from:"David McSpadden"

RE: [NTSysADM] Group Policy USB devices

2016-07-28 Thread David McSpadden

Computer Configuration (Enabled)hide
Policieshide
Administrative Templateshide
Policy definitions (ADMX files) retrieved from the central store.
System/Removable Storage Accesshide
Policy

Setting

Comment

Removable Disks: Deny execute access

Enabled

Removable Disks: Deny read access

Enabled

Removable Disks: Deny write access

Enabled



Should the above work with an exclusion list for the MagicDisc device ID?


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Micheal Espinola Jr
Sent: Thursday, July 28, 2016 10:26 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Group Policy USB devices

If you can identify the device ID that MagicDisc uses, you should be able to 
add it to an exclusion list.  However, IIRC "deny all access to all removable 
storage classes" take precedence, so you will likely need to rework your 
settings.

--
Espi


On Wed, Jul 27, 2016 at 5:24 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
I have set a Group policy to deny all access to all removable storage classes.
This is working great with maybe a couple of exceptions.

My magicdisc will no longer allow access to mounted drives.

So my real intent is to deny all USB Storage devices not the MagicDisc CD/DVD 
drives.
Would I instead set my GPO to Removable Disks: Deny – Read, Write, Execute?


David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Test

2016-08-16 Thread David McSpadden

Received successfully


Sent from my iPhone

On Aug 16, 2016, at 5:09 PM, Michael White 
> wrote:

Low traffic.  Others getting errors trying to post.  Seeing if I get same.
--

Michael S. White
mswhite...@gmail.com

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

2016-08-16 Thread David McSpadden

So you are wanting your com port on your w7 machine to be accessible to the vm 
w7 machine through RDP.
Pretty sure I understand now and I don’t have an answer for that.
Enabling the comm port on the rdp session in other options would be my only 
response and I know that has been stated so.
I am not sure how to make that work for you.


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Carol Fee
Sent: Tuesday, August 16, 2016 9:47 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

W7 VM on W2012 R2 host
W7 workstation with COM 1 in use using RDP to connect to the VM

CFee
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, August 16, 2016 8:46 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

Is the W7 the host or the vm on the 2012 server?

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Carol Fee
Sent: Tuesday, August 16, 2016 8:36 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

The port I need access to is on a W7 computer
Not
The host

CFee
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, August 16, 2016 8:05 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

In my VMWare environment I needed a USB to be accessed physically from the host.
This is done the vCenter and on the Host wear the VM will have to reside. (No 
vMotion for that VM)
This I allowed access to the Host USB port (Specific to the USB port not 
generic.)
This unfortunately allows all VM’s on that host to also access the USB port 
that is being passed through to the VM from the Host.
I think you are wanted a similar type of access for your VM.
Now I do know my application that requires the access to the VM USB port will 
not allow RDP sessions to access the USB port.
It knows that it is a RDP session and no matter what I do it laughes at me.  It 
also know if I am trying to access it with something like VNC.
It laughes even louder at me.
So, being the thin skinned admin that I am.  I access the VM through the 
vCenter Console and I ROFLMAO at the app while it gives me the access to the 
USB port as required of a physical box.
It has no idea I have it VM’d and I am accessing the host USB instead of a 
physical box’s USB.
So that being said I think you want to enable the COM port on the Host and 
allow access through the Host to the VM.
There the VM application so access the port as you are needing.
That is if I understand the situation you have described.


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Carol Fee
Sent: Tuesday, August 16, 2016 7:46 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

I’m not mapping it to the port on the host – to a port on a W7 RD client.

So …. W7 computer has something connected to COM 1 (serial connection for a 
card reader)
Card reader software is installed on W7 VM (hosted on W2012R2 Hyper-V)
I need to access the card reader software using Remote Desktop from the W7 
computer and have it see the connection to the hardware

I keep finding references to mapping com ports using named pipes, but I can’t 
figure out exactly how to do that

CFee
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andrew S. Baker
Sent: Monday, August 15, 2016 11:18 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] Windows 7 Hyper-V VM Com Port

Not supported, last I checked:


2012 Datacenter redirecting com ports to my VM 
<https://social.technet.microsoft.com/Forums/sharepoint/en-US/24414de8-505b-4573-9bcb-f6018aaa09c5/2012-datacenter-redirecting-com-ports-to-my-vm?forum=winserverhyperv>

It's not an official piece of software, it's not recommended or supported, and 
by using this you might put your Hyper-V server in an unsupported state. 
<https://social.technet.microsoft.com/Forums/sharepoint/en-US/24414de8-505b-4573-9bcb-f6018aaa09c5/2012-datacenter-redirecting-com-ports-to-my-vm?forum=winserverhyperv>



social.technet.microsoft.com<https://social.technet.microsoft.com/Forums/sharepoint/en-US/24414de8-505b-4573-9bcb-f6018aaa09c5/2012-datacenter-redirecting-com-ports-to-my-vm?forum=winserverhyperv>

[Mixmax]<https://mixmax.com/r/WMB47Rd39yDNPFfWo&g

RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

2016-08-16 Thread David McSpadden

Is the W7 the host or the vm on the 2012 server?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Carol Fee
Sent: Tuesday, August 16, 2016 8:36 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

The port I need access to is on a W7 computer
Not
The host

CFee
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, August 16, 2016 8:05 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

In my VMWare environment I needed a USB to be accessed physically from the host.
This is done the vCenter and on the Host wear the VM will have to reside. (No 
vMotion for that VM)
This I allowed access to the Host USB port (Specific to the USB port not 
generic.)
This unfortunately allows all VM’s on that host to also access the USB port 
that is being passed through to the VM from the Host.
I think you are wanted a similar type of access for your VM.
Now I do know my application that requires the access to the VM USB port will 
not allow RDP sessions to access the USB port.
It knows that it is a RDP session and no matter what I do it laughes at me.  It 
also know if I am trying to access it with something like VNC.
It laughes even louder at me.
So, being the thin skinned admin that I am.  I access the VM through the 
vCenter Console and I ROFLMAO at the app while it gives me the access to the 
USB port as required of a physical box.
It has no idea I have it VM’d and I am accessing the host USB instead of a 
physical box’s USB.
So that being said I think you want to enable the COM port on the Host and 
allow access through the Host to the VM.
There the VM application so access the port as you are needing.
That is if I understand the situation you have described.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Carol Fee
Sent: Tuesday, August 16, 2016 7:46 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

I’m not mapping it to the port on the host – to a port on a W7 RD client.

So …. W7 computer has something connected to COM 1 (serial connection for a 
card reader)
Card reader software is installed on W7 VM (hosted on W2012R2 Hyper-V)
I need to access the card reader software using Remote Desktop from the W7 
computer and have it see the connection to the hardware

I keep finding references to mapping com ports using named pipes, but I can’t 
figure out exactly how to do that

CFee
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andrew S. Baker
Sent: Monday, August 15, 2016 11:18 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] Windows 7 Hyper-V VM Com Port

Not supported, last I checked:

2012 Datacenter redirecting com ports to my VM 
<https://social.technet.microsoft.com/Forums/sharepoint/en-US/24414de8-505b-4573-9bcb-f6018aaa09c5/2012-datacenter-redirecting-com-ports-to-my-vm?forum=winserverhyperv>

It's not an official piece of software, it's not recommended or supported, and 
by using this you might put your Hyper-V server in an unsupported state. 
<https://social.technet.microsoft.com/Forums/sharepoint/en-US/24414de8-505b-4573-9bcb-f6018aaa09c5/2012-datacenter-redirecting-com-ports-to-my-vm?forum=winserverhyperv>

social.technet.microsoft.com<https://social.technet.microsoft.com/Forums/sharepoint/en-US/24414de8-505b-4573-9bcb-f6018aaa09c5/2012-datacenter-redirecting-com-ports-to-my-vm?forum=winserverhyperv>

[Mixmax]<https://mixmax.com/r/WMB47Rd39yDNPFfWo>

Regards,

 ASB
 http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>

 Providing Expert Technology Consulting Services for the SMB market…

 GPG: 1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A

On Mon, Aug 15, 2016 10:59 AM, Carol Fee 
c...@massbar.org<mailto:c...@massbar.org> wrote:

I have a W7 vm on a W2K12R2 host.  I need to connect COM 1 to the physical COM 
1 of a Windows 7 PC.  Can anyone out there help ?  TIA

Carol Fee

Network Administrator

617-338-0623

c...@massbar.org<mailto:c...@massbar.org>

[mbalogo-gold]

   Massachusetts Bar Association

   20 West Street

   Boston, MA 02111-1204
   (617) 338-0500

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Massachusetts 
Bar Association company. Warning: Although

RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

2016-08-16 Thread David McSpadden

In my VMWare environment I needed a USB to be accessed physically from the host.
This is done the vCenter and on the Host wear the VM will have to reside. (No 
vMotion for that VM)
This I allowed access to the Host USB port (Specific to the USB port not 
generic.)
This unfortunately allows all VM’s on that host to also access the USB port 
that is being passed through to the VM from the Host.
I think you are wanted a similar type of access for your VM.
Now I do know my application that requires the access to the VM USB port will 
not allow RDP sessions to access the USB port.
It knows that it is a RDP session and no matter what I do it laughes at me.  It 
also know if I am trying to access it with something like VNC.
It laughes even louder at me.
So, being the thin skinned admin that I am.  I access the VM through the 
vCenter Console and I ROFLMAO at the app while it gives me the access to the 
USB port as required of a physical box.
It has no idea I have it VM’d and I am accessing the host USB instead of a 
physical box’s USB.
So that being said I think you want to enable the COM port on the Host and 
allow access through the Host to the VM.
There the VM application so access the port as you are needing.
That is if I understand the situation you have described.


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Carol Fee
Sent: Tuesday, August 16, 2016 7:46 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Windows 7 Hyper-V VM Com Port

I’m not mapping it to the port on the host – to a port on a W7 RD client.

So …. W7 computer has something connected to COM 1 (serial connection for a 
card reader)
Card reader software is installed on W7 VM (hosted on W2012R2 Hyper-V)
I need to access the card reader software using Remote Desktop from the W7 
computer and have it see the connection to the hardware

I keep finding references to mapping com ports using named pipes, but I can’t 
figure out exactly how to do that

CFee
From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Andrew S. Baker
Sent: Monday, August 15, 2016 11:18 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Windows 7 Hyper-V VM Com Port

Not supported, last I checked:


2012 Datacenter redirecting com ports to my VM 


It's not an official piece of software, it's not recommended or supported, and 
by using this you might put your Hyper-V server in an unsupported state. 




social.technet.microsoft.com

[Mixmax]








Regards,

 ASB
 http://XeeMe.com/AndrewBaker

 Providing Expert Technology Consulting Services for the SMB market…

 GPG: 1AF3 EEC3 7C3C E88E B0EF 4319 8F28 A483 A182 EF3A









On Mon, Aug 15, 2016 10:59 AM, Carol Fee 
c...@massbar.org wrote:

I have a W7 vm on a W2K12R2 host.  I need to connect COM 1 to the physical COM 
1 of a Windows 7 PC.  Can anyone out there help ?  TIA







Carol Fee

Network Administrator

617-338-0623

c...@massbar.org



[mbalogo-gold]

   Massachusetts Bar Association

   20 West Street

   Boston, MA 02111-1204
   (617) 338-0500



This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Massachusetts 
Bar Association company. Warning: Although precautions have been taken to make 
sure no viruses are present in this email, the company cannot accept 
responsibility for any loss or damage that arise from the use of this email or 
attachments.

This email and any attached files are confidential and intended solely for the 
intended recipient(s). If you are not the named recipient you should not read, 
distribute, copy or alter this email. Any views or opinions expressed in this 
email are those of the author and do not represent those of the Massachusetts 
Bar Association company. Warning: Although precautions have been taken to make 
sure no viruses are present in this email, the company cannot accept 
responsibility for any loss or damage that arise from the use of this email or 
attachments.
This e-mail and any files transmitted with it

[NTSysADM] Group Policy settings

2017-02-28 Thread David McSpadden

I have some Group Policy settings that sometimes apply on first logon and 
sometimes require a reboot of the workstation to see them in the HKCU hive as 
they should be.
What can I do to get my HKCU updated on first boot for every user?


David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] AWS East Outage

2017-02-28 Thread David McSpadden

So the normal question 'is the Internet down?' Is valid today?

Sent from my iPhone

On Feb 28, 2017, at 3:44 PM, Andrew S. Baker 
> wrote:

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.




Indeed.

It's like someone broke the whole Internet.   Or, at least, 80% of it.


Regards,


 ASB
 http://XeeMe.com/AndrewBaker

 Providing Expert Technology Consulting Services for the SMB market…

 GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842


Sent with 
Mixmax




On Tue, Feb 28, 2017 2:13 PM, Kennedy, Jim 
kennedy...@elyriaschools.org wrote:

Learning very quickly how many vendors we have that are using AWS.  Lots is the 
first word that comes to mind.



From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Charles F Sullivan
Sent: Tuesday, February 28, 2017 1:57 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] AWS East Outage



Any of your organizations being affected by this? The few services we have 
moved there so far are down.

http://bgr.com/2017/02/28/internet-outage-amazon-web-services/





Charlie Sullivan

Sr. Windows Systems Administrator

Boston College

197 Foster St. Room 367

Brighton, MA 02135


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [EXTERNAL]Re: [NTSysADM] AWS East Outage

2017-03-02 Thread David McSpadden

I believe it was an US-Converted-Metric S-ton IMHO.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Richard Stovall
Sent: Thursday, March 2, 2017 7:05 AM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]Re: [NTSysADM] AWS East Outage

Is that a metric S-ton, or the other kind?

The is a difference.

On Mar 2, 2017 2:38 AM, "Don Ely" <don@gmail.com<mailto:don@gmail.com>> 
wrote:
It is pretty trivial if you're setup correctly, but the setup takes an S-Ton of 
work and testing...

On Wed, Mar 1, 2017 at 3:30 PM Michael B. Smith 
<mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote:
I have to say, what surprised me most about this outage was the lack of 
failover to alternate datacenters for some pretty big names.

I have no idea how this works in AWS, but in Azure it’s fairly trivial; I would 
expect the same of AWS.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of Andrew S. Baker
Sent: Wednesday, March 1, 2017 12:22 PM

To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] AWS East Outage

If not S3, then what?

You're always going to be relying on someone else's something.

Some data center provider (okay, so you might run your own)
Some power provider
Some Internet provider

It's not like they have internet outages every week, and it's not like various 
organizations relying upon them haven't had outages for their own reasons.

Technology breaks, which is why we RAID, cluster, backup, failover and farm our 
systems, devices and data centers.

Regards,

 ASB
 http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>

 Providing Expert Technology Consulting Services for the SMB market…

 GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842

Sent with 
Mixmax<https://mixmax.com/s/WMB47Rd39yDNPFfWo?utm_source=mixmax_medium=email_campaign=signature_link_content=sent_with_mixmax>

On Wed, Mar 1, 2017 8:37 AM, J- P 
jnat...@hotmail.com<mailto:jnat...@hotmail.com> wrote:

https://techcrunch.com/2017/03/01/the-day-amazon-s3-storage-stood-still/

Would / should you hold your IT vendor responsible for relying on S3?

Jean-Paul Natola

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
<listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>> on 
behalf of Andrew S. Baker <asbz...@gmail.com<mailto:asbz...@gmail.com>>
Sent: Tuesday, February 28, 2017 5:36 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] AWS East Outage

Indeed.

Regards,

 ASB
 GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842

Sent with 
Mixmax<https://mixmax.com/s/WMB47Rd39yDNPFfWo?utm_source=mixmax_medium=email_campaign=signature_link_content=sent_with_mixmax>
[https://compose.mixmax.com/img/blank.png]

On Tue, Feb 28, 2017 3:56 PM, David McSpadden 
dav...@imcu.com<mailto:dav...@imcu.com> wrote:
So the normal question 'is the Internet down?' Is valid today?

Sent from my iPhone

On Feb 28, 2017, at 3:44 PM, Andrew S. Baker 
<asbz...@gmail.com<mailto:asbz...@gmail.com>> wrote:
Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Indeed.

It's like someone broke the whole Internet.   Or, at least, 80% of it.

Regards,

 ASB
 http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>

 Providing Expert Technology Consulting Services for the SMB market…

 GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842

Sent with 
Mixmax<https://mixmax.com/s/WMB47Rd39yDNPFfWo?utm_source=mixmax_medium=email_campaign=signature_link_content=sent_with_mixmax>

On Tue, Feb 28, 2017 2:13 PM, Kennedy, Jim 
kennedy...@elyriaschools.org<mailto:kennedy...@elyriaschools.org> wrote:

Learning very quickly how many vendors we have that are using AWS.  Lots is the 
first word that comes to mind.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Charles F Sullivan
Sent: Tuesday, February 28, 2017 1:57 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] AWS East Outage

Any of your organizations being affected by this? The few services we have 
moved there so far are down.

http://bgr.com/2017/02/28/internet-outage-amazon-web-services/

Charlie Sullivan

Sr. Windows Systems Administrator

Boston College

197 Foster St. Room 367

Brighton, MA 02135

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for t

Re: [NTSysADM] RE: Outbreak

2016-09-04 Thread David McSpadden

What is the attack vector?
Can you tell?

Sent from my iPhone

On Sep 4, 2016, at 7:33 AM, Beard, Julius 
> wrote:

Yep, we’re seeing the same on a number of machines running Sophos. I see they 
updated their KB article in Threat Center last night, but now it goes to a 404 
page.

You get any response from them?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kelsey, John
Sent: Sunday, September 4, 2016 12:16 AM
To: 'ntsysadm@lists.myitforum.com' 
>
Subject: [NTSysADM] Outbreak

We’re seeing a massive outbreak of Troj-FarFli-CT tonight, affecting 
winlogon.exe.  Sophos doing a poor job of stopping it so far.  Anyone else 
seeing similar?
Tons of our VMs are getting infected.  On hold for over 30 minutes waiting for 
Sophos support right now.

***
John C. Kelsey
Penn Highlands Healthcare
•:  814.375.3073
•  :   814.375.4005
•:   jckel...@phhealthcare.org
***

This email and any attached files are sensitive in nature and intended solely 
for the intended recipient(s). If you are not the named recipient you should 
not read, distribute, copy or alter this email. Any views or opinions expressed 
in this email are those of the author and do not represent those of Penn 
Highlands Healthcare or its affiliates.. Warning: Although precautions have 
been taken to make sure no viruses are present in this email, the company 
cannot accept responsibility for any loss or damage that arise from the use of 
this email or attachments.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] HP EliteDesk 800 G1 Dual monitors

2016-09-18 Thread David McSpadden

This is part of the motherboard do I hope it isn't all of them.


Sent from my iPhone

On Sep 18, 2016, at 12:34 PM, Klaus Hartnegg 
<hartn...@uni-freiburg.de<mailto:hartn...@uni-freiburg.de>> wrote:

Am 17.09.2016 um 19:05 schrieb David McSpadden:
Can not get second monitor to actually extend.  All I get is a cloned
monitor.

Can be a hardware problem. Yes, really.

Recently had same problem with a high end graphics card.
Tried all available drivers, nothing helped.

Finally swapped the card with an identical one, and it worked!
Then put the 1st card in the 2nd machine, and it failed there as well.

Turned out to be a known problem. Got the card replaced, now all machines can 
extend the desktop to both monitors.


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] HP EliteDesk 800 G1 Dual monitors

2016-09-17 Thread David McSpadden

I have been on the phone for 6 hours with support.
Built a Windows 7 32 bit sp1 workstation from Iso image.
Updated with Microsoft update.
Updated with HP Softpag Manager.
Can not get second monitor to actually extend.  All I get is a cloned monitor.
Has anyone ran into this in the past??
Support's final suggestion is to reinstall with OEM dvd.
Don't really want to  but will if I have too?


David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Office 365

2016-08-24 Thread David McSpadden

If my licensing department purchases Office 365 for all 285 users, am I still 
eligible to use my Office Professional Plus for those same users or do I have 
to download the O365 client for each of them on their windows devices??


David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] HP EliteDesk 800 G1 Dual monitors

2016-09-28 Thread David McSpadden

Update
Rebuilt from Windows 7 Pro 32bit sp1 Iso.
Ran IntelProWin32 nic driver
Ran HP SoftPaq Manager.
Got dual monitors and all items in Device Manger with current HP/Intel/Realtek 
drivers.
Updated to Sept 20th Microsoft patches.
And now I have two images, 1 preSysPrep and 1 postSysPrep.
Life is good again.

Most certain this was me, totally.
I tookt he preSysPrep of a HP 800 G2 and Applied the image to the HP 800 G1 
thinking I could just softpaq the HP drivers.
Well something in the G2 image must have been sticky because the dual monitor 
thing just wouldn't fix.
So, lesson learned.  Each new model get it's own iso image built and not a copy 
of another model's preSysprep image.


-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Klaus Hartnegg
Sent: Sunday, September 18, 2016 12:29 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] HP EliteDesk 800 G1 Dual monitors

Am 17.09.2016 um 19:05 schrieb David McSpadden:
> Can not get second monitor to actually extend.  All I get is a cloned
> monitor.

Can be a hardware problem. Yes, really.

Recently had same problem with a high end graphics card.
Tried all available drivers, nothing helped.

Finally swapped the card with an identical one, and it worked!
Then put the 1st card in the 2nd machine, and it failed there as well.

Turned out to be a known problem. Got the card replaced, now all 
machines can extend the desktop to both monitors.


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] HP EliteDesk 800 G1 Dual monitors

2016-09-28 Thread David McSpadden

Still learning the MDT/OSD method.
This is a physical box. Or boxes as it were.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of John Hamilton
Sent: Wednesday, September 28, 2016 9:04 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] HP EliteDesk 800 G1 Dual monitors

Are you building your images on a physical computer and not a VM? Typically you 
would use a VM and then add your drivers via SCCM/MDT. Any hardware specific 
driver/apps Dell WebCam or HP fingerprint software would be added in the task 
sequence.

-John

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of David McSpadden
Sent: Wednesday, September 28, 2016 6:58 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] HP EliteDesk 800 G1 Dual monitors

Update
Rebuilt from Windows 7 Pro 32bit sp1 Iso.
Ran IntelProWin32 nic driver
Ran HP SoftPaq Manager.
Got dual monitors and all items in Device Manger with current HP/Intel/Realtek 
drivers.
Updated to Sept 20th Microsoft patches.
And now I have two images, 1 preSysPrep and 1 postSysPrep.
Life is good again.

Most certain this was me, totally.
I tookt he preSysPrep of a HP 800 G2 and Applied the image to the HP 800 G1 
thinking I could just softpaq the HP drivers.
Well something in the G2 image must have been sticky because the dual monitor 
thing just wouldn't fix.
So, lesson learned.  Each new model get it's own iso image built and not a copy 
of another model's preSysprep image.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Klaus Hartnegg
Sent: Sunday, September 18, 2016 12:29 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] HP EliteDesk 800 G1 Dual monitors

Am 17.09.2016 um 19:05 schrieb David McSpadden:
> Can not get second monitor to actually extend.  All I get is a cloned 
> monitor.

Can be a hardware problem. Yes, really.

Recently had same problem with a high end graphics card.
Tried all available drivers, nothing helped.

Finally swapped the card with an identical one, and it worked!
Then put the 1st card in the 2nd machine, and it failed there as well.

Turned out to be a known problem. Got the card replaced, now all machines can 
extend the desktop to both monitors.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

CONFIDENTIALITY NOTICE: This email message and any attachments hereto are 
intended only for use by the addressee(s) named herein and may contain 
information which is legally privileged, confidential and/or exempt from 
disclosure under applicable law. If you are not the intended recipient, or an 
authorized representative of the intended recipient, of this email message, you 
are hereby notified that any review, dissemination, distribution, copying, or 
use (including any reliance thereon) of this email message, and/or any 
attachment hereto, is strictly prohibited.

Although this transmission and any attachments are believed to be free of any 
virus or other defect that might affect any computer system into which it is 
received and opened, it is the responsibility of the recipient to ensure that 
it is free from virus or other defect and no responsibility is accepted by the 
sending company, its subsidiaries and affiliates, as applicable, for any loss 
or damage arising in any way from its use.

If you have received this email message in error, please immediately notify the 
sender by return email and permanently delete from your system, the original 
and any copies of this email and any attachments hereto and any printout 
hereof. Unauthorized interception of this email is a violation of federal 
criminal law.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: VIP Free Event Invitation: Microsoft Tech Leaders Forum

2016-10-27 Thread David McSpadden

This is the worst conference invite I have ever seen.
All the dates are in the past and as I spoke on the phone I am in Indianapolis.
None of these are for Indianapolis or an area near Indianapolis.
I think I will decline being a part of the Microsoft Tech Leaders Forum at this 
time.
Thanks


From: micros...@televerde.com [mailto:micros...@televerde.com]
Sent: Wednesday, October 26, 2016 2:35 PM
To: David McSpadden <dav...@imcu.com>
Subject: VIP Free Event Invitation: Microsoft Tech Leaders Forum


Thank you for taking the time to talk with us earlier about Microsoft’s Tech 
Leaders Forum!

 We are happy to share more details with you about this FREE event that is 
specifically designed to educate technology decision makers on the trends and 
Microsoft solutions that are driving digital transformation.

 The world is in the midst of a 4th Industrial Revolution fueled by Digital, 
and it will require modern tech leaders to be prepared to respond to the 
digital-first business imperative and to lead their organizations through this 
exciting transformation.

 Subject matter experts will lead fast-paced sessions and take questions, plus 
you will have the opportunity to network with peers and colleagues.

 AGENDA

Start


End


Session Topic


8:30AM


9:30AM


Registration & Continental Breakfast


9:30AM


9:45AM


Welcome Remarks


9:45AM


10:05AM


Keynote: Digital Transformation and the Modern Tech Leader


10:05AM


10:20 PM


Security in a Cloud First Mobile First World


10:20AM


10:30AM


Break


10:30AM


11:45 PM


Build Your Intelligent Cloud | Data, Infrastructure, Applications


11:45PM


12:15PM


Lunch


12:15PM


12:55PM


Office 365 and the Digital Revolution


12:55PM


1:30PM


Introducing Microsoft Dynamics 365: The Center of Your Intelligent Business 
Cloud


1:30PM


1:40PM


Break


1:40PM


2:40PM


Windows 10 for the Enterprise – Tangible Solutions for a Secure Digital 
Transformation Journey


2:40PM


3:00PM


Closing Remarks & Raffle




September 21, 2016

Oklahoma City, OK




September 22, 2016

Denver, CO


October 4, 2016

Raleigh, NC




October 5, 2016

Fort Lauderdale, FL


October 6, 2016

Lehi, UT


Admission: This complimentary event is brought to you by your local Microsoft 
office. Attendees are responsible for booking and funding their own travel and 
accommodations (including parking/tolls), if required.



Please call 1-866-629-0599

Attendance capacity is limited so please register today! Attendees will also be 
registered to win a prize!**

 We truly hope you’ll join us for an impactful day of networking, learning and 
discussion in a city near you!

 ** No PURCHASE NECESSARY. Winner will be selected via the evaluation 
submissions at the event and must be present to win. Government & Public 
Education employees, Microsoft employees and Microsoft partners are not 
eligible to win.

 NOTICE TO ALL PUBLIC SECTOR EMPLOYEES - Federal [including Military], State, 
Local and Public Education
This is a Microsoft event where items of value, which will include food and 
beverage, will be available at no charge to attendees. In order to comply with 
all applicable gift and ethics rules, Microsoft will not provide these items to 
Public Sector/ Government employees without a signed authorization letter from 
your agency/institution gifting/ethics officer or responsible attorney. Please 
check with your ethics counsel to verify that you are permitted to participate 
in this event and receive items that may be offered. Please contact 
tlfe...@microsoft.com<mailto:tlfe...@microsoft.com?subject=TLF:%20Pub%20Sec%20Approval%20Letter%20Request>
 for a copy of the approval letter.

 Microsoft respects your privacy. To learn more, please read our online Privacy 
Statement<https://go.microsoft.com/fwlink/?LinkId=521839>.

This is a one-time communication that you consented to receive. To set your 
contact preferences for other communications, visit the Promotional 
Communications Manager<http://go.microsoft.com/fwlink/?LinkId=243191>.

 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052

Please do not reply to this email.





If you would like to unsubscribe, please click 
here<http://its.televerde.com/email/unsubscribe?id=IM9gJCVXpC1q-YG9VDKsQg2>.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Script Update: Microsoft DNS Documentation Script Update Version 1.03

2016-10-21 Thread David McSpadden

You want these DHCP test in HTML and Word mostly right?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Webster
Sent: Friday, October 21, 2016 7:49 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Script Update: Microsoft DNS Documentation Script 
Update Version 1.03

Yeah, released five script updates on the 19th and started work on the 
NetScaler script update and worked on it until 0130 on the 20th. Sent that 
script to testers and then started adding HTML output to the DHCP script. Sent 
two updates to that script to testers yesterday. Basically seven scripts in two 
days.

Webster

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff
Sent: Thursday, October 20, 2016 8:57 PM
To: ntsysadm >
Subject: Re: [NTSysADM] Script Update: Microsoft DNS Documentation Script 
Update Version 1.03

That's fair - but he *has* released a bunch of new versions of scripts in the 
past two days, and those are the visible, to us, work product...

On Thu, Oct 20, 2016 at 2:53 PM, Andrew S. Baker 
> wrote:
Again?  I think you mean "still" .

Regards,

 ASB
 http://XeeMe.com/AndrewBaker

 Providing Expert Technology Consulting Services for the SMB market…

 GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842

On Wed, Oct 19, 2016 3:19 PM, Kurt Buff 
kurt.b...@gmail.com wrote:

You've been a busy bee again - thanks for this...

Kurt

On Wed, Oct 19, 2016 at 4:59 AM, Webster 
> wrote:

> http://carlwebster.com/microsoft-dns-documentation-script-update-version-1-03/

>

>

>

> Thanks

>

>

>

>

>

> Carl Webster

>

> Citrix Technology Professional

>

> http://www.CarlWebster.com

>

> The Accidental Citrix Admin

>

>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Freaking data carriers!!!

2016-10-21 Thread David McSpadden

I have a new branch location (Big deal for us.) and it is losing it's mind.
Basically we have an ASA firewall, Ironport WSA, and 2012 AD.
I have Windows 7 pro 32 bit workstations that I am prebuilding here and taking
up to the new location.
Here, they are joined to network and tested for functionality and printing
before going up to the new location.
(New branch is a big deal for us, Google Old Meridian IMCU Branch and you will
see we are going bananas.)

My problem is when the workstations get to the new LAN they don't connect to
the AD and DNS removes their "A" and "PTR" records.
We have found that each of these workstations are going through the IRONPORT
WSA to try and reach the AD which is backwards.
All AD and Local Credit Union traffic should never get to the IRONPORT. All
local DNS and AD authentication requests should be handled well before the
IRONPORT is ever notified.
Talking with support at IRONPORT we have put these workstations in bypass and
they are talking to AD and DNS server just fine and all local requests are
being handled ok.
Taking them out of bypass and they just stop working.

We have talked with the Data carrier and they swear that the data routes are
the same for this new branch as it is for the old branches.
I have a gut feeling that they have some kind of route built to push all this
traffic to my firewall (Sits behind the ironport) and then it is being
redirected back to my domain instead of being parsed out as internal traffic
prior to heading up the stream to the firewall (ironport).

How do I prove this? Is there a way to packet trace through each of their hops
to the destination if we have a controlled environment, like a Saturday or
Sunday when it will just be us IT people in the building?

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/> [Description:
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>
[Description: Description: twitter email icon]
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members
Credit Union, are confidential, and are intended solely for the use of the
individual or entity to whom this e-mail is addressed. If you are not one of
the named recipient(s) or otherwise have reason to believe that you have
received this message in error, please notify the sender and delete this
message immediately from your computer. Any other use, retention,
dissemination, forwarding, printing, or copying of this email is strictly
prohibited.

Please consider the environment before printing this email.

[NTSysADM] File permission question

2016-11-23 Thread David McSpadden

Server 2012
Active directory
Windows 7 32 bit
Office 2010
Created a file share
Everyone full on share
Created ad security group
Set security for group with modify 

Trying to prevent users from deleting or moving folders/files

Users in group were still able to move 

Changed permissions to special by removing delete files from advanced 
permissions.

Then users could not make changes to files they were not creator owner of?

What am I missing?

Sent from my iPhone
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] File permission question

2016-11-23 Thread David McSpadden

Argh
Stupid feature
Then maybe I'll have to go with auditing?

Sent from my iPhone

On Nov 23, 2016, at 6:36 PM, Webster 
<webs...@carlwebster.com<mailto:webs...@carlwebster.com>> wrote:

windows deletes the original file and saves the updated version. users need the 
delete right to save changes.

webster

Get Outlook for iOS<https://aka.ms/o0ukef>


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
<listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>> on 
behalf of David McSpadden <dav...@imcu.com<mailto:dav...@imcu.com>>
Sent: Wednesday, November 23, 2016 3:59:13 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] File permission question

Server 2012
Active directory
Windows 7 32 bit
Office 2010
Created a file share
Everyone full on share
Created ad security group
Set security for group with modify

Trying to prevent users from deleting or moving folders/files

Users in group were still able to move

Changed permissions to special by removing delete files from advanced 
permissions.

Then users could not make changes to files they were not creator owner of?

What am I missing?

Sent from my iPhone
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.



This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Time change on a member server

2016-11-16 Thread David McSpadden

I have a server 2012 member server of a 2012 Domain that magically changed it's 
time last night and had to be powered of and on this morning to correct the 
issue.
Has anyone seen a server that shows the time source as the PDC in the domain 
but still magically changes it's own time?

We have 24 other member servers in this domain that did not exhibit this same 
function last night?

Any direction would be greatly appreciated.


David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Time change on a member server

2016-11-16 Thread David McSpadden

Looked like 5 hours almost exactly.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Micheal Espinola Jr
Sent: Wednesday, November 16, 2016 9:46 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Time change on a member server

I've never seen/heard that happen outside of other influences.  How "off" was 
the time?

--
Espi

On Wed, Nov 16, 2016 at 6:13 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
I have a server 2012 member server of a 2012 Domain that magically changed it’s 
time last night and had to be powered of and on this morning to correct the 
issue.
Has anyone seen a server that shows the time source as the PDC in the domain 
but still magically changes it’s own time?

We have 24 other member servers in this domain that did not exhibit this same 
function last night?

Any direction would be greatly appreciated.

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Time change on a member server

2016-11-16 Thread David McSpadden

It is physical at a remote location.
The w32tm responses all look accurate and comparable to the other remote 
physical servers.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Charles F Sullivan
Sent: Wednesday, November 16, 2016 9:56 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Time change on a member server

Is this server a VM? If so it could be syncing with a host whose clock is off.

Also, when you run “w32tm /query /peers” it should show a DC as the peer. And 
if you run “w32tm /query /status” it should tell you what it synced from, 
whether it was successful and what time it last did the sync.

Instead of rebooting, you can run those commands to check. If things look 
right, you could try “w32tm /resync /rediscover”. If “/peers” doesn’t list a 
DC, then you can try “w32tm /config /syncfromflags:domhier”, then “w32tm 
/config /update”.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of David McSpadden
Sent: Wednesday, November 16, 2016 9:13 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Time change on a member server

I have a server 2012 member server of a 2012 Domain that magically changed it’s 
time last night and had to be powered of and on this morning to correct the 
issue.
Has anyone seen a server that shows the time source as the PDC in the domain 
but still magically changes it’s own time?

We have 24 other member servers in this domain that did not exhibit this same 
function last night?

Any direction would be greatly appreciated.

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Time change on a member server

2016-11-16 Thread David McSpadden

Nothing.  Endpoint security updated minutes before and then boom it wasn't 5 
hours difference it went from 4:39 am to 1:21 pm then I reboot and it went back 
to current 8:22am.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Wednesday, November 16, 2016 9:56 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Time change on a member server

Most time events are logged in the app log.  Anything in there? And check to 
see who logged on around the time this happened and go smack them.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, November 16, 2016 9:19 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Time change on a member server

I have a server 2012 member server of a 2012 Domain that magically changed it's 
time last night and had to be powered of and on this morning to correct the 
issue.
Has anyone seen a server that shows the time source as the PDC in the domain 
but still magically changes it's own time?

We have 24 other member servers in this domain that did not exhibit this same 
function last night?

Any direction would be greatly appreciated.

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Time change on a member server

2016-11-16 Thread David McSpadden

We are ET.
After the reboot it is within ms of the PDC.
MS patches current as of last Tuesday’s 11/8 patches.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Wednesday, November 16, 2016 10:25 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Time change on a member server

ET part of Indiana or CT?

ET would indicate that it lost timezone info. Does it have current patches? How 
“close” is it to the PDC timewise?

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, November 16, 2016 10:12 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Time change on a member server

Looked like 5 hours almost exactly.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Micheal Espinola Jr
Sent: Wednesday, November 16, 2016 9:46 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] Time change on a member server

I've never seen/heard that happen outside of other influences.  How "off" was 
the time?

--
Espi

On Wed, Nov 16, 2016 at 6:13 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
I have a server 2012 member server of a 2012 Domain that magically changed it’s 
time last night and had to be powered of and on this morning to correct the 
issue.
Has anyone seen a server that shows the time source as the PDC in the domain 
but still magically changes it’s own time?

We have 24 other member servers in this domain that did not exhibit this same 
function last night?

Any direction would be greatly appreciated.

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Time change on a member server

2016-11-16 Thread David McSpadden

Thank you but it looks good right now.
Only one clock as well,  no multiple clocks are set up.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Coombs, Darryl
Sent: Wednesday, November 16, 2016 10:24 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Time change on a member server

Silly question, but did you check the time zone setting on it?  Maybe somebody 
accidentally changed it.

DC

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, November 16, 2016 11:42 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Time change on a member server

Looked like 5 hours almost exactly.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Micheal Espinola Jr
Sent: Wednesday, November 16, 2016 9:46 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] Time change on a member server

I've never seen/heard that happen outside of other influences.  How "off" was 
the time?

--
Espi

On Wed, Nov 16, 2016 at 6:13 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
I have a server 2012 member server of a 2012 Domain that magically changed it’s 
time last night and had to be powered of and on this morning to correct the 
issue.
Has anyone seen a server that shows the time source as the PDC in the domain 
but still magically changes it’s own time?

We have 24 other member servers in this domain that did not exhibit this same 
function last night?

Any direction would be greatly appreciated.

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: HP notebook touchpad issues

2016-11-16 Thread David McSpadden

Does the user have the wrists on the laptop at all?
I had two users that would complain about that and it was the pressure from 
their wrists on the laptop itself nothing on the touchpad at all.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Damien Solodow
Sent: Wednesday, November 16, 2016 11:21 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] HP notebook touchpad issues

We've been having a weird issue on some of our HP Elitebook 840 G1 and G2 
laptops and wondered if anyone else had seen something similar.

One some of them, every so often the cursor/touchpad goes crazy (cursor flying 
around, random clicks, etc.) even if no-one is touching it.
They're all running Windows 7 Sp1 x64 Enterprise.

We've tried BIOS updates, Synaptics driver upgrades, downgrades, etc. Swapping 
the hard drive to another chassis seems to get rid of the problem for a month 
or so before it rears its head again.

DAMIEN SOLODOW
Senior Systems Engineer
317.447.6033 (office)
HARRISON COLLEGE
550 East Washington Street
Indianapolis, IN 46204
www.harrison.edu

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Time change on a member server

2016-11-17 Thread David McSpadden

Looks like just a hardware fault and a bios clock with the wrong time.
Still suspect of it but can find nothing.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Micheal Espinola Jr
Sent: Wednesday, November 16, 2016 11:29 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Time change on a member server

Without a timezone change? I'd be suspect of malware. I've seen similar, but 
its been a few years.

On Wed, Nov 16, 2016 at 7:18 AM David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
Looked like 5 hours almost exactly.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of Micheal Espinola Jr
Sent: Wednesday, November 16, 2016 9:46 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] Time change on a member server

I've never seen/heard that happen outside of other influences.  How "off" was 
the time?

--
Espi

On Wed, Nov 16, 2016 at 6:13 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
I have a server 2012 member server of a 2012 Domain that magically changed it’s 
time last night and had to be powered of and on this morning to correct the 
issue.
Has anyone seen a server that shows the time source as the PDC in the domain 
but still magically changes it’s own time?

We have 24 other member servers in this domain that did not exhibit this same 
function last night?

Any direction would be greatly appreciated.

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
--
-- Espi (via mobile)
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Windows 2012 R2 GPO Mapping Issue

2016-11-20 Thread David McSpadden

And maybe try under both user and computer context.

Sent from my iPhone

On Nov 20, 2016, at 8:31 AM, Mike Kanfer 
> wrote:

The only entry in the Event Viewer is that the group policy settings for the 
user were processed successful.  Gpresult shows that the mappings were 
successful. No errors to be found anywhere - and no drive mappings.

On Sun, Nov 20, 2016 at 2:50 AM, James Rankin 
> wrote:
There should be an event written to the logs as to why the mapping failed...

Sent from my slightly schizophrenic, but rather cool, BlackBerry Android
From: mkan...@cssu.org
Sent: 20 November 2016 3:02 a.m.
To: ntsysadm@lists.myitforum.com
Reply to: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Windows 2012 R2 GPO Mapping Issue

We have a GPO that is applied to Authenticated Users and linked to our domain.  
In it, we have a mapped drive which isn't work.  Looking at GPResult shows the 
policy being applied.  Using NET USE, we can map the drive with a user logged 
in.  We have unchecked, reconnect at logon and it still doesn't work.  The 
drive map action is Create. We also tried Update.  The GPO does work because 
other elements- a message on the logon screen is displayed.  The DC is a 
Windows 2012 R2 server and the workstation is a Windows 10 Pro version.  It 
also is not working on a Windows 2012 R2 terminal server.

Any help would be appreciated.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Windows 2012 R2 GPO Mapping Issue

2016-11-20 Thread David McSpadden

Three things
Turn verbose logging on that gpo

Reboot done of my mapped drives and printer adds only work after a reboot

Do a net use * /d then reboot

Sent from my iPhone

On Nov 20, 2016, at 8:31 AM, Mike Kanfer 
> wrote:

The only entry in the Event Viewer is that the group policy settings for the 
user were processed successful.  Gpresult shows that the mappings were 
successful. No errors to be found anywhere - and no drive mappings.

On Sun, Nov 20, 2016 at 2:50 AM, James Rankin 
> wrote:
There should be an event written to the logs as to why the mapping failed...

Sent from my slightly schizophrenic, but rather cool, BlackBerry Android
From: mkan...@cssu.org
Sent: 20 November 2016 3:02 a.m.
To: ntsysadm@lists.myitforum.com
Reply to: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Windows 2012 R2 GPO Mapping Issue

We have a GPO that is applied to Authenticated Users and linked to our domain.  
In it, we have a mapped drive which isn't work.  Looking at GPResult shows the 
policy being applied.  Using NET USE, we can map the drive with a user logged 
in.  We have unchecked, reconnect at logon and it still doesn't work.  The 
drive map action is Create. We also tried Update.  The GPO does work because 
other elements- a message on the logon screen is displayed.  The DC is a 
Windows 2012 R2 server and the workstation is a Windows 10 Pro version.  It 
also is not working on a Windows 2012 R2 terminal server.

Any help would be appreciated.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] ALL Flash Storage

2016-12-07 Thread David McSpadden

Your last line has been my first line of discover.
Having meetings with Nimble, and Pure tomorrow and EMC/Unity Friday.
Let you know how it goes.
What would everyone like me to ask these three about?
I'll post back to this thread.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Maglinger, Paul
Sent: Wednesday, December 7, 2016 3:11 PM
To: 'ntsysadm@lists.myitforum.com' <ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] ALL Flash Storage

I'm watching this conversation closely.  We're looking to replace our NetApp 
because our renewal maintenance costs basically tripled.  We of course had the 
option to upgrade our heads for around the same cost, but were surprised to 
find out that we would have to repurchase all of our software if we did so.
So Nutanix, Pure, and EMC have been banging on our door and one vendor is 
suggesting Nimble.

-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kurt Buff
Sent: Wednesday, December 07, 2016 12:54 PM
To: ntsysadm
Subject: Re: [NTSysADM] ALL Flash Storage

We also have a VNX 5400 (and a VNXe 3100), and we're going to dump it for 
Nimble in the middle of the year, once our support runs out.

The cost of renewing support will cover a new Nimble, basically, and we expect 
much improved performance.

Kurt

On Wed, Dec 7, 2016 at 6:24 AM, David McSpadden <dav...@imcu.com> wrote:
> What is eveyone’s thoughts on All Flash Storage?
>
> I am looking to replace the Storage I have attached to my VNX5400 from 
> EMC with either:
>
>
>
> EMC Unity
>
>
>
> PureStorage
>
>
>
> Nimble
>
>
>
> I haven’t gotten all the proposals in yet but was wondering what 
> everyone else thought about them?
>
> This e-mail and any files transmitted with it are property of Indiana 
> Members Credit Union, are confidential, and are intended solely for 
> the use of the individual or entity to whom this e-mail is addressed.
> If you are not one of the named recipient(s) or otherwise have reason 
> to believe that you have received this message in error, please notify 
> the sender and delete this message immediately from your computer. Any 
> other use, retention, dissemination, forwarding, printing, or copying 
> of this email is strictly prohibited.
>
>
> Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Good converter of WAV to MP3

2016-12-12 Thread David McSpadden

Audacity


Sent from my iPhone

On Dec 12, 2016, at 9:22 PM, Jon Harris 
> wrote:


I am in the process of ripping some music CD's, that I own, and the ripper is 
only ripping to WAV.  What is a good WAV to MP3 converter?  Any recommendations 
or ones to stay away from?  I pretty much will not use any coming from CNET, 
they seem to be full of garbage/adware.


Thanks


Jon
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] ALL Flash Storage

2016-12-07 Thread David McSpadden

Which HP product?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Don Ely
Sent: Wednesday, December 07, 2016 9:38 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] ALL Flash Storage

We just built to greenfield datacenters and put all flash in them.  Aside from 
the smaller footprint, the 10x-20x speed improvement of some of our apps was 
eye opening...

We dumped EMC and moved to HP.  NetApp was a part of the consideration, but in 
the end HP won out...

On Wed, Dec 7, 2016 at 6:32 AM David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
What is eveyone’s thoughts on All Flash Storage?
I am looking to replace the Storage I have attached to my VNX5400 from EMC with 
either:

EMC Unity

PureStorage

Nimble

I haven’t gotten all the proposals in yet but was wondering what everyone else 
thought about them?

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: TestUser2 Group Membership

2016-12-20 Thread David McSpadden

No Primary account should be Domain Users.
Some admin just clicked through things I think

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Christopher Bodnar
Sent: Tuesday, December 20, 2016 2:03 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: TestUser2 Group Membership

Are you using POSIX applications? Was there a reason that the Primary Group was 
changed for this account?

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, December 20, 2016 1:24 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] TestUser2 Group Membership

Why would a user be in a group but not in that group in attribute editor?

Question…I’m having an issue getting the PA Firewall to recognize the correct 
group in certain situations…Here is what I’ve found and believe could be part 
of the issue…

1)  TestUser2 has been added the Group _Coll

a.   [cid:image001.png@01D25ACC.534A9270]

2)  We can verify that by looking at the Members of _Coll

a.   [cid:image002.png@01D25ACC.534A9270]

3)  However, when you go to Attribute Editor and double click on Member, 
TestUser2 is not listed…

a.   [cid:image003.png@01D25ACC.534A9270]

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

- This message, and any attachments to 
it, may contain information that is privileged, confidential, and exempt from 
disclosure under applicable law. If the reader of this message is not the 
intended recipient, you are notified that any use, dissemination, distribution, 
copying, or communication of this message is strictly prohibited. If you have 
received this message in error, please notify the sender immediately by return 
e-mail and delete the message and any attachments. Thank you.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] TestUser2 Group Membership

2016-12-20 Thread David McSpadden

Why would a user be in a group but not in that group in attribute editor?

Question...I'm having an issue getting the PA Firewall to recognize the correct 
group in certain situations...Here is what I've found and believe could be part 
of the issue...



1)  TestUser2 has been added the Group _Coll

a.   [cid:image001.png@01D25AC3.4B13D840]

2)  We can verify that by looking at the Members of _Coll

a.   [cid:image002.png@01D25AC3.4B13D840]

3)  However, when you go to Attribute Editor and double click on Member, 
TestUser2 is not listed...

a.   [cid:image003.png@01D25AC3.4B13D840]
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] ALL Flash Storage

2016-12-07 Thread David McSpadden

No checks have been written, so it is not too late.
☺

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Sean Martin
Sent: Wednesday, December 7, 2016 10:51 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] ALL Flash Storage

I think it's safe to say that AFAs are becoming the norm for general purpose 
storage needs. If the primary use case is virtualization, I'd echo the previous 
response regarding vSAN. We'll be evaluating new compute/storage architecture 
this coming year and are looking heavily at the various HCI options in addition 
to traditional storage arrays. If it's not too late, I would include a couple 
of additional vendors in your initial round of evaluation.

Tegile
Kaminario

- Sean

On Wed, Dec 7, 2016 at 5:24 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
What is eveyone’s thoughts on All Flash Storage?
I am looking to replace the Storage I have attached to my VNX5400 from EMC with 
either:

EMC Unity

PureStorage

Nimble

I haven’t gotten all the proposals in yet but was wondering what everyone else 
thought about them?

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] ALL Flash Storage

2016-12-07 Thread David McSpadden

What is eveyone's thoughts on All Flash Storage?
I am looking to replace the Storage I have attached to my VNX5400 from EMC with 
either:

EMC Unity

PureStorage

Nimble

I haven't gotten all the proposals in yet but was wondering what everyone else 
thought about them?
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] ALL Flash Storage

2016-12-07 Thread David McSpadden

And thank you sir for the information

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Don Ely
Sent: Wednesday, December 7, 2016 9:38 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] ALL Flash Storage

We just built to greenfield datacenters and put all flash in them.  Aside from 
the smaller footprint, the 10x-20x speed improvement of some of our apps was 
eye opening...

We dumped EMC and moved to HP.  NetApp was a part of the consideration, but in 
the end HP won out...

On Wed, Dec 7, 2016 at 6:32 AM David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
What is eveyone’s thoughts on All Flash Storage?
I am looking to replace the Storage I have attached to my VNX5400 from EMC with 
either:

EMC Unity

PureStorage

Nimble

I haven’t gotten all the proposals in yet but was wondering what everyone else 
thought about them?

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: TMG forefront server

2017-03-24 Thread David McSpadden

To use the WAP do I require a separate ADFS server as well?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Brian Desmond
Sent: Sunday, March 12, 2017 11:37 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: TMG forefront server

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

The Web Application Proxy role in Windows 2012 R2 (although preferably 2016 for 
EAS) will do this. If you're looking for an appliance, the Kemp devices are a 
good mix of capability and cost.

Thanks,
Brian Desmond

w - 312.625.1438 | c - 312.731.3132

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Friday, March 10, 2017 6:13 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] TMG forefront server

I have a TMG forefront server that I use to pass my ActiveSync Exchange 2010 
mail through.
What is the recommended replacement for that server?

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Running exe from APPDATA..TEMP directory

2017-04-10 Thread David McSpadden

Have a vendor that want so run his app from the APPDATA..TEMP directory.
I have a GPO that denied .exe from running there or subfolders of there.
Any reason I should allow this?
I have the exact folder and program name but it's opening up an exception to my 
rule??
Any thoughts?

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread David McSpadden

I have approval to do that.
But wanted to be certain from others outside of my office that I am thinking 
correctly.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Damien Solodow
Sent: Monday, April 10, 2017 10:33 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Running exe from APPDATA..TEMP directory

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Point and laugh at the vendor and tell him to try again?

DAMIEN SOLODOW
IT Engineering Lead
317.447.6033 (office)
HARRISON COLLEGE

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Monday, April 10, 2017 10:25 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Running exe from APPDATA..TEMP directory

Have a vendor that want so run his app from the APPDATA..TEMP directory.
I have a GPO that denied .exe from running there or subfolders of there.
Any reason I should allow this?
I have the exact folder and program name but it's opening up an exception to my 
rule??
Any thoughts?

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Running exe from APPDATA..TEMP directory

2017-04-10 Thread David McSpadden

I'll have to see. Other admin in the department trying to get the exception 
approved for ditto.exe (Screen sharing software).
All I can find it bad installs and corrupt files in GoogleFu.
I am thinking I will be asking from them to get other software that doesn't 
have such a bad track record.


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Monday, April 10, 2017 10:40 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Running exe from APPDATA..TEMP directory

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.



That is very common, and creating exceptions for that directory is to be 
expected.  For example all the webcast/conference software like WebEx use that 
directory. I am assuming you are using Applocker. Hopefully the vendor signed 
their exe with a cert.  Most do these days.  So create a publisher exception, 
that is pretty darn bullet proof and better than doing a path exception.  It 
also future proofs the exception.  When the software updates it is pretty darn 
certain that the cert will look the same.


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Monday, April 10, 2017 10:32 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Running exe from APPDATA..TEMP directory

Have a vendor that want so run his app from the APPDATA..TEMP directory.
I have a GPO that denied .exe from running there or subfolders of there.
Any reason I should allow this?
I have the exact folder and program name but it's opening up an exception to my 
rule??
Any thoughts?

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [EXTERNAL]Re: [NTSysADM] IISlockdown

2017-03-02 Thread David McSpadden

ahh.
I get them intermixed.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kevin Lundy
Sent: Thursday, March 2, 2017 12:47 PM
To: NTSysADM@lists.myITforum.com
Subject: [EXTERNAL]Re: [NTSysADM] IISlockdown

URLscan is baked in - but still not the configuration settings.

On Thu, Mar 2, 2017 at 11:51 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
Thought it was baked into the IIS now?

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of Kevin Lundy
Sent: Thursday, March 2, 2017 11:45 AM
To: NTSysADM@lists.myITforum.com<mailto:NTSysADM@lists.myITforum.com>
Subject: [NTSysADM] IISlockdown

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Hi all - the IISlockdown tool has been deprecated for IIS 8, 8.5.  It was a 
handy tool to take away some of the bulk of the work in securing in IIS server.

Does anyone know of a similar tool?  My google is returning much.

Ideally I could create a config file on a test machine and once everything is 
configured be able to run that file against multiple servers.

Thanks
Kevin

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] IISlockdown

2017-03-02 Thread David McSpadden

Thought it was baked into the IIS now?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kevin Lundy
Sent: Thursday, March 2, 2017 11:45 AM
To: NTSysADM@lists.myITforum.com
Subject: [NTSysADM] IISlockdown

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Hi all - the IISlockdown tool has been deprecated for IIS 8, 8.5.  It was a 
handy tool to take away some of the bulk of the work in securing in IIS server.

Does anyone know of a similar tool?  My google is returning much.

Ideally I could create a config file on a test machine and once everything is 
configured be able to run that file against multiple servers.

Thanks
Kevin
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Unable to obtain IP from DHCP server

2017-03-10 Thread David McSpadden

Is the workstation connected directly to switch or through an IP phone or other 
device?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Pierre-Marie Camilleri
Sent: Friday, March 10, 2017 8:26 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Unable to obtain IP from DHCP server

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

DHCP server is running on a Windows 2008 R2 domain controller
It is on the same subnet and this is an existing machine. We are not having 
issues with new or other current machines. Just 2/3.

Pierre-Marie Camilleri

B.Sc. (Hons.), MBCS

ICT Systems Engineer

[Laferla]

Direct

(+356) 20939321

Dept

(+356) 20939300

Mobile

(+356) 79007864

Email

pmcamill...@laferla.com.mt

Web

www.laferla.com.mt

Address

204A | Old Bakery Street | Valletta VLT 1453 | Malta

[Facebook]

[Twitter]

[Google]

[YouTube]

[ITunes]

[Android]

Laferla Insurance Agency Limited is licensed to act as an insurance agent for 
Mapfre Middlesea p.l.c. and both companies are authorised to transact insurance 
business by the Malta Financial Services Authority.

[cid:image016.png@01D29979.CF4DF150]

Consider the environment. Do you really need to print this email?

Disclaimer

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Melvin Backus
Sent: 10 March 2017 12:56
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Unable to obtain IP from DHCP server

There are numerous possible causes but without more detail it’s hard to provide 
anything meaningful.

What DHCP server is running?
Is it on the same IP subnet / vlan?
Are there any log entries or either the client or the server to indicate 
attempts to communicate?
Are these new machines or existing machines which suddently stopped getting an 
IP?

--
There are 10 kinds of people in the world...
 those who understand binary and those who don't.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Pierre-Marie Camilleri
Sent: Friday, March 10, 2017 5:41 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Unable to obtain IP from DHCP server

Hi all

We are encountering a problem with some of our Windows 7 workstations and which 
are on the same LAN. They are unable to obtain an IP from the DHCP server and 
the only solution is to set a static IP which of course works. I cannot 
understand why this is happening to just a few. The others work fine. Could 
this be due to some system corruption? I’ve tried resetting the TCP/IP network 
stack and the Winsock all to no avail.
Has anyone encountered this issue before? Any help would be much appreciated.

Thanks
Pierre

Pierre-Marie Camilleri

B.Sc. (Hons.), MBCS

ICT Systems Engineer

[Laferla]

Direct

(+356) 20939321

Dept

(+356) 20939300

Mobile

(+356) 79007864

Email

pmcamill...@laferla.com.mt

Web

www.laferla.com.mt

Address

204A | Old Bakery Street | Valletta VLT 1453 | Malta

[Facebook]

[Twitter]

[Google]

[YouTube]

[ITunes]

[Android]

Laferla Insurance Agency Limited is licensed to act as an insurance agent for 
Mapfre Middlesea p.l.c. and both companies are authorised to transact insurance 
business by the Malta Financial Services Authority.

[cid:image016.png@01D29979.CF4DF150]

Consider the environment. Do you really need to print this email?

Disclaimer

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise

RE: [NTSysADM] Unable to obtain IP from DHCP server

2017-03-10 Thread David McSpadden

Or the TRENDNet itself?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Charles F Sullivan
Sent: Friday, March 10, 2017 10:39 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Unable to obtain IP from DHCP server

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

On the affected machines, do they get an IP address assigned other than maybe a 
self-assigned address (169.254.x.x)?

I’m just thinking about the possibility that someone has put another DHCP 
“server” on the network. For example, a consumer grade router.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] 
On Behalf Of Ed Ziots
Sent: Friday, March 10, 2017 10:18 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Unable to obtain IP from DHCP server

Wrong ip helper setting on router or switch configuration settings for the 
ports?

On Mar 10, 2017 6:47 AM, "Pierre-Marie Camilleri" 
> wrote:
Hi all

We are encountering a problem with some of our Windows 7 workstations and which 
are on the same LAN. They are unable to obtain an IP from the DHCP server and 
the only solution is to set a static IP which of course works. I cannot 
understand why this is happening to just a few. The others work fine. Could 
this be due to some system corruption? I’ve tried resetting the TCP/IP network 
stack and the Winsock all to no avail.
Has anyone encountered this issue before? Any help would be much appreciated.

Thanks
Pierre

Pierre-Marie Camilleri

B.Sc. (Hons.), MBCS

ICT Systems Engineer

[Laferla]

Direct

(+356) 20939321

Dept

(+356) 20939300

Mobile

(+356) 79007864

Email

pmcamill...@laferla.com.mt

Web

www.laferla.com.mt

Address

204A | Old Bakery Street | Valletta VLT 1453 | Malta

[Facebook]

[Twitter]

[Google]

[YouTube]

[ITunes]

[Android]

Laferla Insurance Agency Limited is licensed to act as an insurance agent for 
Mapfre Middlesea p.l.c. and both companies are authorised to transact insurance 
business by the Malta Financial Services Authority.

[cid:image008.png@01D2998B.84BE8CF0]

Consider the environment. Do you really need to print this email?

Disclaimer

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] TMG forefront server

2017-03-10 Thread David McSpadden

I have a TMG forefront server that I use to pass my ActiveSync Exchange 2010 
mail through.
What is the recommended replacement for that server?


David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] TMG forefront server

2017-03-10 Thread David McSpadden

I am only using the Exchange ActiveSync really.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Don Ely
Sent: Friday, March 10, 2017 7:55 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] TMG forefront server

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

What features do you need?  I'm kicking TMG to the curb and just using F5 LTMs.

On Mar 10, 2017 16:20, "David McSpadden" 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
I have a TMG forefront server that I use to pass my ActiveSync Exchange 2010 
mail through.
What is the recommended replacement for that server?

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190<tel:(317)%20554-8190>
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Unable to obtain IP from DHCP server

2017-03-10 Thread David McSpadden

Can you set the TCP/IP stack manually?
If that works you may have a network layer issue.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Melvin Backus
Sent: Friday, March 10, 2017 6:56 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Unable to obtain IP from DHCP server

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

There are numerous possible causes but without more detail it’s hard to provide 
anything meaningful.

What DHCP server is running?
Is it on the same IP subnet / vlan?
Are there any log entries or either the client or the server to indicate 
attempts to communicate?
Are these new machines or existing machines which suddently stopped getting an 
IP?

--
There are 10 kinds of people in the world...
 those who understand binary and those who don't.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Pierre-Marie Camilleri
Sent: Friday, March 10, 2017 5:41 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Unable to obtain IP from DHCP server

Hi all

We are encountering a problem with some of our Windows 7 workstations and which 
are on the same LAN. They are unable to obtain an IP from the DHCP server and 
the only solution is to set a static IP which of course works. I cannot 
understand why this is happening to just a few. The others work fine. Could 
this be due to some system corruption? I’ve tried resetting the TCP/IP network 
stack and the Winsock all to no avail.
Has anyone encountered this issue before? Any help would be much appreciated.

Thanks
Pierre

Pierre-Marie Camilleri

B.Sc. (Hons.), MBCS

ICT Systems Engineer

[Laferla]

Direct

(+356) 20939321

Dept

(+356) 20939300

Mobile

(+356) 79007864

Email

pmcamill...@laferla.com.mt

Web

www.laferla.com.mt

Address

204A | Old Bakery Street | Valletta VLT 1453 | Malta

[Facebook]

[Twitter]

[Google]

[YouTube]

[ITunes]

[Android]

Laferla Insurance Agency Limited is licensed to act as an insurance agent for 
Mapfre Middlesea p.l.c. and both companies are authorised to transact insurance 
business by the Malta Financial Services Authority.

[cid:image008.png@01D2996F.F41F5780]

Consider the environment. Do you really need to print this email?

Disclaimer

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] AWS East Outage

2017-03-01 Thread David McSpadden

Depends on your SLA with them

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of J- P
Sent: Wednesday, March 1, 2017 8:38 AM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]Re: [NTSysADM] AWS East Outage

https://techcrunch.com/2017/03/01/the-day-amazon-s3-storage-stood-still/

Would / should you hold your IT vendor responsible for relying on S3?

Jean-Paul Natola

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
<listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>> on 
behalf of Andrew S. Baker <asbz...@gmail.com<mailto:asbz...@gmail.com>>
Sent: Tuesday, February 28, 2017 5:36 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] AWS East Outage

Indeed.

Regards,

 ASB
 GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842

Sent with 
Mixmax<https://mixmax.com/s/WMB47Rd39yDNPFfWo?utm_source=mixmax_medium=email_campaign=signature_link_content=sent_with_mixmax>
[https://track.mixmax.com/api/track/v2/VeY2yqzRSgGkJn4Fd/gIt92YuwWah12ZAVmbvpnYzFmI/i02bj5Sb1J3bmRXa51mLzR3cpxGQtRWYzl3c05mI]

On Tue, Feb 28, 2017 3:56 PM, David McSpadden 
dav...@imcu.com<mailto:dav...@imcu.com> wrote:
So the normal question 'is the Internet down?' Is valid today?

Sent from my iPhone

On Feb 28, 2017, at 3:44 PM, Andrew S. Baker 
<asbz...@gmail.com<mailto:asbz...@gmail.com>> wrote:
Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Indeed.

It's like someone broke the whole Internet.   Or, at least, 80% of it.

Regards,

 ASB
 http://XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>

 Providing Expert Technology Consulting Services for the SMB market...

 GPG: 860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842

Sent with 
Mixmax<https://mixmax.com/s/WMB47Rd39yDNPFfWo?utm_source=mixmax_medium=email_campaign=signature_link_content=sent_with_mixmax>

On Tue, Feb 28, 2017 2:13 PM, Kennedy, Jim 
kennedy...@elyriaschools.org<mailto:kennedy...@elyriaschools.org> wrote:

Learning very quickly how many vendors we have that are using AWS.  Lots is the 
first word that comes to mind.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Charles F Sullivan
Sent: Tuesday, February 28, 2017 1:57 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] AWS East Outage

Any of your organizations being affected by this? The few services we have 
moved there so far are down.

http://bgr.com/2017/02/28/internet-outage-amazon-web-services/

Charlie Sullivan

Sr. Windows Systems Administrator

Boston College

197 Foster St. Room 367

Brighton, MA 02135

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Group Policy settings

2017-02-28 Thread David McSpadden

Testing now.  It was not set.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Webster
Sent: Tuesday, February 28, 2017 1:35 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Group Policy settings

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Do you have "Wait for network" set?

Webster

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of David McSpadden
Sent: Tuesday, February 28, 2017 12:16 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Group Policy settings

I have some Group Policy settings that sometimes apply on first logon and 
sometimes require a reboot of the workstation to see them in the HKCU hive as 
they should be.
What can I do to get my HKCU updated on first boot for every user?

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] %[SYSTEM]% environment variable

2017-03-21 Thread David McSpadden

I guess we need to know the config file you see this variable in?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Erik Goldoff
Sent: Tuesday, March 21, 2017 11:32 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] %[SYSTEM]% environment variable

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

I do not think %system% is a default Windows environment variable, and the 
brackets don't seem to belong to the syntax.  Looks more like something from an 
A/V exception for a security product I'm very familiar with, and in that 
context, %[system]% is a prefix variable that usually resolves to 
c:\windows\system32  (or whatever drive windows is installed to)

On Tue, Mar 21, 2017 at 11:14 AM, Richard Stovall 
> wrote:
I have run across this in a path in a config file and I'm wondering exactly 
what it means / points to.

e.g. %[SYSTEM]%\filename

It doesn't seem to work as intended and my Google-fu is weak on this one.

Thanks,
RS

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Outlook 2016 install

2017-04-07 Thread David McSpadden

Running an Office Repair on the 2016 install.  Waiting on it to finish.

From: listsad...@lists.myitforum.com [listsad...@lists.myitforum.com] on behalf 
of Michael B. Smith [mich...@smithcons.com]
Sent: Friday, April 07, 2017 11:15 AM
To: excha...@lists.myitforum.com; ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Outlook 2016 install

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

What kind of activation? Have you created a custom MSP and if so, what did you 
configure in it?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of David McSpadden
Sent: Friday, April 7, 2017 10:23 AM
To: excha...@lists.myitforum.com; ntsysadm@lists.myitforum.com
Subject: [Exchange] Outlook 2016 install

I have Outlook 2016 on 3 windows 10 workstations no big deal.
I have created and image, sysprepped it with Windows 10 and Outlook 2016.
Users first use after sysprep finishes does not allow them to add their 
mailbox.  They keep getting hung up on entering their passwords.
the Profile never gets created??

David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Outlook 2016 install

2017-04-07 Thread David McSpadden

I have Outlook 2016 on 3 windows 10 workstations no big deal.
I have created and image, sysprepped it with Windows 10 and Outlook 2016.
Users first use after sysprep finishes does not allow them to add their 
mailbox.  They keep getting hung up on entering their passwords.
the Profile never gets created??


David McSpadden
System Administrator
Indiana Members Credit Union
P: 317.554.8190
[Description: Description: imcu email icon]<http://imcu.com/>  [Description: 
Description: facebook email icon] <https://www.facebook.com/IndianaMembersCU>   
[Description: Description: twitter email icon] 
<https://twitter.com/IndMembersCU>

[Description: Description: email logo]
[http://www.amuletsolutions.com/images/mcp.gif]<http://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwjFztf-tePJAhXK5iYKHcPtAxEQjRwIBw=http://www.amuletsolutions.com/awards.aspx=bv.110151844,d.amc=AFQjCNHkrx8CednTEOOq4zUxYyrRUGzUsg=1450459757284499>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Vulernability scanners

2017-07-07 Thread David McSpadden

Looking at:
Nessus Security Center
GFI Languard
Rapid 7
Retina
Qualys
To scan my network and report on vulnerabilities.  Internally, nothing cloud 
based.
Does anyone have any info about the above they care to share?
Are there better ones out there that these?
Thanks
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Imaging an HP 800 SFF G3

2017-07-25 Thread David McSpadden

Almost finished the image and Windows Update stated the processor is now 
unsupported with this version of Windows.
Upgrade to Windows 8.1 or above.
Lol
I guess they don't intend on having Windows 7 around like Windows XP.


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Trice, Aaron
Sent: Monday, July 24, 2017 10:27 AM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL][NTSysADM] RE: Imaging an HP 800 SFF G3

I just fought with this for the better part of a week. Ours had M2 SSD drives, 
which I was never able to find drivers for. I ultimately found a thread on the 
HP Support forum that links to a download of a customized Win7 PRO installer 
that worked for me.

Forum thread:
https://h30434.www3.hp.com/t5/Desktop-Boot-and-Lockup/Fresh-install-Windows-7-on-HP-Elitedesk-800-G3/td-p/6162492

Cloud recovery client download:
https://support.hp.com/us-en/drivers/selfservice/swdetails/hp-elitedesk-800-g3-tower-pc/15257631/swItemId/vc-183425-1

Aaron


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Friday, July 21, 2017 9:30 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Imaging an HP 800 SFF G3


ATTENTION: This email came from an external source. DO NOT open attachments or 
click on links from unknown senders or unexpected emails.

Just got a batch of these in.
No USB 2.0 ports.
Boots to HP Sure Start.

Have disabled the Sure Start stuff.
Now getting to my Win 7 Enterprise ISO USB booting.
Stuck at the language screen.

Pretty sure I need to push some drivers into the Install.WIM.
Like the USB 3.0 extensible drivers but what else may I need?


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
Confidentiality Notice: This is a transmission from Montage Health. This 
message and any attached documents may be confidential and contain information 
protected by state and federal medical privacy statutes. They are intended only 
for the use of the addressee. If you are not the intended recipient, any 
disclosure, copying, or distribution of this information is strictly 
prohibited. If you received this transmission in error, please accept our 
apologies and notify the sender. Thank you.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Imaging an HP 800 SFF G3

2017-07-21 Thread David McSpadden

Just got a batch of these in.
No USB 2.0 ports.
Boots to HP Sure Start.

Have disabled the Sure Start stuff.
Now getting to my Win 7 Enterprise ISO USB booting.
Stuck at the language screen.

Pretty sure I need to push some drivers into the Install.WIM.
Like the USB 3.0 extensible drivers but what else may I need?

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Using GPP to fight Petya

2017-06-28 Thread David McSpadden

Gpupdate /force on a D.C.?
Not positive that forces all
Just a thought I had

Sent from my iPhone

On Jun 28, 2017, at 10:17 AM, Michael Leone 
> wrote:

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

OK, so I've made that change in the GPO, and it creates the file appropriately.

So how do I force all my servers to refresh their GPOs, without going to each 
and doing a "gpupdate /force"? When they automatically check in the next time, 
this policy should be applied. But how to make that happen NOW, rather than 
within the next 24 hours (or whatever)?

On Wed, Jun 28, 2017 at 9:23 AM, Kennedy, Jim 
> wrote:
I will ground my son who wrote that.  It should be ‘replace’.  That will create 
it or replace it.

Now, why you are not seeing it in gpresult I dunno. You ran the gpresult as a 
local admin?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] 
On Behalf Of Michael Leone
Sent: Wednesday, June 28, 2017 9:13 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Using GPP to fight Petya

So I'm confused. Looking at this page:

https://www.binarydefense.com/petya-ransomware-without-fluff/

Shows using GPP to create a file "c:\windows\perfc.dat". Apparently, if this 
file exists, the malware stops (yes, I know that there will be a variant Real 
Soon Now that avoids this).

So I made this change:

Computer\Preferences\Windows Settings\Files

And followed the web page ("update", copy windowsupdate.log  to 
c:\windows\perfc.dat", make it read-only. Did all this on a testing GPO I keep 
around for this purpose.

Doing Group Policy Modeling Wizard, I see this being applied as a setting to my 
test VM. Yet when I go an look in c:\windows, I don't see the file.Nor do I see 
that setting in "gpresult /r /v".

What have I done wrong?

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Removing Adobe Reader, repairing Adobe Standard, ADP paystub not showing?

2017-04-27 Thread David McSpadden

I have uninstalled Adobe Reader DC.
Repaired the Adobe Standard X.
Rebooted my Windows 7 sp1 32 bit workstation (Completely patched to last week.)
I can not get IE11 to show my paystub now.
If I uncheck Display PDF in Browser I get a pop up ajax.pdf window that 
displays my Paystub but if I leave it enabled I do not.
I can get to it from Chrome 58.

Any clues on why this would present on some Windows 7 workstations but not all?
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Imaging windows 10 1703 enterprise

2017-08-16 Thread David McSpadden

Does putting the sysprep in auditmode and making corrections and then 
generalize work for imaging?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Wednesday, August 16, 2017 12:47 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Imaging windows 10 1703 enterprise

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

CopyProfile is pretty much gone/broke.  GPO's and scripts after imaging are 
what you will need to do.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, August 16, 2017 12:29 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Imaging windows 10 1703 enterprise

I have a base image completely built.
Everything functions on the local admin account.
I have saved that image.
Then Sysprepped.
Then brought up the sysprepped image and my domain administrator can not access 
desktop icons, my default apps are back to Microsoft defaults (Edge not IE11), 
etc...
What can I do to the save preSysPrepped image to have the default profiles come 
up nicely for the end users so they don't have to make the associations 
themselves?
Make GPO's or CopyProfile?
I have done neither thus far but am willing to do either if it helps.
Leaning into the GPO's a lot harder than copyprofile if I can.
What is everyone's opinion and how can I research this the quickest.
The few google searches are coming up with articles from 2009 and such.
I would like the latest best practices if we can.

David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Imaging windows 10 1703 enterprise

2017-08-16 Thread David McSpadden

Enterprise
Built a standalone image
With the ISO
Now just trying to figure the sysprepping.


Sent from my iPhone

On Aug 16, 2017, at 1:09 PM, Art DeKneef 
<art.dekn...@cox.net<mailto:art.dekn...@cox.net>> wrote:

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.




What version of Windows 10, Pro or Enterprise?

You can pretty much configure everything if you use Enterprise. With Pro, there 
are some apps you can not remove.

Look at using MDT, Microsoft Deployment Toolkit.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, August 16, 2017 9:29 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Imaging windows 10 1703 enterprise

I have a base image completely built.
Everything functions on the local admin account.
I have saved that image.
Then Sysprepped.
Then brought up the sysprepped image and my domain administrator can not access 
desktop icons, my default apps are back to Microsoft defaults (Edge not IE11), 
etc…
What can I do to the save preSysPrepped image to have the default profiles come 
up nicely for the end users so they don’t have to make the associations 
themselves?
Make GPO’s or CopyProfile?
I have done neither thus far but am willing to do either if it helps.
Leaning into the GPO’s a lot harder than copyprofile if I can.
What is everyone’s opinion and how can I research this the quickest.
The few google searches are coming up with articles from 2009 and such.
I would like the latest best practices if we can.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
<http://imcu.com/>  
<https://www.facebook.com/IndianaMembersCU>  
<https://twitter.com/IndMembersCU>

<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] RE: Imaging windows 10 1703 enterprise

2017-08-16 Thread David McSpadden

Well shit.
I did not build in audit mode.
My base option is to start over and work from audit mode.

Sent from my iPhone

On Aug 16, 2017, at 1:32 PM, James Rankin 
<ja...@htguk.com<mailto:ja...@htguk.com>> wrote:

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.




Build your default profile in Audit Mode and use that, you can remove all the 
UWP apps with PowerShell while you are in Audit Mode.

GPOs to set FTAs are rubbish, they set for everyone and override anything 
defined by the user.

This article has a section on doing it in Audit Mode - 
http://www.htguk.com/everything-you-wanted-to-know-about_26/ - although this 
was pre-1703. In 1703 you may need some additional GPOs if using mandatory or 
roaming profiles.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: 16 August 2017 17:29
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Imaging windows 10 1703 enterprise

I have a base image completely built.
Everything functions on the local admin account.
I have saved that image.
Then Sysprepped.
Then brought up the sysprepped image and my domain administrator can not access 
desktop icons, my default apps are back to Microsoft defaults (Edge not IE11), 
etc…
What can I do to the save preSysPrepped image to have the default profiles come 
up nicely for the end users so they don’t have to make the associations 
themselves?
Make GPO’s or CopyProfile?
I have done neither thus far but am willing to do either if it helps.
Leaning into the GPO’s a lot harder than copyprofile if I can.
What is everyone’s opinion and how can I research this the quickest.
The few google searches are coming up with articles from 2009 and such.
I would like the latest best practices if we can.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
<http://imcu.com/>  
<https://www.facebook.com/IndianaMembersCU>  
<https://twitter.com/IndMembersCU>

<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [EXTERNAL]RE: [NTSysADM] RE: Imaging windows 10 1703 enterprise

2017-08-16 Thread David McSpadden

Ok
First thing in the morning
Grab a pc
Insert USB with 1703 ISO image
Boot
Go straight to sysprep
Switch to audit mode
Restart
Build without jointing domain
Install all updates
Install all drivers
Customize default apps
Customize desktop
Remove all tiles
Test all programs
Capture image at this point (so I can spawn from here later if needed)

Sysyprep with generalize
Capture image here to deploy to other like workstations.
Let sysprep finish
Join domain
(Default programs and apps should work on all profiles at this point)
Begin deployment of the last is I will ever need?




Sent from my iPhone

On Aug 16, 2017, at 2:39 PM, James Rankin 
<ja...@htguk.com<mailto:ja...@htguk.com>> wrote:

Also make sure you set your desired file type associations in Audit Mode too.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of James Rankin
Sent: 16 August 2017 18:48
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] RE: Imaging windows 10 1703 enterprise


This sender failed our fraud detection checks and may not be who they appear to 
be. Learn about spoofing<http://aka.ms/LearnAboutSpoofing>

Feedback<http://aka.ms/SafetyTipsFeedback>

Make sure you remove the UWP apps you don’t want while you’re in Audit Mode, 
and they won’t re-provision themselves back. You can also remove things like 
Contact Support now from Optional Features in Control Panel. Use PS for the 
main apps though.

If you’re using mandatory or roaming profiles, don’t forget to set the GPO for 
“allow deployment operations to special profiles” or the UWP apps you want 
(like Calculator) will not work properly.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: 16 August 2017 18:34
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] RE: Imaging windows 10 1703 enterprise

Well shit.
I did not build in audit mode.
My base option is to start over and work from audit mode.

Sent from my iPhone

On Aug 16, 2017, at 1:32 PM, James Rankin 
<ja...@htguk.com<mailto:ja...@htguk.com>> wrote:
Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.


Build your default profile in Audit Mode and use that, you can remove all the 
UWP apps with PowerShell while you are in Audit Mode.

GPOs to set FTAs are rubbish, they set for everyone and override anything 
defined by the user.

This article has a section on doing it in Audit Mode - 
http://www.htguk.com/everything-you-wanted-to-know-about_26/ - although this 
was pre-1703. In 1703 you may need some additional GPOs if using mandatory or 
roaming profiles.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: 16 August 2017 17:29
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Imaging windows 10 1703 enterprise

I have a base image completely built.
Everything functions on the local admin account.
I have saved that image.
Then Sysprepped.
Then brought up the sysprepped image and my domain administrator can not access 
desktop icons, my default apps are back to Microsoft defaults (Edge not IE11), 
etc…
What can I do to the save preSysPrepped image to have the default profiles come 
up nicely for the end users so they don’t have to make the associations 
themselves?
Make GPO’s or CopyProfile?
I have done neither thus far but am willing to do either if it helps.
Leaning into the GPO’s a lot harder than copyprofile if I can.
What is everyone’s opinion and how can I research this the quickest.
The few google searches are coming up with articles from 2009 and such.
I would like the latest best practices if we can.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
<http://imcu.com/>  
<https://www.facebook.com/IndianaMembersCU>  
<https://twitter.com/IndMembersCU>

<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, prin

[NTSysADM] Imaging windows 10 1703 enterprise

2017-08-16 Thread David McSpadden

I have a base image completely built.
Everything functions on the local admin account.
I have saved that image.
Then Sysprepped.
Then brought up the sysprepped image and my domain administrator can not access 
desktop icons, my default apps are back to Microsoft defaults (Edge not IE11), 
etc...
What can I do to the save preSysPrepped image to have the default profiles come 
up nicely for the end users so they don't have to make the associations 
themselves?
Make GPO's or CopyProfile?
I have done neither thus far but am willing to do either if it helps.
Leaning into the GPO's a lot harder than copyprofile if I can.
What is everyone's opinion and how can I research this the quickest.
The few google searches are coming up with articles from 2009 and such.
I would like the latest best practices if we can.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [EXTERNAL][NTSysADM] RE: Imaging windows 10 1703 enterprise

2017-08-22 Thread David McSpadden

Yes it worked
No sanitazation
I think my ad guys has grabbed some gpo's that are hurting me.

Sent from my iPhone

On Aug 22, 2017, at 9:58 AM, James Rankin 
<ja...@htguk.com<mailto:ja...@htguk.com>> wrote:

Did it (IE) work OK before you copied it to the default profile area?

Did you do any sanitization of the profile once it was copied to the default 
profile area?

It sounds like there is some first-run stuff for IE (ActiveSetup entries) that 
maybe aren’t running, but that’s just a complete guess…

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: 22 August 2017 14:41
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: Imaging windows 10 1703 enterprise

Ok.
Have reviewed your doc.
I have built an audit image.
Then sysprepped.
Then deployed to 10 testing machines.
Everything is awesome on Local Admin and Domain admin profiles.
User profile looks great and plays great with the Exception of Internet 
Explorer.
It just won’t open.
It is set as default browser.
I have it pinned to taskbar and star menu.
Click or double click it and it does nothing.
About 4 minutes goes by and then it opens but in a Not Responding state and 
never actually opens anything.
Just doing an iexplore http://www.google.com gets nothing?
And this is only on the user profiles.
What have I screwed up?


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of James Rankin
Sent: Wednesday, August 16, 2017 12:48 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: Imaging windows 10 1703 enterprise

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.


Build your default profile in Audit Mode and use that, you can remove all the 
UWP apps with PowerShell while you are in Audit Mode.

GPOs to set FTAs are rubbish, they set for everyone and override anything 
defined by the user.

This article has a section on doing it in Audit Mode - 
http://www.htguk.com/everything-you-wanted-to-know-about_26/ - although this 
was pre-1703. In 1703 you may need some additional GPOs if using mandatory or 
roaming profiles.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: 16 August 2017 17:29
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Imaging windows 10 1703 enterprise

I have a base image completely built.
Everything functions on the local admin account.
I have saved that image.
Then Sysprepped.
Then brought up the sysprepped image and my domain administrator can not access 
desktop icons, my default apps are back to Microsoft defaults (Edge not IE11), 
etc…
What can I do to the save preSysPrepped image to have the default profiles come 
up nicely for the end users so they don’t have to make the associations 
themselves?
Make GPO’s or CopyProfile?
I have done neither thus far but am willing to do either if it helps.
Leaning into the GPO’s a lot harder than copyprofile if I can.
What is everyone’s opinion and how can I research this the quickest.
The few google searches are coming up with articles from 2009 and such.
I would like the latest best practices if we can.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
<http://imcu.com/>  
<https://www.facebook.com/IndianaMembersCU>  
<https://twitter.com/IndMembersCU>

<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delet

[NTSysADM] SUSE linux 11 update driver

2017-05-03 Thread David McSpadden

I have 1 SUSE linux box in my whole environment.
I need to update the mallanox nic driver.
I have downloaded the .bin file but I can not get this to install to save my 
life.
Any directions is appreciated.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] software inventory over vpn tunnel

2017-05-17 Thread David McSpadden

After much discussion we will let the Firewall vpn’s do their jobs.
☺
Basically they wanted to know ahead of time before moving to the Palo.
The ASA never had the NAP turned on so users could come in un protected if they 
could have gotten the settings on the AnyConnect correct.
We have required that all mobile (VPN Users) bring in their device and have a 
hands on approach to validating the AntiVirus is installed and up to date.
Thanks all.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Don Ely
Sent: Wednesday, May 17, 2017 9:36 AM
To: ntsysadm@lists.myitforum.com; Patch Management Mailing List 
(patchmanagem...@listserv.patchmanagement.org) 
<patchmanagem...@listserv.patchmanagement.org>
Subject: Re: [NTSysADM] software inventory over vpn tunnel

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.



And yes, it is preferred to have a machine checked BEFORE it's allowed on the 
network...

On Wed, May 17, 2017 at 6:34 AM Don Ely 
<don@gmail.com<mailto:don@gmail.com>> wrote:
What's their reasoning?  The ASA AnyConnect feature was designed for it.  As 
were the Palo Global Protect features.  I've configured both at my gig and it 
works well.  We check for AV, Defs up to date, and a machine cert to validate 
it's a company owned device.

On Wed, May 17, 2017 at 6:17 AM David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
Would like to check for Antivirus on an endpoint after they have connected to 
my ASA VPN.  Terminate tunnel if the inventory does not meet requirements or at 
least notify admins of a potential issue.
What I am thinking of is like a NAP but my firewall guys would like it not on 
the ASA or the Palo when the migrate to it?
Isn’t it best to have the NAP on the firewall and let it do the work prior to 
actually connecting to SCCM or Active Directory?


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190<tel:(317)%20554-8190>| F: 317.554.8106<tel:(317)%20554-8106>
<http://imcu.com/>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] software inventory over vpn tunnel

2017-05-17 Thread David McSpadden

Would like to check for Antivirus on an endpoint after they have connected to 
my ASA VPN.  Terminate tunnel if the inventory does not meet requirements or at 
least notify admins of a potential issue.
What I am thinking of is like a NAP but my firewall guys would like it not on 
the ASA or the Palo when the migrate to it?
Isn't it best to have the NAP on the firewall and let it do the work prior to 
actually connecting to SCCM or Active Directory?


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Ot chrome book class

2017-06-25 Thread David McSpadden

My mother in law has a chrome book and very little skills.
Any direction for video classes on general pc use and chrome book usage would 
be awesome.

Sent from my iPhone
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Long time for reboot after May patching

2017-05-22 Thread David McSpadden

Since about Novemember last year one of the patches (I have not figured out or 
researched which) just sits at either 30% or Welcome.
Pressing Ctrl+Alt+Del ‘unfreezes the spinning disc of death and things progress 
nicely after that.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Charles F Sullivan
Sent: Monday, May 22, 2017 3:10 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Long time for reboot after May patching

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

So after 7 plus hours the spinning beads began to make me dizzy. I powered off 
the VM, powered it on and checked. All of the patches installed successfully. 
There was absolutely no mention of badness in the Event Logs. No unexpected 
shutdown or dump file. There was a gap in all of the logs from 7:21 to 14:23. 
The last one in the System Log was, as expected, “The system is shutting down 
at 7:21”.

It’s as if the server wasn’t really running even though it also wasn’t shut 
down. None of this surprises me much, but it’s a critical server so I didn’t 
want to take a chance. It runs a parking revenue application, but today is 
commencement day so they left the arms up on the parking machines. Thus I had 
all day to get it done.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] 
On Behalf Of Susan E Bradley
Sent: Monday, May 22, 2017 1:14 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Long time for reboot after May patching

There was a servicing stack update that unless you hit control-alt-delete it 
would sit there.

I would ask  myself... self?  Do I have a good backup?  If I answered yes I 
would hit a hard reset and see what happens.

On 5/22/2017 9:45 AM, Charles F Sullivan wrote:
I have a Windows 2012 R2 server that rebooted over 4 hours ago to complete 
patching and it’s still showing the spinning wheel and the Windows logo. I had 
3 others made from the same image that had no issues at all. These are all 
WMware VMs. I’m not sure if this is the shutdown or startup phase, but I’m 
guessing startup. Hitting ctrl, alt, del (technically ctrl, alt, insert in the 
WMware Console) did no good. (I don’t think this is quite the state where that 
problem applies.)

Because there is no network connectivity I feel pretty helpless since I can’t 
check logs, stop services or send a reboot command. Has anyone else seen this? 
If so, how long did you wait before you powered off? Or did you not have to?

I saw at least one post on the Patch Management list where someone else had the 
same problem after the May patches. His server came back on its own eventually, 
but I don’t think it took 4 plus hours. The application is not in use today, 
which is why they chose it as the patching day, so I probably have another 2 
hours before I have no choice but to power off.

Thanks.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [EXTERNAL]Re: [NTSysADM] Long time for reboot after May patching

2017-05-22 Thread David McSpadden

Yes!
So a vanilla install of 16 probably has this critter under the surface waiting 
to bite us.

Sent from my iPhone

On May 22, 2017, at 4:42 PM, Susan E Bradley 
<sbrad...@pacbell.net<mailto:sbrad...@pacbell.net>> wrote:


https://support.microsoft.com/en-us/help/3020369/april-2015-servicing-stack-update-for-windows-7-and-windows-server-2008-r2

Known issues for this update
Restart stuck on "Stage 3 of 3"
After you install update 3020369 together with other updates, a restart may be 
required to complete the installation. During this restart, you may find 
yourself stuck on "Stage 3 of 3."

If you encounter this issue, press Ctrl+Alt+Delete to continue to log on. This 
should occur only one time and does not prevent updates from installing 
successfully.

On 5/22/2017 12:20 PM, David McSpadden wrote:
Since about Novemember last year one of the patches (I have not figured out or 
researched which) just sits at either 30% or Welcome.
Pressing Ctrl+Alt+Del ‘unfreezes the spinning disc of death and things progress 
nicely after that.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Charles F Sullivan
Sent: Monday, May 22, 2017 3:10 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Long time for reboot after May patching

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.



So after 7 plus hours the spinning beads began to make me dizzy. I powered off 
the VM, powered it on and checked. All of the patches installed successfully. 
There was absolutely no mention of badness in the Event Logs. No unexpected 
shutdown or dump file. There was a gap in all of the logs from 7:21 to 14:23. 
The last one in the System Log was, as expected, “The system is shutting down 
at 7:21”.

It’s as if the server wasn’t really running even though it also wasn’t shut 
down. None of this surprises me much, but it’s a critical server so I didn’t 
want to take a chance. It runs a parking revenue application, but today is 
commencement day so they left the arms up on the parking machines. Thus I had 
all day to get it done.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of Susan E Bradley
Sent: Monday, May 22, 2017 1:14 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] Long time for reboot after May patching


There was a servicing stack update that unless you hit control-alt-delete it 
would sit there.

I would ask  myself... self?  Do I have a good backup?  If I answered yes I 
would hit a hard reset and see what happens.

On 5/22/2017 9:45 AM, Charles F Sullivan wrote:
I have a Windows 2012 R2 server that rebooted over 4 hours ago to complete 
patching and it’s still showing the spinning wheel and the Windows logo. I had 
3 others made from the same image that had no issues at all. These are all 
WMware VMs. I’m not sure if this is the shutdown or startup phase, but I’m 
guessing startup. Hitting ctrl, alt, del (technically ctrl, alt, insert in the 
WMware Console) did no good. (I don’t think this is quite the state where that 
problem applies.)

Because there is no network connectivity I feel pretty helpless since I can’t 
check logs, stop services or send a reboot command. Has anyone else seen this? 
If so, how long did you wait before you powered off? Or did you not have to?

I saw at least one post on the Patch Management list where someone else had the 
same problem after the May patches. His server came back on its own eventually, 
but I don’t think it took 4 plus hours. The application is not in use today, 
which is why they chose it as the patching day, so I probably have another 2 
hours before I have no choice but to power off.

Thanks.


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
recei

[NTSysADM] RE: Test

2017-05-30 Thread David McSpadden

Only a test?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Katherine M. Moss
Sent: Tuesday, May 30, 2017 8:41 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Test

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

This is a test.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [EXTERNAL]Re: [NTSysADM] RE: Test

2017-05-30 Thread David McSpadden

Oh thank God.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Erik Goldoff
Sent: Tuesday, May 30, 2017 9:27 AM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]Re: [NTSysADM] RE: Test

Yes, only a test.  In the event of an actual email event, you will be notified 
where to tune for additional details

On Tue, May 30, 2017 at 8:48 AM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
Only a test?

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of Katherine M. Moss
Sent: Tuesday, May 30, 2017 8:41 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Test

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

This is a test.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Windows 10 Enterprise N [10.0.15063] screen saver

2017-06-15 Thread David McSpadden

Just noticed after a couple months on this new build that my screen save GPO is 
not working?
We use ssmarque from older machines set at 15 minutes.

It flickers at 15 minutes but does not go into screen saver mode?

Does anyone else see this?
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Windows 10 Enterprise N [10.0.15063] screen saver

2017-06-15 Thread David McSpadden

I'll look at that
Thanks

Sent from my iPhone

> On Jun 15, 2017, at 4:55 PM, Kurt Buff <kurt.b...@gmail.com> wrote:
> 
> Notice:  This email is from an outside source.  Please do not open any 
> attachments, click on any hyperlinks, or respond without first confirming the 
> authenticity of the email.
> 
> 
> 
> 
> Sorry, no - we just the GPO to call the screen lock after 15 minutes
> (5 minutes for IT staff), rather than a particular screen saver.
> 
>> On Thu, Jun 15, 2017 at 10:27 AM, David McSpadden <dav...@imcu.com> wrote:
>> Just noticed after a couple months on this new build that my screen save GPO
>> is not working?
>> 
>> We use ssmarque from older machines set at 15 minutes.
>> 
>> 
>> 
>> It flickers at 15 minutes but does not go into screen saver mode?
>> 
>> 
>> 
>> Does anyone else see this?
>> 
>> This e-mail and any files transmitted with it are property of Indiana
>> Members Credit Union, are confidential, and are intended solely for the use
>> of the individual or entity to whom this e-mail is addressed. If you are not
>> one of the named recipient(s) or otherwise have reason to believe that you
>> have received this message in error, please notify the sender and delete
>> this message immediately from your computer. Any other use, retention,
>> dissemination, forwarding, printing, or copying of this email is strictly
>> prohibited.
>> 
>> 
>> Please consider the environment before printing this email.
> 
> 
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

2017-06-01 Thread David McSpadden

You  can add outlook 2016 with no account.
Then open the tool in the systems tray and test autodiscover down there.
Mine is still showing all failed in the split DNS I have going on.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Joseph L. Casale
Sent: Thursday, June 1, 2017 10:29 AM
To: 'ntsysadm@lists.myitforum.com' 
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

The test asks for an email and its associated password.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Katherine M. Moss
Sent: Thursday, June 1, 2017 8:21 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

Everything looks good; I can't test a nonworking account if I can't add said 
account, though, can I?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Joseph L. Casale
Sent: Thursday, June 01, 2017 10:08 AM
To: 'ntsysadm@lists.myitforum.com' 
>
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

I haven't seen a scenario, but I could imagine one for an internal network 
where the service connection point was wrong and dns varied between 
workstations which might result in the behavior you describe. Might be worth 
checking the config.

What does the output between a working and a non-working desktop look like for 
the outlook test e-mail auto configuration for the same account?

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Katherine M. Moss
Sent: Thursday, June 1, 2017 7:46 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

Now why did this not happen on my spare D630? And why did the D630 not hang on 
credential pass? I'm confused about this; why some of us are having performance 
issues during account add and others are not. And it seems specific to certain 
workstations.Like I said; only mine and this other guy is having the issue; our 
admin can't see the problem.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, June 01, 2017 9:38 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

They should be recreated for the proper contents of the new profile.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Katherine M. Moss
Sent: Thursday, June 1, 2017 9:25 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

If I move them, though, will they be re-created upon the creation of the new 
profile? And could those have anything to do with why Outlook is crashing for 
this account? In that case it's just one computer.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, June 01, 2017 9:20 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

In appdata for Outlook are a few XML files where OST and PST files are stored. 
Before you create a new profile, you should save-off those XML files (put them 
in a different folder). They are used by Outlook 2016 to build the profile 
instead of the PRF files that prior versions of Outlook used.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Katherine M. Moss
Sent: Thursday, June 1, 2017 8:56 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Nasty Outlook 2016 and Windows 10 issue

Hi all,
This might end up on the Exchange list, but until then, it looks like a 
different issue. I have recently reinstalled Office 2016 in light of a crashing 
Outlook when I went to set up this email address inside. Upon reinstall, I 
created a new profile, (the "connect Outlook to Office 365" dialogue needs to 
go the hell away, if you ask me), selected connect to a different account, and 
then all of the fields are autopopulated with values from my other email 
account which is indeed Office 365. If this is a brand new office install and 
my computer is set up with a local account, from

[NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

2017-06-01 Thread David McSpadden

With me you will always need a bigger stick

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Thursday, June 1, 2017 10:41 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Always happy to help. This is my recommended brand:

[Image result for clue by four image]

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kennedy, Jim
Sent: Thursday, June 1, 2017 10:19 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

Michael, can I hire you for a day or two to beat that idea into my desktop 
tech's heads? We will provide the clue by four.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, June 1, 2017 10:08 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

I have no idea. To evaluate, I would be looking at connection statistics, debug 
logs, and wireshark.

However - if a workstation gives you problems, re-image it. It's not worth the 
time or hassle to debug anymore. A rebuild can be done in 30 minutes or less.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Katherine M. Moss
Sent: Thursday, June 1, 2017 9:46 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

Now why did this not happen on my spare D630? And why did the D630 not hang on 
credential pass? I'm confused about this; why some of us are having performance 
issues during account add and others are not. And it seems specific to certain 
workstations.Like I said; only mine and this other guy is having the issue; our 
admin can't see the problem.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, June 01, 2017 9:38 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

They should be recreated for the proper contents of the new profile.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Katherine M. Moss
Sent: Thursday, June 1, 2017 9:25 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

If I move them, though, will they be re-created upon the creation of the new 
profile? And could those have anything to do with why Outlook is crashing for 
this account? In that case it's just one computer.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, June 01, 2017 9:20 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Nasty Outlook 2016 and Windows 10 issue

In appdata for Outlook are a few XML files where OST and PST files are stored. 
Before you create a new profile, you should save-off those XML files (put them 
in a different folder). They are used by Outlook 2016 to build the profile 
instead of the PRF files that prior versions of Outlook used.

From: listsad...@lists.myitforum.com 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Katherine M. Moss
Sent: Thursday, June 1, 2017 8:56 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Nasty Outlook 2016 and Windows 10 issue

Hi all,
This might end up on the Exchange list, but until then, it looks like a 
different issue. I have recently reinstalled Office 2016 in light of a crashing 
Outlook when I went to set up this email address inside. Upon reinstall, I 
created a new profile, (the "connect Outlook to Office 365" dialogue needs to 
go the hell away, if you ask me), selected connect to a different account, and 
then all of the fields are autopopulated with values from my other email 
account which is indeed Office 365. If this is a brand new office install and 
my computer is set up with a local account, from where is Outlook even pulling 
values from my Microsoft account anyway? Not sure whether the two issues are 
related, but after correcting the autopopulated fields to match the values for 
this account (on premise Exchange server 2016), I'm having an annoying thing 
happen where the

RE: [EXTERNAL]Re: [NTSysADM] HP Proliant Server Install from USB

2017-09-22 Thread David McSpadden

My steps:
Create logical disk.
Disable smart boot
Boot to USB either legacy or uefi depending on apps on server. (Mostly just 
uefi anymore.)
Build server from latest iso from ms licensing site.
Add bios admin password
Change boot order to HD, CD, USB, NIC.
Deliver server to department or unit needing it.
Has worked on last 5 servers that have come with the smart boot.


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Thozama Nonxuba
Sent: Friday, September 22, 2017 7:39 AM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]Re: [NTSysADM] HP Proliant Server Install from USB

I set up the logical disk using the Array. It recognised the disks, no problem. 
I didn't disable smart boot.
Will it work work after I disable smart boot and use a normal UEFI  bootable 
USB ?

On Fri, Sep 22, 2017 at 1:17 PM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
Did you get into the array and set up your logical disk first?

Also did you disable the smart boot option in the bios?

Sent from my iPhone

On Sep 22, 2017, at 7:11 AM, Thozama Nonxuba 
<nyib...@gmail.com<mailto:nyib...@gmail.com>> wrote:
Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.



Hi

I'm trying to install Windows Server 2016 on a new HP Proliant DL20 Gen 9 
server using a USB drive.
I cannot install even though I tried using UEFI created USB drive. Please 
assist.


Thanks.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [EXTERNAL]Re: [NTSysADM] HP Proliant Server Install from USB

2017-09-22 Thread David McSpadden

Should have three options
Legacy
UEFI no smart boot
UEFI smart boot

Or I do.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Thozama Nonxuba
Sent: Friday, September 22, 2017 7:53 AM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]Re: [NTSysADM] HP Proliant Server Install from USB

Also I can't use Legacy boot as the Arrray is not recognised in that case. It 
is only recognised in UEFI boot. If I boot using Legacy boot, even if I have 
the drivers in the usb and tell setup to use them, I still can't see the disks.
Does turning off Smart Boot still boot using UEFI?

On Fri, Sep 22, 2017 at 1:38 PM, Thozama Nonxuba 
<nyib...@gmail.com<mailto:nyib...@gmail.com>> wrote:
I set up the logical disk using the Array. It recognised the disks, no problem. 
I didn't disable smart boot.
Will it work work after I disable smart boot and use a normal UEFI  bootable 
USB ?

On Fri, Sep 22, 2017 at 1:17 PM, David McSpadden 
<dav...@imcu.com<mailto:dav...@imcu.com>> wrote:
Did you get into the array and set up your logical disk first?

Also did you disable the smart boot option in the bios?

Sent from my iPhone

On Sep 22, 2017, at 7:11 AM, Thozama Nonxuba 
<nyib...@gmail.com<mailto:nyib...@gmail.com>> wrote:
Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.



Hi

I'm trying to install Windows Server 2016 on a new HP Proliant DL20 Gen 9 
server using a USB drive.
I cannot install even though I tried using UEFI created USB drive. Please 
assist.


Thanks.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Can not access cname

2017-10-10 Thread David McSpadden

New 2016 standard server
Want to access cname/share
Failing

Sent from my iPhone
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] RE: Can not access cname

2017-10-10 Thread David McSpadden

Not
Root
E:\files
Then cannot access\\cname\files
Can access \\ip\files and \\computername\files



Sent from my iPhone

On Oct 10, 2017, at 5:21 PM, Michael B. Smith 
<mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote:

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.




Try harder.

Did you create the share at the root of the volume? That’s the #1 problem I see 
these days.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, October 10, 2017 4:58 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Can not access cname

New 2016 standard server
Want to access cname/share
Failing
Sent from my iPhone

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] RE: Can not access cname

2017-10-11 Thread David McSpadden

Reboot fixed.
Also, in hindsight.
Old server owns cname and ip.
new server is built and upgraded application is installed and ready to go.
Changed cname and change ip on new server to match old server.
DID NOT decommission old server just gave dhcp address.
All of the googlefu in the world assume old server is dead and off domain.
I think.
Because using the link below did not help even after reboot until old server 
was removed from domain. (Changed the name as well.)

Thank you all for your insight.
And I will give better information before posting in the future.
Sugar was low and I was under the gun because we were rolling in production.

List is still the best thing I have joined in 21 years.


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Tuesday, October 10, 2017 5:58 PM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]RE: [NTSysADM] RE: Can not access cname

Better information, provides better answers. :)

https://support.microsoft.com/en-us/help/3181029/smb-file-server-share-access-is-unsuccessful-through-dns-cname-alias

CNAMEs break Kerberos unless you add the appropriate SPNs. See "netdom 
computername /add:cname.fqdn".

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of David McSpadden
Sent: Tuesday, October 10, 2017 5:27 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] RE: Can not access cname

Not
Root
E:\files
Then cannot access\\cname\files
Can access \\ip\files and 
\\computername\files


Sent from my iPhone

On Oct 10, 2017, at 5:21 PM, Michael B. Smith 
<mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote:
Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.


Try harder.

Did you create the share at the root of the volume? That's the #1 problem I see 
these days.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, October 10, 2017 4:58 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Can not access cname

New 2016 standard server
Want to access cname/share
Failing
Sent from my iPhone

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Imaging windows 10 1703 enterprise

2017-08-22 Thread David McSpadden

Ok.
Have reviewed your doc.
I have built an audit image.
Then sysprepped.
Then deployed to 10 testing machines.
Everything is awesome on Local Admin and Domain admin profiles.
User profile looks great and plays great with the Exception of Internet 
Explorer.
It just won't open.
It is set as default browser.
I have it pinned to taskbar and star menu.
Click or double click it and it does nothing.
About 4 minutes goes by and then it opens but in a Not Responding state and 
never actually opens anything.
Just doing an iexplore http://www.google.com gets nothing?
And this is only on the user profiles.
What have I screwed up?


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of James Rankin
Sent: Wednesday, August 16, 2017 12:48 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Imaging windows 10 1703 enterprise

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.



Build your default profile in Audit Mode and use that, you can remove all the 
UWP apps with PowerShell while you are in Audit Mode.

GPOs to set FTAs are rubbish, they set for everyone and override anything 
defined by the user.

This article has a section on doing it in Audit Mode - 
http://www.htguk.com/everything-you-wanted-to-know-about_26/ - although this 
was pre-1703. In 1703 you may need some additional GPOs if using mandatory or 
roaming profiles.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of David McSpadden
Sent: 16 August 2017 17:29
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Imaging windows 10 1703 enterprise

I have a base image completely built.
Everything functions on the local admin account.
I have saved that image.
Then Sysprepped.
Then brought up the sysprepped image and my domain administrator can not access 
desktop icons, my default apps are back to Microsoft defaults (Edge not IE11), 
etc...
What can I do to the save preSysPrepped image to have the default profiles come 
up nicely for the end users so they don't have to make the associations 
themselves?
Make GPO's or CopyProfile?
I have done neither thus far but am willing to do either if it helps.
Leaning into the GPO's a lot harder than copyprofile if I can.
What is everyone's opinion and how can I research this the quickest.
The few google searches are coming up with articles from 2009 and such.
I would like the latest best practices if we can.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] RE: Can not access cname

2017-10-10 Thread David McSpadden

Still a failure.
I am stuck waiting on a reboot.
Will see then if the NETDOM worked.
Also, removed old server that had owned that CNAME prior from the domain.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Tuesday, October 10, 2017 5:58 PM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]RE: [NTSysADM] RE: Can not access cname

Better information, provides better answers. :)

https://support.microsoft.com/en-us/help/3181029/smb-file-server-share-access-is-unsuccessful-through-dns-cname-alias

CNAMEs break Kerberos unless you add the appropriate SPNs. See "netdom 
computername /add:cname.fqdn".

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, October 10, 2017 5:27 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: Re: [NTSysADM] RE: Can not access cname

Not
Root
E:\files
Then cannot access\\cname\files
Can access \\ip\files and 
\\computername\files

Sent from my iPhone

On Oct 10, 2017, at 5:21 PM, Michael B. Smith 
<mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote:
Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Try harder.

Did you create the share at the root of the volume? That's the #1 problem I see 
these days.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, October 10, 2017 4:58 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Can not access cname

New 2016 standard server
Want to access cname/share
Failing
Sent from my iPhone

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Just another day in the life of a Network Engineer

2017-12-13 Thread David McSpadden

Will pizza be delivered?


My God I have to stop.
I could user this up all day.


From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Melvin Backus
Sent: Wednesday, December 13, 2017 3:39 PM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]RE: [NTSysADM] Just another day in the life of a Network 
Engineer

I think you’re in luck. The problem is on the inbound side so you’ll be able to 
get home fine. Coming to work tomorrow may be a challenge though.

--
There are 10 kinds of people in the world...
 those who understand binary and those who don't.

¯\_(ツ)_/¯

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, December 13, 2017 3:21 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Just another day in the life of a Network Engineer

So that is where the Chinese must be coming from.
Phew. I was worried I wouldn’t make it home.
I live right next to the Chinese restaurant.


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Melvin Backus
Sent: Wednesday, December 13, 2017 3:13 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [EXTERNAL]RE: [NTSysADM] Just another day in the life of a Network 
Engineer

Only inside the pizza delivery zone. There is still congestion outside that 
area.

--
There are 10 kinds of people in the world...
 those who understand binary and those who don't.

¯\_(ツ)_/¯

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, December 13, 2017 2:44 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Just another day in the life of a Network Engineer

But I think I missed it…are the roads clear or not?

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff
Sent: Wednesday, December 13, 2017 2:18 PM
To: ntsysadm <ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>>
Subject: Re: [NTSysADM] Just another day in the life of a Network Engineer

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Why yes, it's just like that.
Nearly every day.
Kurt

On Wed, Dec 13, 2017 at 9:22 AM, Andrew S. Baker 
<asbz...@gmail.com<mailto:asbz...@gmail.com>> wrote:
https://www.linkedin.com/pulse/what-its-like-network-engineer-ron-buchalski/

Regards,

 ASB



This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Just another day in the life of a Network Engineer

2017-12-13 Thread David McSpadden

But I think I missed it…are the roads clear or not?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kurt Buff
Sent: Wednesday, December 13, 2017 2:18 PM
To: ntsysadm 
Subject: Re: [NTSysADM] Just another day in the life of a Network Engineer

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Why yes, it's just like that.
Nearly every day.
Kurt

On Wed, Dec 13, 2017 at 9:22 AM, Andrew S. Baker 
> wrote:
https://www.linkedin.com/pulse/what-its-like-network-engineer-ron-buchalski/

Regards,

 ASB

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] Just another day in the life of a Network Engineer

2017-12-13 Thread David McSpadden

So that is where the Chinese must be coming from.
Phew. I was worried I wouldn’t make it home.
I live right next to the Chinese restaurant.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Melvin Backus
Sent: Wednesday, December 13, 2017 3:13 PM
To: ntsysadm@lists.myitforum.com
Subject: [EXTERNAL]RE: [NTSysADM] Just another day in the life of a Network 
Engineer

Only inside the pizza delivery zone. There is still congestion outside that 
area.

--
There are 10 kinds of people in the world...
 those who understand binary and those who don't.

¯\_(ツ)_/¯

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, December 13, 2017 2:44 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: RE: [NTSysADM] Just another day in the life of a Network Engineer

But I think I missed it…are the roads clear or not?

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff
Sent: Wednesday, December 13, 2017 2:18 PM
To: ntsysadm <ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>>
Subject: Re: [NTSysADM] Just another day in the life of a Network Engineer

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Why yes, it's just like that.
Nearly every day.
Kurt

On Wed, Dec 13, 2017 at 9:22 AM, Andrew S. Baker 
<asbz...@gmail.com<mailto:asbz...@gmail.com>> wrote:
https://www.linkedin.com/pulse/what-its-like-network-engineer-ron-buchalski/

Regards,

 ASB

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] OS in the CPU

2017-11-20 Thread David McSpadden

Stop you guys are scary the children!
It’s enough that the NSA is leaking data and blaming it on Virus scanning 
software companies.
Now you guys have the all seeing eye putting backdoor code in every processor 
in all things on the interwebs.
How are we supposed to sleep at night??
;-)

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kurt Buff
Sent: Monday, November 20, 2017 11:34 AM
To: ntsysadm 
Subject: Re: [NTSysADM] OS in the CPU

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

There are always more problems:

https://www.thezdi.com/blog/2017/10/04/vmware-escapology-how-to-houdini-the-hypervisor

https://www.youtube.com/watch?v=uRemWLNBSZg

On Mon, Nov 20, 2017 at 8:05 AM, Andrew S. Baker 
> wrote:
But wait!   There's more...

https://www.youtube.com/watch?v=KrksBdWcZgQ

(I see your "solution" and raise you two more problems)

Regards,

 ASB

On Sun, Nov 19, 2017 at 12:28 PM, Kurt Buff 
> wrote:
The OS in question (minix), isn't in the main CPU - it's in the CPU of the 
management engine, which is completely separate, and doesn't, or at least 
shouldn't, affect system performance.
https://en.wikipedia.org/wiki/Intel_Active_Management_Technology#Hardware
That actually makes it worse, since as long as the machine is connect to power, 
even though putatively "off", the management engine is available. That is, if 
it's been configured. This is an enterprise feature, so the ME is usually not 
active in consumer-grade computers.
But, if it's present and turned on, then it's pretty risky:
https://www.theregister.co.uk/2017/11/09/chipzilla_come_closer_closer_listen_dump_ime/
But there's some hope, of a sort - Google is on the case:
http://www.tomshardware.com/news/google-removing-minix-management-engine-intel,35876.html
Kurt

On Sun, Nov 19, 2017 at 6:34 AM, Andrew S. Baker 
> wrote:
No wonder our machines don't seem as fast as we think they *could* be... 
They're busy running more stuff than we thought:

http://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/

The security implications are also pretty staggering...

Regards,

 ASB

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

Re: [NTSysADM] Config Mgr doc script help

2017-12-07 Thread David McSpadden

I use it
Send me a test

Sent from my iPhone

On Dec 7, 2017, at 10:33 AM, Webster 
> wrote:

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.




Does anyone on this list use my Cong Manager documentation script? If so, would 
be open to testing an update?

A user reported an invalid variable used for one WMI cmdlet. I fixed that 
according to his suggestion and took this as an opportunity to bring that 
script up to the changes made in all the other doc scripts. This user is 
claiming that parts of the script are broken even though no changes were made 
in those sections.

Since I know nothing about SCCM and don't have access to SCCM to test with, I 
would appreciate any assistance anyone could help me with.

Thanks


Carl Webster
Citrix Technology Professional Fellow  | iGel Tech Community Insider | 
Parallels VIPP
http://www.CarlWebster.com
The Accidental Citrix Admin

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: WOW!!! I had no idea I was going to be honored

2017-10-24 Thread David McSpadden

You deserve every bit of this.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Webster
Sent: Tuesday, October 24, 2017 12:18 PM
To: NT Issues (ntsysadm@lists.myitforum.com) 
Subject: [NTSysADM] WOW!!! I had no idea I was going to be honored

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

https://www.citrix.com/blogs/2017/10/24/announcing-ctp-fellow-award-a-new-classification/

Deeply, deeply humbled and honored

Thanks

Carl Webster
Citrix Technology Professional | iGel Tech Community Insider | Parallels VIPP
http://www.CarlWebster.com
The Accidental Citrix Admin

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: GPO application question.

2017-10-24 Thread David McSpadden

Weird and unsupported things.
Not good mojo for you if you go this route.
Basically it could cause unknown things to happen.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Tuesday, October 24, 2017 1:57 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] GPO application question.

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

What happens with a setting that is in a GPO applied to a non-supported OS.  So 
for example the SMB setting below is on an OU with Win 10 boxes in it. Is it 
just ignored? So it will get ignored and not mess up the Win 10 
dependencies..correct?

[cid:image001.jpg@01D34CD1.129FE160]
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Surface and rdp small display

2018-01-09 Thread David McSpadden

I told him it was time for the bifocals.
He told me his private life was none of my business?
lol

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Andrea 'ML' Suatoni
Sent: Tuesday, January 9, 2018 11:20 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Surface and rdp small display

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Well, I don't know if it fits in your environment, but due to that precise DPI 
issue I've switched to mRemoteNG as RDP client when I started using a Surface, 
and it works perfectly. No more Lilliputian remote desktops since then.

Andrea

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: 09 January 2018 15:46
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Surface and rdp small display

I have been reading and applying hotfixes to my CFO's surface but the RDP 
session is so small he cannot use his Surface to remote into his workstation in 
the office.
What should I be really doing to fix this?

David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Surface and rdp small display

2018-01-09 Thread David McSpadden

Ugh.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kennedy, Jim
Sent: Tuesday, January 9, 2018 9:57 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Surface and rdp small display

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

You need a manifest file, however I believe MS blew that up in the Anniversary 
edition.

http://pocketnow.com/2016/01/25/hidpi-scalling-in-windows-10

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, January 9, 2018 9:46 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Surface and rdp small display

I have been reading and applying hotfixes to my CFO's surface but the RDP 
session is so small he cannot use his Surface to remote into his workstation in 
the office.
What should I be really doing to fix this?

David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Surface and rdp small display

2018-01-09 Thread David McSpadden

Yeah.
Doesn't play nice from a surface.
Applied the hotfix to the destination workstation.
Rebooted.
Not I think I am going into the display settings on the Surface and reducing 
them from 2billionx1billion (exaggerated). Down to 1280x800 or something 
reasonable.
This seems to be playing nice.
Going to have the user try from their user account.
Thanks all.
This is a PITA.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Kibble,Tony
Sent: Tuesday, January 9, 2018 10:02 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Surface and rdp small display

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.



*Disclaimer, have never used a Surface so unsure of screen size.

Have you changed the Display configuration within the RDP session itself to a 
higher resolution? That normally increases the screen size of the RDP session. 
Click on Show Options before connecting
[cid:image001.jpg@01D38932.23F81F70]

[cid:image002.jpg@01D38932.23F81F70]

Tony Kibble


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Tuesday, January 9, 2018 2:46 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Surface and rdp small display

I have been reading and applying hotfixes to my CFO's surface but the RDP 
session is so small he cannot use his Surface to remote into his workstation in 
the office.
What should I be really doing to fix this?


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>


This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.



DISCLAIMER

This material has been checked by us for computer viruses and, although none 
has been found, we cannot guarantee that it is completely free from such 
problems and we do not accept liability for loss or damage which may be caused.

This message is intended only for use of the individual or entity to whom it is 
addressed and may contain information which may be privileged and confidential. 
If you are not the intended recipient you are hereby notified that any 
dissemination, distribution or copying of this communication is strictly 
prohibited. If you have received this e-mail in error, please notify the sender 
immediately via e-mail and delete the message. Thank you.

***

Travelers Insurance Company Limited is authorised by the Prudential Regulation 
Authority and regulated by the Financial Conduct Authority in the UK and is 
regulated by the Central Bank of Ireland for conduct of business rules. 
Registered in England 1034343. Registered as a branch in Ireland 903382.

Travelers Syndicate Management Limited is authorised by the Prudential 
Regulation Authority and regulated by the Financial Conduct Authority and the 
Prudential Regulation Authority. Registered in England 03207530.

Travelers Underwriting Agency Limited is authorised and regulated by the 
Financial Conduct Authority. Registered in England 03708247.

Travelers Professional Risks Limited is an appointed representative of 
Travelers Insurance Company Limited which is authorised by the Prudential 
Regulation Authority and regulated by the Financial Conduct Authority and the 
Prudential Regulation Authority. Registered in England 05201980

Travelers Management Limited. Registered in England 00972175.

The registered offices for all companies listed above is: Exchequer Court, 33 
St Mary Axe, London, EC3A 8AG.
All other branch offices are available from our websites.

travelers.co.uk
travelers.ie

Issues to: mailto: intad...@travelers.com<mailto:intad...@travelers.com>

[NTSysADM] Surface and rdp small display

2018-01-09 Thread David McSpadden

I have been reading and applying hotfixes to my CFO's surface but the RDP 
session is so small he cannot use his Surface to remote into his workstation in 
the office.
What should I be really doing to fix this?


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] domain admin account passwords management

2018-01-17 Thread David McSpadden

I know we have LAPS for local admins.
What is everyone doing for domain admin account passwords management and 
compliance?
We are being asked to change passwords every 90 days and most of the domain 
admins are service accounts?
So...what does everyone else do to automate/management this?


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] Palo Alto Endpoint Security Trapps?

2018-01-26 Thread David McSpadden

Anyone using or heard of this?

David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: Palo Alto Endpoint Security Trapps?

2018-01-26 Thread David McSpadden

Best I can find it that it is innovative on the Gartner magic quadrant...
It is worth leaving Trend?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Sean Chapman
Sent: Friday, January 26, 2018 9:23 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: Palo Alto Endpoint Security Trapps?

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Sure.  Its like any other next gen AV product.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Friday, January 26, 2018 7:57 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Palo Alto Endpoint Security Trapps?

Anyone using or heard of this?

David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

The information contained in this communication and all accompanying documents 
from Coilcraft may be confidential and/or legally privileged, and is intended 
only for the use of the recipient(s) named above. If you are not the intended 
recipient you are hereby notified that any review, disclosure, copying, 
distribution or the taking of any action in reliance on the contents of this 
transmitted information is strictly prohibited. If you have received this 
communication in error, please return it to the sender immediately and destroy 
the original message or accompanying materials and any copy thereof. If you 
have any questions concerning this message, please contact the sender.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

RE: [NTSysADM] RE: Palo Alto Endpoint Security Trapps?

2018-01-26 Thread David McSpadden

I am hoping Sean was being as vague as my question.
Mostly I need to know without a sales pitch if it is worth my time to listen to 
a sales pitch.

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Don Ely
Sent: Friday, January 26, 2018 2:10 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] RE: Palo Alto Endpoint Security Trapps?

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

Do explain.  Based on your statement, I disagree with you

On Fri, Jan 26, 2018 at 11:04 AM Sean Chapman 
<schap...@coilcraft.com<mailto:schap...@coilcraft.com>> wrote:
Sure.  Its like any other next gen AV product.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] 
On Behalf Of David McSpadden
Sent: Friday, January 26, 2018 7:57 AM

To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Palo Alto Endpoint Security Trapps?

Anyone using or heard of this?

David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190<tel:(317)%20554-8190>| F: 317.554.8106<tel:(317)%20554-8106>
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

The information contained in this communication and all accompanying documents 
from Coilcraft may be confidential and/or legally privileged, and is intended 
only for the use of the recipient(s) named above. If you are not the intended 
recipient you are hereby notified that any review, disclosure, copying, 
distribution or the taking of any action in reliance on the contents of this 
transmitted information is strictly prohibited. If you have received this 
communication in error, please return it to the sender immediately and destroy 
the original message or accompanying materials and any copy thereof. If you 
have any questions concerning this message, please contact the sender.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] SIEM devices

2018-01-26 Thread David McSpadden

I know we have discussed this before but I am up for hardware renewal of my 
LogRhythm.
Looking like I will go with a LogRhythm XM4411 device.

Does anyone have something better they use or have heard of from IBM, Splunk, 
or McAfee (The rest of the top 4 in the Leaders of the Magic Quadrant.)
Let me know in the next 2 weeks.
Looking to get my old LogRhythm LXR2 updated.


David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

[NTSysADM] RE: domain admin account passwords management

2018-01-17 Thread David McSpadden

Agreed on all accounts.
With that said how do we still manage the EA, DA, and SA accounts with the 90 
day rotation?

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Michael B. Smith
Sent: Wednesday, January 17, 2018 12:15 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: domain admin account passwords management

Notice:  This email is from an outside source.  Please do not open any 
attachments, click on any hyperlinks, or respond without first confirming the 
authenticity of the email.

I would suggest you should only have 4 (maximum) domain admin accounts.

If Ford can get by with 4, so can you.

And the actual Administrator account should have a disgustingly long password 
that is written down and put in a safe.

I doubt highly that your service accounts need to be domain admins. They may 
need some specific privileges delegated, but actual domain admin? Probably not.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Wednesday, January 17, 2018 12:01 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] domain admin account passwords management

I know we have LAPS for local admins.
What is everyone doing for domain admin account passwords management and 
compliance?
We are being asked to change passwords every 90 days and most of the domain 
admins are service accounts?
So...what does everyone else do to automate/management this?

David McSpadden
Systems Administrator
Indiana Members Credit Union
P: 317.554.8190| F: 317.554.8106
[Description: imcu email icon]<http://imcu.com/>  [Description: facebook email 
icon] <https://www.facebook.com/IndianaMembersCU>   [Description: twitter email 
icon] <https://twitter.com/IndMembersCU>
[Description: email logo]
[Image result for mcp 
logo]<https://www.google.com/url?sa=i=j==s=images==rja=8=0ahUKEwirvOT_m8fTAhVM1xoKHVbUA2kQjRwIBw=https://mssqlhub.wordpress.com/2013/09/23/pathway-for-microsoft-certification/=AFQjCNHf-4M9Isb1398vr-wswZ04wRJObQ=1493471205430002>

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.
This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.

Please consider the environment before printing this email.

< 1 2 3 4 5 >

301 - 400 of 401 matches

Mail list logo