RE: XP Pro workstation on VMware
Subsequent Ctrl-Alt-Del signals result in a black console with a blinking _ in the upper left corner. SO, I have to delete that VM and start from scratch... When I run into this, I check the option to go force the VM into BIOS on next reboot. Then after exiting BIOS, you'll get the option to press ESC to choose a boot option again. It's fairly frustrating and I'd love to know why CTRL-ALT-DEL doesn't seem to stick, but it is much better than deleting the VM J From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Monday, December 28, 2009 9:50 AM To: NT System Admin Issues Subject: XP Pro workstation on VMware Greetings! I am needing to set up an XP Pro workstation in VMware. My problem comes when seeking a disk in the initial Windows setup... If I do not hit F6 to specify a mass storate device, the install fails. Then, for some reason, I am no longer able to boot off the ISO image. Subsequent Ctrl-Alt-Del signals result in a black console with a blinking _ in the upper left corner. SO, I have to delete that VM and start from scratch... Hitting F6, I am given the choices of either not specifying a mass storage device (ie, hard drive) and continuing. We know that gets me nowwhere... The alternative choice is to hit S. With that, I am told to insert (that is, mount an image as a floppy drive) with the drivers for a virutal SCSI disk. When I try to build the VM, I do not seem to be able to trick the system into making the virtual disk I create to act as either an IDE or a SATA drive. It seems to insist on being SCSI. SO, is there any way to set up a blank VM that believes its hard drive to be IDE or SATA? Otherwise, is there a VMWare SCSI driver I can mount as a virutal floppy? OH YEAH - VMWare ESX 3.5; VM Infrastructure 2.5... Thanks! -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org http://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Process Monitor
Process Monitor shows you all activity relating to files and registry keys. So, you can watch every process running and see what files and registry keys its creating/modifying/reading/etc. This comes in handy when you have an application that thinks it needs admin rights to run. Often, this is caused b the application writing to some file/reg location that standard users don't have write access to. So, using procmon, you can run the application as a standard user, and look in the procmon log for access denieds. That lets you know what the app needs access to. You can then give users full control to that location. This is definitely more an art than a science, but with practice, it's not too bad. In the vast majority of cases, the problem location has been Program Files\AppName or HKLM\Software\AppName. Giving users full control of those two folders/keys usually fixes it. From: David W. McSpadden [mailto:dav...@imcu.com] Sent: Thursday, January 07, 2010 8:41 AM To: NT System Admin Issues Subject: Process Monitor I read the procmon would show me the access rights to a file so I could lock a server/computer down to the minimum required perms. I have it downloaded and running but I don't see anything about perms??? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Internet Policy
A Power User is an Administrator who hasn't made themselves one yet. Jesper Johannson http://blogs.technet.com/jesper_johansson/archive/2006/03/12/421870.aspx Mark Russinovich http://blogs.technet.com/markrussinovich/archive/2006/05/01/the-power-in -power-users.aspx From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, January 14, 2010 8:42 AM To: NT System Admin Issues Subject: RE: Internet Policy Sounds reasonable to me. I wish I could enforce a more restrictive policy than we do here, but I really don't have the resources to enforce much of anything. We have people using FaceBook/MySpace and doing online shopping, etc. I've told people numerous times not to download anything, period, without explicit permission, but they tend to do so anyway, up to and including installing apps. I finally had enough of people installing crap with spyware attached and pretty much removed local admin permissions and made most users Power Users so they can have enough permissions to run stuff, but not install anything! So far that seems to be working. As I work on desktop machines, I find coupon printer software and other crap that has been installed over the years and clean it out. Back to the topic at hand, I think that's a reasonable policy. I would suggest outlawing social networking sites and game sites (yahoo games) as those often seem to have spyware/adware associated with them and even just playing online games could lead to a drive by install of malware due to exploits. From: James Kerr [mailto:cluster...@gmail.com] Sent: Thursday, January 14, 2010 9:35 AM To: NT System Admin Issues Subject: Internet Policy I know this has been discussed in the past but I'm in the process of making changes to ours so I was interested in a little input from my peers. We have always had a policy of not allowing our desktops, email and Internet connection to be used for personal use at all. That being said we have always turned a blind eye to occasional personal use through the day. This has been a problem for us. Now we are looking to change the policy to reflect that we do allow this type of use. We want the staff to know that's its ok but we also want them to know what's not ok. I was looking to basically say the following. Some personal Internet use is allowed but must not interfere with the performance of work duties and responsibilities. Personal Internet use must be restricted to reasonable sites and materials such as news or information that might be considered reasonable if read as a text publication in an office environment. I'm also going to add that downloading files is not allowed unless approved by IT and that this includes email attachments from personal email as well. Any thoughts? James ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpgimage002.jpg
RE: RMDIR and Wildcards
You need to throw in a /d if you want to match against directories For /d %f in (path\directory*) do rd /s %f From: Gavin Wilby [mailto:gavin.wi...@gmail.com] Sent: Thursday, January 14, 2010 10:38 AM To: NT System Admin Issues Subject: Re: RMDIR and Wildcards Hi Tim, Are you sure that syntax is correct, as it doesnt appear to work here :( Gavin. On Thu, Jan 14, 2010 at 4:25 PM, Tim Evans tev...@sparling.com wrote: for %f in (path\directory*) do rd /s %f Add /Q if you're brave and don't want to be prompted for each one ...Tim From: Gavin Wilby [mailto:gavin.wi...@gmail.com] Sent: Thursday, January 14, 2010 8:05 AM To: NT System Admin Issues Subject: RMDIR and Wildcards Hi, For one reason or another I have a need to automatically remove certain directories (full or otherwise) from a few windows server systems. As rmdir path\directory* /S doesnt appear to work, is there any other way that this can be batched and scheduled? The directories are all called randomnumber.tmp and so I want to wildcard the rmdir. Yes, these are directories NOT tmp files. -- Gavin Wilby, Twitter: http://twitter.com/gavin_wilby GSXR Blog: http://www.stoof.co.uk http://www.stoof.co.uk/ -- Gavin Wilby, Twitter: http://twitter.com/gavin_wilby GSXR Blog: http://www.stoof.co.uk Sent from Whitehaven, Eng, United Kingdom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: robocopy script - deleting aged folders
Throw an E onto your /MOV From the help file: /MOV :: MOVe files (delete from source after copying). /MOVE :: MOVE files AND dirs (delete from source after copying). From: Greg Farber [mailto:gregfar...@gmail.com] Sent: Thursday, January 28, 2010 1:52 PM To: NT System Admin Issues Subject: robocopy script - deleting aged folders I have a ROBOCOPY batch file question please: C:\Parcams is a directory that accumulates dated security camera snapshots. The snapshots for each day are stored in a sub-directory, named after that date, i.e., C:\Parcams\parcams-12-30-2009 I have prepared a script for purging files and folders that are greater than n days old. However, I have not quite got the script right. It successfully deletes the files inside the dated directories, but it leaves the empty directories behind. pic: http://screencast.com/t/OWFlYmEy Here is the text of the script: mkdir c:\dump robocopy C:\PARCAMS C:\dump /E /MOV /MINAGE:60 /R:10 rmdir C:\dump /s /q Here is a screenshot of the results of the batch file: http://screencast.com/t/ZjMyMzVjN Any suggested tweaks? I'd like to have the script remove those empty directories too. Thanks! ~Greg ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Backup Exec 2010?
My decision to drop Symantec BE for Microsoft DPM, Anti-Virus for Vipre, and Ghost for RIS/WDM is due in no small part to their ridiculous licensing system. Maybe it's just me, but I have the hardest time jumping through their hoops to get my magic key. Half the time, the site was down. Often the license certificate listed a serial number, but they wanted a product code...or registration code...or PO number...or who knows what. I assure you the pirates aren't having as much trouble installing as this *former* customer did. From: Bill Lambert [mailto:blamb...@concuity.com] Sent: Tuesday, February 02, 2010 4:20 PM To: NT System Admin Issues Subject: RE: Backup Exec 2010? I'm still waiting for my upgrade letter from Symantec. I think that speaks volumes. Bill Lambert Concuity Phone 847-941-9206 The information contained in this e-mail message, including any attached files, is intended only for the personal and confidential use of the recipient(s) named above. If you are not the intended recipient (or authorized to receive information for the recipient) you are hereby notified that you have received this communication in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please contact the sender by reply email and delete all copies of this message. Thank you. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Tuesday, February 02, 2010 3:56 PM To: NT System Admin Issues Subject: Re: Backup Exec 2010? Other than the vendor? On Tue, Feb 2, 2010 at 4:50 PM, Roger Wright rhw...@gmail.com wrote: Any caveats regarding making the move to BE 2010? Die dulci fruere! Roger Wright ___ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Rediculous Support Clause
And the ones that tax the system should pay more. Maybe we should make this discussion political J What product are we talking about btw? I know VMWare tried to pull this same thing on us. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, February 03, 2010 6:28 PM To: NT System Admin Issues Subject: Re: Rediculous Support Clause And for every customer that doesn't need/use support, there are 5 that tax the system. It tends to balance out. -ASB: http://xeesm.com/AndrewBaker Sent from my Verizon Smartphone From: Jeff Johnson jjohn...@hydraflowusa.com Date: Wed, 3 Feb 2010 15:24:06 -0800 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: RE: Rediculous Support Clause Unfortunately that may be true, but they have a great product and it is VERY stable. We did not renew our support with them after we had it for 3 years, because we never needed it. Three years later when we wanted to upgrade to a current version, we got hit with 3 years of past support plus the current year and one additional year, even though we never needed a darn thing. Again, it is time to renew, but we have no plans on using the support for another 3+ years. Ugh! Jeff Johnson Systems Administrator 714-773-2600 Office 714-773-6351 Fax From: Gary Whitten [mailto:li...@undiscoveredworlds.com] Sent: Wednesday, February 03, 2010 3:14 PM To: NT System Admin Issues Subject: RE: Rediculous Support Clause Sounds like 'We have you where we want you so we can dictate terms'. I don't understand why you think it wouldn't be legal as nothing says they have to reinstate you at all. Playing Devil's Advocate here, it's highly likely that if you're in a position to need to be reinstated, it's because something has gone wrong and is likely to be expensive for them. From: Jeff Johnson [mailto:jjohn...@hydraflowusa.com] Sent: Wednesday, February 03, 2010 5:59 PM To: NT System Admin Issues Subject: OT: Rediculous Support Clause Here is a clause in an agreement that I have never understood nor agreed with. I am curious if it is even legal??? In the event You desire support to be reinstated following expiration, You agree: 1) to pay a reinstatement fee equal to the current annual support fee and any unpaid support fees from the date of expiration to the date of reinstatement; and 2) to pay for at least one additional year of support services from the date of reinstatement. Jeff Johnson Systems Administrator 714-773-2600 Office 714-773-6351 Fax ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpg
RE: Printing PDF files
Doesn’t seem too expensive http://shop.ebay.com/?_from=R40_trksid=p3907.m38.l1313_nkw=hp+laserjet+dimm_sacat=See-All-Categories -Original Message- From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, February 04, 2010 11:16 AM To: NT System Admin Issues Subject: RE: Printing PDF files I recently found that the paper handling for my HP LaserJet would only behave properly[1] with the PS driver, and not the PCL driver for some esoteric cases. On the downside, I've since experienced a few out of memory errors on complex print jobs... it appears that the postscript rasterizer is a bit more memory intensive.[2] -sc [1] In this case a 4x6 piece of card stock fed thru the manual feed. The guide tabs on the tray force you to center the card stock when feeding, however the PCL driver acted as if the stock was positioned where the top=left corner of a piece of 8.5x11 paper would have been [2] And of course HP couldn't just use a standard DIMM module on their printers... N... it's some proprietary[3] RAM module [3] Pronounced Ex-pen-sive. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 04, 2010 11:52 AM To: NT System Admin Issues Subject: Re: Printing PDF files Yup. I've always found PS printers (or at least printers that have a good PS driver) to have better output than PCL, even if it is a bit slower. On Thu, Feb 4, 2010 at 07:47, Steven M. Caesare scaes...@caesare.com wrote: Specifically “Display Postscript” IIRC. The NeXT cubes actually ran display postscript for their screen render pipeline for exactly his sort of reason… output device agnosticism. -sc From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 04, 2010 10:44 AM To: NT System Admin Issues Subject: Re: Printing PDF files In addition, PDFs (for text, at least, as opposed to embedded bitmaps/jpegs) are internally encoded in PostScript, so the print/display drivers are tiny PS interpreters. This actually is in the name of portability between platforms - especially *nix. Kurt On Thu, Feb 4, 2010 at 07:24, Steven M. Caesare scaes...@caesare.com wrote: Indeed. PDF’s are basically rasterized within the PDF program itself, and the resulting bitmap is sent to the printer. Word, etc… send the text/font info to the printer, which rasterizes it as part of the printing process. Vector graphics are passed tot eh printer as well, altho bitmap graphics has to be sent as a bitmap blob. The end result tends to be longer print times and larger jobs… all in the name “portability”. -sc From: Chris Orovet [mailto:coro...@atsi-inc.com] Sent: Thursday, February 04, 2010 10:20 AM To: NT System Admin Issues Subject: RE: Printing PDF files When a pdf spools a 5 meg file can easily become a 200-250 meg file. No matter what version of adobe ive used this has always been the case. Here is a 79 kb file that I printed as a comparison: It blew up to almost 400kb amost 5 times the size of the original doc. I did a paperless conversion for my company a few years back. All docs were converted to pdf or word. Word docs had no effect on my printers or print servers. The pdf files slowed everything down. Regards, Chris Orovet Technical Support O: (727)812-0276 Ext. 125 F: (727)812-0278 Email: supp...@atsi-inc.com Web: http://www.atsi-inc.com “Whatever relationships you have attracted in your life at this moment, are precisely the ones you need in your life at this moment. There is a hidden meaning behind all events, and this hidden meaning is serving your own evolution.” ~Chopra Confidentiality Notice: This e-mail message and any attachments are for the sole use of the intended recipient and may contain proprietary, confidential, trade secret or privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited and may be a violation of law. If you are not the intended recipient or a person responsible for delivering this message to an intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message immediately. From: Mark Scott [mailto:msc...@hpg.com] Sent: Thursday, February 04, 2010 10:07 AM To: NT System Admin Issues Subject: Printing PDF files Is it just me, or why do PDF files print so much slower than everything else? I have a user who is printing Adobe PDF v1.6 files (Acrobat 7) to a Canon imagerunner 5020 copier. User is on a very nice XP SP3 box with the latest PCL6 canon driver, printing directly over the network using RAW port 9100. The canon copier has 256MB of memory, a 100Mb nic and a few finishing options attached. Word and Excel files fly threw the copier at normal speeds of 50 pages per min, but the PDF is about half that
RE: IE info-disclosure bug disclosed at Black Hat
You could pull ntuser.dat and read a fair amount of juiciness about where to find some specific file. From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Thursday, February 04, 2010 1:44 PM To: NT System Admin Issues Subject: RE: IE info-disclosure bug disclosed at Black Hat That's a well known folder, not a well known file. Exposure of folder contents does not appear to be included in this flaw. Again, name a well known data file (a specific file that exists for nearly every Windows installation of that Windows version) that could lead to critical harm if disclosed to an attacker. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, February 04, 2010 2:34 PM To: NT System Admin Issues Subject: Re: IE info-disclosure bug disclosed at Black Hat c:\documents and settings\user\My Documents c:\users\user\Documents Many companies, especially small companies store their data here. Our users for the most part store data here for staging purposes when they are out in the field performing an audit. Eventually it gets cleaned out when incorporated into our engagement management software. On Thu, Feb 4, 2010 at 1:42 PM, Carl Houseman c.house...@gmail.com wrote: Secunia doesn't seem to think it's that critical, certainly not in the same league as system-takeover problems. Name any well known data file on my computer that would cause me super critical harm if disclosed. Don't bother with the local SAM, they can have it, since there's no remote access via a local account. Carl -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 04, 2010 12:29 PM To: NT System Admin Issues Subject: Re: IE info-disclosure bug disclosed at Black Hat Super critical, because paths to many well-known data files are always the same. On Thu, Feb 4, 2010 at 09:10, Carl Houseman c.house...@gmail.com wrote: It's not IE6, it's any version of IE that's not in protected mode (so, any version of IE on XP, and or an elevated or UAC-disabled IE under Vista/7). Seems not that super-critical since exploit must know a complete path to a specific file that's going to be revealed. Carl -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Thursday, February 04, 2010 11:57 AM To: NT System Admin Issues Subject: IE info-disclosure bug disclosed at Black Hat MSRC bulletin released, MS Security Advisory released, ZDNet Zero-Day has a story. An information-leakage problem in Internet Explorer has been disclosed at this week's Black Hat conference. It seems that if you use Internet Explorer to surf the Internet, the Bad Guys can now read ANY FILE on your hard drive. Details and info on a Microsoft-issued FixIt solution are in the latest blog entry at http://geoapps.blogspot.com/ -- so if you use IE, especially IE6, please go read up on this and get patching. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Reader, Acrobat, and Flash security updates
To further expand, I'm quite impressed with Adobe's willingness to work within an MSI/Group Policy framework. I find it VERY refreshing to be able to download a working MSI that I can just slap into GP and deploy site-wide. Additionally, their customization wizard for Acrobat reader is excellent for making MSTs. While I'm less than enthused about their endless barrage of patches and security bugs, I'm very thankful that they've made the installation process so painless. Contrast this with QuickTime - blech. In light of that, if filling out their license form is helpful to them, I'm more than happy to oblige. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, February 12, 2010 12:54 PM To: NT System Admin Issues Subject: RE: Reader, Acrobat, and Flash security updates Just to expand, that process is painless. Fill out the form and in a few minutes you get the authorizaion via email. -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Friday, February 12, 2010 1:47 PM To: NT System Admin Issues Subject: Re: Reader, Acrobat, and Flash security updates For Flash you need to register to get a redistribution license. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: MS Blog RE:10-15
Yeah, how dare they not test their patches to ensure compatibility with all viruses? /sarcasm From: Maglinger, Paul [mailto:pmaglin...@scvl.com] Sent: Friday, February 12, 2010 2:15 PM To: NT System Admin Issues Subject: RE: MS Blog RE:10-15 Not my fault! From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Friday, February 12, 2010 1:53 PM To: NT System Admin Issues Subject: Re: MS Blog RE:10-15 Haven't they tried this before? Seems very familiar. On Fri, Feb 12, 2010 at 2:14 PM, paul d pdw1...@hotmail.com wrote: Here's a snippet from MS regarding the 'reboot' patch: Update - Restart Issues After Installing MS10-015 In our continuing investigation in to the restart issues related to MS10-015 http://www.microsoft.com/technet/security/bulletin/ms10-015.mspx that a limited number of customers are experiencing, we have determined that malware on the system can cause the behavior. We are not yet ruling out other potential causes at this time and are still investigating. Hotmail: Powerful Free email with security by Microsoft. Get it now. http://clk.atdmt.com/GBL/go/201469230/direct/01/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpg
RE: What is the latest version of RDP client for Win7?
Is that some kinda play on Fortran? :) -Original Message- From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Friday, February 19, 2010 12:50 PM To: NT System Admin Issues Subject: RE: What is the latest version of RDP client for Win7? Buck Forland! -sc -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, February 19, 2010 1:40 PM To: NT System Admin Issues Subject: Re: What is the latest version of RDP client for Win7? No idea... On Fri, Feb 19, 2010 at 10:35, Steven M. Caesare scaes...@caesare.com wrote: Indeed. It was knowing the code name that was the hard part. Name of fictional MS project manager for code tools in the early 90's? -sc -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, February 19, 2010 12:46 PM To: NT System Admin Issues Subject: Re: What is the latest version of RDP client for Win7? Gets the red out... That was easy. On Fri, Feb 19, 2010 at 08:53, Steven M. Caesare scaes...@caesare.com wrote: Not many people have used SNA... we did as part of Back Office to attach to an AS/400 and System/36. Oof. The code name for the Novell gateway product, which was deigned to prostitute NetWare was Visine. I'll let ya'll figure out why. :) -sc -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, February 19, 2010 11:49 AM To: NT System Admin Issues Subject: Re: What is the latest version of RDP client for Win7? NetBIOS Extended User Interface, but I don't know/remember the other. I used NetBEUI with WfWg 3.0/3.1/3.11 and Netware 3.11, many moons ago. I also used the MSFT SNA server. On Thu, Feb 18, 2010 at 19:01, Steven M. Caesare scaes...@caesare.com wrote: I'll give you a dollar if you can tell me what NetBEUI stands for without looking it up. I'll double that if you can tell me the code name for MS's Gateway Services for NetWare was while under development. And if you cheat and look em up u r l...@m3. -sc -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, February 18, 2010 9:58 PM To: NT System Admin Issues Subject: Re: What is the latest version of RDP client for Win7? Weren't you still on NetBEUI just last week? Heh. On Thu, Feb 18, 2010 at 17:52, Steven M. Caesare scaes...@caesare.com wrote: I’ll probably no longer do so either, but I’ve run Windows without protocol stacks installed/bound previously, and if there’s a dependency, I’d like to see it documented. Otherwise there shouldn’t be a checkbox next to the protocol that makes it just as easy to disable as File and Print sharing, which you can disable with relative impunity. -sc From: Free, Bob [mailto:r...@pge.com] Sent: Thursday, February 18, 2010 8:41 PM To: NT System Admin Issues Subject: RE: What is the latest version of RDP client for Win7? I think that’s expected as it’s the party line from a Microsoft Techwriter. I believe it gets the point across. With what I heard from the PFE that I can’t elaborate on, what Michael alluded and a few other cases I’ve heard of I’m not going to risk disabling it on my servers. It’s not worth it. From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, February 18, 2010 4:12 PM To: NT System Admin Issues Subject: RE: What is the latest version of RDP client for Win7? That’s unfortunately nebulous. -sc From: Free, Bob [mailto:r...@pge.com] Sent: Thursday, February 18, 2010 4:24 PM To: NT System Admin Issues Subject: RE: What is the latest version of RDP client for Win7? The Argument against Disabling IPv6 It is unfortunate that some organizations disable IPv6 on their computers running Windows Vista or Windows Server 2008, where it is installed and enabled by default. Many disable IPv6-based on the assumption that they are not running any applications or services that use it. Others might disable it because of a misperception that having both IPv4 and IPv6 enabled effectively doubles their DNS and Web traffic. This is not true. From Microsoft's perspective, IPv6 is a mandatory part of the Windows operating system and it is enabled and included in standard Windows service and application testing during the operating system development process. Because Windows was designed specifically with IPv6 present, Microsoft does not perform any testing to determine the effects of disabling IPv6. If IPv6 is disabled on Windows Vista, Windows Server 2008, or later versions, some components will not function. Moreover,
RE: Reader, Acrobat, and Flash security updates
I recommend assigning, especially for apps that most people will use...like adobe reader/flash. When it's assigned, it will get installed on startup and no worries. This can slow boot times when there's a new app to install, but that's a fairly small price to pay for consistency, imo. It depends on the app, but I'd recommend assigning to the computer. Some exceptions might be the admin tools or apps with limited licenses, but in general, I prefer other methods of limiting access to apps. It's only deployed once. One thing I do is to check the box to uninstall the app when it falls out of the scope of management. Now when there's a new version of flash, I just remove the old .msi, add the new one and on next boot, the old gets uninstalled, and the new gets reinstalled. It may be a fine line, but it feels more like a fresh install to me with the added plus that if I ever change my mind about having Flash installed campus-wide, I can just remove the GP, and it will uninstall automatically. To me, that's worth the extra time to un/re-install my apps. -Original Message- From: System Manager [mailto:mgr...@whitman.edu] Sent: Friday, February 19, 2010 4:25 PM To: NT System Admin Issues Subject: Re: Reader, Acrobat, and Flash security updates I am new to deploying applications via group policy. I assume the application should be assigned and not published? Should the application be deployed to the user or to the computer? Is the application only deployed once or will it be deployed each time the user logs in and the group policy is applied? Is there any way to track when the application is deployed. -- Kevin Kelly Director, Network Technology Whitman College On 2/12/2010 12:09 PM, Crawford, Scott wrote: To further expand, I'm quite impressed with Adobe's willingness to work within an MSI/Group Policy framework. I find it VERY refreshing to be able to download a working MSI that I can just slap into GP and deploy site-wide. Additionally, their customization wizard for Acrobat reader is excellent for making MSTs. While I'm less than enthused about their endless barrage of patches and security bugs, I'm very thankful that they've made the installation process so painless. Contrast this with QuickTime - blech. In light of that, if filling out their license form is helpful to them, I'm more than happy to oblige. -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, February 12, 2010 12:54 PM To: NT System Admin Issues Subject: RE: Reader, Acrobat, and Flash security updates Just to expand, that process is painless. Fill out the form and in a few minutes you get the authorizaion via email. -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Friday, February 12, 2010 1:47 PM To: NT System Admin Issues Subject: Re: Reader, Acrobat, and Flash security updates For Flash you need to register to get a redistribution license. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Rediculous Support Clause
I didn't renew. 3.5 is working well enough for us and Hyper-V, while certainly less feature rich, may very well be good enough now. I plan to start playing with it soon. From: Kelsey, John [mailto:jckel...@drmc.org] Sent: Wednesday, February 24, 2010 10:59 PM To: NT System Admin Issues Subject: RE: Rediculous Support Clause VMWare did the exact same thing to us. We were out of support when we wanted to go to VSphere 4. Had to pay the previous year's support before we could upgrade, essentially paying for an entire year of support that we never used or needed. Highway robbery! *** John C. Kelsey DuBois Regional Medical Center (: 814.375.3073 *: jckel...@drmc.org mailto:jckel...@drmc.org *** -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Wednesday, February 03, 2010 20:30 To: NT System Admin Issues Subject: RE: Rediculous Support Clause And the ones that tax the system should pay more. Maybe we should make this discussion political J What product are we talking about btw? I know VMWare tried to pull this same thing on us. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, February 03, 2010 6:28 PM To: NT System Admin Issues Subject: Re: Rediculous Support Clause And for every customer that doesn't need/use support, there are 5 that tax the system. It tends to balance out. -ASB: http://xeesm.com/AndrewBaker Sent from my Verizon Smartphone From: Jeff Johnson jjohn...@hydraflowusa.com Date: Wed, 3 Feb 2010 15:24:06 -0800 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.com Subject: RE: Rediculous Support Clause Unfortunately that may be true, but they have a great product and it is VERY stable. We did not renew our support with them after we had it for 3 years, because we never needed it. Three years later when we wanted to upgrade to a current version, we got hit with 3 years of past support plus the current year and one additional year, even though we never needed a darn thing. Again, it is time to renew, but we have no plans on using the support for another 3+ years. Ugh! Jeff Johnson Systems Administrator 714-773-2600 Office 714-773-6351 Fax From: Gary Whitten [mailto:li...@undiscoveredworlds.com] Sent: Wednesday, February 03, 2010 3:14 PM To: NT System Admin Issues Subject: RE: Rediculous Support Clause Sounds like 'We have you where we want you so we can dictate terms'. I don't understand why you think it wouldn't be legal as nothing says they have to reinstate you at all. Playing Devil's Advocate here, it's highly likely that if you're in a position to need to be reinstated, it's because something has gone wrong and is likely to be expensive for them. From: Jeff Johnson [mailto:jjohn...@hydraflowusa.com] Sent: Wednesday, February 03, 2010 5:59 PM To: NT System Admin Issues Subject: OT: Rediculous Support Clause Here is a clause in an agreement that I have never understood nor agreed with. I am curious if it is even legal??? In the event You desire support to be reinstated following expiration, You agree: 1) to pay a reinstatement fee equal to the current annual support fee and any unpaid support fees from the date of expiration to the date of reinstatement; and 2) to pay for at least one additional year of support services from the date of reinstatement. Jeff Johnson Systems Administrator 714-773-2600 Office 714-773-6351 Fax This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.jpg
RE: Rediculous Support Clause
Well...since you almost asked J... We tried to renew on time, but the quote we got was much higher than expected. The year before, we purchased 2 additional licenses and did some sort of pro-rating on the others so our list of products was a jumbled mix of renewals, pro-rated maintenance, and new purchases. Throw in the fact that we had academic pricing with a different set of SKUs and the fact that they changed their product line (2.x to 3.x) and it made for a difficult to decipher quote. I asked them to check why the quote was so much higher, than the year before. We had some back and forth and eventually I grew tired of messing with it, other things came up, and the issue was generally forgotten. Fast forward a year and we started the process over. I got another quote that was too high (ignoring the back maintenance and reinstatement fees), but the difference was that I finally realized what happened - they were charging us for 8 licenses instead of 4. I tried explaining that if they had given us a correct quote in the first place, we wouldn't be in this position, but that I wasn't about to pay for a year of maintenance that we never used. So here we are today. I would normally be up for renewal in April. I guess I'll start over then. However, Hyper-V is sounding more appealing all the time. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, February 25, 2010 11:48 AM To: NT System Admin Issues Subject: Re: Rediculous Support Clause If you do not renew your support/maintenance contract this is the exact kind of response I would expect from a vendor. It is typically very well worth the money to keep those kinds of contracts renewed. Even if you don't need the support, the maintenance part of it will more than cover the cost of purchasing new versions of software. On Thu, Feb 25, 2010 at 11:36 AM, Crawford, Scott crawfo...@evangel.edu wrote: I didn't renew. 3.5 is working well enough for us and Hyper-V, while certainly less feature rich, may very well be good enough now. I plan to start playing with it soon. From: Kelsey, John [mailto:jckel...@drmc.org] Sent: Wednesday, February 24, 2010 10:59 PM To: NT System Admin Issues Subject: RE: Rediculous Support Clause VMWare did the exact same thing to us. We were out of support when we wanted to go to VSphere 4. Had to pay the previous year's support before we could upgrade, essentially paying for an entire year of support that we never used or needed. Highway robbery! *** John C. Kelsey DuBois Regional Medical Center (: 814.375.3073 *: jckel...@drmc.org mailto:jckel...@drmc.org *** -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Wednesday, February 03, 2010 20:30 To: NT System Admin Issues Subject: RE: Rediculous Support Clause And the ones that tax the system should pay more. Maybe we should make this discussion political J What product are we talking about btw? I know VMWare tried to pull this same thing on us. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, February 03, 2010 6:28 PM To: NT System Admin Issues Subject: Re: Rediculous Support Clause And for every customer that doesn't need/use support, there are 5 that tax the system. It tends to balance out. -ASB: http://xeesm.com/AndrewBaker Sent from my Verizon Smartphone From: Jeff Johnson jjohn...@hydraflowusa.com Date: Wed, 3 Feb 2010 15:24:06 -0800 To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Subject: RE: Rediculous Support Clause Unfortunately that may be true, but they have a great product and it is VERY stable. We did not renew our support with them after we had it for 3 years, because we never needed it. Three years later when we wanted to upgrade to a current version, we got hit with 3 years of past support plus the current year and one additional year, even though we never needed a darn thing. Again, it is time to renew, but we have no plans on using the support for another 3+ years. Ugh! Jeff Johnson Systems Administrator 714-773-2600 Office 714-773-6351 Fax From: Gary Whitten [mailto:li...@undiscoveredworlds.com] Sent: Wednesday, February 03, 2010 3:14 PM To: NT System Admin Issues Subject: RE: Rediculous Support Clause Sounds like 'We have you where we want you so we can dictate terms'. I don't understand why you think it wouldn't be legal as nothing says they have to reinstate you at all. Playing Devil's Advocate here, it's highly likely that if you're in a position to need to be reinstated, it's
RE: Java Update 18 takes forever via GPO
I always set the option to uninstall this application when it falls out of the scope of management. Then when a new version is out, I remove the old package from the GPO and add the new one. On reboot, the computer will uninstall the old version (including quick start) before installing the new. -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Thursday, March 04, 2010 1:44 PM To: NT System Admin Issues Subject: Re: Java Update 18 takes forever via GPO I've been deploying Java via GPO since early in the Java 5 days. The Java Quick Start that was introduced with Java 6 Update 10 causes exactly the symptoms you see when you try to update Java 6 via GPO. To get around it I set that service to not start via GPO. Sam Cayze wrote: Anyone deploy Java Update MSIs via GPO? I'm finding the Update 18 MSI takes seriously forever to install on my test machines. All with previous version of Java. XP Pro Sp3. Anyway to find out why? I have never had an issue with MSI/GPO installs before... Tia. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Just had to share
Even better J http://www.letmebingthatforyou.com/ From: gro...@beachcomp.com [mailto:gro...@beachcomp.com] Sent: Monday, March 08, 2010 3:24 PM To: NT System Admin Issues Subject: Just had to share Has anyone seen this? TOO FUNNY and perfect for the list. http://www.lmgtfy.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: IE8
Nope From: David Lum [mailto:david@nwea.org] Sent: Monday, December 07, 2009 4:43 PM To: NT System Admin Issues Subject: IE8 If users are local admins can I realistically block IE8 from getting installed? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: IE8
Sure, there's lots of things you can do to make it inconvenient for them to install it, but a local admin has all the rights of a domain admin on that particular box, which is all rights. -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Monday, December 07, 2009 5:19 PM To: NT System Admin Issues Subject: Re: IE8 On 7 Dec 2009 at 14:42, David Lum wrote: If users are local admins can I realistically block IE8 from getting installed? You *_can_* block automatic updates from installing it: Toolkit to Disable Automatic Delivery of Internet Explorer 8 http://is.gd/5fn3o- To help our customers become more secure and up-to-date, Microsoft will distribute Windows Internet Explorer 8 as a high-priority update through Automatic Updates for Windows XP Service Pack 2 (SP2) and higher, Windows XP Professional x64 Edition, Windows Server 2003 SP2 for x64 and x86, Windows Vista for x64 and x86, Windows Vista SP1 for x64 and x86, and Windows Server 2008 for x64 and x86. This Blocker Toolkit is intended for organizations that would like to block automatic delivery of Internet Explorer 8 to machines in environments where Automatic Updates is enabled. The Blocker Toolkit will not expire. If you have EXE-whitelisting in place you might be able to block it since the installer isn't whitelisted, but I don't know about blocking an MSI install. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 +---+ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Rube Goldberg
What makes you think it's not real? http://www.snopes.com/photos/advertisements/hondacog.asp From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, March 17, 2010 1:22 PM To: NT System Admin Issues Subject: Re: Rube Goldberg Though not 'real', the following has long been one of my favorites of this genre. http://www.youtube.com/watch?v=rYabfifhEPE On Wed, Mar 17, 2010 at 2:12 PM, Don Guyer don.gu...@prufoxroach.com wrote: Apparently, they had done something like this on a smaller scale before. For this one though, they had a corporate sponsor or something, so were able to go all out. Imagine the time it took to setup with each take? Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: Maglinger, Paul [mailto:pmaglin...@scvl.com] Sent: Wednesday, March 17, 2010 2:09 PM To: NT System Admin Issues Subject: RE: Rube Goldberg I love this kind of stuff. I'd set one up in my basement if my wife wouldn't kill me for doing it. From: Carol Fee [mailto:c...@massbar.org] Sent: Wednesday, March 17, 2010 12:18 PM To: NT System Admin Issues Subject: Rube Goldberg This is from SunbeltSecurityNews - it's fun Rube Goldberg Epic four-minute-long Rube Goldberg machine in action, with nearly any imaginable object incorporated into a daisy chain of elegant chaos. The band performs the song while wearing paint-splattered jumpsuits, the reason for which is revealed at the end: http://www.sunbeltsecuritynews.com/V9TL6P/100317-Rube-Goldberg Carol Fee Network Administrator 617-338-0623 c...@massbar.org Massachusetts Bar Association 20 West Street Boston, MA 02111-1204 (617) 338-0500 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.gif
RE: Rube Goldberg
I guess it's a little *less* genuine than *I* thought as well. Apparently it was shot in two parts. According to the link below which was linked from snopes.com. http://www.guardian.co.uk/science/2003/may/01/thisweekssciencequestions (Still not found the join? The first section ends and the second one begins at the one minute mark when an exhaust box rolls off to the right of the screen. Some clever editing bridges the two parts.) From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, March 17, 2010 2:00 PM To: NT System Admin Issues Subject: Re: Rube Goldberg I guess it is a little bit more genuine than I thought it was... On Wed, Mar 17, 2010 at 2:42 PM, Crawford, Scott crawfo...@evangel.edu wrote: What makes you think it's not real? http://www.snopes.com/photos/advertisements/hondacog.asp From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, March 17, 2010 1:22 PM To: NT System Admin Issues Subject: Re: Rube Goldberg Though not 'real', the following has long been one of my favorites of this genre. http://www.youtube.com/watch?v=rYabfifhEPE On Wed, Mar 17, 2010 at 2:12 PM, Don Guyer don.gu...@prufoxroach.com wrote: Apparently, they had done something like this on a smaller scale before. For this one though, they had a corporate sponsor or something, so were able to go all out. Imagine the time it took to setup with each take? Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com From: Maglinger, Paul [mailto:pmaglin...@scvl.com] Sent: Wednesday, March 17, 2010 2:09 PM To: NT System Admin Issues Subject: RE: Rube Goldberg I love this kind of stuff. I'd set one up in my basement if my wife wouldn't kill me for doing it. From: Carol Fee [mailto:c...@massbar.org] Sent: Wednesday, March 17, 2010 12:18 PM To: NT System Admin Issues Subject: Rube Goldberg This is from SunbeltSecurityNews - it's fun Rube Goldberg Epic four-minute-long Rube Goldberg machine in action, with nearly any imaginable object incorporated into a daisy chain of elegant chaos. The band performs the song while wearing paint-splattered jumpsuits, the reason for which is revealed at the end: http://www.sunbeltsecuritynews.com/V9TL6P/100317-Rube-Goldberg Carol Fee Network Administrator 617-338-0623 c...@massbar.org Massachusetts Bar Association 20 West Street Boston, MA 02111-1204 (617) 338-0500 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.gif
RE: [OT]: Script Editors
View/Status Bar will add current line and position to the bottom of the window. From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, March 30, 2010 2:44 PM To: NT System Admin Issues Subject: Re: [OT]: Script Editors That's the spirit. I still use Notepad for my Windows stuff. Although when I get an error at line xx, I feel like a Jurassic fool On 26 March 2010 18:03, Michael B. Smith mich...@smithcons.com wrote: religious war VI /religious war Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: tony patton [mailto:tony.pat...@quinn-insurance.com] Sent: Friday, March 26, 2010 1:00 PM To: NT System Admin Issues Subject: [OT]: Script Editors Slightly OT, but those of you who write scripts, whats your preferred editor? I'm using NotePad++ and VBSEdit at the moment for creating mainly VBscripts, they both do the job, but looking for something with a bit more. Going to take a look at these AdminScriptEditor http://www.adminscripteditor.com/ PrimalScript http://www.primaltools.com/products/info.asp?p=PrimalScript They're not cheap, look to have a lot of features and I've got provisional approval for the cost. Just wondering what everyone else was using or other options to look at. Regards Tony Patton Desktop Operations Cavan Ext 8078 Direct Dial 049 435 2878 email: tony.pat...@quinn-insurance.com http://www.quinn-insurance.com This e-mail is intended only for the addressee named above. The contents should not be copied nor disclosed to any other person. Any views or opinions expressed are solely those of the sender and do not necessarily represent those of QUINN-Insurance, unless otherwise specifically stated . As internet communications are not secure, QUINN-Insurance is not responsible for the contents of this message nor responsible for any change made to this message after it was sent by the original sender. Although virus scanning is used on all inbound and outbound e-mail, we advise you to carry out your own virus check before opening any attachment. We cannot accept liability for any damage sustained as a result of any software viruses. QUINN-Life Direct Limited is regulated by the Financial Regulator. QUINN-Insurance Limited is regulated by the Financial Regulator and regulated by the Financial Services Authority for the conduct of UK business. QUINN-Life Direct Limited is registered in Ireland, registration number 292374 and is a private company limited by shares. QUINN-Insurance Limited is registered in Ireland, registration number 240768 and is a private company limited by shares. Both companies have their head office at Dublin Road, Cavan, Co. Cavan. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: [OT]: Script Editors
That's new with XP J From: James Rankin [mailto:kz2...@googlemail.com] Sent: Wednesday, March 31, 2010 4:07 AM To: NT System Admin Issues Subject: Re: [OT]: Script Editors Wow. My Notepad has just entered the light. On 30 March 2010 20:54, Crawford, Scott crawfo...@evangel.edu wrote: View/Status Bar will add current line and position to the bottom of the window. From: James Rankin [mailto:kz2...@googlemail.com] Sent: Tuesday, March 30, 2010 2:44 PM To: NT System Admin Issues Subject: Re: [OT]: Script Editors That's the spirit. I still use Notepad for my Windows stuff. Although when I get an error at line xx, I feel like a Jurassic fool On 26 March 2010 18:03, Michael B. Smith mich...@smithcons.com wrote: religious war VI /religious war Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: tony patton [mailto:tony.pat...@quinn-insurance.com] Sent: Friday, March 26, 2010 1:00 PM To: NT System Admin Issues Subject: [OT]: Script Editors Slightly OT, but those of you who write scripts, whats your preferred editor? I'm using NotePad++ and VBSEdit at the moment for creating mainly VBscripts, they both do the job, but looking for something with a bit more. Going to take a look at these AdminScriptEditor http://www.adminscripteditor.com/ PrimalScript http://www.primaltools.com/products/info.asp?p=PrimalScript They're not cheap, look to have a lot of features and I've got provisional approval for the cost. Just wondering what everyone else was using or other options to look at. Regards Tony Patton Desktop Operations Cavan Ext 8078 Direct Dial 049 435 2878 email: tony.pat...@quinn-insurance.com http://www.quinn-insurance.com This e-mail is intended only for the addressee named above. The contents should not be copied nor disclosed to any other person. Any views or opinions expressed are solely those of the sender and do not necessarily represent those of QUINN-Insurance, unless otherwise specifically stated . As internet communications are not secure, QUINN-Insurance is not responsible for the contents of this message nor responsible for any change made to this message after it was sent by the original sender. Although virus scanning is used on all inbound and outbound e-mail, we advise you to carry out your own virus check before opening any attachment. We cannot accept liability for any damage sustained as a result of any software viruses. QUINN-Life Direct Limited is regulated by the Financial Regulator. QUINN-Insurance Limited is regulated by the Financial Regulator and regulated by the Financial Services Authority for the conduct of UK business. QUINN-Life Direct Limited is registered in Ireland, registration number 292374 and is a private company limited by shares. QUINN-Insurance Limited is registered in Ireland, registration number 240768 and is a private company limited by shares. Both companies have their head office at Dublin Road, Cavan, Co. Cavan. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Bug in Win7 dir command
Havent tried to reproduce, but if you do a second dir of M:\ does the file size change back? I'm just wondering if it's some weird type of cacheing. From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Wednesday, April 14, 2010 10:05 AM To: NT System Admin Issues Subject: Bug in Win7 dir command Can anyone reproduce this? The required conditions, so far, appear to be: Using Windows 7 x64, haven't tried other flavors of 7 yet. Drive is mapped to a server (in my case 2003 SP2). Must be in a folder, not at the root. Folder is available offline. Folder name(s) must not contain spaces or other chars that require quoting. M:\testdir Volume in drive M is Data Volume Serial Number is 0A01-AAFA Directory of M:\test 04/14/2010 10:53 AMDIR . 04/14/2010 10:53 AMDIR .. 01/16/2010 02:38 AM 2,477 backup.cmd 1 File(s) 2,477 bytes 2 Dir(s) 35,857,784,832 bytes free M:\testdir backup.cmd Volume in drive M is Data Volume Serial Number is 0A01-AAFA Directory of M:\test 01/16/2010 02:38 AM 0 backup.cmd 1 File(s) 0 bytes 0 Dir(s) 35,857,784,832 bytes free Haven't found any mentions of this on Google... Carl ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: please don't change your password!
Jesper Johansson talks about the difficulty in cracking pass phrases in part 2 of 3 of this series The Great Debates: Pass Phrases vs. Passwords. http://technet.microsoft.com/en-us/library/cc512613.aspx From: David Lum [mailto:david@nwea.org] Sent: Thursday, April 15, 2010 4:49 PM To: NT System Admin Issues Subject: RE: please don't change your password! Fortunately I have more than 60 days for each password (errr, passphrase Sherry!). What gets screwy is when I hop from network to network since I don't use the same ones everywhere. My first long passwords were This password is hard to guess then changed to This password is harder to guess, This password is even harder to guess, LOL. I heard somewhere that dictionary attacks can figure out phrases, anyone able to shed any light on that? I do substitute letters with numbers/symbols on occasion but not everywhere. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Brian Clark [mailto:brianclark2...@googlemail.com] Sent: Thursday, April 15, 2010 2:09 PM To: NT System Admin Issues Subject: Re: please don't change your password! Funny ones at that! Question is how often do you have to re enter them, as your tying is so good! ;) On 15 April 2010 22:03, Sherry Abercrombie saber...@gmail.com wrote: Actually, those are considered pass-phrases I do believe. ;) On Thu, Apr 15, 2010 at 3:57 PM, David Lum david@nwea.org wrote: I am very good at long passwords, and so is anyone that can type using correct punctuation. The biggest hindrance to long password use are systems that limit the length of the password. Examples of complex long passwords include: I would like a beer from the refrigerator. Now. Why don't you close the door ALL the way? You're not wearing that outside, are you? The person watching me can't believe how long this password is. And when it's time to change the long password: I would REALLY like a beer from the refrigerator. Now! Why don't you close the door ALL the way next time? You're not wearing that outside, are you? Seriously? The person watching me really can't believe how long this password is. Etc... I love how big people eyes get when they see my tying in my 27 character Windows password, I HATE the systems that limit me to 15 or less. Dave From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Thursday, April 15, 2010 1:45 PM To: NT System Admin Issues Subject: Re: please don't change your password! Sounds like someone trying to generate reader interest and FUD. A quick search seems he likes controversial subjects/items. Since passwords are the defacto standard for most Internet sites for protection of customers. I see no reason for someone to keep the same password for ever. Unless you are good at generating very long complex passwords. Jon On Thu, Apr 15, 2010 at 4:37 PM, Brian Clark brianclark2...@googlemail.com wrote: After a long week doing a SBS migration I didn't know how to take this article and needed to share it!! http://www.boston.com/bostonglobe/ideas/articles/2010/04/11/please_do_no t_change_your_password/?page=1 Brian -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Running Forefront(tm) Client Security - RAM usage?
Care to elaborate on why you dislike it? From: Hart, Robert [mailto:robert.h...@genexservices.com] Sent: Tuesday, April 20, 2010 1:31 PM To: NT System Admin Issues Subject: RE: Running Forefront(tm) Client Security - RAM usage? MsMpEng.exe = 66,720K sitting ldle MsPMSPSv.exe = 1,568K sitting idle If I may add I dislike the product. Bob From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Tuesday, April 20, 2010 2:08 PM To: NT System Admin Issues Subject: Running Forefront(tm) Client Security - RAM usage? Anyone running Forefront that can quickly tell me what its real-world RAM usage is on an end-point? Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: xp media
Agreed. I have a whole stack of Dell's here, but they wont work on your gateway. http://cgi.ebay.com/GATEWAY-Operating-System-XP-reinstallation-cd-Ver-1- 3-/260590276071?cmd=ViewItempt=LH_DefaultDomain_0hash=item3cac640de7 From: Richard Stovall [mailto:rich...@gmail.com] Sent: Monday, April 26, 2010 12:25 PM To: NT System Admin Issues Subject: Re: xp media My personal experience is that you need an install disk from the original vendor. Have you checked eBay? On Mon, Apr 26, 2010 at 1:18 PM, James Kerr cluster...@gmail.com wrote: Just a CD without a key. I know I can by just media from CDW or just licenses for my job because I have volume licensing. Anyway it appears that MS is saying I'm SOL, or my friend is anyway. Looks like she is going to spend some $ if she wants this thing fixed. - Original Message - From: Carl Houseman c.house...@gmail.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Monday, April 26, 2010 1:02 PM Subject: RE: xp media It's not clear what you're asking to buy. If you know a place to purchase CD's without license keys, I'd stay away from that like the plague. If you're asking if we know such a place, I wouldn't use one if I did. If you purchase a CD with a license key, then just use the license key that comes with it. If you can scare up any real OEM CD (from friends or family), it *may* just work as long as the edition (Home/Pro/MCE) is the same. There are cases where generic CDs won't work, as I found with an old Toshiba laptop several years ago (wouldn't activate and MS won't approve the activation over the phone). Carl -Original Message- From: James Kerr [mailto:cluster...@gmail.com] Sent: Monday, April 26, 2010 11:49 AM To: NT System Admin Issues Subject: xp media I have a laptop of a friend and its needs to have Windows XP Home reinstalled from scratch. They do not have the restore CDs and the restore partition doesnt have the required files. I called Gateway to buy restore CDs but they only have them for PCs no older than 3 years. Anyone know if it's possible to buy an XP home edition media CD and use the license key that came from Gateway that's on the laptop with it? James ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: The finer points of NTFS ACLs (was: Software installs on new PCs)
The values you want are HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Fo rceCopyAclwithFile HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Mo veSecurityAttributes This KB details this: http://support.microsoft.com/kb/310316 -Original Message- From: Mayo, Bill [mailto:bem...@pittcountync.gov] Sent: Wednesday, April 28, 2010 12:08 PM To: NT System Admin Issues Subject: RE: The finer points of NTFS ACLs (was: Software installs on new PCs) +infinity We do exactly what you describe, and I always have issues (mostly when doing file migrations due to server moves) related to people copying files from one secured directory to another and the permissions not getting updated. When the permissions are set to inherit from parent, it seems to me that Windows should re-assess that on a file copy. Bill Mayo -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Wednesday, April 28, 2010 12:45 PM To: NT System Admin Issues Subject: The finer points of NTFS ACLs (was: Software installs on new PCs) On Wed, Apr 28, 2010 at 11:54 AM, James Rankin kz2...@googlemail.com wrote: We see this problem where people create folders under shared drives, that each new folder is owned by the creating user who then has the added rights. The solution is some weekly subinacl tasks that re-take ownership of the whole fileserver structure back to BUILTIN\Administrators Wouldn't it be better to just remove CREATOR OWNER from the ACL on the folder? All our shared folders are set so only the group(s) which should have permission are present. The only good use for CREATOR OWNER I've found is kludging around apps that insist on writing to their own program directory. So grant users Create File on This folder only, and separately grant CREATOR OWNER Modify on Files only. Now users can create the file, but can't touch anything else. My biggest beef is that if you move an object within a drive on Windows, Windows does not update the ACL on the object to reflect different permissions in its new location. So, for example, when a file is moved from the QA-only pre-release folder to the whole-company general-release folder, the file still has permissions for pre-release and nobody else can read it. Anyone got a fix for *that*? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Open source 'ghost' product?
clonezilla From: Bill Lambert [mailto:blamb...@concuity.com] Sent: Friday, April 30, 2010 9:56 AM To: NT System Admin Issues Subject: Open source 'ghost' product? I need to image a machine quickly and I don't have Ghost (yet). Is there an open source product that you can recommend? Thanks, all. Bill Lambert Windows System Administrator Concuity Phone 847-941-9206 Fax 847-465-9147 The information contained in this e-mail message, including any attached files, is intended only for the personal and confidential use of the recipient(s) named above. If you are not the intended recipient (or authorized to receive information for the recipient) you are hereby notified that you have received this communication in error and that any review, dissemination, distribution, or copying of this message is strictly prohibited. If you have received this communication in error, please contact the sender by reply email and delete all copies of this message. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~image001.png
RE: Deleting extend.dat while outlook is open
+1 -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, April 30, 2010 2:23 PM To: NT System Admin Issues Subject: Re: Deleting extend.dat while outlook is open On Fri, Apr 30, 2010 at 2:23 PM, Erik Goldoff egold...@gmail.com wrote: The issue at hand is after removal, when outlook starts, the SAV9 plug in information is still cached in the extend.dat and the end users get an error message. When we ran into this issue (during an upgrade from one version of SAV to another), we added a something to our user logon script that deleted EXTEND.DAT on every logon. Hasn't caused us any known problems yet. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Print Server suggestions
Agreed. Once setup, it should be completely automated. You could dump the data from wherever the class schedules are held and run this daily with no manual intervention. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, May 03, 2010 3:55 PM To: NT System Admin Issues Subject: Re: Print Server suggestions But, the print queues should live on, and it's then only a matter of getting the spreadsheet and running the update once per semester. On Mon, May 3, 2010 at 12:33, Raper, Jonathan - Eagle jra...@eaglemds.com wrote: Yes, doable in theory, but you'd have to repeat every semester, or worse, if on a block schedule, every handful of weeks. Not my idea of fun, but then again I'm not managing the IT infrastructure of an education environment... Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, May 03, 2010 3:30 PM To: NT System Admin Issues Subject: Re: Print Server suggestions Complicated, but doable in theory: Set up print queues based on time for each printer - a series of eight one-hour slots. Grant permissions for each print queue by group. Put students in their respective groups. It would take some scripting to make happen in any kind of reasonable fashion, but once set up should be fairly manageable. IT would require a CSV file or something like it to have a list of students with room assignments and times from which to populate the permissions groups. For each printer there will be a minimum of eight print queues, assuming that that lunch isn't allowed for printing and that teachers and staff have a separate, unlimited, ability to print to a given printer. Kurt On Mon, May 3, 2010 at 12:18, Jonathan Link jonathan.l...@gmail.com wrote: Tell me how security permissions could solve the following problem. I'm interested, it's academic now, but I'm still interested. Student schedule 8:00-8:50 Room A15 9:00-9:50 Room B12 9:50-10:50 Room C19 10:50-11:50 Room A12 11:50-12:30 Lunch 12:40-1:30 Room A16 1:40-2:30 Room A10 2:40-3:30 Room A08 Limit student's schedule to allow printing in the room specified for only the period specified. Multiply by 1200 students. On Mon, May 3, 2010 at 2:59 PM, Ben Scott mailvor...@gmail.com wrote: On Mon, May 3, 2010 at 2:51 PM, Jonathan Link jonathan.l...@gmail.com wrote: When I worked in a high school, an advantage to not using a print server at the time (NT 4 and Win 2000) was the fact that I could localize printing to the room the computer is in very easily, by limiting which printers were installed on the computer. To my knowledge, there isn't anyway to do that with a Windows print server and printer sharing. Security permissions? -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sunbelt, McAfee, Symantec - now Clam
I agree and I for one would like to hear your suggestions. It seems to me that some form of white-listing is the most obvious alternative. However, I really don't see how that is guaranteed to be effective. Assume that it's possible to actually keep up with all of the software that you DO want to run. What happens when there's a PDF exploit, or a quicktime exploit, or an IE exploit. All of these apps are likely to be on a list of allowed applications, but if the data that they're processing contains the malness, the point of detection needs to change. Instead of white-listing applications, we now find ourselves needing to white-list the actual data that they process. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, May 07, 2010 1:59 PM To: NT System Admin Issues Subject: Re: Sunbelt, McAfee, Symantec - now Clam First off, the ClamAV issue was somewhat mitigated by them telling everyone to be off of v96 for a few weeks. :) But, the reality of this situation is that signature-based host-level protection is getting to the point where the human error factor is too high. (I feel a blog entry coming up soon) In order to attack the threats that are out there, signatures need to be updated frequently, and increasing the frequency places greater burden on the QA process, and increases the risk of a self-inflicted DoS. What this signifies is that we need to start demanding a different approach to host-based protection *as the norm*, because there is now as great a chance that your system can be made ineffective from an AV update as from an actual piece of malware. AV in its current form really has to die, as there is no way for the good guys to keep up with the bad guys, leaving us vulnerable to even more foolishness from creative bad guys. -ASB: http://XeeSM.com/AndrewBaker On Fri, May 7, 2010 at 1:27 PM, Kurt Buff kurt.b...@gmail.com wrote: - Original Message Subject: [Clamav-announce] problem with daily.cvd 10938 Date: Fri, 7 May 2010 13:06:56 +0200 From: Luca Gibelli l...@clamav.net Reply-To: nore...@clamav.net To: ClamAV Announce clamav-annou...@lists.clamav.net Dear ClamAV users, about 15 mins ago we released daily.cvd 10938. This update apparently caused a segmentation fault in all ClamAV versions older than 0.96 on 32 bit systems. We just released daily.cvd 10939 which removes the faulty signature and we have taken measures to ensure that this problem won't happen again. We recommend using a monitor tool like clamdwatch or clamdmon to automatically restart clamd whenever it dies. If you are already using a similar solution, your clamd will be restarted automatically as soon as freshclam downloads the daily.cvd 10939 update. We apologise for the inconvenience. Regards, - -- Luca Gibelli (luca _at_ clamav.net) ClamAV, a GPL anti-virus toolkit [Tel] +39 0187 1851862 [Fax] +39 0187 1852252 [IM] nervous/jabber.linux.it PGP key id 5EFC5582 @ any key-server || http://www.clamav.net/gpg/luca.gpg ___ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Big Changes Ahead for IT - Anyone seen this?
Makes me question my subscription. From: David Lum [mailto:david@nwea.org] Sent: Wednesday, May 26, 2010 3:20 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? Some of the message was subliminal. Oh wait, this isn't admin_misc is it? Here comes Stu... From: Damien Solodow [mailto:damien.solo...@harrison.edu] Sent: Wednesday, May 26, 2010 12:58 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? I don't think this will produce anything substantive.. From: David Lum [mailto:david@nwea.org] Sent: Wednesday, May 26, 2010 3:56 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? No, he means subversion. From: Damien Solodow [mailto:damien.solo...@harrison.edu] Sent: Wednesday, May 26, 2010 12:53 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? Don't you mean subtraction? ;) From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Wednesday, May 26, 2010 3:47 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? Subjection skills ain't what they used to be. -sc From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Wednesday, May 26, 2010 3:40 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? What? That can subject 2 from 32? J Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Wednesday, May 26, 2010 3:35 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? I'd love to have candidates with that ability. They are hard to find... -sc From: David Lum [mailto:david@nwea.org] Sent: Wednesday, May 26, 2010 1:20 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? I would fail the OSI part (sure I could Google it just now) as it was back in the NetWare days that I learned about it in a class. Heard of it, does that count? 27-bit subnet? Not off the top of my head, I'd have to think okay a .128 mask is 25 bits I can explain DNS and forwarding, MX records, Aliases, HOSTS file, DHCP incl. reservations, and give you jack of all trades firewall info, conceptualize memory protection rings, and go to town on registry, AD and GPO design as well as give examples of being able to handle a near vertical learning curve. Am I hired? The way I view being an IT guy is day in and day out I'm not necessarily using $30/hr expertise, but there are spikes where I feel I surpass the I've got certs but no real IT skills Joe at figuring something out and at those times word 2-3x my nominal salary so on balance it works out. That's my story I'm stickin' to it. From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Wednesday, May 26, 2010 9:22 AM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? It's kinda funny that you mention the OSI model, since there are any number of people here that will dismiss it as irrelevant (personally I think that it's very relevant to know if you want to advance in an IT career) Corporations, in an ever ending quest to cut costs (or at least, regulate costs) will not continue to pay ludicrous amounts of money for the dross that the IT industry produces. There are far too many people being paid inflated salaries in this industry, without being able to deliver tangible/measurable results. One only needs to look at project delivery in large corporations, and at the small end, the dedicated people who manage to do tasks in a manual manner (this list included has people who have the time to spend working out the best way to do some task for an individual user, yet they must get paid $30-60k, which no other industry would accept). As the industry matures there simply will not be the opportunity for mediocrity to survive, just like every other mature industry. If you are merely average, you'll earn an average salary, and you won't be part of IT - or you might be part of an IT provider conglomerate. If you want to be a 6-7 figure earner, then you'll need to provide ever increasing levels of business value, just like every other industry (with the possible exception of Sales, where a really good pitch can make up for lack of substance, but let's not confuse sales and delivery J ) Cheers Ken From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Wednesday, 26 May 2010 11:39 PM To: NT System Admin Issues Subject: RE: Big Changes Ahead for IT - Anyone seen this? I've dismissed more network candidates than I can remember because they couldn't calculate the number of hosts in a subnet. Or had even heard of an OSI model. Systems Engineers who are at a loss to even at a high level explain the ideas of process, threads, memory protection, etc... Windows
RE: What's your requirement to allow a user DA?
Not to nitpick, but I want to nit pick J RE: But no one uses the internet on the exchange server so we don't have AV on it How is this relevant? If the AV on the workstation the DA is logged into didn't catch the virus, why would the save AV software on the Exchange server catch it? Or, are you suggesting that different AV be installed on various servers? From: Phil Garven [mailto:ph...@sunbeltsoftware.com] Sent: Thursday, May 27, 2010 4:06 PM To: NT System Admin Issues Subject: RE: What's your requirement to allow a user DA? +1 on separate accounts for admins Log on with a user account (maybe a local admin) and use run as to run your admin programs as your domain admin or equivalent account. If you log on as a domain admin and get a virus (happens to the best of us) then that virus is running as a domain admin and sending itself to your exchange server and remotely executing. But no one uses the internet on the exchange server so we don't have AV on it Regards, Phil Garven Sunbelt Software From: Free, Bob [mailto:r...@pge.com] Sent: Thursday, May 27, 2010 4:43 PM To: NT System Admin Issues Subject: RE: What's your requirement to allow a user DA? 2-3 is max for any environment IMO. Everything else should be dome with delegations. They must be your most proficient admins, not any old new hire. Check out some of joe Richard's rants about it, he ran a multi-nationl Global 5 firm with 3 EA /DA level admins who were, as he put it, all close enough to smack each other. (+ 1 manager who had the keys in a break glass/locked safe scenario) Personally, I am a fan of 3 accounts per admin for those enterprise level admins, 1 uberadminID (DA/EA), 1 regular adminID with appropriate delegations like all administrators should have and the usual day-to-day userID From: David Lum [mailto:david@nwea.org] Sent: Thursday, May 27, 2010 11:39 AM To: NT System Admin Issues Subject: What's your requirement to allow a user DA? What are your guy's prerequisites on someone having a Domain Admin account - assume a medium or large company and 4-5+ Systems Engineers. Previously here they've just had every new SE hire be domain admin, I'm thinking it's time to change that practice but I'll need some ammo and a plan before I have any hope of changing this. My thinking is along the line of need to know what's going in this AD structure as well as being proficient in all things AD, etc. Thoughts comments? I'm thinking there should only be 2-3 DA accounts max per domain max. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Patch Management - again
I'm sure there's countless places I could find this information, but could you elaborate on that statement a bit? -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, June 11, 2010 4:30 PM To: NT System Admin Issues Subject: Re: Patch Management - again On Fri, Jun 11, 2010 at 3:59 PM, Alex Eckelberry al...@sunbelt-software.com wrote: What do you do about non-Windows patching? Our only non-Windows computers are running Linux, and Linux makes patch management ridiculously easy. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Patch Management - again
Thanks very much for this. It's exactly the kind of info I was looking for. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, June 11, 2010 5:26 PM To: NT System Admin Issues Subject: Re: Patch Management - again On Fri, Jun 11, 2010 at 5:37 PM, Crawford, Scott crawfo...@evangel.edu wrote: Our only non-Windows computers are running Linux, and Linux makes patch management ridiculously easy. I'm sure there's countless places I could find this information, but could you elaborate on that statement a bit? Well, this is really off-topic for this list, but then, so is the World Cup. I'll mention a few things. More in-depth discussion belongs elsewhere, like the patch-management list. We use CentOS, so the examples I give are for that distribution. Most other distros have similar methods. Most Linux distributions use a tool called a package manager to install and update software. Every software component is part of a package. Every program file installed on the system is owned by a package. The same tools are used to install, uninstall, and update every software package on the system. To install the Wireshark packet sniffer: yum install wireshark To update it: yum update wireshark So if you don't care about bandwidth, you can just do: yum update and all the software gets updated. Now, if you have a fleet of machines and don't want to suck up your Internet bandwidth downloading updates, you'll need some kind of local repository of updates. Your patch server, so to speak. But unlike Microsoft, all the updates are posted to public FTP/HTTP servers, in a plain directory structure. So to maintain a mirror, all you need to do is use a standard download tool. Thus: cd /pub/mirror/centos wget --mirror --no-host-dir --cut-dirs=1 http://mirror.centos.org/centos/5/updates/i386/RPMS/ Now you've got a local repository with all the updates. You can share that out using NFS or SMB or whatever you use to share files. To tell a computer to update against that: rpm --freshen /pub/mirror/centos/5/updates/i386/RPMS/* The freshen command tells the package manage to install newer packages, but only for packages which are already installed. I've been using this technique in various environments off-and-on since roughly 1996 or so. It still works, so I haven't had need to research other methods. However, if you want, the tools to build the index yum needs from a repository of files are included in the distribution. I'm told it would be as easy as: yum-arch /pub/mirror/centos/5/updates/i386/RPMS/ and then editing /etc/yum.conf to look at your own server rather than the default mirror network. If you want to test the integrity of the software on the system, you can do: rpm --verify --all That will check every file of every installed package. It will report differences in date, time, permissions, checksum, etc. It will also report broken dependencies. Like most *nix commands, it's normally silent, so silence is golden. Any of these commands can be put in a scheduled job to run every night. No special background services or poorly-documented software is required to maintain the repository. It's all standard commands you use anyway. The repository is just a directory with a bunch of package files in it. There's no need to run a special web server, or to have a database backend; there's no special download protocol. The update packages are just like regular packages; there's no cryptic format or special installers. There's a package called yum-cron; if you install it, it will email you a report every night if there are pending updates to install. I use a mail filter to route those messages to a mail folder. If it's empty, all is well. Things needing attention show up as new mail. That's all I've ever needed or wanted for reporting. I've had people ask about things like pie charts. I honestly don't see how pie charts help patch management, but if you want that sort of thing, Red Hat sells a fancy GUI thing called Red Hat Network. You get a year if you buy their commercial packaged distro. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Run multliple versions of IE
This where they're at. http://www.microsoft.com/downloads/details.aspx?FamilyId=21EABB90-958F-4 B64-B5F1-73D0A413C8EFdisplaylang=en From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Monday, June 14, 2010 1:53 PM To: NT System Admin Issues Subject: RE: Run multliple versions of IE I use VMs. Microsoft offers pre-baked VMs with all the IE versions on their site for download. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 From: Bill Songstad [mailto:bsongs...@gmail.com] Sent: Monday, June 14, 2010 1:13 PM To: NT System Admin Issues Subject: Run multliple versions of IE My webmaster has asked for the ability to run multiple versions of IE (6, 7, and 8) on a Windows XP workstation. I found a couple of candidates for testing on the interwebs, but is anybody using a solution for this that they like and/or recommend? Thanks, Bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Run multliple versions of IE
Have a link? The one I sent expires in 16 days. -Original Message- From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Monday, June 14, 2010 4:16 PM To: NT System Admin Issues Subject: RE: Run multliple versions of IE The ones I downloaded were good for 180 days. Download them twice a year seems easy enough to me... Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Monday, June 14, 2010 3:48 PM To: NT System Admin Issues Subject: Re: Run multliple versions of IE That works OK for a need to test once in a blue moon situation, or if it's not a problem to re-create the VM once the trial expires. But I don't think this is one of those situations. On 6/14/2010 3:30 PM, Brian Desmond wrote: Use the trials that Microsoft provides for free... -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DISK WIPING TOOL
Tu es un drôle de gars. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, June 15, 2010 12:13 PM To: NT System Admin Issues Subject: Re: DISK WIPING TOOL On Tue, Jun 15, 2010 at 12:10 PM, John Aldrich jaldr...@blueridgecarpet.com wrote: I think you meant /dev/zero, not /zev/zero :-) Uhhh... my Linux box has a French accent. ;-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password policy enforcement after a change
You can find AdFind, along with many other goodies here: http://joeware.net/freetools/tools/adfind/index.htm -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, June 15, 2010 7:15 PM To: NT System Admin Issues Subject: Re: Password policy enforcement after a change On Tue, Jun 15, 2010 at 8:11 PM, Free, Bob r...@pge.com wrote: You don't need a tool, just do an LDAP query for pwdLastSet. I would use adfind as it will decode the timestamps, dump to a csv and massage in excel. I don't seem to have an ADFIND command. Is that new in 2003/2008 or something? ADFIND -default -f ((objectCategory=person)(objectClass=user)) pwdLastSet -tdc -csv Thanks! The query will be good to have around for future reference, even if I don't end up using it for *this* project. :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VMWare View, How are you handling AV? (Viper to be specific)
So, do you just plan on not getting any viruses before it gets pushed to the client? From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 10:37 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) Didn't realize it would do the detect and push, I guess that would solve my problem. Just have to keep an eye on the server and delete any old clones, but like I mentioned even that should be a problem if the clones get re-created with the same names. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 10:34 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) Vipre push was part of our standard server build out, we didn't make it part of our base os images for VMWare because of guid issues as mentioned. You can set up Vipre Enterprise to automatically detect new computers based on the OU they are put in and automatically push to it. We did this for our workstation builds, but not servers. On Thu, Jul 1, 2010 at 10:27 AM, N Parr npar...@mortonind.com wrote: Why wouldn't you treat a VM license like any other? The console would see it as a normal computer and make it count anyway. Just trying to figure out an easy way to mange it. Could create an agent install package and push it out to the clone via GPO but when we update the base image for the clone with windows updates, new applications, etc it would get wiped out. I guess if the linked clones are getting created with the same naming structure you wouldn't have to worry about deleting the clients from Viper Enterprise server when because it just sees the agents by computer name and not SID or anything. When the new clones came back up they would get the agent installed via GPO again and then start talking to the Enterprise server like normal. My rambling make sense? From: Jeff Cain [mailto:je...@sunbelt-software.com] Sent: Thursday, July 01, 2010 10:15 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) N Parr, I am assuming here that you are using VIPRE Enterprise. I would recommend protecting each clone with VIPRE as the growth from definitions would be minimal, this is the best way to protect your systems and any machines they are connected to. I would also say that you should reinstall the VIPRE agent after you clone the machine to prevent the Enterprise Console from confusing the machines as they'll have the same agent GUID in the console. As far as licensing goes, I don't believe we hold VM installs against you. Thanks, Jeff Cain Technical Support Analyst Sunbelt Software Email: supp...@sunbeltsoftware.com mailto:supp...@sunbeltsoftware.com Voice: 1-877-757-4094 Fax: 1-727-562-5199 Web: http://www.sunbeltsoftware.com http://www.sunbeltsoftware.com/ Physical Address: 33 N Garden Ave Suite 1200 Clearwater, FL 33755 United States If you do not want further email from us, please forward this message to listmana...@sunbelt-software.com mailto:listmana...@sunbelt-software.com with the word 'unsubscribe' in the subject of your email. Helpful Sunbelt Software Links: Knowledge Base http://support.sunbeltsoftware.com/ Open a New Support Ticket http://www.sunbeltsoftware.com/Support/Contact/ Sunbelt Software Product Support Communities http://www.sunbeltsoftware.com/communities/ From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 11:06 AM To: NT System Admin Issues Subject: VMWare View, How are you handling AV? (Viper to be specific) So does anyone have any pointers on this? Are you just not worrying about it since you can wipe the linked clones out at any time if they get infected? I'm sill worried about handling outbreak protection. Don't care if the clone gets hosed but I don't want all my clones getting infected with something and trying to spread it around. If you install AV on the base image and don't use persistent clones then they will have to update signatures every time they boot from the day the base image was created. If you use persistent clones then their deltas will grow because of signatures being added every day. And then you've got licensing and agents on linked clones trying to update from the enterprise server with a pc name that is different than the base image they were created from. I don't think a lot of AV vendors have really thought this type of situation through. ... -- Sherry Abercrombie Any sufficiently advanced technology is indistinguishable from magic. Arthur C. Clarke ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: VMWare View, How are you handling AV? (Viper to be specific)
Yeah, I don't see any difference between a virtual and physical machine in this instance either. But, in either case, I'd still want to guarantee that AV is on the machine prior to a user being able to use it. Using GPO to deploy an MSI ensures this and is in my opinion the better way to install agents. From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 11:49 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) Yes, because desktop clones are provisioned so that one+ is always available. So when the last unused clone is logged in to View automatically provisions, joins it so the domain and places it in a specified OU to await the next user needing a virtual desktop. Then the viper server can push the agent to it and do it's thing. No different than booting up a new physical desktop for the first time. If there's a virus running around my little network that last thing I will be worried about is an unprotected clone getting it before AV can be auto installed. From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, July 01, 2010 11:39 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) So, do you just plan on not getting any viruses before it gets pushed to the client? From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 10:37 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) Didn't realize it would do the detect and push, I guess that would solve my problem. Just have to keep an eye on the server and delete any old clones, but like I mentioned even that should be a problem if the clones get re-created with the same names. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 10:34 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) Vipre push was part of our standard server build out, we didn't make it part of our base os images for VMWare because of guid issues as mentioned. You can set up Vipre Enterprise to automatically detect new computers based on the OU they are put in and automatically push to it. We did this for our workstation builds, but not servers. On Thu, Jul 1, 2010 at 10:27 AM, N Parr npar...@mortonind.com wrote: Why wouldn't you treat a VM license like any other? The console would see it as a normal computer and make it count anyway. Just trying to figure out an easy way to mange it. Could create an agent install package and push it out to the clone via GPO but when we update the base image for the clone with windows updates, new applications, etc it would get wiped out. I guess if the linked clones are getting created with the same naming structure you wouldn't have to worry about deleting the clients from Viper Enterprise server when because it just sees the agents by computer name and not SID or anything. When the new clones came back up they would get the agent installed via GPO again and then start talking to the Enterprise server like normal. My rambling make sense? From: Jeff Cain [mailto:je...@sunbelt-software.com] Sent: Thursday, July 01, 2010 10:15 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) N Parr, I am assuming here that you are using VIPRE Enterprise. I would recommend protecting each clone with VIPRE as the growth from definitions would be minimal, this is the best way to protect your systems and any machines they are connected to. I would also say that you should reinstall the VIPRE agent after you clone the machine to prevent the Enterprise Console from confusing the machines as they'll have the same agent GUID in the console. As far as licensing goes, I don't believe we hold VM installs against you. Thanks, Jeff Cain Technical Support Analyst Sunbelt Software Email: supp...@sunbeltsoftware.com mailto:supp...@sunbeltsoftware.com Voice: 1-877-757-4094 Fax: 1-727-562-5199 Web: http://www.sunbeltsoftware.com http://www.sunbeltsoftware.com/ Physical Address: 33 N Garden Ave Suite 1200 Clearwater, FL 33755 United States If you do not want further email from us, please forward this message to listmana...@sunbelt-software.com mailto:listmana...@sunbelt-software.com with the word 'unsubscribe' in the subject of your email. Helpful Sunbelt Software Links: Knowledge Base http://support.sunbeltsoftware.com/ Open a New Support Ticket http://www.sunbeltsoftware.com/Support/Contact/ Sunbelt Software Product Support Communities http://www.sunbeltsoftware.com/communities/ From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday
RE: VMWare View, How are you handling AV? (Viper to be specific)
Nice. What does the moving? From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 11:52 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) The OU that Vipre looks at to do the automatic push has a GPO that is totally restricted, can't be logged into from the network etc etc. Only Vipre and WSUS can do anything to it while in that OU. Once it's been verified that the workstation has been updated appropriately, the computer will get moved to the actual OU that it belongs in which has the appropriate GPO's. On Thu, Jul 1, 2010 at 11:38 AM, Crawford, Scott crawfo...@evangel.edu wrote: So, do you just plan on not getting any viruses before it gets pushed to the client? From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 10:37 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) Didn't realize it would do the detect and push, I guess that would solve my problem. Just have to keep an eye on the server and delete any old clones, but like I mentioned even that should be a problem if the clones get re-created with the same names. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 10:34 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) Vipre push was part of our standard server build out, we didn't make it part of our base os images for VMWare because of guid issues as mentioned. You can set up Vipre Enterprise to automatically detect new computers based on the OU they are put in and automatically push to it. We did this for our workstation builds, but not servers. On Thu, Jul 1, 2010 at 10:27 AM, N Parr npar...@mortonind.com wrote: Why wouldn't you treat a VM license like any other? The console would see it as a normal computer and make it count anyway. Just trying to figure out an easy way to mange it. Could create an agent install package and push it out to the clone via GPO but when we update the base image for the clone with windows updates, new applications, etc it would get wiped out. I guess if the linked clones are getting created with the same naming structure you wouldn't have to worry about deleting the clients from Viper Enterprise server when because it just sees the agents by computer name and not SID or anything. When the new clones came back up they would get the agent installed via GPO again and then start talking to the Enterprise server like normal. My rambling make sense? From: Jeff Cain [mailto:je...@sunbelt-software.com] Sent: Thursday, July 01, 2010 10:15 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) N Parr, I am assuming here that you are using VIPRE Enterprise. I would recommend protecting each clone with VIPRE as the growth from definitions would be minimal, this is the best way to protect your systems and any machines they are connected to. I would also say that you should reinstall the VIPRE agent after you clone the machine to prevent the Enterprise Console from confusing the machines as they'll have the same agent GUID in the console. As far as licensing goes, I don't believe we hold VM installs against you. Thanks, Jeff Cain Technical Support Analyst Sunbelt Software Email: supp...@sunbeltsoftware.com mailto:supp...@sunbeltsoftware.com Voice: 1-877-757-4094 Fax: 1-727-562-5199 Web: http://www.sunbeltsoftware.com http://www.sunbeltsoftware.com/ Physical Address: 33 N Garden Ave Suite 1200 Clearwater, FL 33755 United States If you do not want further email from us, please forward this message to listmana...@sunbelt-software.com mailto:listmana...@sunbelt-software.com with the word 'unsubscribe' in the subject of your email. Helpful Sunbelt Software Links: Knowledge Base http://support.sunbeltsoftware.com/ Open a New Support Ticket http://www.sunbeltsoftware.com/Support/Contact/ Sunbelt Software Product Support Communities http://www.sunbeltsoftware.com/communities/ From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 11:06 AM To: NT System Admin Issues Subject: VMWare View, How are you handling AV? (Viper to be specific) So does anyone have any pointers on this? Are you just not worrying about it since you can wipe the linked clones out at any time if they get infected? I'm sill worried about handling outbreak protection. Don't care if the clone gets hosed but I don't want all my clones getting infected with something and trying to spread it around. If you install AV on the base image and don't use persistent clones then they will have to update signatures every time they boot from the day
RE: VMWare View, How are you handling AV? (Viper to be specific)
Gotcha. A little too much manual intervention for my tastes, but yeah, that's valid. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 1:25 PM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) A person.workstations will stay in that OU until they are actually placed on a users desk. On Thu, Jul 1, 2010 at 12:43 PM, Crawford, Scott crawfo...@evangel.edu wrote: Nice. What does the moving? From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 11:52 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) The OU that Vipre looks at to do the automatic push has a GPO that is totally restricted, can't be logged into from the network etc etc. Only Vipre and WSUS can do anything to it while in that OU. Once it's been verified that the workstation has been updated appropriately, the computer will get moved to the actual OU that it belongs in which has the appropriate GPO's. On Thu, Jul 1, 2010 at 11:38 AM, Crawford, Scott crawfo...@evangel.edu wrote: So, do you just plan on not getting any viruses before it gets pushed to the client? From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 10:37 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) Didn't realize it would do the detect and push, I guess that would solve my problem. Just have to keep an eye on the server and delete any old clones, but like I mentioned even that should be a problem if the clones get re-created with the same names. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 10:34 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) Vipre push was part of our standard server build out, we didn't make it part of our base os images for VMWare because of guid issues as mentioned. You can set up Vipre Enterprise to automatically detect new computers based on the OU they are put in and automatically push to it. We did this for our workstation builds, but not servers. On Thu, Jul 1, 2010 at 10:27 AM, N Parr npar...@mortonind.com wrote: Why wouldn't you treat a VM license like any other? The console would see it as a normal computer and make it count anyway. Just trying to figure out an easy way to mange it. Could create an agent install package and push it out to the clone via GPO but when we update the base image for the clone with windows updates, new applications, etc it would get wiped out. I guess if the linked clones are getting created with the same naming structure you wouldn't have to worry about deleting the clients from Viper Enterprise server when because it just sees the agents by computer name and not SID or anything. When the new clones came back up they would get the agent installed via GPO again and then start talking to the Enterprise server like normal. My rambling make sense? From: Jeff Cain [mailto:je...@sunbelt-software.com] Sent: Thursday, July 01, 2010 10:15 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) N Parr, I am assuming here that you are using VIPRE Enterprise. I would recommend protecting each clone with VIPRE as the growth from definitions would be minimal, this is the best way to protect your systems and any machines they are connected to. I would also say that you should reinstall the VIPRE agent after you clone the machine to prevent the Enterprise Console from confusing the machines as they'll have the same agent GUID in the console. As far as licensing goes, I don't believe we hold VM installs against you. Thanks, Jeff Cain Technical Support Analyst Sunbelt Software Email: supp...@sunbeltsoftware.com mailto:supp...@sunbeltsoftware.com Voice: 1-877-757-4094 Fax: 1-727-562-5199 Web: http://www.sunbeltsoftware.com http://www.sunbeltsoftware.com/ Physical Address: 33 N Garden Ave Suite 1200 Clearwater, FL 33755 United States If you do not want further email from us, please forward this message to listmana...@sunbelt-software.com mailto:listmana...@sunbelt-software.com with the word 'unsubscribe' in the subject of your email. Helpful Sunbelt Software Links: Knowledge Base http://support.sunbeltsoftware.com/ Open a New Support Ticket http://www.sunbeltsoftware.com/Support/Contact/ Sunbelt Software Product Support Communities http://www.sunbeltsoftware.com/communities/ From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 11:06 AM To: NT System Admin Issues Subject: VMWare View, How are you handling AV? (Viper to be specific) So does anyone
RE: VMWare View, How are you handling AV? (Viper to be specific)
Right. I meant after it's been deemed ready for use. If one were so inclined, one might setup a script to move computers that have been in the provisioning OU for some specified time period. I just prefer to put it in the right OU immediately and have GPOs ensure all needed software is installed. From: David Lum [mailto:david@nwea.org] Sent: Thursday, July 01, 2010 12:56 PM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) A setting in AD: Redirecting CN=Computers to an administrator-specified organizational unit 1. Log on with Domain Administrator credentials in the domain where the CN=computers container is being redirected. 2. Transition the domain to the Windows Server 2003 domain in the Active Directory Users and Computers snap-in (Dsa.msc) or in the Domains and Trusts (Domains.msc) snap-in. For more information about increasing the domain functional level, click the following article number to view the article in the Microsoft Knowledge Base: 322692 http://support.microsoft.com/kb/322692/ (http://support.microsoft.com/kb/322692/ ) How to raise domain and forest functional levels in Windows Server 2003 3. Create the organizational unit container where you want computers that are created with earlier-version APIs to be located, if the desired organizational unit container does not already exist. 4. Run the Redircmp.exe file at a command prompt by using the following syntax, where container-dn is the distinguished name of the organizational unit that will become the default location for newly created computer objects that are created by down-level APIs: redircmp container-dn container-dn Redircmp.exe is installed in the %Systemroot%\System32 folder on Windows Server 2003-based or newer computers. For example, to change the default location for a computer that is created with earlier-version APIs such as Net User to the OU=mycomputers container in the CONTOSO.COM domain, use the following syntax: C:\windows\system32redircmp ou=mycomputers,DC=contoso,dc=com Note When Redircmp.exe is run to redirect the CN=Computers container to an organizational unit that is specified by an administrator, the CN=Computers container will no longer be a protected object. This means that the Computers container can now be moved, deleted, or renamed. If you use ADSIEDIT to view attributes on the CN=Computers container, you will see that the systemflags attribute was changed from -1946157056 to 0. This is by design http://support.microsoft.com/kb/324949 From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, July 01, 2010 10:43 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) Nice. What does the moving? From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 11:52 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) The OU that Vipre looks at to do the automatic push has a GPO that is totally restricted, can't be logged into from the network etc etc. Only Vipre and WSUS can do anything to it while in that OU. Once it's been verified that the workstation has been updated appropriately, the computer will get moved to the actual OU that it belongs in which has the appropriate GPO's. On Thu, Jul 1, 2010 at 11:38 AM, Crawford, Scott crawfo...@evangel.edu wrote: So, do you just plan on not getting any viruses before it gets pushed to the client? From: N Parr [mailto:npar...@mortonind.com] Sent: Thursday, July 01, 2010 10:37 AM To: NT System Admin Issues Subject: RE: VMWare View, How are you handling AV? (Viper to be specific) Didn't realize it would do the detect and push, I guess that would solve my problem. Just have to keep an eye on the server and delete any old clones, but like I mentioned even that should be a problem if the clones get re-created with the same names. From: Sherry Abercrombie [mailto:saber...@gmail.com] Sent: Thursday, July 01, 2010 10:34 AM To: NT System Admin Issues Subject: Re: VMWare View, How are you handling AV? (Viper to be specific) Vipre push was part of our standard server build out, we didn't make it part of our base os images for VMWare because of guid issues as mentioned. You can set up Vipre Enterprise to automatically detect new computers based on the OU they are put in and automatically push to it. We did this for our workstation builds, but not servers. On Thu, Jul 1, 2010 at 10:27 AM, N Parr npar...@mortonind.com wrote: Why wouldn't you treat a VM license like any other? The console would see it as a normal computer and make it count anyway. Just trying to figure out an easy way to mange it. Could create an agent install package and push it out to the clone via GPO but when we update the base image for the clone with windows updates, new applications
RE: Bad joke contest
? I thought we were doing bad jokes. Did you hear about the lady who backed into a propeller? Disaster. From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Friday, July 09, 2010 3:00 PM To: NT System Admin Issues Subject: OT: Bad joke contest For the last little bit of Friday, I'm now declaring a bad joke contest for this here NT list. I'm the sole judge and decision maker. I'll start off (and probably win) -- What do you call in when you feed a steer a stick of dynamite? Abominable (say it slow) Shook ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: DHCPv6
Hmmm...is it though? It's certainly not very hard, but I wouldn't say it's easy enough for me to change it on a regular basis or for every site I visit. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Tuesday, July 13, 2010 2:56 PM To: NT System Admin Issues Subject: Re: DHCPv6 On Tue, Jul 13, 2010 at 07:16, Ben Scott mailvor...@gmail.com wrote: On Tue, Jul 13, 2010 at 7:03 AM, Andrew S. Baker asbz...@gmail.com wrote: On Tue, Jul 13, 2010 at 6:58 AM, Ben Scott mailvor...@gmail.com wrote: With IPv6, the DHCP server *could* configure its own address via SLAAC, and then just hand out DHCP options (like DNS servers) when asked. True, but it's all too easy to setup the first address ... Oh, I'm not saying it would be a good idea to do that. Note that doesn't mean I'm saying it *wouldn't* be a good idea, either. Myself, I'm talking purely theory at this point. I don't know enough about IPv6 to start advocating any particular practice, and I expect IPv6 hasn't seen enough real-world usage to have really solid best practices in the first place. But I would be surprised if there aren't some factions which advocate SLAAC for *all* hosts no matter what. Then there are those who fear SLAAC because it puts an identifier which could potentially follow you anywhere in the world in your IP address (your NIC's MAC address). -- Ben It's easy enough to change your MAC address... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: cscript for domain users
See joe's and my comments here: http://blog.joeware.net/2010/06/17/2078/ From: Carl Houseman [mailto:c.house...@gmail.com] Sent: Wednesday, July 14, 2010 3:00 PM To: NT System Admin Issues Subject: RE: cscript for domain users Ordinary users can't change the default script host. You could use a GPO startup script to do this. Carl From: Jimmy Tran [mailto:jt...@teachtci.com] Sent: Wednesday, July 14, 2010 3:42 PM To: NT System Admin Issues Subject: cscript for domain users Is it possible to allow domain users to cscript to change the default script host? I really don't want to make users local admins on their machines. -Jimmy ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Passwords on paper? Seriously?
One nice feature it had was the ability to install with GP as an .msi though that has been removed. You can also install it on a print server so users can just map to it. The malware toolbar is fairly annoying though you can choose not to install it. I do think malware may be a bit strong in this case, though I'm open to being proven wrong. I think of it more as nagware. -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, July 15, 2010 1:27 PM To: NT System Admin Issues Subject: RE: Passwords on paper? Seriously? What does pdfcreator do for you that CutePDF-free doesn't do? (Other than install a malware toolbar?) PDF-Xchange looks very promising. Thanks Ralph. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, July 15, 2010 1:20 PM To: NT System Admin Issues Subject: Re: Passwords on paper? Seriously? On Thu, Jul 15, 2010 at 1:00 PM, Ralph Smith m...@gatewayindustries.org wrote: Or somebody scans in a paper form to PDF and emails it you... I've caught people here printing something out only to scan it right back in. I resist the urge to beat them mercilessly and instead introduce them to PDFCreator. I use PDF-XChange Viewer which lets you click and type anywhere on the PDF and save it with the additions, then email it back. That would be very handy. I'll have to check that out. In my copious free time. :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Friday diversion
Yeah, B, A, Start or B, A, Select, Start for two players. Interestingly, typing upupdowndownleftrightleftrightbastart into a Palm Pre puts it into developer mode. From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Friday, July 16, 2010 2:31 PM To: NT System Admin Issues Subject: Re: Friday diversion I've seen references to both. Was the one I listed for two players? - Sean On Fri, Jul 16, 2010 at 9:14 AM, Phillip Partipilo p...@psnet.commailto:p...@psnet.com wrote: Konami... but it was B, A, I thought? Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 From: Sean Martin [mailto:seanmarti...@gmail.commailto:seanmarti...@gmail.com] Sent: Friday, July 16, 2010 1:13 PM To: NT System Admin Issues Subject: Re: Friday diversion Up, Up, Down, Down, Left, Right, Left, Right, A, B, Select, Start - Sean On Fri, Jul 16, 2010 at 8:32 AM, Steve Ens stevey...@gmail.commailto:stevey...@gmail.com wrote: I loved Contra on the original Nintendo. On Fri, Jul 16, 2010 at 10:52 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Let's see here.. games I had/played: Summer Games Karataka Commando Spy Hunter (built my own hybrid joystick for this one) Archon Raid over Moscow (awesome!) Winter Games Labyrinth 1942 Little Computer People Arkanoid Hacker Knockout! Pitstop Pitfall EA Pinball Afterburner Huey Simulator Pacman Rambo Monster Truck 3D Donkey Kong Defender Test Drive Impossible Mission Leaderboard Airborne Ranger Silent Service Spy vs Spy Qbert Marble Madness Frankie goes to Hollywood Way of the Exploding Fist And others... needless to say, the copy protection mechanisms on games were easily defeated... -sc From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Friday, July 16, 2010 11:37 AM To: NT System Admin Issues Subject: Re: Friday diversion Mmmm...Bard's Tale. On Fri, Jul 16, 2010 at 11:29 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Hehe... I liked me some Beach Head, Bards Tale, Zaxxon, etc... on my C64 -sc -Original Message- From: Don Guyer [mailto:don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com] Sent: Friday, July 16, 2010 11:26 AM To: NT System Admin Issues Subject: RE: Friday diversion OMG! I was just watching this game I used to play for hours on the C64 (from cassette tape mind you): http://www.youtube.com/watch?v=w9QVl5Z9gL0 Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com -Original Message- From: Steven M. Caesare [mailto:scaes...@caesare.commailto:scaes...@caesare.com] Sent: Friday, July 16, 2010 11:18 AM To: NT System Admin Issues Subject: RE: Friday diversion And to think they built the SR-71 with those things. -sc -Original Message- From: Kim Longenbaugh [mailto:k...@colonialsavings.commailto:k...@colonialsavings.com] Sent: Friday, July 16, 2010 11:12 AM To: NT System Admin Issues Subject: RE: Friday diversion I had an abacus when I was a kid. When I got to high school, I got a slide rule. We had a computer science class featuring a teletype terminal with an acoustic modem that connected to a LameFrame at a local college. It ran Fortran. Our programs were stored on paper tape created/read by an attachment on the teletype terminal. The slide rule was faster. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.commailto:mailvor...@gmail.com] Sent: Friday, July 16, 2010 10:03 AM To: NT System Admin Issues Subject: Re: Friday diversion On Fri, Jul 16, 2010 at 10:10 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Man, I remember a bunch of these... I remember using and even owning several of those products, let alone the ads. My first IBM compatible was a Tandy 1000 SL. Neat machine for the day. Had MS-DOS in ROM so you didn't need to boot from floppy. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Whining...
I got some promotional VHS from them that were fun to watch. One of the quotes I fondly remember is But, beware. Complex animations like these require lots of memory. Sometimes more than a megabyte. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Friday, July 16, 2010 3:26 PM To: NT System Admin Issues Subject: Re: Whining... Indeed. -ASB: http://XeeSM.com/AndrewBaker On Fri, Jul 16, 2010 at 9:16 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Awesome. Amiga was some truly amazing hardware for its time, and the OS remains under-appreciated IMO. They also had no idea what to really do to market it against the PeeCee -sc -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Thursday, July 15, 2010 9:44 PM To: NT System Admin Issues Subject: RE: Whining... Just like Commodore. :-( [I did significant development on the Amiga platform, including I-Net 225 and a number of other commercial applications.] Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com -Original Message- From: Ben Scott [mailto:mailvor...@gmail.commailto:mailvor...@gmail.com] Sent: Thursday, July 15, 2010 9:40 PM To: NT System Admin Issues Subject: Re: Whining... On Thu, Jul 15, 2010 at 9:24 PM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: I had a chance to play with NT4.0 on a 4-CPU Alpha box back in the day. Not a lot of appas available for it wither (hence the FX!32 emulation/dynamic compile layer), but it _SCREAMED_ at the time. Yah, the Alpha was a sweet platform. I remember someone telling the story that their i386 program was faster on an Alpha running under FX!32 emulation than it was on native i386 hardware. Compaq buying DEC was a sad moment in computer history. Unsurprising that DEC failed -- their marketing was horrible, and their sales practices not much better -- but still sad. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Friday diversion
It's essentially the major step in jail-breaking it. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Friday, July 16, 2010 4:57 PM To: NT System Admin Issues Subject: RE: Friday diversion And just what, pray tell, did this secret code give you? Crawford, Scott crawfo...@evangel.edu 7/16/2010 1:17 PM Yeah, B, A, Start or B, A, Select, Start for two players. Interestingly, typing upupdowndownleftrightleftrightbastart into a Palm Pre puts it into developer mode. From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Friday, July 16, 2010 2:31 PM To: NT System Admin Issues Subject: Re: Friday diversion I've seen references to both. Was the one I listed for two players? - Sean On Fri, Jul 16, 2010 at 9:14 AM, Phillip Partipilo p...@psnet.commailto:p...@psnet.com wrote: Konami... but it was B, A, I thought? Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 From: Sean Martin [mailto:seanmarti...@gmail.commailto:seanmarti...@gmail.com] Sent: Friday, July 16, 2010 1:13 PM To: NT System Admin Issues Subject: Re: Friday diversion Up, Up, Down, Down, Left, Right, Left, Right, A, B, Select, Start - Sean On Fri, Jul 16, 2010 at 8:32 AM, Steve Ens stevey...@gmail.commailto:stevey...@gmail.com wrote: I loved Contra on the original Nintendo. On Fri, Jul 16, 2010 at 10:52 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Let's see here.. games I had/played: Summer Games Karataka Commando Spy Hunter (built my own hybrid joystick for this one) Archon Raid over Moscow (awesome!) Winter Games Labyrinth 1942 Little Computer People Arkanoid Hacker Knockout! Pitstop Pitfall EA Pinball Afterburner Huey Simulator Pacman Rambo Monster Truck 3D Donkey Kong Defender Test Drive Impossible Mission Leaderboard Airborne Ranger Silent Service Spy vs Spy Qbert Marble Madness Frankie goes to Hollywood Way of the Exploding Fist And others... needless to say, the copy protection mechanisms on games were easily defeated... -sc From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Friday, July 16, 2010 11:37 AM To: NT System Admin Issues Subject: Re: Friday diversion Mmmm...Bard's Tale. On Fri, Jul 16, 2010 at 11:29 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Hehe... I liked me some Beach Head, Bards Tale, Zaxxon, etc... on my C64 -sc -Original Message- From: Don Guyer [mailto:don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com] Sent: Friday, July 16, 2010 11:26 AM To: NT System Admin Issues Subject: RE: Friday diversion OMG! I was just watching this game I used to play for hours on the C64 (from cassette tape mind you): http://www.youtube.com/watch?v=w9QVl5Z9gL0 Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com -Original Message- From: Steven M. Caesare [mailto:scaes...@caesare.commailto:scaes...@caesare.com] Sent: Friday, July 16, 2010 11:18 AM To: NT System Admin Issues Subject: RE: Friday diversion And to think they built the SR-71 with those things. -sc -Original Message- From: Kim Longenbaugh [mailto:k...@colonialsavings.commailto:k...@colonialsavings.com] Sent: Friday, July 16, 2010 11:12 AM To: NT System Admin Issues Subject: RE: Friday diversion I had an abacus when I was a kid. When I got to high school, I got a slide rule. We had a computer science class featuring a teletype terminal with an acoustic modem that connected to a LameFrame at a local college. It ran Fortran. Our programs were stored on paper tape created/read by an attachment on the teletype terminal. The slide rule was faster. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.commailto:mailvor...@gmail.com] Sent: Friday, July 16, 2010 10:03 AM To: NT System Admin Issues Subject: Re: Friday diversion On Fri, Jul 16, 2010 at 10:10 AM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: Man, I remember a bunch of these... I remember using and even owning several of those products, let alone the ads. My first IBM compatible was a Tandy 1000 SL. Neat machine for the day. Had MS-DOS in ROM so you didn't need to boot from floppy. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com
RE: Adobe/Java Updates
There are several tools that will create an MSI wrapper around a command line. WWIW is the one I've heard the most about, but I've never actually used one. -Original Message- From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Tuesday, July 27, 2010 3:21 PM To: NT System Admin Issues Subject: RE: Adobe/Java Updates For more reasons that Firefox, you make this part sound easy: if you're lazy you can just embed the Firefox (or Thunderbird, or SeaMonkey) installer in the MSI and launch it with the silent install parameters. Do share. =] -- Mike Gill -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Tuesday, July 27, 2010 12:12 PM To: NT System Admin Issues Subject: Re: Adobe/Java Updates I purchased Advanced Installer (http://www.advancedinstaller.com) and make my own MSIs. Heck, if you're lazy you can just embed the Firefox (or Thunderbird, or SeaMonkey) installer in the MSI and launch it with the silent install parameters. The constant out-of-dateness of Frontmotion is one of the reasons why I bother with making my own (I also don't like them bundling out-of-date plugs). On 7/27/2010 1:46 PM, Sam Cayze wrote: Ditto. However, Frontmotion's updates are just too behind for me. I script a silent install in the background now. Never had an issue. Firefox Setup 3.6.8.exe -ms -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Adobe/Java Updates
Yeah, you need a command line that actually does a silent install and optionally one that does a silent uninstall. -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Tuesday, July 27, 2010 4:08 PM To: NT System Admin Issues Subject: Re: Adobe/Java Updates Be warned, some executables you cannot just blindly wrap in an MSI and expect it to work. Some executables are merely self-extracting executables that install MSIs, and installing an MSI from within an MSI generally isn't supported. On 7/27/2010 3:50 PM, Crawford, Scott wrote: There are several tools that will create an MSI wrapper around a command line. WWIW is the one I've heard the most about, but I've never actually used one. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
The gotcha is that the functionality has been reduced in 2007 pre-SP3 and 2010 pre-SP1. There is no way to change an expired password without these latest SPs. In 2003, IISADMPWD, with all it's warts, at least let you deal with expired passwords. However it looks to be very nice in 2010 once SP1 hits. -Original Message- From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Thursday, July 29, 2010 11:02 AM To: NT System Admin Issues Subject: RE: Password question What version of Exchange? This functionality has been there forever although there are some limitations. It's more or less fully there in Exchange 2007 SP3 and Exchange 2010 SP1. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:53 PM To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Password question
As long as you don't check User must change password at next logon you should be ok. If you do check that, you're gonna want to wait for SP1 or put up and IIS 6 box with IISADMPWD configured. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:28 AM To: NT System Admin Issues Subject: RE: Password question Would be going to Exchange 2010. The users' only access would be through OWA, no full client on the desktop. Brian Desmond br...@briandesmond.com 7/29/2010 9:01 AM What version of Exchange? This functionality has been there forever although there are some limitations. It's more or less fully there in Exchange 2007 SP3 and Exchange 2010 SP1. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Thursday, July 29, 2010 11:53 PM To: NT System Admin Issues Subject: Password question Cross-posted here and in the Exchange list: Are you able to change your AD password from within OWA? We have the following situation: 1) Novell currently handles our authentication, users, e-mail, etc. We have a Windows domain, but it's only for applications. 2) We are planning a migration from Novell to a new Windows AD domain. 3) The first stage of this migration is moving from Groupwise to Exchange. The plan here is to bring up the AD domain just enough to put users in, and install Exchange. The users would use OWA to access their e-mail. This brought up a concern for me: how do users change their AD passwords? When the accounts are created initially, we put on a temporary password, and let the users change it, but can they do that if the only connection they have is OWA? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: malware that creates Outlook rules
It's very likely a phished account. This happens to us on a regular basis and there's really nothing that can be done to fix it short of educating the users, which is...difficult. The fact that spam was continuing even after the account is disabled could be chalked up to mail still in the queues. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 2:32 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I'm glad I'm not the only sufferer! I'll try and answer the other questions that were asked: 1) yes, the spam continued even with the user's account disabled and their PC powered off 2) yes, only our Exchange server can send SMTP to the Internet 3) my OWA servers are clean according to VIPRE MalwareBytes So far this has hit 3 users (out of ~5000). I have not seen any spam sent in the last 5 hours but I don't have any confidence that I have found the source. Maybe there's a PC with a high-privileged account that has been compromised and is sending out spam runs on a schedule? Currently I am getting up-to-date on patches on all my Exchange boxes. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Monday, August 02, 2010 2:17 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules We are having a similar issue. We changed the users password, and since that user is in a meeting, we turned his machine off. Looks like it has to be coming from OWA. Here is some info from an error message our external MTA sent to me (our Exchange guys are looking into the matter): Transcript of session follows. Out: 220 mail3.wise.k12.va.us ESMTP In: EHLO mail.wise.k12.va.us Out: 250-mail3.wise.k12.va.us Out: 250-PIPELINING Out: 250-SIZE 8 Out: 250-VRFY Out: 250-ETRN Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: MAIL FROM:jev...@wise.k12.va.us SIZE=1163 Out: 250 2.1.0 Ok In: RCPT TO:fox2...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:khale...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aboshw...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:abdul...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:bm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:saltm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aarr1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:se...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:sanad1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:kham1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:adi...@naseej.com Out: 250 2.1.5 Ok Shane -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: Re: malware that creates Outlook rules Is your firewall set to only allow SMTP (port 25) traffic from your Exchange server? Die dulci fruere! Roger Wright ___ On Mon, Aug 2, 2010 at 2:21 PM, Osborne, Richard richard.osbo...@wth.org wrote: I disabled their accounts and it didn't help. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Monday, August 02, 2010 1:09 PM To: NT System Admin Issues Subject: Re: malware that creates Outlook rules Have you had the users change their passwords yet? Die dulci fruere! Roger Wright ___ On Mon, Aug 2, 2010 at 1:46 PM, Osborne, Richard richard.osbo...@wth.org wrote: Has anyone seen malware that creates an Outlook rule that moves all new mail to Deleted Items and then sends out a bunch of spam? I have a few users that have been hit with something I can't find. I scanned the PCs with VIPRE, MalwareBytes, Symantec's online scanner and didn't find anything. Then I turned off the PCs and something is still accessing their mailboxes. I scanned the Exchange server also. I am not seeing anything in Exchange User Monitor or Windows Security logs and our network guys say they don't see any unusual traffic to our Exchange server. Google finds a couple of people reporting the same thing but no resolution. Windows XP SP2 clients with Outlook 2002 2003; Exchange Server 2003 SP2 on Server 2003 SP1. Thanks for any ideas. Richard Osborne Information Systems Jackson-Madison County General Hospital NOTICE: (1) The foregoing is not intended to be a legally binding or legally effective electronic signature. (2) This message may contain legally privileged or confidential information. If you are not the intended recipient of this message, please so notify me, disregard the foregoing message, and delete the message immediately. I apologize for any inconvenience this may have caused. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
RE: malware that creates Outlook rules
This actually looks promising. We just recently got off 2003 so I'll be investigating this heavily. http://technet.microsoft.com/en-us/library/dd298094.aspx The problem we have is that we keep getting on spam lists and then blocked from sending email to hotmail, gmail, etc. Hopefully a ThrottlePolicy of say 2 or 3 per minute, will be enough to let us catch it before we get blocked. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 2:40 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I have been monitoring the Exchange queues. It's the only way I can tell when it is happening. I found the aqadmcli.exe utility and have been using it to clean the queues (aqadmcli delmsg flags=SENDER,sender=bob.sm...@wth.org. I'll check the OWA logs ASAP. Assuming I have had three users reply to phishing e-mails, is there anything to fix besides changing their passwords? Thanks everyone for the suggestions. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Also check those exchange smtp queues. If it is compromised accounts the spammers can send spam via you owa faster than your exchange server can process so it will get backed up so disabling accounts or changing passwords wont stop it until the queues are emptied. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:32 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I'm glad I'm not the only sufferer! I'll try and answer the other questions that were asked: 1) yes, the spam continued even with the user's account disabled and their PC powered off 2) yes, only our Exchange server can send SMTP to the Internet 3) my OWA servers are clean according to VIPRE MalwareBytes So far this has hit 3 users (out of ~5000). I have not seen any spam sent in the last 5 hours but I don't have any confidence that I have found the source. Maybe there's a PC with a high-privileged account that has been compromised and is sending out spam runs on a schedule? Currently I am getting up-to-date on patches on all my Exchange boxes. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Monday, August 02, 2010 2:17 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules We are having a similar issue. We changed the users password, and since that user is in a meeting, we turned his machine off. Looks like it has to be coming from OWA. Here is some info from an error message our external MTA sent to me (our Exchange guys are looking into the matter): Transcript of session follows. Out: 220 mail3.wise.k12.va.us ESMTP In: EHLO mail.wise.k12.va.us Out: 250-mail3.wise.k12.va.us Out: 250-PIPELINING Out: 250-SIZE 8 Out: 250-VRFY Out: 250-ETRN Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: MAIL FROM:jev...@wise.k12.va.us SIZE=1163 Out: 250 2.1.0 Ok In: RCPT TO:fox2...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:khale...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aboshw...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:abdul...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:bm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:saltm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aarr1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:se...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:sanad1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:kham1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:adi...@naseej.com Out: 250 2.1.5 Ok Shane -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: Re: malware that creates Outlook rules Is your firewall set to only allow SMTP (port 25) traffic from your Exchange server? Die dulci fruere! Roger Wright ___ On Mon, Aug 2, 2010 at 2:21 PM, Osborne, Richard richard.osbo...@wth.org wrote: I disabled their accounts and it didn't help. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Monday, August 02, 2010 1:09 PM To: NT System Admin Issues Subject: Re: malware that creates Outlook rules Have you had the users change their passwords yet? Die dulci fruere! Roger Wright ___ On Mon, Aug 2, 2010 at 1:46 PM, Osborne, Richard richard.osbo...@wth.org wrote: Has anyone seen malware that creates an Outlook rule that moves all new mail to Deleted Items and then sends out a bunch of spam? I have a few users that have been hit with something I can't find. I scanned the PCs with VIPRE, MalwareBytes, Symantec's online scanner and didn't find anything. Then I turned off the PCs and something is still accessing their mailboxes. I scanned the Exchange server also. I am not seeing
RE: malware that creates Outlook rules
Yeah, that sounds nice except we have 2000 students with an average of 500 new ones every year so our major issue isn't repeat offenders. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:51 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules When this happened here, we disabled their email account until they completed our security awareness training, for the second time. With supervisors complete support. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:40 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I have been monitoring the Exchange queues. It's the only way I can tell when it is happening. I found the aqadmcli.exe utility and have been using it to clean the queues (aqadmcli delmsg flags=SENDER,sender=bob.sm...@wth.org. I'll check the OWA logs ASAP. Assuming I have had three users reply to phishing e-mails, is there anything to fix besides changing their passwords? Thanks everyone for the suggestions. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Also check those exchange smtp queues. If it is compromised accounts the spammers can send spam via you owa faster than your exchange server can process so it will get backed up so disabling accounts or changing passwords wont stop it until the queues are emptied. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:32 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I'm glad I'm not the only sufferer! I'll try and answer the other questions that were asked: 1) yes, the spam continued even with the user's account disabled and their PC powered off 2) yes, only our Exchange server can send SMTP to the Internet 3) my OWA servers are clean according to VIPRE MalwareBytes So far this has hit 3 users (out of ~5000). I have not seen any spam sent in the last 5 hours but I don't have any confidence that I have found the source. Maybe there's a PC with a high-privileged account that has been compromised and is sending out spam runs on a schedule? Currently I am getting up-to-date on patches on all my Exchange boxes. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Monday, August 02, 2010 2:17 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules We are having a similar issue. We changed the users password, and since that user is in a meeting, we turned his machine off. Looks like it has to be coming from OWA. Here is some info from an error message our external MTA sent to me (our Exchange guys are looking into the matter): Transcript of session follows. Out: 220 mail3.wise.k12.va.us ESMTP In: EHLO mail.wise.k12.va.us Out: 250-mail3.wise.k12.va.us Out: 250-PIPELINING Out: 250-SIZE 8 Out: 250-VRFY Out: 250-ETRN Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: MAIL FROM:jev...@wise.k12.va.us SIZE=1163 Out: 250 2.1.0 Ok In: RCPT TO:fox2...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:khale...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aboshw...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:abdul...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:bm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:saltm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aarr1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:se...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:sanad1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:kham1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:adi...@naseej.com Out: 250 2.1.5 Ok Shane -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: Re: malware that creates Outlook rules Is your firewall set to only allow SMTP (port 25) traffic from your Exchange server? Die dulci fruere! Roger Wright ___ On Mon, Aug 2, 2010 at 2:21 PM, Osborne, Richard richard.osbo...@wth.org wrote: I disabled their accounts and it didn't help. -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Monday, August 02, 2010 1:09 PM To: NT System Admin Issues Subject: Re: malware that creates Outlook rules Have you had the users change their passwords yet? Die dulci fruere! Roger Wright ___ On Mon, Aug 2, 2010 at 1:46 PM, Osborne, Richard richard.osbo...@wth.org wrote: Has anyone seen malware that creates an Outlook rule that moves all new mail to Deleted Items and then sends out a bunch of spam? I have a few users that have been hit with something I can't find. I scanned the PCs with VIPRE, MalwareBytes, Symantec's online scanner and didn't find anything. Then I turned off the PCs and
RE: malware that creates Outlook rules
Yeah, it's on the investigate list. It does happen with staff on occasion too, but not nearly as much as students. The major outstanding question I have is how to do Unified Messaging with Exchange if the mailbox is outsourced? It's prolly something simple, but I just haven't looked into it yet. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 3:14 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Ah ha. Didn't notice the .edu addy. In that case, I would seriously investigate outsourcing that to MS or Google. The entire Va. Community College System went with Google for student email and so far it has worked really well. Can't beat the cost too. Zero and the student gets to keep their same email as long as they want it. No advertisements in their account while they are students. No backups, spam, outages and all that other support headaches for me. Great big plus. -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, August 02, 2010 4:05 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yeah, that sounds nice except we have 2000 students with an average of 500 new ones every year so our major issue isn't repeat offenders. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:51 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules When this happened here, we disabled their email account until they completed our security awareness training, for the second time. With supervisors complete support. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:40 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I have been monitoring the Exchange queues. It's the only way I can tell when it is happening. I found the aqadmcli.exe utility and have been using it to clean the queues (aqadmcli delmsg flags=SENDER,sender=bob.sm...@wth.org. I'll check the OWA logs ASAP. Assuming I have had three users reply to phishing e-mails, is there anything to fix besides changing their passwords? Thanks everyone for the suggestions. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Also check those exchange smtp queues. If it is compromised accounts the spammers can send spam via you owa faster than your exchange server can process so it will get backed up so disabling accounts or changing passwords wont stop it until the queues are emptied. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:32 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I'm glad I'm not the only sufferer! I'll try and answer the other questions that were asked: 1) yes, the spam continued even with the user's account disabled and their PC powered off 2) yes, only our Exchange server can send SMTP to the Internet 3) my OWA servers are clean according to VIPRE MalwareBytes So far this has hit 3 users (out of ~5000). I have not seen any spam sent in the last 5 hours but I don't have any confidence that I have found the source. Maybe there's a PC with a high-privileged account that has been compromised and is sending out spam runs on a schedule? Currently I am getting up-to-date on patches on all my Exchange boxes. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Monday, August 02, 2010 2:17 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules We are having a similar issue. We changed the users password, and since that user is in a meeting, we turned his machine off. Looks like it has to be coming from OWA. Here is some info from an error message our external MTA sent to me (our Exchange guys are looking into the matter): Transcript of session follows. Out: 220 mail3.wise.k12.va.us ESMTP In: EHLO mail.wise.k12.va.us Out: 250-mail3.wise.k12.va.us Out: 250-PIPELINING Out: 250-SIZE 8 Out: 250-VRFY Out: 250-ETRN Out: 250-ENHANCEDSTATUSCODES Out: 250-8BITMIME Out: 250 DSN In: MAIL FROM:jev...@wise.k12.va.us SIZE=1163 Out: 250 2.1.0 Ok In: RCPT TO:fox2...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:khale...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aboshw...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:abdul...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:bm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:saltm...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:aarr1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:se...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:sanad1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:kham1...@naseej.com Out: 250 2.1.5 Ok In: RCPT TO:adi...@naseej.com Out: 250
RE: malware that creates Outlook rules
Hmm, interesting. I like that. Of course, setting it up for all students automatically might prove to be tricky. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Tuesday, August 03, 2010 6:44 AM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules And just after I sent this the light came on, Google Voice should do UM. I'd let google handle voice mail, email and anything else they want to give to the students. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Tuesday, August 03, 2010 7:42 AM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Not sure on the UM questions. Not an issue here as we don't have student housing or provide phones for them. I'm betting that it is possible though. -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, August 02, 2010 5:46 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yeah, it's on the investigate list. It does happen with staff on occasion too, but not nearly as much as students. The major outstanding question I have is how to do Unified Messaging with Exchange if the mailbox is outsourced? It's prolly something simple, but I just haven't looked into it yet. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 3:14 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Ah ha. Didn't notice the .edu addy. In that case, I would seriously investigate outsourcing that to MS or Google. The entire Va. Community College System went with Google for student email and so far it has worked really well. Can't beat the cost too. Zero and the student gets to keep their same email as long as they want it. No advertisements in their account while they are students. No backups, spam, outages and all that other support headaches for me. Great big plus. -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, August 02, 2010 4:05 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yeah, that sounds nice except we have 2000 students with an average of 500 new ones every year so our major issue isn't repeat offenders. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:51 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules When this happened here, we disabled their email account until they completed our security awareness training, for the second time. With supervisors complete support. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:40 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I have been monitoring the Exchange queues. It's the only way I can tell when it is happening. I found the aqadmcli.exe utility and have been using it to clean the queues (aqadmcli delmsg flags=SENDER,sender=bob.sm...@wth.org. I'll check the OWA logs ASAP. Assuming I have had three users reply to phishing e-mails, is there anything to fix besides changing their passwords? Thanks everyone for the suggestions. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Also check those exchange smtp queues. If it is compromised accounts the spammers can send spam via you owa faster than your exchange server can process so it will get backed up so disabling accounts or changing passwords wont stop it until the queues are emptied. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:32 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I'm glad I'm not the only sufferer! I'll try and answer the other questions that were asked: 1) yes, the spam continued even with the user's account disabled and their PC powered off 2) yes, only our Exchange server can send SMTP to the Internet 3) my OWA servers are clean according to VIPRE MalwareBytes So far this has hit 3 users (out of ~5000). I have not seen any spam sent in the last 5 hours but I don't have any confidence that I have found the source. Maybe there's a PC with a high-privileged account that has been compromised and is sending out spam runs on a schedule? Currently I am getting up-to-date on patches on all my Exchange boxes. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Monday, August 02, 2010 2:17 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules We are having a similar issue. We changed the users password, and since that user is in a meeting, we turned his machine off. Looks like it has to be coming from OWA. Here is some info from
RE: malware that creates Outlook rules
Outbound anti-spam: I've been asking sunbelt to add this to Ninja for years. Still waiting on it, and I'm not sure why. In any case, I moved off Ninja and Vipre to Forefront so I'll let someone else continue the wait :). Exchange now has outbound message throttling so you can set limits like x number of emails per minute. I'm hoping to dig into it and see if I can add a trigger to let me know when a user hits more than 5 or so emails per minute. Blacklist removal - These links are the major ones we need: Comcast http://www.comcastsupport.com/rbl ATT http://wn.att.net/cgi-bin/block_admin.cgi Microsoft https://postmaster.live.com/snds/data.aspx https://support.msn.com/eform.aspx?productKey=edfsmsblct=eformts Barracuda http://www.barracudacentral.org/lookups/ip-reputation http://www.barracudacentral.org/rbl/removal-request Symantec http://ipremoval.sms.symantec.com/lookup -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Tuesday, August 03, 2010 12:16 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Actually this was happening all weekend. I was chasing my tail so hard I didn't think to e-mail this list until Monday. Lesson learned. Just to wrap up: thanks to Glen, Scott, Thomas, and anyone else who suggested the spam was coming from OWA via phished accounts. I looked at the IIS logs on the OWA server and found entries like this: ... GET /exchange/bob.smith/Drafts/ Cmd=new 443 bsmith x.x.x.x Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.1;+SV1;+InfoPath.2;+Crazy+Browser+3.0.3)... Which I suppose shows new e-mails being created in the Drafts folder. Any advice regarding interpreting these logs would be welcome. After changing the affected user's passwords I think we are in the clear. Exchange queues are quiet since yesterday. We publish OWA via ISA Server, so the OWA logs only the address of the ISA Server. We checked our firewall logs and found quite a bit of traffic to OWA from Nigeria India. We're in Tennessee, so we are able to block those addresses as we won't have any legitimate traffic from them. Based on the agent string above, I told URLScan to block Crazy Browser (http://www.crazybrowser.com/). I wonder how many other browsers there are I've never even heard of. Now I need to consider some kind of outbound anti-spam, figure out some scripting to notify me if the queues get out of hand, and get off all the blacklists I'm on. -- From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Monday, August 02, 2010 2:50 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules We're a Lotus Notes shop using Postini as a relay, if it makes any difference... We had one desktop system here, and a few in NYC, where spam as being spewed out. This actually had nothing at all to do with Domino/Lotus but rather a rogue SMTP server which got snuck onto some workstations. We were able to track this down by monitoring SMTP traffic through our firewall. All SMTP traffic was to be comming from only one IP at each location, and it was all supposed to be directed to our Postini host. At least yours does not seem to be happening on a weekend... -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA® 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.org The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. Osborne, Richard richard.osbo...@wth.org wrote on 08/02/2010 02:40:09 PM: I have been monitoring the Exchange queues. It's the only way I can tell when it is happening. I found the aqadmcli.exe utility and have been using it to clean the queues (aqadmcli delmsg flags=SENDER,sender=bob.sm...@wth.org. I'll check the OWA logs ASAP. Assuming I have had three users reply to phishing e-mails, is there anything to fix besides changing their passwords? Thanks everyone for the suggestions. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Also check those exchange smtp queues. If it is compromised accounts the spammers can send
RE: malware that creates Outlook rules
Good to know. Is it possible to host additional mailboxes locally just for voicemail/faxes and leave the actual mail in the cloud? Not really UM per se, but it would allow us to get off of our 3rd party voicemail server and auto-attendant and use Exchange's considerably cheaper versions. -Original Message- From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Tuesday, August 03, 2010 2:38 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Currently UM in that scenario isn't possible. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, August 02, 2010 4:46 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yeah, it's on the investigate list. It does happen with staff on occasion too, but not nearly as much as students. The major outstanding question I have is how to do Unified Messaging with Exchange if the mailbox is outsourced? It's prolly something simple, but I just haven't looked into it yet. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 3:14 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Ah ha. Didn't notice the .edu addy. In that case, I would seriously investigate outsourcing that to MS or Google. The entire Va. Community College System went with Google for student email and so far it has worked really well. Can't beat the cost too. Zero and the student gets to keep their same email as long as they want it. No advertisements in their account while they are students. No backups, spam, outages and all that other support headaches for me. Great big plus. -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, August 02, 2010 4:05 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yeah, that sounds nice except we have 2000 students with an average of 500 new ones every year so our major issue isn't repeat offenders. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:51 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules When this happened here, we disabled their email account until they completed our security awareness training, for the second time. With supervisors complete support. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:40 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I have been monitoring the Exchange queues. It's the only way I can tell when it is happening. I found the aqadmcli.exe utility and have been using it to clean the queues (aqadmcli delmsg flags=SENDER,sender=bob.sm...@wth.org. I'll check the OWA logs ASAP. Assuming I have had three users reply to phishing e-mails, is there anything to fix besides changing their passwords? Thanks everyone for the suggestions. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:35 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Also check those exchange smtp queues. If it is compromised accounts the spammers can send spam via you owa faster than your exchange server can process so it will get backed up so disabling accounts or changing passwords wont stop it until the queues are emptied. -Original Message- From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Monday, August 02, 2010 3:32 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I'm glad I'm not the only sufferer! I'll try and answer the other questions that were asked: 1) yes, the spam continued even with the user's account disabled and their PC powered off 2) yes, only our Exchange server can send SMTP to the Internet 3) my OWA servers are clean according to VIPRE MalwareBytes So far this has hit 3 users (out of ~5000). I have not seen any spam sent in the last 5 hours but I don't have any confidence that I have found the source. Maybe there's a PC with a high-privileged account that has been compromised and is sending out spam runs on a schedule? Currently I am getting up-to-date on patches on all my Exchange boxes. -Original Message- From: Thomas Mullins [mailto:tsmull...@wise.k12.va.us] Sent: Monday, August 02, 2010 2:17 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules We are having a similar issue. We changed the users password, and since that user is in a meeting, we turned his machine off. Looks like it has to be coming from OWA. Here is some info from an error message our external MTA sent to me (our Exchange guys are looking into the matter): Transcript of session follows. Out: 220 mail3.wise.k12.va.us ESMTP In: EHLO mail.wise.k12.va.us Out: 250
RE: malware that creates Outlook rules
That's awesome. I look forward to playing with it. -Original Message- From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Tuesday, August 03, 2010 3:35 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yep it's the same set of cmdlets you use for Exchange (as that's what l...@edu runs on). You can also use the OLSync ILM solution they offer. It's $500 + SQL Std for the ILM licensing but this will do GALSync from your existing AD/Exchange environment in to l...@edu. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Steven Peck [mailto:sep...@gmail.com] Sent: Tuesday, August 03, 2010 3:30 PM To: NT System Admin Issues Subject: Re: malware that creates Outlook rules Microsoft also has a similar program for EDUs for hosted mail. http://www.microsoft.com/liveatedu/free-hosted-student-email.aspx They have powershell cmdlets that work over the web for administrator so there should be some ways to accomplish automation of a sort. Steven Peck http://www.blkmtn.org On Tue, Aug 3, 2010 at 12:39 PM, Brian Desmond br...@briandesmond.com wrote: Most schools I've worked with either have something that plugs in to the message bus of their ERP/SIS system for provisioning to outsourced services, or, more frequently, they have a job which either scans an Oracle table every so often or a batch job on the ERP side that dumps delta flat files and a second job that picks them up and provisions to Google/etc. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Tuesday, August 03, 2010 2:27 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules I'm sure it is, and the Va. CC uses PeopleSoft for our Student Info System(SIS) and so they worked together to create an automated process in that, a student applies to the college, registers for classes and the next day, they have the email account active. All this is done via the web. Maybe google would work with your SIS vendor to create something similar. -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Tuesday, August 03, 2010 12:08 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Hmm, interesting. I like that. Of course, setting it up for all students automatically might prove to be tricky. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Tuesday, August 03, 2010 6:44 AM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules And just after I sent this the light came on, Google Voice should do UM. I'd let google handle voice mail, email and anything else they want to give to the students. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Tuesday, August 03, 2010 7:42 AM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Not sure on the UM questions. Not an issue here as we don't have student housing or provide phones for them. I'm betting that it is possible though. -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, August 02, 2010 5:46 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yeah, it's on the investigate list. It does happen with staff on occasion too, but not nearly as much as students. The major outstanding question I have is how to do Unified Messaging with Exchange if the mailbox is outsourced? It's prolly something simple, but I just haven't looked into it yet. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 3:14 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Ah ha. Didn't notice the .edu addy. In that case, I would seriously investigate outsourcing that to MS or Google. The entire Va. Community College System went with Google for student email and so far it has worked really well. Can't beat the cost too. Zero and the student gets to keep their same email as long as they want it. No advertisements in their account while they are students. No backups, spam, outages and all that other support headaches for me. Great big plus. -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, August 02, 2010 4:05 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules Yeah, that sounds nice except we have 2000 students with an average of 500 new ones every year so our major issue isn't repeat offenders. -Original Message- From: Glen Johnson [mailto:gjohn...@vhcc.edu] Sent: Monday, August 02, 2010 2:51 PM To: NT System Admin Issues Subject: RE: malware that creates Outlook rules When this happened here, we disabled their email account until they completed
RE: Windows Downgrade Circus
How bout if MS requires that any NIC supported by Windows fails to some base compatibility level like video cards do with VGA mode. Then, require that all drivers for windows appear on Windows Update. Zip, bam, boom, there's no need for any vendor specific discs. Just install from a generic windows disc and get all drives from Windows Update. -Original Message- From: John Cook [mailto:john.c...@pfsf.org] Sent: Thursday, August 05, 2010 12:39 PM To: NT System Admin Issues Subject: RE: Windows Downgrade Circus Except for the fact that these recovery disks are vendor specific complete with drivers and diag tools so MS providing replacement discs would not be in their best interests - you'd need to order them from Dell, HP, etc -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, August 05, 2010 1:29 PM To: NT System Admin Issues Subject: Re: Windows Downgrade Circus On Thu, Aug 5, 2010 at 1:02 PM, Michael B. Smith mich...@smithcons.com wrote: You don't want replacement media to be so cheap or so easy to obtain that people don't do a reasonable search before they go to the trouble of figuring out how to get replacement media. Oooo, that's a good point. Of course, one could argue Microsoft's going about it all wrong. They could turn replacement media into a *profit center*. Think of how many times a customer/friend/family-member/random-stranger has asked you to fix their computer, and when you ask them for the discs it came with, all you get is a blank stare. Every one of those could be Microsoft earning twenty percent! ;-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Cannot restore item in Backup Exec that has been Cataloged
Ø Has anyone else had an issue with Backup Exec where after cataloging media that you can't restore it? Not since I switched to DPM :) From: Cameron Cooper [mailto:ccoo...@aurico.com] Sent: Thursday, August 05, 2010 12:54 PM To: NT System Admin Issues Subject: Cannot restore item in Backup Exec that has been Cataloged Has anyone else had an issue with Backup Exec where after cataloging media that you can't restore it? Our backups look like this... we backup to disk and then backup the disk to tape. I've restored the data from the tape to the disk, then inventoried and cataloged the media (which both have completed successfully) that I need to restore. However when you go to restore the data, it states that the media isn't in the catalog and that I need to catalog the media in order to restore it. I've stopped BE services, renamed the catalog folder to catalog.old, restarted the BE services and then re-cataloged the media. _ Cameron Cooper Network Administrator | CompTIA A+ Certified Aurico Reports, Inc Phone: 847-890-4021 | Fax: 847-255-1896 ccoo...@aurico.commailto:ccoo...@aurico.com | www.aurico.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Kudos to Michael B Smith!
Reminds of the scene in Strange Brew where Rick Moranis drinks the entire vat of beer he was thrown in to be drowned. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, August 05, 2010 2:22 PM To: NT System Admin Issues Subject: Re: Kudos to Michael B Smith! If MBS got all of the beers we owe him at one time, he'd drown... On Thu, Aug 5, 2010 at 07:59, David Lum david@nwea.org wrote: I just wanted to publicly thank Michael B Smith for helping me out with the “password about to expire” .VBS script that he blogged about here: http://theessentialexchange.com/blogs/michael/archive/2007/11/13/sending-an-e-mail-to-users-whose-password-is-about-to-expire.aspx It needed a minor tweak to work in my environment and he took the time to help me out, now it works perfectly and saved us from spending $700 for a tool that we had budgeted for (I found the request in process and said “I think I can get this done with a script”). Instead of spending $700 + time to learn the new tool, we spent zero for purchase and took maybe an hour of my time. Thank you Michael! That MVP was well earned in my book!!! David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Kudos to Michael B Smith!
No point in steering now. One of my all time favorite lines in any movie :) -Original Message- From: Don Guyer [mailto:don.gu...@prufoxroach.com] Sent: Thursday, August 05, 2010 2:39 PM To: NT System Admin Issues Subject: RE: Kudos to Michael B Smith! OMG! Now I've got to watch that again, been soo long! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.com -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Thursday, August 05, 2010 3:35 PM To: NT System Admin Issues Subject: RE: Kudos to Michael B Smith! Reminds of the scene in Strange Brew where Rick Moranis drinks the entire vat of beer he was thrown in to be drowned. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Thursday, August 05, 2010 2:22 PM To: NT System Admin Issues Subject: Re: Kudos to Michael B Smith! If MBS got all of the beers we owe him at one time, he'd drown... On Thu, Aug 5, 2010 at 07:59, David Lum david@nwea.org wrote: I just wanted to publicly thank Michael B Smith for helping me out with the “password about to expire” .VBS script that he blogged about here: http://theessentialexchange.com/blogs/michael/archive/2007/11/13/sending-an-e-mail-to-users-whose-password-is-about-to-expire.aspx It needed a minor tweak to work in my environment and he took the time to help me out, now it works perfectly and saved us from spending $700 for a tool that we had budgeted for (I found the request in process and said “I think I can get this done with a script”). Instead of spending $700 + time to learn the new tool, we spent zero for purchase and took maybe an hour of my time. Thank you Michael! That MVP was well earned in my book!!! David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: File server structure and perms
Just the contents of the share. Even if you have no access to the share, you'll still see it. -Original Message- From: De Williman, Shih [mailto:sdewilli...@g2.com] Sent: Tuesday, August 10, 2010 1:10 PM To: NT System Admin Issues Subject: RE: File server structure and perms Does ABE work on shares or just the folders under the share? -Original Message- From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Tuesday, August 10, 2010 7:34 AM To: NT System Admin Issues Subject: RE: File server structure and perms Have you had experience is Access Based Enumeration? You can setup one master share, and unless you have NTFS permissions of read to the directory underneath, the user doesn't even see the directory, which means they wouldn't be able to read/write from it, and should solve the problem. I do agree that it's a little more labor intensive, but you could setup the structure, use Icacls.exe to backup the ACL's once in place ( or script it out) and if anything goes wrong, reply the ICACLS script to set the permissions accordingly. I have done this on Windows 2003 R2, and looking to make it the defacto standard on Windows 2008 R2 ( As soon as I plow through Miansi's most excellent 2008 R2 book, if you don't have a copy, I would suggest you get it) Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 -Original Message- From: Charlie Kaiser [mailto:charl...@golden-eagle.org] Sent: Monday, August 09, 2010 10:47 PM To: NT System Admin Issues Subject: File server structure and perms I've been tasked with setting up a file server structure for a client. SBS 2008. We normally set up Home, Shared, and Public. Client wants a completely different paradigm. They want a master folder for each of their clients, with subfolders below that which have varying permissions. So for example: Client master folder -test results -notes -estimates -contracts Each of the subfolders would have different perms; techs writing data to test results would not have access to estimates, for example. They also wish to have a template setup so that each time they add a client, they can put this structure in place and have the appropriate permissions in effect. I don't see a simple way to do this. It looks to be highly IT-intensive, which is not what we nor the client would like. It almost sounds more like a sharepoint thing, although I have little first-hand knowledge of sharepoint deployments. Any suggestions? Thanks! *** Charlie Kaiser charl...@golden-eagle.org Kingman, AZ *** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Patches
I can neither confirm nor deny that, but interrupting a service pack install, most definitely does crash the box :)...at least XP SP2 From: Jacob [mailto:ja...@excaliburfilms.com] Sent: Tuesday, August 10, 2010 4:40 PM To: NT System Admin Issues Subject: RE: Patches I have had to reboot systems for patches that sat for hours at one point and reset them. Either is starts were is left off or reapplies the patch(es). I had yet to have a system crash because I had to reboot on a stuck update. From: Stefan Jafs [mailto:stefan.j...@gmail.com] Sent: Tuesday, August 10, 2010 1:56 PM To: NT System Admin Issues Subject: Re: Patches I don't know I finally re-booted trough ILO and they re-started ok, after the re-boot it did finish the update all ok now! On Tue, Aug 10, 2010 at 4:26 PM, Sam Cayze sam.ca...@rollouts.commailto:sam.ca...@rollouts.com wrote: I have seen the .NET patches take forever. Are they stuck on those? From: Stefan Jafs [mailto:stefan.j...@gmail.commailto:stefan.j...@gmail.com] Sent: Tuesday, August 10, 2010 3:19 PM To: NT System Admin Issues Subject: Re: Patches I have 2 * 2008 Servers that have been sitting at 2 out of 3, 0% for about an hour! Thinking about ILO re-boot? Stefan On Tue, Aug 10, 2010 at 4:05 PM, Sam Cayze sam.ca...@rollouts.commailto:sam.ca...@rollouts.com wrote: Anyone have any issues yet? Sam -- Stefan Jafs -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Will AMD buy NORTON next???
I'll bet you would. :) From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, August 19, 2010 1:03 PM To: NT System Admin Issues Subject: RE: Will AMD buy NORTON next??? Wouldn't give two cents for either... Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, August 19, 2010 1:52 PM To: NT System Admin Issues Subject: Will AMD buy NORTON next??? How much would Norton be sold to AMD for ??? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Trying to limit my helpdesk to Power User rights,
I would manage the permissions myself. If you don't want them to be admins, you shouldn't be making them power users either. Power Users are Admins who have not made themselves admins yet http://blogs.technet.com/b/jesper_johansson/archive/2006/03/12/421870.aspx From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Wednesday, September 01, 2010 2:02 PM To: NT System Admin Issues Subject: Trying to limit my helpdesk to Power User rights, I am trying as a method of locking down my Win2k8 and below servers is removing administrative rights wherever I can to the minimal level, I have setup my helpdesk folks to be Power users on one of my Windows 2008 R2 boxes, and if they login local to the box, they can create a directory and share local on the server, using MMC etc etc, ( I tested as a domain user as a power user) but if I run the MMC Shared folders snapin as the Power User from my XP System ( I made the account full admin on the workstation) when I try and take a look at the drives, via the snapin it doesn't allow it when it's a Power user on the server, I know if I was to make the group or the test user a local administrator ( which I don't want to do, because the keep screwing up permissions right and left) then they will see the drives and create folder etc etc accordingly. Any ideas, How I can get this working with Power User only rights accordingly? Maybe using additional share on the root of the drives to get them access accordingly? Either that or take care of all the permissions myself. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Assistance with eMail footers
Are you guys seriously still falling for this obvious troll? From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Wednesday, September 15, 2010 8:56 PM To: NT System Admin Issues Subject: Re: Assistance with eMail footers I think you will find they are trying to help you say No this is a very bad idea to the bosses. As at least one pointed out some companies will block or kill your emails as JUNK or SPAM when it comes in. Others are pointing out that putting that stuff into email will require specific codecs or player to run. Keep in mind by the end of the day like you their nerves are stretched to the breaking point due to ID10T issues caused but people much like your boss is trying to be. Putting that kind of stuff into a footer will eat up disk space on the mail server and/or client machines and I could forsee most of it getting deleted very quickly for that reason only. Jon On Tue, Sep 14, 2010 at 11:28 AM, Doug Hampshire dhampsh...@gmail.commailto:dhampsh...@gmail.com wrote: Why have you all hijacked my thread? I was seeking some actual help with this. We are a company focused primarily on Merger and Acquisition activities and the owner wants to include a video (I recommended Flash but he insists it work on an iPad/iPhone) of the Viking Kittens. He thinks it portrays our core values somehow. I really need to find other gainful employment. On Tue, Sep 14, 2010 at 11:10 AM, William J. Robbins dangerw...@gmail.commailto:dangerw...@gmail.com wrote: Wait until the Captain hears about this! WJR - from my Crackberry. If you find yourself in a fair fight, your tactics suck. From: Steve Ens stevey...@gmail.commailto:stevey...@gmail.com Date: Tue, 14 Sep 2010 10:09:05 -0500 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Assistance with eMail footers I think the Enterprise was retired after the The Next Generation started On Tue, Sep 14, 2010 at 10:07 AM, William J. Robbins dangerw...@gmail.commailto:dangerw...@gmail.com wrote: Oh...my bad. I assumed he had the Enterprise kit. WJR - from my Crackberry. If you find yourself in a fair fight, your tactics suck. From: Jonathan Link jonathan.l...@gmail.commailto:jonathan.l...@gmail.com Date: Tue, 14 Sep 2010 11:03:57 -0400 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Assistance with eMail footers If you don't have the flux capacitor, you don't need as much. IIRC, that option isn't available to most powershell developers. On Tue, Sep 14, 2010 at 11:01 AM, William J. Robbins dangerw...@gmail.commailto:dangerw...@gmail.com wrote: Depends on the size of your shell, and how many ohms your power supply produces in gigawatts. I think you'll need 1.21. WJR - from my Crackberry. If you find yourself in a fair fight, your tactics suck. From: Don Ely don@gmail.commailto:don@gmail.com Date: Tue, 14 Sep 2010 07:43:26 -0700 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: Re: Assistance with eMail footers How much power does powerscript require? On Tue, Sep 14, 2010 at 7:40 AM, Gasper, Rick rickgas...@kings.edumailto:rickgas...@kings.edu wrote: With Enterprise you can use a powerscript to add it to the outbound smtp connector. With standard, you would need to script it to add it to the email client. Both are simple and will accomplish the same thing. From: William J. Robbins [mailto:dangerw...@gmail.commailto:dangerw...@gmail.com] Sent: Tuesday, September 14, 2010 10:22 AM To: NT System Admin Issues Subject: Re: Assistance with eMail footers I have the white one! WJR - from my Crackberry. If you find yourself in a fair fight, your tactics suck. From: Gasper, Rick rickgas...@kings.edumailto:rickgas...@kings.edu Date: Tue, 14 Sep 2010 10:09:46 -0400 To: NT System Admin Issuesntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com ReplyTo: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: RE: Assistance with eMail footers Is that Enterprise or standard? From: Doug Hampshire [mailto:dhampsh...@gmail.commailto:dhampsh...@gmail.com] Sent: Tuesday, September 14, 2010 9:27 AM To: NT System Admin Issues Subject: Re: Assistance with eMail footers I have Outlook Server 7. On Tue, Sep 14, 2010 at 9:24 AM, Martin Blackstone
RE: iTunes
Music obtained from peer to peer networks is often infected. No music format that I am aware of has the capability of carrying executable code. All files – music or otherwise – are streams of 1’s and 0’s. I’s solely up to the application playing the files that determine what the bits mean. If there’s a security vulnerability in iTunes, then an MP3 file would be a likely vehicle for delivering it. A file doesn’t need to be overtly “code” to exploit a vulnerability. From: Ken Cornetet [mailto:ken.corne...@kimball.com] Sent: Thursday, September 16, 2010 9:20 AM To: NT System Admin Issues Subject: RE: iTunes Cons addressed in-line CONS It is more of an iTunes Store kiosk than a music manager. iTunes store is available, but you don’t have to use it. What can’t iTunes do as a manager that other media players can do? Encourages proliferation of illegally obtained music. More so than Windows Media Player? Actually, I’d say that the ability to very easily buy music via the iTunes store discourages illegal music. Music obtained from peer to peer networks is often infected. No music format that I am aware of has the capability of carrying executable code. Uses valuable bandwidth, streaming and downloading. No more than WMP and you can easily block it if you like. Windows Media Player is already included in Windows to play music. Why is this a con for iTunes? iTunes media is generally high bitrate, meaning audio and video will take up a lot of space. iTunes does not control the bitrate of the digital media. The person creating the media controls the bitrate. Massive memory footprint puts a strain on system resources. I wouldn’t call iTunes svelte, but it isn’t horrible in its requirements. I run it on a Thinkpad T23 (900Mhz, 512MB) at home. Time to backup user's files increases exponentially Again, this has nothing to do with iTunes. Have the user put their music files somewhere other than their “My Documents”. Or, exclude media file types from being backed up. Installs other required applications with it (Quicktime, Safari, AppleApplicationSupport, MobileMe, Bonjour, etc) You don’t have to install Safari. The other stuff stays out of the way. Requires frequent updating. You can turn checking for updates off. Requires admin rights to update it. AFAIK, you have to be admin to even run iTunes. This does suck. iTunes updates have a nasty history of triggering system crashes. I call BS on this. I’ve certainly never had a crash from running iTunes. PROS Apple users like it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: iTunes
And I'm going to have to agree with your disagreement. :) -- Sent from my Palm Pre On Sep 16, 2010 12:55 PM, Andrew S. Baker asbz...@gmail.com wrote: And I'm going to have to disagree with your assessment. We are just about a decade beyond the time when we swore that data-only formats were safe. Today you can send malformed PDF, malformed JPG, and malformed GIF files, just to name a few, and these can be used to gain access to a machine. Now, I'm not limiting this to iTunes -- I'm merely disputing your theoretical label on this type of threat. As long as there is an executable that needs to process the data file, buffer overflow exploits are possible. In 2010, it is a very real consideration. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Sep 16, 2010 at 1:10 PM, Ken Cornetet ken.corne...@kimball.commailto:ken.corne...@kimball.com wrote: In a very theoretical way you are correct, but as a practical matter, not so much so. Yes, it is theoretically possible that itunes could have a bug that could be triggered by a specifically malformed mp3 file, but the chance that the bug would lead to usable results by the “attacker” is extremely thin. It is a bit like saying that text files should be banned because some text file might possibly exist that causes notepad to download a trojan and install it. Possible, but not very likely. From: Crawford, Scott [mailto:crawfo...@evangel.edumailto:crawfo...@evangel.edu] Sent: Thursday, September 16, 2010 11:22 AM To: NT System Admin Issues Subject: RE: iTunes Music obtained from peer to peer networks is often infected. No music format that I am aware of has the capability of carrying executable code. All files – music or otherwise – are streams of 1’s and 0’s. I’s solely up to the application playing the files that determine what the bits mean. If there’s a security vulnerability in iTunes, then an MP3 file would be a likely vehicle for delivering it. A file doesn’t need to be overtly “code” to exploit a vulnerability. From: Ken Cornetet [mailto:ken.corne...@kimball.commailto:ken.corne...@kimball.com] Sent: Thursday, September 16, 2010 9:20 AM To: NT System Admin Issues Subject: RE: iTunes Cons addressed in-line CONS It is more of an iTunes Store kiosk than a music manager. iTunes store is available, but you don’t have to use it. What can’t iTunes do as a manager that other media players can do? Encourages proliferation of illegally obtained music. More so than Windows Media Player? Actually, I’d say that the ability to very easily buy music via the iTunes store discourages illegal music. Music obtained from peer to peer networks is often infected. No music format that I am aware of has the capability of carrying executable code. Uses valuable bandwidth, streaming and downloading. No more than WMP and you can easily block it if you like. Windows Media Player is already included in Windows to play music. Why is this a con for iTunes? iTunes media is generally high bitrate, meaning audio and video will take up a lot of space. iTunes does not control the bitrate of the digital media. The person creating the media controls the bitrate. Massive memory footprint puts a strain on system resources. I wouldn’t call iTunes svelte, but it isn’t horrible in its requirements. I run it on a Thinkpad T23 (900Mhz, 512MB) at home. Time to backup user's files increases exponentially Again, this has nothing to do with iTunes. Have the user put their music files somewhere other than their “My Documents”. Or, exclude media file types from being backed up. Installs other required applications with it (Quicktime, Safari, AppleApplicationSupport, MobileMe, Bonjour, etc) You don’t have to install Safari. The other stuff stays out of the way. Requires frequent updating. You can turn checking for updates off. Requires admin rights to update it. AFAIK, you have to be admin to even run iTunes. This does suck. iTunes updates have a nasty history of triggering system crashes. I call BS on this. I’ve certainly never had a crash from running iTunes. PROS Apple users like it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Cheap/Free POP3/SMTP Server?
http://erlegreer.com/L0L/ From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Monday, September 20, 2010 10:14 AM To: NT System Admin Issues Subject: RE: Cheap/Free POP3/SMTP Server? Are you *really* rolling on the floor? Shook From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, September 20, 2010 11:13 AM To: NT System Admin Issues Subject: Re: Cheap/Free POP3/SMTP Server? ROFL!! ASB On Mon, Sep 20, 2010 at 11:08 AM, Ben Scott mailvor...@gmail.commailto:mailvor...@gmail.com wrote: On Mon, Sep 20, 2010 at 11:03 AM, Paul Hutchings paul.hutchi...@mira.co.ukmailto:paul.hutchi...@mira.co.uk wrote: Any suggestions on anything else that is cheap/free and easy to configure? Linux? :) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Speaking of Drobo ... (was: SAN question)
The difference is that memory is consumed and released over time but for the most part, storage just grows. This is the same as CPU overcommit which is one of the basis of the virtualization revolution. From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, September 23, 2010 1:43 PM To: NT System Admin Issues Subject: RE: Speaking of Drobo ... (was: SAN question) Same thing is true for memory overcommit in VMs. I think it's a feature that shouldn't ever be used. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, September 23, 2010 1:59 PM To: NT System Admin Issues Subject: Re: Speaking of Drobo ... (was: SAN question) Thin provisioning is very cool, but requires a great deal of monitoring to make it really effective (or to avoid self-inflicted injury) ASB On Thu, Sep 23, 2010 at 1:30 PM, Jonathan Link jonathan.l...@gmail.commailto:jonathan.l...@gmail.com wrote: Just to be clear, what you're describing is thin provisioning, not RAID or even BeyondRaid. You've created volumes that report to the susbcribing OS to be 16 TB in size, so you are at risk of oversubscribing your disk space. You're using the features of BeyondRAID to handle providing additional capacity to thin provisioned volumes when you add additional physical disks, or replace disks with larger ones. On Thu, Sep 23, 2010 at 12:28 PM, Bob Hartung bhart...@wiscoind.commailto:bhart...@wiscoind.com wrote: We've been using a Drobo Elite for about 6 months. It has seven 2 TB WD drives in it with dual redundant disks yielding 8.36 TB of available storage. I use it for Acronis backup images. One of the drives failed about a week after we installed them. The Drobo alerted me which drive had failed and I got a replacement and stuffed it in and it automatically rebuilt the array without any interruptions. Someone mentioned that the smallest drive somehow define capacity. That not true. If you go to the Data Robotics website, they have a space calculator app that tells you the usable storage space with any combination of drive sizes and redundancy settings. One of the biggest benefits I see with the Beyond RAID is volume size flexibility. On a typical RAID, if you specify a 500 MB volume and you reach that limit and need more you have to backup the data, destroy the volume and recreate it with a larger size and restore the data. With Beyond RAID, you can either specify a 500 MB volume and have the same situation as a conventional RAID. But you can also elect to make the Volume size 16 TB. Then you can let the volume grow as large as there is free space available on the installed drives. I make all my volumes 16 TB. If I start running out of room, I'll add another 2 TB drive. When that's full, I'll pull one of the 2 TB drives out and stick in a 4 TB drive (or whatever the current big drive available is). Other benefits... * No trays. You just stick the bare drive in. * Drive order is unimportant. If you shutdown the Drobo, pulled all the drives and stuck them back in randomly and fired it up, there'd be no problem. It's more expensive than a NAS but it's worth it for the Beyond RAID. It's also a lot less expensive than a typical SAN. I think it great technology. -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.comhttp://wiscoind.com/ From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.commailto:jra...@eaglemds.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 23 Sep 2010 10:47:39 -0500 Subject: RE: Speaking of Drobo ... (was: SAN question) Ok, so lemme get this straight - you put in 7 TB of disk and only get 3 TB usable? Lovely. With traditional RAID, if you pulled the 1 TB drive out of that same equation, you'd have, u 4 TB... Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.commailto:jra...@eaglemds.com www.eaglemds.comhttp://www.eaglemds.com From: N Parr [mailto:npar...@mortonind.commailto:npar...@mortonind.com] Sent: Thursday, September 23, 2010 11:44 AM To: NT System Admin Issues Subject: RE: Speaking of Drobo ... (was: SAN question) Pretty sure raid on the Drobo defined by the smallest drive in the array. So if you have 3 2TB drive and 1 1TB drive you will only get around 3TB of storage. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.commailto:jra...@eaglemds.com] Sent: Thursday, September 23, 2010 10:36 AM To: NT System Admin Issues Subject: Speaking of Drobo ... (was: SAN question) Ok, so it SEEMS like a really cool device, but I honestly haven't looked at it seriously since the device first
RE: Tower Climbing
That makes my hands sweaty. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Wednesday, September 29, 2010 4:02 PM To: NT System Admin Issues Subject: Tower Climbing We have a pair of 70' towers that we have our wireless bridges mounted on. I think they're really tall. I'd never go up them. Then I see a video like this to put things in perspective. www.break.com/index/climbing-a-1786-tall-tower -- Bob Hartung Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Restricting groups in Active Directory
You're *incredibly* optimistic. Do you actually think there's a chance that a company that wants all of IT to be Domain Admins has seen the light and doesn't let users run as local admins? From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, September 30, 2010 10:34 AM To: NT System Admin Issues Subject: Re: Restricting groups in Active Directory Lemme ask this... since there's a need to get management buy in. Is everyone in the organization running as local admin? If not, then an analogy can be drawn. Afterall, if helpdesk had to support staff who ran as admin, well, that would be more difficult, right? It's a good argument to shutdown the helpdesk golfing buddies. If everyone does run as admin, then you have a mighty challenge, sir. On Thu, Sep 30, 2010 at 10:36 AM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: When I first arrived here, everyone and their Grandmother in IT were Domain Admins. After months of kicking and screaming, we were able to convince management that we need to narrow that list down. It did take quite a bit of work, but needed to be done. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: William Robbins [mailto:dangerw...@gmail.commailto:dangerw...@gmail.com] Sent: Thursday, September 30, 2010 10:24 AM To: NT System Admin Issues Subject: Re: Restricting groups in Active Directory I'll see your +1 and raise +11 - WJR On Thu, Sep 30, 2010 at 09:04, Jeff Steward jstew...@gmail.commailto:jstew...@gmail.com wrote: +1 -Jeff Steward On Thu, Sep 30, 2010 at 9:47 AM, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: Change = accountability + better levels of support due to less stuff mysteriously breaking. ASB (My XeeSM Profile)http://xeesm.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Sep 30, 2010 at 9:40 AM, James Rankin kz2...@googlemail.commailto:kz2...@googlemail.com wrote: As usual, the boss of the helpdesk (and his golf buddies) think that change = interruptions to support. I'm going to convince them that change = accountability + the same level of support. On 30 September 2010 14:38, Maglinger, Paul pmaglin...@scvl.commailto:pmaglin...@scvl.com wrote: What are they trying to accomplish? Do they believe that everyone needs domain admin rights just to change passwords or unlock accounts? I'd try to find out what they need to do and then restrict them accordingly. Help desk doesn't need rights to be able to change administrator passwords, free reign to all files, and add machines to the domain (just to name a few). From: James Rankin [mailto:kz2...@googlemail.commailto:kz2...@googlemail.com] Sent: Thursday, September 30, 2010 8:18 AM To: NT System Admin Issues Subject: Re: Restricting groups in Active Directory I am raising this up with IS management, as it is unsupportable - there's no point in me putting a structure together that can just be pulled apart at will. There's no way around it, so I'm just going to have to trust in my own stubbornness to get the buy-in I need :-) Audit was going to be one of the hot words to throw into the debate, though. I'd be interested myself in seeing the results of any previous audits they've had here. On 30 September 2010 14:08, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: However, the business are adamant that every member of the support teams (from helpdesk upwards) will be given a Domain Admin account. Am I right in assuming this means that they could simply add themselves into the groups I am setting up, because even if I restrict these groups via an ACL, they could just take ownership of the group? You might need to enlist the assistance of... dare I say it? ... Auditors. If everyone is a domain admin, then they can all do whatsoever they want in the domain. Seriously, is your organization not subject to some you sort of regulatory compliance? Who is your CTO/CIO? ASB (My XeeSM Profile)http://xeesm.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Sep 30, 2010 at 7:49 AM, James Rankin kz2...@googlemail.commailto:kz2...@googlemail.com wrote: However, the business are adamant that every member of the support teams (from helpdesk upwards) will be given a Domain Admin account. Am I right in assuming this means that they could simply add themselves into the groups I am setting up, because even if I restrict these groups via an ACL, they could just take ownership of the group? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to
RE: Restricting groups in Active Directory
Yeah, I stand corrected. I'm just really surprised that they're running as non-admins on the desktop. I certainly agree with your approach though and it should be a fairly easy step to non-DA. I'd put together some scenarios to demonstrate the danger if I were in the situation. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, September 30, 2010 1:03 PM To: NT System Admin Issues Subject: Re: Restricting groups in Active Directory Not really. I can see that the IT staff in general would want to retain admin rights generally and limit rights to users based on what they need. IT staff at that organization need to adjust to a least permissions framework, too. If they've already pushed that framework down to the users or if the users have always operated under such a framework, then it should be a fairly easy concept to grasp and there will already be precedent for limiting administrative user rights. On Thu, Sep 30, 2010 at 12:29 PM, Crawford, Scott crawfo...@evangel.edumailto:crawfo...@evangel.edu wrote: You're *incredibly* optimistic. Do you actually think there's a chance that a company that wants all of IT to be Domain Admins has seen the light and doesn't let users run as local admins? From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Thursday, September 30, 2010 10:34 AM To: NT System Admin Issues Subject: Re: Restricting groups in Active Directory Lemme ask this... since there's a need to get management buy in. Is everyone in the organization running as local admin? If not, then an analogy can be drawn. Afterall, if helpdesk had to support staff who ran as admin, well, that would be more difficult, right? It's a good argument to shutdown the helpdesk golfing buddies. If everyone does run as admin, then you have a mighty challenge, sir. On Thu, Sep 30, 2010 at 10:36 AM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: When I first arrived here, everyone and their Grandmother in IT were Domain Admins. After months of kicking and screaming, we were able to convince management that we need to narrow that list down. It did take quite a bit of work, but needed to be done. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: William Robbins [mailto:dangerw...@gmail.commailto:dangerw...@gmail.com] Sent: Thursday, September 30, 2010 10:24 AM To: NT System Admin Issues Subject: Re: Restricting groups in Active Directory I'll see your +1 and raise +11 - WJR On Thu, Sep 30, 2010 at 09:04, Jeff Steward jstew...@gmail.commailto:jstew...@gmail.com wrote: +1 -Jeff Steward On Thu, Sep 30, 2010 at 9:47 AM, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: Change = accountability + better levels of support due to less stuff mysteriously breaking. ASB (My XeeSM Profile)http://xeesm.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Sep 30, 2010 at 9:40 AM, James Rankin kz2...@googlemail.commailto:kz2...@googlemail.com wrote: As usual, the boss of the helpdesk (and his golf buddies) think that change = interruptions to support. I'm going to convince them that change = accountability + the same level of support. On 30 September 2010 14:38, Maglinger, Paul pmaglin...@scvl.commailto:pmaglin...@scvl.com wrote: What are they trying to accomplish? Do they believe that everyone needs domain admin rights just to change passwords or unlock accounts? I'd try to find out what they need to do and then restrict them accordingly. Help desk doesn't need rights to be able to change administrator passwords, free reign to all files, and add machines to the domain (just to name a few). From: James Rankin [mailto:kz2...@googlemail.commailto:kz2...@googlemail.com] Sent: Thursday, September 30, 2010 8:18 AM To: NT System Admin Issues Subject: Re: Restricting groups in Active Directory I am raising this up with IS management, as it is unsupportable - there's no point in me putting a structure together that can just be pulled apart at will. There's no way around it, so I'm just going to have to trust in my own stubbornness to get the buy-in I need :-) Audit was going to be one of the hot words to throw into the debate, though. I'd be interested myself in seeing the results of any previous audits they've had here. On 30 September 2010 14:08, Andrew S. Baker asbz...@gmail.commailto:asbz...@gmail.com wrote: However, the business are adamant that every member of the support teams (from helpdesk upwards) will be given a Domain Admin account. Am I right in assuming this means that they could simply add themselves into the groups I am setting up, because even if I restrict these groups via an ACL, they could just take ownership of the group? You might need to enlist
RE: GPO msi packages
Agreed, but the one big advantage is that you can deploy the wrapped setup.exe with a GPO without having to use scripts. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Tuesday, October 05, 2010 2:57 PM To: NT System Admin Issues Subject: Re: GPO msi packages On Tue, Oct 5, 2010 at 3:21 PM, itli...@imcu.com itli...@imcu.com wrote: I am learning GPO's, I think. How do I make a .msi from a setup.exe??? The short answer is, you can't, not really. You can make an MSI that wraps a SETUP.EXE and will fire it off, but in doing so, you loose all of the benefits of an MSI, so why bother? However, many SETUP.EXE's actually include a real MSI inside them. 7-Zip will unpack many of them. The resources others have posted are still good. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: OT: weather.com
What part of ND? Williston here. From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 12:34 PM To: NT System Admin Issues Subject: Re: OT: weather.com Humanity. Make fun of them because they aren't us. Growing up in ND, made fun of Montanans (common joke was where men are men and sheep are scared). I know people from western MN made fun of ND. I'd say northern SD made fun of ND, too, but there aren't a lot of people there. :-) On Tue, Oct 5, 2010 at 1:29 PM, Raper, Jonathan - Eagle jra...@eaglemds.commailto:jra...@eaglemds.com wrote: Why? (I always wondered what started that…) Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.commailto:jra...@eaglemds.com www.eaglemds.comhttp://www.eaglemds.com/ From: Don Guyer [mailto:don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com] Sent: Tuesday, October 05, 2010 1:27 PM To: NT System Admin Issues Subject: RE: OT: weather.comhttp://weather.com/ Tri-state (DE, PA, NJ). Everyone that doesn’t live in NJ makes fun of those who do. But, where do “most” of the people go for Summer vacations around here?.NJ shore of course! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 1:23 PM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ Interstate rivalry? On Tue, Oct 5, 2010 at 1:20 PM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: It’s a (regional) joke here. ☺ Yeah he prolly was. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 1:19 PM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ He was probably a really nice guy. The nice guy love those characters where they get to be richard craniums... On Tue, Oct 5, 2010 at 1:15 PM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: No wonder I didn’t like him (RIP), he was from Jersey!!! ☺ Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.commailto:jra...@eaglemds.com] Sent: Tuesday, October 05, 2010 1:13 PM To: NT System Admin Issues Subject: RE: OT: weather.comhttp://weather.com/ Paul Gleason http://en.wikipedia.org/wiki/Paul_Gleason Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.commailto:jra...@eaglemds.com www.eaglemds.comhttp://www.eaglemds.com/ From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 12:59 PM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ He was the fixer for the rich brothers. On Tue, Oct 5, 2010 at 12:45 PM, Daniel Rodriguez drod...@gmail.commailto:drod...@gmail.com wrote: I think that actor appeared in Trading Places as the 'agent'. He died some years ago, though. Sad. He had cancer. That is what he died of. Can't remember when but it was a few years ago. On Tue, Oct 5, 2010 at 11:11 AM, Jonathan Link jonathan.l...@gmail.commailto:jonathan.l...@gmail.com wrote: Do you mean the principal? On Tue, Oct 5, 2010 at 11:07 AM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: I got so pissed off at the moderator character in that movie every time I watched it! I don’t know his actual name, but he always played a$$hole roles. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 11:03 AM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ I think I threw up in my mouth a little. On Tue, Oct 5, 2010 at 10:51 AM, Andy Shook andy.sh...@peak10.commailto:andy.sh...@peak10.com wrote: For my fellow list members who grew up in the 80’s…the weather channel is comparing the current weather patterns to ‘The Breakfast Club’
RE: OT: weather.com
Don’t sweat it. I meant to send mine directly to you too ☺ From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Wednesday, October 06, 2010 1:22 PM To: NT System Admin Issues Subject: Re: OT: weather.com I'm an idiot, too. I meant to address that directly to Mr. Crawford. On Wed, Oct 6, 2010 at 2:18 PM, Jonathan Link jonathan.l...@gmail.commailto:jonathan.l...@gmail.com wrote: Bismarck, my mom's family is from Belfield, straight south of you on 85. I believe my father is from the Watford City or New Town area, but he's a deadbeat so I never really investigated too much. On Wed, Oct 6, 2010 at 2:13 PM, Crawford, Scott crawfo...@evangel.edumailto:crawfo...@evangel.edu wrote: What part of ND? Williston here. From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 12:34 PM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ Humanity. Make fun of them because they aren't us. Growing up in ND, made fun of Montanans (common joke was where men are men and sheep are scared). I know people from western MN made fun of ND. I'd say northern SD made fun of ND, too, but there aren't a lot of people there. :-) On Tue, Oct 5, 2010 at 1:29 PM, Raper, Jonathan - Eagle jra...@eaglemds.commailto:jra...@eaglemds.com wrote: Why? (I always wondered what started that…) Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.commailto:jra...@eaglemds.com www.eaglemds.comhttp://www.eaglemds.com/ From: Don Guyer [mailto:don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com] Sent: Tuesday, October 05, 2010 1:27 PM To: NT System Admin Issues Subject: RE: OT: weather.comhttp://weather.com/ Tri-state (DE, PA, NJ). Everyone that doesn’t live in NJ makes fun of those who do. But, where do “most” of the people go for Summer vacations around here?.NJ shore of course! Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 1:23 PM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ Interstate rivalry? On Tue, Oct 5, 2010 at 1:20 PM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: It’s a (regional) joke here. ☺ Yeah he prolly was. Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 1:19 PM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ He was probably a really nice guy. The nice guy love those characters where they get to be richard craniums... On Tue, Oct 5, 2010 at 1:15 PM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: No wonder I didn’t like him (RIP), he was from Jersey!!! ☺ Don Guyer Systems Engineer - Information Services Prudential, Fox Roach/Trident Group 431 W. Lancaster Avenue Devon, PA 19333 Direct: (610) 993-3299 Fax: (610) 650-5306 don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.commailto:jra...@eaglemds.com] Sent: Tuesday, October 05, 2010 1:13 PM To: NT System Admin Issues Subject: RE: OT: weather.comhttp://weather.com/ Paul Gleason http://en.wikipedia.org/wiki/Paul_Gleason Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.commailto:jra...@eaglemds.com www.eaglemds.comhttp://www.eaglemds.com/ From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Tuesday, October 05, 2010 12:59 PM To: NT System Admin Issues Subject: Re: OT: weather.comhttp://weather.com/ He was the fixer for the rich brothers. On Tue, Oct 5, 2010 at 12:45 PM, Daniel Rodriguez drod...@gmail.commailto:drod...@gmail.com wrote: I think that actor appeared in Trading Places as the 'agent'. He died some years ago, though. Sad. He had cancer. That is what he died of. Can't remember when but it was a few years ago. On Tue, Oct 5, 2010 at 11:11 AM, Jonathan Link jonathan.l...@gmail.commailto:jonathan.l...@gmail.com wrote: Do you mean the principal? On Tue, Oct 5, 2010 at 11:07 AM, Don Guyer don.gu...@prufoxroach.commailto:don.gu...@prufoxroach.com wrote: I got so pissed off at the moderator character in that movie every time I watched it! I don’t know his actual name, but he always played a$$hole roles. Don Guyer Systems Engineer - Information Services Prudential
RE: 64 Bit flash beta 2
That would be an L2+ http://erlegreer.com/LOL/ From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, October 07, 2010 5:18 PM To: NT System Admin Issues Subject: Re: 64 Bit flash beta 2 I enjoy reading your posts, Ben. That one brought a good chuckle... ASB On Thu, Oct 7, 2010 at 6:11 PM, Ben Scott mailvor...@gmail.commailto:mailvor...@gmail.com wrote: On Thu, Oct 7, 2010 at 12:11 PM, Steven M. Caesare scaes...@caesare.commailto:scaes...@caesare.com wrote: On difference is that the working machine ALSO has a left-over 32 bit Flash 10 Active X installation on it that I didn't remove. Makes perfect sense to me -- there are at least 4096 different ways which web designers detect Flash, and all of them are wrong. Someone's prolly looking for the GUID of the 32-bit version or something goofy like that. Linux users have been dealing with this for years. It's amazing how many websites think not Microsoft Windows means Lynx on a ASR-33 teletype. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Robocopy
...and CLI strings like that are why we have GUI's :) I usually add /nfl /ndl /np /log:log.txt so I can see the errors at a glance. From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Friday, October 15, 2010 8:52 PM To: NT System Admin Issues Subject: RE: Robocopy I usually use the /mir (for mirror) switch, but if you don't want the deletes to replicate then you'd want something like /s /e /sec /z /eta /w:0 /r:0 Thanks, Brian Desmond br...@briandesmond.com w - 312.625.1438 | c - 312.731.3132 From: Cameron [mailto:cameron.orl...@gmail.com] Sent: Friday, October 15, 2010 8:21 AM To: NT System Admin Issues Subject: Robocopy Ok, who the heck would have thought that Friday is actually a Monday in disguise! After totally changing the permissions on everyones home directories using Robocopy...I figured I'd better ask. I'm moving some leftover home directories from one server to another and got the bright idea to use Robocopy GUI to do this. Read the help file, did some googlefuing, thought I had it nailed. Set the source path: I:\\users\test (just a test folder with some files and sub folders) Set the target path: G:\\users\ (just a mapped drive to the other server) Copy options: /copyall and /move (so that it would move the folder/subdirs and keep the securities that I had placed on it) Ran the script and checked the other server. Yep...that was the plan... It moved the file I:\\users\test\filename.txt to G:\\users\filename.txt not under the test folder and didn't create the Test folder or any sub folders. I had *thought* it would create the folder and sub folders and set the perms...but apparently I was mistaken. Can someone point me in the right direction? I don't want to have to reset all the bloody home directory perms again! TIA! Cameron ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Print Drivers
The setting you're referring to are: [cid:image001.png@01CB6EC7.88E557F0] From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Monday, October 18, 2010 1:09 PM To: NT System Admin Issues Subject: RE: Print Drivers If I remember right there's a GP setting that says to let normal users install signed point and print drivers. You may also have to specify the trusted print servers in that list. Thanks, Brian Desmond br...@briandesmond.com w - 312.625.1438 | c - 312.731.3132 From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Monday, October 18, 2010 8:34 AM To: NT System Admin Issues Subject: Print Drivers I have a 2008r2 print server w/ x86/x64 drivers for several printers, I have a GPP that applies mapped printers on Win7 clients. Problem is it forces the map in the users context and unlike older windows, the drivers don't just install. How does one get around this? Thanks! jlc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmininline: image001.png
RE: ESXi
I've had to recover a file from a windows VM that was on an ESX volume. OnTrack EZRecover scanned for missing partitions and actually found the partition in the deleted VMDK and let me recover the file. EZR doesn't work on linux file systems so I couldn't restore the actual vmdk file, but that wasn't necessary. From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, October 21, 2010 10:50 AM To: NT System Admin Issues Subject: OT: ESXi Anybody ever had to do a file undelete on an ESXi box w/ it's linux filesystem? I seem to find myself facing that... -sc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Keyboard recommendation
+1 The worst is the enter key that's two rows high and then a single key sized backspace with \ to its left. Blech. Make sure you get the inverted T cursor controls and not a + layout or worse. Also, I have to have: insert, home, pageup delete, end, page down in that order. Tell me again who thought it would be a good idea to dump the insert button just to have a giant delete key? Finally, it's pretty nice having the extra equal, parentheses, and backspace key above the numeric keypad. I say all that to vote for the Microsoft Natural Ergonomic Keyboard 7000, mines the wireless version, but I could go either way. It's also got a bunch of programmable keys, but they're not all that important to me. -Original Message- From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Thursday, October 21, 2010 3:59 PM To: NT System Admin Issues Subject: RE: Keyboard recommendation Also, I like having the correct layout on my keyboard. The \ key should be above the Enter key. +1,000,000 I CAN'T STAND a non-standard keyboard layout. Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.com www.eaglemds.com -Original Message- From: Matthew W. Ross [mailto:mr...@ephrataschools.org] Sent: Thursday, October 21, 2010 4:56 PM To: NT System Admin Issues Subject: Re: Keyboard recommendation You do realize the pandora's box you have just opened... I myself love my IBM M series, but my workmates hate how loud I am on it. So Have a cheap dell. I can't stand some of the new keyboards on laptops, especially ones with no definition between the keys, very little fall to a keystroke, and no satisfying feeling that I've hit the key. Some desktop keyboards are moving in this direction... I hope that fad dies a quick and painful death. Also, I like having the correct layout on my keyboard. The \ key should be above the Enter key. Nah, I'm not picky. Sm:)e. --Matt Ross Ephrata School District - Original Message - From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] To: NT System Admin Issues [mailto:ntsysad...@lyris.sunbelt-software.com] Sent: Thu, 21 Oct 2010 13:38:29 -0700 Subject: Keyboard recommendation What keyboard make/model do you guys like for yourselves? I'm about to go Office Space on this MS one...looking for recommendations... Thx . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Keyboard recommendation
Well, sounds like you're a perfect candidate for mine: http://www.microsoft.com/hardware/mouseandkeyboard/ProductDetails.aspx?pid=095 From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Friday, October 22, 2010 8:33 AM To: NT System Admin Issues Subject: RE: Keyboard recommendation Damn, out of stock. LOL Thanks to all for reminding me how important key placement is to me. |Insert|Home|Pageup |Delete|End|PageDn and the Enter key not being a giant backwards L I find that I never use the programmable hotkeys, but I do like having a calc button above the numeric keypad, as well as volume right on the keyboard. From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, October 21, 2010 8:10 PM To: NT System Admin Issues Subject: RE: Keyboard recommendation Actually I guess I will suggest one: http://www.thinkgeek.com/computing/input/9836/ -sc From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Thursday, October 21, 2010 4:51 PM To: NT System Admin Issues Subject: RE: Keyboard recommendation I've never used it, but this one is pretty wild... http://www.safetype.com/index.asp Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ From: Jeff Steward [mailto:jstew...@gmail.com] Sent: Thursday, October 21, 2010 4:45 PM To: NT System Admin Issues Subject: Re: Keyboard recommendation MS Natural Ergonomic 4000 I can't stand using a 'normal' keyboard. -Jeff Steward On Thu, Oct 21, 2010 at 4:38 PM, David Mazzaccaro david.mazzacc...@hudsonmobility.commailto:david.mazzacc...@hudsonmobility.com wrote: What keyboard make/model do you guys like for yourselves? I'm about to go Office Space on this MS one...looking for recommendations... Thx . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Keyboard recommendation
Yeah, the mouse is funky, but I'm used to it now. I was much more interested in its key layout. From: Tim Vander Kooi [mailto:tvanderk...@expl.com] Sent: Friday, October 22, 2010 12:02 PM To: NT System Admin Issues Subject: RE: Keyboard recommendation I use the 7000 keyboard and mouse also and really like them both. I was not sure about the mouse to start with, but don't like using regular mice any more. It is very comfortable to use. Tim From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Friday, October 22, 2010 11:55 AM To: NT System Admin Issues Subject: RE: Keyboard recommendation this looks promising! thx From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, October 22, 2010 11:41 AM To: NT System Admin Issues Subject: RE: Keyboard recommendation Well, sounds like you're a perfect candidate for mine: http://www.microsoft.com/hardware/mouseandkeyboard/ProductDetails.aspx?pid=095 From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Friday, October 22, 2010 8:33 AM To: NT System Admin Issues Subject: RE: Keyboard recommendation Damn, out of stock. LOL Thanks to all for reminding me how important key placement is to me. |Insert|Home|Pageup |Delete|End|PageDn and the Enter key not being a giant backwards L I find that I never use the programmable hotkeys, but I do like having a calc button above the numeric keypad, as well as volume right on the keyboard. From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Thursday, October 21, 2010 8:10 PM To: NT System Admin Issues Subject: RE: Keyboard recommendation Actually I guess I will suggest one: http://www.thinkgeek.com/computing/input/9836/ -sc From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Thursday, October 21, 2010 4:51 PM To: NT System Admin Issues Subject: RE: Keyboard recommendation I've never used it, but this one is pretty wild... http://www.safetype.com/index.asp Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ From: Jeff Steward [mailto:jstew...@gmail.com] Sent: Thursday, October 21, 2010 4:45 PM To: NT System Admin Issues Subject: Re: Keyboard recommendation MS Natural Ergonomic 4000 I can't stand using a 'normal' keyboard. -Jeff Steward On Thu, Oct 21, 2010 at 4:38 PM, David Mazzaccaro david.mazzacc...@hudsonmobility.commailto:david.mazzacc...@hudsonmobility.com wrote: What keyboard make/model do you guys like for yourselves? I'm about to go Office Space on this MS one...looking for recommendations... Thx . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin . ~ Finally, powerful endpoint
RE: WSUS and non public patches
Not finding anything on Bing or Google. Do you happen to have a link handy? Or does this require Essentials? From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Monday, October 25, 2010 4:35 PM To: NT System Admin Issues Subject: RE: WSUS and non public patches I believe the System Center Update Packager (SCUP) is available as a free out of band download now. This thing lets you plug stuff in to WSUS. Thanks, Brian Desmond br...@briandesmond.com c - 312.731.3132 From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Monday, October 25, 2010 2:41 PM To: NT System Admin Issues Subject: WSUS and non public patches Possible to addin hotfixes you manually download from MS? I have a few I need to apply across the board... Thanks! jlc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: WindowsSecurity.com/Chris Sanders reviews VIPRE Enterprise.
Feel free, they're still there, but not terribly interesting :) -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Wednesday, October 27, 2010 4:33 PM To: NT System Admin Issues Subject: Re: WindowsSecurity.com/Chris Sanders reviews VIPRE Enterprise. On 27 Oct 2010 at 12:37, Webster wrote: Found an e-mail address for the author. He said the site admins were supposed to have pulled all those comments out before release. OOPS! He is having that corrected. I hope someone archived them for posterity first ;-) -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Adobe acrobat reader updates
Agreed. I dropped shockwave for a trial. That lasted about a week :) -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Thursday, October 28, 2010 2:12 PM To: NT System Admin Issues Subject: RE: Adobe acrobat reader updates Cool, that is the way I have been doing it. Tyvm. As for shockwave, I can't begin to describe the horrors of crappy elementary 'educational' software and what they require. Shockwave being one of those horrors. -Original Message- From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Thursday, October 28, 2010 3:11 PM To: NT System Admin Issues Subject: RE: Adobe acrobat reader updates Flash and shock don't need config for deployment, grab the msi's and deploy. Also, forget about shock, show me a site that uses that nowadays anyway. http://www.adobe.com/go/full_flashplayer_win_msi http://www.adobe.com/go/full_flashplayer_win_pl_msi http://www.adobe.com/products/shockwaveplayer/shwv_distribution3.html From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Thursday, October 28, 2010 1:03 PM To: NT System Admin Issues Subject: RE: Adobe acrobat reader updates Thanks Mike, appreciate that. Probably too much to hope for that there is a similar easy tool for Flash and Shockwave? From: Mike Gill [mailto:lis...@canbyfoursquare.com] Sent: Thursday, October 28, 2010 3:00 PM To: NT System Admin Issues Subject: RE: Adobe acrobat reader updates Just to be extra helpful the tool he's referring to is here: http://www.adobe.com/support/downloads/detail.jsp?ftpID=3993 Among to tweaks you can do to Reader, one of them is to remove previous versions if they are found automatically. This will extract the MSI needed for an administrative install to the folder Reader9.4 w/o running setup.exe: AdbeRdr940_en_US.exe -nos_oReader9.4 -nos_ne Now you can create an administrative install point for deployment and customize (create the MST) using the tool above. -- Mike Gill From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Thursday, October 28, 2010 5:17 AM To: NT System Admin Issues Subject: RE: Adobe acrobat reader updates You should find you can deploy the MSI via Group Policy and it'll take care of everything for you. Take a look at the Adobe Customization Tool as well as you can disable things like checking for updates. From: Brumbaugh, Luke [mailto:luke.brumba...@butlerschein.com] Sent: 28 October 2010 13:01 To: NT System Admin Issues Cc: Miller, Bob Subject: Adobe acrobat reader updates I have been tasks by the head company to update adobe reader etc. I am reading remove all old versions, then install new. Updates are by default downloaded. And that this is one big headache, Any tips, tricks, words of wisdom? I do not have sms, just wsus (windows updates). Luke L. Brumbaugh Network Engineer Butler Animal Health Supply Ph:(614) 659-1736 ** CONFIDENTIALITY NOTICE - The information transmitted in this message is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and destroy all copies of this document. Thank you. Butler Schein Animal Health ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 114 5409 96 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally,
RE: trade publications - toss or archive?
I'm pretty disappointed it went digital. I'd definitely be willing to pay for it, but they gave out so many free subscriptions, I think it just became a casualty. From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, October 28, 2010 3:38 PM To: NT System Admin Issues Subject: RE: trade publications - toss or archive? I'm curious - a few mentioned keeping their old TechNet magazines. Does everyone else keep up with that publication since it went digital only? I used to look forward to it, but have to admit I haven't looked at it since it stopped coming in a print version. From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Sent: Thursday, October 28, 2010 4:34 PM To: NT System Admin Issues Subject: RE: trade publications - toss or archive? Aside from that...the nagging thing in my mind is the conspiracy theory voice that says, if you have it in print, you can prove it. If it is online...well, it can be changed... :) Jonathan L. Raper, A+, MCSA, MCSE Technology Coordinator Eagle Physicians Associates, PA jra...@eaglemds.comBLOCKED::mailto:%20jra...@eaglemds.com www.eaglemds.comBLOCKED::http://www.eaglemds.com/ From: Don Kuhlman [mailto:drkuhl...@yahoo.com] Sent: Thursday, October 28, 2010 4:25 PM To: NT System Admin Issues Subject: Re: trade publications - toss or archive? True - that's what I keep thinking, maybe all of this is right at our fingertips online for however long we will need it, but then the pack rat comes back and whispers, you know, you may need this little book or that little article and it won't be out there... From: Ben Schorr b...@rolandschorr.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thu, October 28, 2010 3:10:39 PM Subject: RE: trade publications - toss or archive? I had that situation. Then my wife and I moved to a new house and I took the opportunity to donate most of them to the local public library. I realized that I'd rarely opened any of those books in the previous two years (Google is so much easier). Ben M. Schorr Chief Executive Officer __ Roland Schorr Tower www.rolandschorr.comhttp://www.rolandschorr.com/ b...@rolandschorr.commailto:b...@rolandschorr.com Twitter: http://www.twitter.com/bschorr Facebook: http://www.facebook.com/rolandschorr From: Jacob [mailto:ja...@excaliburfilms.com] Sent: Thursday, October 28, 2010 13:03 To: NT System Admin Issues Subject: RE: trade publications - toss or archive? In my office at home, I had a bookshelf full of IT books dating back to Windows 3.1, etc. The bookshelf got full. So I was able to come up with one solution... Get another bookshelf ;-) One of these days, I will toss some of them. From: Don Kuhlman [mailto:drkuhl...@yahoo.com] Sent: Thursday, October 28, 2010 10:51 AM To: NT System Admin Issues Subject: Re: trade publications - toss or archive? I still have the Windows IT Pro mags too. I get rid of the CIO, Information week, etc. type pubs. I do have about 30 years of Model Railroading mags that I won't get rid of :) My other bad habit is keeping those thick Software books like NT 4.0 Networking, SMS Admin Scripting, Teach yourself C in 21 days, etc. That's where I should clean house... Don K From: Webster carlwebs...@gmail.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thu, October 28, 2010 12:45:57 PM Subject: RE: trade publications - toss or archive? I still keep my TechNet and Windows IT Pro mags. I threw out all the other mags I had dating back to 1984. I had to get permission from my office landlord to throw them all away because I filled up the dumpster for the building! City recycling didn't want that much paper. Webster From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com] Subject: OT: trade publications - toss or archive? Ok, so I'll let you in on a little secret. I'm a pack rat. I'm trying to changereally. I've got a ton of trade publications, dating back years: Information Week CIO Decisions Technet Windows IT Pro Storage Information Security And I'm sure a few others. For those of you that subscribe to and read these magazines, do you see ANY value in keeping them for any length of time after you've skimmed/read them? I'm leaning toward pitching [read: recycling] anything more than 3 months old, but just wanted some objective perspective. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
RE: Dell vs Kingston ram
Yeah, +1 for crucial. I'm all about the name brand RAM though. -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Thursday, November 04, 2010 3:48 PM To: NT System Admin Issues Subject: RE: Dell vs Kingston ram Personally, I like Crucial. I don't know what other folks on this list think, but Crucial.com has had good prices, plus their little utility allows me to know *exactly* which memory stick I need. :-) From: Paul Everett [mailto:evere...@leementalhealth.org] Sent: Thursday, November 04, 2010 4:46 PM To: NT System Admin Issues Subject: Dell vs Kingston ram I need to add ram to a Dell R610 and I can save a bundle using Kingston vs Dell. Good move or not? Paul Lee Mental Health Center, Inc. providing services through Ruth Cooper Center for Behavioral Health Care and VISTA Behavioral Crisis Services. Visit our website at www.leementalhealth.org to learn more. Confidentiality Notice: This email message, including any attachments, is for the sole use of the intended recipients(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message, including attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PSEXEC and %homedrive%
Your entire command line gets parsed on your computer first and then it performs the operation. Assume you're running from a PC named Workstation against a server named Server. Psexec \\serverfile:///\\server cmd /c echo %computername% Gets parsed to Psexec \\serverfile:///\\server cmd /c echo Workstation Which is exactly what the server does. What you want is Psexec \\serverfile:///\\server cmd /c echo ^%computername^% The carets escape the percents to pass the command echo %computername% to the server. From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Monday, November 08, 2010 5:26 PM To: NT System Admin Issues Subject: RE: PSEXEC and %homedrive% Thanks Carl, I see what you are saying now. I just don't understand the behavior. I would think anything after the SERVERNAME would be evaluated on the remote machine, but that doesn't' seem to be the case when specifying a variable. thanks Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From:Carl Houseman c.house...@gmail.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date:11/08/2010 06:10 PM Subject:RE: PSEXEC and %homedrive% Do this psexec \\SERVERNAMEfile:///\\SERVERNAME\ cmd /c set So what's the difference. Look again at this very carefully... psexec \\SERVERNAME cmd.exe /c echo %homedrive% Hint: On what computer is %homedrive% expanded ? Carl From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Monday, November 08, 2010 5:16 PM To: NT System Admin Issues Subject: Re: PSEXEC and %homedrive% I would agree with this, except that when I enumerate that using PSEXEC, I get the correct value, so it does seem to be setting it: *** H:\Utilitiespsexec \\SERVERNAME cmd.exe /c echo %homedrive% PsExec v1.94 - Execute processes remotely Copyright (C) 2001-2008 Mark Russinovich Sysinternals - www.sysinternals.com C: cmd.exe exited on gbtinvsql2x with error code 0. *** Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From:Ben Scott mailvor...@gmail.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date:11/08/2010 04:15 PM Subject:Re: PSEXEC and %homedrive% On Mon, Nov 8, 2010 at 1:45 PM, Christopher Bodnar christopher_bod...@glic.com wrote: I've got a VBS script that we use pretty frequently, and I was trying to run it remotely using PSEXEC against a bunch of systems. Finally narrowed the problem down to the fact that for some reason, the %HOMEDRIVE% variable and PSEXEC didn't mix well on some systems. %HOMEDRIVE% is set as part of the user logon process, which, in my experience, generally doesn't happen for anything except a typical GUI logon. (%HOMEDRIVE% and %HOMEPATH% both come from the setting on the Profile tab of an account's properties.) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PSEXEC and %homedrive%
...and by %computername%, I of course mean whatever variable you'd like to expand. From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, November 08, 2010 5:34 PM To: NT System Admin Issues Subject: RE: PSEXEC and %homedrive% Your entire command line gets parsed on your computer first and then it performs the operation. Assume you're running from a PC named Workstation against a server named Server. Psexec \\serverfile:///\\server cmd /c echo %computername% Gets parsed to Psexec \\serverfile:///\\server cmd /c echo Workstation Which is exactly what the server does. What you want is Psexec \\serverfile:///\\server cmd /c echo ^%computername^% The carets escape the percents to pass the command echo %computername% to the server. From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Monday, November 08, 2010 5:26 PM To: NT System Admin Issues Subject: RE: PSEXEC and %homedrive% Thanks Carl, I see what you are saying now. I just don't understand the behavior. I would think anything after the SERVERNAME would be evaluated on the remote machine, but that doesn't' seem to be the case when specifying a variable. thanks Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From:Carl Houseman c.house...@gmail.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date:11/08/2010 06:10 PM Subject:RE: PSEXEC and %homedrive% Do this psexec \\SERVERNAMEfile:///\\SERVERNAME\ cmd /c set So what's the difference. Look again at this very carefully... psexec \\SERVERNAME cmd.exe /c echo %homedrive% Hint: On what computer is %homedrive% expanded ? Carl From: Christopher Bodnar [mailto:christopher_bod...@glic.com] Sent: Monday, November 08, 2010 5:16 PM To: NT System Admin Issues Subject: Re: PSEXEC and %homedrive% I would agree with this, except that when I enumerate that using PSEXEC, I get the correct value, so it does seem to be setting it: *** H:\Utilitiespsexec \\SERVERNAME cmd.exe /c echo %homedrive% PsExec v1.94 - Execute processes remotely Copyright (C) 2001-2008 Mark Russinovich Sysinternals - www.sysinternals.com C: cmd.exe exited on gbtinvsql2x with error code 0. *** Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: christopher_bod...@glic.com Phone: 610-807-6459 Fax: 610-807-6003 From:Ben Scott mailvor...@gmail.com To:NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Date:11/08/2010 04:15 PM Subject:Re: PSEXEC and %homedrive% On Mon, Nov 8, 2010 at 1:45 PM, Christopher Bodnar christopher_bod...@glic.com wrote: I've got a VBS script that we use pretty frequently, and I was trying to run it remotely using PSEXEC against a bunch of systems. Finally narrowed the problem down to the fact that for some reason, the %HOMEDRIVE% variable and PSEXEC didn't mix well on some systems. %HOMEDRIVE% is set as part of the user logon process, which, in my experience, generally doesn't happen for anything except a typical GUI logon. (%HOMEDRIVE% and %HOMEPATH% both come from the setting on the Profile tab of an account's properties.) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com
RE: Workstation names and who it belongs to
You'll also need to grant the Write Description permission on computer objects to the users. -Original Message- From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Monday, November 15, 2010 1:05 PM To: NT System Admin Issues Subject: Re: Workstation names and who it belongs to Sure, it's just a bit of vbscript, I'll have a look when I'm back in the office and send it through - I'm not a coder so it's one of those things I did and haven't touched since so I can't remember much about it at all. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Freeware PDF creator?
I'd like to see that batch file if you don't mind. I really miss their MSI option lately. -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Monday, November 15, 2010 9:24 PM To: NT System Admin Issues Subject: Re: Freeware PDF creator? On 10 Nov 2010 at 11:27, Ben Scott wrote: PDFCreator is the one we've been using. Works great for us. Lots of customization options if you want them, but the defaults are good, too. I guess some releases offer to install a browser toolbar, but you can exclude that. Yep. I have a batch file that will nuke an old PDFcreator and install the new one without installing the toolbar. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: HOW TO: Change permissions using SubinACL?
I've kinda been forcing myself to use setacl in new scripts because it can target registry entries among other things. But, I figure the more I use it, the less horrific the syntax will seem :) -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Friday, November 19, 2010 4:53 PM To: NT System Admin Issues Subject: Re: HOW TO: Change permissions using SubinACL? On Fri, Nov 19, 2010 at 2:02 PM, Joseph L. Casale jcas...@activenetwerx.com wrote: SetACL, an opensource project is better than any ms tool I have ever used... SetACL can do anything, but its syntax is horrific. I much prefer to use FILEACL (free but not Free) if I can get away with it. I agree that Microsoft still hasn't managed to produce a decent command-line interface for ACL manipulation. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin