RE: DHCP - I'm at a loss

There are companies that don't? -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, February 28, 2012 3:27 PM To: NT System Admin Issues Subject: Re: DHCP - I'm at a loss On Tue, Feb 28, 2012 at 5:12 PM, N Parr wrote: > Unfortunately I'm running in "if it isn

RE: Log on to DC directly

FWIW I do exactly this - workstation VM with all the admin tools installed as my desktop software load is pretty generic (except for Visionapp Remote Desktop!). Advantages for the management tools VM: 1. Saves me from having to reinstall those when I get a new machine 2. All my OLDCMP.EXE, ADFIN

Re: Log on to DC directly

Is that Devil's Advocate, or something else? :) But that is the $64k question, isn't it. My thinking is that in theory, a VM has less physical exposure than the laptop I lug around. Credentials can be stolen whether the apps are run on the VM or locally, so that's a wash, but I'm thinking that i

Re: Citrix published app launch issue

Late to reply but yes I mistyped it - sorry. >>> James Rankin 2/28/2012 5:02 PM >>> Isn't that recreatelhc? I may be wrong, long time since I did it, but it's worth a try, worked for me before On 28 February 2012 21:42, Tom Miller wrote: Aside from what James and Webster recommended, I had th

RE: Log on to DC directly

We have a similar setup here. It simplifies FW rules (as we have well over 1000 firewalls) We use certificates to login – so even if end user machines are compromised, it makes it very difficult for malware to steal credentials from RDS box Provides a central point of auditing Cheers Ken From:

Re: Log on to DC directly

On Tue, Feb 28, 2012 at 9:32 PM, Richard Stovall wrote: > Remember that RDP, without significant, purposeful curtailing, can redirect > all kinds of things including drives, printers and the clipboard. True enough. But even with that, it's still forcing attacks in to a smaller channel (vs "the

Re: Log on to DC directly

On Tue, Feb 28, 2012 at 17:47, Ben Scott wrote: > On Tue, Feb 28, 2012 at 6:54 PM, Kurt Buff wrote: >> One other thing that I've been mulling over along with the other >> credentials is a set of VMs on which to run them. Want to manage >> AD/DNS/WINS/CA? RDP into this Win7 VM with the correct too

Re: Log on to DC directly

Remember that RDP, without significant, purposeful curtailing, can redirect all kinds of things including drives, printers and the clipboard. Not that anyone here would ever redirect a drive over an RDP session, of course, but it could create another opportunity for malware propagation beyond the o

Re: Log on to DC directly

On Tue, Feb 28, 2012 at 8:59 PM, Richard Stovall wrote: >>> One other thing that I've been mulling over along with the other >>> credentials is a set of VMs on which to run them. Want to manage >>> AD/DNS/WINS/CA? RDP into this Win7 VM with the correct tools on it. > > If the machine you're using

Re: Log on to DC directly

On Tue, Feb 28, 2012 at 6:54 PM, Kurt Buff wrote: > One other thing that I've been mulling over along with the other > credentials is a set of VMs on which to run them. Want to manage > AD/DNS/WINS/CA? RDP into this Win7 VM with the correct tools on it. > Want to manage AV/WSUS/other workstation s

Re: Log on to DC directly

On Tue, Feb 28, 2012 at 15:25, Ben Scott wrote: > On Tue, Feb 28, 2012 at 1:12 PM, Free, Bob wrote: >> If you want to look at really tightening things up search out the articles >> Laura >> Robinson has written about running with 0 domain admins.  While eliminating >> DAs might not be possible i

Re: Log on to DC directly

On Tue, Feb 28, 2012 at 6:32 PM, Crawford, Scott wrote: >> When one person is doing everything from a single PC, logging into >> 42 different accounts isn't going to yield nearly as much benefit. > > Agreed, but I'd suspect 3 would be a pretty beneficial place to start: > 1) Unprivileged standard

RE: Log on to DC directly

42 sounds like the perfect number :) Agreed, but I'd suspect 3 would be a pretty beneficial place to start: 1) Unprivileged standard user 2) Local administrator 3) Domain administrator -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, February 28, 2012 5:26

Re: DHCP - I'm at a loss

On Tue, Feb 28, 2012 at 5:12 PM, N Parr wrote: > Unfortunately I'm running in "if it isn't on fire, don't call me, I'll get > to it eventually" mode at the moment. Here where I work, the entire company operates in that mode. :-/ -- Ben ~ Finally, powerful endpoint security that ISN'T a resou

Re: Log on to DC directly

On Tue, Feb 28, 2012 at 1:12 PM, Free, Bob wrote: > If you want to look at really tightening things up search out the articles > Laura > Robinson has written about running with 0 domain admins. While eliminating > DAs might not be possible in your environment, her ideas definitely get you > thin

RE: Citrix published app launch issue

$Deity I feel dumb... A stop imaservice, dsmaint recreatelhc, start imaservice on the affected systems solved the problem. What's weird is that the only thing I know of that happened to those servers since they were hunky dory is a restart of the spooler (and the cpsvc service) last night. Ah w

RE: DHCP - I'm at a loss

Unfortunately I'm running in "if it isn't on fire, don't call me, I'll get to it eventually" mode at the moment. Only good thing about that is my users are starting to realize they had better have tried a reboot before they even think about calling me. -Original Message- From: Kurt Buf

Re: Citrix published app launch issue

Isn't that *recreatelhc*? I may be wrong, long time since I did it, but it's worth a try, worked for me before On 28 February 2012 21:42, Tom Miller wrote: > Aside from what James and Webster recommended, I had this issue a few > weeks ago. Turns out I had to do dsmaint rebuildlhc on all the X

Re: Citrix published app launch issue

http://carlwebster.com/using-one-citrix-web-interface-site-with-multiple-xenapp-farms-3/ Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com From: Damien Solodow mailto:damien.solo...@harrison.edu>> Reply-To: NT Issues mailto:nt

Re: Citrix published app launch issue

You can multi-home web interfaces across farms, as long as they are in the same AD forest. See Mr Webster's blog if you want an article on it. On 28 February 2012 21:32, Damien Solodow wrote: > I thought about that; my concern was how it would work via web > interface/services if we want users t

Re: Citrix published app launch issue

FWIW, I was on a site recently where a particular app wouldn't launch until they actually stopped the Citrix Print Manager service on the XenApp system. But they'd absolutely nailed these servers with redirected print driver installations. Can you launch the application if you log on to the server

RE: Citrix published app launch issue

No apps launch on those servers from the web interface. DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, February 28, 2012 4:26 PM To: NT System Admin Issues Subject: Re: Citrix published app

Re: Citrix published app launch issue

Aside from what James and Webster recommended, I had this issue a few weeks ago. Turns out I had to do dsmaint rebuildlhc on all the XenApp servers, since for some reason they were not showing that they were supposed to publish certain apps, then reboot the web servers, all was good. Also my I h

Re: Citrix published app launch issue

So there isn't a single app that launches from xenappsrv 1-6, correct? assuming that the testxenapp1 server is the same build/os type than xenappsrv 1-6, have you checked to make sure the install path is the same across all 6 servers ? Have you tried publishing the app server by server to check to

Re: Citrix published app launch issue

So you can't launch any apps from these problem servers? Or you are only having the problems with one application on these servers? On 28 February 2012 21:19, Damien Solodow wrote: > Users having the issue are both internal and external. > > The farm settings for the web interface are correc

Re: Test Your Malware IQ

The Furby will have a cellular modem, please place at your work with a view of your keyboard and screen. On Tue, Feb 28, 2012 at 1:03 PM, Guyer, Donald wrote: > How about a Furby? > > ** ** > > Regards, > > ** ** > > Don Guyer > > Directory and Messaging Services > Catholic Health Ea

Re: DHCP - I'm at a loss

If I knew, I *would* tell you, but those were just my first set of steps in the troubleshooting chain, gathering information. However, since that solved the problem, I'd tend to leave it be. OTOH, if you're looking for adventure (cold, wet nasty things that make you late for breakfast) you can tr

RE: Citrix published app launch issue

Users having the issue are both internal and external. The farm settings for the web interface are correct; applications enumerate properly and apps published to other servers in the farm launch without issue. We do have a services site, and it exhibits the same behavior with the apps on the prob

Re: Citrix published app launch issue

Are your users hitting the problem launching it from the Web Interface internally or externally? What are the farm settings for the Web Interface, are they correct? Can they launch the same app through the Services Site on the Web Interface (if you have one, you know, what used to be the PNAgent UR

RE: Test Your Malware IQ

How about a Furby? Regards, Don Guyer Directory and Messaging Services Catholic Health East, ITSS From: Free, Bob [mailto:r...@pge.com] Sent: Tuesday, February 28, 2012 3:53 PM To: NT System Admin Issues Subject: RE: Test Your Malware IQ Affirmative and you don't get a kewpie doll From: Richar

RE: Test Your Malware IQ

If we click the link provided, do we flunk the phishing test? From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Tuesday, February 28, 2012 2:02 PM To: NT System Admin Issues Subject: Test Your Malware IQ This is not an easy test, but luckily all the correct answers are provided after

RE: Log on to DC directly

Thanks for this. I'm only a few paragraphs in, but this is great stuff. -Original Message- From: Free, Bob [mailto:r...@pge.com] Sent: Tuesday, February 28, 2012 12:13 PM To: NT System Admin Issues Subject: RE: Log on to DC directly If you want to look at really tightening things up sea

Re: Log on to DC directly

That looks a good read, Bob, thanks for posting that On 28 February 2012 18:12, Free, Bob wrote: > If you want to look at really tightening things up search out the articles > Laura Robinson has written about running with 0 domain admins. She is an > extremely bright lady and I've long admired h

RE: Call conferencing solutions

I actually use FreeConference when things HAVE to happen on a telephone (although I use a paid plan, not the free plan), but preferentially use LiveMeeting or Lync for meetings. A single properly-planned Lync server can host 100 callers (or more). -Original Message- From: Ben Scott [mai

RE: Log on to DC directly

If you want to look at really tightening things up search out the articles Laura Robinson has written about running with 0 domain admins. She is an extremely bright lady and I've long admired her work from a distance. There are also some videos available online of her work on TechNet since she w

Re: Call conferencing solutions

On Tue, Feb 28, 2012 at 12:40 PM, Webster wrote: > Are there people who still do not have unlimited calling plans with their > home/office/cell plans?  Every telephone provider in my area no longer talks > about long-distance calling plans.  Every option includes unlimited calling > anywhere in th

Re: Call conferencing solutions

Intercall is the company we use. www.intercall.com or 800-374-2441 Sent from my iPad On Feb 28, 2012, at 9:35 AM, Webster wrote: > GoToMeeting and GoToWebinar also should be looked at. > > > Carl Webster > Consultant and Citrix Technology Professional > http://www.CarlWebster.com > > From

Re: Call conferencing solutions

On Tue, Feb 28, 2012 at 9:10 AM, Tom Miller wrote: > I'm looking for an audio call conferencing solution. We use ConferenceCalls.com, which, despite the corny name, was found to be one of the cheapest options for our needs. They've been reliable. > We'll probably have 40 concurrent callers at

Re: Call conferencing solutions

Are there people who still do not have unlimited calling plans with their home/office/cell plans? Every telephone provider in my area no longer talks about long-distance calling plans. Every option includes unlimited calling anywhere in the 48 lower states. Carl Webster Consultant and Citr

RE: Call conferencing solutions

Sure, for a hefty price. 7 cents a min per attendee will add up quick(and that's if you buy 10,000 min a month at $700) We use the standard plan and have them burn cell phone minutes to call in. This offloads some of the cost on our side. John W. Cook Network Operations Manager Partnership For

Re: Call conferencing solutions

Toll Free Numbers are available: http://www.gotomeeting.com/fec/gotomeeting_pricing Click the "Integrated Toll-Free" link. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com From: John Cook mailto:john.c...@pfsf.org>> Reply-To:

RE: Call conferencing solutions

I switched to HiDefCorporate from Global Conferencing and have been very happy. HiDef is owned by Citrix now and we got the lowest pricing at the time I was shopping it. With the amount of minutes you will be using, it should be cheap. From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Tuesd

Re: Another new-ish angle on VDI

http://www.nasdaq.com/article/cisco-to-resell-citrix-xendesktop-to-deliver-virtual-workspaces-anywhere-on-any-device-20120213-00329 Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com From: James Rankin mailto:kz2...@googlemail.co

Re: Another new-ish angle on VDI

Oooh. Is that to run on UCS? Sounds funky (and possibly expensive) On 28 February 2012 16:16, Webster wrote: > Citrix also did a similar deal with Cisco not to many days ago. > > >Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com

Re: Cloud-based servers and the like

No cost was me being ever hopeful :-) I would probably only run a DC and a couple of app servers, maybe swap app servers over with other server instances as tests dictated. I'm just looking at some EC2 pricing right now but I'm wondering if the cost is worth the redundancy. On 28 February 2012 15

Re: Another new-ish angle on VDI

Citrix also did a similar deal with Cisco not to many days ago. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com From: James Rankin mailto:kz2...@googlemail.com>> Reply-To: NT Issues mailto:ntsysadmin@lyris.sunbelt-software.co

RE: Cloud-based servers and the like

Azure has a "free" VM option for all TechNet and MDSN subscribers. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Tuesday, February 28, 2012 10:41 AM To: NT System Admin Issues Subject: Re: Cloud-based servers and the like At no cost? Not likely.Low cost, sure. What are these server

Re: Another new-ish angle on VDI

Let's revisit in another 6 months. Everyone promises seamless deployment of everything without having to put a whole lot of planning into it, but reality doesn't always buy that argument. * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… *

Re: Cloud-based servers and the like

At no cost? Not likely.Low cost, sure. What are these servers going to do? Because even pennies a day add up. * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Tue, Feb 28, 2012 at 9:58 AM, James Rankin wrote: > I am sure I r

Re: Call conferencing solutions

Take a look at Conference Plus... * * *ASB* *http://XeeMe.com/AndrewBaker* *Harnessing the Advantages of Technology for the SMB market… * On Tue, Feb 28, 2012 at 9:48 AM, Louis, Joe wrote: > Since already use the GoTo products, we looked at the Citrix solution for > voice conferences but fou

RE: DHCP - I'm at a loss

It works, care to tell me why? &$@%^$%^& -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, February 28, 2012 8:48 AM To: NT System Admin Issues Subject: Re: DHCP - I'm at a loss So, what happens when you remove them, and set them globally, rather than per s

Re: Cloud-based servers and the like

Neil Spellings is in your neighborhood (if you consider England a neighborhood) and offers a service like what you want, IIRC. http://neil.spellings.net/aboutme/ Tell Neil, I sent you. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com

Another new-ish angle on VDI

http://blogs.citrix.com/2012/02/27/dell-and-citrix-just-blew-the-lid-off-desktop-virtualization/ -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of i

Re: Windows 2008 DC getting AAAA records instead of A records for DNS

So your 6to4 tech is kicking in. You're using routable IPv4 addresses, and 6to4 is creating IPv6 addresses from them. these will register in DNS as records unlike Link Local IPs. We've enabled the 6to4 group policy and set the state to disabled. The three sites where we use routable IPs intern

Cloud-based servers and the like

I am sure I remember seeing something like this on the list but can't find it in the archives, so I figured I'd ask Is there any service out there like those provided by Amazon for cloud-based server infrastructure that lets you spin up a few servers in the cloud at low (or even better, no) co

RE: Call conferencing solutions

Since already use the GoTo products, we looked at the Citrix solution for voice conferences but found them to be too expensive. We're trying out one that we found at http://www.pgi.com. The rate is awesome and it can easily handle the 40 concurrent users. -Joe From: Webster [mailto:webs...@ca

Re: DHCP - I'm at a loss

So, what happens when you remove them, and set them globally, rather than per scope? On Tue, Feb 28, 2012 at 05:14, N Parr wrote: > Yes Identical in every way, except for 003 router of course.  I created the > pre-defined options and then selected them at the scope level. > > -Original Messa

RE: Call conferencing solutions

GoToMeeting is not toll free, at least not the version we use. John W. Cook Network Operations Manager Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Webster [mailto:webs..

Re: Call conferencing solutions

GoToMeeting and GoToWebinar also should be looked at. Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com From: Tom Miller mailto:tmil...@hnncsb.org>> Reply-To: NT Issues mailto:ntsysadmin@lyris.sunbelt-software.com>> Date: Tue,

Call conferencing solutions

I'm looking for an audio call conferencing solution. We are going to start holding regional tele-conference calls here. We will host. I'm looking for a toll-free solution, so our partners call the toll-free number and we are billed based on the number of minutes. We'll probably have 40 conc

RE: Windows 2008 DC getting AAAA records instead of A records for DNS

If the tunnel adapter doesn't show "media disconnected", then something is advertising as a 6to4 router. I'm no expert so could be some other DNS entry or maybe it doesn't even need a dns entry, just something advertising as a router. I think ipconfig /all should show the ipv6 router and a tracer

RE: Cisco Wireless control system

We have several offices connected back to our data center via VPN that have APs in them that are managed by our WCS. As long as all of the routing is in place, the APs should find their way home. From: HELP_PC [mailto:g...@enter.it] Sent: Monday, February 06, 2012 2:54 AM To: NT System Admin Is

RE: DHCP - I'm at a loss

Yes Identical in every way, except for 003 router of course. I created the pre-defined options and then selected them at the scope level. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, February 27, 2012 11:07 PM To: NT System Admin Issues Subject: Re: DH