CT.'s questions

I am looking into implementing SSH tunneling as a cheap VPN solution for outside users to access Intranet-only facing web applications.

I currently am using Ubuntu Server 10.04.1 64 bit with OpenSSH installed.

I am using Putty on Windows boxes to create a tunnel on a local port to my ssh server.

start putty -D 9999 mysshserver.com -N

I then use tell Firefox to use a SOCKS proxy on localhost:9999.

The -N flag will disable the interactive shell from the client side. Is there a way to do this on the server side?

Besides disabling root access, using rsa key authentication, and changing the default port; are there any other obvious security practices I should follow for this purpose? My goal is to simply be able to tunnel web traffic.

Exchange 2010 server. Outlook 2007 clients.

I have Outlook Anywhere enabled on the server.

If I have a laptop connected to an outside internet connection not on our corporate LAN and manually configure Outlook Anywhere, it works and I am able to connect to our Exchange server.

As soon as the laptop is brought into our network / domain, the incorrect Outlook Anywhere settings are pushed from the server to the client and Outlook Anywhere breaks.

Here are what the working settings look like:

Here are what the wrong settings that get pushed from the Exchange server look like:

SERVERNAME being the hostname of our Exchange 2010 server.

Any points in the right direction?

I'm on a Windows Vista client trying to access a file share running on a Windows Server 2008 R2 box. The network is in a Windows Active Directory Domain.

The shares I am trying to access:

\\Server1\FileShare1\Folder1\foo and \\Server1\FileShare1\Folder1\bar

The client does not have any permissions at Folder1. The client has read permissions at folders foo and bar.

In this example I can access \\Server1\FileShare1\Folder1\foo but I get the following error when I try to access \\Server1\FileShare1\Folder1\bar:

Network Error: 
Windows cannot access \\Server1\FileShare1\Folder1\bar.  
Check the spelling of the name. Otherwise, there might be a problem with your network.
To try to identify and resolve network problems, click Diagnose

I hit Diagnose. It returns with Windows checked the path and '\\Server1\FileShare1' is correct but 'Folder1' could not be found.

What is going on? It finds Folder1 fine when going to \\Server1\FileShare1\Folder1\foo.

I just started working at a small-medium sized business after graduating school. So much of my knowledge is high level concepts without a lot of hands on.

My understanding that according to rfc1918 only the following IP ranges are for private IPs:

10.0.0.0/8

172.16.0.0/12

192.168.0.0/16

How does this concept work with NAT firewalls? Does it not apply to internal IP addresses behind a NAT firewall?

The reason I ask is because our internal network is on 199.5.83.0/24. My first thought when seeing this is that isn't private IP space. This internal network is behind a NAT firewall with an external IP of 74.4.9.x.

Does this setup make sense? Does it go against best practices? Can someone try and give me a brief explanation to firm up these concepts for me? Any links to relative reading would also be appreciated.

I am having problems setting up OTA sync of exchange calendars with a users iPhone at work.

I set up her exchange account on the iPhone. Have it set to push. Contacts and Email loads up pretty much instantly. No calendar events.

Any ideas?

I am currently using Microsoft Exchange 2003 on Windows Server 2003 with various iPhone 3G, 3GS, and 4s. The iPhones have all been upgraded to the latest firmware. Users are using Outlook 2007.

An example I am finding is that normal calendar events added from either Outlook or iPhone sync fine but if I am the "meeting organizer" sending a "meeting request" the event will show in my Outlook but not on my iPhone.

Is there any good list of Exchange/iPhone ActiveSync limitations? Any workaround for the issue above?

Thanks.

There are approx 15 User profiles on a Windows XP workstation.

I want to install some network printers to all User profiles. I installed some to the local administrator account thinking I was installing them for all users.

That is not the case, it looks like printers must be installed to each profile individually.

Anyone know of a way to install printers to all user profiles instead of each individually?

Thanks.

Can anyone recommend a utility that can scan specified directory locations (network shares specifically) and return all files older than a certain date?

I am looking to implement a data retention policy at my workplace. As our amount of data grows it puts a large strain on our backup routines. I would like to move old data to some sort of archival system.

Extra points for the ability to move queried old files to another location for archival and the ability to create schedules for when this occurs.

Many thanks.

EDIT: Windows Shop. Mostly Windows 2003 Servers.

In this particular case, this isn't mission critical data. Just various user documents on network shares. The archival system would simply be to move old data to a removable device off site once a month. Most data will most likely never be accessed again but I would like at least one copy to disk as opposed to simply deleting it.

My company currently uses MS Exchange 2003 for company email, contacts, and calendars. We have approximately 150 users. Construction industry.

I would like to look into migrating from Exchange to Google Apps. It will be an easier sell to the powers that be if we can migrate certain smaller departments first successfully than an entire company move.

I would like to first migrate our field superintendents who are usually out of the office working remotely. Approx 30 users.

Will Google App users be able to see our Exchange user's calendars and vice versa? How about public folders? Anyone's migration story is much appreciated.

Thank you.

I started working for a medium sized company (approx. 150 users). When user's workstations need to be reformatted for any variety of reasons, we reformat, reinstall windows from an oem disk, install drivers, install shop desired software, and restore user's documents from latest backup.

While the process isn't very difficult it is very time consuming. What are some options to simplify / speed up this process?

Mostly a complete Windows shop with most servers running Win2k3 Enterprise and workstations running a variety of XP, Vista, and 7. Workstations are purchased through a variety of OEMs mostly Dell.

I just started working for a small-medium size company doing IT support. Maybe 150 or less users.

Right now every user has administrative rights to their own machine. This allows them to install updates or whatever else they would like to.

I'm tired of getting on user's machines that are bloated with crap they put on themselves. So my first thought would be to take away administrative rights to their computer. This would also have other advantages such as preventing a lot of drive-by malware on the web etc.

The problem arises that users are unable to install updates. (Even though I find most ignore these anyway)

How do large companies handle software updates on all client machines?

EDIT: Windows environment. Most servers are Windows Server 2003 Enterprise. Clients are all Windows. Win XP, Vista, and 7.

I just started working in the IT department of a small-medium sized construction company with about 200 users. One of my responsibilities is to setup and configure all new machines that come in.

I would like suggestions on how to best manage the installation disks and licenses of the software that comes with them. Plus any additional licensed software such as Autocad, Photoshop, etc as well as peripheral driver disks such as printers and scanners.

Right now every machine is associated and labeled with an asset id. All asset ids are kept in a spreadsheet with applicable serial numbers, current user, warranty info, and software licenses. The physical disks are then kept within a folder in a cabinet. Each folder is marked with the asset id number as well as the current user.

My problems with this is that the system was not maintained very completely before I came to the company. There are plenty of software folders with no asset ids labeled on them. Plenty of missing software folders (most likely are a lot of the unlabeled folders). Folders with names but not asset ids. Machines get switched to different users without the folders and spreadsheet being updated.

I am not saying this method would necessarily be bad if it was better implemented and managed, but if I am going to have to take a lot of time to fix this system currently in place. I thought I would ask the community first on how others manage this process in case there are easier, more efficient ways of doing so.

Thank you.

Lately I have been getting an increasing number of complaints regarding users not being able to download attachments synced from Exchange with their iPhone.

The iPhones in question are either 3G or 3GS with firmware 3.0 or later. Exchange 2003.

The majority of messages come in just fine. Some however display: "This message has not been downloaded from the server" where the email's text normally should be. At the bottom of the email, it states: "This message is only partially downloaded." It has a button labeled "Download remaining 0 bytes." If you click this button, it states that it is loading and then reverts to the same screen.

The odd part is that this only affects some emails. Most come in fine with attachments working.

I've taken the same email that was not working on my iPhone. Sent it to a gmail account that my iPhone had access to. The message and attachment opened fine.

Any ideas of possible causes I could look into?

Thanks.

EDIT: The same occurs on 4.0 +

I am using WSS 3.0 with Microsoft Server 2003.

I am running into the following problem.

On a pretty frequent basis, outside users are having trouble downloading documents.

Some downloads are completing while the download is still incomplete. So for instance, a PDF is a 17MB file. If I download it from within the office, all 17MBs are downloaded and it opens. If I download it from an outside connection, it may download anywhere from 5-10 MB of the file and then say it is complete. When these partial downloads are opened, it gives the user the error, this file is corrupt and cannot be repaired.

I have solved this problem on some of the occasions by simply deleting the document and uploading a new copy of the document. This does not always work.

Are there known bugs? Are the Internet settings that need to be modified on the outside user's machine? Does anyone else run into this?

How do I disable Explorer View for select users in Windows SharePoint Services 3.0?

Setting specific permissions becomes useless when my users could just go into explorer view and start deleting.

Please help.

I would like to implement some sort of contact database management system within a small company.

At this point I have roughly 200 contacts but I see a prospecting database could grow over 500 but probably not more than 1000.

I would like contacts to be organized in some containing database. Within the container database there are organizational groups. A contact may belong to more than one group.

I would like contacts to be searched and sorted by things such as name, company, organizational group, etc.

I would like the ability to do mail merge, both email and snail mail.

When sending emails, I would only like each recipient to see only his or her own email address, even if the email was sent to a distribution list with many emails on it.

Is this possible?

I am trying to open an application from my work's citrix presentation server on my macbook. I just downloaded the latest citrix client for mac from their website but when I go to launch an app it tries to open the app in VMware. If I right-click on the app and save target as, I get a launch.ica file which if I try to open in Citrix Dazzle it does not know how to open this file type.

1) I would like to send Sharepoint Alerts to an email distribution list.

2) I would like that email distribution list to include domain and non-domain users.

3) I would like that email distribution list to be editable from Public Folders in exchange.

Is this possible? It seems like it should be.

WSS 3.0 on Windows Server 2003 Standard

Just getting 1 and 2 would be a great start...

I will start by saying I am not a system admin. I work as an intern at a construction company doing mostly hardware/software support.

I also publish changes to their website with Dreamweaver. I was alarmed to see that how I was told to configure Dreamweaver, it is basically set up to publish directly to the live remote server.

The website is hosted in-house using IIS on Windows Server 2003.

I would like to setup a test site to publish to before pushing new documents to the live website. I can not simply preview pages in my browser due to the website using sever technology specifically ASP.

I do not want to install IIS on my local machine. My idea was to create a test site on the same server the actual site exists on. I basically followed instructions listed here: http://support.microsoft.com/kb/323972 . I just tried to mirror the settings for the actual site to the test site. I then took all the files from the directory of the actual site and copied them to the directory of the test site.

I have not been able to get this to work however. The actual website is configured to be on the internal address 199.5.83.240. The test site is configured to be on 199.5.83.238. If you try to access .238 the connection times out.

I thought maybe just some services needed to be restarted. I have restarted the IIS services and DNS services to no avail.

What am I missing??

Edit: Additional Info.

The server running IIS is local 199.5.83.229. There are a couple sites hosted from this IIS server. If I run ipconfig from the server. It lists .229 as well as .240, .241, .243, .245; but no .238. I assume this is where my problem lies. How do I fix this?

Original Question: If I am sharing a folder using VMware Fusion, that shared folder is 500 GB, can I create a samba share of that folder with a virtual machine that has a 10 GB HD. Or would the virtual machine max hard drive size need to be 500 GB. How would this work?

Rephrase of Question: I am mounting a remote folder into my virtual machine using VMware Fusion. I do this after vmware tools have been installed. It is done as so:

In the VMWare Library, edit the Settings of your currently running virtual machine; Select the “Sharing” settings option; Add a new folder and share it with Read/Write permissions; Close the menu dialogue to save your choice.

This folder is now available to the VM at /mnt/hgfs/[NAME OF FOLDER]

I change permissions so that folder is able to be read/write from both mac osx and my VM(in this case Ubuntu Server 9.04 minimal virtual installation)

Say the folder is called Video.

I use a syslink 'ln -s /mnt/hgfs/Video ~/video'

Now I have access to this shared (shared meaning between OSX and the VM, not any form of osx file sharing) folder from my VM or OSX. So now I can drop video files in this folder from OSX and my VM can now see those files.

Can I use my VM to create a samba share of those files? How about ftp? If my Virtual Machine only has a set 10 GB hard drive and my Video folder contains 500 GBs of video files. (How) Will this work? Or do I need a virtual machine with different hard drive specifications?

Thank you.