Is there a way using Exchange to send messages with a specific header like (X-Junk-Mail: ) to the "Junk Email" folder without having to create rules in the client? I'd like to have borderline spam messages tagged as such in a header through our SPAM filter and have it placed in a user's "Junk Email" folder.
Brett G's questions
I'm trying to restrict OneDrive usage on Windows 8.1 and Windows 10 Clients
I'm following an article on TechNet about this, and says on my 2012 R2 domain controller to modify the GPO under the following:
In the Group Policy Management Editor, under Computer Configuration, click Policies, click Administrative Templates, click Windows Components, and then click OneDrive.
However, OneDrive doesn't appear. Any ideas on what I could do here?
I've been battling this issue for a few days. I've been trying to deploy Symantec Endpoint Protection for a few days. I created a GPO and linked it to a WMI Filter so that it would only target the 64 bit desktops. When I check with Group Policy Modeling, it appears that it will work with this WMI filter. However, it only ever installs once I remove the WMI filter. Any idea why this would be happening?
This is the WMI Filter:
Namespace: root\CIMv2
Query: Select AddressWidth from Win32_Processor where (AddressWidth=”64″)
I'm trying to deal with some legacy group policies that applied registry settings using ADM files. I'd like to remove these registry settings and set them up as group policy preferences, but how do I do this if I don't have the original ADM file?
Edit: Just to clarify: I'm not concerned about removing the registry tattooing on the client, just removing the custom setting from the GPO itself.
I just installed a new Windows 2012 R2 domain controller. I was looking in the DNS Server, and there were two DNS Forwarders setup, which were other domain controllers. "Forwarders are DNS servers that this server can use to resolve DNS queries for records that this server cannot resolve"
I'm curious though, how was it already populated with other server names? Is this default set somewhere in Active Directory?
edit: Screenshots of where I'm referring to
I recently changed over our old login script that mapped network drives over to group policy preference drive maps. Worked through a few issues at first, but appears to be working fine for all of our users. However, one issue that I'm having on one Windows 7 workstation, is that it's mapping all of the drives it's supposed to, but it's also mapping one of the network drives multiple times. The longer his computer goes unrestarted, the more copies of this drive get mapped. It starts with the actual drive letter, S. Then you start to see Z, Y, X, etc starting to appear. One day he had at least 10 copies of this drive appear.
Anyone know how to troubleshoot this?
I had a Powershell script that used Invoke-RestMethod that was working in powershell 3.0. However, I upgraded to powershell 4.0 to fix a bug in powershell 3. When I did so, my script seems to have stopped working.
$username = "Administrator"
$password = "PASSWORD"
$uri = "https://10.0.0.18/vmrest/users"
$dictionary = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
$base64AuthInfo = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f$username,$password)))
$dictionary.Add("Authorization",$base64AuthInfo)
Invoke-RestMethod -Uri $uri -Method GET -Headers $dictionary -Verbose
When I turn on the verbose switch, it gives me this response
VERBOSE: GET https://192.168.1.18/vmrest/users with 0-byte payload
VERBOSE: received -1-byte response of content type
I also tried specifying the requested content type, but no dice
$dictionary.Add("Accept","application/json")
$dictionary.Add("Connection", "keep_alive")
I'm looking to make a "Drop Folder" in a windows shared drive that is accessible to everyone. I'd like files to be deleted automagically if they sit in the folder for more than X days.
However, it seems like all methods I've found to do this, use the last modified date, last access time, or creation date of a file.
I'm trying to make this a folder that a user can drop files in to share with somebody. If someone copies or moves files into here, I'd like the clock to start ticking at this point. However, the last modified date and creation date of a file will not be updated unless someone actually modifies the file. The last access time is updated too frequently... it seems that just opening a directory in windows explorer will update the last access time.
Anyone know of a solution to this? I'm thinking that cataloging the hash of files on a daily basis and then expiring files based on hashes older than a certain date might be a solution.... but taking hashes of files can be time consuming.
Any ideas would be greatly appreciated!
Note:
I've already looked at quite a lot of answers on here... looked into File Server Resource Monitor, powershell scripts, batch scripts, etc. They still use the last access time, last modified time or creation time... which, as described, do not fit the above needs.
So, I recently got a request to come up with the following solution. I'm sure there's a bunch of ways to do this, including writing a custom script, but I wanted to know the best recommended way to solve it.
They'd like to have the following file structure. Files would only be stored in the deepest subdirectories (Quotes and Images).
- Clients
- John Doe
- Quotes
- Images
- Jane Doe
- Quotes
- Images
- Jack Doe
- Quotes
- Images
- Carl
- Quotes
- Images
- John Doe
However, at the same time, they'd like to be able to view
- All Quotes
- All Images
Which would contain all of the files (and links to) all of the aggregated files from the associated subdirectories.
Personally, I think the simplest solution is the best (rather than having to install a Digital Asset Manager or something along those lines) but I'd really like to hear what you think is the best way of solving this problem, regardless of complexity.
I'm having quite a weird issue. Had mail delivery issues to a specific domain. After looking closer, I realized that the DNS for that domain isn't resolving via the in-house Windows 2003 SP2 DNS server.
C:\>nslookup foodmix.net
Server: DC.DOMAIN.com
Address: 10.1.1.1
DNS request timed out.
timeout was 2 seconds. DNS request timed out.
timeout was 2 seconds.
*** Request to DC.DOMAIN.com timed-out
(DC.DOMAIN.com and 10.1.1.1 are generic values to replace the actual ones)
Even if I run this nslookup from the DC.DOMAIN.com server, I get the same result. However, all other requests are working as they should. I had a sysadmin friend try this DNS lookup on servers at several companies that he consults for (which are also Windows 2003 AD servers). The weird thing is some of these were having the same exact issue. However using public DNS servers work. I have tried clearing the DNS cache, restarting the server, restarting the services, etc. Nothing has worked.
One weird event I noticed in the DNS Server Event Logs that might be related is an event ID of 5504 with the following description:
The DNS server encountered an invalid domain name in a packet from 192.33.4.12. The packet will be rejected. The event data contains the DNS packet.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
In the data section below, I can see the following mentioned:
ns2.webhostingstar.com
Which happens to be the nameserver for the domain in question. Several discussion threads and a MS KB have pointed to disabling EDNS. I have done this via "dnscmd /config /enableednsprobes 0" and it has not fixed the issue.
More Info:
I've added a wireshark excerpt(txt) which shows the DNS query. Just to clarify, the internal network is the 2.0.0.0/22 network is the internal network (I didn't set it up, and it's stupid that it's setup this way). The internal DNS server is 2.0.0.10.
So as far as I can see, here's what's happening:
- Internal DNS Server requests A record for foodmix.net from its NS record (ns2.webhostingstar.com) and it recieves no response
- Internal DNS server sends another request under the same transaction ID . It requests A record for foodmix.net from its other NS record (ns.webhostingstar.com) and it recieves no response
- Internal DNS server sends a request under a new transaction ID . It requests an A record for foodmix.net from a nameserver 192.31.80.30 (d.gtld-servers.net).
- It recieves a response from 192.31.80.30 with no records, just listing the authoritative NS servers.
I'm doing some work for a printing company right now. They'd like to setup a more secure FTP situation. It seems like, from what they've described to me, most printing companies have a general FTP account that they give the login info out to all of their clients to upload to. This is how theirs is currently setup. However, the problem is, the way the permissions are setup, you can view everybody else's uploads. They're trying to make their enviornment secure, but at the same time make it easy for clients to upload. I was telling them two quick things we could do is create client specific accounts or create temporary accounts (like 7 days) every time somebody needed to upload/download.
What would you recommend? What would be your ideal solution, and what would be most practical? They're currently using all windows based server.
At a small office, my clients' HR department needs to communicate with some vendors regarding HIPAA-covered material. How do most companies deal with securely sending e-mails regarding HIPAA. I would prefer to encrypt the e-mails themselves instead of requiring vendors to log into a secure messaging server, but I don't know if this is commonplace
How do you keep track of major patches for windows systems such as Flash, Reader... etc as they are released?
Speaking big picture, what are the benefits of Lotus Notes over exchange. Is exchange meant for smaller companies who don't want to spend a lot of time maintaining their systems... but not as scalable? Is lotus notes more secure?
Aside from patch updates, is there any way to mitigate the risks with adobe reader exploits? Frankly, I don't know how most reader exploits work. However, is there any functionality that I can disable in reader that will make it more safe from most exploits?
I've had a lot of employees lately come to me with issues on their home PCs where they have had Fake Alert/Rogue viruses. I was planning on sending out a warning to users explaining to them that these are actually viruses. I was also planning on informing them that in order to help prevent occurrences like this they should be sure to have an antivirus w ith an up-to-date subscription. I'd also recommend if they don't have a subscription to download MSE or another free antivirus.
However, I wasn't sure exactly how to instruct them to differentiate between a legitimate windows or antivirus alert and one from a fakealert program. Does anybody have any suggestions?
UPDATE
This is the message I ended up sending. I figured I should probably stay away from even mentioning their personal computers.. mostly to avoid requests to fix them. However, by sending this message, they will at least be slightly more aware of fake alert viruses out there.
Over the last year, there have been an increasing number of computer viruses spreading that actually pretend to be antivirus software. These viruses very closely mimic legitimate windows and mac software, so it can be hard to tell whether or not virus warnings that appear on your screen are legitimate or not.
While we do have virus protection on company computers, it is still possible to get a virus by simply visiting a website… even reputable ones. If you ever have a popup that tells you that you have multiple viruses and that you need to scan your computer immediately (or do anything else), please shutdown your computer by holding down the power button until the screen turns black and contact the IT staff immediately. If you aren’t sure whether a message is genuine or not, please contact us immediately as well.
Below are some images of some of the more popular “fake alert” viruses out there.
I know I'm pretty allergic to dust. However, dealing with servers and workstations on a day to day basis, I encounter it all the time. How do you deal with dust?
I wanted to know if anybody had any recommendations as to how to keep the server room secure from employees. There is a lock on the door, however, anybody with a building master (maintenance, owners, custodians, etc) can open it. It would be nice if it required the key and also had a proximity card lock so that we could log entry and restrict it further. Has anyone done this before? What are some other ways to make sure it is secure?
At several places I've done some work at, I have a suspicion that some of the executives browse porn on their work computers. It appears this porn surfing has lead to virus infections on their computers despite the presence of an anti-virus. Filtering theses specific users' browsing is not an option, so what would be my next best solution be? I put Firefox + Adblock pro on their computers. I'm tempted to add NoScript, but I'm worried they'll start calling when noscript interferes with browsing on legit websites. Is there anything else I can due to mitigate this risk?