In the absence of 3rd party tools, probably the simplest way to monitor trust
creation/modification is via the security log. You want Policy Change auditing
enabled and watch for events 610/611/620 in W2K/W2K3. Different events in 08
but you get the idea.
610- New Trusted Domain
611- Trusted Do
http://www.baremetalsoft.com/baretail/index.php
Awesome little free tool, standalone (no install), can run from network etc
Simultaneously monitor multiple files for changes using tabs, multi color
highlighting for different strings and so on
From: cs [mailto:chr...@gmail.com]
Sent: Sunday, Fe
There are GPO extensions.
http://technet.microsoft.com/en-us/magazine/2007.04.cableguy.aspx
They involve a schema extension.
http://technet.microsoft.com/en-us/library/bb727029.aspx
From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com]
Sent: Friday, February 20, 2009 9:25 AM
T
orm factor. But the T6x series ones do.
I had a T61 before this and I still use the same docks.
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, February 18, 2009 9:20 AM
To: NT System Admin Issues
Subject: RE: Dell Latitude E Series 1st Impression
Martin- Do the older docks, say from
Martin- Do the older docks, say from the T4x series fit the T400?
From: Martin Blackstone [mailto:mblackst...@gmail.com]
Sent: Tuesday, February 17, 2009 5:52 PM
To: NT System Admin Issues
Subject: RE: Dell Latitude E Series 1st Impression
Go grab yourself a Lenovo T400. I love this lapto
adfind -default -f
"(&(objectCategory=person)(objectclass=user)(!primaryGroupID=513))"
-nodn samaccountname userprincipalname primarygroupID
-Original Message-
From: Jeremy Anderson [mailto:jer...@mapiadmin.net]
Sent: Friday, February 13, 2009 9:52 AM
To: NT System Admin Issues
Subject: P
Or you can use the EPA GPO template on XP if you don't want to got the
GPP route.
http://www.energystar.gov/index.cfm?c=power_mgt.pr_power_mgt_ez_gpo
-Original Message-
From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]
Sent: Thursday, February 12, 2009 10:56 AM
To: NT System Ad
27;ll be at TEC'2009! http://www.tec2009.com/vegas/index.php
-Original Message-
From: Free, Bob [mailto:r...@pge.com]
Sent: Thursday, February 12, 2009 11:33 AM
To: NT System Admin Issues
Subject: RE: Remote Desktops organized
Hahaha
Thread Hijack- "too much time on my hand
logon,
however most of the time they would only sync on a restart or a power
off and back on. The last of these processes have been retired so I no
longer have that issue.
-Original Message-
From: Free, Bob [mailto:r...@pge.com]
Sent: Thursday, February 12, 2009 10:40 AM
To: NT System
If you haven't changed default setting, once it is synched, the time
service should resync every 8 hrs once it has pulled itself in. 2
minutes is a bit much. Check the eventlog.
Then try w32tm /resync. If successful, the time service should walk
itself back in
From: Phillip Partipilo [mail
, MCITP:SA,EMA/MCSE/Exchange MVP
My blog: http://TheEssentialExchange.com/blogs/michael
I'll be at TEC'2009! http://www.tec2009.com/vegas/index.php
-Original Message-
From: Free, Bob [mailto:r...@pge.com]
Sent: Thursday, February 12, 2009 11:15 AM
To: NT System Admin Issues
Same here. Went from MS Remote Desktops to VisionApp to MRemote to Terminals.
Terminals is definitely my favorite.
Hope this passes MBS's word filter :-)
From: Garcia-Moran, Carlos [mailto:cgarciamo...@spragueenergy.com]
Sent: Thursday, February 12, 2009 6:49 AM
To: NT System Admin Issues
Subje
Admin Issues
Subject: RE: vRD 2009
Of course now I have to convert everything from MRemote to this. Got
any good tips on switching?
Jon Lewis
-Original Message-
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, February 11, 2009 1:17 PM
To: NT System Admin Issues
Subject: RE: vRD
My blog: http://TheEssentialExchange.com/blogs/michael
I'll be at TEC'2009! http://www.tec2009.com/vegas/index.php
-Original Message-
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, February 11, 2009 1:45 PM
To: NT System Admin Issues
Subject: RE: vRD 2009
I've used both Visi
itch to something else as MRemote constantly
hangs up on me when I try to close it. It's corrupted it's XML file to
the point that I've had to restore from backup more than a few times.
I'll give Terminals a try. The new VisionApp isn't freeware is it?
Jon Lewis
--
I've used both VisionApp and mRemote a lot and settled on mRemote for
the last 6 months or so. Recently I stumbled across something on
codeplex called Terminals by accident that is similar to mRemote in its
basic feature set but much more feature rich. I've come to like it a lot
better. One cool th
Are you talking about Event Log subscriptions which are only available in
Windows Vista and Windows Server 2008?
-Original Message-
From: Juned Shaikh [mailto:jsha...@gmail.com]
Sent: Friday, February 06, 2009 11:51 AM
To: NT System Admin Issues
Subject: Win2k3R2 Event forwarding to anot
I'd think klist would be more like if that was the chosen route as it's
CLI
From: Devin Meade [mailto:devin.me...@gmail.com]
Sent: Thursday, February 05, 2009 10:26 AM
To: NT System Admin Issues
Subject: Re: Scripting: How to tell if login was cached or domain?
urity Alert TA09-020A -- Microsoft Windows Does Not
Disable AutoRun Properly"
-Original Message-----
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, January 28, 2009 7:14 PM
To: NT System Admin Issues
Subject: RE: Malware and USB flash drives (was: Bookmark management programs)
Not n
+1
Great to see you here Brian. Hope to see you in Vegas in a few weeks...
-Original Message-
From: Jake Gardner [mailto:jgard...@ttcdas.com]
Sent: Wednesday, January 28, 2009 7:07 AM
To: NT System Admin Issues
Subject: RE: dcdiag results?... Looking for some input here.
Welcome to the
Not necessarily. It does provide a false sense of security though. :-]
http://isc.sans.org/diary.html?storyid=5695&rss
-Original Message-
From: René de Haas [mailto:rene.deh...@woodward.com]
Sent: Wednesday, January 28, 2009 8:33 AM
To: NT System Admin Issues
Subject: RE: Malware and US
I would expect if there was *big* SBS problem with that patch Susan Bradley
would be screaming about it on her blog and patchmanagement.org since SBS and
patch are two of the most often used words in her vocabulary :-]
If I had any of the kitchen sink servers I'd be watching-
http://blogs.techn
The workaround I've used for a long time is a little program called
UrlRunAddIn, it adds itself to the right-click menu in Outlook and works
like a champ. I'm sure I heard about it here years ago.
Seems there are numerous utilities with the name urlrun kicking around
that do variations on the the
> So there is an ISC Dig.exe for windows? Cool, I'll grab that for sure!
http://members.shaw.ca/nicholas.fong/dig/
The instructions are a hoot
/excerpt
"Click Start.. Run ... type CMD (a black screen pops up)
cd c:\dig
sha1 *
You should see some SHA1 hashes (in here, SHA1 hash is used
There are tons of products in that space.
One that works well and has been around a long time is TNT's ELM product
line. Simple to get working, proven track record, built in reports,
excellent support. The price is reasonable for what you get IMO.
From: Oliver Marshall [mailto:oliver.marsh
I was wondering when there was going to be a call out on that statement
:-]
It is fairly simple to overwhelm a win32 machine by cranking up the
auditing too high. We were actually testing that yesterday
-Original Message-
From: Michael B. Smith [mailto:mich...@theessentialexchange.com
We added a 64 bit DC to our existing domain with no issues whatsoever
early last year to add some horsepower to a site allegedly being
hammered by Exchange and to test all our processes, documentation, 3rd
party agents, services etc in preparation for the next HW refresh. We
did it in the lab as we
I reuse DC names every time I do HW refresh and have renamed newly
promoted DC's back to the name of the one that was removed when I had to
run a site in parallel during HW refresh.
The thing you need to insure is that the metadata is cleaned up no
matter and said cleanup is replicated whether y
> I am not seeing successes in the PDC logs, but could they just not be
turned on?
Correct, you won't see them unless success auditing is enabled.
Try nltest from the problematic client to see if it has lost its secure
channel
NLTEST /SC_QUERY:
http://support.microsoft.com/kb/181171 (and the li
Our desktop team accomplishes that with the desktop firewall (3rd party,
not builtin)
Not just for the wireless either, basically any other adapter is
disabled if the LAN is active.
-Original Message-
From: Michael Tellson [mailto:micha...@colonialsavings.com]
Sent: Monday, December 29,
If it's in a lab someone may have set it up that way on purpose???
Have you looked in diskmgmt.msc?
-Original Message-
From: James Edwards [mailto:jedwa...@mail.sdsu.edu]
Sent: Friday, December 19, 2008 11:25 AM
To: NT System Admin Issues
Subject: Flash Mounts as Folder
Recently, in one
Depends on how your clients do discovery and what mode it is installed
in. Is the name hardcoded in any clients or in TS configuration of any
of them? If it's all auto discovery it may be fine but the usual caveats
about testing apply.
http://support.microsoft.com/?kbid=301932
From: Christo
can I automatically run it from a post-VPN-connection script without
going through all the CMAK nonsense?
From: Free, Bob [mailto:r...@pge.com]
Sent: Tuesday, December 16, 2008 3:50 PM
To: NT System Admin Issues
Subject: RE: Lose access to local domain servers when connected w/VPN to
remote
aunch them
with admin rights and I get around this now by using CPAU, which is a
bit fiddly to get working but does the job and costs nothing (
http://www.joeware.net/freetools/tools/cpau/ )
2008/12/11 Free, Bob
That covers one element of it from a technical standpoint but my
primary point
Try netdiag /test:dsgetdc /d:domain.to.join /v
-Original Message-
From: Eric Brouwer [mailto:er...@forestpost.com]
Sent: Thursday, December 11, 2008 10:39 AM
To: NT System Admin Issues
Subject: Re: Issue joining 2003 domain (UNCLASSIFIED)
Yes. This had the same outcome.
On Dec 11, 2008
a local user account that can shut
down the system as well, just in case you lose domain connectivity and
find yourself with a system you can't restart - although there is always
the power cord, or RIB/DRAC/ILO reset function
2008/12/10 Free, Bob
SeShutdownPrivilege (Shut down the s
SeShutdownPrivilege (Shut down the system) allows a user to restart,
sleep, or shutdown the computer.
Be aware that administrators are also granted SeRemoteShutdownPrivilege
(Force shutdown from a remote system) by default.
That said, I'm not sure how you are going to accomplish this if the
users
We have various HW clocks from kinemetrics and arbiter but we have also a very
intricate time synch network.
What do you synch the rest of your infrastructure to? Such as your core routers?
-Original Message-
From: Juned Shaikh [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 18, 2008
ystems Administrator
ASPCA Knowledge Management
1717 S Philo Rd, Ste 36, Urbana, IL 61802
217-337-9761
http://www.aspca.org
"Ben Scott" <[EMAIL PROTECTED]> wrote on 11/14/2008 09:08:39 AM:
> On Thu, Nov 13, 2008 at 2:45 PM, Free, Bob <[EMAIL PROTECTED]> wrote:
> > C
Did you notice the popup if you hover over the graphic?
priceless
-Original Message-
From: Webb, Brian (Corp) [mailto:[EMAIL PROTECTED]
Sent: Thursday, November 13, 2008 8:06 AM
To: NT System Admin Issues
Subject: RE: I found this amusing...
It went up on the outside of my cube the day
Creating trusts is generally also dependent on short-name(NetBios)
resolution as well as the other obvious requirements. Often after people
have fought creating a trust for some time and employ LMHOST files (or
WINS) it magically works...
NetBios is not as dead as some would have you think. There
NetIQ GPA has exactly that workflow. I believe several of its
competitors do as well.
From: Brumbaugh, Luke [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 12, 2008 6:21 AM
To: NT System Admin Issues
Subject: RE: Change management in W2k8
It was in a MMC and you see the changes and a f
The name is kind of misleading because what it does is turn off the Fast
Logon Optimization and makes XP boot like its predecessors did, that is
don't present a desktop until you are finished booting (drivers loaded,
services initialized etc) A lot of the GPO gurus and MVPs tout that
setting as a
If you have backups, that is the recommended way to restore it. If you
must re-create it-
Recreatedefpol.exe in 2000, Dcgpofix.exe in 2003 & 2008. Caveat
emptor...
The Dcgpofix tool is intended for use only as a last-resort
disaster-recovery tool. To create regular backups of the default d
> Is there anything else that is set by default by the Default Domain Policy?
http://technet.microsoft.com/en-us/library/cc756064.aspx lists the default
settings in the 2 default policies.
This appendix lists the Security Settings that are defined by default in the
Default Domain Policy
http://www.joeware.net/freetools/tools/expire/index.htm
From: Gavin Wilby [mailto:[EMAIL PROTECTED]
Sent: Monday, October 27, 2008 7:48 AM
To: NT System Admin Issues
Subject: Force expire of passwords
Hi All,
Windows 2003 server, sinngle domain.
I want to expire everyones passwo
Stop 000a AKA IRQL_NOT_LESS_OR_EQUAL
This Stop message indicates that a kernel-mode process or driver
attempted to access a memory address to which it did not have permission
to access. The most common cause of this error is an incorrect or
corrupted pointer that references an incorrect
time.
It must have been a really interesting case you had with PSS
From: Webster [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 16, 2008 10:52 AM
To: NT System Admin Issues
Subject: RE: DC changing time?
From: Free, Bob [mailto:[EMAIL PROTECTED]
Subject: RE: DC changing time?
The time service on the DC wouldn't accept an offset that big.
From: Joseph L. Casale [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 14, 2008 8:15 PM
To: NT System Admin Issues
Subject: RE: DC changing time?
Bad NTP Time source?
Enumerate and check them...
From: mqcarp [mailto:[EMAIL
We beat it to death on activdir about 2 years ago and the consensus was
a text string was reused in some of the code. Netdiag has a similar
issue.
http://www.mail-archive.com/[EMAIL PROTECTED]/msg47766.html
Here's a snip from one of my responses-
I noticed the same thing yesterday wi
I used to try to keep up with all the various updates individually and
just download the PSTools suite periodically. It's nice to see the
nearly the entire toolset in one big download now so you can just get
them all current at once with a single download.
http://technet.microsoft.com/en-us/sysint
er solve the problem of making this work as a startup
script.
Carl
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Friday, September 26, 2008 2:24 PM
To: NT System Admin Issues
Subject: RE: Startup / Logon script issues
> What would cause the "run logon scripts
Thanks. I'll have a look. Eye-openers are always welcome J
From: Chinnery, Paul [mailto:[EMAIL PROTECTED]
Sent: Friday, September 26, 2008 10:17 AM
To: NT System Admin Issues
Subject: RE: $700B?
Well, if we're going to start referencing other sites, may I suggest
c-span.org's Q & A. About
> What would cause the "run logon scripts synchronously" policy from not
being effective?
Is "Always wait for the network at computer startup and logon" enabled?
The logon performance enhancements in XP can present the desktop despite
the synchronous setting. The always wait policy is said to
bana, IL 61802
217-337-9761
http://www.aspca.org
"Free, Bob" <[EMAIL PROTECTED]> wrote on 09/26/2008 12:10:21 PM:
> As long as the list is going tilt today much like our finances, I’d
> seriously look at Paulson’s history before I said that I trust him….
> I’m with Joh
> I'm probably a tad bit older than some of you posters, but I clearly
remember the S & L scandal
It's a good time to remember it and it's actually getting some play
again these dayshmmm...I wonder why...
http://en.wikipedia.org/wiki/Keating_Five
http://en.wikipedia.org/wiki/Savings
than a few minutes a day on
it...
I probably signed up originally around 2000 or so ... and there are a
lot of days I just can't get to look at the list. At the moment, I have
something like 15K unread messages in my list folder
>
>
> -Brian
>
>
> -Original Mess
As long as the list is going tilt today much like our finances, I'd
seriously look at Paulson's history before I said that I trust
himI'm with John, I clearly don't understand it all but the
bi-partisan resistance is noteworthy...
Excerpt from a transcript of a public radio show I heard the
Don't even think about restoring a year old image.
Demote/Promote is the only sensible course of action you have. You don't
specify enough about your environment to recommend further steps.
And I'm not trying to sound harsh but yes, you really need to get your
act together, especially if y
w.linkedin.com/in/theessentialexchange
-Original Message-----
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 25, 2008 12:18 PM
To: NT System Admin Issues
Subject: RE: External RAID HDD Enclosure Recomendations
You talking seniority on the list or the planet? :-p
-Or
In the absence of a 3rd party tool, use GPMC. At the very bottom of the
tree is Group Policy Results. You can plug in a user and computer and it
will evaluate the actual last processing cycle, show you all the
filters, applied/denied polices, resultant settings, GP processing
events etc.
From:
You talking seniority on the list or the planet? :-p
-Original Message-
From: Michael B. Smith [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 24, 2008 4:12 AM
To: NT System Admin Issues
Subject: RE: External RAID HDD Enclosure Recomendations
Hey, there are a few people on this mail
Not until a reboot IIRC.
From: David Lum [mailto:[EMAIL PROTECTED]
Sent: Monday, September 22, 2008 11:17 AM
To: NT System Admin Issues
Subject: Cached credentials GPO
If you change the GPO for cached credentials from the default of 10 to
1...if the machine has already cached 8 logins wil
Read the AD Delegation WP from MS. There is also one we used for
Exchange, the name of it escapes me. Think about investing in a 3rd
party tool if at all possible. We run a >20K seat environment with 3
Domain Admins, no Account or Server Ops. I know a guy who ran a Fortune
5 global company with sim
J
Are you still on XP?
Regards,
Michael B. Smith
MCITP:SA,EMA/MCSE/Exchange MVP
http://TheEssentialExchange.com
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 5:29 PM
To: NT System Admin Issues
Subject: RE: create iso
Maybe MBS will whip me up a POSH
ge.com
-----Original Message-
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 4:24 PM
To: NT System Admin Issues
Subject: RE: Quest Acquires Netpro
I too am intrigued by ADMC and need to find the time to check out
TurboChargeAD.org.
To be fair Quest has been good
Maybe MBS will whip me up a POSH cmdlet so I can stay at my beloved
prompt .. lol
From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 2:11 PM
To: NT System Admin Issues
Subject: RE: create iso
Mouse-ist!
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent
Product comparison says no CLI for the free version
From: David Lum [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 1:50 PM
To: NT System Admin Issues
Subject: RE: create iso
+1 (or is that +2?). I use Deepburner anytime I burn to .ISO, although
I have no idea if it can do
ool.
Regards,
Michael B. Smith
MCITP:SA,EMA/MCSE/Exchange MVP
http://TheEssentialExchange.com
-Original Message-
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 3:02 PM
To: NT System Admin Issues
Subject: RE: Quest Acquires Netpro
Heck, I am that marketyou
er is awesome
http://infrarecorder.sourceforge.net/
Free, Bob wrote:
> I thought they were bad until I recently installed Nero for a portable
> DVD burner I bought for my laptop. Cripes, what an invasive POS
--
Phil Brutsche
[EMAIL PROTECTED]
~ Finally, powerful endpoint security that ISN&#
ut they've also bought the mid-market. Which bugs the crap outta
me.
Regards,
Michael B. Smith
MCITP:SA,EMA/MCSE/Exchange MVP
http://TheEssentialExchange.com
-Original Message-----
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 2:18 PM
To: NT System Admin Iss
I like what Mark said on activedir..." $78Million to buy DEC/TEC -
Bargain ;-) "
-Original Message-
From: Ziots, Edward [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 10:47 AM
To: NT System Admin Issues
Subject: Quest Acquires Netpro
www.quest.com/netpro
There goes the neig
I thought they were bad until I recently installed Nero for a portable
DVD burner I bought for my laptop. Cripes, what an invasive POS
-Original Message-
From: Tim Vander Kooi [mailto:[EMAIL PROTECTED]
Sent: Friday, September 12, 2008 10:56 AM
To: NT System Admin Issues
Subject: RE: creat
We use its predecessor MIIS and before that we used MMS with several
different stores although not eDirectory..
Both ILM and MIIS have connectivity to a variety of directories
including eDirectory, Netscape/iPlanet/SunONE, eTrust, Tivoli etc etc.
Don't really know the pros and cons of your choic
If you are running WINS, that's the first place I would look.
-Original Message-
From: John Hornbuckle [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 04, 2008 7:48 AM
To: NT System Admin Issues
Subject: Duplicate Name on Network
Okay, I've got a fairly new 2008 server that has a sta
It's been going on for quite some time. Susan Bradley constantly
chatters about it on the Patch Management list and probably has it on
her blog.
I think it is allegedly fixed by
http://support.microsoft.com/?kbid=923630 but I don't have all the info
at my fingertips. A little googling should tu
ngineer but I mainly support the employee side of things not
the NWEA client side.
Dave
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 03, 2008 10:11 AM
To: NT System Admin Issues
Subject: RE: AD maintenance?
Oldcmp is your best bet for free/low cost for computers a
Oldcmp is your best bet for free/low cost for computers and users. You
really need a lifecycle management system in place and it all starts
with how you do provisioning and adherence to standards. That can be
difficult to implement, especially if none existed in the past. We have
a very mature proc
wrote:
Hmm, fully complaint but not actually the full spec. LOL, that sure
does sound like MS. ;-) But SNTP or NTP - it syncs the time just
fine to my routers, and thats all that matters to me.
Many thanks for digging this info up. Very much appreciated.
On Wed, Aug 27, 2008 at 2:57 PM, Free,
nswers :)
>
> NTP versus SNTP
>
> If you are running *nix time servers, NTP is a standard and works more
consistently.
>
> http://blogs.technet.com/industry_insiders/pages/w32-tm-service.aspx
>
>
> -troy
>
>
> -Original Message-
> From: Free, Bob [
. Unless I have done something wrong it appears
the command
> structure that Edward gave me did exactly what I wanted. If
something is
> wrong I would love to know about it before it bites me.
>
> Thank you,
>
> Jon
>
ssues
Subject: RE: Which is the better way
Ok how about some actual answers :)
NTP versus SNTP
If you are running *nix time servers, NTP is a standard and works more
consistently.
http://blogs.technet.com/industry_insiders/pages/w32-tm-service.aspx
-troy
-Original Message-
From: Free
The OP asked about setting up his PDCe. That is generally NOT the way to
configure your PDCe unless it is in a child domain as it sets the source
of time to be a domain controller in the domain hierarchy. Unless it is
in a child domain, the PDCe should be authoritative.
From: Ziots, Edward [mai
reset anything like time on my DC's. I might even have used w32tm last
time for all I remember.
Jon
On Wed, Aug 27, 2008 at 11:31 AM, Free, Bob <[EMAIL PROTECTED]> wrote:
Still begs the same question, why use net time on anything newer than a
wintendo? W2K's w32time works just
Still begs the same question, why use net time on anything newer than a
wintendo? W2K's w32time works just fine. It was the first time we
actually had a decent native time service with registry based
configuration and a management interface. That said, regardless of its
quirks, even in the NT era t
Yes-
Open Terminal Services Configuration.
In the console tree, click Server Settings.
In the details pane, right-click Licensing Mode, and then click
Properties.
Select either Per User or Per Device, and then click OK.
-Original Message-
From: Joe Heaton [mailto:[EMAIL PROTECTED]
S
Unless you have intervened by setting TSL manually, the answer depends on how
your AD was installed/upgraded. In 2K it was 60 days. In 2003 SP1 and beyond,
default TSL is intended to be 180 days but a bug in R2 didn't increase it. That
was first rectified in SP2 IIRC.
It's best to just check th
http://www.djdenham.com/saving_favicons.htm
http://en.wikipedia.org/wiki/Favicon
From: James Kerr [mailto:[EMAIL PROTECTED]
Sent: Friday, July 18, 2008 10:12 AM
To: NT System Admin Issues
Subject: Icon File
When I drag and drop a URL to my desktop from IE it often has an custom icon
associat
Have you double-checked no one restricted the accounts User's Logon
hours??
It's not clear from your post, does the service ever start by itself
without intervention?
What privileges and user rights does this service account have on the
system[s] it runs a service on?
-Original Message
I got one too on a response in another thread, I just surmised that
someone had subscribed some dorky auto responder to the list.
I just looked and the headers have several references to salesforce.com
"The Leader in On-Demand Customer Relationship Management" LOL
-Original Message-
Fr
Free, Bob
Subject: Case # 00023358: RE: Forced Computer Naming Convention
ref:00D57Vhx.50054w29g:ref
Dear Free, Bob,
Thank you for submitting your question to us online. Case #00023358: "RE:
Forced Computer Naming Convention" has been created and a Web Stores America
Customer Serv
Not possible via GPO. 3 solutions come to mind, you can either roll your own
provisioning system that enforces your rules and require the techs to use it,
pre-create the accounts centrally with compliant names and just let them join
them or buy a 3rd party solution that has logic/rules baked in
Did you enable loopback within the GPO? System| Group Policy | enable Loopback
Policy option.
Also, if you filter the GPO on a group of comp accts, you need to reboot the
server to get it to pick up the group's token after you add it to the group.
From: Dennis Rogov [mailto:[EMAIL PROTECTED]
S
Ah, a man after my own heart, my explorations came up with different
registry paths, I will have to check out yours, it's slightly different
approach but essentially the same result..
I love the Autorun...never seen that used in this context before.. I can
ditch my little cmd file I set my prompt
Thanks... I agree with your ludditeness, you can join my
ServerCoreOnly-No-GUI in Server2010 campaign :-)
Even easier..to me at least is Default|Options-Quick Edit mode. Right click
becomes paste and left-click/highlight is copy like in other
applications. I forget it even works the way y
If you want to apply user policies based on the computer they login you want to
look at loopback processing. Security group filtering is probably also your
friend here.
From: Dennis Rogov [mailto:[EMAIL PROTECTED]
Sent: Friday, June 27, 2008 12:40 PM
To: NT System Admin Issues
Subject: Group
> In future, perhaps you could embed a standard JPG instead
./rant on
Are you serious? How about learn how to use the clipboard to freaking copy the
text from a cmd prompt instead of sending a picture. Major pet peeve of mine.
Sorry to be harsh but that's about as lame as it gets, only thing wo
Thanks for this thread, it brightened a dismal day. I'm fortunate to be
more towards the other end of the spectrum and hearing how it is for
others reminded me to be grateful. When our company was named #1 in our
sector in the InformationWeek 500 last year, they took out full page ads
thanking us (
> This will not get the users Primary group or any nested groups
As of v1.1 Get-QADGroupMember has a parameter -Indirect which, when specified
expands nested group objects in addition to objects that are direct members of
the group.
It also has some facilities for primarys-
$group = Get-QADGr
Hopefully everyone is also strictly limiting the systems a service
account can logon to whenever possible ..right?
Also a very good idea to be auditing any changes to the userWorkstations
attribute of such accounts.
From: James Rankin [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 11, 200
601 - 700 of 757 matches
Mail list logo
