a Windows print server, so what are the pros and cons? I will need something that works with Windows and Mac OS X. Thanks for any input, --Matt Ross Ephrata School District ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Run a batch file to send emails
Hi David, I don't know your environment, but this sounds like something that can't easily be done without some VBS or Powershell. I personally like Powershell; you can grab your log files as objects and parse them easily grabbing only the specific dates and events you are looking for. You can then sort by username and while sending email (natively using .NET without a third party application) you can check your recipients against a list of already sent mail to make sure folks only get a single email. I haven't done this specific task before, but it shouldn't take too much effort to set something like that up. -Troy -Original Message- From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 11:35 AM To: NT System Admin Issues Subject: RE: Run a batch file to send emails I have blat running I just don't know how to script the usernames. From logparser I am getting a list of names. Now I want to take that list and send 1 email per user. -Original Message- From: Bill Monicher [mailto:[EMAIL PROTECTED] Sent: Monday, December 01, 2008 2:34 PM To: NT System Admin Issues Subject: Re: Run a batch file to send emails Use blat Blat is a command line utility that we use a lot for sending alerts from processes governed by vbscripts. I've been using it for over 10 years now. Delightful. Open source too -- ie free. If you need mapi I can't help you. In our environment, the only wrinkle with blat is that if I need to send mail outside of our LAN, the account under which the script runs must be a domain account, and the from email address must be the address of that account. --Bill On Mon, Dec 1, 2008 at 10:33 AM, David McSpadden [EMAIL PROTECTED] wrote: I want to read an input file. It would comma delimited. It will have those users that have not logged off and are getting after hours logon events with their names. I only want to send 1 email per user so I would have to sort and then group then blat out the email. My format for the file is like this: 866265068,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:14 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DawnH Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP31090634014W Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.0.31.40 Source Port: 1087 866265066,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:11 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DawnH Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP31090634014W Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.0.31.40 Source Port: 1044 866265063,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:49:07 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DawnH Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP31090634014W Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.0.31.40 Source Port: 4976 866264132,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:34:33 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DavidE Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP250308200506 Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.0.50.48 Source Port: 4656 866264130,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:34:33 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DavidE Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP250308200506 Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 10.0.50.48 Source Port: 4614 866264128,Security,Security,AUDIT FAILURE,031004LD5Z3K55,12/1/2008 12:34:33 AM,530,SYSTEM\NT AUTHORITY,Logon Failure: Reason: Account logon time restriction violation User Name: DavidE Domain: IM_DOM1 Logon Type: 3 Logon Process: NtLmSsp Authentication Package: NTLM Workstation Name: XP250308200506 Caller User Name: - Caller Domain: - Caller Logon ID: -
RE: Domain Controllers time sync software
How are you setting time? Sorry but I disagree with Marvin, you shouldnt use net time for 2003 servers; its old and inconsistent. The new way to set time is with W32Time. http://support.microsoft.com/kb/816042 that should get your time syncing to the time source with minimal issue. Make sure you are doing this on your PDC emulator at the top of the forest as that is where AD time should trickle down from. -Troy -Original Message- From: Juned Shaikh [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 18, 2008 9:05 AM To: NT System Admin Issues Subject: Domain Controllers time sync software What is the time-sync software hardware that the list uses? In our environment - for FW reasons the sync with default time sysnc are not working and we are in the process of buying some hardware appliacne with can provide time services. In the meantime, does anyone has use some software option which can be installed (safely) on Active directory DC's? Thanks, ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Domain Controllers time sync software
Thanks Kurt. If all this IT stuff falls away, I smell a career for you in legal arbitration! -troy -Original Message- From: Klint Price - ArizonaITPro [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 18, 2008 9:47 AM To: NT System Admin Issues Subject: Re: Domain Controllers time sync software I think both Troy and Marvin are correct. It sounds like Juned does not have FW rules in place to allow time sync to work directly from his DC. Yes, he should use W32Time as Troy suggests, and should point to an edge device (or other device that has a time service running on it) as Marvin suggests, IMO. Klint Troy Meyer wrote: How are you setting time? Sorry but I disagree with Marvin, you shouldnt use net time for 2003 servers; its old and inconsistent. The new way to set time is with W32Time. http://support.microsoft.com/kb/816042 that should get your time syncing to the time source with minimal issue. Make sure you are doing this on your PDC emulator at the top of the forest as that is where AD time should trickle down from. -Troy -Original Message- From: Juned Shaikh [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 18, 2008 9:05 AM To: NT System Admin Issues Subject: Domain Controllers time sync software What is the time-sync software hardware that the list uses? In our environment - for FW reasons the sync with default time sysnc are not working and we are in the process of buying some hardware appliacne with can provide time services. In the meantime, does anyone has use some software option which can be installed (safely) on Active directory DC's? Thanks, ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: SharePoint Server
Bob, We have Microsoft Office Sharepoint Server 2007 (MOSS) running for internal collaboration and workflow and we also have a Windows Sharepoint Services 3.0 install for external/internal file transfer and sharing. The WSS install is on an ESX VM with 1 gig of ram and an internal DB. Performance wise, the VM functions just fine for the small amount of traffic it gets, and I imagine if you are focusing on file transfer, you wont get hit very hard. I would be curious to see how large of files you want to send. Remember that file size for upload/download is not only a matter of telling Sharepoint max size, but falling within acceptable IIS timeout timeframes (we are still fiddling on this, over a couple 100 mbs is still an issue). As for complexity, I would encourage you to make it as simple as possible. If you have external users, follow the instructions online for setting up forms based auth and secure over ssl. I created the WSS site and deleted everything but the home splash page and a couple of document libraries, so it really isn't Sharepoint, its solely a storage portal. Good luck, if you have previous Sharepoint experience, you should find the newer products to be much easier to manage. -Troy -Original Message- From: Bob Fronk [mailto:[EMAIL PROTECTED] Sent: Thursday, November 13, 2008 11:16 AM To: NT System Admin Issues Subject: SharePoint Server I am gearing up to deploy SharePoint Server 2007. The main goal is to help eliminate Outlook as a file transport, but eliminate the 100's of file shares we have. But I also know there is much more to the product. I would appreciate replies from those that have deployed SharePoint or have SharePoint experience on what your deployment experience was and what you would or wouldn't do again. Also, anyone have SharePoint running in a VM? As I type this, I am loading up a test server to experience the install process and do some testing. Thanks for any info. Bob Fronk [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: How to track static DNS records
I don't think there is an easy way, the best you could do is to see which machines were not responding to pings. I would probably pipe all DNS entries for that domain to a file Dnscmd servername /zoneprint olddomain.com bigtextfile.txt Then script the pinging of all A and CNAME records, probably using powershell and the System.Net.NetworkInformation.Ping object. I am lazy and would clean up that file manually in excel and create a csv file with all my cname and a records. Then run this powershell script. $inputlist = get-content file.csv $ping = new-object System.Net.NetworkInformation.Ping Foreach ($thing in $inputlist){ $reply = $ping.send($thing) If ($reply.status -eq Success){} Else { echo $thing outputfile.txt } } Untested and your warranty just expired. Good luck. -troy -Original Message- From: Webb, Brian (Corp) [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 12, 2008 11:38 AM To: NT System Admin Issues Subject: How to track static DNS records OK, you have a bunch of CNames and static A records you have added to DNS and now you are wondering what the heck they are for and if they are still used. How do you track such things? We have some DNS servers we will be shutting down and need to make sure we don't break anything because we didn't move a CName. We also need to track new changes going forward. Thoughts? Brian Webb TDS Corporate IS, Windows Server Platform Team Senior Systems Administrator When stuck on a problem as often can be, try to remember G.B.T.T.D. (Go Back To The Definition). - Dave Seybold ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Determine os version
In powershell: Gwmi -computername tester -class Win32_OperatingSystem | fl caption, osarchitecture -troy -Original Message- From: Glen Johnson [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2008 7:29 AM To: NT System Admin Issues Subject: Determine os version Anyone have a quick PS or other cmd to show the version of a server 08 core machine. I need to know if it is 32 or 64 bit and std or enterprise. Tried connecting with server manager from a vista machine but it can't find the server. In the mean time, I'll be troubleshooting the remote connection problem. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: backup for vista
You can cheat and install ntbackup ;) http://www.petri.co.il/installing_windows_xp_ntbackup_on_windows_vista.htm -troy -Original Message- From: andy [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2008 5:35 AM To: NT System Admin Issues Subject: backup for vista Anybody have a good personal standalone backup for vista? It seems like vista ultimate will only backup the whole computer or your user settings. It does not seem like you can backup individual files or folders. andyandy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Determine os version
Yeah that might do it. I am sorry, I should have used the whole command-let phrase to simplify. You can use get-wmiobject and that will probably make more sense and give less chance for error. -Troy -Original Message- From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2008 9:13 AM To: NT System Admin Issues Subject: RE: Determine os version Maybe the fact he said gwmi and you typed gmwi? -Original Message- From: Christopher J. Bosak [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2008 10:08 AM To: NT System Admin Issues Subject: RE: Determine os version Gave it a shot just for the heck of it... The term 'Gmwi' is not recognized as a cmdlet, function, operable program, or script file. Verify the term and try agai n. At line:1 char:5 What am I doing wrong? Christopher J. Bosak Vector Company c. 847.603.4673 [EMAIL PROTECTED] You need to install an RTFM Interface, due to an LBNC issue. - B.O.F.H. (Merged 2 into 1) - Me -Original Message- From: Troy Meyer [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2008 10:24 hrs To: NT System Admin Issues Subject: RE: Determine os version In powershell: Gwmi -computername tester -class Win32_OperatingSystem | fl caption, osarchitecture -troy -Original Message- From: Glen Johnson [mailto:[EMAIL PROTECTED] Sent: Wednesday, November 05, 2008 7:29 AM To: NT System Admin Issues Subject: Determine os version Anyone have a quick PS or other cmd to show the version of a server 08 core machine. I need to know if it is 32 or 64 bit and std or enterprise. Tried connecting with server manager from a vista machine but it can't find the server. In the mean time, I'll be troubleshooting the remote connection problem. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Odd Redirects
Are we missing something here, what exactly are you asking? Are all of your clients unable to access the site? Then you are obviously looking at a higher level issue with name resolution and you need to check out your internal dns servers. Launch an nslookup and see what ip it responds to for that server. Then change the server in nslookup to 4.2.2.1 and try again. If only one user is having the issue can you walk them through checking for entries in the c:\windows\system32\drivers\etc\hosts file. If you wanted to script the checking of that hosts file for entries, you certainly could, but is it worth it for one user? Will it solve a malware issue that added invalid entries into a host file? Unfortunately I don't think there is a fix all script out there that magically detects the issue and resolves the problem, if there was, we all would be doing something else. -troy -Original Message- From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 9:58 AM To: NT System Admin Issues Subject: RE: Odd Redirects Maybe. I have 35k+ customers. I am looking for something scripted for the front line Service Reps to give them. And you PC has been jacked isn't one of the things my customers like to hear... :-) -Original Message- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 1:00 PM To: NT System Admin Issues Subject: Re: Odd Redirects A walk-through? -- ME2 On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden [EMAIL PROTECTED] wrote: How do I explain that to joe user? From: Sean Rector [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 12:40 PM To: NT System Admin Issues Subject: RE: Odd Redirects Check 4 hosts file? DNS poisoning... Sean Rector, MCSE From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 12:27 PM To: NT System Admin Issues Subject: Odd Redirects I have a customer that is trying to get to www.imcu.org. They are getting redirected to www.manta.com. If the go to www.imcu.com they are fine. I can get to both .org and .com with no issues. What is redirecting them to manta.com? What can I tell them to do to stop this behavior? So far I have told them to delete temporary files and cookies as well as ipconfig /flushdns but what is the real problem with their pc??? Data Security is everyone's responsibility. Information Technology Manager Virginia Opera Association E-Mail: [EMAIL PROTECTED] Phone:(757) 213-4548 (direct line) {*} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Odd Redirects
It's all good. What is funny is the solution is going to be having the user stop typing in the address wrong or stop using an HTML link that is outdated. It's always those little things that we take for granted. Geez we still get calls that the Big Blue E is broken. -troy -Original Message- From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 10:13 AM To: NT System Admin Issues Subject: RE: Odd Redirects Sorry for the smart @$$ remarks. I am not supposed to create single instance answers. I am supposed to create generic answers for a broad array of problems and then narrow them down. Mostly I am not supposed to talk with the customer's just keep our internal network up and running. Let the support staff help the customers with problems like these. -Original Message- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 1:13 PM To: NT System Admin Issues Subject: Re: Odd Redirects +1 -- ME2 On Tue, Nov 4, 2008 at 1:07 PM, Troy Meyer [EMAIL PROTECTED] wrote: Are we missing something here, what exactly are you asking? Are all of your clients unable to access the site? Then you are obviously looking at a higher level issue with name resolution and you need to check out your internal dns servers. Launch an nslookup and see what ip it responds to for that server. Then change the server in nslookup to 4.2.2.1 and try again. If only one user is having the issue can you walk them through checking for entries in the c:\windows\system32\drivers\etc\hosts file. If you wanted to script the checking of that hosts file for entries, you certainly could, but is it worth it for one user? Will it solve a malware issue that added invalid entries into a host file? Unfortunately I don't think there is a fix all script out there that magically detects the issue and resolves the problem, if there was, we all would be doing something else. -troy -Original Message- From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 9:58 AM To: NT System Admin Issues Subject: RE: Odd Redirects Maybe. I have 35k+ customers. I am looking for something scripted for the front line Service Reps to give them. And you PC has been jacked isn't one of the things my customers like to hear... :-) -Original Message- From: Micheal Espinola Jr [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 1:00 PM To: NT System Admin Issues Subject: Re: Odd Redirects A walk-through? -- ME2 On Tue, Nov 4, 2008 at 12:48 PM, David McSpadden [EMAIL PROTECTED] wrote: How do I explain that to joe user? From: Sean Rector [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 12:40 PM To: NT System Admin Issues Subject: RE: Odd Redirects Check 4 hosts file? DNS poisoning... Sean Rector, MCSE From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2008 12:27 PM To: NT System Admin Issues Subject: Odd Redirects I have a customer that is trying to get to www.imcu.org. They are getting redirected to www.manta.com. If the go to www.imcu.com they are fine. I can get to both .org and .com with no issues. What is redirecting them to manta.com? What can I tell them to do to stop this behavior? So far I have told them to delete temporary files and cookies as well as ipconfig /flushdns but what is the real problem with their pc??? Data Security is everyone's responsibility. Information Technology Manager Virginia Opera Association E-Mail: [EMAIL PROTECTED] Phone:(757) 213-4548 (direct line) {*} ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Remote server admin tools for XP?
Sorry Tom, RSAT for XP doesn't exist and probably won't ever. You can administer most common AD integrated services with the Server 2003 admin pack, but for some of the newer items you will need to login to your server, or consider a getting a Vista client. -Troy -Original Message- From: Tom Miller [mailto:[EMAIL PROTECTED] Sent: Monday, November 03, 2008 7:08 AM To: NT System Admin Issues Subject: Remote server admin tools for XP? Hi Folks: I only see Remote Server Admin tools (RSAT) for Windows Vista. Anyone know if there is anything out there for Windows XP? On my Windows 2008 member servers I can install the remote feature tools and there is a download for Vista. Apologies if this has been covered before. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: CA 2003 Enteprise
Jesse, You can request a computer certificate from the web enrollment page, but you need to click advanced request and submit a request via file. So the hard part is completing a certificate request on your Macintosh to generate the file and then completing the request after Windows issues the certificate. I have never done this, but the first place to explore would be the OSX command line tool certtool. There may be easier ways, but I haven't used them :) Troy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, November 03, 2008 7:35 AM To: NT System Admin Issues Subject: CA 2003 Enteprise This has me baffled. I have a Windows 2003 Enterprise server running as a CA. I need to find a way to setup computer based certificates on non-XP machine (Mac OS 10.5). I cannot seem to figure out how to create machine certificates properly or even request them. I've been able to get XP machines (that are part of the domain) a computer certificate through group policy and auto enrollment. However, I'm not sure how to manually request a computer based certificate. Going through the web interface (http://ip-addr/certsrv) does not allow you to request a computer based cert. Does anyone know how to (or has anyone successfully done this) setup a computer based certificate on a computer on a non-XP box to a Win 2k3 Enterprise CA? Reading the MS whitepages on CA makes my head spin. JR mail2web.com - Microsoft(r) Exchange solutions from a leading provider - http://link.mail2web.com/Business/Exchange ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: FTP Server Web front end
Keep it simple. Use Sharepoint Services 3.0 (free) and setup forms based authentication back to your AD. Use an SSL cert and everything should be golden security wise. (google is your friend with this) Ignore all the fancy crap like blogs, wikis, mysites. Just offer a home page with a link to a document library (ies) and make everything click through. Automatic breadcrumbs should make navigation easy. We are in the process of setting this up now and the external site is brutally simple. -troy -Original Message- From: Matt Plahtinsky [mailto:[EMAIL PROTECTED] Sent: Thursday, October 30, 2008 9:49 AM To: NT System Admin Issues Subject: Re: FTP Server Web front end The question I have been asking myself when testing different FTP clients is. Could grandma use this? Sharepoint might be the easiest. Damn I was really wanting to avoid supporting a sharepoint site. On Thu, Oct 30, 2008 at 12:27 PM, Rod Trent [EMAIL PROTECTED] wrote: Even looks like a Java app. shudder -Original Message- From: wjh [mailto:[EMAIL PROTECTED] Sent: Thursday, October 30, 2008 12:25 PM To: NT System Admin Issues Subject: Re: FTP Server Web front end check out crushftp. It is java based, so let the ranting begin. http://www.crushftp.com/index.html Bill Matt Plahtinsky wrote: I need to setup an FTP site for our company. Most the users that will be using our FTP server are not very computer literate. I'm looking for 1. A very simple FTP client that's easy for users to use. or 2. a web front end for uploading/downloading files. Anyone have any suggestions. Thanks Matt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: V2P?
http://support.microsoft.com/kb/249694 we have done that with migrations from 2550s to 2950s to remain in support without reloading the OS. I am sure it would work the same with a VM. Basically use NT backup, restore and before rebooting, load the mass storage drivers. -Troy -Original Message- From: James Rankin [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 29, 2008 1:53 AM To: NT System Admin Issues Subject: V2P? I know it is easy enough to do a P2V conversion, but is there any way you can go the other way? I have a load of cloned VMWare guests that are all deployed from a template, and now I need this template to be deployed to a single physical Dell PE 2950. Is this possible? Thinking about it, how would you be able to get the hardware devices detected correctly? Does anyone know of any possible way this could be done? TIA, JRR ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Checking what services are firing up and when.
Great Post Ken, Thanks From: Ken Schaefer [EMAIL PROTECTED] Sent: Saturday, October 25, 2008 5:22 AM To: NT System Admin Issues Subject: RE: Checking what services are firing up and when. If you have IRQL_NOT_LESS_OR_EQUAL please see my blog: What is an IRQLhttp://www.adopenstatic.com/cs/blogs/ken/archive/2006/10/01/causes_2c00_-and-tips-for-debugging_2c00_-a-stop-0x000a-_2800_irql_5f00_not_5f00_less_5f00_or_5f00_equal_2900_-bugcheck_2f00_blue-screen-_2d00_-part-1.aspx and what is a NOT_LESS_OR_EQUAL issue How to debug IRQL_NOT_LESS_OR_EQUALhttp://www.adopenstatic.com/cs/blogs/ken/archive/2006/10/03/Causes_2C00_-and-tips-for-debugging_2C00_-a-STOP-0x000A-_2800_IRQL_5F00_NOT_5F00_LESS_5F00_OR_5F00_EQUAL_2900_-bugcheck_2F00_blue-screen-_2D00_-Part-2.aspx issue How to use Driver Verifierhttp://www.adopenstatic.com/cs/blogs/ken/archive/2007/01/09/1005.aspx Cheers Ken From: Free, Bob [mailto:[EMAIL PROTECTED] Sent: Saturday, 25 October 2008 11:42 AM To: NT System Admin Issues Subject: RE: Checking what services are firing up and when. Stop 000a AKA IRQL_NOT_LESS_OR_EQUAL This Stop message indicates that a kernel-mode process or driver attempted to access a memory address to which it did not have permission to access. The most common cause of this error is an incorrect or corrupted pointer that references an incorrect location in memory. A pointer is a variable used by a program to refer to a block of memory. If the variable has an incorrect value in it, the program tries to access memory that it should not. When this occurs in a user-mode application, it generates an access violation. When it occurs in kernel mode, it generates a STOP 0x000A message. If you encounter this error while upgrading to a newer version of Windows, it might be caused by a device driver, a system service, a virus scanner, or a backup tool that is incompatible with the new version. Google Stop 000a and there are plenty of suggestions. From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Friday, October 24, 2008 11:56 AM To: NT System Admin Issues Subject: RE: Checking what services are firing up and when. Error code 000a, parameter1 0001, parameter2 d01b, parameter3 0001, parameter4 8083df4c. From: Bob Fronk [mailto:[EMAIL PROTECTED] Sent: Friday, October 24, 2008 2:36 PM To: NT System Admin Issues Subject: RE: Checking what services are firing up and when. Turn off automatic reboot so you can see the BSOD. Or is it actually doing a “clean reboot” where it shows it is shutting down? Event viewer says….? Bob Fronk [EMAIL PROTECTED] From: David McSpadden [mailto:[EMAIL PROTECTED] Sent: Friday, October 24, 2008 2:23 PM To: NT System Admin Issues Subject: Checking what services are firing up and when. I have a server that is rebooting itself. Now none of my operators will tell me who loaded what and I really don’t care. I need to see what services or driver is causing my reboots about every 5 minutes. I have ran MSConfig and stopped all none windows stuff and it stays up all week. If I let everything run in normal it boots at just about 2 to 5 minutes each time. What can I run that will help me find this animal and remove it or get the correct version loaded. Standard Server 2003 with IIS and File and print services enabled. Data Security is everyone's responsibility ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Out of Cycle Critical Windows Patch ?
WHEN we had PSS (read before our stock dropped 800%) we had a fantastic TAM and this was the type of thing she would make a personal call on to make sure we understood the importance of the issue. I do miss her, and I agree MSFT customer service (especially PSS) is very nice. Now if I could get a couple of you to buy a luxury motor-home, perhaps we could get back in the loop ;) -troy -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Friday, October 24, 2008 5:08 PM To: NT System Admin Issues Subject: Re: Out of Cycle Critical Windows Patch ? Taking this in a slightly different direction... I told the IT Director and COO yesterday that I was patching all servers, and sending an email to all of the laptop users to do the same. They were a bit skeptical, but not only did the emails that I forwarded them from various lists buttress my opinion, this morning I got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist of the message - MSFT is taking this extremely seriously, and you should patch now. Director's comments was nice job, good of you to jump on this. Anyone else get a call like this from MSFT? It's the first time I've heard of them doing this, and I take it as a really good sign - MSFT is finally getting the real clue about this stuff. Kurt On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall [EMAIL PROTECTED] wrote: Chaps, The update that was sent out last night, has that caused any issues elsewhere? We've had a spate of calls from users about problems today, several servers which were set to auto-update for various reasons have had varying levels of failure. It's mentally busy here for a Friday, and the one thing they have in common is that all the machine rebooted for an update last night. Is it just us ? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Out of Cycle Critical Windows Patch ?
It's bad, when I started working for the company we were $16.xx and yesterday we closed at $0.87. It's about a 95% drop, but 800% sounded more intriguing. -troy -Original Message- From: Mark Boersma [mailto:[EMAIL PROTECTED] Sent: Saturday, October 25, 2008 6:49 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch ? If your accountants can explain how stock can drop 800% would you forward that on please? :) Mark - Two rules to success in life: 1. Never tell people everything you know. -Original Message- From: Troy Meyer [mailto:[EMAIL PROTECTED] Sent: Saturday, October 25, 2008 3:04 PM To: NT System Admin Issues Subject: RE: Out of Cycle Critical Windows Patch ? WHEN we had PSS (read before our stock dropped 800%) we had a fantastic TAM and this was the type of thing she would make a personal call on to make sure we understood the importance of the issue. I do miss her, and I agree MSFT customer service (especially PSS) is very nice. Now if I could get a couple of you to buy a luxury motor-home, perhaps we could get back in the loop ;) -troy -Original Message- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Friday, October 24, 2008 5:08 PM To: NT System Admin Issues Subject: Re: Out of Cycle Critical Windows Patch ? Taking this in a slightly different direction... I told the IT Director and COO yesterday that I was patching all servers, and sending an email to all of the laptop users to do the same. They were a bit skeptical, but not only did the emails that I forwarded them from various lists buttress my opinion, this morning I got forwarded a voicemail by the IT Director, from a rep at MSFT. Gist of the message - MSFT is taking this extremely seriously, and you should patch now. Director's comments was nice job, good of you to jump on this. Anyone else get a call like this from MSFT? It's the first time I've heard of them doing this, and I take it as a really good sign - MSFT is finally getting the real clue about this stuff. Kurt On Fri, Oct 24, 2008 at 3:52 AM, Oliver Marshall [EMAIL PROTECTED] wrote: Chaps, The update that was sent out last night, has that caused any issues elsewhere? We've had a spate of calls from users about problems today, several servers which were set to auto-update for various reasons have had varying levels of failure. It's mentally busy here for a Friday, and the one thing they have in common is that all the machine rebooted for an update last night. Is it just us ? Olly ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Please consider the environment before printing this email. CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipients(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Last Logon and Computer
WMI will give you this info if querying the machine directly (not AD related). In powershell - (gwmi Win32_ComputerSystem -computername joeycomp).UserName -troy -Original Message- From: Joseph L. Casale [mailto:[EMAIL PROTECTED] Sent: Friday, October 24, 2008 7:16 AM To: NT System Admin Issues Subject: Last Logon and Computer Is there a way to enumerate who last logged on to a wkst by querying the wkst name in AD? Thanks! jlc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Windows 2003 RMS and Word 2007
WRM server has a certificate that is recognized by the client as trusted? Client is running the WRM client SP2 ? Personal Opinion, if this is a new install, go with W2K8 and the WRM service there. There are a couple nice things with management and ability to integrate with outside directories that make it worth-while. Plus WRM once installed hangs out for a LONG time so if you get the newest now it's easier to get support in two years when something breaks. -troy -Original Message- From: Oliver Marshall [mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2008 7:54 AM To: NT System Admin Issues Subject: Windows 2003 RMS and Word 2007 (soz forgot to change the subject line when I re-used an old email I was looking at) Hi gang, Im trying to test out Windows 2003 RMS here so that our Word docs are given a level of protection against being emailed out. I've followed the step by step insttructions to install it on our 2003 server. It's the only server here in our small office. Everything has gone to plan and it all appeared to install first time. However, when I try the Word part of the test which involves creating and save a test doc, clicking the Office button in Word then choosing Prepare and then Restrict Permission and then Restrict Access, it goes wrong. Rather than showing me the options to restrict access, it asks me whether i want to sign up for a trial with the MS RMS service. I've registered the RMS SCP in Active Directory using the RMS management page on the server, and I cant see any errors on the workstation that relate to not being able to find it etc. Any ideas why I'm not seeing the options to restrict access ? Olly -- G2 Support Online Backups Email: [EMAIL PROTECTED] Web:http://www.g2support.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DNS Reverse lookup question
Wouldn't a secondary zone on each DNS server for the opposing domain make this work? You may need to specify the IP of each destination DNS server on each host DNS server (see zone transfers), but you should be golden with that. -troy -Original Message- From: Webb, Brian (Corp) [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2008 9:47 AM To: NT System Admin Issues Subject: DNS Reverse lookup question Here is the situation: 1 IP range has servers from 2 different domains DNS servers (AD integrated) for each domain have entries for the servers in that domain If I do a reverse lookup from a machine that is pointed to the right DNS server it works, otherwise I get a non-existent domain. Hw do you solve this? Do you manually put in PTR records for all the servers in the opposite domain? Example: Server1.corp.local is at 10.1.1.10 Server2.division.local is at 10.1.1.20 Client1.corp.local is at 10.100.100.100 with DNS server pointed to DNSserver.corp.local Client2.division.local is at 10.200.200.200 with DNS server pointed to DNSserver.division.local nslookup from client1 for 10.1.1.10 returns Server1 nslookup from client1 for 10.1.1.20 returns non-existent domain nslookup from Client2 for 10.1.1.10 returns non-existent domain nslookup from Client2 for 10.1.1.20 returns Server2 nslookup by name (forward lookup) works everywhere. Brian Webb - MCSE TDS Corporate IS, Windows Server Platform Team Senior Systems Administrator When stuck on a problem as often can be, try to remember G.B.T.T.D. (Go Back To The Definition). - Dave Seybold ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Server naming - virtual vs physical
Nice find Phil, I have never considered that VMware would be listed there. -Troy -Original Message- From: Phil Brutsche [mailto:[EMAIL PROTECTED] Sent: Monday, October 13, 2008 11:14 AM To: NT System Admin Issues Subject: Re: Server naming - virtual vs physical WMI will do it. This article will help (beware of line wrap): http://windowsitpro.com/article/articleid/97188/how-can-i-create-a-wmi-filter-for-only-certain-computer-makes.html Servers running on VMware will list the computer manufacturer as VMware, Inc.. David Lum wrote: Mostly, unless you're involved with asset tracking and warranties...and thanks for the answers. If you have 500 servers and are asked to list only the physical ones (for warranty and asset tracking), how do you guys handle that? AD dump with a compare of a VM list? -- Phil Brutsche [EMAIL PROTECTED] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: hyperv server mngmt (additional download)
Not off the shelf, you need to download it. http://www.microsoft.com/downloads/details.aspx?FamilyID=bf909242-2125-4d06-a968-c8a3d75ff2aaDisplayLang=en -Original Message- From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Friday, October 10, 2008 5:43 AM To: NT System Admin Issues Subject: Re: hyperv server I saw nothing and I did check and all of the RSAT tools were turned on. Was this a different one, version, or named something differnet? Jon On Fri, Oct 10, 2008 at 7:49 AM, John Hornbuckle [EMAIL PROTECTED] wrote: Yep... Microsoft hid that, for some reason that I'm sure is perfectly logical from a particular perspective. But from my perspective, it's pretty strange that installing a program wouldn't automatically enable it... From: Brumbaugh, Luke [mailto:[EMAIL PROTECTED] Sent: Friday, October 10, 2008 7:40 AM To: NT System Admin Issues Subject: RE: hyperv server Enable the feature. Under Programs and settings. From: Jon Harris [mailto:[EMAIL PROTECTED] Sent: Friday, October 10, 2008 7:34 AM To: NT System Admin Issues Subject: Re: hyperv server John, where did you find the remote management tool I am not finding it in the RSAT tools, was it on the 2008 DVD? Thanks, Jon On Fri, Oct 10, 2008 at 6:25 AM, John Hornbuckle [EMAIL PROTECTED] wrote: Good point--mine's the version with Windows. Sorry! -Original Message- From: Greg Mulholland [mailto:[EMAIL PROTECTED] Sent: Thursday, October 09, 2008 11:31 PM To: NT System Admin Issues Subject: RE: hyperv server what version of hyperv. i am asking specifically about the latest standalone hypervisor install, not windows 2008. From: John Hornbuckle [EMAIL PROTECTED] Sent: Friday, 10 October 2008 12:15 PM To: NT System Admin Issues Subject: RE: hyperv server I'm able to manage Hyper-V from my Vista machine. I don't recall having had to jump through any big hoops to get it to work... John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us http://www.taylor.k12.fl.us/ -Original Message- From: Greg Mulholland [mailto:[EMAIL PROTECTED] Sent: Thursday, October 09, 2008 9:08 PM To: NT System Admin Issues Subject: hyperv server OK so im giving in to the dark side and setting up a hyperv server (the standalone thing they brought out last week or so) Has anyone had a play with this and been able to get a vista client to manage it. Im trying to manage it with my laptop (server and client in workgroup) I know the ridiculous amount of steps you had to go throuoght to enable remote management with hyperv installed on server core but this is a different kettle of fish all toghether. The same procedurs dont work simply because those parts of the OS are not present in the standalone hyperv. The error i get is 'cant connect to remote host, make sure the vmm service is running or something to that effect. Ive spent days searching the net for any info but havent found any. I am going to attempt to rebuild the hyperv and see if that magically fixes anything. It seems that MS are forcing you into domain membership with your host and management pc's and if that is there strategy, good luck is all i can say, equivalent products in the market dont seem to have such limitations. They need to fix hyperv in the future if they want to compete. I laughed when i read a blog the other day about 'hyper, the windows you know and love' yeah the one that is harder to manager, takes longer to install/deploy/configure than others i.e ESX. I thought it was extermely funny that when i had finished the setup part of the hyperv server it said preapring dektop for 2 minutes and all i got was a dos window :). but i am giving it a go. Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ** CONFIDENTIALITY NOTICE: The information transmitted in this message is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged
RE: Good text editor
I have yet to find a 32bit xp app that wont work on 32bit vista. Some take a little bit of effort, but nearly everything will run. http://windowshelp.microsoft.com/Windows/en-US/Help/bf416877-c83f-4476-a3da-8ec98dcf5f101033.mspx is a good start, sometimes it's as easy as simply running the install as an admin. Most likely sysinternals processmonitor will be the most useful tool for tracking this stuff down. Remember that Vista is only blocking app access to a couple places, they want you not to modify C:,C:\windows, and c:\program files. You may need to add a couple permissions here and there, or change a temp/settings file location, but if you need the app, its worth the time. -troy -Original Message- From: Phillip Partipilo [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2008 10:16 AM To: NT System Admin Issues Subject: RE: Good text editor Don't run Vista, so I dont know. It doesnt look like the type of application that does any kind of weird low-level or undocumented things that might cause it to break, but, again, I dont run Vista nor does the company (and likely never will). Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 07, 2008 10:54 AM To: NT System Admin Issues Subject: Re: Good text editor I too like ConText - but it has not been updated lately. Last I checked it didn't work with Vista. Do you have it working on Vista? Devin On Mon, Oct 6, 2008 at 9:21 PM, Phillip Partipilo [EMAIL PROTECTED] wrote: I've liked ConText, has a very large library of available highlighter modules. On Oct 6, 2008, at 10:14 PM, Greg Mulholland wrote: I use ultraedit and notepad++ From: Jim Dandy [EMAIL PROTECTED] Sent: Tuesday, 7 October 2008 11:02 AM To: NT System Admin Issues Subject: RE: Good text editor UltraEdit? -Original Message- From: IS Technical [mailto:[EMAIL PROTECTED] Sent: Monday, October 06, 2008 10:26 AM To: NT System Admin Issues Subject: Re: Good text editor #What's the best text editor out there for writing code and scripts and such? I'd like to find #one that does line numbering obviously, and does some formatting to keep things neat. #Like color coding expressions, functions, etc. I'm trying to learn JavaScript, and using #Notepad and Dreamweaver are proving difficult. JEdit. Regards, Charles --- Charles Figueiredo PhD Integrated Solutions - Enhancing Small Business Systems --- ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- If this email is spam, report it here: http://www.onlymyemail.com/view/?action=reportSpamId=ODEzNjQ6NzY1MTA5NTEzOnBqcEBwc25ldC5jb20%3D ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Devin If this email is spam, report it here: http://www.OnlyMyEmail.com/ReportSpam http://www.onlymyemail.com/view/?action=reportSpamId=ODEzNjQ6NzY1NTgzNTU2OnBqcEBwc25ldC5jb20%3D ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: changing anti-virus, anti-spam, anti-spyware
Stu, Keep us updated on that, it's a major selling point for mid-large installations. -troy -Original Message- From: Stu Sjouwerman [mailto:[EMAIL PROTECTED] Sent: Monday, October 06, 2008 8:31 AM To: NT System Admin Issues Subject: RE: changing anti-virus, anti-spam, anti-spyware We are working on one too. Stu -Original Message- From: Don Ely [mailto:[EMAIL PROTECTED] Sent: Saturday, October 04, 2008 4:07 PM To: NT System Admin Issues Subject: Re: changing anti-virus, anti-spam, anti-spyware Some AV vendors will create you a rip and replace tool. Trend is one such vendor. On 10/4/08, Holstrom, Don [EMAIL PROTECTED] wrote: We have been using Symantec products for servers workstations for a couple of years now. Bought Vipre for the family/test network, seems to work fine. Certainly runs faster, less overhead. However, cannot get rid of Symantec 10.1 or 10.2. Checked the Symantec site and their manual uninstallation appears to take as long as wiping the hard disk and rebuilding that. I inquired with Sunbelt and they sent me a link to a Symantec automatic uninstaller, but that doesn't work with 10.2 on Vista. Haven't tried it on XP. Does it? So, we are protected at the test network by Vipre but a Symantec 30 day outdated virus signature error message comes up all the time. Annoying. Anyone shifted away from Symantec without tearing out their hair? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- Sent from Gmail for mobile | mobile.google.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ .. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Two Enterprise Root CA's
Devin, That last KB should work just fine, but its OVERLY uptight. Existing certs wont hurt the laptops if they remain valid and if you don't have services that look at that CA, they aren't doing anything. With three clients revoking them and continuing to publish a CRL is no big deal, but with many it may become a troublesome un-needed effort. I would create the GPO that assigns the new CA to the trusted authorities, re-create any policies and templates on the new CA (doesn't sound like you have many), and then finally alter any services that used those certs (RAS, IAS, etc). Then as long as no enterprise services depend on certificates from the old CA, uninstall cert services and decommission the machine. Good Luck Troy -Original Message- From: Devin Meade [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 01, 2008 12:20 PM To: NT System Admin Issues Subject: Two Enterprise Root CA's I posted this when NTSYSADMIN list was on spamcop and am reposting now... Group, We have two Enterprise Root CA's and need to remove one. The one I want to remove has only three computer certificates issued via an auto enrollment Group Policy, for VPN. After some googling, I see that I might be able to start the Cert Authority MMC on the bad CA, navigate to Certification Templates, then delete all of them. This should force the machines to renew them on the other root CA server. I ran certutil per http://support.microsoft.com/kb/29 to find that I have two of these. Per http://forums.techarena.in/microsoft-security/934673.htm and http://groups.google.com/group/microsoft.public.windows.server.security/browse_thread/thread/af6cb6614c34f88f/5414636b3d971257?hl=enlnk=stq=delete+%22enterprise+root+ca%22#5414636b3d971257 I can delete all templates and let them expire. This seems very heavy handed. Is this a safe way to proceed? This is an Enterprise Root CA for a 2003 Active Directory. I only have three certs to replace, I wonder if I can just revoke them one-by-one while I have the laptops in my possession, stop the cert service on the bad CA, then let the GPO issue a new computer cert on the good CA. Then after the three certs are reissued, uninstall Cert Services from the bad server (decomission it via http://support.microsoft.com/kb/889250). -Devin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~