RE: problem subscription to new list
Did you use the new cover sheet to submit your request? Thanks Webster From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Friday, May 03, 2013 10:07 AM To: NT System Admin Issues Subject: Re: problem subscription to new list That's where it's been sent to. I get nothing back indicating acceptance to the list. Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com [cid:image001.jpg@01CE47E6.BB4FEA70] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> From:Jonathan Link mailto:jonathan.l...@gmail.com>> To:"NT System Admin Issues" mailto:ntsysadmin@lyris.sunbelt-software.com>> Date:05/03/2013 10:59 AM Subject:Re: problem subscription to new list Try comm...@lists.myitforum.com<mailto:comm...@lists.myitforum.com> On Fri, May 3, 2013 at 10:53 AM, Christopher Bodnar mailto:christopher_bod...@glic.com>> wrote: Anyone else having issues trying to subscribe to the new list that Rod put up? I send the subscription e-mail, but I've gotten no confirmation back. I've tried 3 times over the last 3 days with no luck. Don't see it getting flagged as junk, and I do get the stuff from ad...@myitforum.com<mailto:ad...@myitforum.com> without any issues. Christopher Bodnar Enterprise Architect I, Corporate Office of Technology:Enterprise Architecture and Engineering Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com<mailto:christopher_bod...@glic.com> [cid:image001.jpg@01CE47E6.BB4FEA70] The Guardian Life Insurance Company of America www.guardianlife.com<http://www.guardianlife.com/> - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
RE: The list?
Those were the days. Thanks Webster > -Original Message- > From: Richard McClary [mailto:richard.mccl...@aspca.org] > Sent: Thursday, May 02, 2013 8:37 AM > To: NT System Admin Issues > Subject: RE: The list? > > Not the same without hearing it being read by Captain Kangaroo :-( > > -- > richard > > -Original Message- > From: Ben Scott [mailto:mailvor...@gmail.com] > Sent: Thursday, May 02, 2013 8:21 AM > To: NT System Admin Issues > Subject: Re: The list? > > On Thu, May 2, 2013 at 8:56 AM, James Kerr wrote: > > Ping? > > http://www.amazon.com/dp/0448421658 > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > The information contained in this e-mail, and any attachments hereto, is > from The American Society for the Prevention of Cruelty to Animals?? > (ASPCA??) and is intended only for use by the addressee(s) named herein > and may contain legally privileged and/or confidential information. If you are > not the intended recipient of this e-mail, you are hereby notified that any > dissemination, distribution, copying or use of the contents of this e-mail, > and > any attachments hereto, is strictly prohibited. If you have received this > e-mail > in error, please immediately notify me by reply email and permanently > delete the original and any copy of this e-mail and any printout thereof. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: The list?
Request timed out, host unreachable. Thanks Webster From: James Kerr [mailto:cluster...@gmail.com] Sent: Thursday, May 02, 2013 7:56 AM To: NT System Admin Issues Subject: RE: The list? Ping? Sent from my MK-19 grenade launcher. On May 1, 2013 8:35 PM, "Steven M. Caesare" mailto:scaes...@caesare.com>> wrote: Hesienberg's 8-Ball says: "Uncertain" -sc From: Doug Hampshire [mailto:dhampsh...@gmail.com<mailto:dhampsh...@gmail.com>] Sent: Wednesday, May 01, 2013 8:09 PM To: NT System Admin Issues Subject: Re: The list? Is Schrodenger's cat subscribed to the list? On Tue, Apr 30, 2013 at 12:45 PM, Ben Scott mailto:mailvor...@gmail.com>> wrote: On Tue, Apr 30, 2013 at 12:29 PM, Ryan Finnesey mailto:r...@finnesey.com>> wrote: > I hate to jinks it but it seem the list is still up and running? No. We're all a figment of your imagination. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: The list?
You didn't get the memo? http://myitforum.com/myitforumwp/services/email-lists/ Thanks Webster > -Original Message- > From: Charles Figueiredo [mailto:ist...@intsolcan.com] > Sent: Wednesday, May 01, 2013 3:41 PM > To: NT System Admin Issues > Subject: RE: The list? > > On Wed, 1 May 2013 20:20:12 +, Ryan Finnesey wrote: > > >I am still getting mail from the list. Maybe it is a back log. > > Is there a replacment? > > Regards, > Charles > > > >Cheers > >Ryan > > > >From: David Lum [mailto:david@nwea.org] > >Sent: Wednesday, May 1, 2013 4:06 PM > >To: NT System Admin Issues > >Subject: RE: The list? > > >Nope it went away April 30th. > > >From: James Kerr [mailto:cluster...@gmail.com] > >Sent: Wednesday, May 01, 2013 1:01 PM > >To: NT System Admin Issues > >Subject: Re: The list? > > >is this thing still on? > > >On Wed, May 1, 2013 at 9:52 AM, Jonathan Link > mailto:jonathan.l...@gmail.com>> wrote: > >At the rate it delivers messages, I expect it will happen sometime > next year. > > > >On Wednesday, May 1, 2013, Steven M. Caesare wrote: > >The listserv is still processing the list-deletion request. > > >-sc > > >From: John Cook [mailto:john.c...@pfsf.org] > >Sent: Wednesday, May 1, 2013 9:14 AM > >To: NT System Admin Issues > >Subject: RE: The list? > > > > >And so the first of a new month has come and the list still exists - > I think we've been hornswaggled! > > > > > John W. Cook > > >Network Operations Manager > > >Partnership For Strong Families > > >5950 NW 1st Place > > >Gainesville, Fl 32607 > > >Office (352) 244-1610 > > >Cell (352) 215-6944 > > >MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 > > > > >From: Ryan Finnesey [mailto:r...@finnesey.com] > >Sent: Tuesday, April 30, 2013 12:49 PM > >To: NT System Admin Issues > >Subject: Re: The list? > > > > >True I should lean to read a calendar > > >Sent from my iPad mini > > >On Apr 30, 2013, at 12:39 PM, "John Cook" <mailto:john.c...@pfsf.org>> wrote: > > >We haven't hit the end of the month yet. > > > > > John W. Cook > > >Network Operations Manager > > >Partnership For Strong Families > > >5950 NW 1st Place > > >Gainesville, Fl 32607 > > >Office (352) 244-1610 > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > >--- > >To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > <mailto:listmana...@lyris.sunbeltsoftware.com> > >with the body: unsubscribe ntsysadmin > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > >--- > >To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > <mailto:listmana...@lyris.sunbeltsoftware.com> > >with the body: unsubscribe ntsysadmin > > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > >--- > >To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > <mailto:listmana...@lyris.sunbeltsoftware.com> > >with the body: unsubscribe ntsysadmin > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > >--- > >To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > <mailto:listmana...@lyris.sunbeltsoftware.com> > >with the body: unsubscribe ntsysadmin > > >~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > >~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > >--- > >To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > >or send an email to listmana...@lyris.sunbeltsoftware.com > >with the body: unsubscribe ntsysadmin > > > Regards, > Charles > > --- >Charles Figueiredo PhD >Integrated Solutions - Enhancing Small Business Systems > --- > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: The list?
It is or is it? Thanks Webster From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Tuesday, April 30, 2013 2:30 PM To: NT System Admin Issues Subject: Re: The list? But it is webscale. On Tuesday, April 30, 2013, James Rankin wrote: It's a new feature - manual mirroring. In that you post the same stuff to both. On 30 April 2013 18:05, Stringham, Steven mailto:sstri...@lrlaw.com>> wrote: Yes, but does it automatic failover? Is it load balanced? From: kz2...@googlemail.com<mailto:kz2...@googlemail.com> [mailto:kz2...@googlemail.com] Sent: Tuesday, April 30, 2013 9:38 AM To: NT System Admin Issues Subject: Re: The list? We now have list redundancy Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: Ryan Finnesey mailto:r...@finnesey.com>> Date: Tue, 30 Apr 2013 16:29:46 + To: NT System Admin Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>> ReplyTo: "NT System Admin Issues" mailto:ntsysadmin@lyris.sunbelt-software.com>> Subject: The list? I hate to jinks it but it seem the list is still up and running? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin For more information about Lewis and Roca LLP, please go to www.lewisandroca.com<http://www.lewisandroca.com/>. Phoenix (602)262-5311 Reno (775)823-2900 Tucson (520)622-2090 Albuquerque (505)764-5400 Las Vegas (702)949-8200 Silicon Valley (650)391-1380 This message is intended only for the use of the individual or entity to which it is addressed. If the reader of this message is not the intended recipient, or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this message is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the sende -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: So where is this new list signup?
Link is here: http://myitforum.com/myitforumwp/services/email-lists/ Thanks Webster > -Original Message- > From: Michael Leone [mailto:oozerd...@gmail.com] > Sent: Monday, April 29, 2013 10:06 AM > To: NT System Admin Issues > Subject: So where is this new list signup? > > The list is moving, right? (I don't get to read it every day, so I probably > missed > something). So do I need to go and sign up for the new home of the list, or > will I be migrated over as an existing user? > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: ALERT : NTSYSADMIN LIST MIGRATION
I can always get email no matter where I am or what customer I am doing work for. Need to access a website to get forum "stuff"? Not gonna happen in a lot of places. Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Saturday, April 27, 2013 6:56 PM > To: NT System Admin Issues > Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION > > To my mind, it's all the difference... > > Email comes to me. I see it all in my inbox, and can read and respond at > leisure, and it all works as a normal email conversation. > > I have to go to web forums. Each one has a different interface and ways of > working. > > Definitely prefer email. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: _Lumina_822_phone
Aren’t you supposed to be planning MMS 2014? Thanks Webster From: rodtr...@myitforum.com [mailto:rodtr...@myitforum.com] Sent: Saturday, April 27, 2013 2:39 PM To: NT System Admin Issues Subject: Re: _Lumina_822_phone ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: _Lumina_822_phone
I hear there is an excellent university in your town. :) Thanks Webster From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Saturday, April 27, 2013 10:44 AM To: NT System Admin Issues Subject: RE: _Lumina_822_phone Actually, I'm just looking for education. :) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Need to create a csv through Powershell/Exchange Shell
MBS posted an article that I believe is the follow-up to this thread. http://theessentialexchange.com/blogs/michael/archive/2013/04/26/reporting-on-primary-and-secondary-smtp-addresses-on-exchange-objects.aspx Thanks Webster From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Monday, April 22, 2013 11:22 AM To: NT System Admin Issues Subject: RE: Need to create a csv through Powershell/Exchange Shell All you need to do is update the LDAP query filter. You can see what you need to do for that, here: http://theessentialexchange.com/blogs/michael/archive/2012/01/17/sending-an-email-to-users-whose-password-is-about-to-expire-a-powershell-rewrite.aspx From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov] Sent: Monday, April 22, 2013 11:29 AM To: NT System Admin Issues Subject: RE: Need to create a csv through Powershell/Exchange Shell Michael, That worked magnificently. Thank you. I would prefer the "teach to fish" approach as well, but I really appreciate the help. There's some tweaking that I'd like to do to it, to filter out disabled accounts, but I'll just play with it on my own. From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, April 19, 2013 2:50 PM To: Heaton, Joseph@Wildlife; NT System Admin Issues Subject: RE: Need to create a csv through Powershell/Exchange Shell I GREATLY prefer the "teach a man to fish" paradigm, but to do this one properly requires some fairly in-depth knowledge of the AD PowerShell module and how Exchange stores information in AD. To do it efficiently needs an LDAP search and using a filter in PowerShell. So that it can be exported properly, the output needs to be simple objects (not complex), but not just strings. Oh, and since it can't be guaranteed that FirstName, LastName are unique, it also includes the sAMAccountName (unique in any given domain). So I wrote this one. And will blog it. :P I had the various pieces already (yay, for code re-use!). Adjust $secondaryDomain as a parameter, or in the source; as meets your needs. You can Export-Csv or Export-CliXML to your heart's content. :) Param( [string]$secondaryDomain = "@TheEssentialExchange.com", [int]$secondaryDomainLen = $secondaryDomain.Length ) filter strip-Addresses { $proxies = $_.proxyAddresses $primary = "" $secondary = "" $object = "" | Select GivenName, Surname, sAMAccountName, PrimarySmtp, SecondarySmtp $object.GivenName = $_.GivenName $object.SurName= $_.SurName $object.sAMAccountName = $_.sAMAccountName foreach( $proxy in $proxies ) { $len = $proxy.Length ## note: "SMTP:".Length == 5 ## note: The primary SMTP address has a CAPITALIZED "SMTP:" prefix ## all secondary SMTP addresses have a lowercase "smtp:" prefix ## note: any interesting secondary proxy address will be longer than ## "SMTP:".Length + $secondaryDomainLen if( $len -gt 5 ) { $prefix = $proxy.SubString( 0, 5 ) $temp = $proxy.SubString( 5 ) ##strip off "smtp:", if present if( $prefix -ceq "SMTP:" ) { $primary = $temp if( $secondary.Length -gt 0 ) { break ## we have both primary and secondary, ## we don't need to look any more } } elseif( $prefix -ceq "smtp:" -and $len -gt ( 5 + $secondaryDomainLen ) ) { if( $temp.EndsWith( $secondaryDomain ) ) { $secondary = $temp if( $primary.Length -gt 0 )
RE: ALERT : NTSYSADMIN LIST MIGRATION
Wow, a 402. The last mainframe shop I worked in (mid 80s) still used the IBM 402 autocoder emulator for the mainframe series we were using. It was still in use when I left in 1987. Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Friday, April 26, 2013 12:53 PM > To: NT System Admin Issues > Subject: Re: ALERT : NTSYSADMIN LIST MIGRATION > > Apropos age on this thread > > > http://www.chron.com/news/article/Conroe-company-still-using- > computers-museums-want-4459714.php Wow, a 402. The last mainframe shop I worked in (mid 80s) still used the IBM 402 autocoder emulator for the mainframe series we were using. It was still in use when I left in 1987. Thanks Webster ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Virtualization
DOH! You went there, ouch! I thought only I had the nerve to do that. Thanks Webster From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Friday, April 26, 2013 8:05 AM To: NT System Admin Issues Subject: RE: Virtualization I have a PDF on my SAN somewhere that addresses this.. I'll send it with my Linux email client. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: ALERT : NTSYSADMIN LIST MIGRATION
Do we need to do something? Thanks Webster From: s...@knowbe4.com [mailto:s...@knowbe4.com] Sent: Thursday, April 25, 2013 1:45 PM To: lyris.sunbelt-software.com Subject: ALERT : NTSYSADMIN LIST MIGRATION Hi All, You are invited to the new NTSYSADMIN list hosted by KnowBe4. This replaces the Lyris list hosted by Sunbelt Software / GFI, which will shut down at the end of this month. GFI will confirm this with a separate message. I will continue to moderate the NTSYSADMIN list from KnowBe4. Warm regards, Stu ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Startup processes
MBS has a test-ping function here: http://theessentialexchange.com/blogs/michael/archive/2012/04/10/enumerating-networks-and-building-routes-with-powershell.aspx Thanks Webster From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, April 25, 2013 9:11 AM To: NT System Admin Issues Subject: RE: Startup processes If you need powershell "ping", let me know. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Startup processes
All of that can be done with PowerShell and Test-Connection. Thanks Webster From: James Rankin [mailto:kz2...@googlemail.com] Subject: Re: Startup processes I do love a bit of batch scripting :-) Unfortunately I can only use JScript (!), VBScript or PowerShell in my console, but it could be adapted with a bit of time and effort. If nothing simpler turns up, it'll definitely be something like this I will use. On 25 April 2013 14:23, Kennedy, Jim mailto:kennedy...@elyriaschools.org>> wrote: " The other problem I've got is looping the routine enough to give it time for the network to connect" :START PING -n 1 192.168.1.1|find "Reply from " >NUL IF NOT ERRORLEVEL 1 goto :SUCCESS IF ERRORLEVEL 1 goto :FAIL :FAIL ping 192.0.2.2 -n 1 -w 1 > nul (or some other non-existent address, will wait for 10 seconds) goto :START :SUCCESS Run your process :END Might want to add a counter in there, so it exits after a certain number of tries. Set the whole thing as a startup scheduled task. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Startup processes
See if this can help lead you in the proper direction for more research. http://social.technet.microsoft.com/wiki/contents/articles/11341.the-windows-7-boot-process-sbsl.aspx Thanks Webster > -Original Message- > From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] > Sent: Thursday, April 25, 2013 7:12 AM > To: NT System Admin Issues > Subject: Startup processes > > On a Windows system, is there a process that runs on startup that will only > run if there is network connectivity present? I've got a strange requirement > and I need to be able to tell when the network is available, if possible. > > TIA, > > > JR > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: http://lyris.sunbelt- > software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Startup processes
A lot of us Disable the Computer Browser service on non domain controllers unless it is absolutely necessary to have it running. Thanks Webster From: Guyer, Don [mailto:dgu...@che.org] Sent: Thursday, April 25, 2013 8:33 AM To: NT System Admin Issues Subject: RE: Startup processes How about a Service starting up, like Workstation or Computer Browser? From: James Rankin [mailto:kz2...@googlemail.com] Sent: Thursday, April 25, 2013 9:17 AM To: NT System Admin Issues Subject: Re: Startup processes I probably could.just I have a built-in Process Started trigger so it would have been easier if there was a particular process that couldn't exist without network connectivity. The other problem I've got is looping the routine enough to give it time for the network to connect, if it's going to. Again, trigger by process would be so much simpler, but if it's not possible, I will have to look at a scripted routine. On 25 April 2013 14:12, Joseph L. Casale mailto:jcas...@activenetwerx.com>> wrote: If you can query for the process, can you not query the network? Lookup the gateway and ping it... From: kz2...@googlemail.com<mailto:kz2...@googlemail.com> Sent: Thursday, April 25, 2013 6:11 AM To: NT System Admin Issues Subject: Startup processes On a Windows system, is there a process that runs on startup that will only run if there is network connectivity present? I've got a strange requirement and I need to be able to tell when the network is available, if possible. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: As we're becoming a PowerShell-focused list :-)
FYI, from what MBS did for my Word based scripts: #find out our session (usually "1" except on TS/RDC or Citrix) $SessionID = (Get-Process -PID $PID).SessionId #Find out if winword is running in our session [bool]$wordrunning = ((Get-Process 'WinWord' -ea 0)|?{$_.SessionId -eq $SessionID}) -ne $null if ($wordrunning) { Write-Host "Please close all instances of Microsoft Word before running this report." exit } Thanks Webster From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, April 24, 2013 4:29 AM To: NT System Admin Issues Subject: As we're becoming a PowerShell-focused list :-) Any idea how I would go about extracting the SessionId from PowerShell? By SessionId I mean the one that you see in tasklist and query session? I've tried messing about with Get-XaSession which is a Citrix PS cmdlet but the output is so long from this, I can't help but think I must be missing an easier way to output what I'm looking for which is probably sitting right under my nose. TIA, -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk<http://appsensebigot.blogspot.co.uk/> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Very weird file rename issue
That's because it is always cloudy where you live. :) Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Tuesday, April 23, 2013 3:06 PM To: NT System Admin Issues Subject: Re: Very weird file rename issue Reminds me why I hate the Offline Files feature - generally naff. Wherever its possible, if the functionality is needed I try to replace it with some cloudy sorta solution. Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: Webster mailto:webs...@carlwebster.com>> Date: Tue, 23 Apr 2013 19:59:28 + To: NT System Admin Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>> ReplyTo: "NT System Admin Issues" mailto:ntsysadmin@lyris.sunbelt-software.com>> Subject: RE: Very weird file rename issue Is this it? http://support.microsoft.com/kb/953945 Thanks Webster From: Damien Solodow [mailto:damien.solo...@harrison.edu] Subject: Very weird file rename issue I've encountered a very odd issue around renaming files on a network drive. The file is in the user's redirected "My Documents", and they are the owner of said file and have Full Control for it in the NTFS permissions. When they try to rename the file to replace a lowercase letter with the same letter in uppercase, they get a message that says "You need permission to perform this action. You require permission for OUR_DOMAIN\Their.username to make changes to this file." However, if they rename the file and replace that letter with something different, it's fine. So for example, the file is called 'firstName.txt' and they try to rename it to 'FirstName.txt' it will throw the error. But if they rename it to 'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and it's fine. The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem to matter what the file type is (text, WordDoc, etc), and doesn't happen on local drives. Anyone seen this oddity before? ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Very weird file rename issue
Is this it? http://support.microsoft.com/kb/953945 Thanks Webster From: Damien Solodow [mailto:damien.solo...@harrison.edu] Subject: Very weird file rename issue I've encountered a very odd issue around renaming files on a network drive. The file is in the user's redirected "My Documents", and they are the owner of said file and have Full Control for it in the NTFS permissions. When they try to rename the file to replace a lowercase letter with the same letter in uppercase, they get a message that says "You need permission to perform this action. You require permission for OUR_DOMAIN\Their.username to make changes to this file." However, if they rename the file and replace that letter with something different, it's fine. So for example, the file is called 'firstName.txt' and they try to rename it to 'FirstName.txt' it will throw the error. But if they rename it to 'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and it's fine. The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem to matter what the file type is (text, WordDoc, etc), and doesn't happen on local drives. Anyone seen this oddity before? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Some interesting thoughts about network security
"A company going and buying 40,000 iPads isn't BYOD" A lot of companies (mis)use the term BYOD anytime mobile or portable devices are used even if the company buys the devices. The project I am on now, the CIO uses BYOD for the project even though the company will purchase the phones, iPads and Surface Pros. The company that bought the 40,000 iPads considered it their "BYOD Initiative". Thanks Webster From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday, April 16, 2013 7:24 PM To: NT System Admin Issues Subject: RE: Some interesting thoughts about network security Some thoughts on this: - A company going and buying 40,000 iPads isn't BYOD. Corps have been buying phones (e.g. Blackberries), laptops and tablets for staff for a long time. If the corp is providing it, it's not BYOD - The concept of remote VDI isn't new. That said I don't think it'll fly in many financial institutions outside retail banking in the short term. IME the type of work that needs to be done in wealth management, investment and institutional banking is very different to tellers working out in branches in retail banking. Retail banking's been dominated by thin clients for a long time (fixing thick client PCs out in suburbia or out in the country is support PITA). Not to say there isn't some scope to pull some apps back to a centralised location for wealth/institutional/investment, but there are other things (like Bloomberg terminals, Reuters feeds etc.) where the underlying network required and the physical kit, is going to result in stuff sitting on people's desks. - BYOD + remote VDI is becoming more popular, but I just don't think (in the short term) that it's going to dominate banks. There's simply too many issues still around (e.g. what to do when the employee's machine breaks down) that there aren't clear-cut best-practise answers to. Whilst I see people trialling things, I don't think the evidence is in yet on whether it's a good idea or not. I think it'll be another 3-5 years before we have enough data on whether it's sustainable and economic. - Compliance/Risk depts. Have issues around a central infrastructure providing the entire service: the cost providing a full redundant, HA, platform for a small trading office with 10-20 staff kinda crimps this initiative. And a non-redundant, non-HA setup will not fly because the bank is unable to consolidate and report its overall risk position to regulators. - The other stuff (like his networking proposals), I think is just silly. He obviously knows his Citrix stuff well. But maybe that's where he should stick to - get networking and security guys to help paint the rest of the picture. Cheers Ken ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Dropsmack Malware C&C via Dropbox
James, It is very hard for a Brit to recall anything after spending all night at the pub watching what you call "football". :) Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, April 17, 2013 9:58 AM To: NT System Admin Issues Subject: Re: Dropsmack Malware C&C via Dropbox I was wondering what you were replying to till I realized it was something I sent...but I don't remember sending it. Then I saw the sending time of 4.47am. I must have woken up, looked at the time on my phone and replied to an email as well. Strange I don't recall it! On 17 April 2013 14:32, Ziots, Edward mailto:ezi...@lifespan.org>> wrote: Agreed, same solution I am using, does the same function and if there is any blocks, its dealt with quickly before going live. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Endpoint backups
What is there to backup that is not in a centralized location backed up by a centralized backup system? Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: David Lum [mailto:david@nwea.org] Sent: Wednesday, April 17, 2013 9:57 AM To: NT System Admin Issues Subject: Endpoint backups Do any of you guys back up all your endpoints/PC's? We're trying to do that via Tivoli but troubleshooting clients is a major PITA. It seems to be ok 90% of the time, but the broken ones seem to take forever to find and repair, and it's not easy to automate resetting the password at the client PC without interaction on the client/endpoint side. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PowerShell noob help
"Ask Web about the things I've shown him the last year" How about just in the last three weeks!!! :) Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Michael B. Smith [mailto:mich...@smithcons.com] Subject: RE: PowerShell noob help Start-Process gives you complete control over executing a separate task. If you don't need complete control, but just the text output, you don't need to do anything. $result = CTXCliOS.exe ^ | find "ClientOS" You can make it more PowerShell, if you want, but there isn't much value in doing so. (If you want to start talking about into making it an "Enterprise Class" script, then that changes things dramatically. Ask Web about the things I've shown him the last year.) :) From: James Rankin [mailto:kz2...@googlemail.com] Subject: PowerShell noob help I've got a batch script I've been using for a while to identify the flavour of client connecting to a XenApp or XenDesktop session. It uses an executable called CTXCliOS.exe Basically this is the batch for /f "tokens=2 delims==" %%a in ('CTXCliOS.exe ^| find "ClientOS"') do set ClientOS=%%a& call :SET goto :eof :SET reg add HKCU\Software\Custom /v ClientOS /t REG_SZ /d %ClientOS% /f goto :eof I'm sure you get the picture. What I'm wondering is what format do I use to convert this to PowerShell (which will avoid having to invoke a separate command script file)? What's the command to call an outside executable (I can't seem to dig it up, but I am on a network where just about every helpful site is blocked by the web filter, so don't be too hard on me, please!) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Some interesting thoughts about network security
Most of the projects I work on are in the financial and healthcare sectors. 100% of them are doing BYOD. These are some of the largest companies in their respective industries. One healthcare related company just bought 40,000 iPads for their sales force. Where I am now they have 30,000 people using Citrix XenApp and are scaling up a XenDesktop project to 11,000 users. They are supporting almost every kind of device imaginable: iPhone, iPad, Androids, Surface, Mac OSX, Win7, etc. Brian Madden is a recognized name and thought leader in this space. But as a thought leader, his goal is to make you think. Think about the ways users are getting around IT (I see it daily at my current project), think about how IT really does not and cannot control every device. Back when Brian was in the trenches doing designs and installs, he designed and built some of the world's largest TS/RDS/XenApp environments. He does know his stuff. I think he is trying to stretch IT's way of thinking and can be considered more of a provocateur now. What we did in IT 5 or 10 years ago may not work with today's users and how they work and or want or need to access company data. Just my $0.02US worth Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Jon Harris [mailto:jk.har...@live.com] Sent: Monday, April 15, 2013 9:46 PM To: NT System Admin Issues Subject: RE: Some interesting thoughts about network security One of the things I saw in the article was part of his reasoning on this was the BYOD movement. I know a lot of places are looking at this and some have even gone for it but if it was a financial firm or a health care provider I don't know if I would want to do business with them. BYOD just opens too many cans of worms for me to feel comfortable with those firms doing that. IF they were using something like VDI or Citrix like work interface I would only be marginally comfortable. I don't see that happening unless a company really looks at where the data is stored and the risk of that data getting "lost" to parties unknown. From all that I am seeing it is more management wanting to push the cost of the workers hardware to the worker and little else is taken into account until they get bit hard and are faced with lawsuits due to their lack of use of their brains. Jon From: k...@adopenstatic.com<mailto:k...@adopenstatic.com> To: ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com> Subject: RE: Some interesting thoughts about network security Date: Tue, 16 Apr 2013 00:33:16 + My thoughts: a) "One size fits all" solutions simply don't fit most organisations. Some e.g.: a.(e.g. "you support users connecting from home today", so obviously you can obviously scale to support the entire organisation doing the same at work, or b. "give each user their own VLAN" - yeah, we'll create 100,000 VLANs - imagine maintaining the FWs, routers, and how much more complex user provisioning and de-provisioning is going to be. What happens when users move between buildings? Telcos can make this happen, but telcos are in the networking business. b) Treating wireless users as "external" and then making them VPN in isn't new - that's been the thinking for 20 years. It was "start of the art" maybe in 2000, but it's not now c) I know Microsoft was arguing for the "hard core" and "soft shell" since circa 2006 or so - so even that's now new. However I disagree that there should be one boundary (around the data centre) and we ignore everything else. Obviously Brian doesn't understand how large organisations (and I'm guessing other sizes as well - I don't have that much experience) work. Most banks (for example) are stuffed full of "knowledge workers" that depend on data being on their client PCs. For example I've seen reconciliations in a large institutional bank being run on over 2,000 excel spreadsheets due to lack of straight through processing between diverse systems. You can treat them as being "on the internet", but that's too difficult to do in practise with granularity. If you make them VPN in, you end up giving them wide-open access anyway. So why not just use 802.1x to guard your physical (including WiFi) access? Surely 802.1x is easier and cheaper to deploy than catering for 100,000+ VPN connections? This looks like just another "magic bullet" - simple solution to a complex problem that only works in simple (i.e. small) environments. Cheers Ken From: James Rankin [mailto:kz2...@googlemail.com] Sent: Monday, 15 April 2013 10:24 PM To: NT System Admin Issues Subject: Some interesting thoughts about netwo
RE: Prevent IE 10 install in SCE/SCCM
"I do not see it when I search All Updates." Thanks Webster From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, April 12, 2013 8:45 AM To: NT System Admin Issues Subject: RE: Prevent IE 10 install in SCE/SCCM You can't right click the update in SCE and hit decline? From: Tom Miller [mailto:tominyorkt...@gmail.com] Sent: Friday, April 12, 2013 9:42 AM To: NT System Admin Issues Subject: Re: Prevent IE 10 install in SCE/SCCM Funny I was reading that before I sent my inquiry. I was hoping to be able to do it in SCE. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Query help
Error checking? If errorlevel ... Logging? Dsmod > error.log Sheez, some people! Do I need to go slower? :) Thanks Webster From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, April 11, 2013 6:43 PM To: NT System Admin Issues Subject: RE: Query help Do you want error checking? Do you want logging? You know by now - writing an enterprise quality script is a heck of a lot more effort than just putting in the commands that "should" do the job. :) From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, April 11, 2013 7:27 PM To: NT System Admin Issues Subject: RE: Query help Can't you do all that with a few lines of dsadd group, dsmod group -c and some dsquery? Just asking. Thanks Webster From: Michael B. Smith [mailto:mich...@smithcons.com] Subject: RE: Query help PowerShell? :) This sounds like a great thing for me on which to write a blog post. I'll do so tonight. To do this efficiently, you have to combine the usage of Exchange and AD cmdlets. The basic process is: Does group already exist? No - create it Yes - remove all members Get list of members to add Add the list of members From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov] Subject: Query help I've recently created a Org_all distribution group. Somehow, I must have not added myself to it, as I didn't get a message from our Director this morning. But, that brought up the thought that I need to make sure everyone is a member of that distribution group. With 3000 users, I don't want to do it manually. Any ideas? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Query help
Can't you do all that with a few lines of dsadd group, dsmod group -c and some dsquery? Just asking. Thanks Webster From: Michael B. Smith [mailto:mich...@smithcons.com] Subject: RE: Query help PowerShell? :) This sounds like a great thing for me on which to write a blog post. I'll do so tonight. To do this efficiently, you have to combine the usage of Exchange and AD cmdlets. The basic process is: Does group already exist? No - create it Yes - remove all members Get list of members to add Add the list of members From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov] Subject: Query help I've recently created a Org_all distribution group. Somehow, I must have not added myself to it, as I didn't get a message from our Director this morning. But, that brought up the thought that I need to make sure everyone is a member of that distribution group. With 3000 users, I don't want to do it manually. Any ideas? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Google Drive
I thought it was a piece of crap and stopped using it. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, April 10, 2013 6:38 AM To: NT System Admin Issues Subject: Google Drive Anyone else using Google Drive and think it is a bit rubbish in general? I regularly get sync failures, errors in the software, and if I go to the online version and try to empty the Trash folder, everything simply reappears as soon as I delete it. I've been using it with Portable Apps and recently all my Firefox bookmarks just disappeared, so I am beginning to think it might not be really fit for purpose. Anyone else had similar issues, or got any feedback to report? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Windows DNS scavenging..
LOL, that is one of my three topics for my conference presentations this year. There are a lot of TechNet and MVP articles on the topics of DNS A&S, DHCP and what to do, how it works, scripts, etc. I am trying to figure out how to cover this topic and multiple site, multiple domain configurations and GPO & Loopback processing into a 75 minute presentation. I could easily spend 75 minutes on each. Plus I am also doing a PoSH session on my Citrix documentation scripts at each conference. Hope to meet James Rankin finally in London. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: David Lum [mailto:david@nwea.org] Sent: Monday, April 08, 2013 10:33 AM To: NT System Admin Issues Subject: Windows DNS scavenging.. Do you guys have it turned on? Have you seen any issues from it, any caveats? David Lum Sr. Systems Engineer // NWEATM Office 503.548.5229 // Cell (voice/text) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: If you use Skype
I am getting about 1 Skype request every 10 minutes today. I block and report each one. Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Saturday, April 06, 2013 9:13 AM > To: NT System Admin Issues > Subject: If you use Skype > > Watch out for this > http://arstechnica.com/security/2013/04/malware-spread-on-skype-taps- > victim-pcs-to-mint-bitcoins/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Outlook 2007 on Citrix attachment issue
Try the suggestions listed here: http://forums.citrix.com/message.jspa?messageID=1482411 Thanks Webster From: Tony Patton [mailto:apco...@gmail.com] Subject: Outlook 2007 on Citrix attachment issue Hi folks, We are using XenApp 6 and AppSense Environment Manager 8.2.206 on Server 2008R2 and have a weird issue with Outlook 2007. When users on a published desktop open an attachment then try to Save As, they get the following message: This operation has been cancelled due to restrictions in effect on this computer. [Inline images 1] When they click OK, they get directed to their home drive on the file server correctly (folder redirection is in place for My Documents). If they right-click the attachment in Outlook and choose Save As, there is no issue. The C: drive is locked down, hence the error message. We've tried setting the following registry key "HKCU\Software\Microsoft\Office\12.0\Outlook\Security\OutlookSecureTempFolder", and "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders\Personal" but still get the message. Any help with this issue would be greatly appreciated. Common sense would say to just use save as from Outlook, but you know how users are. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
RE: Just A Bunch of Noise, or The Beginning of The End?
I remember people saying the same thing about IBM "back in the day". IBM reinvented itself and is, IMO, stronger (at least net income wise) than before. Net Income trumps any stupid journalist or pundit. Thanks Webster From: Roger Wright [mailto:rhw...@gmail.com] Sent: Friday, April 05, 2013 10:19 AM To: NT System Admin Issues Subject: OT: Just A Bunch of Noise, or The Beginning of The End? http://usmarketbuzz.com/msft-microsoft-corporation-nasdaqmsft-will-grow-obsolete-by-2017-gartner-3206#<http://usmarketbuzz.com/msft-microsoft-corporation-nasdaqmsft-will-grow-obsolete-by-2017-gartner-3206> Roger Wright ___ "You can't believe most of the quotes you read on the internet." - Abraham Lincoln ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Office 365
For my one man shop I have been using it for close to 2 years. Other than brief outages, I have no issues. I moved my wife's email to O365 last year also. Thanks Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: itli...@imcu.com [mailto:itli...@imcu.com] Subject: Office 365 Anyone using this service yet? I am thinking about moving my Exchange off to them and getting the Office Pro Plus package? Just wondering about security and other questions but didn't know how to find an unbiased article on Google so far everything I have found is 2 years old and bashing Microsoft for every offering such a thing as cloud based email or apps??? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: virtualization question
"If it works via RDP, but not in a shared TS environment, then I'd probably see about getting multiple VMs running as targets for RDP." You mean, GASP!, VDI??? Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Friday, March 22, 2013 3:22 PM > To: NT System Admin Issues > Subject: Re: virtualization question > > On Fri, Mar 22, 2013 at 10:58 AM, Stephen Holtz > wrote: > > > > Ok, another newbie to the world of virtualization here. I have a POS > > (point of sale) program that I want to be able to be accessed by iPads > > using a RDP client. However, I would like to put multiple instances > > of the program on a server so that each iPad can access the POS > > program and keep it open during service. Any help even a starting point > would be helpful. > > > > > > > > TIA, > > > > Questions... > > o- Is this a new POS program, or is it currently in use elsewhere? > o- If it's currently in use, what are the back end and front end platforms - > Windows, *nix? > > If it's currently in use, and has a Windows front end client, you shoud > probably talk withe the vendor regarding whether it plays nice on a TS server, > or whether it will play nice with RDP. > > If they don't know, then I'd explore whether it works via RDP first, and then > test to see if you can make it run in a Windows VM, and then test an install > on a TS server. > > If it works via RDP, but not in a shared TS environment, then I'd probably see > about getting multiple VMs running as targets for RDP. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: virtualization question
Essentials and Fundamentals are dead products. There is no version for XenApp 6.5. The last one was Fundamentals based on XenApp 6.0 and I wouldn’t wish XenApp 6.0 even on Shooky Baby. ☺ Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Friday, March 22, 2013 2:56 PM To: NT System Admin Issues Subject: Re: virtualization question There's a Citrix Receiver for iPads - this might be a situation for XenApp Essentials or Fundamentals or whatever its called (Web, please clarify) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: virtualization question
There are RDP clients for the iPad. Some free, some not, some good, some not. Thanks Webster From: Maglinger, Paul [mailto:pmaglin...@scvl.com] Subject: RE: virtualization question You’re wanting to run multiple VM servers on a single host, one for each iPad, and then RDP into that VM using the iPad? The multiple VMs are feasible, and accessing from RDP is certainly possible. I don’t know about a RDP client for iPads though. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Space and Beyond:
Did xkcd count the Star Trek movie in the # of time Voyager I left the solar system? Thanks Webster From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, March 22, 2013 10:10 AM To: NT System Admin Issues Subject: Space and Beyond: http://articles.latimes.com/2013/mar/20/science/la-sci-voyager-20130321 http://xkcd.com/1189/ Read them in any order :) Hope you enjoy... (Voyager has computers, in case you're wondering) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: RT devices?
Not RT but the project I am on, the IT virtual desktop team is testing the Pro device and they love them. They prefer them to the iPads. I can't provide any specifics as that is not the part of the project I am working on. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Ryan Finnesey [mailto:r...@finnesey.com] Sent: Tuesday, March 19, 2013 11:42 PM To: NT System Admin Issues Subject: RT devices? I am curious to know if anyone is thinking or has deployed RT devices to their end users. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CSG 3.2 and Presenatation 4.5
Glad to help. Thanks Webster From: Sean Martin [mailto:seanmarti...@gmail.com] Subject: Re: CSG 3.2 and Presenatation 4.5 I agree 100%, I just didn't catch the link to the readme when I read the article the first time. I'll test it out and let you know how it goes. Thanks a ton for putting this together. - Sean ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CSG 3.2 and Presenatation 4.5
Very thorough if you ask me. https://dl.dropbox.com/u/43555945/XA5_InventoryReadMe.rtf BTW, I had a guy email me yesterday saying my new scripts need to do A, B, C, D and E. I told him to look at the help text. Everything he asked for the script does if he had just looked at the help text. Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Friday, March 15, 2013 12:06 PM To: NT System Admin Issues Subject: Re: CSG 3.2 and Presenatation 4.5 You will need the XenApp PS extensions loaded and the Policies module as well. I think Web's documentation is quite thorough. I normally run it from a XA server but not sure whether its a pre-requisite. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CSG 3.2 and Presenatation 4.5
XenApp 5 (PS45) PoSH cmdlets have no built-in support for remoting like XenDesktop or XenApp 6.5 does. So you have two choices. One, get PoSH remoting working and run the script from the remote session. Two, run the script from a controller that has Word 2007+ installed. Ok third choice, run the V1 script that doesn't use Word. Thanks Webster From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Friday, March 15, 2013 11:51 AM To: NT System Admin Issues Subject: Re: CSG 3.2 and Presenatation 4.5 Forgive the seemingly stupid question, but is this intended to be run from a XenApp server? I was looking for instructions that would highlight how I can run it against our test farm prior to our production farm. - Sean On Fri, Mar 15, 2013 at 7:01 AM, Webster mailto:webs...@carlwebster.com>> wrote: BTW, someone wrote an excellent script to document the XenApp 5 (PS45) Farm. :) If you want to leave the customer with a document that will garner you high praise you should use the script. http://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/ http://carlwebster.com/documenting-a-citrix-xenapp-5-farm-with-microsoft-powershell-and-word-version-2/ Thanks Webster From: Greg Sweers [mailto:gswe...@acts360.com<mailto:gswe...@acts360.com>] Sent: Friday, March 15, 2013 9:47 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Thank you Sir. That is good info. To get fully up to speed on this, not expert mind you but good enough. What materials would you suggest to read. Greg Sweers CEO ACTS360.com<http://www.acts360.com/> P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-644-3479 Cell 813-644-3476 Fax From: Webster [mailto:webs...@carlwebster.com] Sent: Friday, March 15, 2013 9:51 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 I have LOTS of customers who run CSG internally. Some require that all traffic is encrypted and they also have a Citrix policy that says everyone uses RC5 128-bit ICA Encryption. I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 (http://support.citrix.com/article/CTX133095). That is also more than likely the last version of CSG. I would also make sure you are running Web Interface 5.4.2 since it addresses known security vulnerabilities. http://support.citrix.com/article/CTX130660 This is also the last version of Web Interface. If this is PS4.5 on Server 2003, just make sure your customer knows that on March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS. I would recommend Hotfix Rollup Pack 7. http://support.citrix.com/article/CTX127926 Just make sure you read the prereqs first. Once you install HRP7, install the following updates: http://support.citrix.com/article/CTX133359 (security fix) http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5 install before the next fix) http://support.citrix.com/article/CTX126734 (Delivery Services Console 4.7.2, install after the previous update) While you are updating stuff to get them all current, I would also upgrade to License Server 11.10 for Windows since it no longer uses IIS. https://www.citrix.com/downloads/licensing/license-server.html You will need to take 1 minute to return your current license file and download a new license file that is formatted for 11.10. This will not affect any currently logged in users. This should get you all up-to-date for all the dead products your customer is using. Thanks Webster From: Ken Cornetet [mailto:ken.corne...@kimball.com] Sent: Friday, March 15, 2013 8:04 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Why would you run CSG internally? I run a Xenapp 5 farm with just a web interface for internal users. External users come through a different CSG/WI box in the DMZ. From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Monday, March 04, 2013 2:41 PM To: NT System Admin Issues Subject: CSG 3.2 and Presenatation 4.5 We have a client who their internal guy just left and he basically maintained a Citrix Farm on Xenapp 4.5 with CSG 3.2 They have asked us to take a look and fix a few things. I renewed their SSL cert which is running under their own PKI infrastructure, but the CSG service is disabled and the whole things is running through IIS. They can login and everything works, but I have never seen that configuration before. Usually the SSL on IIS is running 444 and the CSG runs 443. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsof
RE: CSG 3.2 and Presenatation 4.5
BTW, someone wrote an excellent script to document the XenApp 5 (PS45) Farm. :) If you want to leave the customer with a document that will garner you high praise you should use the script. http://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/ http://carlwebster.com/documenting-a-citrix-xenapp-5-farm-with-microsoft-powershell-and-word-version-2/ Thanks Webster From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Friday, March 15, 2013 9:47 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Thank you Sir. That is good info. To get fully up to speed on this, not expert mind you but good enough. What materials would you suggest to read. Greg Sweers CEO ACTS360.com<http://www.acts360.com/> P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-644-3479 Cell 813-644-3476 Fax From: Webster [mailto:webs...@carlwebster.com] Sent: Friday, March 15, 2013 9:51 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 I have LOTS of customers who run CSG internally. Some require that all traffic is encrypted and they also have a Citrix policy that says everyone uses RC5 128-bit ICA Encryption. I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 (http://support.citrix.com/article/CTX133095). That is also more than likely the last version of CSG. I would also make sure you are running Web Interface 5.4.2 since it addresses known security vulnerabilities. http://support.citrix.com/article/CTX130660 This is also the last version of Web Interface. If this is PS4.5 on Server 2003, just make sure your customer knows that on March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS. I would recommend Hotfix Rollup Pack 7. http://support.citrix.com/article/CTX127926 Just make sure you read the prereqs first. Once you install HRP7, install the following updates: http://support.citrix.com/article/CTX133359 (security fix) http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5 install before the next fix) http://support.citrix.com/article/CTX126734 (Delivery Services Console 4.7.2, install after the previous update) While you are updating stuff to get them all current, I would also upgrade to License Server 11.10 for Windows since it no longer uses IIS. https://www.citrix.com/downloads/licensing/license-server.html You will need to take 1 minute to return your current license file and download a new license file that is formatted for 11.10. This will not affect any currently logged in users. This should get you all up-to-date for all the dead products your customer is using. Thanks Webster From: Ken Cornetet [mailto:ken.corne...@kimball.com] Sent: Friday, March 15, 2013 8:04 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Why would you run CSG internally? I run a Xenapp 5 farm with just a web interface for internal users. External users come through a different CSG/WI box in the DMZ. From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Monday, March 04, 2013 2:41 PM To: NT System Admin Issues Subject: CSG 3.2 and Presenatation 4.5 We have a client who their internal guy just left and he basically maintained a Citrix Farm on Xenapp 4.5 with CSG 3.2 They have asked us to take a look and fix a few things. I renewed their SSL cert which is running under their own PKI infrastructure, but the CSG service is disabled and the whole things is running through IIS. They can login and everything works, but I have never seen that configuration before. Usually the SSL on IIS is running 444 and the CSG runs 443. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CSG 3.2 and Presenatation 4.5
Carlwebster.com of course! LOL Edocs.citrix.com and support.citrix.com are the two best and where I go (since I am one of the really weird ones who actually read product documentation). Thanks Webster From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Friday, March 15, 2013 9:47 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Thank you Sir. That is good info. To get fully up to speed on this, not expert mind you but good enough. What materials would you suggest to read. Greg Sweers CEO ACTS360.com<http://www.acts360.com/> P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-644-3479 Cell 813-644-3476 Fax From: Webster [mailto:webs...@carlwebster.com] Sent: Friday, March 15, 2013 9:51 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 I have LOTS of customers who run CSG internally. Some require that all traffic is encrypted and they also have a Citrix policy that says everyone uses RC5 128-bit ICA Encryption. I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 (http://support.citrix.com/article/CTX133095). That is also more than likely the last version of CSG. I would also make sure you are running Web Interface 5.4.2 since it addresses known security vulnerabilities. http://support.citrix.com/article/CTX130660 This is also the last version of Web Interface. If this is PS4.5 on Server 2003, just make sure your customer knows that on March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS. I would recommend Hotfix Rollup Pack 7. http://support.citrix.com/article/CTX127926 Just make sure you read the prereqs first. Once you install HRP7, install the following updates: http://support.citrix.com/article/CTX133359 (security fix) http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5 install before the next fix) http://support.citrix.com/article/CTX126734 (Delivery Services Console 4.7.2, install after the previous update) While you are updating stuff to get them all current, I would also upgrade to License Server 11.10 for Windows since it no longer uses IIS. https://www.citrix.com/downloads/licensing/license-server.html You will need to take 1 minute to return your current license file and download a new license file that is formatted for 11.10. This will not affect any currently logged in users. This should get you all up-to-date for all the dead products your customer is using. Thanks Webster From: Ken Cornetet [mailto:ken.corne...@kimball.com] Sent: Friday, March 15, 2013 8:04 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Why would you run CSG internally? I run a Xenapp 5 farm with just a web interface for internal users. External users come through a different CSG/WI box in the DMZ. From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Monday, March 04, 2013 2:41 PM To: NT System Admin Issues Subject: CSG 3.2 and Presenatation 4.5 We have a client who their internal guy just left and he basically maintained a Citrix Farm on Xenapp 4.5 with CSG 3.2 They have asked us to take a look and fix a few things. I renewed their SSL cert which is running under their own PKI infrastructure, but the CSG service is disabled and the whole things is running through IIS. They can login and everything works, but I have never seen that configuration before. Usually the SSL on IIS is running 444 and the CSG runs 443. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CSG 3.2 and Presenatation 4.5
I have LOTS of customers who run CSG internally. Some require that all traffic is encrypted and they also have a Citrix policy that says everyone uses RC5 128-bit ICA Encryption. I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 (http://support.citrix.com/article/CTX133095). That is also more than likely the last version of CSG. I would also make sure you are running Web Interface 5.4.2 since it addresses known security vulnerabilities. http://support.citrix.com/article/CTX130660 This is also the last version of Web Interface. If this is PS4.5 on Server 2003, just make sure your customer knows that on March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS. I would recommend Hotfix Rollup Pack 7. http://support.citrix.com/article/CTX127926 Just make sure you read the prereqs first. Once you install HRP7, install the following updates: http://support.citrix.com/article/CTX133359 (security fix) http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5 install before the next fix) http://support.citrix.com/article/CTX126734 (Delivery Services Console 4.7.2, install after the previous update) While you are updating stuff to get them all current, I would also upgrade to License Server 11.10 for Windows since it no longer uses IIS. https://www.citrix.com/downloads/licensing/license-server.html You will need to take 1 minute to return your current license file and download a new license file that is formatted for 11.10. This will not affect any currently logged in users. This should get you all up-to-date for all the dead products your customer is using. Thanks Webster From: Ken Cornetet [mailto:ken.corne...@kimball.com] Sent: Friday, March 15, 2013 8:04 AM To: NT System Admin Issues Subject: RE: CSG 3.2 and Presenatation 4.5 Why would you run CSG internally? I run a Xenapp 5 farm with just a web interface for internal users. External users come through a different CSG/WI box in the DMZ. From: Greg Sweers [mailto:gswe...@acts360.com] Sent: Monday, March 04, 2013 2:41 PM To: NT System Admin Issues Subject: CSG 3.2 and Presenatation 4.5 We have a client who their internal guy just left and he basically maintained a Citrix Farm on Xenapp 4.5 with CSG 3.2 They have asked us to take a look and fix a few things. I renewed their SSL cert which is running under their own PKI infrastructure, but the CSG service is disabled and the whole things is running through IIS. They can login and everything works, but I have never seen that configuration before. Usually the SSL on IIS is running 444 and the CSG runs 443. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Difference between port forwarding and DMZ
Citrix handles this via TCP port 443. It also depends on if you are using CSG, CAG or NetScaler in the DMZ. No matter what, CSG/CAG/NS pass 443 thru to the Web Interface which is usually in the internal LAN and WI contacts the XML Broker service on your Collector or Controller (XenDesktop or XenApp) which contacts a DC/GC server for auth purposes. Citrix has docs for single and double firewall setups. I believe they also have docs for WI sitting in the DMZ but Ihave never seen anyone use it in that config. Thanks Webster > -Original Message- > From: David Lum [mailto:david@nwea.org] > Sent: Thursday, March 14, 2013 1:49 PM > To: NT System Admin Issues > Subject: RE: Difference between port forwarding and DMZ > > Correct. How does Citrix handle this? Member server in the DMZ yes? > > -Original Message- > From: Webster [mailto:webs...@carlwebster.com] > Sent: Thursday, March 14, 2013 11:43 AM > To: NT System Admin Issues > Subject: RE: Difference between port forwarding and DMZ > > And you make swiss cheese of your firewall. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Difference between port forwarding and DMZ
And you make swiss cheese of your firewall. Thanks Webster > -Original Message- > From: David Lum [mailto:david@nwea.org] > Sent: Thursday, March 14, 2013 1:35 PM > To: NT System Admin Issues > Subject: RE: Difference between port forwarding and DMZ > > " I'll make another sweeping statement here: Don't put any machine in the > DMZ that requires membership in your production domain. At that point you > don't have a DMZ, you merely have another subnet of your production > network, and basically no protection." > > How does this work, then? RDS Gateway servers need to be domain-joined > http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment- > in-a-perimeter-network-firewall-rules.aspx > > Dave ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Running Powershell script as scheduled task fails with 0x1
And old! Thanks Webster > -Original Message- > From: Michael B. Smith [mailto:mich...@smithcons.com] > Subject: RE: Running Powershell script as scheduled task fails with 0x1 > > Easier to change a BAT than change something in task scheduler. I'm lazy. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Running Powershell script as scheduled task fails with 0x1
I thought it was -File "c:\scripts\myscript.ps1". Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com -Original Message- From: Michael Leone [mailto:oozerd...@gmail.com] Sent: Thursday, March 07, 2013 2:30 PM To: NT System Admin Issues Subject: Running Powershell script as scheduled task fails with 0x1 I can't understand why my script is failing. I can run it from a Powershell prompt (I have to "Run as administrator", because the script is deleting some files in a backup directory). But it works perfectly when I do it that way. But when I create a Scheduled Task to do it, it fails with 0x1. I create a Task, tell it to use an account with domain admin privileges. Tell it to run whether the user is logged on or not, and to run with highest privileges The action calls a program (C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe). In "Add arguments", I have -Command "C:\Scripts\myscript.ps1" ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Normalizing a disk image
Maybe you are thinking of the .Net Framework compiling that happens in the background??? http://social.msdn.microsoft.com/Forums/en/clr/thread/62c082cd-819a-4aa0-b526-65c05b0b0f13 http://msdn.microsoft.com/en-us/magazine/cc163610.aspx Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, March 07, 2013 11:07 AM To: NT System Admin Issues Subject: RE: Normalizing a disk image http://community.citrix.com/kits/#/kit/1067009 Only because it applies to the project I am on, I went through ALL the optimization guides and saw nothing about multiple boots before sealing. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, March 07, 2013 10:34 AM To: NT System Admin Issues Subject: RE: Normalizing a disk image http://support.citrix.com/servlet/KbServlet/download/24559-102-647700/XD%20-%20Top%2010%20Mistakes%20Identified%20When%20Doing%20Desktop%20Virtualization.pdf Item #6, page 8 is about Antivirus. I have still not found anything about booting multiple times before sealing the image. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, March 07, 2013 5:43 AM To: NT System Admin Issues Subject: RE: Normalizing a disk image The AV one, yes, that is recommended. Boot 6 time, never heard of it. BUT I have heard of booting and waiting a long time so .net stuff has time to compile in the background but that was several years ago. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: James Rankin [mailto:kz2...@googlemail.com] Sent: Thursday, March 07, 2013 5:32 AM To: NT System Admin Issues Subject: Normalizing a disk image Been doing a lot of work recently with Citrix Provisioning Services - for those of you that aren't familiar with it, it allows servers or desktops to boot from a "gold" or "master" read-only disk image that returns to the initial state at reboot time. Obviously prior to "sealing" a gold image you have to normalize it to make sure that software doesn't fail and optimize it for best performance. I've gone through a lot of the usual optimizations, defrag, flush DNS, etc., but came across another two possible optimizations online and was wondering if they were actually worth doing. One I heard about was running a full AV scan prior to sealing so that all files are already "known" to the antivirus software? Is this actually relevant, or does it depend on the AV in use? The other possible optimization was rebooting the system six times and waiting 120 seconds between each reboot to allow for boot prefetching. Again, is this something that would help a system run better? Thanks for any insights, -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Normalizing a disk image
http://community.citrix.com/kits/#/kit/1067009 Only because it applies to the project I am on, I went through ALL the optimization guides and saw nothing about multiple boots before sealing. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, March 07, 2013 10:34 AM To: NT System Admin Issues Subject: RE: Normalizing a disk image http://support.citrix.com/servlet/KbServlet/download/24559-102-647700/XD%20-%20Top%2010%20Mistakes%20Identified%20When%20Doing%20Desktop%20Virtualization.pdf Item #6, page 8 is about Antivirus. I have still not found anything about booting multiple times before sealing the image. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, March 07, 2013 5:43 AM To: NT System Admin Issues Subject: RE: Normalizing a disk image The AV one, yes, that is recommended. Boot 6 time, never heard of it. BUT I have heard of booting and waiting a long time so .net stuff has time to compile in the background but that was several years ago. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: James Rankin [mailto:kz2...@googlemail.com] Sent: Thursday, March 07, 2013 5:32 AM To: NT System Admin Issues Subject: Normalizing a disk image Been doing a lot of work recently with Citrix Provisioning Services - for those of you that aren't familiar with it, it allows servers or desktops to boot from a "gold" or "master" read-only disk image that returns to the initial state at reboot time. Obviously prior to "sealing" a gold image you have to normalize it to make sure that software doesn't fail and optimize it for best performance. I've gone through a lot of the usual optimizations, defrag, flush DNS, etc., but came across another two possible optimizations online and was wondering if they were actually worth doing. One I heard about was running a full AV scan prior to sealing so that all files are already "known" to the antivirus software? Is this actually relevant, or does it depend on the AV in use? The other possible optimization was rebooting the system six times and waiting 120 seconds between each reboot to allow for boot prefetching. Again, is this something that would help a system run better? Thanks for any insights, -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Normalizing a disk image
http://support.citrix.com/servlet/KbServlet/download/24559-102-647700/XD%20-%20Top%2010%20Mistakes%20Identified%20When%20Doing%20Desktop%20Virtualization.pdf Item #6, page 8 is about Antivirus. I have still not found anything about booting multiple times before sealing the image. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Webster [mailto:webs...@carlwebster.com] Sent: Thursday, March 07, 2013 5:43 AM To: NT System Admin Issues Subject: RE: Normalizing a disk image The AV one, yes, that is recommended. Boot 6 time, never heard of it. BUT I have heard of booting and waiting a long time so .net stuff has time to compile in the background but that was several years ago. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: James Rankin [mailto:kz2...@googlemail.com] Sent: Thursday, March 07, 2013 5:32 AM To: NT System Admin Issues Subject: Normalizing a disk image Been doing a lot of work recently with Citrix Provisioning Services - for those of you that aren't familiar with it, it allows servers or desktops to boot from a "gold" or "master" read-only disk image that returns to the initial state at reboot time. Obviously prior to "sealing" a gold image you have to normalize it to make sure that software doesn't fail and optimize it for best performance. I've gone through a lot of the usual optimizations, defrag, flush DNS, etc., but came across another two possible optimizations online and was wondering if they were actually worth doing. One I heard about was running a full AV scan prior to sealing so that all files are already "known" to the antivirus software? Is this actually relevant, or does it depend on the AV in use? The other possible optimization was rebooting the system six times and waiting 120 seconds between each reboot to allow for boot prefetching. Again, is this something that would help a system run better? Thanks for any insights, -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Normalizing a disk image
The AV one, yes, that is recommended. Boot 6 time, never heard of it. BUT I have heard of booting and waiting a long time so .net stuff has time to compile in the background but that was several years ago. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: James Rankin [mailto:kz2...@googlemail.com] Sent: Thursday, March 07, 2013 5:32 AM To: NT System Admin Issues Subject: Normalizing a disk image Been doing a lot of work recently with Citrix Provisioning Services - for those of you that aren't familiar with it, it allows servers or desktops to boot from a "gold" or "master" read-only disk image that returns to the initial state at reboot time. Obviously prior to "sealing" a gold image you have to normalize it to make sure that software doesn't fail and optimize it for best performance. I've gone through a lot of the usual optimizations, defrag, flush DNS, etc., but came across another two possible optimizations online and was wondering if they were actually worth doing. One I heard about was running a full AV scan prior to sealing so that all files are already "known" to the antivirus software? Is this actually relevant, or does it depend on the AV in use? The other possible optimization was rebooting the system six times and waiting 120 seconds between each reboot to allow for boot prefetching. Again, is this something that would help a system run better? Thanks for any insights, -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Semi-OT: Vsphere shutdown
Iran being one of the top countries that hit my blog is a bit unnerving to say the least. I am surprised the feds haven’t come knocking asking what is going on. Plus all the “stan”s that hit my site is really weird. I wouldn’t think anyone in those countries could afford Citrix licenses. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Subject: Re: Semi-OT: Vsphere shutdown Webster has millions of readers. Mainly Iranians :-) Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: Richard Stovall mailto:rich...@gmail.com>> Subject: RE: Semi-OT: Vsphere shutdown Thanks for the offer, Carl. But wouldn't I want to put it somewhere where it might actually be read? :-) But seriously, thanks for the offer. I'll see if I can find time to put something together. Richard On Mar 6, 2013 7:32 AM, "Webster" mailto:webs...@carlwebster.com>> wrote: I would be happy to post the article on my site. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Semi-OT: Vsphere shutdown
In that case, you will need MBS’ site! ☺ Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, March 06, 2013 1:35 PM To: NT System Admin Issues Subject: RE: Semi-OT: Vsphere shutdown Thanks for the offer, Carl. But wouldn't I want to put it somewhere where it might actually be read? :-) But seriously, thanks for the offer. I'll see if I can find time to put something together. Richard On Mar 6, 2013 7:32 AM, "Webster" mailto:webs...@carlwebster.com>> wrote: I would be happy to post the article on my site. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com -Original Message- From: Laurence [mailto:laurence.chi...@jalapeno-bs.co.uk<mailto:laurence.chi...@jalapeno-bs.co.uk>] Sent: Wednesday, March 06, 2013 4:49 AM To: NT System Admin Issues Subject: Re: Semi-OT: Vsphere shutdown Hi Richard good news that the whole thing went well for you have you considered writing this up as a news article, tech article, blog post or case study? about time that we had some good news from the IT industry instead of all the bad stuff about unplanned downtime, hacking etc. plus it would also look good on the CV when it comes to pay rise, new job time!! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Semi-OT: Vsphere shutdown
I would be happy to post the article on my site. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com -Original Message- From: Laurence [mailto:laurence.chi...@jalapeno-bs.co.uk] Sent: Wednesday, March 06, 2013 4:49 AM To: NT System Admin Issues Subject: Re: Semi-OT: Vsphere shutdown Hi Richard good news that the whole thing went well for you have you considered writing this up as a news article, tech article, blog post or case study? about time that we had some good news from the IT industry instead of all the bad stuff about unplanned downtime, hacking etc. plus it would also look good on the CV when it comes to pay rise, new job time!! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Vmware Design for XenApp 6.5 w/PVS
Are you still looking in the mirror? Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Monday, March 04, 2013 3:07 PM To: NT System Admin Issues Subject: Re: Vmware Design for XenApp 6.5 w/PVS No probs, feel free to hit me up for more info, I am currently involved in the worlds most boring project Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: Sean Martin mailto:seanmarti...@gmail.com>> Date: Mon, 4 Mar 2013 10:57:50 -0900 To: NT System Admin Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>> ReplyTo: "NT System Admin Issues" mailto:ntsysadmin@lyris.sunbelt-software.com>> Subject: Re: Vmware Design for XenApp 6.5 w/PVS Sorry for the delayed response. Thanks again James, this is fantastic information. I'm doing all I can to disseminate this amongst my team. I'm sure I'll have more follow ups as we start on the low level design and implementation of each technology. - Sean On Thu, Feb 28, 2013 at 10:49 AM, James Rankin mailto:kz2...@googlemail.com>> wrote: If you're using the Personalization Server feature (and it sounds like you are), you need to be aware that if you lose this area of the environment, not only do you get no customization of user profile, session or any of their applications, you take the risk of overwriting the Personalization data with default data and causing all sorts of problems for your user base. With this in mind, you'll want heavy redundancy on both the SQL backend and in the web services that facilitate communication with the SQL backend. AppSense supports clustering, replication, mirroring and all the other usual SQL redundancy features. You will also probably want to configure some failover in the web services that provide the Management Server site and the Personalization Server site. There are some non-default options within Personalization itself I'd recommend - Offline Resiliency ensures that in the event of a database outage, the client caches Personalization data and resyncs once the database is available. I'd also recommend enabling either the web portal and/or the self-service profile reset features, which again will dictate the sizing of your database depending on how many archives you keep. See this article for a discussion of AppSense database sizing - http://appsensebigot.blogspot.co.uk/2012/09/appsense-management-server-and_13.html There are also a few gotchas around AppSense and PVS I'd want to bear in mind - http://appsensebigot.blogspot.co.uk/2012/05/using-appsense-with-citrix-provisioning.html and some AV considerations - http://appsensebigot.blogspot.co.uk/2012/03/antivirus-exclusions-for-appsense.html I'd also recommend you seriously consider using the Performance Manager feature of AppSense. It can eke out up to 40% higher user density on XenApp platforms - a serious ROI if ever there was one. On the XenApp side, I think Web has more than adequately covered what you need. I'll back him up on the fact that StoreFront (I dare speak the name) is not really fit for purpose yet. If you need any more advice on the AppSense side of things feel free to shoot me an email offline, although at your current stage I don't think you need do much other than scope for the heavy redundancy in the SQL side of things. Cheers, JR On 28 February 2013 17:29, Sean Martin mailto:seanmarti...@gmail.com>> wrote: We haven't gone through the low-level design process for each of the deliverables yet, so I am not sure if we're using that feature. Is that a part of the Environment Manager? Our implementation of AppSense is purely for a profile management solution because of the garbage that roaming profiles makes us deal with in our current environment. - Sean On Feb 28, 2013, at 8:03 AM, kz2...@googlemail.com<mailto:kz2...@googlemail.com> wrote: Are you using the AppSense Personalization Server feature? That's going to have a big influence on your requirements if you are. Sent from my Blackberry, which may be an antique but delivers email RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Semi-OT: Vsphere shutdown
“The procedure itself seems straightforward enough, but those spindles have been going for about 4.5 years and it could mean a lot of restore time if more than two in any disk group decide that they don't want to spin up again.” Actually had this happen at a hospital’s data center back in early 2010. Someone went work in the data center and decided it was too cold for them in the room. So they went over to the “DO NOT TOUCH OR ADJUST THIS THERMOSTAT” labeled box and turned OFF the entire A/C system. They left and forgot to turn the A/C back on. A few hours later alarms were going off everywhere (it was 5 below zero F outside) and by the time we got there all the servers, UPS units, SANS, NASes and just about everything else had powered off. No one knew what happened but the building super opened the roof vent to let the extreme cold air from outside into the data center. By the time they figured out what had happened, the rooftop HVAC units had frozen. When they got all that figured out, the customer realized they had no idea what needed to be powered on in what order because they had never shutdown before. They just started powering up servers, storage, firewalls, switches, you name it in random order since a non-random order was unknown. Two of their SANs came up with multiple drive failures and then there were those mysterious Unix servers that no one knew about. No one knew the passwords to get in to start the services and software. They had to place an emergency call in to HP since it was HP Unix servers and HP SANs. I was there at the beginning discovery phase of an AD assessment because two hospitals were merging and they needed to know what to plan for in merging the two Ads. All this happened on a Friday. I was sent home early since no one was now available to work with me. I do hope you don’t any mysterious servers or systems waiting to bite you in the butt when you power up. ☺ If so, MBS and ASB are available at excellent emergency rates! LOL I’m not available, I start a 35,000 seat XenDesktop project on Monday. Thanks Webster ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Semi-OT: Vsphere shutdown
If I don't have a physical DC, how can I boot it first? :) Thanks Webster > -Original Message- > From: John Cook [mailto:john.c...@pfsf.org] > Sent: Friday, March 01, 2013 12:16 PM > To: NT System Admin Issues > Subject: RE: Semi-OT: Vsphere shutdown > > One more thing - If you don't have a physical DC in that location boot that > first ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: MS tools and resource communications - was: IIS reporting/monitoring free tool
Yeah, I think some heavy sarcasm was implied in the post. Thanks Webster From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Thursday, February 28, 2013 6:01 PM To: NT System Admin Issues Subject: RE: MS tools and resource communications - was: IIS reporting/monitoring free tool Not sure if you're j/king re Hanselman. He definitely works for MS - has a fairly senior role in the Web Tools and Platform team Cheers Ken From: Steven Peck [mailto:sep...@gmail.com] Sent: Friday, 1 March 2013 10:48 AM To: NT System Admin Issues Subject: MS tools and resource communications - was: IIS reporting/monitoring free tool I've known about it for years and have mentioned it a time or two on this list. :) I worked with some of the MS folks on some stuff they sponsored for in the Open Source community and they just cannot get credit for the stuff they do without angry people and rioters showing up to burn the place down. Of course for a while I heavily supported a web developer community (Drupal) so was aware of a lot of web focused tools. It was also mentioned in various podcasts and videos are part of an overall tool set from MS. It was more mentioned when the Firebug tool came out years ago. However when that happened all the Firebug advocates could say was 'copy' or well but I don't use IE or something else and promptly dismiss it. Some random links regarding it just cause: :) TechNet http://msdn.microsoft.com/en-us/library/ie/gg589507(v=vs.85).aspx Scott Hanselman - I think he has something to do with MS, not sure... small obscure role maybe. I think he posts random stuff. http://www.hanselman.com/blog/TheInternetIsNotABlackBoxLookInside.aspx ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Webster's question is very timely...
Nope, when I did the RMA request and typed in my serial #, the site told me the warranty had expired. Thanks Webster From: Graeme Carstairs [mailto:loonyto...@gmail.com] Sent: Thursday, February 28, 2013 1:51 PM To: NT System Admin Issues Subject: Re: Webster's question is very timely... Your warranty should start at time of purchase with receipt for proof. On Thursday, 28 February 2013, Webster wrote: I had a Seagate external eSata drive but it died 3 months after I got it! The warrant had already expired because it sat on the shelf at OfficeMax too long. That sucks. It was a 2TB drive and I used it for storing my VMs off of my Win7 laptop (that I had at the time). Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Thursday, February 28, 2013 1:37 PM > To: NT System Admin Issues > Subject: Webster's question is very timely... > > I didn't want to drag his thread off topic, so I'm starting a new one > > Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a > really > good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI > Firepro video card, 1920x1080 display (15.6") and a 256gb SSD. ($1600 - sale > still going as far as I know.) > > Problem is, I'm pretty sure I made a small mistake. That 256gb drive just > isn't > big enough to hold the VMs I want. I should have gone with the 128gb > minicard and a 1tb hard drive. > > So, I'm also looking for an external drive, either USB3 or eSATA - if you had > the choice, which would you choose for putting in the laptop case for extra > storage? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Good news everyone, you have just received an e-mail from me! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Webster's question is very timely...
I had a Seagate external eSata drive but it died 3 months after I got it! The warrant had already expired because it sat on the shelf at OfficeMax too long. That sucks. It was a 2TB drive and I used it for storing my VMs off of my Win7 laptop (that I had at the time). Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Thursday, February 28, 2013 1:37 PM > To: NT System Admin Issues > Subject: Webster's question is very timely... > > I didn't want to drag his thread off topic, so I'm starting a new one > > Not to brag (much), but I just picked up a Dell Precision 4600 laptop at a > really > good price - it's a quad-core machine with Win7 Pro, 16gb RAM and an ATI > Firepro video card, 1920x1080 display (15.6") and a 256gb SSD. ($1600 - sale > still going as far as I know.) > > Problem is, I'm pretty sure I made a small mistake. That 256gb drive just > isn't > big enough to hold the VMs I want. I should have gone with the 128gb > minicard and a 1tb hard drive. > > So, I'm also looking for an external drive, either USB3 or eSATA - if you had > the choice, which would you choose for putting in the laptop case for extra > storage? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Vmware Design for XenApp 6.5 w/PVS
I agree with your conclusion. Thanks Webster From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Thursday, February 28, 2013 12:47 PM To: NT System Admin Issues Subject: Re: Vmware Design for XenApp 6.5 w/PVS Internal users all access web interface currently. Remote users connect via Access Gateway with RSA integration. Sounds like moving forward with WI servers will be the easiest to support and give us the most flexibility until we entertain adopting CloudGateway down the road. - Sean On Thu, Feb 28, 2013 at 9:17 AM, Webster mailto:webs...@carlwebster.com>> wrote: Another response from the guy I call Mr. NetScaler and Dr. EdgeSight. He currently manages almost 1,000 NetScalers for his employer so he knows his stuff. This is also the ONLY speaker I am aware of at a Briforum conference that got dinged by attendees because his session was TO technical! You can, is everyone coming in via Remote Access? I have configured the NS Web Interface for just internal (no ICAPROXY) but it is a little tricky. I am using WI on NS without issue at a few sites but we aren't doing anything fancy (no smart cards, cert auth, anything like that) Works fine. If the traffic is external or if everyone is going to use ICAPROXY than you are fine, otherwise you will need to use WI sites, one for inside and one for ICAPROXY. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Vmware Design for XenApp 6.5 w/PVS
Another response from the guy I call Mr. NetScaler and Dr. EdgeSight. He currently manages almost 1,000 NetScalers for his employer so he knows his stuff. This is also the ONLY speaker I am aware of at a Briforum conference that got dinged by attendees because his session was TO technical! You can, is everyone coming in via Remote Access? I have configured the NS Web Interface for just internal (no ICAPROXY) but it is a little tricky. I am using WI on NS without issue at a few sites but we aren't doing anything fancy (no smart cards, cert auth, anything like that) Works fine. If the traffic is external or if everyone is going to use ICAPROXY than you are fine, otherwise you will need to use WI sites, one for inside and one for ICAPROXY. Thanks Webster From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Thursday, February 28, 2013 12:04 PM To: NT System Admin Issues Subject: Re: Vmware Design for XenApp 6.5 w/PVS Thanks for the info Webster, this is exactly the kind of feedback I was after. It's funny you mention the WI vs. NetScaler argument because we've gone back and forth as well. We currently use an older pair of NetScalers to load balance client connections to our Web Interface servers. We started looking migrating WI to the NetScalers prior to XenApp 6.5 planning and the biggest complaint was the apparent removal of pass thru authentication support. In the end our management liked the idea of using the NetScalers to support the function and reducing our overall Windows Server count. During our High Level Design discussions for XenApp 6.5 we touched back on this topic and that's when discussions of deploying StoreFront started coming up but the engineer assisting with our design recommended either NetScaler or Web Interface. Since this project is not likely to ramp up until May/June, our Citrix Engineer is holding out for the possibility of deploying Cloud Gateway. I asked if Cloud Gateway was not an option which direction he would go and he's now leaning back towards deploying Web Interface servers. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Vmware Design for XenApp 6.5 w/PVS
While answering another XA6.5 and PVS 6.1 question for someone else just a few minutes ago, I came across these articles: http://blogs.citrix.com/2012/12/05/deploy-xenapp-6-5-using-pvs-6-1-part-1/ http://blogs.citrix.com/2012/12/12/deploy-xenapp-6-5-using-pvs-6-1-part-2/ Thanks Webster From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Thursday, February 28, 2013 10:58 AM To: NT System Admin Issues Subject: Vmware Design for XenApp 6.5 w/PVS Hello everyone, Let me start first by apologize for the length of this message. In my pursuit of providing all of the relevant information I fully expect for this to be a bit long winded. We're in the final planning stages of a migration from a purely physical XenApp 5 on Windows 2003 environment to a virtualized XenApp 6.5 with Provisioning Services environment on ESXi 5.0. I was hoping I could toss out our initial design and gather some feedback. Our current environment consists of a single farm, two sites, and just under 200 physical servers. That includes the SQL server, data collectors, existing Web Interface servers, licensing server and all of the presentation servers. We currently support 12 application silos. The purpose of each silo varies from application compatibility issues, business unit requirements, performance requirements, etc. At our peak, we support approximately 1400 concurrent sessions. This is the number we've used to design our future environment. The new environment will consist of a dedicated vSphere Cluster for the XenApp servers (using provisioning services). Other supporting services (SQL Server, zone data collectors, licensing server, etc.) will be supported in a general vSphere cluster. Web Interface will be migrated to NetScaler Appliances. We will also be deploying AppSense Environment Manager and using AppDNA to validate application compatibility. Anyway, my specific responsibility is to forcast the infrastructure requirements and work directly with our Citrix Admins. I used the following article as the primary reference material for starting our design. We decided to plan conservatively and base our consolidation ratios with a 20 users per guest target. The host config I've decided on are Dell PowerEdge R820s with Quad E5-4640 2.4GHz 8 core procs and 384GB RAM. Using the recommendation of 4vCPUs per guest we can support 16VMs per host which equates to 320 users per host. 5 hosts will allow us to support a peak of 1600 concurrent user sessions. We will purchase 6 hosts to maintain our N+1 cluster design standards. I dediced to bump the RAM per host considerably to allow for increased guest allocation. We support over 200 published applications in our environment, which are distributed amongst physical server silos currently. One of our goals with PVS is to consolidate the applications into as few images as possible si we want to certain we have the hardware resources to support the guests. Each host will include a FusionIO IO Drive to support maximum IO requirements and eliminate IO contention on our SAN during large scale provisioning. All of our hosts leverage infiniband with 80Gbps throughput for ethernet and native FC connectivity. http://blogs.citrix.com/2013/01/07/whats-the-optimal-xenapp-6-5-vm-configuration/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+CitrixBlogs+%28Citrix+Blogs%29 So after reading all of that I feel like I'm bragging. However, I have a fundemental concern because even though we are being very conservative and are likely procuring more resources than necessary, I have no reliable means of validating the capabilities of this proposed environment vs. our current workloads. My experience with Vmware tells me that even though the aforementioned article suggests a 4 vCPU per guest configuration, we'll likely start with a single vCPU configuration and do our best at initial scalability testing while keeping an eye on CPU waits. Should we find guests perform optimally with few vCPUs than that will just increase our consolidation ratios. I'm hoping some of you out there with a lot of XenApp experience (Webster, James, etc.:) ) can either point out any major gaps in the initial hardware design or hopefully validate that we're more than likely over provisioning hardware ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Prevent duplicate DNS entries
What hands out the IP addresses? Thanks Webster From: David Lum [mailto:david@nwea.org] Sent: Wednesday, February 27, 2013 1:40 PM To: NT System Admin Issues Subject: Prevent duplicate DNS entries Kind of related to my earlier query, is there a way to prevent multiple DNS entries for a given IP address range with Windows DNS? Our VPN systems have a specific range of IP's and for whatever reason there's a nasty habit of many systems showing the same IP address in DNS. Or perhaps the real fix is changing the VPN client (Cisco) to handle DNS registration correctly? That would be a different can of worms from my end, but... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: 50GB free storage from Box.com
You can look all you want but you can't do anything until you buy one. :) Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Subject: Re: 50GB free storage from Box.com > > Though my comment was meant to be snarky, that's actually interesting. > > I may have to look at those units > > Kurt > > On Tue, Feb 26, 2013 at 5:44 AM, Andrew S. Baker > wrote: > > > > The Synology SAN/NAS devices have a mobile app that you can use to > easily access your own storage from those devices remotely. > > > > FTP is okay, but sometimes you want to do more than simply transfer files > around. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: MS Azure cloud evaporates
If only Microsoft made software where one could automatically put things on a calendar and have the software automatically do a reminder of some kind. I wonder if there is an app for that? Thanks Webster > -Original Message- > From: Ben M. Schorr [mailto:b...@rolandschorr.com] > Subject: RE: MS Azure cloud evaporates > > I realize we're operating on a MUCH smaller basis but whenever we create a > record or certificate that expires on a schedule we also create a task with a > reminder that pops up 30 days before that expiration so that nothing should > quietly expire on us without us getting some eyeballs on it. > > Seems like having some kind of tickler system would make it a lot less likely > for these kinds of routine tasks to go undone. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Remote Desktop Server (Formerly known as Terminal Server)
Look at this this thread: http://social.technet.microsoft.com/Forums/en-US/winserverTS/thread/f2db8967-383d-4579-ae75-8dff5b79b79d/ Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Friday, February 22, 2013 8:18 AM To: NT System Admin Issues Subject: Re: Remote Desktop Server (Formerly known as Terminal Server) Wasn't it some sort of screw-up as to the actual shadowing with multiple-monitor setups? I can recall finding out that Citrix shadowing stopped working on 2008 R2 if either shadower or shadowee had multiple monitors, and they blamed something in RDS for this. Don't know what exactly but maybe MS pulled it out because of this sort of fault. Sure Web or others may know better though ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Remote Desktop Server (Formerly known as Terminal Server)
>From my understanding, for Server 2012, shadowing was removed because of >changes to the graphics pipeline in Win8/2012. I can't find the RDS Team Blog >on it right now. Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Subject: Re: Remote Desktop Server (Formerly known as Terminal Server) Wasn't it some sort of screw-up as to the actual shadowing with multiple-monitor setups? I can recall finding out that Citrix shadowing stopped working on 2008 R2 if either shadower or shadowee had multiple monitors, and they blamed something in RDS for this. Don't know what exactly but maybe MS pulled it out because of this sort of fault. Sure Web or others may know better though Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: David Lum mailto:david@nwea.org>> Subject: RE: Remote Desktop Server (Formerly known as Terminal Server) Does anyone have any insight to WTF MS was thinking when removing remote control? I'd like to think it was some sensible reason due to an architecture issue, but more likely it's a checkbox missed along the way. "Oops we forgot that feature. Eh, like the START button on XP nobody used it..." From: Webster [mailto:webs...@carlwebster.com] Subject: RE: Remote Desktop Server (Formerly known as Terminal Server) Check this out: http://blog.wtslabs.com/?p=274 RDS 2012 and Remote Control. A workaround is found... Might not be a viable workaround for everyone but... Thanks Webster From: James Hill [mailto:falc...@gmail.com] Subject: RE: Remote Desktop Server (Formerly known as Terminal Server) I've never been a fan of roaming profiles and prefer to use just folder redirection. With 2008 and above you have some new features that you may like to use. In particular Remote Desktop Gateway and RemoteApp. It all depends on what the current TS is being used for. If it's just for a particular app then you may look at just publishing Remoteapp's rather than a full session. Being 2008 (with increased security) Point and Print Restrictions is a common GP that needs to be configured. As Webster said, consider 2012 as well. The only downside is that if you regularly remote control/shadow desktops you will be disappointed to find that feature has been removed. So you'll have to use Remote Assistance or something else if you need that functionality. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Remote Desktop Server (Formerly known as Terminal Server)
Check this out: http://blog.wtslabs.com/?p=274 RDS 2012 and Remote Control. A workaround is found... Might not be a viable workaround for everyone but... Thanks Webster From: James Hill [mailto:falc...@gmail.com] Sent: Thursday, February 21, 2013 3:29 PM To: NT System Admin Issues Subject: RE: Remote Desktop Server (Formerly known as Terminal Server) I've never been a fan of roaming profiles and prefer to use just folder redirection. With 2008 and above you have some new features that you may like to use. In particular Remote Desktop Gateway and RemoteApp. It all depends on what the current TS is being used for. If it's just for a particular app then you may look at just publishing Remoteapp's rather than a full session. Being 2008 (with increased security) Point and Print Restrictions is a common GP that needs to be configured. As Webster said, consider 2012 as well. The only downside is that if you regularly remote control/shadow desktops you will be disappointed to find that feature has been removed. So you'll have to use Remote Assistance or something else if you need that functionality. James. From: Kelli Sterley [mailto:kjsterley.li...@gmail.com] Sent: Friday, 22 February 2013 3:32 AM To: NT System Admin Issues Subject: Remote Desktop Server (Formerly known as Terminal Server) I currently have a 2003 Terminal Server which is getting ready to be replaced with the 2008 R2 Remote Desktop Server. Currently we are using roaming profiles and redirecting some user folders. Does anyone use roaming profiles anymore? Why or why not? I am also in the process of editing a group policy for both the server and users. Are there any policies I should add for sure .. Anyone willing to share their GP's with me? Also, I have been searching the internet for some good "best practices" for the new setup but have found little with regards to 2008. I want it set up as simple as possible so any ideas would be great. Thanks so much - Kelli ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2
webster has no knowledge or experience with that product. sorry Sent from my iPad so please excuse all the typos On Feb 21, 2013, at 12:16 PM, "Kurt Buff" wrote: > If Webster doesn't, you'll find some guys with experience with the > Infoblox stuff on the ActiveDirectory list - activedir.org > > It's a very worthwhile list, with a lower noise ratio than this one, > and some really bright guys, including a couple who inhabit this list. > (including MBS and Kradel) > > Kurt > > On Thu, Feb 21, 2013 at 7:38 AM, Steven M. Caesare > wrote: >> Any thoughts on the InfoBlox appliances? A 3-letter gov agency we provide >> service to is considering them... >> >> -sc >> >>> -Original Message- >>> From: Webster [mailto:webs...@carlwebster.com] >>> Sent: Wednesday, February 20, 2013 3:53 PM >>> To: NT System Admin Issues >>> Subject: RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 >>> >>> I just helped move a company from Bluecat DHCP devices to Server 2008 R2 >>> DHCP! They hated the Bluecat devices and they were a real PITA to get zone >>> data out of. >>> >>> Thanks >>> >>> >>> Webster >>> >>> >>>> -Original Message- >>>> From: Guyer, Don [mailto:dgu...@che.org] >>>> Sent: Wednesday, February 20, 2013 2:04 PM >>>> To: NT System Admin Issues >>>> Subject: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 >>>> >>>> It's also a good excuse/time to clean everything up. >>>> >>>> : ) >>>> >>>> We're currently moving from Windows-based DHCP to Bluecat devices. >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ >>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: http://lyris.sunbelt- >>> software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Remote Desktop Server (Formerly known as Terminal Server)
why not go with server 2012 rds? a lot of people use roaming profiles. there are pros and a lot of cons. the cons are why there are so many 3rd party products to replace the need for roaming profiles. at my first briforum confernce, i counted 24 vendors offerings products in the user profile/environment space. gpos are very specific to pur users, apps, security concerns, etc. dont know what your search terms are but there is a plethora of info out there on 2008+ user profiles, folder redirection, user environment mgmt, etc. webster Sent from my iPad so please excuse all the typos On Feb 21, 2013, at 11:39 AM, "Kelli Sterley" mailto:kjsterley.li...@gmail.com>> wrote: I currently have a 2003 Terminal Server which is getting ready to be replaced with the 2008 R2 Remote Desktop Server. Currently we are using roaming profiles and redirecting some user folders. Does anyone use roaming profiles anymore? Why or why not? I am also in the process of editing a group policy for both the server and users. Are there any policies I should add for sure .. Anyone willing to share their GP's with me? Also, I have been searching the internet for some good "best practices" for the new setup but have found little with regards to 2008. I want it set up as simple as possible so any ideas would be great. Thanks so much - Kelli ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2
This company was going to go through several AD migrations for all the companies they had acquired over the past decade. They were also bringing in Citrix PVS, XenApp, XenDesktop and MS App-V. I was brought in to do an AD Assessment and we spent almost 6 weeks cleaning up the main AD environment. We spent two entire days doing nothing but cleaning up lingering objects (MBS helped me with the scripts). Their main domain had the central site plus 33 remote sites and each site had a DC and 17 sites had their own Exchange server on the site’s DC! They had thousands upon thousands of duplicate DNS records which MBS’ script couldn’t help with since DNS was on Bluecat. I could go on and on and on but it was a very profitable and educational 6 weeks and gave me lots of info for my “10 Things in AD” sessions. The best thing about the project was the guy I was working with was an excellent PoSH and VBS scripter and was very knowledgeable about AD and Exchange. He just needed a reason to sit down and have 6 weeks of uninterrupted time to finally clean up the AD he inherited when he took this job. We both learned a lot and taught each other things neither one of us knew. [Plus for some reason, management seems to value an outsiders opinion more than their own staff’s] When you bring in PVS, XenApp, XenDesktop and App-V, you must have a healthy AD and it really helps to be able to make timely changes to DHCP and DNS. As an aside, once their AD was cleaned up, the first AD migration went so smooth we were done in ONE day (with what they had set as goals for the week)! We spent the next 3.5 days showing the newly migrated staff how to migrate the rest of their stuff. Even though I know it cost me a lot of money, I was honest and told the main IT boss there was no reason to bring me in on the next sets of migrations. I do the initial AD Assessment, the guy I worked with cleans it up and then the migration takes place. I am available on an on-call basis and I have never been called. Clean ADs make for smooth migrations. And the customer knows I have their best interest at heart. Another big plus, this AD cleanup, the migrations and bringing in PVS, XenApp, XenDesktop and App-V was so successful, this customer will be a showcase session at Synergy Anaheim! ☺ (It was Shake & Bake and I Helped! LOL) Thanks Webster From: Guyer, Don [mailto:dgu...@che.org] Subject: RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 Web, I do appreciate the info you have shared and I hope we don’t run into the same problems. It’s been a major process moving from Win to the Bluecat and I’d HATE to have to reverse everything. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2
One thing I failed to mention is a major factor in getting rid of the Bluecat devices. The devices had a strong tendency to lockup and or stop accepting requests during periods of high usage. Since the devices could not be pinged or gotten into by http/https or telnet, an emergency change request had to be done. Once it went thru the 3 levels of change control, someone had to call the data center to have the devices powered off and back on. Because of the many hundreds of zones and because they were standard zones (not AD Integrated) it took almost one month of effort to get off those devices. There was no command or utility to get multiple zone transfers so it was one zone at a time. I also remember something about it wouldn’t transfer all the records in a zone because of the way the DNS records were handled internally and the records had to be manually edited. Sorry, not the DNS records themselves, the zone files that were created by the Bluecats. They were not a standard zone file and Windows couldn’t (wouldn’t) import them so the zone files had to be manually edited. Cricket Liu would have been cursing those Bluecat zones. Overall it was a major royal PITA and they were (are) glad to be off those devices. The customer has had zero issues since moving to AD Integrated DNS zones and Windows DHCP. And I think the Windows team is now making the network infrastructure team go through change control every time they need something done in DHCP or DNS (payback is hell you know). Thanks Webster From: Webster [mailto:webs...@carlwebster.com] Subject: RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 The company I just helped move their DHCP and DNS stuff from the appliances did it because appliances are under the control of the network infrastructure team. Any time a DNS record or DHCP reservation was needed, a change control form had to be submitted and go thru three layers of review processes and then wait for a scheduled monthly maintenance window. When you are implementing Citrix PVS, that is a burdensome process. Thanks Webster From: Guyer, Don [mailto:dgu...@che.org] Subject: RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 Scalability/redundancy/features/centralization. From: Don Kuhlman [mailto:drkuhl...@yahoo.com] Subject: Re: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 Hi Don. Just curious as to why the switch to appliance based DHCP from Windows ? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2
The company I just helped move their DHCP and DNS stuff from the appliances did it because appliances are under the control of the network infrastructure team. Any time a DNS record or DHCP reservation was needed, a change control form had to be submitted and go thru three layers of review processes and then wait for a scheduled monthly maintenance window. When you are implementing Citrix PVS, that is a burdensome process. Thanks Webster From: Guyer, Don [mailto:dgu...@che.org] Sent: Wednesday, February 20, 2013 3:06 PM To: NT System Admin Issues Subject: RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 Scalability/redundancy/features/centralization. From: Don Kuhlman [mailto:drkuhl...@yahoo.com] Sent: Wednesday, February 20, 2013 3:44 PM To: NT System Admin Issues Subject: Re: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 Hi Don. Just curious as to why the switch to appliance based DHCP from Windows ? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2
I just helped move a company from Bluecat DHCP devices to Server 2008 R2 DHCP! They hated the Bluecat devices and they were a real PITA to get zone data out of. Thanks Webster > -Original Message- > From: Guyer, Don [mailto:dgu...@che.org] > Sent: Wednesday, February 20, 2013 2:04 PM > To: NT System Admin Issues > Subject: Slightly OT: RE: Migrate DHCP from 2003 to 2008 R2 > > It's also a good excuse/time to clean everything up. > > : ) > > We're currently moving from Windows-based DHCP to Bluecat devices. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Books about software
Not at all. I got no help, permission or advice from Citrix on my XenApp 5 book. But what MBS says is correct, no slander, libel or anything else like that and you should be OK. Thanks Webster > -Original Message- > From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] > Subject: Books about software > > If you want to write a book about a particular piece of software, am I right > in > assuming you need to engage the vendor to some degree? I'm a complete > newcomer to this sort of thing so any and all advice is gratefully > appreciated. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1
That is cool. I have also heard from the chief Citrix architect for a large 3 letter international computer business that they use the scripts also for customer documentation. They are also loving the new Word documents. It is very humbling to hear from all these people and how useful they find the scripts. Now I just need to figure out how to support non-English versions of Word. Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Subject: Re: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1 I believe those scripts are used by a large UK outsourcer for support handovers Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: Webster mailto:webs...@carlwebster.com>> Subject: RE: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1 You are welcome. Any feedback is welcome. Especially if you want to send me a sanitized copy of the report (will not be seen by anyone except me and maybe MBS). Had an email from someone this morning who ran it on a 320 server farm and they loved the report. Thanks Webster From: Mike Sullivan [mailto:neog...@gmail.com] Subject: Re: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1 Thank you, Carl! On Mon, Feb 18, 2013 at 3:21 AM, Webster mailto:webs...@carlwebster.com>> wrote: New article: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1 http://carlwebster.com/documenting-a-citrix-xenapp-6-5-farm-with-microsoft-powershell-and-word-version-3-1/ Updated article: Where to Get Copies of the Various Documentation Scripts http://carlwebster.com/where-to-get-copies-of-the-xenapp-farm-documentation-scripts/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1
You are welcome. Any feedback is welcome. Especially if you want to send me a sanitized copy of the report (will not be seen by anyone except me and maybe MBS). Had an email from someone this morning who ran it on a 320 server farm and they loved the report. Thanks Webster From: Mike Sullivan [mailto:neog...@gmail.com] Sent: Monday, February 18, 2013 11:29 AM To: NT System Admin Issues Subject: Re: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1 Thank you, Carl! On Mon, Feb 18, 2013 at 3:21 AM, Webster mailto:webs...@carlwebster.com>> wrote: New article: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1 http://carlwebster.com/documenting-a-citrix-xenapp-6-5-farm-with-microsoft-powershell-and-word-version-3-1/ Updated article: Where to Get Copies of the Various Documentation Scripts http://carlwebster.com/where-to-get-copies-of-the-xenapp-farm-documentation-scripts/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Languages and variables
>From a French CTP: Hey Carl, Yes %USERNAME% is working on a French OS. Regards, Thanks Webster From: James Rankin [mailto:kz2...@googlemail.com] Sent: Monday, February 18, 2013 7:26 AM To: NT System Admin Issues Subject: Languages and variables If I have a user with the French version of Windows, would %username% still be called %username% on his system or would it be translated? I'm assuming it would stay the same - but I just need to make sure :-) Google-fu seems inadequate on this, although it might just be my search terms :-) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: 50GB free storage from Box.com
Dude all you had to do was pay several thousand pounds to take the official VMware training course, a couple of hundred pounds to take (and pass) the cert exam and VMware would have given you a copy of VMware Workstation for free! Sheez, some people. Thanks Webster From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] Sent: Thursday, February 14, 2013 1:48 PM To: NT System Admin Issues Subject: Re: 50GB free storage from Box.com It was to me - but the VMWare Workstation it runs on wasn't, sadly Sent from my Blackberry, which may be an antique but delivers email RELIABLY From: "Andrew S. Baker" mailto:asbz...@gmail.com>> Date: Thu, 14 Feb 2013 14:39:21 -0500 Subject: Re: 50GB free storage from Box.com But, was it free! :) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: My Experts 2 Experts Conference Presentation from Hamburg, Germany
Great. Thanks for the feedback. Thanks Webster From: Jeff Bunting [mailto:bunting.j...@gmail.com] Sent: Thursday, February 14, 2013 9:41 AM To: NT System Admin Issues Subject: Re: My Experts 2 Experts Conference Presentation from Hamburg, Germany I think you gave a good presentation Webster, and I didn't even get a beer at break time. I even learned a couple of things about DFL and KCC. Thanks! Jeff On Tue, Feb 5, 2013 at 8:12 AM, Webster mailto:webs...@carlwebster.com>> wrote: Pretty pathetic attempt at a presentation but if you have an hour to waste, here you go. 10 Things in AD That Can Affect Your Application and Desktop Virtualization Efforts and How To Fix Them http://www.youtube.com/watch?v=dht_cuiuJok&list=UUM17iQF508Gw09NOGLIKp1Q&index=1 I believe this is a public link I was given to share. I can't stand watching or listening to myself. I think I look as stiff as a 2x4 and sound like I have a mouth full of mashed taters. If you can tolerate listening to and or watching this video, please let me know what you think. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: file limitation error
http://technet.microsoft.com/en-gb/library/bb457112.aspx Table 13-5 NTFS Size Limits Files per volume 4,294,967,295 (2**32 files minus 1 file) For ReFS: http://blogs.msdn.com/b/b8/archive/2012/01/16/building-the-next-generation-file-system-for-windows-refs.aspx Maximum number of files in a directory 2^64 Maximum number of directories in a volume 2^64 Thanks Webster > -Original Message- > From: Michael B. Smith [mailto:mich...@smithcons.com] > Subject: RE: file limitation error > > I don't think there is any meaningful limit. (2**31) - 1 I would guess. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Another Java Update to close in the wild exploits Feb 19, 2013
Too late. Thanks Webster > -Original Message- > From: Ziots, Edward [mailto:ezi...@lifespan.org] > Subject: Recall: Another Java Update to close in the wild exploits Feb 19, > 2013 > > Ziots, Edward would like to recall the message, "Another Java Update to > close in the wild exploits Feb 19, 2013". ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Require Network Level Authentication to RDP
I have no customers, that I know of, that use or require it. Thanks Webster From: David Lum [mailto:david@nwea.org] Sent: Monday, February 11, 2013 8:57 AM To: NT System Admin Issues Subject: Require Network Level Authentication to RDP Are you guys enforcing this on your networks? I'm not seeing any reason NOT to at this point, but would like to know if anyone here has and if there are any caveats. The only thing that comes to mind is a Linux (MacOS, etc.) user with an older RDP client. Anyone? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Java
Unfortunately, Citrix built most of their older management consoles on Java. Java 6 is still required for most versions of XenApp. If you install Java 7, the installer complains that Java 6 was not found and then no install. The installer looks for Java 6 U 14 but works even if U39 is installed. But those version of XenApp that require Java 6 are all EOS/EOM/EOL so Citrix will not do anything to fix their consoles even though those products will be used for years to come. There are people who still use the former versions of XenApp (Metaframe, MetaFrame XP and Presentation Server) that require NT4 and W2K. Thanks Webster From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Subject: RE: Java Yes, the big holes that everyone was talking about are fixed. There are still some there though. But as you say later in the thread. 6 is dead Jim, time to move on. It is the lesser of evils now. From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov] Subject: RE: Java Lol Very true. I was asking more along the lines of the last big 0 Day vulnerability. I want to be able to go back to my developers and ask them to work on making the newest technology work with our internal apps. From: Jim Kennedy [mailto:kennedy...@elyriaschools.org] Subject: RE: Java 7 13 is better than 6 38, but I won't say it is 'fixed' since it isn't. There are still problems and will be for years to come, imho. From: Heaton, Joseph@Wildlife [mailto:joseph.hea...@wildlife.ca.gov] Subject: Java Anyone know if the latest Java 7 update finally seals the big vulnerability from recent times? We've actually told people they can't update past 6u38, but would like to at some point... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: upgrading W2K3 to W2K8 both 32 bit, uninstalling Powershell breaks things.
Issues like these are why I never recommend in-place upgrades. Sorry that is no help to you now. Thanks Webster From: Rene de Haas [mailto:rene.deh...@gmail.com] Sent: Sunday, February 10, 2013 5:17 PM To: NT System Admin Issues Subject: upgrading W2K3 to W2K8 both 32 bit, uninstalling Powershell breaks things. Hi, At the beginning of the upgrade it does a compatibility check and tells me to remove powershell. I check and it's version 1.0. When starting the uninstall it lists a whole bunch of stuff that will break if I uninstall it. Amongst other things the dot net framework, which breaks other programs. Also the programs they desperately need were mentioned. The program is using SQL server 2008 btw. I googled but didn't see anything indicating a way I can do this without uninstalling it. I uninstalled powershell. upgrade to W2K8 went fine. Program errored. Unfortunately, allmost nothing about the program is on the internet. Only on the manufacturers website. And that information leaves something to be desired. Added powershell 1.0 through features. Didn't fix the error. Repair dot net. Didn't fix it. In IIS I keep getting "The configuration section 'protocolMapping' cannot be read because it is missing a section declaration. The web.config file hasn't changed though. Maybe I could start over, change the powershell registry key a bit and after the upgrade restore it? Grateful for any ideas ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Passsword Meter
They store all the data in Dropbox since with Dropbox passwords are not always required or used even if you have one. Thanks Webster From: Hank . [mailto:hgedr...@gmail.com] Subject: Re: Passsword Meter Not to worry. It is in "the cloud" so it is totally secure... On Thu, Feb 7, 2013 at 6:21 PM, S Powell mailto:powe...@gmail.com>> wrote: it says that mine, "qwerty123" is not very good... odd that... or what a great way to collect passwords... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Passsword Meter
I use Internet Exploder and trust Microsoft to have a safe and secure browser that affords me plenty of security on the Internet. What more do I need? Thanks Webster From: Andrew S. Baker [mailto:asbz...@gmail.com] Subject: Re: Passsword Meter It's not like they won't grab IP info... Plus, are you *sure* your browser is not giving away username info? On Thu, Feb 7, 2013 at 6:24 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: Yeah, I'm not too crazy about it, but its not like you put a username in to match. -Original Message- From: S Powell [mailto:powe...@gmail.com<mailto:powe...@gmail.com>] Subject: Re: Passsword Meter it says that mine, "qwerty123" is not very good... odd that... or what a great way to collect passwords... On Thu, Feb 7, 2013 at 2:56 PM, Crawford, Scott mailto:crawfo...@evangel.edu>> wrote: > If you don't mind typing your password into a web form, this is a pretty nice > indicator of strength. > > http://www.passwordmeter.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Domain upgrade: 2008 R2 or 2012 ?
Copycat! :) Thanks Webster From: Andrew S. Baker [mailto:asbz...@gmail.com] Subject: Re: Domain upgrade: 2008 R2 or 2012 ? Seconded. ASB http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker> Providing Virtual CIO Services (IT Operations & Information Security) for the SMB market... On Thu, Feb 7, 2013 at 4:43 PM, Brian Desmond mailto:br...@briandesmond.com>> wrote: I would go straight to WS2012. >From an AD perspective, you can take advantage of new features like >virtualization safeties, group managed service accounts, and dynamic access >control. Thanks, Brian Desmond br...@briandesmond.com<mailto:br...@briandesmond.com> w - 312.625.1438 | c - 312.731.3132 From: Christopher Bodnar [mailto:christopher_bod...@glic.com<mailto:christopher_bod...@glic.com>] Sent: Thursday, February 7, 2013 3:34 PM To: NT System Admin Issues Subject: Domain upgrade: 2008 R2 or 2012 ? Has anyone done this evaluation recently? We are a 2003 R2 shop. We were in the process of planning a migration to a 2008 R2 domain last year (hardware was bought and deployed), when the funds got cut. From what I hear, we will have funding and approval this year for the project. So the question is now, 2008 R2 or 2012. I've had very little time with 2012 so far. Hopefully that will change in the near future. The benefits of going from 2003 to 2008 R2 i've already captured. From what I've seen so far, 2012 seems stable and an incremental upgrade for our environment. Some of the things that might push me towards 2012 don't apply in our environment. for Example RDS and Hyper-V. We are a big Citrix and VMWare shop. So I don't really see us making use of those specific features, or the enhancements in them from previous versions. From my understanding 2012 is included in our EA agreement. So I don't think it will really be a licensing issue. Love to hear thoughts and comments from others who are going through this right now, or have done this evaluation recently. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Domain upgrade: 2008 R2 or 2012 ?
+1, plus you will be ready for the next version of Citrix stuff set to be released on *&%&%#%$!)&*#%&@$^$ (oops looks like my NDA filter garbled that date!). Thanks Webster From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, February 07, 2013 3:43 PM To: NT System Admin Issues Subject: RE: Domain upgrade: 2008 R2 or 2012 ? I would go straight to WS2012. >From an AD perspective, you can take advantage of new features like >virtualization safeties, group managed service accounts, and dynamic access >control. Thanks, Brian Desmond br...@briandesmond.com<mailto:br...@briandesmond.com> w - 312.625.1438 | c - 312.731.3132 From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Thursday, February 7, 2013 3:34 PM To: NT System Admin Issues Subject: Domain upgrade: 2008 R2 or 2012 ? Has anyone done this evaluation recently? We are a 2003 R2 shop. We were in the process of planning a migration to a 2008 R2 domain last year (hardware was bought and deployed), when the funds got cut. From what I hear, we will have funding and approval this year for the project. So the question is now, 2008 R2 or 2012. I've had very little time with 2012 so far. Hopefully that will change in the near future. The benefits of going from 2003 to 2008 R2 i've already captured. From what I've seen so far, 2012 seems stable and an incremental upgrade for our environment. Some of the things that might push me towards 2012 don't apply in our environment. for Example RDS and Hyper-V. We are a big Citrix and VMWare shop. So I don't really see us making use of those specific features, or the enhancements in them from previous versions. From my understanding 2012 is included in our EA agreement. So I don't think it will really be a licensing issue. Love to hear thoughts and comments from others who are going through this right now, or have done this evaluation recently. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Exchange Server 2013: Not quite ready for the data center - Computerworld
Troublemaker! Is that why you went out of the country before the article hit? Thanks Webster From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, February 07, 2013 1:46 PM To: NT System Admin Issues Subject: RE: Exchange Server 2013: Not quite ready for the data center - Computerworld I think that article has made the Exchange team very mad at me. Apparently, not such a big deal when the MVPs blog it and it gets put into Redmond magazine or WindowsIT Pro magazine - but hitting ComputerWorld has caused a lot of angst. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, February 7, 2013 12:52 PM To: NT System Admin Issues Subject: Exchange Server 2013: Not quite ready for the data center - Computerworld Hey, MBS What's your take on this article?I haven't touched Exchange 2013 as yet... http://www.computerworld.com/s/article/9236531/Exchange_Server_2013_Not_quite_ready_for_the_data_center?taxonomyId=18&pageNumber=1 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Registry entries to set a WSUS client
Do you have this update? http://blogs.technet.com/b/sus/archive/2012/09/04/an-update-for-windows-server-update-services-3-0-service-pack-2-is-available-kb2734608.aspx Thanks Webster > -Original Message- > From: Michael Leone [mailto:oozerd...@gmail.com] > Sent: Thursday, February 07, 2013 10:53 AM > To: NT System Admin Issues > Subject: Re: Registry entries to set a WSUS client > > On Wed, Feb 6, 2013 at 12:51 PM, Andrew S. Baker > wrote: > > > > Yes, it still does work if you change the registry manually, but having a > separate OU for testing (like everyone else is saying) is the best path. > > Yes, you're right. So I did this - set up a test OU, and a test GPO, pointing > at > my new WSUS server. I rolled out some new VMs - Win7, Win2003, Win2008, > Win2012, put them in that OU, added them to the group that links to that > new GPO. All are showing up in the new WSUS server (yay!). However, the > 2012 server is showing up as OS Win2003 STD x64, and not Win2012. What's > up with that? :-) I am up to date on the WSUS updates, apparently. Is this > just > a display bug? It shows I need 14 updates (which I suppose is correct), ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: blogging
Congrats on making to the 1 year mark. Keep up the good work. Thanks Webster From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, February 06, 2013 4:13 PM To: NT System Admin Issues Subject: OT: blogging It's exactly one year today since a thread on this list (and a few of the list members) encouraged me to start blogging. After nearly 100,000 page views and one industry award later, I have to say thankyou for the encouragement Here's my brief and uninteresting anniversary post http://appsensebigot.blogspot.co.uk/2013/02/a-year-of-appsense-bigotry.html Thanks again, -- James Rankin Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DFSR question regarding RDC
Using DFS-R for PVS 6.x is really nice. PVS 5.x doesn't support DFS-R so don't call Citrix or MS for support when it screws up your PVS system (provided you can even get DFS-R and PVS to even start looking at each other). Thanks Webster From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Wednesday, February 06, 2013 2:21 PM To: NT System Admin Issues Subject: RE: DFSR question regarding RDC Yes it's block level. IIRC down to like 64KB blocks that it does the diff at. Once you put the first image out there, you should only expect to replicate the diffs in all the other images. Thanks, Brian Desmond br...@briandesmond.com<mailto:br...@briandesmond.com> w - 312.625.1438 | c - 312.731.3132 From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Wednesday, February 6, 2013 10:41 AM To: NT System Admin Issues Subject: DFSR question regarding RDC Got a question about this: http://msdn.microsoft.com/en-us/library/windows/desktop/bb540025(v=vs.85).aspx "Replicating data to multiple servers increases data availability and gives users in remote sites fast, reliable access to files. DFSR uses a new compression algorithm called Remote Differential Compression (RDC). RDC is a "diff over the wire" protocol that can be used to efficiently update files over a limited-bandwidth network. RDC detects insertions, removals, and rearrangements of data in files, enabling DFSR to replicate only the deltas (changes) when files are updated." Just curious if anyone has really looked at this in regards to the RDC feature in larger files. Got a replication set we are going to setup. These will be larger files (17-25G), they will be images for Citrix Provisioning server. Wanted to know if it's really doing delta's in larger images files as they change, or replicating the whole thing. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Registry entries to set a WSUS client
Couldn't you also create a test OU, create a GPO for the new WSUS server, link it to the test OU, put the VMs in that OU, reboot the VMs for the OU move and verify your WSUS settings? That way you are not touching production and also, even better, not relying on reg hacks. Thanks Webster > -Original Message- > From: Michael Leone [mailto:oozerd...@gmail.com] > Subject: Registry entries to set a WSUS client > > I'd like to test my new WSUS server, before changing my GPO to point to it. > And it occurred to me that I could set a couple test VMs to point to the new > server, and see if they can get their updates from it, before making the > change to the GPO. There used to be a way to set this via registry entries. > Anybody know if this would this still work on a Win2008 R2 server? > > Windows Registry Editor Version 5.00 > > [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\Windows > Update] > "WUServer"="http://new-WSUS-server"; > "WUStatusServer"="http://new-WSUS-server"; > > [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\windows\Windows > Update\AU] > "UseWUServer"=dword:0001 > "NoAutoUpdate"=dword: > "AUOptions"=dword:0002 > "ScheduledInstallDay"=dword: > "ScheduledInstallTime"=dword:0003 > "DetectionFrequencyEnabled"=dword:0001 > "DetectionFrequency"=dword:0001 > "NoAUAsDefaultShutdownOption"=dword:0001 > "NoAUShutdownOption"=dword:0001 > "RescheduleWaitTimeEnabled"=dword:0001 > "RescheduleWaitTime"=dword:0001 > "UseWUServer"=dword:0001 > > If I import these registry entries to a test Win2003 and Win2008 R2 VMs, and > then stop and start the Windows Update service, those VMs should check in > with the new server, and get it's updates. Then I can see that the new server > is working. Then I can change the GPO ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Rename 2003 domain
But compared to "Desmond and MBS", superscript would have put my name higher than theirs and it should be lower (much lower) so subscript, in this one case, should be used. Thanks Webster > -Original Message- > From: Kurt Buff [mailto:kurt.b...@gmail.com] > Sent: Tuesday, February 05, 2013 3:23 PM > To: NT System Admin Issues > Subject: Re: Rename 2003 domain > > Footnotes are more typically done with superscripts. > > Just sayin' :) > > Kurt > > On Tue, Feb 5, 2013 at 12:33 PM, Webster > wrote: > > My name doesn’t belong in the same sentence as “Desmond and MBS”. > My > > name should have appeared in subscript! J > > > > > > From: David Lum [mailto:david@nwea.org] > > Sent: Tuesday, February 05, 2013 1:46 PM > > To: NT System Admin Issues > > Subject: RE: Rename 2003 domain > > > > Wow, Webster Desmond and MBS recommend against it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Rename 2003 domain
My name doesn't belong in the same sentence as "Desmond and MBS". My name should have appeared in subscript! :) Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: David Lum [mailto:david@nwea.org] Sent: Tuesday, February 05, 2013 1:46 PM To: NT System Admin Issues Subject: RE: Rename 2003 domain Wow, Webster Desmond and MBS recommend against it. ...and I thought a couple of SBS swings were high on the "things could go horribly wrong" scale... From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, February 05, 2013 10:36 AM To: NT System Admin Issues Subject: RE: Rename 2003 domain To the OP: you already know your domain is broken. Good luck. You are going to need it. From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Tuesday, February 5, 2013 1:29 PM To: NT System Admin Issues Subject: RE: Rename 2003 domain To add to Michael's point, this wasn't necessary and probably wasn't the best idea. The consultant obviously messed something up given you had to rejoin clients. The simple fact that the consultant was happy to (and possibly recommended) this domain rename tells me a lot. Thanks, Brian Desmond br...@briandesmond.com<mailto:br...@briandesmond.com> w - 312.625.1438 | c - 312.731.3132 From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Tuesday, February 5, 2013 9:55 AM To: NT System Admin Issues Subject: RE: Rename 2003 domain We hired a consultant to move us to AD 2008 R2 and E2010. He renamed the domain to company.net this past weekend. We did have to manually rejoin the clients to the new domain (rebooting twice did not make the clients auto-join), but everything appears to be working fine. We have just extended the schema and have our first 2008 R2 domain controller up and running. Anything in particular I should check to verify that all is well? From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Tuesday, February 05, 2013 9:50 AM To: NT System Admin Issues Subject: RE: Rename 2003 domain Don't rename the domain. Just Say No. There is no need. Sent from my Windows Phone From: David Mazzaccaro Sent: 2/1/2013 9:50 PM To: NT System Admin Issues Subject: RE: Rename 2003 domain Thx I Just read through that thread. One comment was that you never need to register an internal name on a certificate But it doesn't go into detail as to why. The other bigger headache (which I understand) is to NOT use an internal name that will also be used externally. We only use "company.com" on in the internet. So if we never use "company.NET" on the outside, why couldn't/shouldn't I rename the domain to that? Thx From: Webster [mailto:webs...@carlwebster.com] Sent: Friday, February 01, 2013 12:23 PM To: NT System Admin Issues Subject: RE: Rename 2003 domain Go to the archives and read the "SSL and the new no internal names ruling" thread. I think you are going in the wrong direction. Thanks Webster From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Friday, February 01, 2013 9:48 AM To: NT System Admin Issues Subject: Rename 2003 domain I will be upgrading my domain from 2003 to 2008 R2 and Exchange 2003 > 2010. Apparently E2010 does not like my current domain name "company.town.main" It wants (needs?) a name that can be registered w/ an internet registrar in order to obtain a certificate. So... I will be renaming the domain to "company.net" this weekend. I have already registered the "company.net" name. >From what I have read, it is fairly (?) straightforward: http://technet.microsoft.com/en-us/library/cc738208(v=ws.10).aspx Then there are specific Exchange changes: "XDR-fixup" Then it seems EVERY computer needs to reboot twice for them to see the new domain. I do have a script for this and a txt file w/ all the machines in it: for /f %%i in (machines.txt) do shutdown -m \\%%i -f -r -t 05 My question is... has anyone here successfully renamed a 2003 domain (especially w/ Exchange 2003 in it)? Care to share your experience and any gotcha's that came up? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Robocopy reliability
I have used XXCOPY for the few customers who still think Robocopy is an unsupported MS utility. http://xxcopy.com/ XXCOPY is actively updated and maintained and also has at less 10 quadzillion command line parameters. Thanks Webster From: Tigran K [mailto:tigr...@gmail.com] Subject: Re: Robocopy reliability He was saying we should use just plain old copy. -T On Mon, Feb 4, 2013 at 10:11 AM, Matthew W. Ross mailto:mr...@ephrataschools.org>> wrote: I have never had a problem with Robocopy. It did exactly what I told it to do and gave me detailed information on what it did. I could not ask for more from a command line copy utility. I'm sensing that your Boss has a bias, perhaps due to a bad experience he had previously. If so, what does _he_ recommend? Maybe he has some awesome software I've never heard of. (It wouldn't be the first time!) --Matt Ross Ephrata School District - Original Message - From: Tom Miller Subject: RE: Robocopy reliability > I've used it many times for file migration moves and even for permissions > copies. Just this past weekend I migrated a pretty complex old Windows 2008 > server shared to Windows 2008 R2 this past weekend. I didn't copy > permissions since they were a mess. > > The only errors I've seen were my own, usually syntax or spelling. > > What are you trying to do? > > From: Tigran K [mailto:tigr...@gmail.com<mailto:tigr...@gmail.com>] > Subject: Robocopy reliability > > Having a discussion with the boss on how we should do something I suggested > robocopy. His reply was a strict "NO". Reasoning was that it's not reliable. > He said "I've seen it break". > > So my question is have you seen it break? Is robocopy any more or less > reliable than built in copy? I did point out that robocopy is built in to > windows as well at least for Windows7. Didn't seem to help. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin