sts.myitforum.com] On Behalf Of Ken Cornetet
Sent: Friday, September 16, 2016 10:48 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Transfer switches
Does anyone here have experience with AC transfer switches? I find myself in
the unenviable position
Does anyone here have experience with AC transfer switches? I find myself in
the unenviable position of needing some, and pretty much all I hear about them
is bad. I have some equipment that only has one power supply (no option to add
a redundant supply) that will be powered by two different mai
Google "ldap referral"
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Mayo, Bill
Sent: Wednesday, June 22, 2016 11:13 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Does LDAP have method for distributing requests?
We have a number of copiers (p
We had a major problem that was a real head scratcher today. Due to Microsoft's
acceleration of deprecating SHA1 hashed certificates, we updated the
certificate templates on our domain CA and renewed our master certificate so
that it would have a SHA256 hash.
We use NPS (network policy server)
An RV042? If so that is just a router – not a firewall (although it looks like
it has some sort of optional cloud based web filtering).
We’ve been extremely pleased with our Palo Alto units. They aren’t cheap, but
they are light-years ahead of anything else out there in terms of their
protectio
We've been buying certs from GoDaddy and we've been pretty happy with them.
The cost is trivial. Even their wildcard certs aren't expensive.
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Liby Philip Mathew
Sent: Tuesday, May
IMHO, if you need failover, the correct answer is almost always ESX or Hyper-V.
In the many years that I've been dealing with computers, trying to do failover
at the application level is usually an exercise in frustration.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.c
[mailto:listsad...@lists.myitforum.com] On
Behalf Of Ken Cornetet
Sent: Monday, June 16, 2014 9:12 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Anyone know of an outfit like Tech Soup that will sell to
501(c)4 organizations?
I'm a member of a small volunteer fire department. We are a tax-e
I'm a member of a small volunteer fire department. We are a tax-exempt private
organization, not government. I tried to get set up with Tech Soup so that I
could buy Windows 7 and Office, but there is a problem. When the department set
themselves up as a non-profit years ago, they registered as
No problems.
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Dave Vantine
Sent: Friday, April 11, 2014 10:23 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Win 2003 DC
I have a customer that has a single Win2003 DC run
Commercial distribution of open source (so not free) http://www.stratodesk.com/
I set up a trial version on several old clunker PCs and was very impressed.
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Kurt Buff
Sent: Wednes
I'm rather partial to pfsense. I'm running it on an old AMD pc that I snagged
from the trash. No hard drive required - it boots from a 2GB USB fob.
You might also be interested in Sophos UTM. I've not used it, but the specs
look impressive, and it is free for home use (up to 50 IP addresses). I
You need to create a superscope. Without a superscope, DHCP won't assign IP
addresses outside what it thinks the subnet range is.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Curt Finley
Sent: Friday, March 14, 2014 6:37 PM
To: ntsysadm@lists.myitforu
We are seeing lots of dropped packets on both our BT frame-relay and Internet
VPN circuits into our two locations in China. We are seeing these problems from
both North America and from Thailand.
The Internet VPN circuit between our two China locations is rock solid.
Anyone else seeing any weir
: Re: [NTSysADM] OT:Bitcoin
What is he saying about bitcoin, in this video or otherwise, that is inaccurate
or somehow otherwise misinformed?
--
Espi
On Thu, Mar 6, 2014 at 2:09 PM, Ken Cornetet
mailto:ken.corne...@kimball.com>> wrote:
No, because Dave has at some point in the past went fr
d a scam?
Webster
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
mailto:listsad...@lists.myitforum.com>> on
behalf of Ken Cornetet
mailto:ken.corne...@kimball.com>>
Sent: Thursday, March 6, 2014 12:28 PM
To: ntsysadm@lists.myitforum.com<mailto:n
I have great deal of respect for Dave's financial philosophy and advice for
the most part, but Dave long ago lost the distinction between his opinions and
facts.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Rod Trent
Sent: Thursday, March 06, 2014 1
chael Leone
Sent: Tuesday, March 04, 2014 11:42 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Win 2012 RDS - load balancing advise
On Tue, Mar 4, 2014 at 11:06 AM, Ken Cornetet wrote:
> I don't have an RDS environment to look at right now, and I've played with
> RDS
I don't have an RDS environment to look at right now, and I've played with RDS
on server 2008 R2 and 2012, so I might be getting the two conflated.
I recall that you have to somehow create RDS files, and then make them
available to the web server to publish. I can't recall the details. I do
rem
Your web server will have its own unique A record (rdsweb.yourcompany.com).
You then create A records for each app server (rds.yourcompany.com). When you
publish your apps, you use that name for the host.
I can't remember if you need separate sets of A records for each collection
(but with only
pproach that
we happen to be using.
-Aakash Shah
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Monday, February 24, 2014 5:27 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitfo
27;ve migrated
their file server resources over.
-Aakash Shah
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Friday, February 21, 2014 11:15 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsys
ilto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Friday, February 21, 2014 2:15 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] ADMT & Exchange
I'd think this would be a common questio
I'd think this would be a common question, but my google-fu has failed me.
Here's my situation:
Given a forest with users with Exchange mailboxes, I need to migrate the users
to a new forest and move their mailboxes to new Exchange servers in the new
forest.
My question is: Is there any way to
Your %date:~0,2% is wrong. It should be %date:~4,2% in the US
Here's a simpler script
if %date:~4,2% == 01 set month3=JAN
if %date:~4,2% == 02 set month3=FEB
if %date:~4,2% == 03 set month3=MAR
...
echo %month3%
You could add some quoting characters (if "%date:~4,2%" == "01" set month3=JAN)
as
This might be worth a shot
Find where the executable lives on the XP system (have a look at the properties
of the start menu shortcut). Copy that directory to the windows 7 machine. If
it was previously under C:\Program Files, copy to C:\Program Files (x86)
(assuming 64 bit Windows ).
On the X
Reasoning? If you mean how we did it, it was duck soup. We created secondaries
on the MS DNS server for all the zones, let them sync up, shut down the
infoblox, then changed the MS DNS zones into AD integrated primaries. IIRC, the
zone conversion had to be done in two steps - one to convert to p
Yes, member computers and non-PDC DCs in a domain sync to the PDC emulator for
the domain. PDCs in child domains sync to the PDC emulator in the forest root
domain. You should manually configure that DC to sync to an external source.
This probably works great in modern times, but back in the ser
Here's what I'd recommend
On one server (not a DC), install the Meinberg windows port of NTP
http://www.meinbergglobal.com/english/sw/ntp.htm
When you install it, it will ask you if you want to disable the windows time
service - let it do so.
Configure it to use whatever Internet NTP sources y
It wouldn’t seem far-fetched if you’d ever tried to federate Office 365 with
your domain. When we started down that road a year ago, it was pretty obvious
that Office 365 was something less than organized.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of
iginal Message-
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Tuesday, February 11, 2014 1:09 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
al Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Ken Cornetet
Sent: Tuesday, February 11, 2014 1:09 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] GP confusion - Internet Explorer Maintenance?
Someone at Microsoft should smack the wh
Someone at Microsoft should smack the whole lot of the Internet Explorer team
upside the head and tell them to bury the Internet Explorer Admin Kit (IEAK)
and just put their damn policy settings under the POLICIES registry keys like
everything else does.
I've NEVER understood why MS has made u
other. Do you have any users that might need to go work
in the other company's environment?
Cheers
Ken
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Tuesday, 11 February 2014 10:26 AM
T
to react quickly.
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Monday, February 10, 2014 6:04 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] Clonin
The root domain would be split as well – no issues with RIDs.
And as far as moving between companies with laptops, this would be clearly
stated to management as not possible. We don’t use X.500 publicly.
We are also looking at using ADMT, which looks like it will work, but with
thousands of use
/XeeMe.com/AndrewBaker<http://xeeme.com/AndrewBaker>
Providing Virtual CIO Services (IT Operations & Information Security) for the
SMB market...
On Mon, Feb 10, 2014 at 6:04 PM, Ken Cornetet
mailto:ken.corne...@kimball.com>> wrote:
I know Microsoft says don't do this, but I've
I know Microsoft says don't do this, but I've been asked to put together
options for the upcoming split of a company, and I'm documenting what would
happen if we simply turn one forest into two by cutting the network and having
each half go on to run as two independent forests.
Here's the exis
need a usb key to be plugged in for
the encryption to work? I haven't really worked with encryption before. I'll
need to do more research to see how TrueCrypt works.
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitf
A couple of thoughts:
1. Does the whole Windows server need to be encrypted? Can't you just use
TrueCrypt to create an encrypted volume inside windows, then mount it as a
drive letter and store you sensitive data there?
2. If the whole server does indeed need to be encrypted, you c
s
On Thu, Dec 12, 2013 at 3:57 PM, Ken Cornetet wrote:
> Your specs are probably a bit overkill for the app servers, and the web
> server only needs two CPUs and 4GB.
The web server only has 2 vCPUs. (altho each with 2 cores)
> You can easily run the web server, broker, and licens
Your specs are probably a bit overkill for the app servers, and the web server
only needs two CPUs and 4GB.
You can easily run the web server, broker, and license roles on one server.
The RDS application servers will load balance themselves (using the connection
broker for load information). II
Careful using cu (if it even exists on modern linux distros). IIRC, cu doesn't
do any handling of the modem and flow control lines, so you are at the mercy of
whatever the defaults are for whichever serial port device file you are using.
Kermit would be the better option. Kermit has commands for
You are making this WAY too hard. Install certificate servicer on one of your
windows servers. Make it a root CA for the domain. Use IIS management console
and/or the "certificates" MMC to request and install certificates. Done.
Domain computers will automatically trust the root cert.
From: lis
That's exactly how we did our infoblox to MS DNS migration. Set up secondaries
on the MS side, shut down the infoblox, then convert the MS zones to primaries.
IIRC, you can't go directly to AD integrated - you have to make them primaries
first, then AD integrated (if that is what you want). Clea
Exactly no NT domain needed. Just create records using names like
"Host2.ourdepartment" in your "localdomain.local" zone.
You could make them all A records, or if they are pointing to an existing
server, use CNAMES.
AD needs DNS, but DNS doesn't need AD.
From: listsad...@lists.myitforum.com [ma
I've been through two rounds of DC upgrades, and I do it in pretty much the
same fashion
Build new server with temp name and IP
Note if old server is GC
DCPROMO old server down (roles are automatically transferred).
Rename it
Change IP address of old server.
Change new server name
Change new serv
Not local to the Citrix server, local to the RDP or Citrix client.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Daniel Chenault
Sent: Wednesday, August 21, 2013 11:14 PM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] MSIEXEC CPU on TS
A.
sources doesn't tend to stop msiexec from working, but I agree
that the root cause should be fixed, as I said. This would merely be a stopgap
to reduce the issue while the investigation is done.
On 21 August 2013 15:38, Ken Cornetet
mailto:ken.corne...@kimball.com>> wrote:
Don't sta
forum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Ken Cornetet
Sent: Wednesday, August 21, 2013 10:25 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] MSIEXEC CPU on TS
The problem only gets noticeable when there are thousands of those keys. By
deleting that key every 90 minutes o
Server. This is a LONG standing bug with HP print drivers. HP makes great
printer hardware, but they can't write print drivers worth a darn.
If carpenters built buildings the way programmers write code, a woodpecker
would have destroyed civilization.
From: listsad...@lists.myitforum.com [mailto
The problem only gets noticeable when there are thousands of those keys. By
deleting that key every 90 minutes or so, you keep the number of maximum number
of keys down to, say, hundreds. This doesn't create a problem - at least in my
environment.
If you want them deleted more often, create a b
Just put the GP in place and relax. You can't manually get rid of them - they
just keep coming back.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of J- P
Sent: Tuesday, August 20, 2013 4:56 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] MSIE
It is in computer policy, so it executes whenever your machine policy runs (at
boot and by default every 90 minutes or so).
In GPMC, it is under "Computer Configuration", "Preferences", "Windows
Settings", "Registry".
The actual key is .DEFAULT\Software\Hewlett-Packard
From: listsad...@lists.m
IIRC, my problem is HP printers and they create gazillions of keys under
HKU\.Default\Software\HewlettPackard.
I simply created a group policy object that deletes the whole
HKU\.Default\Software\HewlettPackard key.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] O
Has anyone implemented SSO with Yammer using ADFS? Our Yammer person is asking
me to look into this, and I'm not finding much information on Yammer's web site
or elsewhere.
80 video
outputting to TV via HDMI
1 VM that is a server OS
1 VM that is generic workstation client
Dave
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Friday, August 16, 2013 7:57
I'd think whiteboxing would not be viable since a Xeon proc and 32GB of RAM
will just about consume your $500 right off the bat.
Why does it have to be a Xeon? A quad core i5 whitebox might be doable for $500.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Beh
Speaking of CA server, I have a question:
I am soon going to re-host my single tier CA from a server 2003 server to a
server 2008 r2 server. I've done this in our test environment, and it worked
just like the docs said it would.
My question: is there any way to extend the expiration time of the
Unless I misunderstand what you are asking, you just right click your CA in the
MMC, "All Tasks", "Renew CA Certificate". You'll see the new certificate show
up when you look at the properties of your CA.
As to whether the certificates that have been issued will automatically renew,
that depend
Or consider buying used stuff. We've been buying used EMC stuff from Symm-care
and been happy with it.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Andrew S. Baker
Sent: Friday, August 02, 2013 2:12 PM
To: ntsysadm
Subject: Re: [NTSysADM] Random thoug
When the DNS server (assuming windows DNS) resolves "mydomain.com", it will
find 3 address (A) records. If the client is on the same subnet as one of the A
records, the DNS server will do "subnet sorting" which means it will put that A
record first in the list of 3 records that it returns to the
That's kind of like asking what's the odds of toast hitting the dining room
carpet butter side down. The more expensive the carpet, the higher the odds.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of David Lum
Sent: Wednesday, July 31, 2013 11:07 AM
To:
It is supported and sort of documented - as long as you know the secret word:
SupportMultipleDomain
http://blogs.technet.com/b/abizerh/archive/2013/02/06/supportmultipledomain-switch-when-managing-sso-to-office-365.aspx
Office 365 is one of the most half-baked "products" Microsoft has ever
re
I don't know about that. I'd say the weight of a month's worth of my junk mail
easily exceeds what a computer shopper used to weigh.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of William Robbins
Sent: Wednesday, July 17, 2013 10:59 AM
To: ntsysadm@list
At that time, IBM had a strict no single-source part policy. Before IBM would
use a part in a computer design, there had to be two sources for the part. It
was very common in those days for chip manufacturers to cut license deals to
allow other people to make their chips since they'd eventually
I don't think AMD's 286 was designed by AMD. They built Intel's design.
IIRC, IBM had a strict policy that they would use no integrated circuits in
their computers that weren't available from at least two sources. Intel allowed
AMD to build their 286 chips so that IBM could use them in their co
We've been using it to back up some small servers at remote sites for quite
some time.
When it works, it works great.
When it doesn't work, it can be a pain to get working again. It does almost no
logging, and the errors it does log are usually useless. Repairing a client
that fails to back up
We are doing an Office365 pilot, and I can tell you first hand that setting
things up is not easy. It turns out that ADFS and Dirsync are straightforward
to install and set up, but getting there is a nightmare because there is a ton
of documentation, tutorials, and blog posts - and 99% of it is
hat's the best app to torture test new hard drives?
How are they going to be cheaper than $50 per disk?
On Tue, May 21, 2013 at 9:46 AM, Ken Cornetet
mailto:ken.corne...@kimball.com>> wrote:
Have you considered solid state drives?
-Original Message-
From: listsad...@lis
Have you considered solid state drives?
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of listserve
Sent: Tuesday, May 21, 2013 9:28 AM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] RE: What's the best app to torture test
I don't think bulk drives are the issue - I don't think they are going to fail
any more often than retail drives.
That said, failure and DOA rates for TB range SATA disks are abysmally poor.
Drive manufacturers have been locked into a fierce price competition for quite
some time, and they are
He's a sharp guy, but he tends to consider his opinions as facts.
He also tends to be too much of a salesman. His original product SpinRite was
genius in the day. It would re-format a hard disk one track at a time so as to
re-align the data owing to the drifting head position as the stepper moto
.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Ken Cornetet
Sent: Monday, May 20, 2013 1:49 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: What's the best app to torture test new hard drives?
I assume you have the interface and power worked out.
I'd simp
I assume you have the interface and power worked out.
I'd simply boot up to Damn Small Linux off a USB stick, bring up 10 shell
windows, and fire up a badblocks command in each window giving each a device
for for each disk. I *think* SATA disks show up as SCSI disks (/dev/sda,
/dev/hdb, etc)
h
If a man says something in the woods and there is no woman to hear him, is he
still wrong?
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Jonathan Link
Sent: Friday, May 17, 2013 10:45 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] Well...
I'd think your system would more than adequate. Have a look over on the XBMC
forum for lots of discussions about NAS for media streaming. FreeNAS and Unraid
are popular for storing media.
BTW, I've done pretty much the same thing. Here's my setup:
1. An old HP dc7600 running Server 2003
m: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
[mailto:listsad...@lists.myitforum.com] On Behalf Of Ken Cornetet
Sent: Monday, May 13, 2013 12:22 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: switch recommendations
First off, be
First off, be very careful about PoE. All of the low end switches I've looked
at have fairly low total PoE wattage available. If you are wanting to power
what are typically low power devices (like phones), you'll probably be alright.
Cameras and access points are another story.
I'd recommend us
79 matches
Mail list logo
