Re: The list status
I'm sure we can bestow a moderator status on him. In return for keeping us in line and dealing with all the inevitable tomfoolery, I'm sure we can allow him to send out occasional bits of targeted mail... Just a thought? Cheers, JR On 3 May 2013 14:54, Jonathan Link wrote: > Yeah, but he won't "own" it... > > > On Fri, May 3, 2013 at 9:44 AM, Mayo, Bill wrote: > >> I'm not sure what the problem is at this point. A new list is setup, it >> is working better than the old one, and many (most?) folks have moved over >> to it. Stu can simply subscribe to it if he wants. >> >> -Original Message- >> From: Rod Trent [mailto:rodtr...@myitforum.com] >> Sent: Friday, May 03, 2013 9:39 AM >> To: NT System Admin Issues >> Subject: RE: The list status >> >> Google groups? >> >> Is that even a listserv? >> >> -Original Message- >> From: Sandy [mailto:san...@knowbe4.com] >> Sent: Friday, May 03, 2013 9:21 AM >> To: NT System Admin Issues >> Subject: re: The list status >> >> Hello Everyone! My name is Sandy Vandebult and I was a long Sunbelter >> and currently work with Stu at his new company Knowbe4. GoodNews!! GFI >> has given the list over to Stu and the list will live on! >> >> We are looking at moving the list over to Google groups but I am open to >> any suggestions if anybody knows of a better way to go. >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < >> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> >> >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < >> http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: The list?
It's a new feature - manual mirroring. In that you post the same stuff to both. On 30 April 2013 18:05, Stringham, Steven wrote: > ** > > Yes, but does it automatic failover? Is it load balanced? > > > -- > *From:* kz2...@googlemail.com [mailto:kz2...@googlemail.com] > *Sent:* Tuesday, April 30, 2013 9:38 AM > > *To:* NT System Admin Issues > *Subject:* Re: The list? > > We now have list redundancy > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > -- > *From: *Ryan Finnesey > *Date: *Tue, 30 Apr 2013 16:29:46 + > *To: *NT System Admin Issues > *ReplyTo: *"NT System Admin Issues" > > *Subject: *The list? > > I hate to jinks it but it seem the list is still up and running? > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > -- > > For more information about *Lewis and Roca LLP*, please go to * > www.lewisandroca.com* <http://www.lewisandroca.com/>. > > Phoenix (602)262-5311 Reno (775)823-2900 Tucson (520)622-2090 > Albuquerque > (505)764-5400 Las Vegas (702)949-8200 Silicon Valley (650)391-1380 > > This message is intended only for the use of the individual or entity to > which it is addressed. If the reader of this message is not the intended > recipient, or the employee or agent responsible for delivering the message > to the intended recipient, you are hereby notified that any dissemination, > distribution or copying of this message is strictly prohibited. If you have > received this communication in error, please notify us immediately by > replying to the sender of this E-Mail by return E-Mail or by telephone. > > In accordance with Internal Revenue Service Circular 230, we advise you > that if this email contains any tax advice, such tax advice was not > intended or written to be used, and it cannot be used, by any taxpayer for > the purpose of avoiding penalties that may be imposed on the taxpayer. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: So where is this new list signup?
The list has rebelled and moved itself to http://myitforum.com/myitforumwp/services/email-lists/ On 29 April 2013 16:05, Michael Leone wrote: > The list is moving, right? (I don't get to read it every day, so I > probably missed something). So do I need to go and sign up for the new > home of the list, or will I be migrated over as an existing user? > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
[NTSysADM] Re: End of month plan B for list shutdown.
gt; --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<><><><><>
Re: End of month plan B for list shutdown.
e hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<><><><><>
Re: End of month plan B for list shutdown.
Oh OK, I getcha now Looks like Ben's already volunteered though :-) On 29 April 2013 13:43, Kennedy, Jim wrote: > If the list blows up tomorrow, the person that decides to pick it up > would contact the blog owner…… > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Monday, April 29, 2013 8:31 AM > > *To:* NT System Admin Issues > *Subject:* Re: End of month plan B for list shutdown. > > ** ** > > There's plenty of us with blogspace to put out announcements - I think the > key is where are we going to get the information from in the first place?* > *** > > > > I'm hoping Stu will push some details out very soon - otherwise a decade+ > of helpful resource is about to go to the wall :-( > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > > > On 29 April 2013 13:14, Kennedy, Jim wrote: > > > The end of the month and allegedly the end of the list is tomorrow. We > need a plan B to get back in contact to get this going again if possible. > Someone got a blog we can bookmark for new/announcements that would be > willing to post anything they hear? > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: End of month plan B for list shutdown.
There's plenty of us with blogspace to put out announcements - I think the key is where are we going to get the information from in the first place? I'm hoping Stu will push some details out very soon - otherwise a decade+ of helpful resource is about to go to the wall :-( -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk On 29 April 2013 13:14, Kennedy, Jim wrote: > The end of the month and allegedly the end of the list is tomorrow. We > need a plan B to get back in contact to get this going again if possible. > Someone got a blog we can bookmark for new/announcements that would be > willing to post anything they hear? > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Virtualization
I guess that means the HP sizing tool is a sales tool really On 29 April 2013 12:24, itli...@imcu.com wrote: > Ok so I tried the HP sizing tool. > > Says I need a half million dollar server to hypervise 16 low end > application servers. This is not a good selling point. > > Anyone idea how I screwed this up? > > ** ** > > *From:* Jonathan Link [mailto:jonathan.l...@gmail.com] > *Posted At:* Friday, April 26, 2013 2:58 PM > > *Posted To:* itli...@imcu.com > *Conversation:* Virtualization > *Subject:* Re: Virtualization > > ** ** > > No, I think he was saying you have a lot of verve... > > ** ** > > On Fri, Apr 26, 2013 at 10:46 AM, Steven M. Caesare > wrote: > > You have nerve, saying that I have nerve. > > > > -sc > > > > *From:* Webster [mailto:webs...@carlwebster.com] > > *Sent:* Friday, April 26, 2013 9:32 AM > *To:* NT System Admin Issues > > *Subject:* RE: Virtualization > > > > DOH! You went there, ouch! I thought only I had the nerve to do that.*** > * > > > > Thanks > > > > > > Webster > > > > *From:* Steven M. Caesare [mailto:scaes...@caesare.com] > > *Sent:* Friday, April 26, 2013 8:05 AM > > > *To:* NT System Admin Issues > > *Subject:* RE: Virtualization > > > > I have a PDF on my SAN somewhere that addresses this.. I’ll send it with > my Linux email client. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Virtualization
I wouldn't particularly say any hypervisor would be your best bet with this little info to go on For instance XenServer might make sense if you were running XenApp or XenDesktop VMWare is often the choice for "production" environments given the features it has and the product maturity, but I am sure its competitors are now catching up. However if it's a sandbox environment then one of the cheaper or free alternatives will do fine There are a vast amount of licensing considerations in the mix too... Are you looking to P2V existing servers or create new ones? Are you hosting sessions on these servers (i.e. RDS or Citrix), or are they just app servers? The use you make of the servers will dictate the sizing and performance you require The SAN question is a whole other kettle of fish, and one that has often started some interesting flame wars on this list :-) I think maybe a bit more info would help us guide you a bit better. Cheers, JR On 26 April 2013 12:10, itli...@imcu.com wrote: > Looking to virtualize 7 windows 2008 servers. > > A couple of questions: > > How do I size a Virtualized server and san? > > Which virtual server software is best? > > Hyper V, VMware, citrix > > Any guidance in this area is appreciated… > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Startup processes
You knowthe answer for this has been in my possession all along, in a
snippet someone emailed to me for inclusion in my "configuration library"
online.
The point I've been missing, Homer Simpson style, is that I was looking to
verify that the endpoint is connected to "any" network - when in fact if
they are wanting to copy files and folders, etc., surely that indicates
they need to verify that they are on the "corporate" networkmassive
facepalm just hit me :-(
So all I need to do is leverage the bit of PS I was sent and change it to
my own requirements. I think this checks to see if a physical NIC is
connected and if it can connect to a DC, and then writes the results to a
logshouldn't be too hard to adapt...
Thanks for the discussion which certainly made me think things thru
properly :-)
function writeevent() {
if ($args[0] -eq "-h") {
Write-Host "usage: writeevent > "
break
}
#count the arguments
if ($args.count -lt 4)
{
write-host "Error calling writeevent. Too few arguments. use option -h
to see help" -foregroundcolor "red"
break
}
trap
{ # this installs an error handler for the function
write-host "Error writing to eventlog:" $_.Exception.GetType().FullName
+ $_.Exception.Message
continue; # exiting a trap with "continue" says to continue on the next
line of the script
}
$source = $args[0]
$type = $args[1]
$eventid = $args[2]
$msg = $args[3]
#Create the source, if it does not already exist.
if(![System.Diagnostics.EventLog]::SourceExists($source))
{
[System.Diagnostics.EventLog]::CreateEventSource($source,'Application')
$logfile = 'Application'
}
else
{
$logfile =
[System.Diagnostics.EventLog]::LogNameFromSourceName($source,'.')
#write-host "Source exists and is registered in the $logfile Log"
}
#Check if Event Type is correct
switch ($type)
{
"Information" {}
"Warning" {}
"Error" {}
default {"Event type is invalid";exit}
}
$log = New-Object System.Diagnostics.EventLog
$log.set_log($logfile)
$log.set_source($source)
$log.WriteEntry($msg,$type,$eventid)
}
#Check if the condition has already been run
If ($env:_EMPNetworkStatus -eq "LANConnect")
{
write-output "Network connection is ready: Check has already been run"
writeevent "WaitForNetworkScript" Information 2 "Network connection is
ready: Check has already been run"
exit 0
}
#Get All physical network adapter which are connected
$connected_physical_nics = Get-WmiObject Win32_NetworkAdapter | `
where {$_.AdapterType -eq "Ethernet 802.3" `
-and $_.PNPDeviceID -match 'PCI' `
-and $_.NetConnectionStatus -eq 2}
#If an adapter is found, we assume client is in corporate network
If ($connected_physical_nics)
{
#Get the current DC
$currentDC = ([ADSI]“LDAP://RootDSE”).dnshostname
#test connection to DC
$i = 0
While (!$connrst)
{
$connrst = Test-Connection -computername $currentDC -Count 1 -ea
SilentlyContinue
$i += 1
If (!$connrst -and $i -ge 15)
{
#Timeout, we exit
write-output "Timeout, we exit the script"
writeevent "WaitForNetworkScript" Warning 1 "Timeout, network
connection not ready: Error while trying to reach DC: $currentDC"
exit 1
}
start-sleep -s 1
}
write-output "Network connection is ready: connected DC: $currentDC"
writeevent "WaitForNetworkScript" Information 0 "Network connection is
ready: connected DC: $currentDC"
[ENVIRONMENT]::SetEnvironmentVariable("_EMPNetworkStatus",
"LANConnect", "MACHINE")
exit 0
}
Else
{
write-warning "Network is disconnected"
writeevent "WaitForNetworkScript" Warning 3 "Network is disconnected"
[ENVIRONMENT]::SetEnvironmentVariable("_EMPNetworkStatus",
"Disconnected", "MACHINE")
exit 1
}
On 25 April 2013 15:33, James Rankin wrote:
> That's what I thoughtresearch seems to concur. Delaying the startup of
> certain services might have let me delay the processing long enough for the
> network to connect :-(
>
>
> On 25 April 2013 15:09, Guyer, Don wrote:
>
>> I thought that setting just delayed GPO processing?
>>
>> ** **
>>
>> Regards,
>>
>> * *
>>
>> *Don Guyer**
>> **Catholic Health East - Information Technology*
>>
>> Enterprise Directory & Messaging Services
>> 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073
>>
>> email: *dgu...@che.org*
>>
>
Re: Startup processes
That's what I thoughtresearch seems to concur. Delaying the startup of certain services might have let me delay the processing long enough for the network to connect :-( On 25 April 2013 15:09, Guyer, Don wrote: > I thought that setting just delayed GPO processing? > > ** ** > > Regards, > > * * > > *Don Guyer** > **Catholic Health East - Information Technology* > > Enterprise Directory & Messaging Services > 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 > > email: *dgu...@che.org* > > Office: 610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440 > > *For immediate assistance, please open a Service Desk ticket or call the > helpdesk @ 610-492-3839.* > > [image: Description: Description: Description: InfoService-Logo240] > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Thursday, April 25, 2013 9:37 AM > > *To:* NT System Admin Issues > *Subject:* Re: Startup processes > > ** ** > > Actually hang on, is that right? It delays all the services until the > network is available? That might work - but then if *no *network is > available, does it start those services at all? > > ** ** > > On 25 April 2013 14:22, N Parr wrote: > > GPO - Always wait for the network at computer startup. > Would this setting work for you, it won't let any other services start > until the network is available. Most people turn in on anyway because it > solves a lot of other issues. > > > > -Original Message- > From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] > Sent: Thursday, April 25, 2013 7:12 AM > To: NT System Admin Issues > Subject: Startup processes > > On a Windows system, is there a process that runs on startup that will > only run if there is network connectivity present? I've got a strange > requirement and I need to be able to tell when the network is available, if > possible. > > TIA, > > > JR > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > Confidentiality Notice: > This e-mail, including any attachments is the > property of Catholic Health East and is intended > for the sole use of the intended recipient(s). > It may contain information that is privileged and > confidential. Any unauthorized review, use, > disclosure, or distribution is prohibited. If you are > not the intended recipient, please delete this message, and > reply to the sender regarding the error in a separate email. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
Re: Startup processes
Workstation would be good, but unfortunately they all run in the svchost.exe process I could check for them via a scripted mechanism though. Workstation service deals with accessing shares doesn't it, and server deals with making shares availablemight be some mileage there On 25 April 2013 14:32, Guyer, Don wrote: > How about a Service starting up, like Workstation or Computer Browser? > > ** ** > > Regards, > > * * > > *Don Guyer** > **Catholic Health East - Information Technology* > > Enterprise Directory & Messaging Services > 3805 West Chester Pike, Suite 100, Newtown Square, Pa 19073 > > email: *dgu...@che.org* > > Office: 610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440 > > *For immediate assistance, please open a Service Desk ticket or call the > helpdesk @ 610-492-3839.* > > [image: Description: Description: Description: InfoService-Logo240] > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Thursday, April 25, 2013 9:17 AM > > *To:* NT System Admin Issues > *Subject:* Re: Startup processes > > ** ** > > I probably could.just I have a built-in Process Started trigger so it > would have been easier if there was a particular process that couldn't > exist without network connectivity. > > The other problem I've got is looping the routine enough to give it time > for the network to connect, if it's going to. Again, trigger by process > would be so much simpler, but if it's not possible, I will have to look at > a scripted routine. > > Cheers, > > > > JR > > ** ** > > On 25 April 2013 14:12, Joseph L. Casale > wrote: > > If you can query for the process, can you not query the network? > Lookup the gateway and ping it... > > From: kz2...@googlemail.com > Sent: Thursday, April 25, 2013 6:11 AM > To: NT System Admin Issues > Subject: Startup processes > > > On a Windows system, is there a process that runs on startup that will > only run if there is network connectivity present? I've got a strange > requirement and I need to be able to tell when the network is available, if > possible. > > TIA, > > > JR > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > Confidentiality Notice: > This e-mail, including any attachments is the > property of Catholic Health East and is intended > for the sole use of the intended recipient(s). > It may contain information that is privileged and > confidential. Any unauthorized review, use, > disclosure, or distribution is prohibited. If you are > not the intended recipient, please delete this message, and > reply to the sender regarding the error in a separate email. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
Re: Startup processes
I do love a bit of batch scripting :-) Unfortunately I can only use JScript (!), VBScript or PowerShell in my console, but it could be adapted with a bit of time and effort. If nothing simpler turns up, it'll definitely be something like this I will use. Cheers, JR On 25 April 2013 14:23, Kennedy, Jim wrote: > " The other problem I've got is looping the routine enough to give it time > for the network to connect" > > > :START > PING -n 1 192.168.1.1|find "Reply from " >NUL > IF NOT ERRORLEVEL 1 goto :SUCCESS > IF ERRORLEVEL 1 goto :FAIL > > :FAIL > ping 192.0.2.2 -n 1 -w 1 > nul (or some other non-existent address, > will wait for 10 seconds) > goto :START > > :SUCCESS > Run your process > :END > > > Might want to add a counter in there, so it exits after a certain number > of tries. Set the whole thing as a startup scheduled task. > > > > -Original Message- > From: Kennedy, Jim > Sent: Thursday, April 25, 2013 9:19 AM > To: NT System Admin Issues > Subject: RE: Startup processes > > Along Joseph's linesif you can control the process you are running on > startup from a command line. > > > ECHO Checking connection, please wait... > PING -n 1 192.168.1.1|find "Reply from " >NUL > IF NOT ERRORLEVEL 1 goto :SUCCESS > IF ERRORLEVEL 1 goto :FAIL > > :FAIL > Goto :End (or whatever you want to do) > > :SUCCESS > Run your process > :END > > > > > > > -Original Message- > From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] > Sent: Thursday, April 25, 2013 9:14 AM > To: NT System Admin Issues > Subject: RE: Startup processes > > If you can query for the process, can you not query the network? > Lookup the gateway and ping it... > > From: kz2...@googlemail.com > Sent: Thursday, April 25, 2013 6:11 AM > To: NT System Admin Issues > Subject: Startup processes > > On a Windows system, is there a process that runs on startup that will > only run if there is network connectivity present? I've got a strange > requirement and I need to be able to tell when the network is available, if > possible. > > TIA, > > > JR > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Startup processes
Actually hang on, is that right? It delays all the services until the network is available? That might work - but then if *no *network is available, does it start those services at all? On 25 April 2013 14:22, N Parr wrote: > GPO - Always wait for the network at computer startup. > Would this setting work for you, it won't let any other services start > until the network is available. Most people turn in on anyway because it > solves a lot of other issues. > > > -Original Message- > From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] > Sent: Thursday, April 25, 2013 7:12 AM > To: NT System Admin Issues > Subject: Startup processes > > On a Windows system, is there a process that runs on startup that will > only run if there is network connectivity present? I've got a strange > requirement and I need to be able to tell when the network is available, if > possible. > > TIA, > > > JR > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Startup processes
Sadly that would just not process any GPO actions that are dependent on network connectivity. I'm not using GPOs for this (well, not in the traditional way, I do leverage some), so it's a non-starter, unfortunately. On 25 April 2013 14:22, N Parr wrote: > GPO - Always wait for the network at computer startup. > Would this setting work for you, it won't let any other services start > until the network is available. Most people turn in on anyway because it > solves a lot of other issues. > > > -Original Message- > From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] > Sent: Thursday, April 25, 2013 7:12 AM > To: NT System Admin Issues > Subject: Startup processes > > On a Windows system, is there a process that runs on startup that will > only run if there is network connectivity present? I've got a strange > requirement and I need to be able to tell when the network is available, if > possible. > > TIA, > > > JR > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Startup processes
I'd think that it would be the ability to copy files and folders from a remote location that would be the definition required in this case. Basically I have a lot of clients who insist on using the Computer Startup trigger to do things (like copy files and folders to the endpoint). However, if these actions kick in before network connectivity is established to the level it can do these, then the actions fail. Pinging a default gateway would be doable - but again, if the network hasn't started to that level, I'm going to be recording a fail and skipping the actions just because they're being triggered at too early a time. So the other trigger I have is Process Started, which will only kick off the dependent Actions when a certain process starts. Which is why I was hoping there might be a specific process that can't exist without network connectivity - but it's not looking hopeful. Cheers, JR On 25 April 2013 14:19, Ben Scott wrote: > On Thu, Apr 25, 2013 at 8:11 AM, wrote: > > On a Windows system, is there a process that runs on startup that will > only run if there > > is network connectivity present? I've got a strange requirement and I > need to be able to > > tell when the network is available, if possible. > > Define "network connectivity". Layer two link up? Has an IP > address? Has a default route? Can ping the default gateway? Can > reach an arbitrary host on the Internet? Can do lookups against the > Active Directory Domain Controller? Can ping your AppSense server? > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Startup processes
I probably could.just I have a built-in Process Started trigger so it would have been easier if there was a particular process that couldn't exist without network connectivity. The other problem I've got is looping the routine enough to give it time for the network to connect, if it's going to. Again, trigger by process would be so much simpler, but if it's not possible, I will have to look at a scripted routine. Cheers, JR On 25 April 2013 14:12, Joseph L. Casale wrote: > If you can query for the process, can you not query the network? > Lookup the gateway and ping it... > > From: kz2...@googlemail.com > Sent: Thursday, April 25, 2013 6:11 AM > To: NT System Admin Issues > Subject: Startup processes > > On a Windows system, is there a process that runs on startup that will > only run if there is network connectivity present? I've got a strange > requirement and I need to be able to tell when the network is available, if > possible. > > TIA, > > > JR > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: As we're becoming a PowerShell-focused list :-)
Good stuffactually I was looking for the Citrix session ID, not the
"real" session ID, which is where I was going wrong in my head :-)
I realized I could just strip it from the end of the %sessionname% variable
after the # - loads simpler!
I will steal your snippet for when I actually need the "real" ID in future
:-)
On 24 April 2013 11:17, Webster wrote:
> FYI, from what MBS did for my Word based scripts:
>
> ** **
>
> #find out our session (usually "1" except on TS/RDC or Citrix)
>
> $SessionID = (Get-Process -PID $PID).SessionId
>
>
>
> #Find out if winword is running in our session
>
> [bool]$wordrunning = ((Get-Process 'WinWord' -ea 0)|?{$_.SessionId -eq
> $SessionID}) -ne $null
>
> if ($wordrunning)
>
> {
>
> Write-Host "Please close all instances of Microsoft Word
> before running this report."
>
> exit****
>
> }
>
> ** **
>
> ** **
>
> Thanks
>
> ** **
>
> ** **
>
> Webster
>
> ** **
>
> *From:* James Rankin [mailto:kz2...@googlemail.com]
> *Sent:* Wednesday, April 24, 2013 4:29 AM
> *To:* NT System Admin Issues
> *Subject:* As we're becoming a PowerShell-focused list :-)
>
> ** **
>
> Any idea how I would go about extracting the SessionId from PowerShell? By
> SessionId I mean the one that you see in *tasklist* and *query session*?
> I've tried messing about with *Get-XaSession* which is a Citrix PS cmdlet
> but the output is so long from this, I can't help but think I must be
> missing an easier way to output what I'm looking for which is probably
> sitting right under my nose.
>
>
>
> TIA,
>
>
>
>
>
> --
> *James Rankin*
> Technical Consultant (ACA, CCA, MCTS)
> http://appsensebigot.blogspot.co.uk
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: As we're becoming a PowerShell-focused list :-)
Ignore that request. I'm barking up the wrong tree here. Cheers, JR On 24 April 2013 10:29, James Rankin wrote: > Any idea how I would go about extracting the SessionId from PowerShell? By > SessionId I mean the one that you see in *tasklist* and *query session*? > I've tried messing about with *Get-XaSession* which is a Citrix PS cmdlet > but the output is so long from this, I can't help but think I must be > missing an easier way to output what I'm looking for which is probably > sitting right under my nose. > > TIA, > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
I think the BIOS piece, if Activated, puts the agent back onto it. How this works cross-platform is beyond me though On 23 April 2013 19:49, Ben Scott wrote: > On Tue, Apr 23, 2013 at 12:07 PM, Art DeKneef wrote: > > You need the BIOS set to Activated and the software application agent > > installed on the computer for it to fully work. The software agent is > what > > communicates with the recovery center. The BIOS piece maintains its > presence > > even through reinstalls or different hard drives. > > So what if I wipe the hard drive and install a different OS? > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
Thanks Art, that clears up my question quite nicely. I will pass the info on! Cheers, JR On 23 April 2013 17:07, Art DeKneef wrote: > If I understand your questions correctly. > > ** ** > > You need the BIOS set to Activated and the software application agent > installed on the computer for it to fully work. The software agent is what > communicates with the recovery center. The BIOS piece maintains its > presence even through reinstalls or different hard drives. So if it is > stolen you call them up and then they can track it down or you can send a > delete or lock command. > > ** ** > > Depending on the computer vendor you should be able to have them activate > the BIOS setting for you. Though it will not work until the software agent > is installed, you create an account and the laptop calls in for the first > time. If the vendor can not do this either choose another vendor or plan on > touching each system. Like Dave said depending on the vendor model you > might be able to create a BIOS file and install that file on each laptop. > Still have to touch each laptop. Though you might be able to script > something with one of the management systems. > > ** ** > > An example, Intel has a tool where we can basically create a custom BIOS > file then install it on the other systems using Win PE or an EFI boot from > a USB drive. Especially when the systems you get are usually a few BIOS > revisions behind. > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Tuesday, April 23, 2013 7:38 AM > > *To:* NT System Admin Issues > *Subject:* Re: LoJack > > ** ** > > But it does need to be set to Activated to work, then? The default setting > of Deactivated is useless without switching it over? > > > > If that's right, can you ask for them to be delivered Activated, or would > you definitely have to at least set them up to run a certain program as you > said? > > > > Cheers, > > > > > > JR > > On 23 April 2013 15:27, David Lum wrote: > > Depending on the vendor, you might be able to flip the BIOS setting by > running an EXE. I know Dell machines can have their BIOS settings changed > without having to physically touch each system. Takes some work but > depending on the # of systems it might be worth looking at. > > > > Dave > > > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Tuesday, April 23, 2013 1:36 AM > *To:* NT System Admin Issues > *Subject:* Re: LoJack > > > > I've looked at the various options and I've even seen a computer with the > BIOS stuff installed, but I can't get an answer to the primary query I've > got > > > > If the BIOS agent is set to Deactivated (rather than Disabled), do you > need to switch it to Activated before the anti-theft features kick in, or > can you switch it from Deactivated to Activated remotely (even if the thief > has flattened the OS or switched hard drives, etc.)? I considered > contacting LoJack directly but I'm wondering if they'll think I'm a crook > trying to get around the anti-theft features :-) I'm just asking this > because if my client buys 100+ machines with the BIOS piece installed but > not Activated, are they looking at touching all the machines to get it > working properly or can it be switched from Deactivated to Activated > remotely in a theft situation? > > > > Cheers, > > > > > > > > JR > > On 23 April 2013 01:11, Jon Harris wrote: > > You might want to take a look at the Dell web site. I believe they sell > it as an option with their business line of laptops. I think the BIOS part > does all the work but I also think that the software does some > configuration changes. > > Jon > > > > Subject: LoJack > > To: ntsysadmin@lyris.sunbelt-software.com > > From: kz2...@googlemail.com > > Date: Sat, 20 Apr 2013 13:01:33 + > > > > > > Does anyone know if LoJack CompuTrace can be activated without the > software installed? I am looking into this sort of software for a client > but am not sure whether it needs to actually have the software installed or > if the embedded BIOS feature does everything required? Their website isn't > particularly clear about it and most Googling just turns up people > complaining about civil liberties. > > > > TIA, > > > > > > JR > > > > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > >
Re: LoJack
You have a point there - he would need to check somehow anyway so he might as well do them himself :-) On 23 April 2013 15:44, Jonathan Link wrote: > IIRC, you can ask Dell and pay a nominal fee for Dell to futz with BIOS > settings, but due diligence to ensure that it is Activated almost negates > the effort, since it takes as much time to check that it is activated > (unless you can see that via pre-installed software) during a workstation > setup and config. > > > On Tue, Apr 23, 2013 at 10:38 AM, James Rankin wrote: > >> But it does need to be set to Activated to work, then? The default >> setting of Deactivated is useless without switching it over? >> >> If that's right, can you ask for them to be delivered Activated, or would >> you definitely have to at least set them up to run a certain program as you >> said? >> >> Cheers, >> >> >> JR >> >> On 23 April 2013 15:27, David Lum wrote: >> >>> Depending on the vendor, you might be able to flip the BIOS setting by >>> running an EXE. I know Dell machines can have their BIOS settings changed >>> without having to physically touch each system. Takes some work but >>> depending on the # of systems it might be worth looking at. >>> >>> ** ** >>> >>> Dave >>> >>> ** ** >>> >>> *From:* James Rankin [mailto:kz2...@googlemail.com] >>> *Sent:* Tuesday, April 23, 2013 1:36 AM >>> *To:* NT System Admin Issues >>> *Subject:* Re: LoJack >>> >>> ** ** >>> >>> I've looked at the various options and I've even seen a computer with >>> the BIOS stuff installed, but I can't get an answer to the primary query >>> I've got >>> >>> >>> >>> If the BIOS agent is set to Deactivated (rather than Disabled), do you >>> need to switch it to Activated before the anti-theft features kick in, or >>> can you switch it from Deactivated to Activated remotely (even if the thief >>> has flattened the OS or switched hard drives, etc.)? I considered >>> contacting LoJack directly but I'm wondering if they'll think I'm a crook >>> trying to get around the anti-theft features :-) I'm just asking this >>> because if my client buys 100+ machines with the BIOS piece installed but >>> not Activated, are they looking at touching all the machines to get it >>> working properly or can it be switched from Deactivated to Activated >>> remotely in a theft situation? >>> >>> >>> >>> Cheers, >>> >>> >>> >>> >>> >>> >>> >>> JR >>> >>> On 23 April 2013 01:11, Jon Harris wrote: >>> >>> You might want to take a look at the Dell web site. I believe they sell >>> it as an option with their business line of laptops. I think the BIOS part >>> does all the work but I also think that the software does some >>> configuration changes. >>> >>> Jon >>> >>> >>> > Subject: LoJack >>> > To: ntsysadmin@lyris.sunbelt-software.com >>> > From: kz2...@googlemail.com >>> > Date: Sat, 20 Apr 2013 13:01:33 + >>> >>> >>> > >>> > Does anyone know if LoJack CompuTrace can be activated without the >>> software installed? I am looking into this sort of software for a client >>> but am not sure whether it needs to actually have the software installed or >>> if the embedded BIOS feature does everything required? Their website isn't >>> particularly clear about it and most Googling just turns up people >>> complaining about civil liberties. >>> > >>> > TIA, >>> > >>> > >>> > JR >>> > >>> > >>> > Sent from my Blackberry, which may be an antique but delivers email >>> RELIABLY >>> > >>> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> > >>> > --- >>> > To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> > or send an email to listmana...@lyris.sunbeltsoftware.com >>> > with the body: unsubscribe ntsysadmin >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog!
Re: LoJack
But it does need to be set to Activated to work, then? The default setting of Deactivated is useless without switching it over? If that's right, can you ask for them to be delivered Activated, or would you definitely have to at least set them up to run a certain program as you said? Cheers, JR On 23 April 2013 15:27, David Lum wrote: > Depending on the vendor, you might be able to flip the BIOS setting by > running an EXE. I know Dell machines can have their BIOS settings changed > without having to physically touch each system. Takes some work but > depending on the # of systems it might be worth looking at. > > ** ** > > Dave**** > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Tuesday, April 23, 2013 1:36 AM > *To:* NT System Admin Issues > *Subject:* Re: LoJack > > ** ** > > I've looked at the various options and I've even seen a computer with the > BIOS stuff installed, but I can't get an answer to the primary query I've > got > > > > If the BIOS agent is set to Deactivated (rather than Disabled), do you > need to switch it to Activated before the anti-theft features kick in, or > can you switch it from Deactivated to Activated remotely (even if the thief > has flattened the OS or switched hard drives, etc.)? I considered > contacting LoJack directly but I'm wondering if they'll think I'm a crook > trying to get around the anti-theft features :-) I'm just asking this > because if my client buys 100+ machines with the BIOS piece installed but > not Activated, are they looking at touching all the machines to get it > working properly or can it be switched from Deactivated to Activated > remotely in a theft situation? > > > > Cheers, > > > > > > > > JR > > On 23 April 2013 01:11, Jon Harris wrote: > > You might want to take a look at the Dell web site. I believe they sell > it as an option with their business line of laptops. I think the BIOS part > does all the work but I also think that the software does some > configuration changes. > > Jon > > > > Subject: LoJack > > To: ntsysadmin@lyris.sunbelt-software.com > > From: kz2...@googlemail.com > > Date: Sat, 20 Apr 2013 13:01:33 + > > > > > > Does anyone know if LoJack CompuTrace can be activated without the > software installed? I am looking into this sort of software for a client > but am not sure whether it needs to actually have the software installed or > if the embedded BIOS feature does everything required? Their website isn't > particularly clear about it and most Googling just turns up people > complaining about civil liberties. > > > > TIA, > > > > > > JR > > > > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to listmana...@lyris.sunbeltsoftware.com > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: LoJack
I've looked at the various options and I've even seen a computer with the BIOS stuff installed, but I can't get an answer to the primary query I've got If the BIOS agent is set to Deactivated (rather than Disabled), do you need to switch it to Activated before the anti-theft features kick in, or can you switch it from Deactivated to Activated remotely (even if the thief has flattened the OS or switched hard drives, etc.)? I considered contacting LoJack directly but I'm wondering if they'll think I'm a crook trying to get around the anti-theft features :-) I'm just asking this because if my client buys 100+ machines with the BIOS piece installed but not Activated, are they looking at touching all the machines to get it working properly or can it be switched from Deactivated to Activated remotely in a theft situation? Cheers, JR On 23 April 2013 01:11, Jon Harris wrote: > You might want to take a look at the Dell web site. I believe they sell > it as an option with their business line of laptops. I think the BIOS part > does all the work but I also think that the software does some > configuration changes. > > Jon > > > Subject: LoJack > > To: ntsysadmin@lyris.sunbelt-software.com > > From: kz2...@googlemail.com > > Date: Sat, 20 Apr 2013 13:01:33 + > > > > > Does anyone know if LoJack CompuTrace can be activated without the > software installed? I am looking into this sort of software for a client > but am not sure whether it needs to actually have the software installed or > if the embedded BIOS feature does everything required? Their website isn't > particularly clear about it and most Googling just turns up people > complaining about civil liberties. > > > > TIA, > > > > > > JR > > > > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to listmana...@lyris.sunbeltsoftware.com > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Synchronize booksmarks?
Bummer.
That explains my mysterious bookmarks loss in Google Drive portable apps
though. places.sqlite is one of the files the Google Drive sync keeps
conflicting on.
Lots of handy info coming out of the list this week (for me, at least)
And Webster knows a new phrase too!
On 18 April 2013 14:52, Ben Scott wrote:
> On Thu, Apr 18, 2013 at 9:22 AM, James Rankin
> wrote:
> > If the Bookmarks folder in Firefox works the same way as Favourites in
> IE, I
> > don't see why you couldn't redirect them both and then do some scripting
> to
> > synchronize the folders at logoff.
>
> Firefox stores bookmarks in a database file ("places.sqlite") that's
> not compatible with MSIE.
>
> (Before the current architecture, it used a single HTML file,
> "bookmarks.html", also not compatible with MSIE.)
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: Synchronize booksmarks?
Man! I thought XMarks died. I've been using FF Sync for ages and personally I find it a bit pants. XMarks was (is!) great On 18 April 2013 14:24, Mike Wiebke wrote: > Xmarks http://www.xmarks.com > > > -- > *From:* Tom Miller > *To:* NT System Admin Issues > *Sent:* Thursday, April 18, 2013 8:09 AM > *Subject:* Synchronize booksmarks? > > Our users use Firefox and Internet Explorer. Are there any utilities > that I could use so that the booksmarks between browsers are synchronized? > > Tom > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Synchronize booksmarks?
If the Bookmarks folder in Firefox works the same way as Favourites in IE, I don't see why you couldn't redirect them both and then do some scripting to synchronize the folders at logoff. It'll get messy if users have multiple open sessions though. I dare say Citrix User Profile Manager or AppSense EM would make life easier in the multi-session environment, but it all depends on whether you have access to tools like these. Cheers, JR On 18 April 2013 14:09, Tom Miller wrote: > Our users use Firefox and Internet Explorer. Are there any utilities > that I could use so that the booksmarks between browsers are synchronized? > > Tom > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Some interesting thoughts about network security
Buy Your Own, rather than Bring Your Own On 18 April 2013 10:51, Webster wrote: > “A company going and buying 40,000 iPads isn’t BYOD” > > ** ** > > A lot of companies (mis)use the term BYOD anytime mobile or portable > devices are used even if the company buys the devices. The project I am on > now, the CIO uses BYOD for the project even though the company will > purchase the phones, iPads and Surface Pros. The company that bought the > 40,000 iPads considered it their “BYOD Initiative”. > > ** ** > > Thanks > > ** ** > > ** ** > > Webster > > ** ** > > *From:* Ken Schaefer [mailto:k...@adopenstatic.com] > *Sent:* Tuesday, April 16, 2013 7:24 PM > > *To:* NT System Admin Issues > *Subject:* RE: Some interesting thoughts about network security > > ** ** > > Some thoughts on this: > > ** ** > > - A company going and buying 40,000 iPads isn’t BYOD. Corps have > been buying phones (e.g. Blackberries), laptops and tablets for staff for a > long time. If the corp is providing it, it’s not BYOD > > - The concept of remote VDI isn’t new. That said I don’t think > it’ll fly in many financial institutions outside retail banking in the > short term. IME the type of work that needs to be done in wealth > management, investment and institutional banking is very different to > tellers working out in branches in retail banking. Retail banking’s been > dominated by thin clients for a long time (fixing thick client PCs out in > suburbia or out in the country is support PITA). Not to say there isn’t > some scope to pull some apps back to a centralised location for > wealth/institutional/investment, but there are other things (like Bloomberg > terminals, Reuters feeds etc.) where the underlying network required and > the physical kit, is going to result in stuff sitting on people’s desks.** > ** > > - BYOD + remote VDI is becoming more popular, but I just don’t > think (in the short term) that it’s going to dominate banks. There’s simply > too many issues still around (e.g. what to do when the employee’s machine > breaks down) that there aren’t clear-cut best-practise answers to. Whilst I > see people trialling things, I don’t think the evidence is in yet on > whether it’s a good idea or not. I think it’ll be another 3-5 years before > we have enough data on whether it’s sustainable and economic. > > - Compliance/Risk depts. Have issues around a central > infrastructure providing the entire service: the cost providing a full > redundant, HA, platform for a small trading office with 10-20 staff kinda > crimps this initiative. And a non-redundant, non-HA setup will not fly > because the bank is unable to consolidate and report its overall risk > position to regulators. > > - The other stuff (like his networking proposals), I think is > just silly. He obviously knows his Citrix stuff well. But maybe that’s > where he should stick to – get networking and security guys to help paint > the rest of the picture. > > ** ** > > Cheers > > Ken > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Endpoint backups
Roaming profiles are truly evil... especially when combined with rubbish software On 17 April 2013 17:37, Kennedy, Jim wrote: > Excellent point. We don’t do roaming profiles here. I view them as evil > as Outlook cached mode, perhaps more so. J > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Wednesday, April 17, 2013 12:34 PM > > *To:* NT System Admin Issues > *Subject:* Re: Endpoint backups > > ** ** > > "save their music and funny videos to the desktop"till they drop a > 2.8GB movie into their roaming profile :-) > > On 17 April 2013 17:00, Kennedy, Jim wrote: > > > So the goal is to protect the orgs docs…not backup desktops. Backup > desktops is a method for getting to your goal. > > > > Most of us would argue that redirect my docs to a server and back that up > is a better way to get to that goal. Tell them anything on their desktop is > subject to instantaneous loss, or redirect their desktop to the server also. > > > > > I prefer to redirect my docs and put some controls on space and file type > on that share and let them save their music and funny videos to the > desktop. The users get that and like the compromise. > > > > > > *From:* David Lum [mailto:david@nwea.org] > *Sent:* Wednesday, April 17, 2013 11:56 AM > > > *To:* NT System Admin Issues > *Subject:* RE: Endpoint backups > > > > Files they keep on the desktop and “My Documents”. > > > > *From:* Webster [mailto:webs...@carlwebster.com ] > > *Sent:* Wednesday, April 17, 2013 7:49 AM > *To:* NT System Admin Issues > *Subject:* RE: Endpoint backups > > > > What is there to backup that is not in a centralized location backed up by > a centralized backup system? > > > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > > > > > *From:* David Lum [mailto:david@nwea.org ] > *Sent:* Wednesday, April 17, 2013 9:57 AM > *To:* NT System Admin Issues > *Subject:* Endpoint backups > > > > Do any of you guys back up all your endpoints/PC’s? We’re trying to do > that via Tivoli but troubleshooting clients is a major PITA. It seems to be > ok 90% of the time, but the broken ones seem to take forever to find and > repair, and it’s not easy to automate resetting the password at the client > PC without interaction on the client/endpoint side. > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin**** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Dropsmack Malware C&C via Dropbox
He's in stable condition :-) On 17 April 2013 17:09, Ziots, Edward wrote: > I think Bud looks pretty good for getting punched in the snout…. > > ** ** > > Z > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network + > > Security Engineer > > Lifespan Organization > > ezi...@lifespan.org > > Work:401-444-9081 > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you.**** > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Wednesday, April 17, 2013 11:26 AM > > *To:* NT System Admin Issues > *Subject:* Re: Dropsmack Malware C&C via Dropbox > > ** ** > > Actually I didn't go to the pub last night for a change, being as I am > stuck in London town :-) > > > > We're not all horse-punching drunken alcoholic unemployed layabouts from > up my way, you know (see > http://www.dailymail.co.uk/news/article-2310139/I-acting-self-defence-says-drunken-fan-disabled-benefits-threw-punch-police-horse.html > for > details) :-) > > > > And incidentally, we're the original "football" ;-) using as we do our > feet for more than a few seconds per game > > On 17 April 2013 15:47, Webster wrote: > > James, > > > > It is very hard for a Brit to recall anything after spending all night at > the pub watching what you call “football”. J > > > > > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > > > > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Wednesday, April 17, 2013 9:58 AM > *To:* NT System Admin Issues > *Subject:* Re: Dropsmack Malware C&C via Dropbox > > > > I was wondering what you were replying to till I realized it was something > I sent...but I don't remember sending it. Then I saw the sending time of > 4.47am. I must have woken up, looked at the time on my phone and replied to > an email as well. Strange I don't recall it! > > On 17 April 2013 14:32, Ziots, Edward wrote: > > Agreed, same solution I am using, does the same function and if there is > any blocks, its dealt with quickly before going live. > > > > **** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
Re: Endpoint backups
"save their music and funny videos to the desktop"till they drop a 2.8GB movie into their roaming profile :-) On 17 April 2013 17:00, Kennedy, Jim wrote: > So the goal is to protect the orgs docs…not backup desktops. Backup > desktops is a method for getting to your goal. > > ** ** > > Most of us would argue that redirect my docs to a server and back that up > is a better way to get to that goal. Tell them anything on their desktop is > subject to instantaneous loss, or redirect their desktop to the server also. > > > ** ** > > I prefer to redirect my docs and put some controls on space and file type > on that share and let them save their music and funny videos to the > desktop. The users get that and like the compromise. > > ** ** > > ** ** > > *From:* David Lum [mailto:david@nwea.org] > *Sent:* Wednesday, April 17, 2013 11:56 AM > > *To:* NT System Admin Issues > *Subject:* RE: Endpoint backups > > ** ** > > Files they keep on the desktop and “My Documents”. > > ** ** > > *From:* Webster [mailto:webs...@carlwebster.com ] > > *Sent:* Wednesday, April 17, 2013 7:49 AM > *To:* NT System Admin Issues > *Subject:* RE: Endpoint backups > > ** ** > > What is there to backup that is not in a centralized location backed up by > a centralized backup system? > > ** ** > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > ** ** > > ** ** > > *From:* David Lum [mailto:david@nwea.org ] > *Sent:* Wednesday, April 17, 2013 9:57 AM > *To:* NT System Admin Issues > *Subject:* Endpoint backups > > ** ** > > Do any of you guys back up all your endpoints/PC’s? We’re trying to do > that via Tivoli but troubleshooting clients is a major PITA. It seems to be > ok 90% of the time, but the broken ones seem to take forever to find and > repair, and it’s not easy to automate resetting the password at the client > PC without interaction on the client/endpoint side. > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Dropsmack Malware C&C via Dropbox
Actually I didn't go to the pub last night for a change, being as I am stuck in London town :-) We're not all horse-punching drunken alcoholic unemployed layabouts from up my way, you know (see http://www.dailymail.co.uk/news/article-2310139/I-acting-self-defence-says-drunken-fan-disabled-benefits-threw-punch-police-horse.html for details) :-) And incidentally, we're the original "football" ;-) using as we do our feet for more than a few seconds per game On 17 April 2013 15:47, Webster wrote: > James, > > ** ** > > It is very hard for a Brit to recall anything after spending all night at > the pub watching what you call “football”. J > > ** ** > > ** ** > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > ** ** > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Wednesday, April 17, 2013 9:58 AM > *To:* NT System Admin Issues > *Subject:* Re: Dropsmack Malware C&C via Dropbox > > ** ** > > I was wondering what you were replying to till I realized it was something > I sent...but I don't remember sending it. Then I saw the sending time of > 4.47am. I must have woken up, looked at the time on my phone and replied to > an email as well. Strange I don't recall it! > > On 17 April 2013 14:32, Ziots, Edward wrote: > > Agreed, same solution I am using, does the same function and if there is > any blocks, its dealt with quickly before going live. > > > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Endpoint backups
Never bothered really...Folder Redirection for user folders onto the network seems to remove the need. However laptop endpoints where the user has to save data locally used to be a pestOffline Files was always a pain to get working so I can see why some people actually backed these up. But seeing as we now have loads of apps (many which have been discussed recently on this list) that can do cloud- or enterprise-based syncing from a local folder, I don't see much need at all for backing up endpoints. Maybe in extreme situations where there was some kind of locally-based data engine (I've seen these sorts of things used by people who need to run apps to generate quotes for people whilst visiting their homes and such), but I'd be trying to get around that sort of thing by provide some kind of synchronized application access. Cheers, JR On 17 April 2013 14:56, David Lum wrote: > Do any of you guys back up all your endpoints/PC’s? We’re trying to do > that via Tivoli but troubleshooting clients is a major PITA. It seems to be > ok 90% of the time, but the broken ones seem to take forever to find and > repair, and it’s not easy to automate resetting the password at the client > PC without interaction on the client/endpoint side. > > *David Lum* > Sr. Systems Engineer // NWEATM > Office 503.548.5229 //* *Cell (voice/text) 503.267.9764 > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT - Google Apps down?
Seems like everyone I spoke to was in the 0.0007. Must be reserved for the special people :-) On 17 April 2013 14:45, Jonathan Link wrote: > Sometimes percentages are bad. If I'm in that .0007 fraction of people, I > wouldn't really care how small the fraction of the user base is affected. > > > On Wed, Apr 17, 2013 at 9:30 AM, James Rankin wrote: > >> No, lots of people reporting being affected on Twitter-sphere >> >> less than 0.0007 of the user base allegedly affected, according to Google >> >> But Blogger is also very bad today >> >> Cheers, >> >> >> JR >> >> On 17 April 2013 14:13, Michael Leone wrote: >> >>> I'm having trouble signing into my Google Apps domain. I get a server >>> error when going to my mail server alias (mail.mike-leone.com); I >>> can't get to admin.google.com, to sign into my control panel (a 502 >>> error); trying to "sign into another account" from here (my "regular" >>> gmail account) also errors out with a 502. >>> >>> Yet the mail is coming into my Android fine just fine; I can't access >>> it it via any browser (Chrome, IE, Firefox) on my PC. >>> >>> Is it Just Me? >>> >>> EDIT: Ah, this Apps Status page is showing disruption in Mail ( >>> <http://www.google.com/appsstatus#hl=en&v=status&ts=1366203964961>). >>> So the actual mail servers must be up (if my Android phone is getting >>> mail), but the front end servers providing the web interface have >>> decided to take the morning off ... >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >>> >> >> >> >> -- >> *James Rankin* >> Technical Consultant (ACA, CCA, MCTS) >> http://appsensebigot.blogspot.co.uk >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Dropsmack Malware C&C via Dropbox
I was wondering what you were replying to till I realized it was something I sent...but I don't remember sending it. Then I saw the sending time of 4.47am. I must have woken up, looked at the time on my phone and replied to an email as well. Strange I don't recall it! On 17 April 2013 14:32, Ziots, Edward wrote: > Agreed, same solution I am using, does the same function and if there is > any blocks, its dealt with quickly before going live. > > ** ** > > Z > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network + > > Security Engineer > > Lifespan Organization > > ezi...@lifespan.org > > Work:401-444-9081 > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you. > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* kz2...@googlemail.com [mailto:kz2...@googlemail.com] > *Sent:* Tuesday, April 16, 2013 11:47 PM > > *To:* NT System Admin Issues > *Subject:* Re: Dropsmack Malware C&C via Dropbox > > ** ** > > The software I use has an "endpoint analysis" mode, kinda like a passive > mode, that creates whitelists for you. Using this, you should be able to > ensure everything works before going live. Add to this the alerting is very > good so false positives get quickly dealt with. > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > -- > > *From: *Ken Schaefer > > *Date: *Wed, 17 Apr 2013 00:27:19 + > > *To: *NT System Admin Issues > > *ReplyTo: *"NT System Admin Issues" > > > *Subject: *RE: Dropsmack Malware C&C via Dropbox > > ** ** > > What happens when the business relies a lot on Access DBs, Excel > spreadsheets etc.? > > Do I have to whitelist every macro? Am I still at risk of data > loss/corruption/exfiltration? > > ** ** > > Cheers > > Ken > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com ] > > *Sent:* Wednesday, 17 April 2013 12:54 AM > *To:* NT System Admin Issues > *Subject:* Re: Dropsmack Malware C&C via Dropbox > > ** ** > > Whitelisting can be a lot of work, if you haven't got a flexible > technology. There are various vendors in the space and some of them take a > lot of the donkey-work out of it for you, whilst still maintaining (as far > as I've seen) decent security. But I totally agree that it's still at the > whim of the person with their fingers on the controls - if the admin allows > a bad executable, then you're in trouble. > > > > That can only be mitigated by belt-and-braces approaches, really, relying > on old-style reactive AV or IDS/IPS or whatever to catch the bad executable > that's somehow bypassed your processes and controls. > > > > There is another load of tech springing up around MDM, MIM, MAM or > whatever TLA you choose to describe it. It's another big set of challenges > though. At the moment I am concentrating on extending the agents I have to > MacOS devices rather than worrying about tablets and mobiles yet. I can > avoid some of the pain at the moment by deploying Windows apps and desktops > via Citrix to the mobile devices rather than letting users manipulate > corporate data directly, but it's something I will no doubt get asked to > get involved in sometime in the future :-) > > > > But it's all so fun keeping up with user trends, isn't it? Maybe if we try > really hard to get on top of the possibilities right now we can approach > BYOD from a security perspective rather than just getting bullied into > making it happen too quickly and having to catch all the security issues > while firefighting :-) > > > > Cheers, > > > > > > > > JR > > On 16 April 2013 15:36, Ziots, Edward wrote: > > James, > > > > I agree on the application whitelisting front. But its a lot of work and > its still based on trust. ( If you trust som
Re: OT - Google Apps down?
No, lots of people reporting being affected on Twitter-sphere less than 0.0007 of the user base allegedly affected, according to Google But Blogger is also very bad today Cheers, JR On 17 April 2013 14:13, Michael Leone wrote: > I'm having trouble signing into my Google Apps domain. I get a server > error when going to my mail server alias (mail.mike-leone.com); I > can't get to admin.google.com, to sign into my control panel (a 502 > error); trying to "sign into another account" from here (my "regular" > gmail account) also errors out with a 502. > > Yet the mail is coming into my Android fine just fine; I can't access > it it via any browser (Chrome, IE, Firefox) on my PC. > > Is it Just Me? > > EDIT: Ah, this Apps Status page is showing disruption in Mail ( > <http://www.google.com/appsstatus#hl=en&v=status&ts=1366203964961>). > So the actual mail servers must be up (if my Android phone is getting > mail), but the front end servers providing the web interface have > decided to take the morning off ... > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: SCCM 2012 quick question
Thanks very much. This lack of Internet connectivity to all helpful sites (mainly blogs) is really stifling me, but it will apparently be removed from my user account tomorrow. Cheers, JR On 17 April 2013 13:41, Joseph L. Casale wrote: > scclient.exe > -- > *From:* James Rankin > *Sent:* Wednesday, April 17, 2013 6:30 AM > *To:* NT System Admin Issues > *Subject:* SCCM 2012 quick question > > Anyone know what the executable name for Software Center in SCCM 2012 > is? I've seen it suggested as scclient.exe and ccmsetup.exe, as I don't > have a copy of this version could anyone quickly confirm the right name for > me? > > Thanks in advance, > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PowerShell noob help
Well that lil' bit of PS worked so well I did a blog post about it (naturally with appropriate credits) http://appsensebigot.blogspot.co.uk/2013/04/flagging-os-of-device-connecting-to.html This is about the time I will find out it doesn't work on anyone else's infrastructure and have to spend weeks rewriting it :-( Cheers, JR On 16 April 2013 22:22, Ben Scott wrote: > On Tue, Apr 16, 2013 at 3:25 PM, Candee wrote: > > Everything works, except the "employeenumber" ... > ... > > Any ideas to get the employeenumber to export? > > I was waiting for someone with a clue to reply, but perhaps they're > all busy today. :-) So... > > Not knowing what I'm doing, I'd start by examining what > "employeenumber" is. So, right before you do this: > > $createdusers|select displayname,name,email,employeenumber > |export-csv "C:\temp\scripts\tryagain.csv" > > add some code like: > > $foo = $createdusers[0] | select employeenumber > echo "foo=<$foo>" > $foo | get-members > exit > > If $foo prints all the right info, then the problem is how > export-csv is interpreting $foo. But if $foo prints nothing or some > other weirdness, then the problem is with how you're trying to get > $foo out of $createdusers. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PowerShell noob help
Ben, you're a wizard, that worked first time out :-)
I know MBS is going to be unimpressed by you simply slinging me a landed
fish, but it's nearly 6pm here so I am quite happy to accept!
Now to go back to my hotel and try and do a bit more PowerShell learning
(after the football)
Thanks all!
On 16 April 2013 17:24, Ben Scott wrote:
> On Tue, Apr 16, 2013 at 12:07 PM, James Rankin
> wrote:
> > I've managed to use Select-String to get my output and my variable, it's
> > splitting the variable up (from something like ClientOS=ThinOS_Wyse down
> to
> > just ThinOS_Wyse) that's frying my brain now.
>
> Ah, I ass-umed the separator was whitespace. My bad. Try this:
>
> $match = & CTXCliOS.exe | Select-String -Pattern 'ClientOS=(.+)'
> if($match) {
> $clientOS = $match.Matches[0].Groups[1].Value
> Set-ItemProperty -Path 'HKCU:\Software\Custom' -Name ClientOS
> -Value $clientOS
> }
>
> Same caveats as before apply. :)
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: PowerShell noob help
I'll give that a try too...luckily the software I am using means it is no
problem to ensure the Registry key exists before running my script :-)
On 16 April 2013 17:18, Ben Scott wrote:
> On Tue, Apr 16, 2013 at 12:00 PM, Ben Scott wrote:
> > I'm having trouble figuring out how to get the regexp capture out of
> > the $match object returned by Select-String though.
>
> Ah, okay, this seems to work:
>
> $match = & CTXCliOS.exe | Select-String -Pattern 'ClientOS\s+(.+)'
> if($match) {
> $clientOS = $match.Matches[0].Groups[1].Value
> Set-ItemProperty -Path 'HKCU:\Software\Custom' -Name ClientOS
> -Value $clientOS
> }
>
> You'll want to test that. :) In particular, I expect it will fail
> miserably if the "Custom" subkey doesn't exist yet.
>
> For reasons I don't understand, $match.Matches[0].Groups[0] appears
> to be a reference to itself.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: PowerShell noob help
Thanks for the pointers
Is it just me getting old or do newer scripting languages always look so
much more complicated at first glance? :-)
Cheers,
JR
On 16 April 2013 17:14, Michael B. Smith wrote:
> This should help. “msg” is just a function that logs all of its
> arguments to a text file.
>
> ** **
>
> function tmpFileName
>
> {
>
> msg $L_Function
>
> msg "tmpFileName: enter"
>
> ** **
>
> [string] $strFile = ( Join-Path $Env:Temp ( Get-Random ) )
> + ".txt"
>
> if( ( Test-Path -Path $strFile -PathType Leaf ) )
>
> {
>
> msg "Old temporary file was found:
> $strFile - I will delete it"
>
> rm $strFile -EA 0
>
> if( $? )
>
> {
>
> msg "...file was deleted"*
> ***
>
> }
>
> else
>
> {
>
> msg "...couldn't delete
> file, error: $($error[0].ToString())"
>
> }
>
> }
>
> ** **
>
> msg "tmpFileName: exit, filename = $strFile"
>
> return $strFile
>
> }
>
> ** **
>
> function Get-ExitCodeAndOutput
>
> {
>
> ###
>
> ### see comments for Get-ExitCode
>
> ###
>
> ### We are also going to retrieve the standard output from
> the legacy application.
>
> ###
>
> ### This is a PowerShell v2.0 version of Get-ExitCode
> which also includes
>
> ### the redirection of output and error streams to
> temporary files.
>
> ###
>
> ** **
>
> msg $L_Function
>
> msg "Get-ExitCodeAndOutput: enter"
>
> ** **
>
> $stderrFile = tmpFileName
>
> $stdoutFile = tmpFileName
>
> $exit = -1
>
> ** **
>
> $filename, $arguments = $args
>
> msg "Get-ExitCodeAndOutput: filename = $filename,
> arguments = $arguments"
>
> ** **
>
> $process = Start-Process -FilePath $filename -Argument
> $arguments -NoNewWindow `
>
> -RedirectStandardError $stderrFile
> -RedirectStandardOutput $stdoutFile -PassThru
>
> ** **
>
> if( $process )
>
> {
>
> msg "Get-ExitCodeAndOutput: please wait..."
>
>
> ** **
>
> $process.WaitForExit()
>
> $exit = $process.ExitCode
>
> if( $exit -eq $null )
>
> {
>
> msg "exit is null"
>
> $exit = 0
>
> }
>
> ** **
>
> $process.Close()
>
> $process.Dispose()
>
> }
>
> else
>
> {
>
> msg "Get-ExitCodeAndOutput: the process
> did not start"
>
> }
>
> ** **
>
> $process = $null
>
> ** **
>
> $script:LegacyStdErr = gc $stderrFile -EA 0
>
> $script:LegacyStdOut = gc $stdoutFile -EA 0
>
> ** **
>
> rm $stderrFile -EA 0
>
> rm $stdoutFile -EA 0
>
> ** **
>
> msg "Get-ExitCodeAndOutput: exit, exit =
> $($exit.ToString())"
>
> return $exit
>
> }
>
> ** **
>
> *From:* James Rankin [mailto:kz2...@googlemail.com]
> *Sent:* Tuesday, April 16, 2013 11:54 AM
>
> *To:* NT System Admin Issues
> *Subject:* Re: PowerShell noob help
>
> ** **
>
> The problem I've got is that I have to call out of the console I am using
> to the command script file. If I
Re: PowerShell noob help
I've managed to use Select-String to get my output and my variable, it's
splitting the variable up (from something like *ClientOS=ThinOS_Wyse* down
to just *ThinOS_Wyse*) that's frying my brain now. I really should take
reference publications kindly provided by people down the years with me
onto sites :-(
All fun!
On 16 April 2013 17:00, Ben Scott wrote:
> On Tue, Apr 16, 2013 at 11:05 AM, James Rankin
> wrote:
> > for /f "tokens=2 delims==" %%a in ('CTXCliOS.exe ^| find "ClientOS"') do
> set
> > ClientOS=%%a& call :SET
> >
> > goto :eof
> >
> > :SET
> >
> > reg add HKCU\Software\Custom /v ClientOS /t REG_SZ /d %ClientOS% /f
> > goto :eof
> >
>
> > What I'm wondering is what format do I use to convert this to PowerShell
> > (which will avoid having to invoke a separate command script file)?
>
> Only work will convert a script to another language. :)
>
> > What's the command to call an outside executable
>
> Nominally, just write out the command on a line, same as a batch
> file or *nix shell script. However, if the external executable needs
> to be quoted (e.g., file name or path contains spaces), you need to
> prefix the command line with an ampersand (&). Otherwise PowerShell
> treats it as a string. Kind of a wart on what's generally a much
> cleaner language. You can always specify & if you want.
>
> I believe you want something like:
>
> $match = & CTXCliOS.exe | Select-String -Pattern 'ClientOS\s+(.+)'
> if($match) {
> $clientOS =
> Set-ItemProperty -Path 'HKCU:\Software\Custom' -Name ClientOS
> -Value $clientOS
> }
>
> I'm having trouble figuring out how to get the regexp capture out of
> the $match object returned by Select-String though. Get-Member leads
> me to believe I should be able to do something with
>
> $match.Matches[0].Groups
>
> but it seems to descend into some kind of recursive nightmare at that
> point that makes me believe I'm missing something more fundamental.
>
> -- Ben
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: PowerShell noob help
The problem I've got is that I have to call out of the console I am using
to the command script file. If I write the same task in PowerShell, well
the console natively supports it so it's easier for people to use it.
I will have a bash around with that command to grab the output, cheers
On 16 April 2013 16:38, Michael B. Smith wrote:
> Start-Process gives you complete control over executing a separate task.*
> ***
>
> ** **
>
> If you don’t need complete control, but just the text output, you don’t
> need to do anything.
>
> ** **
>
> $result = CTXCliOS.exe ^ | find “ClientOS”
>
> ** **
>
> You can make it more PowerShell, if you want, but there isn’t much value
> in doing so. (If you want to start talking about into making it an
> “Enterprise Class” script, then that changes things dramatically. Ask Web
> about the things I’ve shown him the last year.) J
>
> ** **
>
> *From:* James Rankin [mailto:kz2...@googlemail.com]
> *Sent:* Tuesday, April 16, 2013 11:06 AM
> *To:* NT System Admin Issues
> *Subject:* PowerShell noob help
>
> ** **
>
> I've got a batch script I've been using for a while to identify the
> flavour of client connecting to a XenApp or XenDesktop session. It uses an
> executable called CTXCliOS.exe
>
>
>
> Basically this is the batch
>
>
>
> *for /f "tokens=2 delims==" %%a in ('CTXCliOS.exe ^| find "ClientOS"') do
> set ClientOS=%%a& call :SET*
>
>
>
> *goto :eof*
>
>
>
> *:SET*
>
>
>
> *reg add HKCU\Software\Custom /v ClientOS /t REG_SZ /d %ClientOS% /f*
>
> *goto :eof*
>
>
>
> I'm sure you get the picture.
>
>
>
> What I'm wondering is what format do I use to convert this to PowerShell
> (which will avoid having to invoke a separate command script file)? What's
> the command to call an outside executable (I can't seem to dig it up, but I
> am on a network where just about every helpful site is blocked by the web
> filter, so don't be too hard on me, please!)
>
>
>
> Thanks in advance,
>
>
>
>
>
> --
> *James Rankin*
> Technical Consultant (ACA, CCA, MCTS)
> http://appsensebigot.blogspot.co.uk
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin****
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: Dropsmack Malware C&C via Dropbox
Whitelisting can be a lot of work, if you haven't got a flexible technology. There are various vendors in the space and some of them take a lot of the donkey-work out of it for you, whilst still maintaining (as far as I've seen) decent security. But I totally agree that it's still at the whim of the person with their fingers on the controls - if the admin allows a bad executable, then you're in trouble. That can only be mitigated by belt-and-braces approaches, really, relying on old-style reactive AV or IDS/IPS or whatever to catch the bad executable that's somehow bypassed your processes and controls. There is another load of tech springing up around MDM, MIM, MAM or whatever TLA you choose to describe it. It's another big set of challenges though. At the moment I am concentrating on extending the agents I have to MacOS devices rather than worrying about tablets and mobiles yet. I can avoid some of the pain at the moment by deploying Windows apps and desktops via Citrix to the mobile devices rather than letting users manipulate corporate data directly, but it's something I will no doubt get asked to get involved in sometime in the future :-) But it's all so fun keeping up with user trends, isn't it? Maybe if we try really hard to get on top of the possibilities right now we can approach BYOD from a security perspective rather than just getting bullied into making it happen too quickly and having to catch all the security issues while firefighting :-) Cheers, JR On 16 April 2013 15:36, Ziots, Edward wrote: > James, > > ** ** > > I agree on the application whitelisting front. But its a lot of work and > its still based on trust. ( If you trust something bad) then you have still > let the determined attacker in the door, but the caveat is if you control > the code execution on your endpoints, then you change the game into your > favor. > > ** ** > > Other aspects to think of: > > ** ** > > Will application whitelisting work for mobile devices: (Iphone, Android, > Tablets, all of which can act like storage devices in a way. > > ** ** > > Questions to be answered: > > ** ** > > Which devices do you allow to be attached to your systems to transfer > data? (Policies, procedures, enforcement with technical controls and > auditing and followup with administrative controls for compliance? (Do we > allow the Apple devices, but not the Android, or do we allow just Ironkey > devices, and whom should have them and what data should they be able to > take ( DLP/DRM etc etc) > > ** ** > > And we all should know by now that AV is next near worthless against > current malware trends, so why does the compliance regulations still > require this ( PCI-DSS especially). > > ** ** > > Working on App whitelisting right now, its been interesting and complex at > the time, but at the end I feel it will be worth it. > > ** ** > > Z > > ** ** > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network + > > Security Engineer > > Lifespan Organization > > ezi...@lifespan.org > > Work:401-444-9081 > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you. > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Tuesday, April 16, 2013 10:21 AM > *To:* NT System Admin Issues > *Subject:* Re: Dropsmack Malware C&C via Dropbox > > ** ** > > Way to beat that nasty...whitelisting. > > > > I guess that vector would work for a lot of these synchronization clients, > so I guess good whitelisting is the only way. Luckily as I've started using > AppSense DataNow instead of DropBox for mine, I get AppSense Application > Manager along with it, which is probably the best whitelisting product I've > seen. > > > > Very interesting read though, just shows that traditional AV can't really > fend off a determined hacker. > > > > Cheers, > > > > > > JR > > On 16 April 2013 15:07, Ziots, Edwar
Re: Dropsmack Malware C&C via Dropbox
Thinking about it, some encryption of your DropBox stuff might help here too...there's stuff like DataLocker about that I know can do this. I suppose the other thing to point out is that there isn't a vulnerability in DropBox itself per se, it's just that if you have DropBox installed on a machine connected to the corporate network, then it gives a hacker with access to that machine a lot more leverage to compromise the network, if I'm understanding it correctly. Cheers, JR On 16 April 2013 15:21, James Rankin wrote: > Way to beat that nasty...whitelisting. > > I guess that vector would work for a lot of these synchronization clients, > so I guess good whitelisting is the only way. Luckily as I've started using > AppSense DataNow instead of DropBox for mine, I get AppSense Application > Manager along with it, which is probably the best whitelisting product I've > seen. > > Very interesting read though, just shows that traditional AV can't really > fend off a determined hacker. > > Cheers, > > > JR > > On 16 April 2013 15:07, Ziots, Edward wrote: > >> Here is the slide deck on this: >> >> >> https://media.blackhat.com/eu-13/briefings/Williams/bh-eu-13-dropsmack-jwilliams-slides.pdf >> >> >> ** ** >> >> Good reading, scary thought but a lot are using Dropbox and not thinking >> about the consequences…. >> >> >> http://www.techrepublic.com/blog/security/dropsmack-using-dropbox-to-steal-files-and-deliver-malware/9332?tag=nl.e036&s_cid=e036&ttag=e036 >> >> >> ** ** >> >> Food for thought, especially from regulatory compliance standpoint. >> >> ** ** >> >> Z >> >> ** ** >> >> ** ** >> >> Edward E. Ziots, CISSP, CISA, Security +, Network + >> >> Security Engineer >> >> Lifespan Organization >> >> ezi...@lifespan.org >> >> Work:401-444-9081 >> >> ** ** >> >> ** ** >> >> This electronic message and any attachments may be privileged and >> confidential and protected from disclosure. If you are reading this >> message, but are not the intended recipient, nor an employee or agent >> responsible for delivering this message to the intended recipient, you are >> hereby notified that you are strictly prohibited from copying, printing, >> forwarding or otherwise disseminating this communication. If you have >> received this communication in error, please immediately notify the sender >> by replying to the message. Then, delete the message from your computer. >> Thank you. >> >> *[image: Description: Description: Lifespan]* >> >> ** ** >> >> ** ** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
Re: Dropsmack Malware C&C via Dropbox
Way to beat that nasty...whitelisting. I guess that vector would work for a lot of these synchronization clients, so I guess good whitelisting is the only way. Luckily as I've started using AppSense DataNow instead of DropBox for mine, I get AppSense Application Manager along with it, which is probably the best whitelisting product I've seen. Very interesting read though, just shows that traditional AV can't really fend off a determined hacker. Cheers, JR On 16 April 2013 15:07, Ziots, Edward wrote: > Here is the slide deck on this: > > > https://media.blackhat.com/eu-13/briefings/Williams/bh-eu-13-dropsmack-jwilliams-slides.pdf > > > ** ** > > Good reading, scary thought but a lot are using Dropbox and not thinking > about the consequences…. > > > http://www.techrepublic.com/blog/security/dropsmack-using-dropbox-to-steal-files-and-deliver-malware/9332?tag=nl.e036&s_cid=e036&ttag=e036 > > > ** ** > > Food for thought, especially from regulatory compliance standpoint. > > ** ** > > Z > > ** ** > > ** ** > > Edward E. Ziots, CISSP, CISA, Security +, Network + > > Security Engineer > > Lifespan Organization > > ezi...@lifespan.org > > Work:401-444-9081 > > ** ** > > ** ** > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you. > > *[image: Description: Description: Lifespan]* > > ** ** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
Re: Some interesting thoughts about network security
There are some interesting technologies popping up around enabling security for the BYOD initiatives. I think as we go on we will see the BYO thing becoming more acceptable as the technologies around it provide security of the kind that makes IT admins more comfortable. There's a lot of good "enabler" tech from the likes of AppSense, RES, even Citrix is starting to get heavily in on the act now. On 16 April 2013 02:45, Jon Harris wrote: > One of the things I saw in the article was part of his reasoning on this > was the BYOD movement. I know a lot of places are looking at this and some > have even gone for it but if it was a financial firm or a health care > provider I don't know if I would want to do business with them. BYOD just > opens too many cans of worms for me to feel comfortable with those firms > doing that. IF they were using something like VDI or Citrix like work > interface I would only be marginally comfortable. I don't see that > happening unless a company really looks at where the data is stored and the > risk of that data getting "lost" to parties unknown. From all that I am > seeing it is more management wanting to push the cost of the workers > hardware to the worker and little else is taken into account until they get > bit hard and are faced with lawsuits due to their lack of use of their > brains. > > Jon > > -- > From: k...@adopenstatic.com > To: ntsysadmin@lyris.sunbelt-software.com > Subject: RE: Some interesting thoughts about network security > Date: Tue, 16 Apr 2013 00:33:16 + > > > My thoughts: > > > > a) “One size fits all” solutions simply don’t fit most > organisations. Some e.g.: > > a.(e.g. “you support users connecting from home today”, so > obviously you can obviously scale to support the entire organisation doing > the same at work, or > > b. “give each user their own VLAN” – yeah, we’ll create 100,000 > VLANs – imagine maintaining the FWs, routers, and how much more complex > user provisioning and de-provisioning is going to be. What happens when > users move between buildings? Telcos can make this happen, but telcos are > in the networking business. > > b) Treating wireless users as “external” and then making them VPN in > isn’t new – that’s been the thinking for 20 years. It was “start of the > art” maybe in 2000, but it’s not now > > c) I know Microsoft was arguing for the “hard core” and “soft > shell” since circa 2006 or so – so even that’s now new. However I disagree > that there should be one boundary (around the data centre) and we ignore > everything else. Obviously Brian doesn’t understand how large organisations > (and I’m guessing other sizes as well – I don’t have that much experience) > work. Most banks (for example) are stuffed full of “knowledge workers” that > depend on data being on their client PCs. For example I’ve seen > reconciliations in a large institutional bank being run on over 2,000 excel > spreadsheets due to lack of straight through processing between diverse > systems. You can treat them as being “on the internet”, but that’s too > difficult to do in practise with granularity. If you make them VPN in, you > end up giving them wide-open access anyway. So why not just use 802.1x to > guard your physical (including WiFi) access? Surely 802.1x is easier and > cheaper to deploy than catering for 100,000+ VPN connections? > > > > This looks like just another “magic bullet” – simple solution to a complex > problem that only works in simple (i.e. small) environments. > > > > Cheers > > Ken > > > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Monday, 15 April 2013 10:24 PM > *To:* NT System Admin Issues > *Subject:* Some interesting thoughts about network security > > > > > http://www.brianmadden.com/blogs/brianmadden/archive/2013/04/15/rethinking-network-security-all-your-on-premises-wifi-users-are-actually-quot-remote-quot-users.aspx > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ &g
Some interesting thoughts about network security
http://www.brianmadden.com/blogs/brianmadden/archive/2013/04/15/rethinking-network-security-all-your-on-premises-wifi-users-are-actually-quot-remote-quot-users.aspx -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
GPO quirkiness
Guys/gals I have an Internet Explorer GPO configured that does the following - "Turn on the auto-complete feature for user names and passwords on forms" This seems to work OK mostly, but... ...in this GPO there is a check box for "Prompt user to save passwords". Every time I *uncheck *this, the saving of usernames and passwords seems to stop, nothing is entered for me when I come to fill in the web page. a) Can anyone verify if this is just the way it is, or is there something I've misconfigured? b) Anyone know of any gotcha around this setting, such as other settings that may conflict? Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Google Drive
That sounds interestingthere are certainly a lot of providers jumping into this market now, I just picked on Google because my mail account and blog are hosted by them and it seemed natural to follow on with the storage. I was just going to use a DataNow appliance in my own house but I was conscious then that the "cloud" became my own home-based storage and something like a house fire would wipe out all my data whether it be client or storage-based :-( I think it's maybe time someone did one of those nice "smackdown" reviews based on all the cloud storage vendors. I may have a look at OxygenDrive anyway given my own obsession with portable apps :-) Cheers, JR On 11 April 2013 15:00, Steven M. Caesare wrote: > OxygenDrive is interesting in that it provides a virtual drive that > actually mounts. You can do standard explorer/command line options with it. > There still is a sync mechanism as well, but it’s about the most seamless > solution I’ve seen. > > ** ** > > There’s also the standard web interface, as well as apps for iOS and > Android. > > ** ** > > You can obtain cloud storage from them (free for personal, $$ for > commercial), or frontend your own storage with their solution. > > ** ** > > As always, read the ToS with cloud storage providers. > > ** ** > > -sc > > ** ** > > *From:* Tobie Fysh [mailto:tobie.f...@freebridge.org.uk] > *Sent:* Wednesday, April 10, 2013 1:25 PM > > *To:* NT System Admin Issues > *Subject:* RE: Google Drive > > ** ** > > If we are throwing out our fav syncing tools SkyDrive rocks, Windows, > Windows RT and Windows Phone all in sync. > > Sent from my Windows Phone > > -- > > *From: *Matthew W. Ross > > *Sent: *10/04/2013 18:15 > *To: *NT System Admin Issues > *Subject: *Re: Google Drive > > I use Google Drive all the time, at least the online version. I have > been trying a lot of different "syncing" solutions as of late, as I also > have been using Dropbox and Cubby. > > I have the desktop client on my home PC, but it has not given me any > problems. It behaves a lot better than Dropbox for me, as Dropbox likes to > index every time I am forced to reboot, which seems to take an unusually > long time. > > The client at home I use to drop in PDFs of important mailers I get (Scan > to FTP, copy to Google Drive) so that I have is wherever I need them. > > Otherwise, it's a simple web-based word processor/spreadsheet/drawing tool > that works anywhere I go. > > > > How are you trying to sync your Firefox bookmarks with Google drive? Are > you using the Portable Apps version of Firefox, and seeing the problems > when you are mixing the two together? (Very cool idea, BTW. I just wonder > how syncing would work if you had it open on multiple computers...) > > Doesn't Firefox now have a native bookmark syncing feature, much like > Google Chrome? > > > --Matt Ross > Ephrata School District > > > - Original Message - > From: James Rankin > [mailto:kz2...@googlemail.com ] > To: NT System Admin Issues > [mailto:ntsysadmin@lyris.sunbelt-software.com > ] > Sent: Wed, 10 Apr 2013 > 03:37:57 -0800 > Subject: Google Drive > > > > Anyone else using Google Drive and think it is a bit rubbish in general? > I > > regularly get sync failures, errors in the software, and if I go to the > > > online version and try to empty the Trash folder, everything simply > > reappears as soon as I delete it. I've been using it with Portable Apps > and > > recently all my Firefox bookmarks just disappeared, so I am beginning to > > think it might not be really fit for purpose. > > > > Anyone else had similar issues, or got any feedback to report? > > > > Cheers, > > > > > > > > -- > > *James Rankin* > > > Technical Consultant (ACA, CCA, MCTS) > > http://appsensebigot.blogspot.co.uk > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to listmana...@lyris.sunbeltsoftware.com > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris
Re: Google Drive
Certainly interesting feedback, thanks! I'm wondering if it is what Matt alluded to and it's the FF Sync having a nightmare operating inside the Google Drive Sync. It certainly appears to be two particular FF files that fail the sync every time - as well as a random piece of non-existent album art from my music folder I will have a try at solving it when I get home at the end of the week. Cheers, JR On 11 April 2013 13:31, Michael Leone wrote: > On Wed, Apr 10, 2013 at 6:37 AM, James Rankin > wrote: > > > > Anyone else using Google Drive and think it is a bit rubbish in general? > > No. :-) But mine is the Google Drive that comes with my (paid) Google > Apps account, so that may make a difference ... > > >I regularly get sync failures, errors in the software, > > I've never had that happen - no errors, no sync failures. > > > and if I go to the online version and try to empty the Trash folder, > everything simply reappears as soon as I delete it. I've been using it with > Portable Apps and recently all my Firefox bookmarks just disappeared, so I > am beginning to think it might not be really fit for purpose. > > > > Anyone else had similar issues, or got any feedback to report? > > I use mine with my Win 7 desktops, my Android phone, and my iPad v2; > none have shown me an error. All the files I have there are > accessible, including the folders I have shared with friends. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Google Drive
Anyone else using Google Drive and think it is a bit rubbish in general? I regularly get sync failures, errors in the software, and if I go to the online version and try to empty the Trash folder, everything simply reappears as soon as I delete it. I've been using it with Portable Apps and recently all my Firefox bookmarks just disappeared, so I am beginning to think it might not be really fit for purpose. Anyone else had similar issues, or got any feedback to report? Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: .ZIP file e-mail attachments
Goes to the unsustainable nature of reactive antivirus. Your signatures can barely keep up with new variants. Proactive application management FTW On 9 April 2013 15:51, David Lum wrote: > Do any of you guys still allow this? I ask because at %formerjob% they > were blocked, but %dayjob% allows them, and last week and today we’ve > received infected .ZIP files. Last week was another autorun outbreak, today > we caught it before anyone actually ran it. We keep getting latest and > greatest variants “First seen by VirusTotal 2013-04-09 09:51:15 UTC (4 > hours, 58 minutes ago)”. Grr… > > *David Lum* > Sr. Systems Engineer // NWEATM > Office 503.548.5229 //* *Cell (voice/text) 503.267.9764 > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Trimming stale cookies
I often get profiles bloated out with stale cookies. The Citrix User Profile Management tool can actually scan your index.dat file at logoff and remove references to stale cookies, before mirroring the folder to ensure consistency (see this article http://blogs.citrix.com/2011/01/25/notes-on-synchronising-internet-explorer-cookies-using-profile-management/ for an explanation of the process) Now, I'm not using Citrix UPM at the moment, and I want to replicate this process if at all possible. The folder mirroring I can handle easy enough - however, is there a way to scan the index.dat file for stale cookie entries and trim them that anyone knows of? Scripts or programs will do nicely - anyone know if there is a way to do this? I was hoping the file would be a nice simple text file and I could just scan and manipulate it - no such luck however. I can't seem to find anything by Googling, just wondering how the UPM tool manages to do it. Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OfficeFileCache
Addendum to this - also noticed a lot of files in \Users\Username\AppData\Local\Microsoft\OneNote\14.0\OneNoteOfflineCache_Files. Pretty obvious what these are for, but are there any consequences of removing them from the profile I should be aware of? Cheers, JR On 5 April 2013 12:05, James Rankin wrote: > I've got some user profiles (well, they're virtualized into an SQL > database, but that's a moot point) that are showing some large files with a > .FSD extension in > \Users\Username\AppData\Local\Microsoft\Office\14.0\OfficeFileCache. The > database is far too large for this many users, so I am wondering a) what > these files are for (suspect it's something to do with SharePoint), and b) > if I can remove them from being saved into the profile without causing any > issues? > > Google-fu seems a bit lacking, so it's over to the experts > > TIA, > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
IE spelling
Its been so long since I used IE I have only just noticed that it actually has "Favourites" spelled correctly for UK users. Does anyone know when this was introduced? I've gotten so used to seeing the US spelling that it actually looks wrong, but it's interesting to see they've finally changed it. I'm now wondering if it pulls it directly from the system locale - might be interesting to see how it behaves with users that move between international borders and have virtualized instances of IE. -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Server 2012 Remote Desktop Services mailing list or forum?
Don't know whether the Thin List may be of help (t...@freelists.org). They're thin client and SBC focused (obviously) but there tends to be a heavy Citrix slant on there On 26 March 2013 15:52, Ken Cornetet wrote: > Anyone know of a good mailing list or forum for Remote Desktop Services on > 2012? > > ** ** > > I’m looking at replacing our aging Citrix farm with Server 2012 RDS, so > I’ve built a lab to play with. The new RDS is impressive, at least in > theory – you manage everything from one MMC on one computer. However, the > documentation is distressingly sparse. It seems to consist mostly of “Use > windows 8 clients and RDP 8 and things just work magically.” > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Atlantis
Anyone using Atlantis ILIO for delivering VDI (especially the persistent variety)? I've been reading some reviews and stats about this and it looks - well, quite frankly, amazing. The density of VMs and the incredible iOPS that it can apparently achieve make me think there's really no other choice to be made...does anyone have any real-world experiences they'd care to share, as I am naturally cynical? Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Vmware Design for XenApp 6.5 w/PVS
work directly with our Citrix Admins. I used the following > article as the primary reference material for starting our design. We > decided to plan conservatively and base our consolidation ratios with a 20 > users per guest target. The host config I've decided on are Dell PowerEdge > R820s with Quad E5-4640 2.4GHz 8 core procs and 384GB RAM. Using the > recommendation of 4vCPUs per guest we can support 16VMs per host which > equates to 320 users per host. 5 hosts will allow us to support a peak of > 1600 concurrent user sessions. We will purchase 6 hosts to maintain our N+1 > cluster design standards. I dediced to bump the RAM per host considerably > to allow for increased guest allocation. We support over 200 published > applications in our environment, which are distributed amongst physical > server silos currently. One of our goals with PVS is to consolidate the > applications into as few images as possible si we want to certain we have > the hardware resources to support the guests. Each host will include a > FusionIO IO Drive to support maximum IO requirements and eliminate IO > contention on our SAN during large scale provisioning. All of our hosts > leverage infiniband with 80Gbps throughput for ethernet and native FC > connectivity. > > > > http://blogs.citrix.com/2013/01/07/whats-the-optimal-xenapp-6-5-vm-configuration/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+CitrixBlogs+%28Citrix+Blogs%29 > > So after reading all of that I feel like I'm bragging. However, I have a > fundemental concern because even though we are being very conservative and > are likely procuring more resources than necessary, I have no reliable > means of validating the capabilities of this proposed environment vs. our > current workloads. My experience with Vmware tells me that even though the > aforementioned article suggests a 4 vCPU per guest configuration, we'll > likely start with a single vCPU configuration and do our best at initial > scalability testing while keeping an eye on CPU waits. Should we find > guests perform optimally with few vCPUs than that will just increase our > consolidation ratios. > > I'm hoping some of you out there with a lot of XenApp experience (Webster, > James, etc.:) ) can either point out any major gaps in the initial hardware > design or hopefully validate that we're more than likely over provisioning > hardware resources. > > - Sean > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Remote control software
t;http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource > hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > Please consider the environment before printing this e-mail. > > The statements and opinions expressed in this email are my own and may > not represent those of Ultraframe (UK) Ltd. > This email is subject to copyright and the information contained in it > is confidential and may be legally privileged. It is sent out only for > intended recipient(s). Access to this email by anyone else is > unauthorised. If you are not an intended recipient, any disclosure, > copying, distribution or other use or any action taken or omitted to be > taken in reliance on it, is prohibited and unlawful. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > - > No virus found in this message. > Checked by AVG - www.avg.com > Version: 2013.0.2899 / Virus Database: 2641/6135 - Release Date: > 02/26/13 > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > Please consider the environment before printing this e-mail. > > The statements and opinions expressed in this email are my own and may not > represent those of Ultraframe (UK) Ltd. > This email is subject to copyright and the information contained in it is > confidential and may be legally privileged. It is sent out only for > intended recipient(s). Access to this email by anyone else is unauthorised. > If you are not an intended recipient, any disclosure, copying, distribution > or other use or any action taken or omitted to be taken in reliance on it, > is prohibited and unlawful. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Remote Desktop Server (Formerly known as Terminal Server)
r)** > ** > > ** ** > > I’m using roaming profiles in a XenApp 5 system with around 1000 users. No > problems whatsoever. I think a lot of the common “wisdom” about not using > roaming profiles is a combination of bad history and FUD spread by vendors > of profile management software. > > ** ** > > Not using roaming profiles sounds good in theory, but may be problematic > in practice. If you have a user base with very simple requirements, a > mandatory profile can work well – you only need to back up and restore a > few settings from the registry (Outlook profiles, default printer, etc). > Otherwise, roaming profiles make life much easier. > > ** ** > > I’ll try to highlight the group policy I have in place: > > ** ** > > User lockdown – implemented via loopback – Set security to deny apply of > this GP for admin users. > > Turns off most of the things in control panel > > Hide Desktop “network locations” > > Hide network connection settings > > Disable offline files > > Disable connection wizard > > Remove shutdown, sleep, and hibernate from start button. > > Turn off “Getting Started”. > > Hide A,B,C, and D drives in “My Computer”. > > Hide the C drive in file dialog boxes (This can cause error messages in > Office apps). > > Hide Windows update. > > ** ** > > System policies > > Turn off Customer Experience Improvement Program and error reporting. > > Add “Administrators” security to roaming profiles. > > Delete cached profiles. > > Do not check for ownership of roaming profiles. > > Turn on timezone redirection. > > Set the roaming profile path. > > Turn off Windows Defender. > > ** ** > > Registry settings policy > > Create HKLM\CurrentControlSet\Control\Print\DisableWERLogging DWORD 1 (if > you don’t do this, the print spooler will occasionally fill your C: disk up > with error logs). > > Create > HKLM\CurrentControlSet\Control\FileSystem\NtfsDisableLastAccessUpdate DWORD > 1 – *NOTE!* You may not want to do this – research before implementing.*** > * > > DELETE this key > HKEY_USERS\.DEFAULT\Software\Hewlett-Packard – Do this if you use HP > printers. Trust me. > > DELETE this key HKCU\Software\Hewlett-Packard – Ditto > > ** ** > > User settings – implemented via loopback > > Set folder redirection > > Create > HKCU\Softare\Policies\Microsoft\Office\12.0\Common\Toolbars\QuickAccessToolbarRoaming > DWORD 1 See http://support.microsoft.com/kb/958062 for details. > > Create > HKCU\Softare\Policies\Microsoft\Office\14.0\Common\Toolbars\CustomUIRoaming > DWORD 1 See http://support.microsoft.com/kb/958062 for details. > > Create HKCU\ > Software\Microsoft\Windows\CurrentVersion\Internet > Settings\Zones\3\1A10 DWORD 1 – This sets IE privacy to default > > ** ** > > Application blacklist > > Blacklist all of the common updaters (Java, Adobe, etc)*** > * > > Blacklist VMWare tools (if you are running under VMWare)** > ** > > Blacklist your Antivirus user interface agent (you don’t > want users kicking off scans of your C: drive) > > Blacklist c:\windows\syswow64\IME\IMEJP10\IMJPDSVR.EXE – > It eats CPU. > > ** ** > > I’d be happy to export my policies and email them to you, if you like. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoi
Re: outlook autocomplete lost
Its a .nk2 file somewhere in AppData, at least it was in 2007 and prior. You need to ideally hive this off somehow. On 18 February 2013 18:15, Adam Greene wrote: > Hi guys, > > ** ** > > We’ve run into the same issue a number of times: when we have to rebuild a > customer’s Outlook profile, Outlook loses a record of whatever it bases its > autocomplete feature on (i.e. the feature where you start to type an email > address and Outlook finishes it for you). > > ** ** > > Is there some way to back up & reimport this record so the customer > doesn’t have to start from scratch each time? > > ** ** > > Thanks, > > Adam > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Languages and variables
Thanks guys I can now continue to write my article about this without fear of looking like a fool :-) cheers, JR On 18 February 2013 14:59, Webster wrote: > From a French CTP: > > ** ** > > Hey Carl, > > ** ** > > Yes %USERNAME% is working on a French OS. > > ** ** > > Regards, > > ** ** > > ** ** > > Thanks > > ** ** > > ** ** > > Webster > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Monday, February 18, 2013 7:26 AM > > *To:* NT System Admin Issues > *Subject:* Languages and variables > > ** ** > > If I have a user with the French version of Windows, would %username% > still be called %username% on his system or would it be translated? I'm > assuming it would stay the same - but I just need to make sure :-) > > Google-fu seems inadequate on this, although it might just be my search > terms :-) > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Backup to cloud?
I have 498GB of data stored in the cloud that would take about six weeks to download. The "send me it on a USB drive" option that Ben mentioned is my DR choice :-) On 13 February 2013 17:27, Rod Trent wrote: > Why would retrieval take that long? Are you talking more about disaster > recovery? > > ** ** > > ** ** > > *From:* David Lum [mailto:david@nwea.org] > *Sent:* Wednesday, February 13, 2013 12:21 PM > > *To:* NT System Admin Issues > *Subject:* Backup to cloud? > > ** ** > > Does backup to cloud even matter if the time to retrieve it spans 20+ > hours? If I were to consider hosting a clients’ backups at my location, > where do I go to find what liabilities I need to worry about. > Coincidentally the client in mind is a law firm of all places… > > *David Lum* > Sr. Systems Engineer // NWEATM > Office 503.548.5229 //* *Cell (voice/text) 503.267.9764 > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Java
Use App-V to deliver apps like these (or similar technology). The SystemGuard functionality keeps it segregated from the rest of the OS - i.e. the exploits may run but they can't touch anything. On 11 February 2013 14:30, Kennedy, Jim wrote: > I feel your pain. We have a legacy app from a company that has gone out > of business. We have to keep it for reporting to the State. Java 6 only. We > set up a couple separate machines and firewalled them to only hit that app > and a printer. > > ** ** > > ** ** > > *From:* Webster [mailto:webs...@carlwebster.com] > *Sent:* Monday, February 11, 2013 8:14 AM > > *To:* NT System Admin Issues > *Subject:* RE: Java > > ** ** > > Unfortunately, Citrix built most of their older management consoles on > Java. Java 6 is still required for most versions of XenApp. If you > install Java 7, the installer complains that Java 6 was not found and then > no install. The installer looks for Java 6 U 14 but works even if U39 is > installed. But those version of XenApp that require Java 6 are all > EOS/EOM/EOL so Citrix will not do anything to fix their consoles even > though those products will be used for years to come. There are people who > still use the former versions of XenApp (Metaframe, MetaFrame XP and > Presentation Server) that require NT4 and W2K. > > ** ** > > Thanks > > ** ** > > ** ** > > Webster > > ** ** > > *From:* Kennedy, Jim > [mailto:kennedy...@elyriaschools.org] > > *Subject:* RE: Java > > ** ** > > Yes, the big holes that everyone was talking about are fixed. There are > still some there though. But as you say later in the thread. 6 is dead Jim, > time to move on. It is the lesser of evils now. > > ** ** > > *From:* Heaton, Joseph@Wildlife > [mailto:joseph.hea...@wildlife.ca.gov] > > *Subject:* RE: Java > > ** ** > > Lol…. Very true. I was asking more along the lines of the last big 0 Day > vulnerability. I want to be able to go back to my developers and ask them > to work on making the newest technology work with our internal apps. > > ** ** > > *From:* Jim Kennedy > [mailto:kennedy...@elyriaschools.org] > > *Subject:* RE: Java > > ** ** > > 7 13 is better than 6 38, but I won’t say it is ‘fixed’ since it isn’t. > There are still problems and will be for years to come, imho. > > ** ** > > *From:* Heaton, Joseph@Wildlife > [mailto:joseph.hea...@wildlife.ca.gov] > > *Subject:* Java > > ** ** > > Anyone know if the latest Java 7 update finally seals the big > vulnerability from recent times? We’ve actually told people they can’t > update past 6u38, but would like to at some point… > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: iso mounting software for Windows Server 2008 R2
I'm fairly sure you could put a Portable version of Daemon Tools up on a network share. I use the Portable version from inside DataNow or DropBox all the time. Saves it getting installed on your server estate. Do the same with various tools like Process Explorer, TreeSize and the like. On 6 February 2013 15:52, Pete Howard wrote: > I like Poweriso, magiciso, vcd etc on my workstations but generally avoid > installing iso tools on prod servers to keep them pristine and end up > extracting from the workstation to the server. MS has a Mount-DiskImage > cmdlet which sounds nice but only on win8\12 > > > -- > *From:* Miller Bonnie L. > *To:* NT System Admin Issues > *Sent:* Wednesday, February 6, 2013 10:02 AM > > *Subject:* iso mounting software for Windows Server 2008 R2 > > Windows Server 2008 R2 SP1 physical server. What is your favorite, safe, > and least expensive, software for mounting an .iso file on this OS? > > Here are a few I’ve found, but have never used any: > > MagicISO Virtual CD/DVD-ROM (MagicDisc) > http://www.magiciso.com/tutorials/miso-magicdisc-overview.htm > (freeware) > > PowerISOhttp://www.poweriso.com/index.htm ($29.95) > > Virtual CloneDrive > http://www.slysoft.com/en/virtual-clonedrive.html (freeware) > > > I currently can’t burn the .iso to media as we don’t have a dual-layer > burner available (and the disc would require one due to size). Going to > have to look into that as well now. > > Thanks, > Bonnie > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: Hello Kitty in space
And I forgot the link http://www.theregister.co.uk/2013/02/04/hello_kitty_flight/ Doh! On 6 February 2013 13:51, James Rankin wrote: > Don't know whether you might have seen this already but the video at the > end is awesomely done. Go Kitty! > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Networking stuff.....oo-er
Thanks for all the help guys. I finally managed to shoehorn the VM into running in Bridged mode, and as was pointed out to me, this seems to have made all the difference. I can now access my funky new DataNow home appliance from the internet and kick DropBox and Google Drive into touch :-) Cheers, JR On 25 January 2013 12:23, James Rankin wrote: > Unfortunately the guest won't work in a bridged configuration. God knows > why. It also can't be configured with a second network card for some > reason, which again reduces my options :-( > > Hazen emailed me offline to try using VMWare's own internal NAT port > forwarding to see if we could push the traffic through by forwarding it to > the host first, as you've suggested also. I'm giving that a try now. > > Cheers, > > > JR > > > On 25 January 2013 12:17, Ben Scott wrote: > >> On Fri, Jan 25, 2013 at 5:36 AM, James Rankin >> wrote: >> > I'm trying to configure my home router to do some port forwarding onto a >> > device on my internal network. However, this is a VMWare Workstation >> guest >> > using NAT networking so it has an address on a different range >> > (192.168.183.x) rather than the home network's default range >> (192.168.1.x) >> >> I presume the VMware host is doing the NAT for the guest. If so, as >> far as BT router is concerned, the VMware host *is* the guest. The >> host translates the guest's packets so they appear to be coming from >> the host itself. That's the whole point of NAT, after all. :) >> >> You would need to forward the port on the BT router to the VM host, >> and then have VMware's internal router forward the packets again to >> the guest. I don't know if VMware's router implementation can do port >> forwarding. >> >> Can you change the IP address and net on the guest without breaking >> things? If so, is it okay to switch VMware to bridged mode and just >> put it on your home LAN? If feasible, that's likely the easiest >> solution. >> >> If not: You could prolly do this with a cheap home router (like a >> LinkSys WRT* box) and a second network interface in the host. On the >> host, unbind all the OS (Windows) protocols from the second interface. >> In VMware, bridge the second interface to the guest, no NAT or DHCP. >> Plug the "Local" side of the new router into the second interface. >> Plug the "Internet" side of the new router into your main home LAN. >> On the BT router, port-forward from the Internet to the new router's >> main home LAN address. On the new router, port-forward from the main >> home LAN to the guest. >> >> -- Ben >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Networking stuff.....oo-er
Unfortunately the guest won't work in a bridged configuration. God knows why. It also can't be configured with a second network card for some reason, which again reduces my options :-( Hazen emailed me offline to try using VMWare's own internal NAT port forwarding to see if we could push the traffic through by forwarding it to the host first, as you've suggested also. I'm giving that a try now. Cheers, JR On 25 January 2013 12:17, Ben Scott wrote: > On Fri, Jan 25, 2013 at 5:36 AM, James Rankin > wrote: > > I'm trying to configure my home router to do some port forwarding onto a > > device on my internal network. However, this is a VMWare Workstation > guest > > using NAT networking so it has an address on a different range > > (192.168.183.x) rather than the home network's default range > (192.168.1.x) > > I presume the VMware host is doing the NAT for the guest. If so, as > far as BT router is concerned, the VMware host *is* the guest. The > host translates the guest's packets so they appear to be coming from > the host itself. That's the whole point of NAT, after all. :) > > You would need to forward the port on the BT router to the VM host, > and then have VMware's internal router forward the packets again to > the guest. I don't know if VMware's router implementation can do port > forwarding. > > Can you change the IP address and net on the guest without breaking > things? If so, is it okay to switch VMware to bridged mode and just > put it on your home LAN? If feasible, that's likely the easiest > solution. > > If not: You could prolly do this with a cheap home router (like a > LinkSys WRT* box) and a second network interface in the host. On the > host, unbind all the OS (Windows) protocols from the second interface. > In VMware, bridge the second interface to the guest, no NAT or DHCP. > Plug the "Local" side of the new router into the second interface. > Plug the "Internet" side of the new router into your main home LAN. > On the BT router, port-forward from the Internet to the new router's > main home LAN address. On the new router, port-forward from the main > home LAN to the guest. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Limiting who can send all-staff e-mails
If they can't see why it's a bad idea from that sort of thing, thenyou're up against it On 25 January 2013 11:56, David Lum wrote: > Nope, that already happens, and we have employees that REPLY ALL to > those.. > > ** ** > > *From:* kz2...@googlemail.com [mailto:kz2...@googlemail.com] > *Sent:* Friday, January 25, 2013 3:43 AM > > *To:* NT System Admin Issues > *Subject:* Re: Limiting who can send all-staff e-mails > > ** ** > > Just wait till someone forwards a joke or scam report to your entire > staff, or asks for someone to move their car. That should do it. > > Sent from my Blackberry, which may be an antique but delivers email > RELIABLY > -- > > *From: *David Lum > > *Date: *Fri, 25 Jan 2013 11:14:36 + > > *To: *NT System Admin Issues > > *ReplyTo: *"NT System Admin Issues" > > > *Subject: *Limiting who can send all-staff e-mails > > ** ** > > Does anyone have some links I can use to demonstrate to management why > it’s a bad idea to allow any of our 600 employees to send e-mails to “all > staff”? > > *David Lum* > Sr. Systems Engineer // NWEATM > Office 503.548.5229 //* *Cell (voice/text) 503.267.9764 > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Networking stuff.....oo-er
I'm trying to configure my home router to do some port forwarding onto a device on my internal network. However, this is a VMWare Workstation guest using NAT networking so it has an address on a different range (192.168.183.x) rather than the home network's default range (192.168.1.x) So when I try to configure my home router to forward from an incoming port 443 connection onto port 443 on 192.168.183.100, it simply tells me "the host does not belong to any recognized LAN". The guest machine isn't DHCP-capable so I can't get it into the list of available other hosts. The router is one of these rubbish BT Home Hubs (wish I'd never gotten rid of my 220V), so I can't see any way of configuring some custom LAN segments on it, so am I completely screwed with getting this to work? (I've always hated comms-related stuff, so please forgive me if there's a simple solution I've overlooked) Thanks, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: on-premises storage application
You can read a bit more about DataNow here http://www.appsense.com/products/data/datanow/ I'm actually running it in test at the moment and it works great. You can integrate the iPhone app of it with Dropbox/Skydrive etc. as well, so users can see "personal" and "corporate" storage in the same app interface, but data can't be transferred between them. I'm doing some testing at the minute involving combining DataNow with PortableApps to see if there's any enterprise mileage in using it to run applications. Combining it with AppSense StrataApps *may *negate the need for admin rights as well. You can download it as either a Hyper-V or ESX virtual appliance for testing - I have a copy of them somewhere if you want access to them without waiting for a request to go through ;-) Not sure on the licensing for it, but I can find out for you if it's a possibility you're considering Note - I am, apparently not just *an *AppSense bigot, but *the *AppSense bigot :-) Cheers, JR On 24 January 2013 19:39, Kevin Lundy wrote: > The Accellion Secure File Transfer has similar capabilities. > > > On Thu, Jan 24, 2013 at 2:11 PM, Michael B. Smith > wrote: > >> I have a client that wants something like SkyDrive or DropBox – but >> they want to host it onsite – no cloud storage. >> >> ** ** >> >> They also want the company that produces the application to be in north >> America or western Europe. >> >> ** ** >> >> I have googled and binged a bit, and I have some options – but I’d prefer >> some recommendations. >> >> ** ** >> >> Does anyone here have any that they would be willing to share? >> >> ** ** >> >> Thanks! >> >> ** ** >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Max Password Age
I would have thought the latter BTW that sounds like an interesting place to work! On 9 January 2013 15:35, Heaton, Joseph@Wildlife < joseph.hea...@wildlife.ca.gov> wrote: > If my policy currently is 90 days, and I then shorten that to 60 days, > does the clock reset to 0, or will everyone that’s in the 60-89 day window > going to have expired passwords? > > ** ** > > ** ** > > Thanks, > > ** ** > > ** ** > > Joe Heaton > > Enterprise Server Support > > CA Department of Fish and Wildlife > > 1807 13th Street, Suite 201 > > Sacramento, CA 95811 > > Desk: (916) 557-3422 > > ** ** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Selling SMB-specific IT stuff
Ebay? On 17 December 2012 13:54, David Lum wrote: > A client of mine no longer uses a StorageTek L20 tape drive library so > we are looking to give it a good home of it instead of sending it to scrap. > Is there a better place than Craigslist to advertise this thing? It seems a > little too specialized to expect a hit on CL. > > *David Lum* > Sr. Systems Engineer // NWEATM > Office 503.548.5229 //* *Cell (voice/text) 503.267.9764 > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT VDI in a box.
Yes, the vendor has to agreeyou can use tools like AppDNA or ChangeBase to give you an idea of any compatibility issues, but if the vendor won't support it virtualized (it's just obstructiveness in some cases, but you can't get away from it), then you'll have to put together an alternative delivery mechanism. On 14 December 2012 14:58, Webster wrote: > Also remember there are some vendors whose License Agreement expressly > forbids virtualizing their application(s) in any way (server, desktop or > application). > > ** ** > > I completed my part of a virtualization project back in early August (AD > Assessment and looking at around 7,000 apps to determine virtualization > candidates) and there were some apps where the vendor said one of two > things: > > ** ** > > **1. **Our support contract is null and void for our apps if they > are used in any type of virtualization environment (so no > TS/RDS/XenApp/XenDesktop or App-V) > > **2. **We expressly forbid our applications to be virtualized or > used on any virtualization environment > > ** ** > > Even Autodesk has a support page that lists their applications they > support only under XenApp (and no they are not supported under pure TS/RDS > from what I was emailed from the company). > > ** ** > > Even if you know an application works under TS/RDS/XenApp but the vendor > will not support it and states so in writing, then as a consultant I cannot > possibly recommend the customer run that software on a XenApp server. > > ** ** > > Bottom line, make sure your software vendor(s) support AND OR allow the > use of their software in the way you intend to use it virtualized. > > ** ** > > Thanks > > ** ** > > ** ** > > Webster > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Subject:* Re: OT VDI in a box. > > ** ** > > If you have Citrix XenApp or RDS and no actual business driver for a full > VDI implementation, then VDI is overkill in my opinion. Don't forget you > can publish a desktop to a lot more users from one system via XenApp or > RDS. With VDI it is one machine, one user. I think a lot of people forget > that you can either deliver a server published desktop or individual apps > to user devices without the need for actually delivering a full-fat Windows > desktop machine to it. > > > It totally depends on your needs - but in my experience VDI tends to be > better suited to power users or users with applications that don't play > well on the chosen SBC platform. YMMV, etc. > > ** ** > > On 14 December 2012 13:59, Kennedy, Jim > wrote: > > We are not stuck on VIAB. I just zeroed in on it because I am a Hyper-V > shop and it plays well and deploys easily. We really have not decided which > solution we are going to use. > > Are you saying VDI is overkill? This is certainly going to be a simple > solution with not a lot of connections. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT VDI in a box.
I'll volunteer to work on it :-) On 13 December 2012 22:01, Michael B. Smith wrote: > Just TRY to find someone to work on it! Impossible. > > ** ** > > I give it a major “down check” just because of that. > > ** ** > > *From:* Webster [mailto:webs...@carlwebster.com] > *Sent:* Thursday, December 13, 2012 4:28 PM > *To:* NT System Admin Issues > *Subject:* RE: OT VDI in a box. > > ** ** > > The bloggers I know personally that have used it love it and extol it > praises in how simple it is to deploy AND maintain. > > ** ** > > At this time, there is NO upgrade or migration path from VIAB to > XenDesktop. > > ** ** > > > http://neil.spellings.net/2011/09/25/first-look-at-citrix-kaviza-vdi-in-a-box-part-1-setting-up-the-server/ > > > ** ** > > > http://neil.spellings.net/2011/09/28/first-look-at-citrix-kaviza-vdi-in-a-box-part-2-creating-master-image/ > > > ** ** > > I just sent Neil an email asking where is part three. > > ** ** > > Thanks > > ** ** > > ** ** > > Webster > > ** ** > > *From:* Kennedy, Jim > [mailto:kennedy...@elyriaschools.org] > > *Subject:* OT VDI in a box. > > ** ** > > We are going to have to go BYOD(oom). There is no escaping it in the > public edu environment. The powers that be look at them as ‘free’ > computers. So we are thinking a virtual desktop environment . One that is > accessable via guest wireless and that can only talk to a few select > servers…like their own user file servers. Then we deliver the appropriate > desktop to them. > > ** ** > > This is for students, so we have to assume they are intentionally > malicious/destructive/wanting to hack us. > > ** ** > > VDI in a box looks interesting. Rolls easily, runs on Hyper-V which is our > virtualization software of choice…. > > ** ** > > Opinions and experiences gang?** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT VDI in a box.
Do you really need VIAB? Will a published desktop via Citrix XenApp or RDS not suffice? The Citrix Receiver runs on gazillions of devices these days, couple it with WI or Storefront and you can deploy apps and published desktops to a massive amount of BYO devices. I've seen so many unnecessary VDI implementations it's unbelievable... VIAB is very easy to set up and scalable, FWIW, but it might not be strictly what you require. On 13 December 2012 20:48, Kennedy, Jim wrote: > We are going to have to go BYOD(oom). There is no escaping it in the > public edu environment. The powers that be look at them as ‘free’ > computers. So we are thinking a virtual desktop environment . One that is > accessable via guest wireless and that can only talk to a few select > servers…like their own user file servers. Then we deliver the appropriate > desktop to them. > > ** ** > > This is for students, so we have to assume they are intentionally > malicious/destructive/wanting to hack us. > > ** ** > > VDI in a box looks interesting. Rolls easily, runs on Hyper-V which is our > virtualization software of choice…. > > ** ** > > Opinions and experiences gang?** > > ** ** > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Detecting standard desktops
Well in the end I seem to be getting some results from *WMIC
SystemEnclosure GET ChassisTypes*, which just outputs the same mad set of
types that the Scripting Guys used but I've managed to get quite good
accuracy in the testing so far
Hopefully this might do the trick
Thanks for all the pointers
On 5 December 2012 17:19, Matthew W. Ross wrote:
> I don't detect laptops/desktops... I detect the model.
>
> I know of two ways to detect the model:
>
> for /F "delims=" %%a in ('systeminfo.exe ^| findstr /c:^"System Model:^"')
> do set var=%%a
>
> ... or ...
>
> FOR /F "tokens=2 delims==" %%A IN ('WMIC csproduct GET Name /VALUE ^| FIND
> /I "Name="') DO SET result_model_With_spaces=%%A
>
> ...depending if you want to use WMIC or not. We use this to run driver
> scripts on a machine, based on the model.
>
>
> --Matt Ross
> Ephrata School District
>
>
> - Original Message -
> From: Ben Scott
> [mailto:mailvor...@gmail.com]
> To: NT System Admin Issues
> [mailto:ntsysadmin@lyris.sunbelt-software.com]
> Sent: Wed, 05 Dec 2012
> 08:51:24 -0800
> Subject: Re: Detecting standard desktops
>
>
> > On Wed, Dec 5, 2012 at 11:36 AM, James Rankin
> wrote:
> > >>
> >
> http://blogs.technet.com/b/heyscriptingguy/archive/2004/09/21/how-can-i-determine-if-a-computer-is-a-laptop-or-a-desktop-machine.aspx
> > >
> > > Whoa, like WTF are half of those returned types? This could get
> > > interesting
> >
> > And it gets better. Per the comments:
> >
> > "I have come across machines that DO have more than one chassis type
> > (Laptops on docking stations are Laptop/Notebook + Expansion Chassis)"
> >
> > We solved this problem by having the hostname reflect the type. So
> > if the hostname begins with FOOLT, it's a laptop. If it's FOOPC, it's
> > a desktop. Works every time. ;-)
> >
> > -- Ben
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
> >
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> >
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: Detecting standard desktops
Sadly I don't get to deal with clients who have naming conventions that are that nice. Or even put all the desktops in the same OU, or something. I'm going to give that script a try but I am betting it will bork when it meets two different chassis types :-( On 5 December 2012 16:51, Ben Scott wrote: > On Wed, Dec 5, 2012 at 11:36 AM, James Rankin > wrote: > >> > http://blogs.technet.com/b/heyscriptingguy/archive/2004/09/21/how-can-i-determine-if-a-computer-is-a-laptop-or-a-desktop-machine.aspx > > > > Whoa, like WTF are half of those returned types? This could get > > interesting > > And it gets better. Per the comments: > > "I have come across machines that DO have more than one chassis type > (Laptops on docking stations are Laptop/Notebook + Expansion Chassis)" > > We solved this problem by having the hostname reflect the type. So > if the hostname begins with FOOLT, it's a laptop. If it's FOOPC, it's > a desktop. Works every time. ;-) > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Detecting standard desktops
I thought about that, but I'd like to be sure...I can guarantee there will be some weird device out there that might fall into the "not one of the others" category that I hadn't thought of. Like one of those awful WYSE laptops I saw the other day maybe On 5 December 2012 16:01, Kurt Buff wrote: > Detection by subraction? That is, if it doesn't have the peculiar > characteristics of the others, then by elimination is must be a > desktop? > > Kurt > > On Wed, Dec 5, 2012 at 7:50 AM, James Rankin > wrote: > > I'm writing some detection routines to differentiate between laptops, > > tablets, mobiles, VDI and/or XenApp/XenDesktop sessions, etc. However the > > one bit I'm stuck on is how to detect whether a user is on a "standard" > > desktop PC. I can detect laptops by WMI query for a battery, XenDesktop > > sessions by checking for a particular file, etc. - but I can't think of > > anything offhand to identify a standard PC. I must be missing something > > simple, help! > > > > TIA, > > > > > > > > -- > > James Rankin > > Technical Consultant (ACA, CCA, MCTS) > > http://appsensebigot.blogspot.co.uk > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > > --- > > To manage subscriptions click here: > > http://lyris.sunbelt-software.com/read/my_forums/ > > or send an email to listmana...@lyris.sunbeltsoftware.com > > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Window 8 on your PC
es > *Subject:* Window 8 on your PC > > > > Are you guys changing your Windows 8 UI to be more like Win7 or leaving it > as-is and learning new tricks? > > *David Lum* > Sr. Systems Engineer // NWEATM > Office 503.548.5229 //* *Cell (voice/text) 503.267.9764 > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > Confidentiality Notice: > This e-mail, including any attachments is the > property of Catholic Health East and is intended > for the sole use of the intended recipient(s). > It may contain information that is privileged and > confidential. Any unauthorized review, use, > disclosure, or distribution is prohibited. If you are > not the intended recipient, please delete this message, and > reply to the sender regarding the error in a separate email. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > Stefan Jafs > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
Re: Endpoint Protection with Device Control?
Lumension On 21 November 2012 15:55, Paul Hutchings wrote: > I may have asked this some months back so apologies but I can’t find the > email in the archives. > > ** ** > > Our current antivirus product is up for renewal in three months and we > have an interest in being able to monitor and restrict/allow access to > removable drives, predominantly USB sticks. > > ** ** > > Has anyone any experience of either antivirus suites which have this > functionality, or standalone products? > > ** ** > > Clients are Windows XP upwards with most being Windows 7 and a mix of > 32bit and 64bit. > > ** ** > > Thanks, > > Paul > -- > *MIRA Ltd* > > Watling Street, Nuneaton, Warwickshire, CV10 0TU, England > Registered in England and Wales No. 402570 > VAT Registration GB 100 1464 84 > > The contents of this e-mail are confidential and are solely for the use of > the intended recipient. If you receive this e-mail in error, please delete > it and notify us either by e-mail, telephone or fax. You should not copy, > forward or otherwise disclose the content of the e-mail as this is > prohibited. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Windows Server 2012 - Remote Control has been removed!
Yes, since server 2008 R2 (I think) shadowing had issues - mainly for shadowing to or from multiple monitor setups. In a Citrix environment we get by using RA as Webster said or the Shadow Taskbar. In RDS environment, I don't know what the preferred method is, but agree it's a big backward step. On 21 November 2012 13:07, Webster wrote: > Unfortunately Shadowing was removed. Some people blame Citrix and some > blame MS but Citrix had nothing to do with the removal of Shadowing. > Citrix is also forced to use Remote Assistance for both XenApp and > XenDesktop. There has been a lot of weeping, wailing and gnashing of teeth > about this but MS hasn’t changed anything. > > ** ** > > If your users use multiple monitors, you can’t use shadowing for that > scenario either. MS says to use Remote Assistance. With the wide spread > adoption of multiple monitor use in business, I don’t understand the lack > of shadowing support for multiple monitors. I am sure there is a > technological reason behind these decisions to drop Shadow support. But > with the programming brain power that MS has available to them, I don’t > understand why they can’t solve this issue. > > ** ** > > I am no longer a developer, and don’t play one on TV, so I have no idea of > the challenges involved with providing Shadow support in multi monitor > scenarios or in Server 2012/Win8. > > ** ** > > Thanks > > ** ** > > ** ** > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > ** ** > > *From:* James Hill [mailto:falc...@gmail.com] > *Subject:* RE: Windows Server 2012 - Remote Control has been removed! > > ** ** > > Thanks Rene but I’m referring to Remote Controlling a user’s remote > desktop session on a remote desktop session host. > > ** ** > > James. > > ** ** > > *From:* Rene de Haas [mailto:rene.deh...@gmail.com ] > > *Subject:* Re: Windows Server 2012 - Remote Control has been removed! > > ** ** > > From what I read you need to enable it. > > > > "Enabling Remote Desktop: > > you need to log on as an administrator > > open System in Control Panel > > select the Remote tab > > under Remote Desktop select the checkbox labeled "Allow users to connect > remotely to this computer." > > > > [image: Image removed by sender.] > > > > Hth > > René > > On Wed, Nov 21, 2012 at 8:06 AM, James Hill wrote: > > In the process of building my first Windows Server 2012 server with > Remote Desktop. > > There is no Remote Control and a quick search says that this feature has > been removed! > > Seriously? Please someone tell me this isn’t the case! ** ** > > I sure can’t find the option anywhere. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
Re: GPO issue
Well you were on the right track Jim - there is a quite long logon script in use here, but it was also accompanied by the Group Policy setting of *Run logon scripts synchronously *being set to *Enabled. *Disabling this setting shaves two minutes off the logon time instantly. Thanks for your help guys - now to put together a solution that gets rid of the logon script once and for all :-) Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk On 14 November 2012 14:01, Kennedy, Jim wrote: > .Just tossing out a random thought having had this issue before. Do you > have any machine or user logon scripts running? I had one hang a few years > ago trying to find a share on a server that was removed…it created a > massive delay for the users it was applied to. > > ** ** > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Wednesday, November 14, 2012 8:54 AM > > *To:* NT System Admin Issues > *Subject:* Re: GPO issue > > ** ** > > Thanks, I now have a full understanding of what's going on. Looks like I > will have to dig elsewhere to find the cause of the massive logon hangs. > > Cheers, > > > > JR > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: GPO issue
There's all sorts in the mix here, including logon scripts. I'm digging through the whole lot now On 14 November 2012 14:01, Kennedy, Jim wrote: > .Just tossing out a random thought having had this issue before. Do you > have any machine or user logon scripts running? I had one hang a few years > ago trying to find a share on a server that was removed…it created a > massive delay for the users it was applied to. > > ** ** > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Wednesday, November 14, 2012 8:54 AM > > *To:* NT System Admin Issues > *Subject:* Re: GPO issue > > ** ** > > Thanks, I now have a full understanding of what's going on. Looks like I > will have to dig elsewhere to find the cause of the massive logon hangs. > > Cheers, > > > > JR > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: GPO issue
Thanks, I now have a full understanding of what's going on. Looks like I will have to dig elsewhere to find the cause of the massive logon hangs. Cheers, JR On 14 November 2012 13:46, Christopher Bodnar wrote: > No, Authenticated Users will not be running the GPO. You have to have the > Apply Group Policy right in order for it to apply. Either by adding it > manually through the Advanced button on the Delegation tab, or by using the > security filtering tab, which does it for you, Having only read does not > give you the ability to apply the GPO. > > HTH > *Christopher Bodnar* > Enterprise Architect I, Corporate Office of Technology:Enterprise > Architecture and Engineering Services Tel 610-807-6459 > 3900 Burgess Place, Bethlehem, PA 18017 > christopher_bod...@glic.com > > > * > The Guardian Life Insurance Company of America* > * > **www.guardianlife.com* <http://www.guardianlife.com/> > > > > > > > From:James Rankin > To:"NT System Admin Issues" > > Date:11/14/2012 08:39 AM > Subject:Re: GPO issue > -- > > > > It definitely wasn't inherited. One thing I have noticed though if you add > the Authenticated Users group through the Security Filtering function you > get *Read* *and* *Apply GPO* permissions. If you add it through the > Delegation tab you can only apply Read permissions unless you go through > the Advanced tab. > > If you've explicitly removed Authenticated Users from the Security Filter > tab and add only GroupA and GroupB so that they are the groups receiving > the GPO, if someone adds the Authenticated Users back via Delegation and > gives them Read permissions, does that then apply the GPO to the > Authenticated Users group even though you've removed them from the Security > Filter? That's what I was trying to ask, but I think the fact I noticed > above about the Apply GPO permission may have answered that question for me > :-) > > On 14 November 2012 13:20, Christopher Bodnar <* > christopher_bod...@glic.com* > wrote: > You are correct, somehow the Authenticated Users was added to the > Delegation tab, unless it was inherited, but I doubt that. Does it say No > under the inherited column? > > Not sure what you mean by this: > * > "And does this mean that the groups defined in the Security Filtering > section will effectively be overridden? "* > > *Christopher Bodnar* > Enterprise Architect I, Corporate Office of Technology:Enterprise > Architecture and Engineering Services Tel *610-807-6459* <610-807-6459> > 3900 Burgess Place, Bethlehem, PA 18017 > christopher_bod...@glic.com > * > > The Guardian Life Insurance Company of America** > ** > **www.guardianlife.com* <http://www.guardianlife.com/> > > > > > > From:James Rankin <*kz2...@googlemail.com* > > > To:"NT System Admin Issues" <* > ntsysadmin@lyris.sunbelt-software.com* > > > Date:11/14/2012 07:11 AM > Subject:GPO issue > -- > > > > > I have noticed that some GPOs in use here are Security Filtered to certain > AD groups, and Authenticated Users has been removed from the default > Security Filter. This is all very normal and good. > > However, switching to the Delegation tab of the GPO, I see Authenticated > Users listed with Read permission - but not with the "(from Security > Filtering)" suffix. This means that someone has specifically added > Authenticated Users to the Delegation tab, I think? And does this mean that > the groups defined in the Security Filtering section will effectively be > overridden? I just want to check I am correct before I go complaining :-) I > created a test GPO and it seems to indicate that I am correct, but I like > to double-check first > > Cheers, > > > > > -- * > James Rankin* > Technical Consultant (ACA, CCA, MCTS)* > **http://appsensebigot.blogspot.co.uk*<http://appsensebigot.blogspot.co.uk/> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ > <*http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/*<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>> > ~ > > --- > To manage subscriptions click here: * > http://lyris.sunbelt-software.com/read/my_forums/*<http://lyris.sunbelt-software.com/read/my_forums/> > or send an email to > *listmana...@lyris.sunbeltsoftware.com* > with the body: unsubscribe ntsysadmin > > - This message, and any > attachments to it, may contain information that is privileged,
Re: GPO issue
It definitely wasn't inherited. One thing I have noticed though if you add the Authenticated Users group through the Security Filtering function you get *Read* *and* *Apply GPO* permissions. If you add it through the Delegation tab you can only apply Read permissions unless you go through the Advanced tab. If you've explicitly removed Authenticated Users from the Security Filter tab and add only GroupA and GroupB so that they are the groups receiving the GPO, if someone adds the Authenticated Users back via Delegation and gives them Read permissions, does that then apply the GPO to the Authenticated Users group even though you've removed them from the Security Filter? That's what I was trying to ask, but I think the fact I noticed above about the Apply GPO permission may have answered that question for me :-) On 14 November 2012 13:20, Christopher Bodnar wrote: > You are correct, somehow the Authenticated Users was added to the > Delegation tab, unless it was inherited, but I doubt that. Does it say No > under the inherited column? > > Not sure what you mean by this: > > *"And does this mean that the groups defined in the Security Filtering > section will effectively be overridden? "* > > > *Christopher Bodnar* > Enterprise Architect I, Corporate Office of Technology:Enterprise > Architecture and Engineering Services Tel 610-807-6459 > 3900 Burgess Place, Bethlehem, PA 18017 > christopher_bod...@glic.com > > > * > The Guardian Life Insurance Company of America* > * > **www.guardianlife.com* <http://www.guardianlife.com/> > > > > > > > From:James Rankin > To:"NT System Admin Issues" > > Date:11/14/2012 07:11 AM > Subject:GPO issue > -- > > > > I have noticed that some GPOs in use here are Security Filtered to certain > AD groups, and Authenticated Users has been removed from the default > Security Filter. This is all very normal and good. > > However, switching to the Delegation tab of the GPO, I see Authenticated > Users listed with Read permission - but not with the "(from Security > Filtering)" suffix. This means that someone has specifically added > Authenticated Users to the Delegation tab, I think? And does this mean that > the groups defined in the Security Filtering section will effectively be > overridden? I just want to check I am correct before I go complaining :-) I > created a test GPO and it seems to indicate that I am correct, but I like > to double-check first > > Cheers, > > > > > -- * > James Rankin* > Technical Consultant (ACA, CCA, MCTS)* > **http://appsensebigot.blogspot.co.uk*<http://appsensebigot.blogspot.co.uk/> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ > <*http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/*<http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>> > ~ > > --- > To manage subscriptions click here: * > http://lyris.sunbelt-software.com/read/my_forums/*<http://lyris.sunbelt-software.com/read/my_forums/> > or send an email to > *listmana...@lyris.sunbeltsoftware.com* > with the body: unsubscribe ntsysadmin > > - This message, and any > attachments to it, may contain information that is privileged, > confidential, and exempt from disclosure under applicable law. If the > reader of this message is not the intended recipient, you are notified that > any use, dissemination, distribution, copying, or communication of this > message is strictly prohibited. If you have received this message in error, > please notify the sender immediately by return e-mail and delete the > message and any attachments. Thank you. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin<>
GPO issue
I have noticed that some GPOs in use here are Security Filtered to certain AD groups, and Authenticated Users has been removed from the default Security Filter. This is all very normal and good. However, switching to the Delegation tab of the GPO, I see Authenticated Users listed with Read permission - but not with the "(from Security Filtering)" suffix. This means that someone has specifically added Authenticated Users to the Delegation tab, I think? And does this mean that the groups defined in the Security Filtering section will effectively be overridden? I just want to check I am correct before I go complaining :-) I created a test GPO and it seems to indicate that I am correct, but I like to double-check first Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Off Topic - Internet Usage Tracking Software
I used both the hardware appliance and the software version. The info they give is superb. Nice to here it can now also do a bit of 2.0-style filtering. One gripe I did have with WebSense was that they were slow to embrace new versions of Citrix. We deployed a XenApp 6 farm only to find that WebSense had no plans for an agent that worked on anything higher than XenApp 5.0. It's very annoying when a whole server full of users get the same internet usage policy applied when they should all receive different ones - especially when one of the affected users is the CEO. If you're a Citrix shop who want to use WebSense, avoid my poorly-researched pain and check the supported versions first! Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk On 13 November 2012 17:21, Rebecca Westhoff wrote: > I agree with the steep learning curve on Websense. Once learned it does > give a great deal of detailed information. We went with Websense Triton > and can block SSL traffic. Excellent granular control. We can allow users > to go to our facebook page but not to other pages on facebook. > > -Original Message- > From: Rankin, James R [mailto:kz2...@googlemail.com] > Sent: Monday, November 12, 2012 10:48 AM > To: NT System Admin Issues > Subject: Re: Off Topic - Internet Usage Tracking Software > > I used to get good results from the WebSense stuff, which is available as > hardware or software, but the initial setup learning curve can be a little > steep IMHO > > --Original Message-- > From: Sharie Breaux > To: NT System Admin Issues > ReplyTo: NT System Admin Issues > Subject: Off Topic - Internet Usage Tracking Software > Sent: 12 Nov 2012 15:28 > > Anyone out there have experience with this type of software? If so, which > do you use and a short reason why. My company is asking me to look into > and I have no experience and neither does my outside consultant. > > Thanks! > Sharie > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ---Blackberried > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ < > http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: AppData - to redirect or not to redirect?
I still see plenty of people using roaming or mandatory profiles along with redirected folders (for Desktop and My Documents mostly). Which basically just means that if they start copying HUGE files onto their Desktop or into the Documents folder, there isn't any lag copying it in and out from the network. I remember that point now about IE Favorites causing traffic spikes once you've mentioned it - I will add that to my list of stuff :-) On 13 November 2012 14:31, Webster wrote: > I usually redirect only My Docs. > > ** ** > > If using IE, redirecting Favorites can cause traffic spikes. If using > Java apps, redirecting AppData can cause a lot of traffic. > > ** ** > > Most places I go to help implement PVS and XenApp use either a published > Desktop with one or two apps or they use Web Interface with just a few > apps. These places do not publish any Office apps. In these cases, no > redirection of anything is necessary. The customer will use some type of > mandatory or roaming profile (MS, Citrix, AppSense, etc). > > ** ** > > ** ** > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Subject:* Re: AppData - to redirect or not to redirect? > > ** ** > > Totally agree with testing to find out what will be the best solutionI > was just wondering whether the real-world experiences of the list were in > line with what I'd expect to see. > > I know that guys like Shawn and Helge (and Aaron Parker too, incidentally, > he's another of the anti-AppData crew) should be listened to, but the > client I am working for at the moment is arguing the toss with me about > this (because their favourite consultants recommended that it should be > redirected), and I was curious to see what the general opinion in the > community was around it. > > It would be helpful to me right now if Shawn and Aaron had already done > that presentation they were considering about this subject that they > mentioned on Twitter :-) > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: AppData - to redirect or not to redirect?
Totally agree with testing to find out what will be the best solutionI was just wondering whether the real-world experiences of the list were in line with what I'd expect to see. I know that guys like Shawn and Helge (and Aaron Parker too, incidentally, he's another of the anti-AppData crew) should be listened to, but the client I am working for at the moment is arguing the toss with me about this (because their favourite consultants recommended that it should be redirected), and I was curious to see what the general opinion in the community was around it. It would be helpful to me right now if Shawn and Aaron had already done that presentation they were considering about this subject that they mentioned on Twitter :-) Cheers, -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk On 13 November 2012 13:58, Webster wrote: > Shawn Bass (fellow CTP and your fellow ACA) is firmly opposed to > redirecting AppData, especially is using Java apps. But any issues exposed > by redirecting anything are what the PoC and Pilot testing are supposed to > help uncover. That is if you even bother looking at underlying performance. > > > ** ** > > Since Helge Klein is a bits and bytes level hardcore Windows programmer, > his conclusions carry a lot of weight with me (plus he is a fellow CTP and > a friend). > > ** ** > > ** ** > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > ** ** > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Subject:* AppData - to redirect or not to redirect? > > ** ** > > Speaking mainly about RDS/XenApp/SBC platforms, I'm wondering what the > list's general opinion is on using Folder Redirection for AppData? The > general feeling (from my point of view, anyway) seems to be that it > improves logon time, but creates a real problem with performance. I was > wondering what everyone else's opinion is on it? I generally try to use a > third-party solution that avoids having to make this choice, but I have a > couple of clients where I appear to be at loggerheads with what other > consultants are telling them. All comments would be welcome. > > Helge Klein did a decent write-up about it here > http://www.sepago.de/e/helge/2010/05/31/should-appdata-be-redirected-or-left-in-the-user-profilewhich > seems to bear out a bit of what I was thinking. > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: AppData - to redirect or not to redirect?
I was referring to actually configuring redirection of the AppData folder from the profile to the network, yeah. UPM does do that, unless you've specifically excluded the AppData folder from UPM. I've seen that done. Curious, if you use UPM, do you use the file streaming option? That would reduce the amount of writes to the network and would probably be a "best of both worlds" solution as it only commits data at certain times. Cheers, J On 13 November 2012 12:42, Tom Miller wrote: > I use it. I'm using Citrix UPM now and it's much faster than traditional > folder redirection (you are talking about profiles I assume). For some > applications we use here, like General Dynamics, a single profile makes > configuration easier. > > >>> James Rankin 11/13/2012 7:19 AM >>> > > Speaking mainly about RDS/XenApp/SBC platforms, I'm wondering what the > list's general opinion is on using Folder Redirection for AppData? The > general feeling (from my point of view, anyway) seems to be that it > improves logon time, but creates a real problem with performance. I was > wondering what everyone else's opinion is on it? I generally try to use a > third-party solution that avoids having to make this choice, but I have a > couple of clients where I appear to be at loggerheads with what other > consultants are telling them. All comments would be welcome. > > Helge Klein did a decent write-up about it here > http://www.sepago.de/e/helge/2010/05/31/should-appdata-be-redirected-or-left-in-the-user-profilewhich > seems to bear out a bit of what I was thinking. > > Thanks, > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > Confidentiality Notice: This e-mail message, including attachments, is > for the sole use of the intended recipient(s) and may contain confidential > and privileged information. Any unauthorized review, use, disclosure, or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: AppData - to redirect or not to redirect?
I was referring to actually configuring redirection of the AppData folder from the profile to the network, yeah. Curious, if you use UPM, do you use the file streaming option? That would reduce the amount of writes to the network and would probably be a "best of both worlds" solution as it only commits data at certain times. Cheers, J On 13 November 2012 12:42, Tom Miller wrote: > I use it. I'm using Citrix UPM now and it's much faster than traditional > folder redirection (you are talking about profiles I assume). For some > applications we use here, like General Dynamics, a single profile makes > configuration easier. > > >>> James Rankin 11/13/2012 7:19 AM >>> > > Speaking mainly about RDS/XenApp/SBC platforms, I'm wondering what the > list's general opinion is on using Folder Redirection for AppData? The > general feeling (from my point of view, anyway) seems to be that it > improves logon time, but creates a real problem with performance. I was > wondering what everyone else's opinion is on it? I generally try to use a > third-party solution that avoids having to make this choice, but I have a > couple of clients where I appear to be at loggerheads with what other > consultants are telling them. All comments would be welcome. > > Helge Klein did a decent write-up about it here > http://www.sepago.de/e/helge/2010/05/31/should-appdata-be-redirected-or-left-in-the-user-profilewhich > seems to bear out a bit of what I was thinking. > > Thanks, > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > Confidentiality Notice: This e-mail message, including attachments, is > for the sole use of the intended recipient(s) and may contain confidential > and privileged information. Any unauthorized review, use, disclosure, or > distribution is prohibited. If you are not the intended recipient, please > contact the sender by reply e-mail and destroy all copies of the original > message. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Transferring FSMO roles
Beaten to it :-) On 12 November 2012 18:32, Webster wrote: > It works “peachily”. J > > ** ** > > ** ** > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > ** ** > > *From:* David Lum [mailto:david@nwea.org] > *Subject:* RE: Transferring FSMO roles > > ** ** > > H, I didn’t know about this trick. > > ** ** > > Thanks Webster! > > ** ** > > *From:* Webster [mailto:webs...@carlwebster.com ] > > *Subject:* RE: Transferring FSMO roles > > ** ** > > Or better yet, create a GPO to auto configure the DC that holds the PDCe > FSMO role. Then you don’t have to worry about it. > > ** ** > > > http://blogs.technet.com/b/askds/archive/2008/11/13/configuring-an-authoritative-time-server-with-group-policy-using-wmi-filtering.aspx > > > ** ** > > ** ** > > Carl Webster > > Consultant and Citrix Technology Professional > > http://www.CarlWebster.com <http://www.carlwebster.com/> > > ** ** > > *From:* Damien Solodow > [mailto:damien.solo...@harrison.edu] > > *Subject:* RE: Transferring FSMO roles > > ** ** > > Sort of. J > > The PDC emulator role will be the authoritative time server for the > domain, so you’ll need to configure it accordingly for an upstream > time-source. > > ** ** > > Make sure the new DC is also a GC; you’ll be in a lot of hurt if you don’t > have GCs. J > > ** ** > > ** ** > > *From:* David Lum [mailto:david@nwea.org ] > *Subject:* Transferring FSMO roles > > ** ** > > I rolled out a W2K8DC this weekend to a domain that previously didn’t have > a 2K8 DC. One of my next tasks is to transfer FSMO roles off the 2003 DC’s > - as they are on ancient hardware - to the new DC. As near as I can tell, > the PDC role (since it’s the timekeeper) is the only one needing real > thought in a single domain environment. Sound right? > > ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
ntsysadmin@lyris.sunbelt-software.com
I'd like to see Symantec acquire Adobe, if only for the belief that they couldn't possibly make Adobe Reader any worse On 8 November 2012 17:28, Jonathan Link wrote: > What wasn't? :P > > > On Thu, Nov 8, 2012 at 11:57 AM, Rankin, James R > wrote: > >> ** >> No, but I bet it was better before Symantec got hold of it >> ---Blackberried >> -- >> *From: *Jonathan Link >> *Date: *Thu, 8 Nov 2012 11:40:59 -0500 >> *To: *NT System Admin Issues >> *ReplyTo: *"NT System Admin Issues" < >> ntsysadmin@lyris.sunbelt-software.com> >> *Subject: *Re: Symantec %@(*&OI:TNGF(P* >> >> Do you have a suitable repalcement for PGP Whole Disk Encryption that >> includes centralized management and SSO capabilities? >> >> >> On Thu, Nov 8, 2012 at 11:32 AM, James Rankin wrote: >> >>> No, the first rule of Symantec is you don't use any of their products >>> :-) >>> >>> >>> On 8 November 2012 16:23, Steven Peck wrote: >>> >>>> The first rule of Symantec is you don't talk about symantec >>>> >>>> >>>> On Thu, Nov 8, 2012 at 6:54 AM, Robert Cato wrote: >>>> >>>>> >>>>> It is SEP12, I'm sorry I do not know the definition file, that is >>>>> handled by the security group...and they don't really want to talk about >>>>> Symantec right now. >>>>> >>>>> >>>>> On Thu, Nov 8, 2012 at 9:05 AM, Erik Goldoff wrote: >>>>> >>>>>> curious, SEP 11 or 12, and what definitions when this happened ? >>>>>> >>>>>> Thanks >>>>>> >>>>>> On Thu, Nov 8, 2012 at 8:57 AM, Robert Cato >>>>>> wrote: >>>>>> >>>>>>> >>>>>>> Yep, all on its own. Granted this was based on setting that were >>>>>>> made during installation, based on recommendations from the onstie >>>>>>> Symantec >>>>>>> vendor/engineer. >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Thu, Nov 8, 2012 at 8:48 AM, Kennedy, Jim < >>>>>>> kennedy...@elyriaschools.org> wrote: >>>>>>> >>>>>>>> “SEP quarantined the files and then went to all machines on the >>>>>>>> network and quarantined them on all machines…” >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> Holy smokes, it decided to do that on it’s own? And quarantined the >>>>>>>> machines that had NOT been updated yet? >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> So glad I don’t run AV. >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>>>>> *Sent:* Thursday, November 08, 2012 8:45 AM >>>>>>>> >>>>>>>> *To:* NT System Admin Issues >>>>>>>> *Subject:* Re: Symantec %@(*&OI:TNGF(P* >>>>>>>> >>>>>>>> ** ** >>>>>>>> >>>>>>>> Ken >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> These two updates were only installed on a couple of Win7 machines >>>>>>>> at most. They were approved during the day for install overnight, a >>>>>>>> couple >>>>>>>> of users saw the pop-up and installed. SEP quarantined the files and >>>>>>>> then >>>>>>>> went to all machines on the network and quarantined them on all >>>>>>>> machines >>>>>>>> (Win7, Vista, and XP). >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> It would be nice if we had a separate network, but I'm not sure >>>>>>>> that will get approved. >>>>>>>> >>>>>>>> >>>>>>>> >>>>
ntsysadmin@lyris.sunbelt-software.com
;>>>> Robert >>>>> >>>>> >>>>> >>>>> On Wed, Nov 7, 2012 at 9:37 PM, Ken Schaefer >>>>> wrote: >>>>> >>>>> No matter who you migrate to, you’ll also run into issues (false >>>>> positives seem to occur all the time, with all vendors). >>>>> >>>>> >>>>> >>>>> Did you test the patches before releasing to Production? Might be >>>>> worth beefing up the testing regime. >>>>> >>>>> >>>>> >>>>> *From:* Robert Cato [mailto:cato.rob...@gmail.com] >>>>> *Sent:* Thursday, 8 November 2012 5:22 AM >>>>> >>>>> *To:* NT System Admin Issues >>>>> *Subject:* Symantec %@(*&OI:TNGF(P* >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> FYI >>>>> >>>>> >>>>> >>>>> We approved two MS patches yesterday (KB2574819 KB2592687) in WSUS. >>>>> One user installed the two updates in the afternoon and Symantec Endpoint >>>>> Protection 12 with several advanced features enabled (threat protection, >>>>> hurestics, SONAR, etc). SEP quarrantined 15 system files, run32.dll among >>>>> them. The real problems started when SEP decided to quarantine the files >>>>> across all ~600 workstations taking us completely offline. >>>>> >>>>> >>>>> >>>>> The fix was to boot each workstation into safe mode and removing SEP.* >>>>> *** >>>>> >>>>> >>>>> >>>>> It was a long night. >>>>> >>>>> >>>>> >>>>> The good news: >>>>> >>>>> None of the advanced features were enabled on the servers. >>>>> >>>>> We are migrating away from SEP as of this morning. >>>>> >>>>> >>>>> >>>>> Robert >>>>> >>>>> >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>>> >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>>> ** ** >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>>> >>>>> --- >>>>> To manage subscriptions click here: >>>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>>> with the body: unsubscribe ntsysadmin >>>>> >>>> >>>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>>> >>>> --- >>>> To manage subscriptions click here: >>>> http://lyris.sunbelt-software.com/read/my_forums/ >>>> or send an email to listmana...@lyris.sunbeltsoftware.com >>>> with the body: unsubscribe ntsysadmin >>>> >>> >>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >>> >>> --- >>> To manage subscriptions click here: >>> http://lyris.sunbelt-software.com/read/my_forums/ >>> or send an email to listmana...@lyris.sunbeltsoftware.com >>> with the body: unsubscribe ntsysadmin >>> >> >> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ >> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> >> --- >> To manage subscriptions click here: >> http://lyris.sunbelt-software.com/read/my_forums/ >> or send an email to listmana...@lyris.sunbeltsoftware.com >> with the body: unsubscribe ntsysadmin >> > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: VDI in a Box?
One final point - don't forget that XenApp ("traditional" Citrix, as it
were) can provide a lot of the "VDI" features through a published desktop.
I've seen many places looking at VDI solutions that didn't consider
published desktops in XenApp. A lot of these implementations didn't need
VDI (either VIAB or XenDesktop) - XenApp ticked most of the boxes they
required, and it worked out considerably cheaper.
On 6 November 2012 16:59, Matthew W. Ross wrote:
> Hey list.
>
> We're just starting to re-visit desktop virtualization. Here's a simple
> question for you:
>
> What the difference between Citrix's "VDI-in-a-Box" vs traditional VDI
> solutions? Opinions on where it fits in Desktop Virtualization are welcome.
>
>
> --Matt Ross
> Ephrata School District
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
--
*James Rankin*
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Re: VDI in a Box?
Ease of deployment and expansion. If you use the Dell stuff along with VDI-In-A-Box, you basically just buy what you need, stand it up and add more as necessary. It's dead easy to get it set up and running - hence the name. However - there is currently no migration process between the higher-end VDI solutions that Citrix offer (XenDesktop) and VDI-In-A-Box. So if you start with VIAB and decide you need the better management tools and features of XenDesktop, you'd have to rip VIAB out and start again. But VIAB is not just for "small" deployments and XenDesktop for large ones - it just depends on the features you require. I've seen big deployments of VIAB and small implementations of XenDesktop. It really depends on how complex you envisage your VDI infrastructure getting. If you are deploying a standard image and don't need a lot of persistent desktops, VIAB may fit your needs well. It's ridiculously easy to add more grids and expand the deployment. But there's also a price difference to take into account that may or may not be suitable for you dependent on other Citrix licenses you may possess. I think Citrix should have a matrix of features between the two somewhere. This may give you an overview of these two and some others as well http://www.brianmadden.com/blogs/rubenspruijt/archive/2012/08/24/smackdown-your-vdesktop-head-to-head-analysis-of-citrix-xendesktop-microsoft-vdi-remotefx-quest-vworkspace-and-vmware-view.aspx On 6 November 2012 16:59, Matthew W. Ross wrote: > Hey list. > > We're just starting to re-visit desktop virtualization. Here's a simple > question for you: > > What the difference between Citrix's "VDI-in-a-Box" vs traditional VDI > solutions? Opinions on where it fits in Desktop Virtualization are welcome. > > > --Matt Ross > Ephrata School District > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: A question about Virtualization
I haven't done much ThinApp, to be fair. How easy is it to package stuff up? I find App-V dead easy, but then again it was the first thing I used for it. My other main packaging experience was with Citrix Streaming, and that ain't great at all. One thing I will say for App-V is that it's dead easy to deliver it through Citrix if you've got that kind of layered infrastructure. You don't even need the App-V streaming conduit - you just point a published app to the App-V client and add the right switches, and you can deliver the App-V stuff right through the Citrix plugins like an normal installed app. App-V also integrates nicely with AppSense and particularly their Personalization Server piece, which makes it another popular choice for the kind of deployments I do. I was just wondering how far the OP is wanting to take their entire "virtualization" strategy? Certainly once you get into the deeper parts of profile and application virtualization you can put together a solution based around a vast amount of different combinations of technologies rather than the more limited options available on a server or desktop virtualization level. Cheers, JR On 6 November 2012 16:39, John Cook wrote: > I mostly agree with James with the exception of App-V, VMWare Thinapp > requires no local client to run packages so IMHO it’s a cleaner > distribution package. > > > > *John W. Cook* > > *Network Operations Manager* > > *Partnership For Strong Families* > > *5950 NW 1st Place* > > *Gainesville, Fl 32607* > > *Office (352) 244-1610* > > *Cell (352) 215-6944* > > *MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP**4, VTSP4* > > > > *From:* James Rankin [mailto:kz2...@googlemail.com] > *Sent:* Tuesday, November 06, 2012 11:35 AM > > *To:* NT System Admin Issues > *Subject:* Re: A question about Virtualization > > > > Server virtualization? > Desktop virtualization? > Application virtualization? > Profile/user virtualization? > > All different parts of the virtualization tree. > > If you are talking server, VMWare and Microsoft are probably the biggest > players > Desktops - I wouldn't look any further than Citrix > Application - Microsoft App-V is the best IMHO > Profile/user - AppSense > > > On 6 November 2012 16:28, itli...@imcu.com wrote: > > I have no experience with Virtualized anything. > > I have read VMware is better than Citrix. > > What kind of hardware do I put all of this on? > > A Blade server with a SAN back end? > > I really have no opinions or experience on any of this. > > Please don’t flame me to badly. > > Thanks > > David > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > > -- > *James Rankin* > Technical Consultant (ACA, CCA, MCTS) > http://appsensebigot.blogspot.co.uk > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > -- > > CONFIDENTIALITY STATEMENT: The information transmitted, or contained or > attached to or with this Notice is intended only for the person or entity > to which it is addressed and may contain Protected Health Information > (PHI), confidential and/or privileged material. Any review, transmission, > dissemination, or other use of, and taking any action in reliance upon this > information by persons or entities other than the intended recipient > without the express written consent of the sender are prohibited. This > information may be protected by the Health Insurance Portability and > Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. > Improper or unauthorized use or disclosure of this information could result > in civil and/or criminal penalties. > Consider the environment. Please don't print this e-mail unless you really > need to. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with t
Re: A question about Virtualization
Server virtualization? Desktop virtualization? Application virtualization? Profile/user virtualization? All different parts of the virtualization tree. If you are talking server, VMWare and Microsoft are probably the biggest players Desktops - I wouldn't look any further than Citrix Application - Microsoft App-V is the best IMHO Profile/user - AppSense On 6 November 2012 16:28, itli...@imcu.com wrote: > I have no experience with Virtualized anything. > > I have read VMware is better than Citrix. > > What kind of hardware do I put all of this on? > > A Blade server with a SAN back end? > > I really have no opinions or experience on any of this. > > Please don’t flame me to badly. > > Thanks > > David > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- *James Rankin* Technical Consultant (ACA, CCA, MCTS) http://appsensebigot.blogspot.co.uk ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
