Re: [NTSysADM] RE: Simple, Simple CRM

That does look nice, Brian.   Thanks for that recommendation… Regards, ASB http://XeeMe.com/AndrewBaker Providing Expert Technology Consulting Services for the SMB market… GPG:860D 40A1 4DA5 3AE1 B052 8F9F 07A1 F9D6 A549 8842 On Thu, Dec 8, 2016 4:36 PM, Brian Desmond

Re: [NTSysADM] External trust issue

Thanks Chris, I tried what you grepping the firewall logs I'm seeing TCP port 88 (kerberos) traffic from server1.CustProj.corp to DC.Company.corp. For my test I did what you said. I then assigned that domain local group created in CustProj.corp to the Remote Desktop Users group. When I RDP

Re: [NTSysADM] External trust issue

Thanks Brian! I'll check on why the client in project.corp wasn't trying to use Kerberos. On Thu, Dec 8, 2016 at 4:12 PM Brian Desmond wrote: > > > > > > > > > > > > > > > > > *RODCs won’t help because RODCs don’t have trust passwords cached locally.* > > > > > > > >

[NTSysADM] Re: [patchmanagement] OT: IT Philosophy

Mod hat on:  And I really promise not to send any more through.  Please post on the ntsysadmin list on this topic. On 12/8/2016 2:08 PM, Matthew Houston wrote: My answer to the entirety of these

RE: [NTSysADM] External trust issue

You should be able to limit the traffic to only domain controllers talking back and forth. My guess is that you have the Corpcompany.corp users being directly added to the ACLs on the resources in server1. Try this: Create a Corpcompany.corp global group and add users to it Create a

[NTSysADM] RE: Simple, Simple CRM

I use www.pipedrive.com and have been really happy with it, especially as "simple" goes. Thanks, Brian Desmond w - 312.625.1438 | c - 312.731.3132 From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Stefan Jafs Sent: Thursday,

RE: [NTSysADM] External trust issue

RODCs won’t help because RODCs don’t have trust passwords cached locally. If this is done via Kerb there shouldn’t be any communication from the resource in the “project” forest to a DC in the “corp” forest. The client in the corp forest will need to contact a “project” DC, though. Thanks,

Re: [NTSysADM] Simple, Simple CRM

Take a look at GoldMine. Disclaimer - it has been well over 7 years since I last looked at it, but of all the simple CRM software projects I've been involved in, this program had the best response from the sales team. On Thu, Dec 8, 2016 at 3:20 PM Stefan Jafs wrote: > We are

RE: [NTSysADM] Nessus reports outdated version dlls after new WUP Rollups

If it helps, I just checked a few random Windows 2012 R2 boxes and that DLL is at version 6.3.9600.18454 after the servers were fully patched. Two of the servers were patched by our automated solution, BMC BladeLogic, the other one was done manually by WU. *From:* listsad...@lists.myitforum.com

[NTSysADM] Simple, Simple CRM

We are looking for a very simple CRM, out telemarketer enter some info, if it becomes warm they will forward / mention it to the appropriates sales person, we have about 20 sales people There should be a flag for follow up. We have tried Microsoft CRM in the past but t many buttons to push (

RE: [NTSysADM] Nessus reports outdated version dlls after new WUP Rollups

I have not had that problem on our servers, but on windows 7 and 10 computers rollups will not install from windows update. I had to download them manually and install them for the nessus reports to come up clean. It was similar issues to what you are having with the same patches you listed.

RE: [NTSysADM] OT: IT Philosophy

“our users are local admins on their Windows laptops and we not stop them from installing any software they want” Who supports said software, or is there any expectation of support? If Joe BillyBob installs FileMaker or MS Access and creates a database and queries that become key to a

RE: [NTSysADM] ALL Flash Storage

The frontend was the problem. In the case of the HP EVA the storage and controllers worked very well as direct attached storage. The Windows Storage Server frontend couldn't handle the CIFS traffic we were throwing at it. Paul -Original Message- From: listsad...@lists.myitforum.com

[NTSysADM] OT: windows 10 stuff

If anyone is interested in hearing about my experiences with windows 10 deployment, here's a link to a (possible series, dependent on uptake) of webinars. http://bit.ly/2hp2OUA End shameless self promotion :-) Sent from my slightly schizophrenic, but rather cool, BlackBerry Android

Re: [NTSysADM] OT: IT Philosophy

Get your manager's view in writing. #1 -- If he's fine with convergence of liability, then great. #3 -- Speak to legal #4 -- Security requires defense in depth.  Deliberately eliminating one layer of protection does not lend itself to security. I hope that your customers are either consumers or

RE: [NTSysADM] OT: IT Philosophy

Knowing James, I bet it is an AppSense product. Thanks Carl Webster Citrix Technology Professional

Re: [NTSysADM] OT: IT Philosophy

Appsense, RES and Scense all have similar privilege management features. I've had best results with appsense, but that's probably related to familiarity with the suite. Sent from my slightly schizophrenic, but rather cool, BlackBerry Android From: melvin.bac...@byers.com Sent: 8 December 2016

[NTSysADM] Nessus reports outdated version dlls after new WUP Rollups

Is anyone else having issues with new server builds and the new rollup patches? I recently built two new 2012 R2 boxes - took them manually through a Windows Update patch cycle. The new rollups amazed me and I only ended up only needing a few cycles to get it fully patched. SCCM shows the server

RE: [NTSysADM] External trust issue

Just spitballing here, but would federation help that? Or put an RODC for company.corp on location at custproj.corp -- There are 10 kinds of people in the world... those who understand binary and those who don't. From: listsad...@lists.myitforum.com

[NTSysADM] External trust issue

I have a interesting project that I'm working on and I believe I have hit a snag that is going to throw a big monkey wrench in the deal. Here is what I have to work with. 2 domains in separate forests. Company.corp CustProj.corp I have created a one way trust that allows users from

RE: [NTSysADM] OT: IT Philosophy

Easily handled by a policy waiver. Use of company equipment is provided for execution of company business and processes. Personal use is allowed as you see fit but if you don’t want your personal files in our possession then don’t put them on our equipment. Doing so grants us an unlimited

RE: [NTSysADM] OT: IT Philosophy

Care to share what that software is? -- There are 10 kinds of people in the world... those who understand binary and those who don't. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of James Rankin Sent: Thursday, December 8, 2016 9:46 AM To:

Re: [NTSysADM] OT: IT Philosophy

I definitely agree with Brian on this for #3. I would also be concerned about the liability of having possession of employee personal files. Do you protect laptop backups to PII standards? What are you going to do if a departed employee asks (demands) that all their personal data be deleted.

RE: [NTSysADM] ALL Flash Storage

As long as the topic is on everyone's radar (and I realize this is a bit off the 'all flash' subject line)... We've been a NetApp customer for around 15 years now. Tried a Lefthand appliance just after they were acquired by HP, didn't really offer enough advantage to switch. We're now

[NTSysADM] RE: Windows Hello for Business

It currently requires Azure AD at a minimum. On-premises AD is an optional component. The best resource for this is the feature PM's blog - he has a handful of posts that lay out how all the plumbing works in significant detail - https://jairocadena.com/ Thanks, Brian Thanks, Brian Desmond

[NTSysADM] RE: Windows Hello for Business

I've never tried this in the enterprise myself, but I've been less than impressed with Windows Hello's propensity to activate when confronted with people of, erm, similar lack of hair... From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of

RE: [NTSysADM] OT: IT Philosophy

Software we use has a "rights discovery mode" that you can use to audit the environment first and find out exactly which software needs admin access, which really helps :) From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kennedy, Jim Sent: 08 December

[NTSysADM] Windows Hello for Business

Hi all, Has anyone looked into Windows Hello for Business with Windows 10? Trying to find out how it works and what is necessary to deploy it into the actual domain and not only for local sign on. However, Technet is quite unhelpful regarding this all, can't seem to find any actual clear

[NTSysADM] RE: code-signing cert for PS untrusted

Thanks, sounds like using various web services from cert companies is the norm. I still don't have an answer on the issue, but have reached out to our Premier support. Not sure if this will end up being a support case, but I'll post back when I have more info. Hopefully it's just something

RE: [NTSysADM] OT: IT Philosophy

One thing we did when we pulled admin was make a very serious and very public declaration that we would jump all over their requests for additional software or taking care of issues related to no admin. Then we made sure we delivered on that promise. We also did it a department/building at a

RE: [NTSysADM] OT: IT Philosophy

1 and 2 are up to management as long as they give you the resources to do it. 3 really surprises me, knowingly allowing company resources for certain copyright infringement seems really negligent. On 4 you can never have enough layers against malware. In the environment you describe I would

RE: [NTSysADM] ALL Flash Storage

I'm not sure I understand how any of that changes things. If you're serving only CIFS, the VM frontend still provides the same services and abstracts the function from the SAN so you're no longer dependent on the underlying provider. I realize that it's a separate piece to manage, but it may