Re: Season's Greetings!

[kz20fl]

Yes merry christmas to all, hope everyone has a lovely holiday and next year is 
full of good prospects and exciting times!

Cheers,


JR (a man now sick of phoning Santa to make his children behave)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Mike Sullivan 
Date: Mon, 24 Dec 2012 14:02:35 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Season's Greetings!

Merry Christmas everyone!!!

On Monday, December 24, 2012, Maglinger, Paul wrote:

>  May your cell phone be silent, and the peace and joy of the Christmas
> season find you, your family, and your friends.
>
> ** **
>
> Thanks to all of you for the information you’ve shared over the past years.
> 
>
> ** **
>
> -Paul
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com 'cvml', 'listmana...@lyris.sunbeltsoftware.com');>
> with the body: unsubscribe ntsysadmin
>


-- 
Thank you,
Mike Sullivan

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Replacement for SteadyState

[kz20fl]

You could achieve much the same end with Citrix Provisioning Services, except 
you'd have the options of personal vDisk as well.

I have to admit I'm not a fan of the DeepFreeze/SteadyState approaches - some 
threats don't need to be persistent beyond a reboot to wreak havoc. I'm more 
inclined towards good GPOs and app management coupled with maybe PVS and 
StrataApps.

Cheers,


JR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Glen Johnson 
Date: Mon, 7 Jan 2013 13:42:08 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Replacement for SteadyState

We teach classes and let the students make any and all changes to the desktop 
environment.
Here's one example.  Student comes in and sets the desktop wallpaper to his 
favorite pinup gal.  Next student doesn't like it, but is a beginner and 
doesn't know how to change it to something else.  Reboot and the pin up gal is 
gone.
Also, I've seen some programs/apps that can now be installed without admin 
rights, Google Chrome for example.
Not a problem with Deep Freeze.

I'm sure there are other ways to do this, but DeepFreeze works great in our 
environment.

From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Sunday, January 06, 2013 4:36 PM
To: NT System Admin Issues
Subject: RE: Replacement for SteadyState

I've worked at a lot of customers that use DeepFreeze and similar products and 
I'm not a huge fan of the concept in general. It makes the overall lifecycle 
maintenance of a desktop environment a heck of a lot more complicated.

The question I always pose (and usually don't get much of a response to), is 
"what problems/issues is DeepFreeze protecting you from that running as a local 
user wouldn't solve?"

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c - 312.731.3132

From: Glen Johnson [mailto:gjohn...@vhcc.edu]
Sent: Friday, January 4, 2013 11:33 AM
To: NT System Admin Issues
Subject: RE: Replacement for SteadyState

Not free, but we could not function at the school without DeepFreeze.

From: Bambi J Saastad [mailto:bambi.j.saas...@seagate.com]
Sent: Friday, January 04, 2013 11:36 AM
To: NT System Admin Issues
Subject: Replacement for SteadyState

Hello
I was wondering if any of you could suggest a replacement for SteadyState.
I have a roomful of pc's that the factory users use for browsing etc that I am 
replacing with Windows 7 Pro that need to be locked down.

Can anyone suggest a product that does the same thing, wipe out any changes on 
reboot?

TIA
B


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Replacement for SteadyState

[kz20fl]

If they leave the computer locked, power it off and on. If they lose work - 
then learn not to leave it locked.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Glen Johnson 
Date: Mon, 7 Jan 2013 14:57:13 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Replacement for SteadyState

No on the student login.  We use a generic account per classroom.
We've talked about moving to a individual student login, but I'm not sure we 
need or want that.
For others that have gone that route, how do you handle situations where 
students don't logout before they leave.
You either have a locked computer, logged on as said student or if not locked, 
then student 2 has access to student 1's account.

From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Monday, January 07, 2013 9:32 AM
To: NT System Admin Issues
Subject: RE: Replacement for SteadyState

Sure so scenarios where you're teaching classes that require changes to the OS 
to accomplish the class makes good sense and I'd not argue against a solution 
like DeepFreeze in that case.

In the case of things like wallpaper and user profile stuff, are you not using 
named user accounts for your students? That solves a bunch of this on the spot.

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c - 312.731.3132

From: Glen Johnson [mailto:gjohn...@vhcc.edu]
Sent: Monday, January 7, 2013 7:42 AM
To: NT System Admin Issues
Subject: RE: Replacement for SteadyState

We teach classes and let the students make any and all changes to the desktop 
environment.
Here's one example.  Student comes in and sets the desktop wallpaper to his 
favorite pinup gal.  Next student doesn't like it, but is a beginner and 
doesn't know how to change it to something else.  Reboot and the pin up gal is 
gone.
Also, I've seen some programs/apps that can now be installed without admin 
rights, Google Chrome for example.
Not a problem with Deep Freeze.

I'm sure there are other ways to do this, but DeepFreeze works great in our 
environment.

From: Brian Desmond [mailto:br...@briandesmond.com]
Sent: Sunday, January 06, 2013 4:36 PM
To: NT System Admin Issues
Subject: RE: Replacement for SteadyState

I've worked at a lot of customers that use DeepFreeze and similar products and 
I'm not a huge fan of the concept in general. It makes the overall lifecycle 
maintenance of a desktop environment a heck of a lot more complicated.

The question I always pose (and usually don't get much of a response to), is 
"what problems/issues is DeepFreeze protecting you from that running as a local 
user wouldn't solve?"

Thanks,
Brian Desmond
br...@briandesmond.com

w - 312.625.1438 | c - 312.731.3132

From: Glen Johnson [mailto:gjohn...@vhcc.edu]
Sent: Friday, January 4, 2013 11:33 AM
To: NT System Admin Issues
Subject: RE: Replacement for SteadyState

Not free, but we could not function at the school without DeepFreeze.

From: Bambi J Saastad [mailto:bambi.j.saas...@seagate.com]
Sent: Friday, January 04, 2013 11:36 AM
To: NT System Admin Issues
Subject: Replacement for SteadyState

Hello
I was wondering if any of you could suggest a replacement for SteadyState.
I have a roomful of pc's that the factory users use for browsing etc that I am 
replacing with Windows 7 Pro that need to be locked down.

Can anyone suggest a product that does the same thing, wipe out any changes on 
reboot?

TIA
B


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally

Re: Lumension "Intelligent Whitelisting"

[kz20fl]

Don't think it works with the latest versions of XenApp, although it is a good 
six months or so since I came across this issue and may have been updated

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Richard Stovall 
Date: Mon, 7 Jan 2013 16:18:44 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Lumension "Intelligent 
Whitelisting"

Anyone out there using Lumension products?  I'm particularly interested in
the "Intelligent Whitelisting" bundle that includes patching, A/V and
application whitelisting.

Any experiences or thoughts you wouldn't mind sharing?

Thanks,
RS

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Ouch

[kz20fl]

So you spread the virus then! ;-)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Tue, 8 Jan 2013 21:01:24 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Ouch 

Welcome to my world...I had the GPO set up but was denied over a year ago. 
Guessing that will change.

From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, January 08, 2013 12:56 PM
To: NT System Admin Issues
Subject: RE: Ouch 

You still have autorun enabled? REALLY?

From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, January 8, 2013 3:52 PM
To: NT System Admin Issues
Subject: Ouch 

This just in: W32/SillyFDC.   Not new to the internet, but new here :(

Bites
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Software deployment ?

[kz20fl]

Check whether the "uninstall this app when out of scope of management" box is 
ticked or not for your install GPOs.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Glen Johnson 
Date: Fri, 11 Jan 2013 14:11:57 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Software deployment ?

We are migrating away from group policy software deployments to a Dell/KACE 
system.
How do I decommission the group policy software deployments for programs like 
Java, Adobe and such.
If I just remove the GPO, will it remove the software from the users computers 
at the next policy processing cycle?
I'd just like to disable the policy so no new installs run, but not remove the 
existing installs.
Thanks.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Looking for affordable load balancing solution

[kz20fl]

NetScalers kick ass...if you know someone who can work them :-)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Michael B. Smith" 
Date: Fri, 11 Jan 2013 20:53:53 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Looking for affordable load 
balancing solution

If you have NetScalers, then use them.

If you are looking for a nice low-cost but good function solution, take a look 
at Coyote Point and at Kemp Technologies.

From: Tom Miller [mailto:tmil...@sfgtrust.com]
Sent: Friday, January 11, 2013 3:50 PM
To: NT System Admin Issues
Subject: Looking for affordable load balancing solution

We currently use Windows Network Load Balancing for our Exchange 2010 
environment.  It's okay, but not great.  There was a hiccup yesterday in NLB 
and it caused our system to disconnect all users at once.  Looking to avoid 
this in the future, anyone have any suggestions for alternatives?  Appliance or 
software solution - either is fine.  I've used Citrix Netscalers in the past 
for XenApp, but I know they can also do load balancing.

Thanks,
Tom


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Looking for affordable load balancing solution

[kz20fl]

Some idiot wrote a half-decent blog post on using them to load-balance AppSense 
servers too :-o

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Fri, 11 Jan 2013 20:53:44 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Looking for affordable load 
balancing solution

NetScalers have built-in stuff for Exchange (and SQL and SharePoint and...)

Thanks


Webster

From: Tom Miller [mailto:tmil...@sfgtrust.com]
Sent: Friday, January 11, 2013 2:50 PM
To: NT System Admin Issues
Subject: Looking for affordable load balancing solution

We currently use Windows Network Load Balancing for our Exchange 2010 
environment.  It's okay, but not great.  There was a hiccup yesterday in NLB 
and it caused our system to disconnect all users at once.  Looking to avoid 
this in the future, anyone have any suggestions for alternatives?  Appliance or 
software solution - either is fine.  I've used Citrix Netscalers in the past 
for XenApp, but I know they can also do load balancing.

Thanks,
Tom


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Time sync issues

[kz20fl]

Quick brainstorm requiredwhat's the most common issues you'd expect in a 
Windows/AD environment if some servers have incorrect time settings? Obviously 
AD replication and logging inconsistencies spring to mind...just looking for a 
few to flesh out a blog post that deals with preventing admins from changing 
the system time.

TIA,


JRR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: cannot access files on server

[kz20fl]

What's the error message accessing the share?

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Mark Boeck 
Date: Mon, 21 Jan 2013 17:51:53 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: cannot access files on server

greets!

win 2003 server.
redirected folders.

several users are not getting their documents, icons, etc.
when in the "run" blank, typing \\server\profiles\username - get, server
cannot access files.

users logs onto another machine that they don't normally use, no problem.
they get their docs, icons, etc.

dropped / added some pcs that were problem from / to domain. no fixie.

ideas?

thx!

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: on-premises storage application

[kz20fl]

AppSense DataNow. Ideal for this. It even preserves all the links from 
documents. I can get you a demo copy of it if needs be.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Michael B. Smith" 
Date: Thu, 24 Jan 2013 19:11:07 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: on-premises storage application

I have a client that wants something like SkyDrive or DropBox - but they want 
to host it onsite - no cloud storage.

They also want the company that produces the application to be in north America 
or western Europe.

I have googled and binged a bit, and I have some options - but I'd prefer some 
recommendations.

Does anyone here have any that they would be willing to share?

Thanks!


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Limiting who can send all-staff e-mails

[kz20fl]

Just wait till someone forwards a joke or scam report to your entire staff, or 
asks for someone to move their car. That should do it.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Fri, 25 Jan 2013 11:14:36 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Limiting who can send all-staff 
e-mails

Does anyone have some links I can use to demonstrate to management why it's a 
bad idea to allow any of our 600 employees to send e-mails to "all staff"?
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Networking stuff.....oo-er

[kz20fl]

Interesting point...however as it is a nix-based guest, I'm not too clear about 
how to harden it. Similar to the Citrix Merchandising Server, there's no real 
console to connect to besides the web interface and no guidance on how to 
secure it. Any useful links anyone might be able to share regarding this? 
Please don't ask me what nix flavour it is... :-o

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Andrew S. Baker" 
Date: Fri, 25 Jan 2013 09:40:17 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Networking stuff.oo-er

May sure you are protecting that guest appropriately.

I'm not sure why you wouldn't have been able to do what Ben suggested,
though.





*ASB
**http://XeeMe.com/AndrewBaker* *
**Providing Virtual CIO Services (IT Operations & Information Security) for
the SMB market…***





On Fri, Jan 25, 2013 at 8:26 AM, James Rankin  wrote:

> Thanks for all the help guys. I finally managed to shoehorn the VM into
> running in Bridged mode, and as was pointed out to me, this seems to have
> made all the difference.
>
> I can now access my funky new DataNow home appliance from the internet and
> kick DropBox and Google Drive into touch :-)
>
> Cheers,
>
>
>
> JR
>
>
> On 25 January 2013 12:23, James Rankin  wrote:
>
>> Unfortunately the guest won't work in a bridged configuration. God knows
>> why. It also can't be configured with a second network card for some
>> reason, which again reduces my options :-(
>>
>> Hazen emailed me offline to try using VMWare's own internal NAT port
>> forwarding to see if we could push the traffic through by forwarding it to
>> the host first, as you've suggested also. I'm giving that a try now.
>>
>> Cheers,
>>
>>
>> JR
>>
>>
>> On 25 January 2013 12:17, Ben Scott  wrote:
>>
>>> On Fri, Jan 25, 2013 at 5:36 AM, James Rankin 
>>> wrote:
>>> > I'm trying to configure my home router to do some port forwarding onto
>>> a
>>> > device on my internal network. However, this is a VMWare Workstation
>>> guest
>>> > using NAT networking so it has an address on a different range
>>> > (192.168.183.x) rather than the home network's default range
>>> (192.168.1.x)
>>>
>>>   I presume the VMware host is doing the NAT for the guest.  If so, as
>>> far as BT router is concerned, the VMware host *is* the guest.  The
>>> host translates the guest's packets so they appear to be coming from
>>> the host itself.  That's the whole point of NAT, after all.  :)
>>>
>>>   You would need to forward the port on the BT router to the VM host,
>>> and then have VMware's internal router forward the packets again to
>>> the guest.  I don't know if VMware's router implementation can do port
>>> forwarding.
>>>
>>>   Can you change the IP address and net on the guest without breaking
>>> things?  If so, is it okay to switch VMware to bridged mode and just
>>> put it on your home LAN?  If feasible, that's likely the easiest
>>> solution.
>>>
>>>   If not: You could prolly do this with a cheap home router (like a
>>> LinkSys WRT* box) and a second network interface in the host.  On the
>>> host, unbind all the OS (Windows) protocols from the second interface.
>>>  In VMware, bridge the second interface to the guest, no NAT or DHCP.
>>> Plug the "Local" side of the new router into the second interface.
>>> Plug the "Internet" side of the new router into your main home LAN.
>>> On the BT router, port-forward from the Internet to the new router's
>>> main home LAN address.  On the new router, port-forward from the main
>>> home LAN to the guest.
>>>
>>> -- Ben
>>>
>>>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Networking stuff.....oo-er

[kz20fl]

I gathered that, but I will need to consult with the vendor to find out (sends 
Tweet)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Fri, 25 Jan 2013 16:21:53 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Networking stuff.oo-er

What version of Linux is it running [1]?  That would be extremely helpful info.

Thanks


Webster


1.:)

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Subject: Re: Networking stuff.oo-er

Interesting point...however as it is a nix-based guest, I'm not too clear about 
how to harden it. Similar to the Citrix Merchandising Server, there's no real 
console to connect to besides the web interface and no guidance on how to 
secure it. Any useful links anyone might be able to share regarding this? 
Please don't ask me what nix flavour it is... :-o

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Networking stuff.....oo-er

[kz20fl]

CentOS, apparently

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Fri, 25 Jan 2013 16:21:53 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Networking stuff.oo-er

What version of Linux is it running [1]?  That would be extremely helpful info.

Thanks


Webster


1.:)

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Subject: Re: Networking stuff.oo-er

Interesting point...however as it is a nix-based guest, I'm not too clear about 
how to harden it. Similar to the Citrix Merchandising Server, there's no real 
console to connect to besides the web interface and no guidance on how to 
secure it. Any useful links anyone might be able to share regarding this? 
Please don't ask me what nix flavour it is... :-o

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Networking stuff.....oo-er

[kz20fl]

All good stuff...however next week I am going to have a chat with the vendor 
and discuss their security stance on these appliances, so I will see how much I 
can convince them to automate the updating of it :-) will have to read up a bit 
first I think

--Original Message--
From: Matthew W. Ross
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Re: Networking stuff.oo-er
Sent: 25 Jan 2013 22:39

+1.

CentOS can also have additional packages that don't appear in Red Hat's 
repositories. These are disabled by default, but be aware of the possibility of 
their existence.

See here:
http://wiki.centos.org/AdditionalResources/Repositories


--Matt Ross
Ephrata School District


- Original Message -
From: Ben Scott
[mailto:mailvor...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 25 Jan 2013
14:23:52 -0800
Subject: Re: Networking stuff.oo-er


> On Fri, Jan 25, 2013 at 12:46 PM,   wrote:
> > CentOS, apparently
> 
>   CentOS is just Red Hat Enterprise Linux with the Red Hat Inc
> trademarks stripped out.
> 
>   So find a guide on hardening RHEL, and follow that.  :)
> 
> -- Ben
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Windows Network Awareness and "Public Network"

[kz20fl]

Can't you just change it?

I remember having to switch some lab systems to Private to get them to 
talkdon't remember if you can force the Domain profile though

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Wed, 30 Jan 2013 15:02:36 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Windows Network Awareness and 
"Public Network"

Does anyone know what ports need to be open for Windows Network Awareness to 
believe it's on a domain? I have a DMZ server in a DMZ that thinks it's on a 
Public network - we can get it to talk to other systems but can't get any 
ingress traffic to it.
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Mobile Device Management

[kz20fl]

MobileNow from AppSense can handle the phone and tablet piece, the demos I saw 
looked very good and it has just been released. I can get some more info on it 
for you in a little while - not sure whether it is specifically MAM or MDM 
though.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Cameron Cooper 
Date: Wed, 30 Jan 2013 20:24:43 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Mobile Device Management

All,

In light of one of our company laptops being stolen (from the user's car), 
we've been tasked to look for a mobile solution that would allow us to track, 
recover and remote wipe a laptop, tablet and smartphone and would like some 
recommendations on what some are currently using.

So far we've looked at LoJack for Laptops and Prey (PreyProjects).

Thanks,

Cameron


CONFIDENTIALITY NOTICE: This email message is intended only for the person or 
entity to which it is addressed and may contain confidential material. Any 
unauthorized review, use, disclosure, downloading, copying or distribution is 
prohibited. If you are not the intended recipient, please contact the sender by 
reply email and permanently delete all copies of the original message. If you 
are the intended recipient but do not wish to receive communications through 
this medium, please advise the sender immediately.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Shocking? Somehow, not...

[kz20fl]

On the security front, I read this today

http://mobile.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.xml

And was interested to see the "network devices" that compromised the Chamber of 
Commerce (somewhere in the middle of the article). The things you need to 
secure are now myriad!

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Andrew S. Baker" 
Date: Thu, 31 Jan 2013 14:23:27 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Shocking? Somehow, not...

I love it when security tools wage battle against one another :)





*ASB
**http://XeeMe.com/AndrewBaker* *
**Providing Virtual CIO Services (IT Operations & Information Security) for
the SMB market…***





On Wed, Jan 30, 2013 at 10:28 AM, Ziots, Edward  wrote:

>  Just tried to run it on my systems and sure enough since I have totally
> disabled java it barfs. That and Zero Vulnerability Exploitshield catches
> its .dll being invoked into java as an exploit and stops it. 
>
> ** **
>
> Z
>
> ** **
>
> Edward E. Ziots, CISSP, Security +, Network +
>
> Security Engineer
>
> Lifespan Organization
>
> ezi...@lifespan.org
>
> ** **
>
> This electronic message and any attachments may be privileged and
> confidential and protected from disclosure. If you are reading this
> message, but are not the intended recipient, nor an employee or agent
> responsible for delivering this message to the intended recipient, you are
> hereby notified that you are strictly prohibited from copying, printing,
> forwarding or otherwise disseminating this communication. If you have
> received this communication in error, please immediately notify the sender
> by replying to the message. Then, delete the message from your computer.
> Thank you.
>
> *[image: Description: Description: Lifespan]*
>
> ** **
>
> ** **
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Wednesday, January 30, 2013 9:27 AM
>
> *To:* NT System Admin Issues
> *Subject:* RE: Shocking? Somehow, not...
>
>  ** **
>
> Rapid7 has a tool to scan for this vulnerability, it does require Java(!)
> and registration, but is otherwise free. 
>
> ** **
>
> *From:* Patrick Salmon [mailto:psal...@gmail.com ]
> *Sent:* Tuesday, January 29, 2013 1:01 PM
> *To:* NT System Admin Issues
> *Subject:* Re: Shocking? Somehow, not...
>
> ** **
>
> Not surprisingly, you're going to see a lot of alerts coming out on this
> subject. Here's the Cisco one:
> http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130129-upnpwhich
>  you can expect to be updated as more is learned about which products
> are affected.
>
> On Tue, Jan 29, 2013 at 9:44 AM, David Lum  wrote:
>
>
> http://news.cnet.com/8301-1009_3-57566366-83/upnp-networking-flaw-puts-millions-of-pcs-at-risk/
> 
>
> *David Lum*
> Sr. Systems Engineer // NWEATM
> Office 503.548.5229 //* *Cell (voice/text) 503.267.9764
>
>  
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ** **
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 

Re: Where to get copies of my various documentation scripts

[kz20fl]

I thought it was a comment


--Original Message--
From: Matthew W. Ross
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Re: Where to get copies of my various documentation scripts
Sent: 31 Jan 2013 22:48

> > I want to see some of your early batch files J
> 
>   @ECHO OFF
>   ECHO Hello, world!
> 
>   ;-)

I must be missing something: What does the ";-)" do in batch? Is that 
powerscript? I don't think it's bash...


--Matt Ross
Ephrata School District


- Original Message -
From: Ben Scott
[mailto:mailvor...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Thu, 31 Jan 2013
14:34:04 -0800
Subject: Re: Where to get copies of my various documentation
scripts


> On Thu, Jan 31, 2013 at 5:29 PM, Crawford, Scott 
> wrote:
> > I want to see some of your early batch files J
> 
>   @ECHO OFF
>   ECHO Hello, world!
> 
>   ;-)
> 
> -- Ben
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: MS site?

[kz20fl]

Yeah, they moved their IIS onto touchscreen Server 2012 machines and the server 
admins had been eating family-size bags of smoky bacon crisps (that's chips to 
you lot)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Ziots, Edward" 
Date: Fri, 1 Feb 2013 18:42:43 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: MS site?

Yes Microsoft had a big hiccup earlier that took out some stuff. 

Z

Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org

This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.




-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Friday, February 01, 2013 1:33 PM
To: NT System Admin Issues
Subject: Re: MS site?

YES! +1

I've used this site before, but only for the sites it tracks of course:

http://downrightnow.com/


--Matt Ross
Ephrata School District


- Original Message -
From: Ben Scott
[mailto:mailvor...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 01 Feb 2013
10:17:13 -0800
Subject: Re: MS site?


> On Fri, Feb 1, 2013 at 10:00 AM, Webster  wrote:
> > http://www.downforeveryoneorjustme.com/support.microsoft.com
> 
>   Thanks to the prevalence of cloud computing/distributed server 
> farms, we need
> 
>   http://www.downforsomebutnotall.com/
> 
> -- Ben
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: MS site?

[kz20fl]

Does anyone know whether Hugo Hernandez is in the office or not?

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: kz2...@googlemail.com
Date: Fri, 1 Feb 2013 18:50:16 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: MS site?

Yeah, they moved their IIS onto touchscreen Server 2012 machines and the server 
admins had been eating family-size bags of smoky bacon crisps (that's chips to 
you lot)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Ziots, Edward" 
Date: Fri, 1 Feb 2013 18:42:43 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: MS site?

Yes Microsoft had a big hiccup earlier that took out some stuff. 

Z

Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org

This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.




-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Friday, February 01, 2013 1:33 PM
To: NT System Admin Issues
Subject: Re: MS site?

YES! +1

I've used this site before, but only for the sites it tracks of course:

http://downrightnow.com/


--Matt Ross
Ephrata School District


- Original Message -
From: Ben Scott
[mailto:mailvor...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 01 Feb 2013
10:17:13 -0800
Subject: Re: MS site?


> On Fri, Feb 1, 2013 at 10:00 AM, Webster  wrote:
> > http://www.downforeveryoneorjustme.com/support.microsoft.com
> 
>   Thanks to the prevalence of cloud computing/distributed server 
> farms, we need
> 
>   http://www.downforsomebutnotall.com/
> 
> -- Ben
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: On a lighter note for a Friday, Passed my CISA exam

[kz20fl]

Congrats, have fun auditing!


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Ziots, Edward" 
Date: Fri, 1 Feb 2013 19:54:05 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: On a lighter note for a Friday, 
Passed my CISA exam

Just got the official email that I passed my CISA exam, so I guess another 
Certification on the title and looking forward to the auditing work that comes 
with it.

Z

Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org

This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.
[Description: Description: Lifespan]


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<>

Re: Where to get copies of my various documentation scripts

[kz20fl]

Any XenApp one (which rules out WI and Licensing servers), but probably an 
infrastructure (controller) server is best as it won't have users on


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Todd Lemmiksoo 
Date: Mon, 4 Feb 2013 09:57:09 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Where to get copies of my 
various documentation scripts

finally back in the office. Which 6.5 Citrix server should I install/run
the script on? I have ten servers, 2 web, 1 lic, 2 Data Collectors, 3 App
srv's, 2 FS srv's.

Todd Lemmiksoo

On Mon, Jan 28, 2013 at 8:46 AM, Webster  wrote:

>  Updated Article: Where to Get Copies of the Various Documentation Scripts
> 
>
> ** **
>
>
> http://carlwebster.com/where-to-get-copies-of-the-xenapp-farm-documentation-scripts/
> 
>
> ** **
>
> ** **
>
> Thanks
>
> ** **
>
> ** **
>
> Webster
>
> ** **
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>



-- 
T. Todd Lemmiksoo

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Robocopy reliability

[kz20fl]

I've seen copy jobs break several times...but not robocopy jobs

The clue's in the nameROBust file COPY utility

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Mon, 4 Feb 2013 16:53:44 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Robocopy reliability

I have only seen it break if the underlying infrastructure "breaks"usually 
a permissions change on a source item or a password change on the service 
account that uses it :). I have several scheduled robocopy jobs and have only 
had problems when I "break" something underneath it.

From: Tigran K [mailto:tigr...@gmail.com]
Sent: Monday, February 04, 2013 8:34 AM
To: NT System Admin Issues
Subject: Robocopy reliability

Having a discussion with the boss on how we should do something I suggested 
robocopy. His reply was a strict "NO". Reasoning was that it's not reliable. He 
said "I've seen it break".

So my question is have you seen it break? Is robocopy any more or less reliable 
than built in copy? I did point out that robocopy is built in to windows as 
well at least for Windows7. Didn't seem to help.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Robocopy reliability

[kz20fl]

Copy command failures are the reason we started using robocopy circa about 2002

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Tigran K 
Date: Mon, 4 Feb 2013 10:49:09 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Robocopy reliability

He was saying we should use just plain old copy.

-T


On Mon, Feb 4, 2013 at 10:11 AM, Matthew W. Ross
wrote:

> I have never had a problem with Robocopy. It did exactly what I told it to
> do and gave me detailed information on what it did. I could not ask for
> more from a command line copy utility.
>
> I'm sensing that your Boss has a bias, perhaps due to a bad experience he
> had previously. If so, what does _he_ recommend?
>
> Maybe he has some awesome software I've never heard of. (It wouldn't be
> the first time!)
>
>
> --Matt Ross
> Ephrata School District
>
>
> - Original Message -
> From: Tom Miller
> [mailto:tmil...@sfgtrust.com]
> To: NT System Admin Issues
> [mailto:ntsysadmin@lyris.sunbelt-software.com]
> Sent: Mon, 04 Feb 2013
> 09:08:33 -0800
> Subject: RE: Robocopy reliability
>
>
> > I've used it many times for file migration moves and even for permissions
> > copies.  Just this past weekend I migrated a pretty complex old Windows
> 2008
> > server shared to Windows 2008 R2 this past weekend.  I didn't copy
> > permissions since they were a mess.
> >
> > The only errors I've seen were my own, usually syntax or spelling.
> >
> > What are you trying to do?
> >
> > From: Tigran K [mailto:tigr...@gmail.com]
> > Sent: Monday, February 04, 2013 11:34 AM
> > To: NT System Admin Issues
> > Subject: Robocopy reliability
> >
> > Having a discussion with the boss on how we should do something I
> suggested
> > robocopy. His reply was a strict "NO". Reasoning was that it's not
> reliable.
> > He said "I've seen it break".
> >
> > So my question is have you seen it break? Is robocopy any more or less
> > reliable than built in copy? I did point out that robocopy is built in to
> > windows as well at least for Windows7. Didn't seem to help.
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to
> > listmana...@lyris.sunbeltsoftware.com listmana...@lyris.sunbeltsoftware.com>
> > with the body: unsubscribe ntsysadmin
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~   ~
> >
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: iso mounting software for Windows Server 2008 R2

[kz20fl]

True...but in an environment with tightly-controlled images (like PVS) it can 
help out. YMMV, etc.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Andrew S. Baker" 
Date: Wed, 6 Feb 2013 12:53:16 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: iso mounting software for Windows Server 2008 R2

I stick those things directly on the server.  As large as Windows is by
itself, the extra things that we're discussing can hardly be considered
bloat.





*ASB
**http://XeeMe.com/AndrewBaker* *
**Providing Virtual CIO Services (IT Operations & Information Security) for
the SMB market…***





On Wed, Feb 6, 2013 at 11:08 AM, James Rankin  wrote:

> I'm fairly sure you could put a Portable version of Daemon Tools up on a
> network share. I use the Portable version from inside DataNow or DropBox
> all the time. Saves it getting installed on your server estate. Do the same
> with various tools like Process Explorer, TreeSize and the like.
>
>
> On 6 February 2013 15:52, Pete Howard  wrote:
>
>> I like Poweriso, magiciso, vcd etc on my workstations but generally avoid
>> installing iso tools on prod servers to keep them pristine and end up
>> extracting from the workstation to the server. MS has a  Mount-DiskImage
>> cmdlet which sounds nice but only on win8\12
>>
>>
>>   --
>> *From:* Miller Bonnie L. 
>> *To:* NT System Admin Issues 
>> *Sent:* Wednesday, February 6, 2013 10:02 AM
>>
>> *Subject:* iso mounting software for Windows Server 2008 R2
>>
>> Windows Server 2008 R2 SP1 physical server.  What is your favorite, safe,
>> and least expensive, software for mounting an .iso file on this OS?
>>
>> Here are a few I’ve found, but have never used any:
>>
>> MagicISO Virtual CD/DVD-ROM (MagicDisc)
>> http://www.magiciso.com/tutorials/miso-magicdisc-overview.htm
>> (freeware)
>>
>> PowerISOhttp://www.poweriso.com/index.htm  ($29.95)
>>
>> Virtual CloneDrive
>> http://www.slysoft.com/en/virtual-clonedrive.html   (freeware)
>>
>>
>> I currently can’t burn the .iso to media as we don’t have a dual-layer
>> burner available (and the disc would require one due to size).  Going to
>> have to look into that as well now.
>>
>> Thanks,
>> Bonnie
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>>
>>   ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
>
>
> --
> *James Rankin*
> Technical Consultant (ACA, CCA, MCTS)
> http://appsensebigot.blogspot.co.uk
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OT: Guest network security

[kz20fl]

I remember seeing a solution that issued tickets with a network key for guests 
as they came in. The name defeats me though, sorry

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Kurt Buff 
Date: Wed, 6 Feb 2013 11:36:00 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: OT: Guest network security

All,

Quite some time ago, I set up an unsecured guest VLAN in our network,
providing wireless access to all of the sundry devices that staff and
visitors carry. I set up a small FreeBSD machine to serve IP addresses
via DHCP, and that was dead simple.

It is a layer2 VLAN, traversing our backbone, and terminating on our
corporate firewall.

However, there are now other tenants in our building, and the subnet
is getting too much bandwidth and address consumption - the range I
set up is completely filled, and the VLAN is consuming about half of
our Internet pipe, which is far too much for my comfort.

I suspect the other tenants are leeching.

What I've read of captive portals seems to indicate that the portal is
part of the firewall. I could be wrong about that, though. Regardless, the
corporate firewall will not be allowed to be part of this solution.

The only other alternative I see right now is to set up a password on
the SSID, and have the front desk hand it out to guests, after mailing
it to staff, and I'm getting pushback on that from my manager.

Does anyone have some ideas I could pursue on this?

Thanks,

Kurt

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: file limitation error

[kz20fl]

How long is the deepest path?

I've seen file copying stuff screw up with monstrously long path names


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Chinnery, Paul" 
Date: Tue, 12 Feb 2013 12:22:29 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: file limitation error

I'm not sure if this is the proper forum for this question, but here goes:

We are storing scanned documents in one folder.  A file conversion program 
being run by one of our vendors is taking scanned documents from a Win2K server 
and putting them into a Win 2008r2 server.  The conversion is just to place 
them in a folder tree that is accessibly by our hospital EMR system.
After placing >1.5 million  files in a considerable number of directories, and, 
the program is now generating an error:  Error Making Directory -Requested 
operation could not be comleted due to a file system limitation."
There is no compression of the folder or files (which is one thing that could 
cause that error).
Is this a call to PSS type of problem?
Paul Chinnery
Network Admin
Memorial Medical Center
231.845.2319




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: 50GB free storage from Box.com

[kz20fl]

Or grabbed it from the Pirate Bay ;-)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Thu, 14 Feb 2013 20:03:59 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: 50GB free storage from 
Box.com

Dude all you had to do was pay several thousand pounds to take the official 
VMware training course, a couple of hundred pounds to take (and pass) the cert 
exam and VMware would have given you a copy of VMware Workstation for free!

Sheez, some people.

Thanks


Webster

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Thursday, February 14, 2013 1:48 PM
To: NT System Admin Issues
Subject: Re: 50GB free storage from Box.com

It was to me - but the VMWare Workstation it runs on wasn't, sadly
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: "Andrew S. Baker" mailto:asbz...@gmail.com>>
Date: Thu, 14 Feb 2013 14:39:21 -0500
Subject: Re: 50GB free storage from Box.com

But, was it free!  :)


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Non-corp desktops and RDS

[kz20fl]

Sounds like a good UAT period is needed to iron out the app inconsistencies.

Its all about the apps. Apps apps apps. If your user base doesn't have 
well-defined application needs and they customize their own desktops, then 
maybe VDI is more suited than published resources from RDS?

--Original Message--
From: Kennedy, Jim
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Non-corp desktops and RDS
Sent: 15 Feb 2013 15:03

How well is allowing non-corporate assets connect to a RDS session from home 
working for everyone. Using an SSL tunnel here. I am just starting initial 
testing with a few users and it is a nightmare.  Wrong Java, toolbars and popup 
blockers and layers and layers of crapware are causing tons of problems. And 
these are the alleged 'tech savy' users.

It is beginning to feel like a giant fail coming my way.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Non-corp desktops and RDS

[kz20fl]

Ah right, I thought you meant app issues on the RDS end :-) my bad for not 
reading thoroughly

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Richard Stovall 
Date: Fri, 15 Feb 2013 10:49:58 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Non-corp desktops and RDS

Instead of RDP over VPN, have you looked at RD Gateway?  It does require
terminal server licences for the users, but eliminates the kind of issues
you're describing by tunneling only RDP over SSL and nothing else.


On Fri, Feb 15, 2013 at 10:03 AM, Kennedy, Jim  wrote:

> How well is allowing non-corporate assets connect to a RDS session from
> home working for everyone. Using an SSL tunnel here. I am just starting
> initial testing with a few users and it is a nightmare.  Wrong Java,
> toolbars and popup blockers and layers and layers of crapware are causing
> tons of problems. And these are the alleged 'tech savy' users.
>
> It is beginning to feel like a giant fail coming my way.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Languages and variables

[kz20fl]

I need to customize some messages dependent on an environment variable which 
tells me the user's current language setting. The message contains references 
to %username%, so I just needed to check whether it was set in English or not.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Patrick Salmon 
Date: Mon, 18 Feb 2013 09:15:44 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Languages and variables

The same. System-derived variable names are always in the Lingua Franca
[1,2,3] of the development source - in this case mostly English.

You could define country-specific variable names, ie map %NomDUtilisateur%
to %username%, but why?

Pat.

[1] http://en.wikipedia.org/wiki/Lingua_franca
[2] literal translation: Language of the Franks, aka the French.
[3] Needless to say, this annoys the French no end I crack me up!

On Mon, Feb 18, 2013 at 8:25 AM, James Rankin  wrote:

> If I have a user with the French version of Windows, would %username%
> still be called %username% on his system or would it be translated? I'm
> assuming it would stay the same - but I just need to make sure :-)
>
> Google-fu seems inadequate on this, although it might just be my search
> terms :-)
>
> Cheers,
>
>
>
> --
> *James Rankin*
> Technical Consultant (ACA, CCA, MCTS)
> http://appsensebigot.blogspot.co.uk
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and Word – Version 3.1

[kz20fl]

I believe those scripts are used by a large UK outsourcer for support handovers

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Mon, 18 Feb 2013 17:40:35 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Documenting a Citrix XenApp 
6.5 Farm with Microsoft PowerShell and Word – Version 3.1

You are welcome.  Any feedback is welcome.  Especially if you want to send me a 
sanitized copy of the report (will not be seen by anyone except me and maybe 
MBS).

Had an email from someone this morning who ran it on a 320 server farm and they 
loved the report.

Thanks


Webster

From: Mike Sullivan [mailto:neog...@gmail.com]
Sent: Monday, February 18, 2013 11:29 AM
To: NT System Admin Issues
Subject: Re: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and 
Word – Version 3.1

Thank you, Carl!

On Mon, Feb 18, 2013 at 3:21 AM, Webster 
mailto:webs...@carlwebster.com>> wrote:
New article: Documenting a Citrix XenApp 6.5 Farm with Microsoft PowerShell and 
Word – Version 3.1
http://carlwebster.com/documenting-a-citrix-xenapp-6-5-farm-with-microsoft-powershell-and-word-version-3-1/
Updated article: Where to Get Copies of the Various Documentation Scripts
http://carlwebster.com/where-to-get-copies-of-the-xenapp-farm-documentation-scripts/

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Books about software

[kz20fl]

If you want to write a book about a particular piece of software, am I right in 
assuming you need to engage the vendor to some degree? I'm a complete newcomer 
to this sort of thing so any and all advice is gratefully appreciated.

TIA,


JRR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Books about software

[kz20fl]

If you were using the software name in the book title, do you need some form of 
permission?

--Original Message--
From: Michael B. Smith
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: RE: Books about software
Sent: 20 Feb 2013 19:48

It generally helps.

But no, the vendor's involvement is not required.

-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] 
Sent: Wednesday, February 20, 2013 2:43 PM
To: NT System Admin Issues
Subject: Books about software

If you want to write a book about a particular piece of software, am I right in 
assuming you need to engage the vendor to some degree? I'm a complete newcomer 
to this sort of thing so any and all advice is gratefully appreciated.

TIA,


JRR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote Desktop Server (Formerly known as Terminal Server)

[kz20fl]

Roaming profiles are terribly problematic in any modern environment in my 
experience. Profile bloat, profile corruption, load failures - these issues 
plague any SBC solution where they are implemented.

As mentioned there are a nation of profile management tools that can address 
these issues. Citrix UPM provides a simple lightweight solution but if you're 
not using Citrix it's not really viable. There are many others but what you 
need to identify is how much time you are spending addressing profile issues 
based against the extra cost of a real solution.

At the end of the day its all about how your apps perform and what settings 
need to roam. Without knowing much about your environment I can pretty much say 
the only GPO I'm sure you will need to configure is the Loopback Policy 
Processing.

Are you publishing desktops, applications, or a combination of both?


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Kelli Sterley 
Date: Thu, 21 Feb 2013 12:32:14 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Remote Desktop Server (Formerly 
known as Terminal Server)

I currently have a 2003 Terminal Server which is getting ready to be
replaced with the 2008 R2 Remote Desktop Server.

Currently we are using roaming profiles and redirecting some user folders.
Does anyone use roaming profiles anymore?  Why or why not?

I am also in the process of editing a group policy for both the server and
users.  Are there any policies I should add for sure .. Anyone willing to
share their GP's with me?


Also, I have been searching the internet for some good "best practices" for
the new setup but have found little with regards to 2008.

I want it set up as simple as possible so any ideas would be great.

Thanks so much - Kelli

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote Desktop Server (Formerly known as Terminal Server)

[kz20fl]

Wasn't it some sort of screw-up as to the actual shadowing with 
multiple-monitor setups? I can recall finding out that Citrix shadowing stopped 
working on 2008 R2 if either shadower or shadowee had multiple monitors, and 
they blamed something in RDS for this. Don't know what exactly but maybe MS 
pulled it out because of this sort of fault. Sure Web or others may know better 
though


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Fri, 22 Feb 2013 14:09:02 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote Desktop Server 
(Formerly known as Terminal Server)

Does anyone have any insight to WTF MS was thinking when removing remote 
control? I'd like to think it was some sensible reason due to an architecture 
issue, but more likely it's a checkbox missed along the way. "Oops we forgot 
that feature. Eh, like the START button on XP nobody used it..."

From: Webster [mailto:webs...@carlwebster.com]
Sent: Friday, February 22, 2013 5:13 AM
To: NT System Admin Issues
Subject: RE: Remote Desktop Server (Formerly known as Terminal Server)

Check this out:

http://blog.wtslabs.com/?p=274

RDS 2012 and Remote Control. A workaround is found...

Might not be a viable workaround for everyone but...

Thanks


Webster

From: James Hill [mailto:falc...@gmail.com]
Sent: Thursday, February 21, 2013 3:29 PM
To: NT System Admin Issues
Subject: RE: Remote Desktop Server (Formerly known as Terminal Server)

I've never been a fan of roaming profiles and prefer to use just folder 
redirection.

With 2008 and above you have some new features that you may like to use.  In 
particular Remote Desktop Gateway and RemoteApp.  It all depends on what the 
current TS is being used for.  If it's just for a particular app then you may 
look at just publishing Remoteapp's rather than a full session.

Being 2008 (with increased security) Point and Print Restrictions is a common 
GP that needs to be configured.

As Webster said, consider 2012 as well.  The only downside is that if you 
regularly remote control/shadow desktops you will be disappointed to find that 
feature has been removed.  So you'll have to use Remote Assistance or something 
else if you need that functionality.

James.

From: Kelli Sterley [mailto:kjsterley.li...@gmail.com]
Sent: Friday, 22 February 2013 3:32 AM
To: NT System Admin Issues
Subject: Remote Desktop Server (Formerly known as Terminal Server)

I currently have a 2003 Terminal Server which is getting ready to be replaced 
with the 2008 R2 Remote Desktop Server.

Currently we are using roaming profiles and redirecting some user folders.  
Does anyone use roaming profiles anymore?  Why or why not?

I am also in the process of editing a group policy for both the server and 
users.  Are there any policies I should add for sure .. Anyone willing to share 
their GP's with me?


Also, I have been searching the internet for some good "best practices" for the 
new setup but have found little with regards to 2008.

I want it set up as simple as possible so any ideas would be great.

Thanks so much - Kelli

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote Desktop Server (Formerly known as Terminal Server)

[kz20fl]

Your apps must be simple and easy. I can assure you from personal experience on 
many different sites and systems that roaming profile issues are absolutely not 
FUD.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ken Cornetet 
Date: Fri, 22 Feb 2013 10:02:49 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote Desktop Server 
(Formerly known as Terminal Server)

I'm using roaming profiles in a XenApp 5 system with around 1000 users. No 
problems whatsoever.  I think a lot of the common "wisdom" about not using 
roaming profiles is a combination of bad history and FUD spread by vendors of 
profile management software.

Not using roaming profiles sounds good in theory, but may be problematic in 
practice. If you have a user base with very simple requirements, a mandatory 
profile can work well - you only need to back up and restore a few settings 
from the registry (Outlook profiles, default printer, etc). Otherwise, roaming 
profiles make life much easier.

I'll try to highlight the group policy I have in place:

User lockdown - implemented via loopback - Set security to deny apply of this 
GP for admin users.
Turns off most of the things in control panel
Hide  Desktop "network locations"
Hide network connection settings
Disable offline files
Disable connection wizard
Remove shutdown, sleep, and hibernate from start button.
Turn off "Getting Started".
Hide A,B,C, and D drives in "My Computer".
Hide the C drive in file dialog boxes  (This can cause error messages in Office 
apps).
Hide Windows update.
System policies
Turn off Customer Experience Improvement Program and error reporting.
Add "Administrators" security to roaming profiles.
Delete cached profiles.
Do not check for ownership of roaming profiles.
Turn on timezone redirection.
Set the roaming profile path.
Turn off Windows Defender.

Registry settings policy
Create HKLM\CurrentControlSet\Control\Print\DisableWERLogging DWORD 1 (if you 
don't do this, the print spooler will occasionally fill your C: disk up with 
error logs).
Create HKLM\CurrentControlSet\Control\FileSystem\NtfsDisableLastAccessUpdate 
DWORD 1 - NOTE! You may not want to do this - research before implementing.
DELETE this key HKEY_USERS\.DEFAULT\Software\Hewlett-Packard - 
Do this if you use HP printers.  Trust me.
DELETE this key HKCU\Software\Hewlett-Packard - Ditto

User settings - implemented via loopback
Set folder redirection
Create 
HKCU\Softare\Policies\Microsoft\Office\12.0\Common\Toolbars\QuickAccessToolbarRoaming
 DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create 
HKCU\Softare\Policies\Microsoft\Office\14.0\Common\Toolbars\CustomUIRoaming 
DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create HKCU\ Software\Microsoft\Windows\CurrentVersion\Internet 
Settings\Zones\3\1A10 DWORD 1 - This sets IE privacy to default

Application blacklist
Blacklist all of the common updaters (Java, Adobe, etc)
Blacklist VMWare tools (if you are running under VMWare)
Blacklist your Antivirus user interface agent (you don't want 
users kicking off scans of your C: drive)
Blacklist c:\windows\syswow64\IME\IMEJP10\IMJPDSVR.EXE - It 
eats CPU.

I'd be happy to export my policies and email them to you, if you like.

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Thursday, February 21, 2013 2:45 PM
To: NT System Admin Issues
Subject: Re: Remote Desktop Server (Formerly known as Terminal Server)

Roaming profiles are terribly problematic in any modern environment in my 
experience. Profile bloat, profile corruption, load failures - these issues 
plague any SBC solution where they are implemented.

As mentioned there are a nation of profile management tools that can address 
these issues. Citrix UPM provides a simple lightweight solution but if you're 
not using Citrix it's not really viable. There are many others but what you 
need to identify is how much time you are spending addressing profile issues 
based against the extra cost of a real solution.

At the end of the day its all about how your apps perform and what settings 
need to roam. Without knowing much about your environment I can pretty much say 
the only GPO I'm sure you will need to configure is the Loopback Policy 
Processing.

Are you publishing desktops, applications, or a combination of both?
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Kelli Sterley 
mailto:kjsterley.li...@gmail.com>>
Date: Thu, 21 Feb 2013 12:32:14 -0500
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: Remote Desktop Server (Formerly known as Terminal Server)

I currently 

Re: Remote Desktop Server (Formerly known as Terminal Server)

[kz20fl]

Multiple sessions also tend to cause corruption issues IMHO

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Fri, 22 Feb 2013 15:11:50 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote Desktop Server 
(Formerly known as Terminal Server)

Using Roaming Profiles in a large enterprise environment with sub-par WAN links 
makes for problematic roaming profile issues.  Also some people forget to 
implement folder redirection with roaming profiles and you get profile bloat 
and a very bad user logon/off experience.  Also, not everyone does the share 
and folder permissions properly for roaming profiles and or folder redirection 
and that can really screw things up.

Thanks


Webster

From: Ken Cornetet [mailto:ken.corne...@kimball.com]
Sent: Friday, February 22, 2013 9:03 AM
To: NT System Admin Issues
Subject: RE: Remote Desktop Server (Formerly known as Terminal Server)

I'm using roaming profiles in a XenApp 5 system with around 1000 users. No 
problems whatsoever.  I think a lot of the common "wisdom" about not using 
roaming profiles is a combination of bad history and FUD spread by vendors of 
profile management software.

Not using roaming profiles sounds good in theory, but may be problematic in 
practice. If you have a user base with very simple requirements, a mandatory 
profile can work well - you only need to back up and restore a few settings 
from the registry (Outlook profiles, default printer, etc). Otherwise, roaming 
profiles make life much easier.

I'll try to highlight the group policy I have in place:

User lockdown - implemented via loopback - Set security to deny apply of this 
GP for admin users.
Turns off most of the things in control panel
Hide  Desktop "network locations"
Hide network connection settings
Disable offline files
Disable connection wizard
Remove shutdown, sleep, and hibernate from start button.
Turn off "Getting Started".
Hide A,B,C, and D drives in "My Computer".
Hide the C drive in file dialog boxes  (This can cause error messages in Office 
apps).
Hide Windows update.

System policies
Turn off Customer Experience Improvement Program and error reporting.
Add "Administrators" security to roaming profiles.
Delete cached profiles.
Do not check for ownership of roaming profiles.
Turn on timezone redirection.
Set the roaming profile path.
Turn off Windows Defender.

Registry settings policy
Create HKLM\CurrentControlSet\Control\Print\DisableWERLogging DWORD 1 (if you 
don't do this, the print spooler will occasionally fill your C: disk up with 
error logs).
Create HKLM\CurrentControlSet\Control\FileSystem\NtfsDisableLastAccessUpdate 
DWORD 1 - NOTE! You may not want to do this - research before implementing.
DELETE this key HKEY_USERS\.DEFAULT\Software\Hewlett-Packard - 
Do this if you use HP printers.  Trust me.
DELETE this key HKCU\Software\Hewlett-Packard - Ditto

User settings - implemented via loopback
Set folder redirection
Create 
HKCU\Softare\Policies\Microsoft\Office\12.0\Common\Toolbars\QuickAccessToolbarRoaming
 DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create 
HKCU\Softare\Policies\Microsoft\Office\14.0\Common\Toolbars\CustomUIRoaming 
DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create HKCU\ Software\Microsoft\Windows\CurrentVersion\Internet 
Settings\Zones\3\1A10 DWORD 1 - This sets IE privacy to default

Application blacklist
Blacklist all of the common updaters (Java, Adobe, etc)
Blacklist VMWare tools (if you are running under VMWare)
Blacklist your Antivirus user interface agent (you don't want 
users kicking off scans of your C: drive)
Blacklist c:\windows\syswow64\IME\IMEJP10\IMJPDSVR.EXE - It 
eats CPU.

I'd be happy to export my policies and email them to you, if you like.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote Desktop Server (Formerly known as Terminal Server)

[kz20fl]

Guess we'll have to just agree to disagree on that one then, in my experience 
windows roaming profiles are devil-spawned. I've seen environments where they 
were set up well in line with best practices doing hundreds of profile resets 
per week.

Curious as to how big your profiles get? The ones I do with third-party tools 
are normally less than 1MB in size and rarely get bigger.

Also do you redirect AppData? That's a whole other argument, just wondering.

Cheers,


JR

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ken Cornetet 
Date: Fri, 22 Feb 2013 17:26:29 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote Desktop Server 
(Formerly known as Terminal Server)

Hardly. We have a large mixture of users and applications running a mix of full 
desktops and published apps.

I've got SAPGui, Office 2010, Office 2007, Minitab, Teamcenter, and a score of 
other apps.

As long as your App servers are on the same LAN as your file server hosting 
profiles, and you are using folder redirection, roaming profiles just work. No 
bloat, no fuss, no muss.


From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Friday, February 22, 2013 10:18 AM
To: NT System Admin Issues
Subject: Re: Remote Desktop Server (Formerly known as Terminal Server)

Your apps must be simple and easy. I can assure you from personal experience on 
many different sites and systems that roaming profile issues are absolutely not 
FUD.
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Ken Cornetet mailto:ken.corne...@kimball.com>>
Date: Fri, 22 Feb 2013 10:02:49 -0500
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: RE: Remote Desktop Server (Formerly known as Terminal Server)

I'm using roaming profiles in a XenApp 5 system with around 1000 users. No 
problems whatsoever.  I think a lot of the common "wisdom" about not using 
roaming profiles is a combination of bad history and FUD spread by vendors of 
profile management software.

Not using roaming profiles sounds good in theory, but may be problematic in 
practice. If you have a user base with very simple requirements, a mandatory 
profile can work well - you only need to back up and restore a few settings 
from the registry (Outlook profiles, default printer, etc). Otherwise, roaming 
profiles make life much easier.

I'll try to highlight the group policy I have in place:

User lockdown - implemented via loopback - Set security to deny apply of this 
GP for admin users.
Turns off most of the things in control panel
Hide  Desktop "network locations"
Hide network connection settings
Disable offline files
Disable connection wizard
Remove shutdown, sleep, and hibernate from start button.
Turn off "Getting Started".
Hide A,B,C, and D drives in "My Computer".
Hide the C drive in file dialog boxes  (This can cause error messages in Office 
apps).
Hide Windows update.

System policies
Turn off Customer Experience Improvement Program and error reporting.
Add "Administrators" security to roaming profiles.
Delete cached profiles.
Do not check for ownership of roaming profiles.
Turn on timezone redirection.
Set the roaming profile path.
Turn off Windows Defender.

Registry settings policy
Create HKLM\CurrentControlSet\Control\Print\DisableWERLogging DWORD 1 (if you 
don't do this, the print spooler will occasionally fill your C: disk up with 
error logs).
Create HKLM\CurrentControlSet\Control\FileSystem\NtfsDisableLastAccessUpdate 
DWORD 1 - NOTE! You may not want to do this - research before implementing.
DELETE this key HKEY_USERS\.DEFAULT\Software\Hewlett-Packard - 
Do this if you use HP printers.  Trust me.
DELETE this key HKCU\Software\Hewlett-Packard - Ditto

User settings - implemented via loopback
Set folder redirection
Create 
HKCU\Softare\Policies\Microsoft\Office\12.0\Common\Toolbars\QuickAccessToolbarRoaming
 DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create 
HKCU\Softare\Policies\Microsoft\Office\14.0\Common\Toolbars\CustomUIRoaming 
DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create HKCU\ Software\Microsoft\Windows\CurrentVersion\Internet 
Settings\Zones\3\1A10 DWORD 1 - This sets IE privacy to default

Application blacklist
Blacklist all of the common updaters (Java, Adobe, etc)
Blacklist VMWare tools (if you are running under VMWare)
Blacklist your Antivirus user interface agent (you don't want 
users kicking off scans of your C: drive)
Blacklist c:\windows\syswow64\IME\IMEJP10\IMJPDSVR.EXE - It 
eats CPU.

I'd be happy to export my policies and email them to you, if you like.

From: kz2...@googlemail.com

Re: Remote Desktop Server (Formerly known as Terminal Server)

[kz20fl]

Not that easy with published apps to be fair, and apps that don't exit properly 
at some times. Some users have published apps with local file associations, 
some users have a blend of streamed, local and remote apps. And sometimes you 
can end up with disconnected sessions the users are unaware of in a big and/or 
complicated environment.

Cheers,


JR

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ken Cornetet 
Date: Fri, 22 Feb 2013 17:28:53 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote Desktop Server 
(Formerly known as Terminal Server)

Well, if you mean "corruption" as in  the last session to write the profile 
"wins", that's true, but it is handled by user education.

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Friday, February 22, 2013 10:31 AM
To: NT System Admin Issues
Subject: Re: Remote Desktop Server (Formerly known as Terminal Server)

Multiple sessions also tend to cause corruption issues IMHO
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Webster mailto:webs...@carlwebster.com>>
Date: Fri, 22 Feb 2013 15:11:50 +
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: RE: Remote Desktop Server (Formerly known as Terminal Server)

Using Roaming Profiles in a large enterprise environment with sub-par WAN links 
makes for problematic roaming profile issues.  Also some people forget to 
implement folder redirection with roaming profiles and you get profile bloat 
and a very bad user logon/off experience.  Also, not everyone does the share 
and folder permissions properly for roaming profiles and or folder redirection 
and that can really screw things up.

Thanks


Webster

From: Ken Cornetet [mailto:ken.corne...@kimball.com]
Sent: Friday, February 22, 2013 9:03 AM
To: NT System Admin Issues
Subject: RE: Remote Desktop Server (Formerly known as Terminal Server)

I'm using roaming profiles in a XenApp 5 system with around 1000 users. No 
problems whatsoever.  I think a lot of the common "wisdom" about not using 
roaming profiles is a combination of bad history and FUD spread by vendors of 
profile management software.

Not using roaming profiles sounds good in theory, but may be problematic in 
practice. If you have a user base with very simple requirements, a mandatory 
profile can work well - you only need to back up and restore a few settings 
from the registry (Outlook profiles, default printer, etc). Otherwise, roaming 
profiles make life much easier.

I'll try to highlight the group policy I have in place:

User lockdown - implemented via loopback - Set security to deny apply of this 
GP for admin users.
Turns off most of the things in control panel
Hide  Desktop "network locations"
Hide network connection settings
Disable offline files
Disable connection wizard
Remove shutdown, sleep, and hibernate from start button.
Turn off "Getting Started".
Hide A,B,C, and D drives in "My Computer".
Hide the C drive in file dialog boxes  (This can cause error messages in Office 
apps).
Hide Windows update.

System policies
Turn off Customer Experience Improvement Program and error reporting.
Add "Administrators" security to roaming profiles.
Delete cached profiles.
Do not check for ownership of roaming profiles.
Turn on timezone redirection.
Set the roaming profile path.
Turn off Windows Defender.

Registry settings policy
Create HKLM\CurrentControlSet\Control\Print\DisableWERLogging DWORD 1 (if you 
don't do this, the print spooler will occasionally fill your C: disk up with 
error logs).
Create HKLM\CurrentControlSet\Control\FileSystem\NtfsDisableLastAccessUpdate 
DWORD 1 - NOTE! You may not want to do this - research before implementing.
DELETE this key HKEY_USERS\.DEFAULT\Software\Hewlett-Packard - 
Do this if you use HP printers.  Trust me.
DELETE this key HKCU\Software\Hewlett-Packard - Ditto

User settings - implemented via loopback
Set folder redirection
Create 
HKCU\Softare\Policies\Microsoft\Office\12.0\Common\Toolbars\QuickAccessToolbarRoaming
 DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create 
HKCU\Softare\Policies\Microsoft\Office\14.0\Common\Toolbars\CustomUIRoaming 
DWORD 1  See http://support.microsoft.com/kb/958062 for details.
Create HKCU\ Software\Microsoft\Windows\CurrentVersion\Internet 
Settings\Zones\3\1A10 DWORD 1 - This sets IE privacy to default

Application blacklist
Blacklist all of the common updaters (Java, Adobe, etc)
Blacklist VMWare tools (if you are running under VMWare)
Blacklist your Antivirus user interface agent (you don't want 
users kicking off scans of your C: drive)
Blacklist c:\wind

Re: 50GB free storage from Box.com

[kz20fl]

DataNow client

--Original Message--
From: Angus Scott-Fleming
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Re: 50GB free storage from Box.com
Sent: 26 Feb 2013 01:37

On 13 Feb 2013 at 16:21, James Rankin  wrote:

> I have a free 8TB in my home-based solution :-)

[Sorry about the "Late to the thread" post -- been offline at a golf tourney 
;-)]

What cloud software do you use to access that from your iDevices, Androids, and 
Macs?



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote control software

[kz20fl]

What's wrong with RDP?

--Original Message--
From: Nigel Parker
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Remote control software
Sent: 27 Feb 2013 10:21

Hi 
We are finally moving to windows 7 however one problem we have is that
on windows xp we used VNC we even created a batch file that would roll
the software out to desktops.

We could use remote assistance however!
We arrange a time to connect but then find the user has gone to a
meeting or is on lunch if this is the case we can then connect and do
what we have to while they are out.

In our IT policy it does say we can control you machine at any time for
updates.

question is then does anyone use VNC or similar on windows 7, all I get
when connecting is a black screen 
Recommendations are very welcome  

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk




Please consider the environment before printing this e-mail.

The statements and opinions expressed in this email are my own and may not 
represent those of Ultraframe (UK) Ltd.
This email is subject to copyright and the information contained in it is 
confidential and may be legally privileged. It is sent out only for intended 
recipient(s). Access to this email by anyone else is unauthorised. If you are 
not an intended recipient, any disclosure, copying, distribution or other use 
or any action taken or omitted to be taken in reliance on it, is prohibited and 
unlawful.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote control software

[kz20fl]

Turn it on using Group Policy. I can tell you the objects you need if you want.

If you still have Win 95 and NT4, well, issues like this should be a lever to 
getting them upgraded.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Nigel Parker" 
Date: Wed, 27 Feb 2013 10:48:39 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote control software

Hi 
I looked at using this
But if it's not configured on the machine, I didn't find a way of
turning it on remotely, also as we have always used VNC and we have a
veriety of machines from win 95 /Nt4 /windows /2000 /xp /windows7 

I wanted one program that I could use to control them all 
The windows 95 machine will not be upgraded nor will the Nt4 as the run
manufacturing systems, 

Thanks 

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk



  

-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com] 
Sent: 27 February 2013 10:38
To: NT System Admin Issues
Subject: Re: Remote control software

What's wrong with RDP?

--Original Message--
From: Nigel Parker
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Remote control software
Sent: 27 Feb 2013 10:21

Hi
We are finally moving to windows 7 however one problem we have is that
on windows xp we used VNC we even created a batch file that would roll
the software out to desktops.

We could use remote assistance however!
We arrange a time to connect but then find the user has gone to a
meeting or is on lunch if this is the case we can then connect and do
what we have to while they are out.

In our IT policy it does say we can control you machine at any time for
updates.

question is then does anyone use VNC or similar on windows 7, all I get
when connecting is a black screen Recommendations are very welcome  

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk




Please consider the environment before printing this e-mail.

The statements and opinions expressed in this email are my own and may
not represent those of Ultraframe (UK) Ltd.
This email is subject to copyright and the information contained in it
is confidential and may be legally privileged. It is sent out only for
intended recipient(s). Access to this email by anyone else is
unauthorised. If you are not an intended recipient, any disclosure,
copying, distribution or other use or any action taken or omitted to be
taken in reliance on it, is prohibited and unlawful.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Sent from my Blackberry, which may be an antique but delivers email
RELIABLY ~ Finally, powerful endpoint security that ISN'T a resource
hog! ~ ~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Please consider the environment before printing this e-mail.

The statements and opinions expressed in this email are my own and may not 
represent those of Ultraframe (UK) Ltd.
This email is subject to copyright and the information contained in it is 
confidential and may be legally privileged. It is sent out only for intended 
recipient(s). Access to this email by anyone else is unauthorised. If you are 
not an intended recipient, any disclosure, copying, distribution or other use 
or any action taken or omitted to be taken in reliance on it, is prohibited and 
unlawful.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: [Bulk] RE: Remote control software

[kz20fl]

Couldn't you package them up with App-V, ThinApp, XenApp or the like? I know 
you're not supposed to use the likes of App-V to get round OS restrictions, but 
I've seen it done very successfully...

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Orland, Kathleen" 
Date: Wed, 27 Feb 2013 08:49:36 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: [Bulk] RE: Remote control 
software

Some of us are constrained by budget. I still have W2K systems out there,
but none of them have internet access or email. Some can't be upgraded
because the software packages won't run on anything newer and the vendor
does not offer it. I have no budget for new hardware. Zero. 

-Original Message-
From: Paul Gordon [mailto:paul_gor...@hotmail.com] 
Sent: Wednesday, February 27, 2013 8:42 AM
To: NT System Admin Issues
Subject: [Bulk] RE: Remote control software

Sorry...  I really can't help it... I have to...

HAHAHAHAHAHAHAHAHAHAHA!

Laugh out loud... - you're running *PRODUCTION* systems on an 18 year old
OS, that has been out of support for over a decade, and is about as secure
as a whore's drawers...???

Are these systems running on similarly ancient hardware, or have you at
least managed to virtualise them so they can be run on kit that isn't likely
to expire at any moment?

Sorry if I sound unsympathetic... but I do quite occasionally come across a
similar blinkered attitude in $dayjob, and I really do take a pretty dim
view of it...

No offence intended

Paul G.


-Original Message-
From: Nigel Parker [mailto:nigel.par...@ultraframe.co.uk]
Sent: 27 February 2013 11:47
To: NT System Admin Issues
Subject: RE: Remote control software

Hi tried vnc lite it didn't seem to work well on windows 7 I connected once
then just had a a black screen, we tried various workarounds but none seemed
to work!
Will look at logmein
And the group policy settings 

Upgrading 95 and nt4 isn't an option due to the expense 
 

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk




-Original Message-
From: Orland, Kathleen [mailto:korl...@rogers.com]
Sent: 27 February 2013 11:30
To: NT System Admin Issues
Subject: RE: Remote control software

What about VNC Lite or LogMeIn? 

-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Wednesday, February 27, 2013 6:06 AM
To: NT System Admin Issues
Subject: Re: Remote control software

Turn it on using Group Policy. I can tell you the objects you need if you
want.

If you still have Win 95 and NT4, well, issues like this should be a lever
to getting them upgraded.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Nigel Parker" 
Date: Wed, 27 Feb 2013 10:48:39
To: NT System Admin Issues
Reply-To: "NT System Admin Issues"
Subject: RE: Remote control software

Hi
I looked at using this
But if it's not configured on the machine, I didn't find a way of turning it
on remotely, also as we have always used VNC and we have a veriety of
machines from win 95 /Nt4 /windows /2000 /xp /windows7 

I wanted one program that I could use to control them all The windows 95
machine will not be upgraded nor will the Nt4 as the run manufacturing
systems, 

Thanks 

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk



  

-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: 27 February 2013 10:38
To: NT System Admin Issues
Subject: Re: Remote control software

What's wrong with RDP?

--Original Message--
From: Nigel Parker
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Remote control software
Sent: 27 Feb 2013 10:21

Hi
We are finally moving to windows 7 however one problem we have is that on
windows xp we used VNC we even created a batch file that would roll the
software out to desktops.

We could use remote assistance however!
We arrange a time to connect but then find the user has gone to a meeting or
is on lunch if this is the case we can then connect and do what we have to
while they are out.

In our IT policy it does say we can control you machine at any time for
updates.

question is then does anyone use VNC or similar on windows 7, all I get when
connecting is a black screen Recommendations are very welcome  

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk




Please consider the environment before printing this e-mail.

The statements and opinions expressed in this email are my own and may not
represent those of Ultraframe (UK) Ltd.
This email is subject to copyright and the information contained in it is

Re: Remote control software

[kz20fl]

Would they support some form of application packaging? I've done a lot of work 
recently packaging apps similar to these to remove outdated platforms from 
customer infrastructure

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Nigel Parker" 
Date: Wed, 27 Feb 2013 15:16:51 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote control software

Hi 

Thanks 

 

Virtualisation NO 

 

They talk to the cutting machines over 2 serial ports using real mode
drivers 

The software supplier has no update for these except to replace the
whole package and cutting machines, this is very expensive!

 

Regards

 

Nigel Parker

Systems Engineer

Ultraframe (UK) Ltd

Tel:   01200 452329

Fax:   01200 452201

Web:   www.ultraframe.com  

Email: mailto:nigel.par...@ultraframe.co.uk
 

 

 

 

 

From: James Rankin [mailto:kz2...@googlemail.com] 
Sent: 27 February 2013 12:11
To: NT System Admin Issues
Subject: Re: Remote control software

 

You will need to configure (off the top of my head)

Computer Config | Admin Templates | Windows Components | Remote Desktop
Services | Remote Desktop Session Host | Connections | Allow users to
connect remotely using Remote Desktop Services

You may also need to configure the firewall using Computer Config |
Admin Templates | Network | Network Connectuons | Windows Firewall |
Domain Profile | Windows Firewall: Allow inbound Remote Desktop
exceptions

As for the Win95 and NT4 stuff, could you not virtualize them via a P2V
and then use the console connections in your hypervisor software rather
than any remote control software?

Cheers,




JR

 

 

On 27 February 2013 11:47, Nigel Parker 
wrote:

Hi tried vnc lite it didn't seem to work well on windows 7 I connected
once then just had a a black screen, we tried various workarounds but
none seemed to work!
Will look at logmein
And the group policy settings

Upgrading 95 and nt4 isn't an option due to the expense



Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk




-Original Message-

From: Orland, Kathleen [mailto:korl...@rogers.com]
Sent: 27 February 2013 11:30
To: NT System Admin Issues

Subject: RE: Remote control software

What about VNC Lite or LogMeIn?

-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]

Sent: Wednesday, February 27, 2013 6:06 AM

To: NT System Admin Issues
Subject: Re: Remote control software

Turn it on using Group Policy. I can tell you the objects you need if
you want.

If you still have Win 95 and NT4, well, issues like this should be a
lever to getting them upgraded.


Sent from my Blackberry, which may be an antique but delivers email
RELIABLY

-Original Message-
From: "Nigel Parker" 
Date: Wed, 27 Feb 2013 10:48:39
To: NT System Admin Issues
Reply-To: "NT System Admin Issues"
Subject: RE: Remote control
software

Hi
I looked at using this
But if it's not configured on the machine, I didn't find a way of
turning it on remotely, also as we have always used VNC and we have a
veriety of machines from win 95 /Nt4 /windows /2000 /xp /windows7

I wanted one program that I could use to control them all The windows 95
machine will not be upgraded nor will the Nt4 as the run manufacturing
systems,

Thanks

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk





-Original Message-
From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: 27 February 2013 10:38
To: NT System Admin Issues
Subject: Re: Remote control software

What's wrong with RDP?

--Original Message--
From: Nigel Parker
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Remote control software
Sent: 27 Feb 2013 10:21

Hi
We are finally moving to windows 7 however one problem we have is that
on windows xp we used VNC we even created a batch file that would roll
the software out to desktops.

We could use remote assistance however!
We arrange a time to connect but then find the user has gone to a
meeting or is on lunch if this is the case we can then connect and do
what we have to while they are out.

In our IT policy it does say we can control you machine at any time for
updates.

question is then does anyone use VNC or similar on windows 7, all I get
when connecting is a black screen Recommendations are very welcome

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk




Please consider the environment before printing this e-mail.

The statements and opinions expressed in this email are my own and may
not represent those of Ultraframe (UK) Ltd.
This email is subject to copyri

Re: Remote control software

[kz20fl]

I don't think he suggested that! Merely that the possibility of malware 
infection was highly elevated

If you want anyone to take a crack at advising on packaging possibilities, I 
could easily suggest a few options, contact me offline if you're interested

Cheers,


JR

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Nigel Parker" 
Date: Wed, 27 Feb 2013 16:03:35 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote control software

Hi 
Thanks just downloading Tight Vnc now 

Thanks to everyone who helped 
Apart from the guy who suggested he would bring us down with a Malware
attack 

Regards
Nigel 



-Original Message-
From: Bill Humphries [mailto:nt...@hedgedigger.com] 
Sent: 27 February 2013 15:47
To: NT System Admin Issues
Subject: Re: Remote control software

tightvnc has always worked better for me on more systems.  I sometimes
use it to connect to Macs also since Apple Remote Desktop's bones are
VNC.

-Original Message-
From: Joseph Schvarcz
Sent: Wednesday, February 27, 2013 10:24 AM
To: NT System Admin Issues
Subject: RE: Remote control software

We use TightVnc instead of VNC on windows 7, works great..

-Original Message-
From: Nigel Parker [mailto:nigel.par...@ultraframe.co.uk]
Sent: Wednesday, February 27, 2013 5:22 AM
To: NT System Admin Issues
Subject: Remote control software

Hi
We are finally moving to windows 7 however one problem we have is that
on windows xp we used VNC we even created a batch file that would roll
the software out to desktops.

We could use remote assistance however!
We arrange a time to connect but then find the user has gone to a
meeting or is on lunch if this is the case we can then connect and do
what we have to while they are out.

In our IT policy it does say we can control you machine at any time for
updates.

question is then does anyone use VNC or similar on windows 7, all I get
when connecting is a black screen Recommendations are very welcome

Nigel Parker
Systems Engineer
Ultraframe (UK) Ltd
Tel:   01200 452329
Fax:   01200 452201
Web:   www.ultraframe.com
Email: mailto:nigel.par...@ultraframe.co.uk




Please consider the environment before printing this e-mail.

The statements and opinions expressed in this email are my own and may
not represent those of Ultraframe (UK) Ltd.
This email is subject to copyright and the information contained in it
is confidential and may be legally privileged. It is sent out only for
intended recipient(s). Access to this email by anyone else is
unauthorised. If you are not an intended recipient, any disclosure,
copying, distribution or other use or any action taken or omitted to be
taken in reliance on it, is prohibited and unlawful.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin



~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


Please consider the environment before printing this e-mail.

The statements and opinions expressed in this email are my own and may not 
represent those of Ultraframe (UK) Ltd.
This email is subject to copyright and the information contained in it is 
confidential and may be legally privileged. It is sent out only for intended 
recipient(s). Access to this email by anyone else is unauthorised. If you are 
not an intended recipient, any disclosure, copying, distribution or other use 
or any action taken or omitted to be taken in reliance on it, is prohibited and 
unlawful.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Ping by name tool

[kz20fl]

You could do that easily with ping itself and the FOR command

Give me some time and I might be able to dig out an example, if no-one else 
chimes in

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Wed, 27 Feb 2013 18:24:09 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Ping by name tool

I'm looking for a ping tool that will ping a text file list of hostnames and 
return the reply, IP address and the NetBIOS name. Here's what I currently have 
to do:

Get list of machine names from AD, McAfee, or other systems. Ping the name
With the returned IP, do an NBTSTAT -A to check the NetBIOS name to see if it 
matches the pinged host name

I have to do this because frequently our VPN'd systems don't have a correct DNS 
entry, so some management software gets tripped up.

I could do a search for free ping tools, but figured a query here might save me 
time if someone has a tool they do that already meets this requirement. 
Advanced IP scanner comes close, but only accepts IP's and not host names as 
what to ping.

Ideally the output would be in a CSV format. I'm guessing PowerShell can do 
this too?
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Ping by name tool

[kz20fl]

For /f %%a in (hostnames.txt) do set host=%%a& call :DOSTUFF

Might be a starting point as well, if you're batch-comfortable


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Steven Peck 
Date: Wed, 27 Feb 2013 10:49:34 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Ping by name tool

oh hey
http://www.myitforum.com/forums/m172057-print.aspx
4th reply.  Looks to be PowerShell v1 stuff but seems to have what you
asked about.

$Computer = "remotecomputer.domain.com"

if (($Ping = Get-WmiObject -Class Win32_PingStatus -Filter
"Address='$Computer'").StatusCode -eq 0) {
nbtstat -A $Ping.ProtocolAddress
} else { "no response to ping" }


add a $servers = get-content "list.txt" and then put the rest in a for loop.


On Wed, Feb 27, 2013 at 10:39 AM, Steven Peck  wrote:

> The BSonPosh module has a ton of stuff similar to this you could use as a
> starting point
>
> http://bsonposh.codeplex.com/
>
> Since it's a script module you can open them up and see how they work as
> well.
>
> On Wed, Feb 27, 2013 at 10:24 AM, David Lum  wrote:
>
>>  I’m looking for a ping tool that will ping a text file list of
>> hostnames and return the reply, IP address and the NetBIOS name. Here’s
>> what I currently have to do:
>>
>> ** **
>>
>> Get list of machine names from AD, McAfee, or other systems. Ping the name
>> 
>>
>> With the returned IP, do an NBTSTAT –A to check the NetBIOS name to see
>> if it matches the pinged host name
>>
>> ** **
>>
>> I have to do this because frequently our VPN’d systems don’t have a
>> correct DNS entry, so some management software gets tripped up.
>>
>> ** **
>>
>> I could do a search for free ping tools, but figured a query here might
>> save me time if someone has a tool they do that already meets this
>> requirement. Advanced IP scanner comes close, but only accepts IP’s and not
>> host names as what to ping.
>>
>> ** **
>>
>> Ideally the output would be in a CSV format. I’m guessing PowerShell can
>> do this too?
>>
>> *David Lum*
>> Sr. Systems Engineer // NWEATM
>> Office 503.548.5229 //* *Cell (voice/text) 503.267.9764
>>
>> ** **
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote control software

[kz20fl]

I bet there's a few copies of Melissa and I Love You still floating around the 
interwebs



--Original Message--
From: Ben Scott
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Re: Remote control software
Sent: 27 Feb 2013 19:29

On Wed, Feb 27, 2013 at 10:28 AM, Kurt Buff  wrote:
>> Upgrading 95 and nt4 isn't an option due to the expense
>
> One bit of malware will put paid to that argument...

  Actually, I bet most malware today wouldn't know what to do with Windows 95.

  (For real security, they should switch to Banyan Vines and CP/M.)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Remote control software

[kz20fl]

It will get you some support though (even though it is very high). I'd be 
curious to know if the OS blows on the NT4 systems, would MS give any help? 
Probably for a high price as well


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Mayo, Bill" 
Date: Wed, 27 Feb 2013 19:45:14 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Remote control software

The OP indicated quite a high price tag.  It would be one thing if you could 
say, "If we upgraded this to Windows 7 then we could not be attacked by 
malware", but that isn't the case.  While I generally agree with you, $1 
million is not a small amount for something that doesn't guarantee you anything.

-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com] 
Sent: Wednesday, February 27, 2013 1:11 PM
To: NT System Admin Issues
Subject: Re: Remote control software

Uh - I wasn't suggesting that I (or you) would or should bring your 
environement down with malware.

However, it is indubitably true if malware gets into your network, given the 
out of date OSes and applications being run, that you could easily have a 
disaster on your hands where so much damage was inflicted that rectifying the 
situation could easily equal or exceed the cost of getting all of your kit up 
to date, if not outright put the company out of business.

And just one person with a USB stick could get it done, or, depending on the 
architecture of the network, possibly an errant email or web browsing session. 
The latter scenario depends on the user network connected to the manufacturing 
network, which is all too common.

*That* was the point of my comment.

Kurt

On Wed, Feb 27, 2013 at 8:03 AM, Nigel Parker  
wrote:
> Hi
> Thanks just downloading Tight Vnc now
>
> Thanks to everyone who helped
> Apart from the guy who suggested he would bring us down with a Malware 
> attack
>
> Regards
> Nigel
>
>
>
> -Original Message-
> From: Bill Humphries [mailto:nt...@hedgedigger.com]
> Sent: 27 February 2013 15:47
> To: NT System Admin Issues
> Subject: Re: Remote control software
>
> tightvnc has always worked better for me on more systems.  I sometimes 
> use it to connect to Macs also since Apple Remote Desktop's bones are 
> VNC.
>
> -Original Message-
> From: Joseph Schvarcz
> Sent: Wednesday, February 27, 2013 10:24 AM
> To: NT System Admin Issues
> Subject: RE: Remote control software
>
> We use TightVnc instead of VNC on windows 7, works great..
>
> -Original Message-
> From: Nigel Parker [mailto:nigel.par...@ultraframe.co.uk]
> Sent: Wednesday, February 27, 2013 5:22 AM
> To: NT System Admin Issues
> Subject: Remote control software
>
> Hi
> We are finally moving to windows 7 however one problem we have is that 
> on windows xp we used VNC we even created a batch file that would roll 
> the software out to desktops.
>
> We could use remote assistance however!
> We arrange a time to connect but then find the user has gone to a 
> meeting or is on lunch if this is the case we can then connect and do 
> what we have to while they are out.
>
> In our IT policy it does say we can control you machine at any time 
> for updates.
>
> question is then does anyone use VNC or similar on windows 7, all I 
> get when connecting is a black screen Recommendations are very welcome
>
> Nigel Parker
> Systems Engineer
> Ultraframe (UK) Ltd
> Tel:   01200 452329
> Fax:   01200 452201
> Web:   www.ultraframe.com
> Email: mailto:nigel.par...@ultraframe.co.uk
>
>
>
>
> Please consider the environment before printing this e-mail.
>
> The statements and opinions expressed in this email are my own and may 
> not represent those of Ultraframe (UK) Ltd.
> This email is subject to copyright and the information contained in it 
> is confidential and may be legally privileged. It is sent out only for 
> intended recipient(s). Access to this email by anyone else is 
> unauthorised. If you are not an intended recipient, any disclosure, 
> copying, distribution or other use or any action taken or omitted to 
> be taken in reliance on it, is prohibited and unlawful.
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
>
> ---
> To m

Re: Vmware Design for XenApp 6.5 w/PVS

[kz20fl]

Are you using the AppSense Personalization Server feature? That's going to have 
a big influence on your requirements if you are.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Sean Martin 
Date: Thu, 28 Feb 2013 07:58:09 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Vmware Design for XenApp 6.5 
w/PVS

Hello everyone,

Let me start first by apologize for the length of this message. In my
pursuit of providing all of the relevant information I fully expect for
this to be a bit long winded.

We're in the final planning stages of a migration from a purely physical
XenApp 5 on Windows 2003 environment to a virtualized XenApp 6.5 with
Provisioning Services environment on ESXi 5.0. I was hoping I could toss
out our initial design and gather some feedback.

Our current environment consists of a single farm, two sites, and just
under 200 physical servers. That includes the SQL server, data collectors,
existing Web Interface servers, licensing server and all of the
presentation servers. We currently support 12 application silos. The
purpose of each silo varies from application compatibility issues, business
unit requirements, performance requirements, etc. At our peak, we support
approximately 1400 concurrent sessions. This is the number we've used to
design our future environment.

The new environment will consist of a dedicated vSphere Cluster for the
XenApp servers (using provisioning services). Other supporting services
(SQL Server, zone data collectors, licensing server, etc.) will be
supported in a general vSphere cluster. Web Interface will be migrated to
NetScaler Appliances. We will also be deploying AppSense Environment
Manager and using AppDNA to validate application compatibility.

Anyway, my specific responsibility is to forcast the infrastructure
requirements and work directly with our Citrix Admins. I used the following
article as the primary reference material for starting our design. We
decided to plan conservatively and base our consolidation ratios with a 20
users per guest target. The host config I've decided on are Dell PowerEdge
R820s with Quad E5-4640 2.4GHz 8 core procs and 384GB RAM. Using the
recommendation of 4vCPUs per guest we can support 16VMs per host which
equates to 320 users per host. 5 hosts will allow us to support a peak of
1600 concurrent user sessions. We will purchase 6 hosts to maintain our N+1
cluster design standards. I dediced to bump the RAM per host considerably
to allow for increased guest allocation. We support over 200 published
applications in our environment, which are distributed amongst physical
server silos currently. One of our goals with PVS is to consolidate the
applications into as few images as possible si we want to certain we have
the hardware resources to support the guests. Each host will include a
FusionIO IO Drive to support maximum IO requirements and eliminate IO
contention on our SAN during large scale provisioning. All of our hosts
leverage infiniband with 80Gbps throughput for ethernet and native FC
connectivity.


http://blogs.citrix.com/2013/01/07/whats-the-optimal-xenapp-6-5-vm-configuration/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+CitrixBlogs+%28Citrix+Blogs%29

So after reading all of that I feel like I'm bragging. However, I have a
fundemental concern because even though we are being very conservative and
are likely procuring more resources than necessary, I have no reliable
means of validating the capabilities of this proposed environment vs. our
current workloads. My experience with Vmware tells me that even though the
aforementioned article suggests a 4 vCPU per guest configuration, we'll
likely start with a single vCPU configuration and do our best at initial
scalability testing while keeping an eye on CPU waits. Should we find
guests perform optimally with few vCPUs than that will just increase our
consolidation ratios.

I'm hoping some of you out there with a lot of XenApp experience (Webster,
James, etc.:) ) can either point out any major gaps in the initial hardware
design or hopefully validate that we're more than likely over provisioning
hardware resources.

- Sean

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Vmware Design for XenApp 6.5 w/PVS

[kz20fl]

Its a part of EM, and it is the profile management piece, replacing the 
profiles with an SQL database.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Sean Martin 
Date: Thu, 28 Feb 2013 08:29:32 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Vmware Design for XenApp 
6.5 w/PVS

We haven't gone through the low-level design process for each of the 
deliverables yet, so I am not sure if we're using that feature. Is that a part 
of the Environment Manager? Our implementation of AppSense is purely for a 
profile management solution because of the garbage that roaming profiles makes 
us deal with in our current environment.

- Sean

On Feb 28, 2013, at 8:03 AM, kz2...@googlemail.com wrote:

> Are you using the AppSense Personalization Server feature? That's going to 
> have a big influence on your requirements if you are.
> 
> Sent from my Blackberry, which may be an antique but delivers email RELIABLY
> From: Sean Martin 
> Date: Thu, 28 Feb 2013 07:58:09 -0900
> To: NT System Admin Issues
> ReplyTo: "NT System Admin Issues" 
> Subject: Vmware Design for XenApp 6.5 w/PVS
> 
> Hello everyone,
>  
> Let me start first by apologize for the length of this message. In my pursuit 
> of providing all of the relevant information I fully expect for this to be a 
> bit long winded.
>  
> We're in the final planning stages of a migration from a purely physical 
> XenApp 5 on Windows 2003 environment to a virtualized XenApp 6.5 with 
> Provisioning Services environment on ESXi 5.0. I was hoping I could toss out 
> our initial design and gather some feedback.
>  
> Our current environment consists of a single farm, two sites, and just under 
> 200 physical servers. That includes the SQL server, data collectors, existing 
> Web Interface servers, licensing server and all of the presentation servers. 
> We currently support 12 application silos. The purpose of each silo varies 
> from application compatibility issues, business unit requirements, 
> performance requirements, etc. At our peak, we support approximately 1400 
> concurrent sessions. This is the number we've used to design our future 
> environment.
>  
> The new environment will consist of a dedicated vSphere Cluster for the 
> XenApp servers (using provisioning services). Other supporting services (SQL 
> Server, zone data collectors, licensing server, etc.) will be supported in a 
> general vSphere cluster. Web Interface will be migrated to NetScaler 
> Appliances. We will also be deploying AppSense Environment Manager and using 
> AppDNA to validate application compatibility.
>  
> Anyway, my specific responsibility is to forcast the infrastructure 
> requirements and work directly with our Citrix Admins. I used the following 
> article as the primary reference material for starting our design. We decided 
> to plan conservatively and base our consolidation ratios with a 20 users per 
> guest target. The host config I've decided on are Dell PowerEdge R820s with 
> Quad E5-4640 2.4GHz 8 core procs and 384GB RAM. Using the recommendation of 
> 4vCPUs per guest we can support 16VMs per host which equates to 320 users per 
> host. 5 hosts will allow us to support a peak of 1600 concurrent user 
> sessions. We will purchase 6 hosts to maintain our N+1 cluster design 
> standards. I dediced to bump the RAM per host considerably to allow for 
> increased guest allocation. We support over 200 published applications in our 
> environment, which are distributed amongst physical server silos currently. 
> One of our goals with PVS is to consolidate the applications into as few 
> images as possible si we want to certain we have the hardware resources to 
> support the guests. Each host will include a FusionIO IO Drive to support 
> maximum IO requirements and eliminate IO contention on our SAN during large 
> scale provisioning. All of our hosts leverage infiniband with 80Gbps 
> throughput for ethernet and native FC connectivity.
>  
> http://blogs.citrix.com/2013/01/07/whats-the-optimal-xenapp-6-5-vm-configuration/?utm_source=feedburner&utm_medium=email&utm_campaign=Feed%3A+CitrixBlogs+%28Citrix+Blogs%29
> 
> So after reading all of that I feel like I'm bragging. However, I have a 
> fundemental concern because even though we are being very conservative and 
> are likely procuring more resources than necessary, I have no reliable means 
> of validating the capabilities of this proposed environment vs. our current 
> workloads. My experience with Vmware tells me that even though the 
> aforementioned article suggests a 4 vCPU per guest configuration, we'll 
> likely start with a single vCPU configuration and do our best at initial 
> scalability testing while keeping an eye on CPU waits. Should we find guests 
> perform optimally with few vCPUs than that will just increase our 
> consolidation ratios.
> 
> I'm hoping some of you out there with a lot of XenApp experience (Webs

Re: IIS reporting/monitoring free tool

[kz20fl]

I'm quite impressed with that too. Shows how good MS are at publicizing good 
features they develop (i.e. not at all)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Maglinger, Paul" 
Date: Thu, 28 Feb 2013 22:36:10 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: IIS reporting/monitoring 
free tool

Damn.  You had to show me that.  Now I can't bad mouth IE quite as much as I 
used to.

From: Steven Peck [mailto:sep...@gmail.com]
Sent: Thursday, February 28, 2013 3:24 PM
To: NT System Admin Issues
Subject: Re: IIS reporting/monitoring free tool

For basic testing from a client machine you can also use F12 in IE.
Go to Network, Start Capture
Type in the URL
Click around, do stuff.  Stop Capture.

It will at least get you response request information, various calls etc. and 
it's most likely on the client system already.

That said, play around with the other tools, this just happens to already be 
there. :)





On Thu, Feb 28, 2013 at 12:47 PM, Ziots, Edward 
mailto:ezi...@lifespan.org>> wrote:
Fiddler can tell you some of the same information but httpwatch is a good tool 
to troubleshoot client side issues when looking at web information.

Z

Edward E. Ziots, CISSP, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org

This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.




-Original Message-
From: Kurt Buff [mailto:kurt.b...@gmail.com]
Sent: Thursday, February 28, 2013 3:19 PM
To: NT System Admin Issues
Subject: Re: IIS reporting/monitoring free tool

That's pretty cool. I'm going to try that.

Kurt

On Thu, Feb 28, 2013 at 12:02 PM, Kevin Lundy 
mailto:klu...@gmail.com>> wrote:
>
> I think you are looking for something like http watch
>
> http://www.httpwatch.com/
>
>
>
> On Thu, Feb 28, 2013 at 1:13 PM, itli...@imcu.com 
> mailto:itli...@imcu.com>>
> wrote:
>>
>> That is basically it.  The application developer says that brute
>> force testing on my server shows response time for 1000 pages on 10
>> accounts concurrently have an average 1.55 second response with is
>> below their required 2.00 response.  But the users are showing as
>> much as 5 minutes from Get to Post. On their workstation on a 10/100
>> switch.  No WAN traffic all on the same LAN and same SWITCH for 20 of
>> the 23 users.  So I am game for anything I can do to show the
>> developer there are issues my users can not live with.
>>
>> But for now I am limited to their tools and their results.
>>
>> Thanks for all the help.
>>
>>
>>
>>
>>
>> From: Ken Schaefer 
>> [mailto:k...@adopenstatic.com] Posted At:
>> Wednesday, February 27, 2013 5:01 PM
>>
>>
>> Posted To: itli...@imcu.com
>> Conversation: IIS reporting/monitoring free tool
>> Subject: RE: IIS reporting/monitoring free tool
>>
>>
>>
>> The best way you are going to get a true picture of this if is you
>> run the tool on the client machine, or at the client's location. Not
>> on the server.
>>
>>
>>
>> On the server you can look at the Time-Taken field in the IIS logs to
>> get some idea of how long it takes IIS to put the page onto the wire.
>> That's not the same as the client actually receiving the packet, and
>> doesn't take into account any proxies, accelerators, caches etc.
>> between the server and the client.
>>
>>
>>
>> Anyway, if you have some more requirements, then perhaps we can help
>> with your searching.
>>
>>
>>
>> Cheers
>>
>> Ken
>>
>>
>>
>> From: itli...@imcu.com 
>> [mailto:itli...@imcu.com]
>> Sent: Thursday, 28 February 2013 7:56 AM
>> To: NT System Admin Issues
>> Subject: RE: IIS reporting/monitoring free tool
>>
>>
>>
>> Solarwinds, didn't give me the results I wanted, I need to know how
>> long each page is taken to return to the client workstations for a
>> particular app.
>>
>> Couldn't get AWSTATS to even give me one result.(Had it working on
>> another server last year but can not get this one to configure
>> properly.)
>>
>> IIS reporter but it is only giving me active connections to IIS not
>> per page or duration times?
>>
>> I saw Beta 7.0 had a IIS reporting tool but dev decided it wasn't
>> need for admin tools of IIS 7.5???
>>
>> Seems like that would be a good thing, unless they were borrowing
>> someones 

Re: Vmware Design for XenApp 6.5 w/PVS

[kz20fl]

No probs, feel free to hit me up for more info, I am currently involved in the 
worlds most boring project


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Sean Martin 
Date: Mon, 4 Mar 2013 10:57:50 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Vmware Design for XenApp 
6.5 w/PVS

Sorry for the delayed response. Thanks again James, this is fantastic
information. I'm doing all I can to disseminate this amongst my team. I'm
sure I'll have more follow ups as we start on the low level design and
implementation of each technology.

- Sean

On Thu, Feb 28, 2013 at 10:49 AM, James Rankin wrote:

> If you're using the Personalization Server feature (and it sounds like you
> are), you need to be aware that if you lose this area of the environment,
> not only do you get no customization of user profile, session or any of
> their applications, you take the risk of overwriting the Personalization
> data with default data and causing all sorts of problems for your user base.
>
> With this in mind, you'll want heavy redundancy on both the SQL backend
> and in the web services that facilitate communication with the SQL backend.
> AppSense supports clustering, replication, mirroring and all the other
> usual SQL redundancy features. You will also probably want to configure
> some failover in the web services that provide the Management Server site
> and the Personalization Server site.
>
> There are some non-default options within Personalization itself I'd
> recommend - Offline Resiliency ensures that in the event of a database
> outage, the client caches Personalization data and resyncs once the
> database is available. I'd also recommend enabling either the web portal
> and/or the self-service profile reset features, which again will dictate
> the sizing of your database depending on how many archives you keep. See
> this article for a discussion of AppSense database sizing -
> http://appsensebigot.blogspot.co.uk/2012/09/appsense-management-server-and_13.html
>
> There are also a few gotchas around AppSense and PVS I'd want to bear in
> mind -
> http://appsensebigot.blogspot.co.uk/2012/05/using-appsense-with-citrix-provisioning.htmland
>  some AV considerations -
> http://appsensebigot.blogspot.co.uk/2012/03/antivirus-exclusions-for-appsense.html
>
> I'd also recommend you seriously consider using the Performance Manager
> feature of AppSense. It can eke out up to 40% higher user density on XenApp
> platforms - a serious ROI if ever there was one.
>
> On the XenApp side, I think Web has more than adequately covered what you
> need. I'll back him up on the fact that StoreFront (I dare speak the name)
> is not really fit for purpose yet.
>
> If you need any more advice on the AppSense side of things feel free to
> shoot me an email offline, although at your current stage I don't think you
> need do much other than scope for the heavy redundancy in the SQL side of
> things.
>
> Cheers,
>
>
>
> JR
>
>
>  On 28 February 2013 17:29, Sean Martin  wrote:
>
>>  We haven't gone through the low-level design process for each of the
>> deliverables yet, so I am not sure if we're using that feature. Is that a
>> part of the Environment Manager? Our implementation of AppSense is purely
>> for a profile management solution because of the garbage that roaming
>> profiles makes us deal with in our current environment.
>>
>> - Sean
>>
>> On Feb 28, 2013, at 8:03 AM, kz2...@googlemail.com wrote:
>>
>>   Are you using the AppSense Personalization Server feature? That's
>> going to have a big influence on your requirements if you are.
>>
>> Sent from my Blackberry, which may be an antique but delivers email
>> RELIABLY
>> --
>> *From: *Sean Martin 
>> *Date: *Thu, 28 Feb 2013 07:58:09 -0900
>>  *To: *NT System Admin Issues
>> *ReplyTo: *"NT System Admin Issues" <
>> ntsysadmin@lyris.sunbelt-software.com>
>>   *Subject: *Vmware Design for XenApp 6.5 w/PVS
>>
>> Hello everyone,
>>
>> Let me start first by apologize for the length of this message. In my
>> pursuit of providing all of the relevant information I fully expect for
>> this to be a bit long winded.
>>
>> We're in the final planning stages of a migration from a purely physical
>> XenApp 5 on Windows 2003 environment to a virtualized XenApp 6.5 with
>> Provisioning Services environment on ESXi 5.0. I was hoping I could toss
>> out our initial design and gather some feedback.
>>
>> Our current environment consists of a single farm, two sites, and just
>> under 200 physical servers. That includes the SQL server, data collectors,
>> existing Web Interface servers, licensing server and all of the
>> presentation servers. We currently support 12 application silos. The
>> purpose of each silo varies from application compatibility issues, business
>> unit requirements, performance requirements, etc. At our peak, we support
>> approximately 1400 concurrent sessions. This

Re: Vmware Design for XenApp 6.5 w/PVS

[kz20fl]

That one was right under the belt :-)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Mon, 4 Mar 2013 20:26:37 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Vmware Design for XenApp 
6.5 w/PVS

Are you still looking in the mirror?

Carl Webster
Consultant and Citrix Technology Professional
http://www.CarlWebster.com


From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Monday, March 04, 2013 3:07 PM
To: NT System Admin Issues
Subject: Re: Vmware Design for XenApp 6.5 w/PVS

No probs, feel free to hit me up for more info, I am currently involved in the 
worlds most boring project
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Sean Martin mailto:seanmarti...@gmail.com>>
Date: Mon, 4 Mar 2013 10:57:50 -0900
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: Re: Vmware Design for XenApp 6.5 w/PVS

Sorry for the delayed response. Thanks again James, this is fantastic 
information. I'm doing all I can to disseminate this amongst my team. I'm sure 
I'll have more follow ups as we start on the low level design and 
implementation of each technology.

- Sean
On Thu, Feb 28, 2013 at 10:49 AM, James Rankin 
mailto:kz2...@googlemail.com>> wrote:
If you're using the Personalization Server feature (and it sounds like you 
are), you need to be aware that if you lose this area of the environment, not 
only do you get no customization of user profile, session or any of their 
applications, you take the risk of overwriting the Personalization data with 
default data and causing all sorts of problems for your user base.

With this in mind, you'll want heavy redundancy on both the SQL backend and in 
the web services that facilitate communication with the SQL backend. AppSense 
supports clustering, replication, mirroring and all the other usual SQL 
redundancy features. You will also probably want to configure some failover in 
the web services that provide the Management Server site and the 
Personalization Server site.

There are some non-default options within Personalization itself I'd recommend 
- Offline Resiliency ensures that in the event of a database outage, the client 
caches Personalization data and resyncs once the database is available. I'd 
also recommend enabling either the web portal and/or the self-service profile 
reset features, which again will dictate the sizing of your database depending 
on how many archives you keep. See this article for a discussion of AppSense 
database sizing - 
http://appsensebigot.blogspot.co.uk/2012/09/appsense-management-server-and_13.html

There are also a few gotchas around AppSense and PVS I'd want to bear in mind - 
http://appsensebigot.blogspot.co.uk/2012/05/using-appsense-with-citrix-provisioning.html
 and some AV considerations - 
http://appsensebigot.blogspot.co.uk/2012/03/antivirus-exclusions-for-appsense.html

I'd also recommend you seriously consider using the Performance Manager feature 
of AppSense. It can eke out up to 40% higher user density on XenApp platforms - 
a serious ROI if ever there was one.

On the XenApp side, I think Web has more than adequately covered what you need. 
I'll back him up on the fact that StoreFront (I dare speak the name) is not 
really fit for purpose yet.

If you need any more advice on the AppSense side of things feel free to shoot 
me an email offline, although at your current stage I don't think you need do 
much other than scope for the heavy redundancy in the SQL side of things.

Cheers,



JR

On 28 February 2013 17:29, Sean Martin 
mailto:seanmarti...@gmail.com>> wrote:
We haven't gone through the low-level design process for each of the 
deliverables yet, so I am not sure if we're using that feature. Is that a part 
of the Environment Manager? Our implementation of AppSense is purely for a 
profile management solution because of the garbage that roaming profiles makes 
us deal with in our current environment.

- Sean

On Feb 28, 2013, at 8:03 AM, 
kz2...@googlemail.com wrote:
Are you using the AppSense Personalization Server feature? That's going to have 
a big influence on your requirements if you are.
Sent from my Blackberry, which may be an antique but delivers email RELIABLY



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 

Re: Semi-OT: Vsphere shutdown

[kz20fl]

Webster has millions of readers. Mainly Iranians :-)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Richard Stovall 
Date: Wed, 6 Mar 2013 13:35:09 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Semi-OT: Vsphere shutdown

Thanks for the offer, Carl. But wouldn't I want to put it somewhere where
it might actually be read?

:-)

But seriously, thanks for the offer. I'll see if I can find time to put
something together.

Richard
On Mar 6, 2013 7:32 AM, "Webster"  wrote:

> I would be happy to post the article on my site.
>
> Carl Webster
> Consultant and Citrix Technology Professional
> http://www.CarlWebster.com
>
>
>
> -Original Message-
> From: Laurence [mailto:laurence.chi...@jalapeno-bs.co.uk]
> Sent: Wednesday, March 06, 2013 4:49 AM
> To: NT System Admin Issues
> Subject: Re: Semi-OT: Vsphere shutdown
>
> Hi Richard
>
> good news that the whole thing went well for you
>
> have you considered writing this up as a news article, tech article, blog
> post or case study?
>
> about time that we had some good news from the IT industry instead of all
> the bad stuff about unplanned downtime, hacking etc.
>
> plus it would also look good on the CV when it comes to pay rise, new job
> time!!
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Semi-OT: Vsphere shutdown

[kz20fl]

Or that they would be allowed them under export laws!
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Wed, 6 Mar 2013 18:51:32 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Semi-OT: Vsphere shutdown

Iran being one of the top countries that hit my blog is a bit unnerving to say 
the least.  I am surprised the feds haven’t come knocking asking what is going 
on.  Plus all the “stan”s that hit my site is really weird.  I wouldn’t think 
anyone in those countries could afford Citrix licenses.


Carl Webster
Consultant and Citrix Technology Professional
http://www.CarlWebster.com


From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Subject: Re: Semi-OT: Vsphere shutdown

Webster has millions of readers. Mainly Iranians :-)
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Richard Stovall mailto:rich...@gmail.com>>
Subject: RE: Semi-OT: Vsphere shutdown

Thanks for the offer, Carl. But wouldn't I want to put it somewhere where it 
might actually be read?

:-)

But seriously, thanks for the offer. I'll see if I can find time to put 
something together.

Richard
On Mar 6, 2013 7:32 AM, "Webster" 
mailto:webs...@carlwebster.com>> wrote:
I would be happy to post the article on my site.





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Normalizing a disk image

[kz20fl]

Ah, top stuff, let me have a look at that, cheers!


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Thu, 7 Mar 2013 15:34:22 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Normalizing a disk image

http://support.citrix.com/servlet/KbServlet/download/24559-102-647700/XD%20-%20Top%2010%20Mistakes%20Identified%20When%20Doing%20Desktop%20Virtualization.pdf

Item #6, page 8 is about Antivirus.

I have still not found anything about booting multiple times before sealing the 
image.


Carl Webster
Consultant and Citrix Technology Professional
http://www.CarlWebster.com


From: Webster [mailto:webs...@carlwebster.com]
Sent: Thursday, March 07, 2013 5:43 AM
To: NT System Admin Issues
Subject: RE: Normalizing a disk image

The AV one, yes, that is recommended.

Boot 6 time, never heard of it.  BUT I have heard of booting and waiting a long 
time so .net stuff has time to compile in the background but that was several 
years ago.

Carl Webster
Consultant and Citrix Technology Professional
http://www.CarlWebster.com


From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Thursday, March 07, 2013 5:32 AM
To: NT System Admin Issues
Subject: Normalizing a disk image

Been doing a lot of work recently with Citrix Provisioning Services - for those 
of you that aren't familiar with it, it allows servers or desktops to boot from 
a "gold" or "master" read-only disk image that returns to the initial state at 
reboot time.
Obviously prior to "sealing" a gold image you have to normalize it to make sure 
that software doesn't fail and optimize it for best performance. I've gone 
through a lot of the usual optimizations, defrag, flush DNS, etc., but came 
across another two possible optimizations online and was wondering if they were 
actually worth doing.
One I heard about was running a full AV scan prior to sealing so that all files 
are already "known" to the antivirus software? Is this actually relevant, or 
does it depend on the AV in use?
The other possible optimization was rebooting the system six times and waiting 
120 seconds between each reboot to allow for boot prefetching. Again, is this 
something that would help a system run better?
Thanks for any insights,




--
James Rankin
Technical Consultant (ACA, CCA, MCTS)
http://appsensebigot.blogspot.co.uk

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: GoToMeeting/GoToWebinar Updates

[kz20fl]

You could achieve that with AppSense User Rights Management or Self-Elevation.

Failing that, some creative scripting using something like CPAU may help.

There may well be other options though

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Cameron Cooper 
Date: Wed, 13 Mar 2013 16:17:00 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: GoToMeeting/GoToWebinar Updates

Issue:
Sales user is offsite to demo our website/system and hosts a meeting in 
GoToMeeting/GoToWebinar.  When they go to start the meeting, they login and 
everything seems to work as normal.  As the meeting is in process to start, the 
user receives a UAC prompt asking to enter in administrative credentials.  
Issue here is that the user isn't a domain admin or an admin on their laptop 
and can't install the update.  Which in turn they can't host the meeting.

Question:
Is there a way to allow the user to install the updates without being prompted 
for admin credentials and not making them an admin on that laptop/workstation?

I know that you can setup a GPO to install a MSI package, However am not sure 
on how to resolve this when the user is offsite and not connected to the 
network.


Regards,

Cameron

___
Cameron Cooper | IT Manager | Aurico
Direct: 847.890.4021 | Cell: 224.688.2854 | Fax: 847.255.1896
ccoo...@aurico.com | 
www.aurico.com



CONFIDENTIALITY NOTICE: This email message is intended only for the person or 
entity to which it is addressed and may contain confidential material. Any 
unauthorized review, use, disclosure, downloading, copying or distribution is 
prohibited. If you are not the intended recipient, please contact the sender by 
reply email and permanently delete all copies of the original message. If you 
are the intended recipient but do not wish to receive communications through 
this medium, please advise the sender immediately.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Keeping 550+ systems maintained

[kz20fl]

Have you considered packaging those Firefox/Adobe etc apps up with App-V or 
something? It certainly mitigates some of the risk given that the packaged app 
can't interact heavily with the underlying OS due to the SystemGuard feature. 
When a client system checks in, it could then pick up the updated app. You'd 
have to pre-cache the apps for offline use, but it would certainly mitigate 
against a large part of the risk factor.

Cheers,


JR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Thu, 14 Mar 2013 20:23:57 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Keeping 550+ systems 
maintained

Excellent questions Ken, thanks. Up to date at this point means


1.   Current (within 1 day) of anti-virus signatures

2.   Have the latest Acrobat/Java/Firefox/Chrome updates within two weeks

3.   Successful backups (we use Tivoli to back up endpoints)

4.   Weekly report to confirm the above

Dave


From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Wednesday, March 13, 2013 8:01 PM
To: NT System Admin Issues
Subject: RE: Keeping 550+ systems maintained

I think you need to know what your requirements are.

How do you define "up to date"? e.g.

-  How quickly do you need to deploy something (or even have a range of 
critical/medium/low priority updates)?

-  And how do you need to report compliance (on demand? At pre-set 
intervals?)

-  And how do you measure your SLA? E.g. what is an acceptable level of 
'unknown' state devices? And how long can they remain as 'unknown'

Once you have an idea of what you need to meet, then you can start to work out 
what combination of technologies and people you need to meet it.

Cheers
Ken

From: David Lum [mailto:david@nwea.org]
Sent: Wednesday, 13 March 2013 1:40 AM
To: NT System Admin Issues
Subject: Keeping 550+ systems maintained

Scenario:

* 550 Windows workstations, with 100+ of them remote.

* Active Directory (W2K8R2 and W2K3 DCs).

* Windows 7 and Windows XP.

* Users are local admins.

* Some remote users VPN in daily, others only VPN in once/month, a few 
others almost never

* 30+ onsite users frequently jump between wired and wireless (in my 
experience this occasionally trips up DNS and thus management agents for a bit)

* Systems are cycled out at the rate of about 30 machines every quarter 
(relevant because finding a noncompliant machine often means knows if a system 
has been decommissioned or not). Systems are not always immediately removed 
from AD for various reasons.


Task: Keep them up to date on anti-virus and patches, incl. 3rd party 
(Java/Adobe/Chrome/etc.). This includes coordinating (with select users) 
installing/testing the patches on their systems before full rollout to the rest 
of the org.

Is this enough info to give a SWAG for how many hours/week you would you tell 
management this would take? A rough number works.
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764



~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: CSG 3.2 and Presenatation 4.5

[kz20fl]

Export the relevant parts of the Citrix eDocs website into PDFs, for a start.

Read Webster's blog :-)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Greg Sweers 
Date: Fri, 15 Mar 2013 14:47:13 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: CSG 3.2 and Presenatation 
4.5

Thank you Sir.  That is good info.

To get fully up to speed on this, not expert mind you but good enough.  What 
materials would you suggest to read.

Greg Sweers
CEO
ACTS360.com
P.O. Box 1193
Brandon, FL  33509
813-657-0849 Office
813-644-3479 Cell
813-644-3476 Fax

From: Webster [mailto:webs...@carlwebster.com]
Sent: Friday, March 15, 2013 9:51 AM
To: NT System Admin Issues
Subject: RE: CSG 3.2 and Presenatation 4.5

I have LOTS of customers who run CSG internally.  Some require that all traffic 
is encrypted and they also have a Citrix policy that says everyone uses RC5 
128-bit ICA Encryption.

I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 
(http://support.citrix.com/article/CTX133095).  That is also more than likely 
the last version of CSG.

I would also make sure you are running Web Interface 5.4.2 since it addresses 
known security vulnerabilities.  http://support.citrix.com/article/CTX130660  
This is also the last version of Web Interface.

If this is PS4.5 on Server 2003, just make sure your customer knows that on 
March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS.

I would recommend Hotfix Rollup Pack 7.  
http://support.citrix.com/article/CTX127926  Just make sure you read the 
prereqs first.

Once you install HRP7, install the following updates:

http://support.citrix.com/article/CTX133359 (security fix)
http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5 install 
before the next fix)
http://support.citrix.com/article/CTX126734 (Delivery Services Console 4.7.2, 
install after the previous update)

While you are updating stuff to get them all current, I would also upgrade to 
License Server 11.10 for Windows since it no longer uses IIS.  
https://www.citrix.com/downloads/licensing/license-server.html You will need to 
take 1 minute to return your current license file and download a new license 
file that is formatted for 11.10.  This will not affect any currently logged in 
users.

This should get you all up-to-date for all the dead products your customer is 
using.

Thanks


Webster

From: Ken Cornetet [mailto:ken.corne...@kimball.com]
Sent: Friday, March 15, 2013 8:04 AM
To: NT System Admin Issues
Subject: RE: CSG 3.2 and Presenatation 4.5

Why would you run CSG internally?

I run a Xenapp 5 farm with just a web interface for internal users. External 
users come through a different CSG/WI box in the DMZ.

From: Greg Sweers [mailto:gswe...@acts360.com]
Sent: Monday, March 04, 2013 2:41 PM
To: NT System Admin Issues
Subject: CSG 3.2 and Presenatation 4.5

We have a client who their internal guy just left and he basically maintained a 
Citrix Farm on Xenapp 4.5 with CSG 3.2

They have asked us to take a look and fix a few things.  I renewed their SSL 
cert which is running under their own PKI infrastructure, but the CSG service 
is disabled and the whole things is running through IIS.  They can login and 
everything works, but I have never seen that configuration before.

Usually the SSL on IIS is running 444 and the CSG runs 443.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: CSG 3.2 and Presenatation 4.5

[kz20fl]

I'd be paying particular attention to the support roadmap for XenApp 5 on 2003 
(what you're referring to as PS4.5). You may need to factor in some form of 
upgrade plan.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Fri, 15 Mar 2013 15:01:01 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: CSG 3.2 and Presenatation 
4.5

BTW, someone wrote an excellent script to document the XenApp 5 (PS45) Farm. :) 
 If you want to leave the customer with a document that will garner you high 
praise you should use the script. 

http://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/

http://carlwebster.com/documenting-a-citrix-xenapp-5-farm-with-microsoft-powershell-and-word-version-2/

Thanks


Webster

From: Greg Sweers [mailto:gswe...@acts360.com]
Sent: Friday, March 15, 2013 9:47 AM
To: NT System Admin Issues
Subject: RE: CSG 3.2 and Presenatation 4.5

Thank you Sir.  That is good info.

To get fully up to speed on this, not expert mind you but good enough.  What 
materials would you suggest to read.

Greg Sweers
CEO
ACTS360.com
P.O. Box 1193
Brandon, FL  33509
813-657-0849 Office
813-644-3479 Cell
813-644-3476 Fax

From: Webster [mailto:webs...@carlwebster.com]
Sent: Friday, March 15, 2013 9:51 AM
To: NT System Admin Issues
Subject: RE: CSG 3.2 and Presenatation 4.5

I have LOTS of customers who run CSG internally.  Some require that all traffic 
is encrypted and they also have a Citrix policy that says everyone uses RC5 
128-bit ICA Encryption.

I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 
(http://support.citrix.com/article/CTX133095).  That is also more than likely 
the last version of CSG.

I would also make sure you are running Web Interface 5.4.2 since it addresses 
known security vulnerabilities.  http://support.citrix.com/article/CTX130660  
This is also the last version of Web Interface.

If this is PS4.5 on Server 2003, just make sure your customer knows that on 
March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS.

I would recommend Hotfix Rollup Pack 7.  
http://support.citrix.com/article/CTX127926  Just make sure you read the 
prereqs first.

Once you install HRP7, install the following updates:

http://support.citrix.com/article/CTX133359 (security fix)
http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5 install 
before the next fix)
http://support.citrix.com/article/CTX126734 (Delivery Services Console 4.7.2, 
install after the previous update)

While you are updating stuff to get them all current, I would also upgrade to 
License Server 11.10 for Windows since it no longer uses IIS.  
https://www.citrix.com/downloads/licensing/license-server.html You will need to 
take 1 minute to return your current license file and download a new license 
file that is formatted for 11.10.  This will not affect any currently logged in 
users.

This should get you all up-to-date for all the dead products your customer is 
using.

Thanks


Webster

From: Ken Cornetet [mailto:ken.corne...@kimball.com]
Sent: Friday, March 15, 2013 8:04 AM
To: NT System Admin Issues
Subject: RE: CSG 3.2 and Presenatation 4.5

Why would you run CSG internally?

I run a Xenapp 5 farm with just a web interface for internal users. External 
users come through a different CSG/WI box in the DMZ.

From: Greg Sweers [mailto:gswe...@acts360.com]
Sent: Monday, March 04, 2013 2:41 PM
To: NT System Admin Issues
Subject: CSG 3.2 and Presenatation 4.5

We have a client who their internal guy just left and he basically maintained a 
Citrix Farm on Xenapp 4.5 with CSG 3.2

They have asked us to take a look and fix a few things.  I renewed their SSL 
cert which is running under their own PKI infrastructure, but the CSG service 
is disabled and the whole things is running through IIS.  They can login and 
everything works, but I have never seen that configuration before.

Usually the SSL on IIS is running 444 and the CSG runs 443.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sun

Re: CSG 3.2 and Presenatation 4.5

[kz20fl]

You will need the XenApp PS extensions loaded and the Policies module as well. 
I think Web's documentation is quite thorough. I normally run it from a XA 
server but not sure whether its a pre-requisite.

Cheers,


JR

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Sean Martin 
Date: Fri, 15 Mar 2013 08:50:43 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: CSG 3.2 and Presenatation 
4.5

Forgive the seemingly stupid question, but is this intended to be run from
a XenApp server? I was looking for instructions that would highlight how I
can run it against our test farm prior to our production farm.

- Sean

On Fri, Mar 15, 2013 at 7:01 AM, Webster  wrote:

>  BTW, someone wrote an excellent script to document the XenApp 5 (PS45)
> Farm. J  If you want to leave the customer with a document that will
> garner you high praise you should use the script. 
>
> ** **
>
> http://carlwebster.com/where-to-get-copies-of-the-documentation-scripts/**
> **
>
> ** **
>
>
> http://carlwebster.com/documenting-a-citrix-xenapp-5-farm-with-microsoft-powershell-and-word-version-2/
> 
>
> ** **
>
> Thanks
>
> ** **
>
> ** **
>
> Webster
>
> ** **
>
> *From:* Greg Sweers [mailto:gswe...@acts360.com]
> *Sent:* Friday, March 15, 2013 9:47 AM
> *To:* NT System Admin Issues
> *Subject:* RE: CSG 3.2 and Presenatation 4.5
>
> ** **
>
> Thank you Sir.  That is good info.  
>
> ** **
>
> To get fully up to speed on this, not expert mind you but good enough.
> What materials would you suggest to read.
>
> ** **
>
> *Greg Sweers*
>
> CEO
>
> *ACTS360.com ***
>
> *P.O. Box 1193*
>
> *Brandon, FL  33509*
>
> *813-657-0849 Office*
>
> *813-644-3479 Cell*
>
> *813-644-3476 Fax*
>
> ** **
>
> *From:* Webster [mailto:webs...@carlwebster.com ]
>
> *Sent:* Friday, March 15, 2013 9:51 AM
> *To:* NT System Admin Issues
> *Subject:* RE: CSG 3.2 and Presenatation 4.5
>
> ** **
>
> I have LOTS of customers who run CSG internally.  Some require that all
> traffic is encrypted and they also have a Citrix policy that says everyone
> uses RC5 128-bit ICA Encryption.
>
> ** **
>
> I would change IIS to use 444 and upgrade CSG to the latest version 3.3.1 (
> http://support.citrix.com/article/CTX133095).  That is also more than
> likely the last version of CSG.
>
> ** **
>
> I would also make sure you are running Web Interface 5.4.2 since it
> addresses known security vulnerabilities.
> http://support.citrix.com/article/CTX130660  This is also the last
> version of Web Interface.
>
> ** **
>
> If this is PS4.5 on Server 2003, just make sure your customer knows that
> on March 31st, 2013 that any Citrix product on Server 2003 is EOL/EOM/EOS.
> 
>
> ** **
>
> I would recommend Hotfix Rollup Pack 7.
> http://support.citrix.com/article/CTX127926  Just make sure you read the
> prereqs first.
>
> ** **
>
> Once you install HRP7, install the following updates:
>
> ** **
>
> http://support.citrix.com/article/CTX133359 (security fix)
>
> http://support.citrix.com/article/CTX122214 (Access Mgmt Console 4.6.5
> install before the next fix)
>
> http://support.citrix.com/article/CTX126734 (Delivery Services Console
> 4.7.2, install after the previous update)
>
> ** **
>
> While you are updating stuff to get them all current, I would also upgrade
> to License Server 11.10 for Windows since it no longer uses IIS.
> https://www.citrix.com/downloads/licensing/license-server.html You will
> need to take 1 minute to return your current license file and download a
> new license file that is formatted for 11.10.  This will not affect any
> currently logged in users.
>
> ** **
>
> This should get you all up-to-date for all the dead products your customer
> is using.
>
> ** **
>
> Thanks
>
> ** **
>
> ** **
>
> Webster
>
> ** **
>
> *From:* Ken Cornetet 
> [mailto:ken.corne...@kimball.com]
>
> *Sent:* Friday, March 15, 2013 8:04 AM
> *To:* NT System Admin Issues
> *Subject:* RE: CSG 3.2 and Presenatation 4.5
>
> ** **
>
> Why would you run CSG internally? 
>
> ** **
>
> I run a Xenapp 5 farm with just a web interface for internal users.
> External users come through a different CSG/WI box in the DMZ.
>
> ** **
>
> *From:* Greg Sweers [mailto:gswe...@acts360.com ]
> *Sent:* Monday, March 04, 2013 2:41 PM
> *To:* NT System Admin Issues
> *Subject:* CSG 3.2 and Presenatation 4.5
>
> ** **
>
> We have a client who their internal guy just left and he basically
> maintained a Citrix Farm on Xenapp 4.5 with CSG 3.2  
>
> ** **
>
> They have asked us to take a look and fix a few things.  I renewed their
> SSL cert which is running under their own PKI infrastructure, but the CSG
> service is disabled and the whole things is running through IIS.  They can
> login and everything works, but I have never seen that configuration before.
> 
>
> ** **
>
> Usually the SSL 

Re: Folder redirection questions

[kz20fl]

Can you exclude temp files from a redirected folder using just a GPO? Maybe you 
can do something with File Server Policies to achieve this, I haven't studied 
the newer stuff particularly deeply yet.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Andrew S. Baker" 
Date: Fri, 22 Mar 2013 10:33:26 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Folder redirection questions

GPO should be just fine.  It has the necessary flexibility.





*ASB
**http://XeeMe.com/AndrewBaker* *
**Providing Virtual CIO Services (IT Operations & Information Security) for
the SMB market…***





On Fri, Mar 22, 2013 at 9:41 AM, Tom Miller  wrote:

> We have a project to enable folder redirection here.  The goal is to
> redirect anything saved on the local \My Documents to the user's home
> folder.  I'd exclude the normal temp files and junk as well as PST files,
> since users tend to have huge PST files saved locally.  (We archive mail
> via an appliance so if a PST were not accessible we could use that.)
>
> Most desktops are Windows 7.  Servers are Windows 2008 R2.  I will
> probably create a DFS share to replicate the shares between our sites.  We
> have a number of users who travel to and from our various sites.  We also
> have a number of sales staff who connect via VPN but are rarely at one of
> our offices.
>
> Any suggestions for this sort of scenario?  Any third party products to
> recommend or is GPO satisfactory?  We may use a remote backup method for
> our sales folks (something like CrashPlan) instead of folder redirection
> for them.
>
> Thanks,
> Tom
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: virtualization question

[kz20fl]

RDS or Citrix XenApp? Or maybe App-V?

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Stephen Holtz" 
Date: Fri, 22 Mar 2013 13:58:42 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: virtualization question

Ok, another newbie to the world of virtualization here.  I have a POS (point
of sale) program that I want to be able to be accessed by iPads using a RDP
client.  However, I would like to put multiple instances of the program on a
server so that each iPad can access the POS program and keep it open during
service.  Any help even a starting point would be helpful.

 

TIA,

 

Stephen L. Holtz, MCSE, MCT
Director of Information Technology
Addison Reserve Country Club
7201 Addison Reserve Blvd.
Delray Beach, Fl. 33446
Ph: 561-455-1220
Cell: 561-441-0646

www.addisonreserve.cc  

ARLogoPlatinumClubDistinguishedEmerald
Proudly recognized as a 5-Star

Platinum Club of America.

 

This e-mail, and any attachments thereto, is intended only for use by the
addressee(s) named herein and may contain legally privileged and/or
confidential information. If you are not the intended recipient of this
e-mail, you are hereby notified that any dissemination, distribution or
copying of this e-mail, and any attachments thereto, is strictly prohibited.
If you have received this e-mail in error, please notify me by replying to
this message and permanently delete the original and any copy of this e-mail
and any printout thereof.

 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<><><>

Re: OT: Career and Social Media

[kz20fl]

Probably more who knows you than who you know, these days


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Michael B. Smith" 
Date: Fri, 22 Mar 2013 18:08:26 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: OT: Career and Social Media

Uh... ouch. :)

-Original Message-
From: Matthew W. Ross [mailto:mr...@ephrataschools.org] 
Sent: Friday, March 22, 2013 1:50 PM
To: NT System Admin Issues
Subject: Re: OT: Career and Social Media

Which just is more evidence for the old point:

It's not necessarily what you know, but who you know...


--Matt Ross
Ephrata School District


- Original Message -
From: Andrew S. Baker
[mailto:asbz...@gmail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Fri, 22 Mar 2013
09:50:35 -0800
Subject: Re: OT: Career and Social Media


> Same here...
> 
> 
> 
> 
> 
> *ASB
> **http://XeeMe.com/AndrewBaker* * 
> **Providing Virtual CIO Services (IT Operations & Information 
> Security) for the SMB market…***
> 
> 
> 
> 
> 
> On Fri, Mar 22, 2013 at 12:26 PM, Michael B. Smith
> wrote:
> 
> >  Most of my engagements today come because of social media. J
> >
> > ** **
> >
> > And then repeat business, of course.
> >
> > ** **
> >
> > *From:* Rod Trent [mailto:rodtr...@myitforum.com]
> > *Sent:* Friday, March 22, 2013 11:39 AM
> >
> > *To:* NT System Admin Issues
> > *Subject:* RE: OT: Career and Social Media
> >
> >  ** **
> >
> > My last two jobs have come about because of social media.
> >
> > ** **
> >
> > ** **
> >
> > *From:* Sam Cayze [mailto:sca...@gmail.com ]
> > *Sent:* Friday, March 22, 2013 11:12 AM
> > *To:* NT System Admin Issues
> > *Subject:* RE: OT: Career and Social Media
> >
> > ** **
> >
> > “With social media you might not have to look for a new job, it 
> > might
> find
> > you”
> >
> > ** **
> >
> > Spot on.  Lately I’m always having recruiters and companies reach 
> > out to me for hire.  I always ask how they find me, and they always 
> > say social media or internet presence.  I haven’t published my 
> > resume anywhere
> (Heck,
> > hardly even active on LinkedIn and it’s not that up to date.  My
> Facebook
> > is strictly personal – but I do keep a ‘clean’ presence on it).
> >
> > ** **
> >
> > Several great offers have come my way.
> >
> > ** **
> >
> > I take it as a sign the IT hiring is really picking up too.
> >
> > ** **
> >
> > Sam
> >
> > ** **
> >
> > ** **
> >
> > ** **
> >
> > *From:* David Lum [mailto:david@nwea.org ]
> > *Sent:* Friday, March 22, 2013 8:43 AM
> > *To:* NT System Admin Issues
> > *Subject:* RE: OT: Career and Social Media
> >
> > ** **
> >
> > In case you haven’t noticed, privacy is becoming history. The 
> > current young generation by and large expects to be able to find out 
> > where there friends and family are, where they eat and shop, and 
> > where they work, and they also have no problems sharing their own 
> > information with people. As these people become older and enter the 
> > corporate world, they will expect to know quite a bit about you 
> > whether or not your resume is any good, and they will likely 
> > influence company rules…
> >
> > ** **
> >
> > The added twist is just by having family on social media, your 
> > information becomes public “I went to my dad’s 40th birthday party 
> > yesterday, not
> too
> > far from the house he was born in”. Presto, your age, date and place 
> > of birth given up in one sentence by someone else.
> >
> > ** **
> >
> > In many ways I see keeping privacy in the same vein as not having a 
> > car or a phone. You can do it, but it takes a concerted effort and a 
> > specific lifestyle to pull it off. (Oddly, I didn’t have this view 
> > until I went
> to a
> > lunch/seminar that was all about security yesterday!).
> >
> > ** **
> >
> > I’m sure when those first came out there were people who said “who
> needs
> > such a thing!”. I went without a smartphone longer than many folks, 
> > but
> to
> > be relevant/competitive in my field it became necessary to get one 
> > (although I still turn off location services except for the specific 
> > times I need them) and I am better off for it as it saves me a lot of time 
> > vs.
> if
> > I were to be without it. 
> >
> > ** **
> >
> > Heck cellphones are now being used to inform different service 
> > providers traffic densities, average speeds, etc. so their mapping 
> > software can tell you how to avoid traffic. Big brother is here, the 
> > difference is it’s
> not
> > like The Truman Show because the participants are also getting the
> benefits
> > of said information.
> >
> > ** **
> >
> > With social media you might not have to look for a new job, it might 
> > find you. I can see in a few years the conversation being “Remember 
> > when we
> had
> > so send resume’s out? How lame!”.
> >
>

Re: virtualization question

[kz20fl]

Well XenApp/RDS etc. is application virtualization of a sort, just being 
nit-picky here


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Jonathan Link 
Date: Fri, 22 Mar 2013 15:15:38 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: virtualization question

This doesn't strike me as a problem virtualization can solve, as stated.
As recommended, this is more of a Citrix or Terminal services issue and
whether you can do what you want is going to be governed by whether or not
the POS is capable of running concurrently in different sessions.  This
really should not be an issue, but you should be sure that the POS software
can do it in a Citrix or Terminal services environment.




On Fri, Mar 22, 2013 at 1:58 PM, Stephen Holtz wrote:

> Ok, another newbie to the world of virtualization here.  I have a POS
> (point of sale) program that I want to be able to be accessed by iPads
> using a RDP client.  However, I would like to put multiple instances of the
> program on a server so that each iPad can access the POS program and keep
> it open during service.  Any help even a starting point would be helpful.*
> ***
>
> ** **
>
> TIA,
>
> ** **
>
> *Stephen L. Holtz, MCSE, MCT*
> Director of Information Technology
> Addison Reserve Country Club
> 7201 Addison Reserve Blvd.
> Delray Beach, Fl. 33446
> Ph: 561-455-1220
> Cell: 561-441-0646
>
> www.addisonreserve.cc
>
> [image: ARLogo][image: PlatinumClub][image: DistinguishedEmerald]
> Proudly recognized as a 5-Star
>
> Platinum Club of America.
>
> ** **
>
> This e-mail, and any attachments thereto, is intended only for use by the
> addressee(s) named herein and may contain legally privileged and/or
> confidential information. If you are not the intended recipient of this
> e-mail, you are hereby notified that any dissemination, distribution or
> copying of this e-mail, and any attachments thereto, is strictly
> prohibited. If you have received this e-mail in error, please notify me by
> replying to this message and permanently delete the original and any copy
> of this e-mail and any printout thereof.
>
> ** **
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<><><>

Re: virtualization question

[kz20fl]

There's a Citrix Receiver for iPads - this might be a situation for XenApp 
Essentials or Fundamentals or whatever its called (Web, please clarify)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Maglinger, Paul" 
Date: Fri, 22 Mar 2013 19:38:24 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: virtualization question

You’re wanting to run multiple VM servers on a single host, one for each iPad, 
and then RDP into that VM using the iPad?
The multiple VMs are feasible, and accessing from RDP is certainly possible.  I 
don’t know about a RDP client for iPads though.

From: Stephen Holtz [mailto:ste...@addisonreserve.cc]
Sent: Friday, March 22, 2013 1:59 PM
To: NT System Admin Issues
Subject: Re: virtualization question

I would like multiple iPads accessing the POS system software.  Each iPad would 
require their own connection and 'terminal' settings in the software.

Sent from my iPhone

On Mar 22, 2013, at 2:18 PM, "Andrew S. Baker" 
mailto:asbz...@gmail.com>> wrote:
Please elaborate on what it is you want to know.  I don't really see a question 
in there.






ASB
http://XeeMe.com/AndrewBaker
Providing Virtual CIO Services (IT Operations & Information Security) for the 
SMB market…




On Fri, Mar 22, 2013 at 1:58 PM, Stephen Holtz 
mailto:ste...@addisonreserve.cc>> wrote:
Ok, another newbie to the world of virtualization here.  I have a POS (point of 
sale) program that I want to be able to be accessed by iPads using a RDP 
client.  However, I would like to put multiple instances of the program on a 
server so that each iPad can access the POS program and keep it open during 
service.  Any help even a starting point would be helpful.

TIA,

Stephen L. Holtz, MCSE, MCT
Director of Information Technology
Addison Reserve Country Club
7201 Addison Reserve Blvd.
Delray Beach, Fl. 33446
Ph: 561-455-1220
Cell: 561-441-0646
www.addisonreserve.cc

Proudly recognized as a 5-Star
Platinum Club of America.

This e-mail, and any attachments thereto, is intended only for use by the 
addressee(s) named herein and may contain legally privileged and/or 
confidential information. If you are not the intended recipient of this e-mail, 
you are hereby notified that any dissemination, distribution or copying of this 
e-mail, and any attachments thereto, is strictly prohibited. If you have 
received this e-mail in error, please notify me by replying to this message and 
permanently delete the original and any copy of this e-mail and any printout 
thereof.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Manage JAVA updates

[kz20fl]

Sometimes you have to dig around a bit to find the msi. Its not an exact 
science IIRC


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Heaton, Joseph@Wildlife" 
Date: Mon, 25 Mar 2013 21:00:52 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Manage JAVA updates

Hmm, followed those directions, but there's nothing in the folder under Appdata.

From: Jonathan Link [mailto:jonathan.l...@gmail.com]
Sent: Monday, March 25, 2013 1:43 PM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: Re: Manage JAVA updates

http://www.java.com/en/download/help/msi_install.xml


On Mon, Mar 25, 2013 at 4:34 PM, Heaton, Joseph@Wildlife 
mailto:joseph.hea...@wildlife.ca.gov>> wrote:
Where do you get the .msi?  I didn't see that option on the website.

From: Sam Cayze [mailto:sca...@gmail.com]
Sent: Tuesday, March 19, 2013 9:18 AM
To: Heaton, Joseph@Wildlife; NT System Admin Issues
Subject: RE: Manage JAVA updates

"turn off that annoying prompt to install the Ask toolbar"

First things first...
Get the offline MSI download meant for corporate installs.
Then you can use anything your heart delights that can push MSI's.  GPO, 
scripts, or any other of the hundreds of patching options.
Personally using ManageEngine myself, and really liking it.  The price point 
was great.

From: Tom Miller [mailto:tominyorkt...@gmail.com]
Sent: Monday, March 18, 2013 8:00 AM
To: NT System Admin Issues
Subject: Manage JAVA updates

Anyone have any suggestions for managing JAVA updates in a corporate 
environment?  At my last job we used the kbox as it was part of the patch 
stream, but the product I use  now does not include JAVA as part of the stream. 
 I'd like to be able to control when updates are performed, do to it silently, 
and to turn off that annoying prompt to install the Ask toolbar.

Thanks,
Tom

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: OfficeFileCache

[kz20fl]

I'm notlong story :-) the software has been configured this way by whoever 
put it in, now I need to prove that it won't break anything the users are 
relying on when I configure it correctly. The usual hurdles :-)


--Original Message--
From: Ben Scott
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Re: OfficeFileCache
Sent: 5 Apr 2013 12:23

On Fri, Apr 5, 2013 at 7:05 AM, James Rankin  wrote:
> I've got some user profiles (well, they're virtualized into an SQL database,
> but that's a moot point) that are showing some large files with a .FSD
> extension in
> \Users\Username\AppData\Local\Microsoft\Office\14.0\OfficeFileCache. The
> database is far too large for this many users, so I am wondering ... if I
> can remove them from being saved into the profile without causing any
> issues?

  The "Local" folder is supposed to be for local-to-the-machine
(non-roaming) files anyway; why are you saving stuff under there in
the first place?

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Outlook 2007 on Citrix attachment issue

[kz20fl]

Hi tony

I think I've seen something similar before. Is outlook personalized via EM?


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Tony Patton 
Date: Fri, 5 Apr 2013 16:23:06 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Outlook 2007 on Citrix 
attachment issue

Hi folks,

We are using XenApp 6 and AppSense Environment Manager 8.2.206 on Server
2008R2 and have a weird issue with Outlook 2007.

When users on a published desktop open an attachment then try to Save As,
they get the following message: This operation has been cancelled due
to restrictions in effect on this computer.

[image: Inline images 1]
When they click OK, they get directed to their home drive on the file
server correctly (folder redirection is in place for My Documents).

If they right-click the attachment in Outlook and choose Save As, there is
no issue.

The C: drive is locked down, hence the error message.

We've tried setting the following registry key "HKCU\Software\Microsof
t\Office\12.0\Outlook\Security\OutlookSecureTempFolder", and
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User
Shell Folders\Personal" but still get the message.

Any help with this issue would be greatly appreciated.  Common sense would
say to just use save as from Outlook, but you know how users are.

TIA

Tony

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<>

Re: Outlook 2007 on Citrix attachment issue

[kz20fl]

Does stopping the appsense services on the xenapp box resolve the issue?

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Tony Patton 
Date: Fri, 5 Apr 2013 16:23:47 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Outlook 2007 on Citrix 
attachment issue

Hi folks,

We are using XenApp 6 and AppSense Environment Manager 8.2.206 on Server
2008R2 and have a weird issue with Outlook 2007.

When users on a published desktop open an attachment then try to Save As,
they get the following message: This operation has been cancelled due
to restrictions in effect on this computer.

[image: Inline images 1]
When they click OK, they get directed to their home drive on the file
server correctly (folder redirection is in place for My Documents).

If they right-click the attachment in Outlook and choose Save As, there is
no issue.

The C: drive is locked down, hence the error message.

We've tried setting the following registry key "HKCU\Software\Microsof
t\Office\12.0\Outlook\Security\OutlookSecureTempFolder", and
"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User
Shell Folders\Personal" but still get the message.

Any help with this issue would be greatly appreciated.  Common sense would
say to just use save as from Outlook, but you know how users are.

TIA

Tony

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<>

Re: Outlook 2007 on Citrix attachment issue

[kz20fl]

If its done by EM, it should be everything.

You could try deleting the Outlook data from PS, if it isn't part of an Office 
application group.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Tony Patton 
Date: Fri, 5 Apr 2013 17:54:07 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Outlook 2007 on Citrix 
attachment issue

Hiya,

Yep, Outlook is personalised via EM, but not 100% sure of what is exactly
customised.


On 5 April 2013 16:37,  wrote:

> **
> Hi tony
>
> I think I've seen something similar before. Is outlook personalized via EM?
>
> Sent from my Blackberry, which may be an antique but delivers email
> RELIABLY
> --
> *From: * Tony Patton 
> *Date: *Fri, 5 Apr 2013 16:23:06 +0100
> *To: *NT System Admin Issues
> *ReplyTo: * "NT System Admin Issues" <
> ntsysadmin@lyris.sunbelt-software.com>
> *Subject: *Outlook 2007 on Citrix attachment issue
>
> Hi folks,
>
> We are using XenApp 6 and AppSense Environment Manager 8.2.206 on Server
> 2008R2 and have a weird issue with Outlook 2007.
>
> When users on a published desktop open an attachment then try to Save As,
> they get the following message: This operation has been cancelled due
> to restrictions in effect on this computer.
>
> [image: Inline images 1]
> When they click OK, they get directed to their home drive on the file
> server correctly (folder redirection is in place for My Documents).
>
> If they right-click the attachment in Outlook and choose Save As, there is
> no issue.
>
> The C: drive is locked down, hence the error message.
>
> We've tried setting the following registry key "HKCU\Software\Microsof
> t\Office\12.0\Outlook\Security\OutlookSecureTempFolder", and 
> "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\User
> Shell Folders\Personal" but still get the message.
>
> Any help with this issue would be greatly appreciated.  Common sense would
> say to just use save as from Outlook, but you know how users are.
>
> TIA
>
> Tony
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<>

Re: Windows DNS scavenging..

[kz20fl]

Hopefully should definitely be there, if I ever get through this legal battle I 
am having over an agency that owe me a load of money.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Mon, 8 Apr 2013 14:57:31 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Windows DNS scavenging..

LOL, that is one of my three topics for my conference presentations this year.  
There are a lot of TechNet and MVP articles on the topics of DNS A&S, DHCP and 
what to do, how it works, scripts, etc.  I am trying to figure out how to cover 
this topic and multiple site, multiple domain configurations and GPO & Loopback 
processing into a 75 minute presentation.  I could easily spend 75 minutes on 
each.  Plus I am also doing a PoSH session on my Citrix documentation scripts 
at each conference.  Hope to meet James Rankin finally in London.

Carl Webster
Consultant and Citrix Technology Professional
http://www.CarlWebster.com


From: David Lum [mailto:david@nwea.org]
Sent: Monday, April 08, 2013 10:33 AM
To: NT System Admin Issues
Subject: Windows DNS scavenging..

Do you guys have it turned on? Have you seen any issues from it, any caveats?
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Blocking executables for the root of a share

[kz20fl]

What GPO prevents execution from a specific folder? Is that a file server 
policy? I'm a little out of date in that area

On the issue stated, I wouldn't let users have the permissions to drop files in 
the root of shared areas


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Tue, 9 Apr 2013 17:45:34 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Blocking executables for the 
root of a share

Our last two virus incidents involved dropping an *.EXE at the root of our 
primary shared drive. Would it make sense to treat the root of a share the same 
as Windows 7 treats %OSDRIVE% and not allow the creation or running of 
executables in the share's root, or is that reacting too specifically to our 
latest events?

Implementing this blocking is relatively straightforward. GPO can prevent the 
execution in specific folder, and McAfee can block the creation of said files.
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Blocking executables for the root of a share

[kz20fl]

Can you make SRPs specific to a share? I thought they were user policies?

(Long time since I used them though)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Miller Bonnie L. 
Date: Tue, 9 Apr 2013 11:07:37 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Blocking executables for 
the root of a share

I would think David is referring to SRPs (Software Restriction Policies) for 
the GPO-based blocking.

-Bonnie

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 09, 2013 10:51 AM
To: NT System Admin Issues
Subject: Re: Blocking executables for the root of a share

What GPO prevents execution from a specific folder? Is that a file server 
policy? I'm a little out of date in that area

On the issue stated, I wouldn't let users have the permissions to drop files in 
the root of shared areas
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: David Lum mailto:david@nwea.org>>
Date: Tue, 9 Apr 2013 17:45:34 +
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: Blocking executables for the root of a share

Our last two virus incidents involved dropping an *.EXE at the root of our 
primary shared drive. Would it make sense to treat the root of a share the same 
as Windows 7 treats %OSDRIVE% and not allow the creation or running of 
executables in the share's root, or is that reacting too specifically to our 
latest events?

Implementing this blocking is relatively straightforward. GPO can prevent the 
execution in specific folder, and McAfee can block the creation of said files.
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Blocking executables for the root of a share

[kz20fl]

Ah right gotcha now - path-based rules. Forgot about that bit :-)

I'm just interested to see how modern SRPs stack up against the software I work 
with.

Ta,



JR

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Miller Bonnie L. 
Date: Tue, 9 Apr 2013 11:36:28 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Blocking executables for 
the root of a share

They are user policies, so if it's SRPs, it would be for those users logging 
on, blocked via UNC or some other connection path.  If these are the only 
accounts with access to the shared resources, it should do the trick.

As someone else mentioned, you could use FSRM on the file server also to block 
*.exe files (and other unwanted executable types).  But, file screens apply to 
subfolders as well, which would each require exceptions as needed, so might not 
be wanted here.

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Tuesday, April 09, 2013 11:26 AM
To: NT System Admin Issues
Subject: Re: Blocking executables for the root of a share

Can you make SRPs specific to a share? I thought they were user policies?

(Long time since I used them though)
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Miller Bonnie L. 
mailto:mille...@mukilteo.wednet.edu>>
Date: Tue, 9 Apr 2013 11:07:37 -0700
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: RE: Blocking executables for the root of a share

I would think David is referring to SRPs (Software Restriction Policies) for 
the GPO-based blocking.

-Bonnie

From: kz2...@googlemail.com 
[mailto:kz2...@googlemail.com]
Sent: Tuesday, April 09, 2013 10:51 AM
To: NT System Admin Issues
Subject: Re: Blocking executables for the root of a share

What GPO prevents execution from a specific folder? Is that a file server 
policy? I'm a little out of date in that area

On the issue stated, I wouldn't let users have the permissions to drop files in 
the root of shared areas
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: David Lum mailto:david@nwea.org>>
Date: Tue, 9 Apr 2013 17:45:34 +
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: Blocking executables for the root of a share

Our last two virus incidents involved dropping an *.EXE at the root of our 
primary shared drive. Would it make sense to treat the root of a share the same 
as Windows 7 treats %OSDRIVE% and not allow the creation or running of 
executables in the share's root, or is that reacting too specifically to our 
latest events?

Implementing this blocking is relatively straightforward. GPO can prevent the 
execution in specific folder, and McAfee can block the creation of said files.
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful

Re: Google Drive

[kz20fl]

Yes, you've got the idea, my portable apps (including Firefox) are installed 
into my Google Drive folder. The idea is, get a new machine, install Google 
Drive, create a shortcut and I have all my apps.

I try not to use them simultaneously on different machines and I have to pause 
the Google sync when I run FF portable, but it mostly worked OK until I lost 
the bookmarks that were sync-ed thru Firefox. I can only assume there was some 
sort of conflict.

The issue with the reappearing Trash in the online version also spooks me, as 
its often the web version that causes the conflicts.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Matthew W. Ross" 
Date: Wed, 10 Apr 2013 09:40:19 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Google Drive

I use Google Drive all the time, at least the online version. I have been 
trying a lot of different "syncing" solutions as of late, as I also have been 
using Dropbox and Cubby.

I have the desktop client on my home PC, but it has not given me any problems. 
It behaves a lot better than Dropbox for me, as Dropbox likes to index every 
time I am forced to reboot, which seems to take an unusually long time.

The client at home I use to drop in PDFs of important mailers I get (Scan to 
FTP, copy to Google Drive) so that I have is wherever I need them.

Otherwise, it's a simple web-based word processor/spreadsheet/drawing tool that 
works anywhere I go.



How are you trying to sync your Firefox bookmarks with Google drive? Are you 
using the Portable Apps version of Firefox, and seeing the problems when you 
are mixing the two together? (Very cool idea, BTW. I just wonder how syncing 
would work if you had it open on multiple computers...)

Doesn't Firefox now have a native bookmark syncing feature, much like Google 
Chrome?


--Matt Ross
Ephrata School District


- Original Message -
From: James Rankin
[mailto:kz2...@googlemail.com]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Wed, 10 Apr 2013
03:37:57 -0800
Subject: Google Drive


> Anyone else using Google Drive and think it is a bit rubbish in general? I
> regularly get sync failures, errors in the software, and if I go to the
> online version and try to empty the Trash folder, everything simply
> reappears as soon as I delete it. I've been using it with Portable Apps and
> recently all my Firefox bookmarks just disappeared, so I am beginning to
> think it might not be really fit for purpose.
> 
> Anyone else had similar issues, or got any feedback to report?
> 
> Cheers,
> 
> 
> 
> -- 
> *James Rankin*
> Technical Consultant (ACA, CCA, MCTS)
> http://appsensebigot.blogspot.co.uk
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Google Drive

[kz20fl]

Citrix have a similar approach

"If it doesn't work, give it a new name. If it does work, give it a new name 
too."

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ben Scott 
Date: Wed, 10 Apr 2013 13:28:32 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Google Drive

On Wed, Apr 10, 2013 at 12:49 PM, Matthew W. Ross
 wrote:
>>   Wait for the next Service Pack... er, sorry, wrong vendor.
>
> It's odd: Microsoft is producing fewer and fewer service packs over the years.

  No, they're not.  If anything, they're producing more.  They're just
calling them "Cumulative Updates" and "Update Rollups" and "Feature
Packs" and other names now.

  The party line is that one kind of package is for just fixes and the
other is more for new functionality, but they have said that in the
past about Service Packs, too (and also said the opposite, and changed
their minds, multiple times), and the supposedly smaller updates still
include major changes (e.g., you need a CU for Exchange '10 to work
with Exchange '13, which is kind of a big deal), so as far as I can
tell, nothing's changed.

  It's a standard technique for big companies: "If it doesn't work,
give it a new name.  If it still doesn't work, the new name wasn't
long enough."

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Google Drive

[kz20fl]

Maybe I should have mentioned I'm using the PortableApps.com AppLauncher from 
within Google Drive. This seems to keep all the apps working quite well - 
except FF. They even update themselves, which is well cool.

The reason the sync has to be paused while using FF is because Google Drive 
seems to bork after a load of retries with locked files. All the other apps 
work fine - but to be honest, none of them are particularly complex.

I was just wondering if anyone else had had any success with similar setups but 
maybe using different providers? It seemed like a nice way to decouple my apps 
from the OS without the infrastructure and management overhead of stuff like 
Citrix, App-V, and the like, but for anything particularly complicated such as 
a browser with sync capability, it doesn't seem to be a reliable fit. Unless 
it's the interplay between FF's built-in synchronization and the app 
synchronization that is giving me problems? I may try turning off the native FF 
bookmark sync and see how it goes.

Interesting discussion anyway!

Cheers,



JR

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Matthew W. Ross" 
Date: Wed, 10 Apr 2013 10:52:38 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Google Drive

> Yes, you've got the idea, my portable apps (including Firefox) are installed
> into my Google Drive folder. The idea is, get a new machine, install Google
> Drive, create a shortcut and I have all my apps.
 
I like the idea... but I don't. There are a lot of PortlableApps that don't 
work well unless they can see an acutal drive letter, and most of them like to 
be in the root of the drive (i.e.: x:\PortableApps)

Here's an idea: Make robocopy script that does that sync. Use Google Drive as a 
backup (or Dropbox, or whatever) and viola.

> I try not to use them simultaneously on different machines and I have to
> pause the Google sync when I run FF portable, but it mostly worked OK until
> I lost the bookmarks that were sync-ed thru Firefox. I can only assume there
> was some sort of conflict.

Pausing the sync? Sounds like that might be the reason you're getting issues.

> The issue with the reappearing Trash in the online version also spooks me,
> as its often the web version that causes the conflicts.

Imagine if you pause the sync, then turn it back on... maybe that's why your 
"Re-syncing" your trash?


--Matt Ross
Ephrata School District


- Original Message -
From: kz2...@googlemail.com
To: NT System
Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Wed, 10
Apr 2013 10:01:31 -0800
Subject: Re: Google Drive


> Yes, you've got the idea, my portable apps (including Firefox) are installed
> into my Google Drive folder. The idea is, get a new machine, install Google
> Drive, create a shortcut and I have all my apps.
> 
> I try not to use them simultaneously on different machines and I have to
> pause the Google sync when I run FF portable, but it mostly worked OK until
> I lost the bookmarks that were sync-ed thru Firefox. I can only assume there
> was some sort of conflict.
> 
> The issue with the reappearing Trash in the online version also spooks me,
> as its often the web version that causes the conflicts.
> 
> 
> Sent from my Blackberry, which may be an antique but delivers email RELIABLY
> 
> -Original Message-
> From: "Matthew W. Ross" 
> Date: Wed, 10 Apr 2013 09:40:19 
> To: NT System Admin Issues
> Reply-To: "NT System Admin Issues"
> Subject: Re: Google Drive
> 
> I use Google Drive all the time, at least the online version. I have been
> trying a lot of different "syncing" solutions as of late, as I also have
> been using Dropbox and Cubby.
> 
> I have the desktop client on my home PC, but it has not given me any
> problems. It behaves a lot better than Dropbox for me, as Dropbox likes to
> index every time I am forced to reboot, which seems to take an unusually
> long time.
> 
> The client at home I use to drop in PDFs of important mailers I get (Scan to
> FTP, copy to Google Drive) so that I have is wherever I need them.
> 
> Otherwise, it's a simple web-based word processor/spreadsheet/drawing tool
> that works anywhere I go.
> 
> 
> 
> How are you trying to sync your Firefox bookmarks with Google drive? Are you
> using the Portable Apps version of Firefox, and seeing the problems when you
> are mixing the two together? (Very cool idea, BTW. I just wonder how syncing
> would work if you had it open on multiple computers...)
> 
> Doesn't Firefox now have a native bookmark syncing feature, much like Google
> Chrome?
> 
> 
> --Matt Ross
> Ephrata School District
> 
> 
> - Original Message -
> From: James Rankin
> [mailto:kz2...@googlemail.com]
> To: NT System Admin Issues
> [mailto:ntsysadmin@lyris.sunbelt-software.com]
> Sent: Wed, 10 Apr 2013
> 03:37:57 -0800
> Subject: Google Drive
> 
> 
> > Anyone else using Google Drive and think it is a bit ru

Re: Google Drive

[kz20fl]

SkyDrive Pro appears to be making some headway now too - based around the usual 
MS attack vector of "it's free with whatever license you're already paying us 
for"


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Matthew W. Ross" 
Date: Wed, 10 Apr 2013 10:54:38 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Google Drive

I really need to try SkyDrive. It's mostly my negative bias toward Microsoft 
that has stopped me from trying it.

That, and they killed their old Live Sync.


--Matt Ross
Ephrata School District


- Original Message -
From: Tobie Fysh
[mailto:tobie.f...@freebridge.org.uk]
To: NT System Admin Issues
[mailto:ntsysadmin@lyris.sunbelt-software.com]
Sent: Wed, 10 Apr 2013
10:25:05 -0800
Subject: RE: Google Drive


> If we are throwing out our fav syncing tools SkyDrive rocks, Windows,
> Windows RT and Windows Phone all in sync.
> 
> Sent from my Windows Phone
> 
> From: Matthew W. Ross
> Sent: ‎10/‎04/‎2013 18:15
> To: NT System Admin Issues
> Subject: Re: Google Drive
> 
> I use Google Drive all the time, at least the online version. I have been
> trying a lot of different "syncing" solutions as of late, as I also have
> been using Dropbox and Cubby.
> 
> I have the desktop client on my home PC, but it has not given me any
> problems. It behaves a lot better than Dropbox for me, as Dropbox likes to
> index every time I am forced to reboot, which seems to take an unusually
> long time.
> 
> The client at home I use to drop in PDFs of important mailers I get (Scan to
> FTP, copy to Google Drive) so that I have is wherever I need them.
> 
> Otherwise, it's a simple web-based word processor/spreadsheet/drawing tool
> that works anywhere I go.
> 
> 
> 
> How are you trying to sync your Firefox bookmarks with Google drive? Are you
> using the Portable Apps version of Firefox, and seeing the problems when you
> are mixing the two together? (Very cool idea, BTW. I just wonder how syncing
> would work if you had it open on multiple computers...)
> 
> Doesn't Firefox now have a native bookmark syncing feature, much like Google
> Chrome?
> 
> 
> --Matt Ross
> Ephrata School District
> 
> 
> - Original Message -
> From: James Rankin
> [mailto:kz2...@googlemail.com]
> To: NT System Admin Issues
> [mailto:ntsysadmin@lyris.sunbelt-software.com]
> Sent: Wed, 10 Apr 2013
> 03:37:57 -0800
> Subject: Google Drive
> 
> 
> > Anyone else using Google Drive and think it is a bit rubbish in general? I
> > regularly get sync failures, errors in the software, and if I go to the
> > online version and try to empty the Trash folder, everything simply
> > reappears as soon as I delete it. I've been using it with Portable Apps
> and
> > recently all my Firefox bookmarks just disappeared, so I am beginning to
> > think it might not be really fit for purpose.
> >
> > Anyone else had similar issues, or got any feedback to report?
> >
> > Cheers,
> >
> >
> >
> > --
> > *James Rankin*
> > Technical Consultant (ACA, CCA, MCTS)
> > http://appsensebigot.blogspot.co.uk
> >
> > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> > ~  ~
> >
> > ---
> > To manage subscriptions click here:
> > http://lyris.sunbelt-software.com/read/my_forums/
> > or send an email to
> listmana...@lyris.sunbeltsoftware.com
> > with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~  ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to
> listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> 
> This message has been scanned by MimeCast on behalf of Freebridge Community
> Housing and found to be free of viruses and not SPAM. If you have any
> concerns about the message contents please contact the ICT ServiceDesk.
> 
> 
> http://www.freebridge.org.uk
> http://twitter.com/Freebridge
> http://www.facebook.com/pages/Kings-Lynn-United-Kingdom/Freebridge-Community-Housing/192690183387?v=box_3
> 
> This e-mail (including any attachments), is confidential and intended only
> for the use of the addressee(s). It may contain information covered by
> legal, professional or other privilege. If you are not an addressee, please
> inform the sender immediately and destroy this e-mail. Do not copy, use or
> disclose this e-mail.
> E-mail transmission cannot be guaranteed to be secure or error free. The
> sender does not accept liability for any errors or omissions in the contents
> of this message which ar

Re: .ZIP file e-mail attachments

[kz20fl]

Symantec is well known to impact system performance in the same way malware 
does, so the rule stands ;-)


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Sam Cayze" 
Date: Wed, 10 Apr 2013 13:46:57 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: .ZIP file e-mail attachments

My Symantec Enterprise license keys come in a 1KB ZIP file.

 

So. No.  Too risky.

 

From: Crawford, Scott [mailto:crawfo...@evangel.edu] 
Sent: Wednesday, April 10, 2013 7:31 AM
To: NT System Admin Issues
Subject: RE: .ZIP file e-mail attachments

 

Clever 

Sent from my Windows Phone

  _  

From: Mark Boersma
Sent: 4/9/2013 10:20 AM
To: NT System Admin Issues
Subject: RE: .ZIP file e-mail attachments

My policy is to block zip files by size.  If you block all zips smaller than
500k you'll stop all the viruses.  Allow zips larger than 500k and those
will be the legit files.  Sounds sort of silly but it absolutely works.
Obviously I have scanners and such running too but that is my attachment
policy.

 

Mark

-

Two rules for success in life:

1. Never tell people everything you know.

 

 

From: Mayo, Bill [mailto:bill.m...@pittcountync.gov] 
Sent: Tuesday, April 9, 2013 10:55 AM
To: NT System Admin Issues
Subject: RE: .ZIP file e-mail attachments

 

We mostly rely on our appliance (IronPort) to catch them, but we do have a
special rule that quarantines any password-protected ZIP files (because the
appliance can't inspect those).

 

From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, April 09, 2013 10:51 AM
To: NT System Admin Issues
Subject: .ZIP file e-mail attachments

 

Do any of you guys still allow this? I ask because at %formerjob% they were
blocked, but %dayjob% allows them, and last week and today we've received
infected .ZIP files. Last week was another autorun outbreak, today we caught
it before anyone actually ran it. We keep getting latest and greatest
variants "First seen by VirusTotal 2013-04-09 09:51:15 UTC (4 hours, 58
minutes ago)".  Grr.

David Lum 
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Google Drive

[kz20fl]

I once remember talking a customer through a software upgrade using 5.25" 
disks. When I told him to shut the door (of the drive), I can still recall 
hearing the sound of his office door closing down the phone. One of many 
priceless moments as I learned my trade on the front line of support.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Guyer, Don" 
Date: Fri, 12 Apr 2013 14:12:43 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Google Drive

and use them as Chinese Stars...

Regards,

Don Guyer
Catholic Health East - Information Technology
Enterprise Directory & Messaging Services
3805 West Chester Pike, Suite 100, Newtown Square, Pa  19073
email: dgu...@che.org
Office:  610.550.3595 | Cell: 610.955.6528 | Fax: 610.271.9440
For immediate assistance, please open a Service Desk ticket or call the 
helpdesk @ 610-492-3839.
[cid:image001.jpg@01CE3787.CCE90920]

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Friday, April 12, 2013 1:28 PM
To: NT System Admin Issues
Subject: Re: Google Drive

5.25" floppies were the ultimate in reliability.  You could put them into your 
pocket, folder them up, and even spill soda on them.  (I recovered data from 
two different soda spill scenarios)

I suspect that the feeble density of the data is what helped us with those, and 
what kills us with everything else.  :)




ASB
http://XeeMe.com/AndrewBaker
Providing Virtual CIO Services (IT Operations & Information Security) for the 
SMB market...






~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Confidentiality Notice:
This e-mail, including any attachments is the
property of Catholic Health East and is intended
for the sole use of the intended recipient(s). 
It may contain information that is privileged and
confidential.  Any unauthorized review, use,
disclosure, or distribution is prohibited. If you are
not the intended recipient, please delete this message, and
reply to the sender regarding the error in a separate email.
 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
<>

Re: PowerShell noob help

[kz20fl]

Its amazing how much useful stuff is out there on 'tinterwebs :-)

As I left I discovered an external wired broadband connection that clearly 
someone has set up to avoid this killer web filter. Tomorrow should be more 
productive (yet less secure, possibly?)

Cheers,


JR

--Original Message--
From: Ben Scott
To: NT System Admin Issues
ReplyTo: NT System Admin Issues
Subject: Re: PowerShell noob help
Sent: 16 Apr 2013 19:11

On Tue, Apr 16, 2013 at 12:57 PM, James Rankin  wrote:
> Ben, you're a wizard, that worked first time out :-)

  I am but a humble student.  Indeed, I'm getting my feet wet with
PoSh for "real use" for the first time these past few weeks.  Part of
the reason I did this was to learn how to do it.  I had to learn
Select-String last week, but didn't know how to retrieve captured
groups yet, nor how to write to the registry.  So we both learned some
things!

  It helps that I had the web at my end of the thread.  :-)

-- Ben

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Sent from my Blackberry, which may be an antique but delivers email RELIABLY
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Dropsmack Malware C&C via Dropbox

[kz20fl]

The software I use has an "endpoint analysis" mode, kinda like a passive mode, 
that creates whitelists for you. Using this, you should be able to ensure 
everything works before going live. Add to this the alerting is very good so 
false positives get quickly dealt with.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ken Schaefer 
Date: Wed, 17 Apr 2013 00:27:19 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Dropsmack Malware C&C via 
Dropbox

What happens when the business relies a lot on Access DBs, Excel spreadsheets 
etc.?
Do I have to whitelist every macro? Am I still at risk of data 
loss/corruption/exfiltration?

Cheers
Ken

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Wednesday, 17 April 2013 12:54 AM
To: NT System Admin Issues
Subject: Re: Dropsmack Malware C&C via Dropbox

Whitelisting can be a lot of work, if you haven't got a flexible technology. 
There are various vendors in the space and some of them take a lot of the 
donkey-work out of it for you, whilst still maintaining (as far as I've seen) 
decent security. But I totally agree that it's still at the whim of the person 
with their fingers on the controls - if the admin allows a bad executable, then 
you're in trouble.

That can only be mitigated by belt-and-braces approaches, really, relying on 
old-style reactive AV or IDS/IPS or whatever to catch the bad executable that's 
somehow bypassed your processes and controls.

There is another load of tech springing up around MDM, MIM, MAM or whatever TLA 
you choose to describe it. It's another big set of challenges though. At the 
moment I am concentrating on extending the agents I have to MacOS devices 
rather than worrying about tablets and mobiles yet. I can avoid some of the 
pain at the moment by deploying Windows apps and desktops via Citrix to the 
mobile devices rather than letting users manipulate corporate data directly, 
but it's something I will no doubt get asked to get involved in sometime in the 
future :-)

But it's all so fun keeping up with user trends, isn't it? Maybe if we try 
really hard to get on top of the possibilities right now we can approach BYOD 
from a security perspective rather than just getting bullied into making it 
happen too quickly and having to catch all the security issues while 
firefighting :-)

Cheers,



JR
On 16 April 2013 15:36, Ziots, Edward 
mailto:ezi...@lifespan.org>> wrote:
James,

I agree on the application whitelisting front. But its a lot of work and its 
still based on trust. ( If you trust something bad) then you have still let the 
determined attacker in the door, but the caveat is if you control the code 
execution on your endpoints, then you change the game into your favor.

Other aspects to think of:

Will application whitelisting work for mobile devices: (Iphone, Android, 
Tablets, all of which can act like storage devices in a way.

Questions to be answered:

Which devices do you allow to be attached to your systems to transfer data? 
(Policies, procedures, enforcement with technical controls and auditing and 
followup with administrative controls for compliance? (Do we allow the Apple 
devices, but not the Android, or do we allow just Ironkey devices, and whom 
should have them and what data should they be able to take ( DLP/DRM etc etc)

And we all should know by now that AV is next near worthless against current 
malware trends, so why does the compliance regulations still require this ( 
PCI-DSS especially).

Working on App whitelisting right now, its been interesting and complex at the 
time, but at the end I feel it will be worth it.




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Can you do this with .CMD?

[kz20fl]

You could certainly do it in VBScript, I reckon, which XP should deal with.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: David Lum 
Date: Wed, 17 Apr 2013 20:23:23 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Can you do this with .CMD?

Use a batch file to launch an application and then send two carriage returns to 
this app? I can do one, but not two. Running the program is asks for username 
(hitting ENTER it uses a default, which is desired), then when you hit  it 
asks for a password.

My batch file looks like this:
programtorun < c:\windows\temp\answerfile.txt

Answerfile.txt contains

Password 

The app runs but sits and waits for the password, so it's only processesing the 
first . Surely this is a simple one? Some pipe command? Maybe I should get 
out my old DOS 5.0 book...

Please, no PoSh because I have tons of XP machines that need to run this...
David Lum
Sr. Systems Engineer // NWEATM
Office 503.548.5229 // Cell (voice/text) 503.267.9764


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: list admins?

[kz20fl]

Donald Bittenbender?
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ryan Finnesey 
Date: Thu, 18 Apr 2013 05:06:30 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: list admins?

I am having an issue where the listserv keeps removing me from the list or 
putting me on mail hold because messages the system try's to send are bounding 
back.  I have tried two different e-mail accounts and am having the same 
issues.  I was hoping to talk with someone that is running the listserv and see 
if I can get more information from the SMTP logs.

From: Jon Harris [mailto:jk.har...@live.com]
Sent: Thursday, April 18, 2013 12:14 AM
To: NT System Admin Issues
Subject: RE: list admins?

I don't think so it is someone with GFI but I can't remember his name.  If I am 
remembering correctly his last name begins with a B but beyond that my old age 
has caught me.

Jon


From: r...@finnesey.com
To: 
ntsysadmin@lyris.sunbelt-software.com
Subject: list admins?
Date: Thu, 18 Apr 2013 04:09:20 +
Does Stu still manage the listserv?

Cheers
Ryan

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Dropsmack Malware C&C via Dropbox

[kz20fl]

I can only speak to the software I am familiar with, but within that there is 
an extreme amount of granularity and it probably would be able to meet your 
needs.

I would, however, need to do a much more detailed analysis and testing phase to 
prove beyond doubt that it could do what you required :-)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ken Schaefer 
Date: Wed, 17 Apr 2013 22:04:13 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Dropsmack Malware C&C via 
Dropbox

What do we do if we have a few thousand Excel spreadsheets with critical 
business processes and information in them? How do I "whitelist" only the good 
spreadsheets and macros? (i.e. is that level of granularity supported?) and 
secondly, what is the overhead in maintaining this - especially when is it 
analysts/traders etc (i.e. effectively end users and their IT support) that are 
developing these - something would be changing on a daily basis?

Cheers
Ken

From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, 17 April 2013 11:33 PM
To: NT System Admin Issues
Subject: RE: Dropsmack Malware C&C via Dropbox

Agreed, same solution I am using, does the same function and if there is any 
blocks, its dealt with quickly before going live.

Z

Edward E. Ziots, CISSP, CISA, Security +, Network +
Security Engineer
Lifespan Organization
ezi...@lifespan.org
Work:401-444-9081


This electronic message and any attachments may be privileged and confidential 
and protected from disclosure. If you are reading this message, but are not the 
intended recipient, nor an employee or agent responsible for delivering this 
message to the intended recipient, you are hereby notified that you are 
strictly prohibited from copying, printing, forwarding or otherwise 
disseminating this communication. If you have received this communication in 
error, please immediately notify the sender by replying to the message. Then, 
delete the message from your computer. Thank you.
[Description: Description: Lifespan]


From: kz2...@googlemail.com 
[mailto:kz2...@googlemail.com]
Sent: Tuesday, April 16, 2013 11:47 PM
To: NT System Admin Issues
Subject: Re: Dropsmack Malware C&C via Dropbox

The software I use has an "endpoint analysis" mode, kinda like a passive mode, 
that creates whitelists for you. Using this, you should be able to ensure 
everything works before going live. Add to this the alerting is very good so 
false positives get quickly dealt with.
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Ken Schaefer mailto:k...@adopenstatic.com>>
Date: Wed, 17 Apr 2013 00:27:19 +
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: RE: Dropsmack Malware C&C via Dropbox

What happens when the business relies a lot on Access DBs, Excel spreadsheets 
etc.?
Do I have to whitelist every macro? Am I still at risk of data 
loss/corruption/exfiltration?

Cheers
Ken

From: James Rankin [mailto:kz2...@googlemail.com]
Sent: Wednesday, 17 April 2013 12:54 AM
To: NT System Admin Issues
Subject: Re: Dropsmack Malware C&C via Dropbox

Whitelisting can be a lot of work, if you haven't got a flexible technology. 
There are various vendors in the space and some of them take a lot of the 
donkey-work out of it for you, whilst still maintaining (as far as I've seen) 
decent security. But I totally agree that it's still at the whim of the person 
with their fingers on the controls - if the admin allows a bad executable, then 
you're in trouble.

That can only be mitigated by belt-and-braces approaches, really, relying on 
old-style reactive AV or IDS/IPS or whatever to catch the bad executable that's 
somehow bypassed your processes and controls.

There is another load of tech springing up around MDM, MIM, MAM or whatever TLA 
you choose to describe it. It's another big set of challenges though. At the 
moment I am concentrating on extending the agents I have to MacOS devices 
rather than worrying about tablets and mobiles yet. I can avoid some of the 
pain at the moment by deploying Windows apps and desktops via Citrix to the 
mobile devices rather than letting users manipulate corporate data directly, 
but it's something I will no doubt get asked to get involved in sometime in the 
future :-)

But it's all so fun keeping up with user trends, isn't it? Maybe if we try 
really hard to get on top of the possibilities right now we can approach BYOD 
from a security perspective rather than just getting bullied into making it 
happen too quickly and having to catch all the security issues while 
firefighting :-)

Cheers,



JR
On 16 April 2013 15:36, Ziots, Edward 
mailto:ezi...@lifespan.org>> wrote:
James,

I agree on the application whitelisting front

Re: list admins?

[kz20fl]

Beats me...don't think he monitors as much as Stu used to, if he does

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Ryan Finnesey 
Date: Thu, 18 Apr 2013 05:19:18 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: list admins?

Does he monitor this list or should I try and email him directly?

From: kz2...@googlemail.com [mailto:kz2...@googlemail.com]
Sent: Thursday, April 18, 2013 1:08 AM
To: NT System Admin Issues
Subject: Re: list admins?

Donald Bittenbender?
Sent from my Blackberry, which may be an antique but delivers email RELIABLY

From: Ryan Finnesey mailto:r...@finnesey.com>>
Date: Thu, 18 Apr 2013 05:06:30 +
To: NT System Admin 
Issuesmailto:ntsysadmin@lyris.sunbelt-software.com>>
ReplyTo: "NT System Admin Issues" 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Subject: RE: list admins?

I am having an issue where the listserv keeps removing me from the list or 
putting me on mail hold because messages the system try's to send are bounding 
back.  I have tried two different e-mail accounts and am having the same 
issues.  I was hoping to talk with someone that is running the listserv and see 
if I can get more information from the SMTP logs.

From: Jon Harris [mailto:jk.har...@live.com]
Sent: Thursday, April 18, 2013 12:14 AM
To: NT System Admin Issues
Subject: RE: list admins?

I don't think so it is someone with GFI but I can't remember his name.  If I am 
remembering correctly his last name begins with a B but beyond that my old age 
has caught me.

Jon


From: r...@finnesey.com
To: 
ntsysadmin@lyris.sunbelt-software.com
Subject: list admins?
Date: Thu, 18 Apr 2013 04:09:20 +
Does Stu still manage the listserv?

Cheers
Ryan

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Synchronize booksmarks?

[kz20fl]

Xmarks used to be great. I'm glad they're back. I will be giving them a try 
again but they were well good last time I used their product.

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Free, Bob" 
Date: Fri, 19 Apr 2013 17:49:21 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Synchronize booksmarks?

xmarks looks very intriguing. I like the parent company and their flagship 
product so that's a big plus in my mind.

Anyone use it for a while and care to comment?

I'd love to have bookmarks synched between my iThing, multiple laptops and 
Surface running different browsers, looks like the premium can do most of that.

From: Mike Wiebke [mailto:m...@yahoo.com]
Sent: Thursday, April 18, 2013 6:25 AM
To: NT System Admin Issues
Subject: [dkim-failure] Re: Synchronize booksmarks?

Xmarks http://www.xmarks.com



From: Tom Miller mailto:tominyorkt...@gmail.com>>
To: NT System Admin Issues 
mailto:ntsysadmin@lyris.sunbelt-software.com>>
Sent: Thursday, April 18, 2013 8:09 AM
Subject: Synchronize booksmarks?


Our users use Firefox and Internet Explorer.  Are there any utilities that I 
could use so that the booksmarks between browsers are synchronized?

Tom
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


PG&E is committed to protecting our customers' privacy. 
To learn more, please visit http://www.pge.com/about/company/privacy/customer/

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

LoJack

[kz20fl]

Does anyone know if LoJack CompuTrace can be activated without the software 
installed? I am looking into this sort of software for a client but am not sure 
whether it needs to actually have the software installed or if the embedded 
BIOS feature does everything required? Their website isn't particularly clear 
about it and most Googling just turns up people complaining about civil 
liberties.

TIA,


JR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Very weird file rename issue

[kz20fl]

Reminds me why I hate the Offline Files feature - generally naff.

Wherever its possible, if the functionality is needed I try to replace it with 
some cloudy sorta solution.


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Webster 
Date: Tue, 23 Apr 2013 19:59:28 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Very weird file rename issue

Is this it?  http://support.microsoft.com/kb/953945

Thanks


Webster

From: Damien Solodow [mailto:damien.solo...@harrison.edu]
Subject: Very weird file rename issue

I've encountered a very odd issue around renaming files on a network drive.
The file is in the user's redirected "My Documents", and they are the owner of 
said file and have Full Control for it in the NTFS permissions.

When they try to rename the file to replace a lowercase letter with the same 
letter in uppercase, they get a message that says "You need permission to 
perform this action. You require permission for OUR_DOMAIN\Their.username to 
make changes to this file."

However, if they rename the file and replace that letter with something 
different, it's fine.

So for example, the file is called 'firstName.txt' and they try to rename it to 
'FirstName.txt' it will throw the error. But if they rename it to 
'LirstName.txt' it's happen. They can then rename it to 'FirstName.txt' and 
it's fine.

The clients are all Windows 7 Enterprise x64 SP1, but I have seen this on 
remote file servers that are Windows 2003 as well as 2008 R2. It doesn't seem 
to matter what the file type is (text, WordDoc, etc), and doesn't happen on 
local drives.

Anyone seen this oddity before?

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: When is a domain admin not a domain admin

[kz20fl]

SQL security is different, is the builtin Admin denied some rights in SQL 
Management Studio?

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Graeme Carstairs 
Date: Thu, 25 Apr 2013 11:03:13 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: When is a domain admin not a 
domain admin

Hi,

I hvae inherited a site, that was once SBS 2003 and is now SBS 2008.
The *domain\*administrator account appears to have full access ot all
servers, pc's etc as expected

But

If I set-up another user account with the exact same group membership as
the *domain\* administrator account it doesn't

Whilst you can install software etc, there are somethings you cant do, like
running SQL scripts ont here SQL server.

Install certain software that makes unusual changes to the registry, like
there is one type of permission or group memebership blocked.

e.g. Sage 200 Client installing as *domain\*administrator then no problem,
but installing as a copied account *domain*\admin2 it fails and the Sage
support shows that it is being denied access to the registry.

Also WSUS, detaching the database to copy to another drive and reattach,
using admin2
detach works and you can move it but it wont attach as permissions failure,*
 *domain*\administrator * it works fine.

I have looked htrough the GPOS etc and made sure they were members of the
same groups but cannot see anyreason why.


This is across all client PC's and Servers..




-- 
Good news everyone, you have just received an e-mail from me!

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Startup processes

[kz20fl]

On a Windows system, is there a process that runs on startup that will only run 
if there is network connectivity present? I've got a strange requirement and I 
need to be able to tell when the network is available, if possible.

TIA,


JR


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: ALERT : NTSYSADMIN LIST MIGRATION

[kz20fl]

Does this include the feature of "messages posting within half an hour of 
sending them"? :-)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: s...@knowbe4.com
Date: Thu, 25 Apr 2013 14:44:58 
To: 
Reply-To: "NT System Admin Issues" 
Subject: ALERT :  NTSYSADMIN LIST MIGRATION


    
Hi All, 
    
You are invited to the new NTSYSADMIN list hosted by 
KnowBe4.   
    
This replaces the Lyris list hosted by Sunbelt Software 
/ GFI,  
which will shut down at the end of this month.  

    
GFI will confirm this with a separate message.  
    
I will continue to moderate the NTSYSADMIN list from 
KnowBe4.   
    
Warm regards,   
    
Stu  
~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: ALERT : NTSYSADMIN LIST MIGRATION

[kz20fl]

Yeah, try +1 :-)

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Phil Hershey" 
Date: Thu, 25 Apr 2013 12:21:38 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: ALERT :  NTSYSADMIN LIST 
MIGRATION

Stu,

 

Not seeing anything on the KnowBe3.com website that looks like The List.
Do you have a link we need to follow?

 

 

 

-Philip Hershey

 

This communication, including attachments, is for the exclusive use of
addressee and may contain proprietary, confidential and/or privileged
information. If you are not the intended recipient, any use, copying,
disclosure, dissemination or distribution is strictly prohibited. If you
are not the intended recipient, please notify the sender immediately by
return e-mail, delete this communication and destroy all copies.

 

From: s...@knowbe4.com [mailto:s...@knowbe4.com] 
Sent: Thursday, April 25, 2013 11:45 AM
To: lyris.sunbelt-software.com
Subject: ALERT : NTSYSADMIN LIST MIGRATION

 

 

Hi All,

 

You are invited to the new NTSYSADMIN list hosted by KnowBe4. 

 

This replaces the Lyris list hosted by Sunbelt Software / GFI, 

which will shut down at the end of this month.  

 

GFI will confirm this with a separate message.

 

I will continue to moderate the NTSYSADMIN list from KnowBe4. 

 

Warm regards,

 

Stu


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Disk space management software

[kz20fl]

Treesize too

Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: Erik Goldoff 
Date: Fri, 26 Apr 2013 12:32:45 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: Re: Disk space management software

Just FYI, but there *is* a Portable version of windirstat too ( I use
it on client's systems specifically because it doesn't need to be
"installed"

YMMV

On Fri, Apr 26, 2013 at 12:05 PM, Angus Scott-Fleming
 wrote:
> On 26 Apr 2013 at 14:04, Tammy George  wrote:
>
>> Looking for opinions on disk space management software. We're getting low
>> on space and would like to analyze our user data to find out what is 
>> using
>> up the space. Thanks in advance! - Tammy
>
> I use Spacemonger 1.4, the last free version.  Prefer it to WinDirStat as it 
> is
> a standalone executable which doesn't have to be "installed".
>
> Old SpaceMonger v1.x
> http://www.sixty-five.cc/sm/v1x.php
>
> Download link is at the bottom of this page:
>
> http://www.sixty-five.cc/download/
>
> Grab it while you can, looks like the company has folded.  But the software
> still works great!
>
> --
> Angus Scott-Fleming
> GeoApps, Tucson, Arizona
> 1-520-290-5038
> Security Blog: http://geoapps.com/
>
>
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Disk space management software

[kz20fl]

That describes me too


Sent from my Blackberry, which may be an antique but delivers email RELIABLY

-Original Message-
From: "Free, Bob" 
Date: Fri, 26 Apr 2013 20:44:59 
To: NT System Admin Issues
Reply-To: "NT System Admin Issues" 
Subject: RE: Disk space management 
software

Cheap, fast and oft overlooked is du - 
http://technet.microsoft.com/en-us/sysinternals/bb896651


From: Tammy George [mailto:tammy.geo...@acadiau.ca]
Sent: Friday, April 26, 2013 7:05 AM
To: NT System Admin Issues
Subject: [dkim-failure] Disk space management software

Looking for opinions on disk space management software.  We're getting low on 
space and would like to analyze our user data to find out what is using up the 
space.

Thanks in advance!
- Tammy

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


PG&E is committed to protecting our customers' privacy. 
To learn more, please visit http://www.pge.com/about/company/privacy/customer/

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin