I have a TMG2010 that I have put into my DMZ hosted by my ASA 5510.
I am trying to publish a generate dumb website for testing prior to
doing my OWA and I am getting actively refused errors back 10061 instead
of to the website.
Where do I start looking, on the ASA because it is the next hop or
I have this problem. I have an AD group that has just a name and no
description, no notes, no nothing. (it was apparently created like 7
years ago). I don't know what it does, or what it is used for. I
*suspect* that it's used to control ACLs to a share, but I don't know
that for sure. And it
DUMPSEC. Free.
http://www.systemtools.com/somarsoft/index.html
-Original Message-
From: Michael Leone [mailto:oozerd...@gmail.com]
Sent: Thursday, September 27, 2012 7:27 AM
To: NT System Admin Issues
Subject: Listing all groups / finding a group on shared folders security
I have this
BTW, I know *EXACTLY* How you feel. We have a lot of groups created before I
was here and the description says simply for access to files.
Along the same lines, how do folks here go about auditing security groups and
knowing if they are still valid or if the members list is still appropriate?
Thanks. For some reason, I seem to only get Access Denied when I
point it as some share, even tho I have access to that share.
DUMPSEC.exe /computer=\\File-Server /rpt=dir=\\File-Server\DOCS
/outfile=D:\DOCS.dcl
If I browse to \\File-Server\DOCS, I can see everything, all files and
You are talking about certification and recertification. All part of
Identity and Access Management. Like anything else it all depends on the
size of your company, $$$, resources. Some places have a manual process
(spreadsheets, home grown DB, etc). Then there are the bigger players
in
You need to audit changes of membership and validate they are appropriate. You
can roll your own processes or use 3rd party software.
Every group needs to have an owner identified that attests to its membership
and necessity periodically. Identifying the purpose of the group has already
been
That's why I name my groups descriptively.
If the group is for read-only access by US staff to the HR directory
in the departments share on the home file server, I name it as
US-HomeDepartmentsHR-RO
If the group is for read-write access by the UK staff to a SQL
database name CustomerProfiles in
Oh, if I could only get us there. Actually that's an achievable goal these days
since they've given me the AD throne. Getting there!
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Thursday, September 27, 2012 10:04 AM
To: NT System Admin Issues
Subject: Re:
Well the other part is dev teams can do a lot with pre-release code and
such but they really can't be solid until RTM. Now, RTM is code release
right? How much is left for documentation, etc now? The System Center
Suite is an incredibly large complex set of interralated moving parts.
One thing
On Thu, Sep 27, 2012 at 1:04 PM, Kurt Buff kurt.b...@gmail.com wrote:
That's why I name my groups descriptively.
If the group is for read-only access by US staff to the HR directory
in the departments share on the home file server, I name it as
US-HomeDepartmentsHR-RO
I do the same. Well, we
On Thu, Sep 27, 2012 at 1:04 PM, Kurt Buff kurt.b...@gmail.com wrote:
The good thing about this is that you can then populate those
descriptive groups with the base groups for departments or workgroups,
and when someone moves to a new position, you remove them from their
no longer relevant
Yeah - once a group has been used promiscuously for permissions, its
hard to track it all down.
I still have some groups that were generated of 10 years ago in the
NT4 domain that I'll get around to tracking down and eliminating -
someday...
Kurt
On Thu, Sep 27, 2012 at 10:57 AM, David Lum
On Thu, Sep 27, 2012 at 11:17 AM, Michael Leone oozerd...@gmail.com wrote:
On Thu, Sep 27, 2012 at 1:04 PM, Kurt Buff kurt.b...@gmail.com wrote:
The good thing about this is that you can then populate those
descriptive groups with the base groups for departments or workgroups,
and when
Consider that you are not his audience...
On Thu, Sep 27, 2012 at 3:21 PM, David Lum david@nwea.org wrote:
I disagree with this guy, but maybe because I’m so oldschool..
** **
“Dion Hinchcliffe, an analyst at the Dachis Group and a frequent blogger
on the changing enterprise, says
Bollocks. Cars are getting easier to use but I am no mechanic. I can drive like
a maniac, but I know nothing about engines.
Users are driving trends and demanding more choice, but they still need people
to keep them out of trouble and to enable modern software in a way that
empowers them
A lot of people believe that the ultimate destination of the consumerization
of IT is that there is no more IT.
I believe that they are wrong.
From: David Lum [mailto:david@nwea.org]
Sent: Thursday, September 27, 2012 3:22 PM
To: NT System Admin Issues
Subject: Everyone is the IT department
It's already been discussed and solved.
http://xkcd.com/627/
From: David Lum [mailto:david@nwea.org]
Sent: Thursday, September 27, 2012 2:22 PM
To: NT System Admin Issues
Subject: Everyone is the IT department
I disagree with this guy, but maybe because I'm
On Thu, Sep 27, 2012 at 12:21 PM, David Lum david@nwea.org wrote:
I disagree with this guy, but maybe because I’m so oldschool..
“Dion Hinchcliffe, an analyst at the Dachis Group and a frequent blogger on
the changing enterprise, says it's time for IT to acknowledge they can't
control
More like Apocalypse Now
---Blackberried
-Original Message-
From: Jonathan Link jonathan.l...@gmail.com
Date: Thu, 27 Sep 2012 16:18:35
To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com
Reply-To: NT System Admin Issues
ntsysadmin@lyris.sunbelt-software.comSubject: Re:
I guess I should say I don't find this any different than any IT article
one of our directors brings to my attention, because he read it in the WSJ.
My routine is usually to explain how we're already doing it, why we're not
doing it or how much it will really cost us to do it (right).
On Thu,
My dad has that printed out next to the computers and he does in fact use
it.
On the article. It's obvious he doesn't actually work in a job with or on
computers. Nor does he work with or in a regulated industry. IT NEVER
controlled it's users, a businesses management did. IT often took the
I like my fat fingers...
On Thu, Sep 27, 2012 at 1:18 PM, Jonathan Link jonathan.l...@gmail.com wrote:
On Thu, Sep 27, 2012 at 4:15 PM, Kurt Buff kurt.b...@gmail.com wrote:
On second though: Hahahahahahahaha - hell now.
Is that like serenity now?
~ Finally, powerful endpoint security that
This reminds me of the old days when IT meant mainframes and terminals.
User groups started setting up their own LANs and escaping our control.
Various disasters relating to bad updates, security issues and such
eventually brought the LANs under IT control. We are repeating history
here, probably
Web/IIS (and other) developer here... URL authorization is for
restricting access to certain URLs for particular roles and users. It
gets along with basic/forms/Windows integrated authentication but is
not itself an authentication method.
At a very basic level, if all content is available to all
We are agents of change and we must change with the technology or become
marginalized.
From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Thursday, September 27, 2012 8:32 PM
To: NT System Admin Issues
Subject: Re: Everyone is the IT department
The one caution for IT professionals in all
:) I started writing 'Business Reports' in the mid-90's...I'm still
writing them despite all of the advances in Business Intelligence tools.
At the end of the day, *somebody* needs to understand the schema in order
to extract the data so it makes sense. Some IT roles will never go away.
As the
From the description below, I'm still not really sure what/how you need this
to work.
If /CommonContent should be available to all websites, then you could add it as
a virtual directory to each site. Configure authorization as required.
Cheers
Ken
From: John Bonner
Wouldn't that be ironic if the compromised build server was compromised by an
infected PDF file?
…Tim
-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Thursday, September 27, 2012 3:57 PM
To: NT System Admin Issues
Subject: One pooch, screwed Adobe style
From the article it appears the server was compromised by another machine
being hacked. Sounds like the hacker had inside info to me. How else could
they have found what sounds like a rare server not built correctly with access
to code signing certificates. Jon
From: tev...@sparling.com
30 matches
Mail list logo
