Daily IT Matters [DIM]

Today I got my first certification of experts-exchange. I achieved the Master Level in the Microsoft Network topic area.   experts-exchange.com , Microsoft Network , Cerified , expert

http://www.microsoft.com/technet/community/columns/secmvp/sv0405.mspx I found this great article because at our company we needed to implement just this! read and weep...   How ISA Server 2004 Provides SSL VPN Functionality for Outlook Web Access and RPC over HTTP Published: April 13, 2005 Remote access to resources hosted on the corporate network has become a requirement for organizations seeking to successfully compete in today’s Internet-connected business landscape. Off-site employees, home workers, traveling executives, and sales people all require anytime, anywhere access to information hosted on the corporate network. Because of these information needs, Microsoft Exchange Server is one of the most critical information resources that companies maintain on their corporate networks. The challenge for IT and security professionals is to enhance the competitive position of their companies by providing remote access to Exchange Server resources in a private, secure, and reliable f

Robocopy is one of my top ten tools I have been using for years. I often recommend it to people asking how to migrate fileservers, copy files over the network, pretty much anytime you need to copy more than a few files. Now robocopy is pretty powerful but it is a command line tool and there are still a lot of people who prefer the point and click ease of the GUI. Well now Robocopy has a GUI! You can download Robocopy GUI here!   robocopy , gui , fileservers

Can I prevent my employees from installing Google Desktop? Google Desktop supports a group-policy flag in the registry to limit or prevent installation. An administrator can control installation by configuring the "minimum_allowed_version" and "maximum_allowed_version" values under the "HKLM\Software\Policies\Google\Google Desktop\Enterprise" subkey. These two values control which Google Desktop versions are allowed to install. Google Desktop versions are expressed with numbers corresponding to the build date, such as 2.2005.0401.0600. To see the version number, just click on the "About" link on the Google Desktop page for the given installation. To limit the version, configure the minimum_allowed_version and maximum_allowed_version values (type:REG_SZ) using the version number. To completely prevent installation, configure the maximum_allowed_version value to "0.0.0.0." After an administrator implements this group policy, a user at

below is taken from a technet blog!   I've been doing a bit of research around the theoretical limits in an AD environment as part of a project I'm working on. It's unlikely that many people will ever actually hit these limits (if you do, you probably need to take a fundamental look at your infrastructure architecture and how you support it!) but I thought I'd post them anyhow - they may be useful to someone somewhere :-) - maximum number of GPOs that can apply to a user/computer: 999 - maximum number of DNS servers in an AD-integrated zone (without manually adding the details): 850 (Windows 2000), 1300 (Windows 2003) - maximum number of supported DCs in a given domain: 1200 - maximum number of members of a group: 5000 (Windows 2000), unlimited in Windows 2003 - maximum number of DHCP servers in a forest: 850 (Windows 2000 SP1 or RTM), unlimited (Windows 2000 SP2 or later and Windows 2003) - maximum number of UPN suffixes that can be set through the UI: 850 (you can se

The Web is full of explanations on how to dual boot Windows and Linux using a Linux boot manager like GRUB or LILO. If you want to dual boot Windows Vista and Linux using Windows Vista’s Boot Manager, please read on. I will assume that you already have installed Linux on your machine using GRUB as your boot loader. Step 1 – Install GRUB on the Linux partition (outside of MBR) As Windows Vista will replace the Master Boot Record (MBR) with its own, we need to relocate GRUB elsewhere by running grub-install with the Linux partition as a parameter. • On Linux, launch a Terminal with root privileges • Find the name of the partition Linux is installed on by running fdisk –l (the partition you’re looking for is the one whose system is Linux, can be something like /dev/sda1 or /dev/hda1. For the rest of this post, I’ll use /dev/sda1) • Install GRUB on the Linux partition by running : grub-install /dev/sda1 Step 2 – Get a copy of Linux boot sector We will need to instruct Windows Boot Manager

The Virtual PC 2007 Beta is now available to download, with Windows Vista support! - sign up for it here Some of the major changes include: Support for hardware virtualisation (both Intel & AMD) Support for Windows Vista as a host operating system Support for Windows Vista as a guest operating system Improved performance There are bug fixes as well, some of the interesting ones are: Lots of work to allow Virtual PC to play better with laptop power management Fix for IntelPPM issue Virtual PC now supports greater than 2.2GB ISO images

Fight Spam on Your Terms with Custom Weight Lists At A Glance: Custom Weight Lists The Intelligent Message Filter How to filter messages to stop spam How to search text appropriately Spam, as we all know, is a huge problem. It clogs up your servers, aggravates your users, sucks up your bandwidth, and communicates unwanted and often inappropriate messages. Can anything be done to stop it? Well, if you're running Microsoft® Exchange Server 2003 you may have noticed that new features and functionality released last October in Service Pack 2 (SP2) significantly improved its ability to withstand different vectors of spam attacks. With multiple layers of anti-spam defense, Exchange Server 2003 can provide strong protection against unwanted messages. One of the most important elements in the Exchange anti-spam framework is the Intelligent Message Filter (IMF), which enables content filtering during the last stage of server anti-spam processing. Inside IMF, a little-known module called

Windows Time and the W32TM service Nathan Winters Introduction In the last few days this issue of time sync in Windows domains has come up a few times both at work and on the Minasi forum of which I am a member. Each time there has been confusion as to exactly how time sync occurs in a Windows domain.Therefore, I decided that I would put this article together in order to try to provide a decent answer as to what is going on and how to troubleshoot any issues that arise. The first thing about Time Sync in Windows is to realise that it is a little different between Windows 2000 machines and Windows XP/2003 machines. This is because in Windows 2000 the Simple Network Time Protocol (SNTP) was used and was configured with the NET TIME command. Now, with XP and 2003, Network Time Protocol (NTP) is used which give benefits such as more reliable time due to better correction methods. This is configured using the new W32TM commands which we will look at later on. To start with, however, I

Security Monitoring and Attack Detection Published: August 29, 2006 Download Get the Security Monitoring and Attack Detection paper On This Page Introduction Definition The Midsize Business Challenge Solutions Summary Appendix A: Excluding Unnecessary Events Appendix B: Implementing Group Policy Settings Introduction Welcome to this document from the Midsize Business Security Guidance collection. Microsoft hopes that the following information will help you create a more secure and productive computing environment. Executive Summary The number of high profile cases of malicious software threats and incidents that have dominated media reporting for years has served to raise awareness and spur most businesses to invest time and resources into defending against this prevalent security issue. However, the greatest threat to business infrastructure may not be in the form of an attack from the outside, such as from a virus, but may well reside within the internal network itself. Attack