I am in charge of locking down many public computers for a public library. Because Windows SteadyState is not supported in Windows 7, I use group policies. These policies affect all users, including the administrator account. I would like to place shortcuts on the administrator desktop to toggle certain policies. These are non-domain machines and are all running Windows 7 Professional. So far I have not been able to easily toggle specific policies. I would prefer to NOT have to open the gpedit.msc and locate each policy that I want to toggle. Instead, I would like to be able to click on a desktop shortcut to enable or disable certain policies. Can anyone point me in the right direction? Thanks.
I would like to force Windows 7 to always load the temporary profile when a user logs off and back on. Is there a reliable way to force this to happen each time?
Background: if you are familiar with Windows Steady State for Windows XP, I am trying to replicate the "lock the desktop" feature, which clears the the desktop, my docs, etc, and most user history at a logoff. Then, when a new user logs on, that user is presented with a like-new computer. This is different than what Windows Disk Protection (and 3rd party products such as DeepFreeze) does, as it does not require a restart, only a logoff/logon, and only erases certain changes that a user has made (a restart would be performed at night, wiping the machine and restoring it to a like-new state).
Again, the idea is to let each user work in a new, unpolluted space, and then have that space cleaned at each logoff/logon to preserve privacy and to give the next user the same clean desktop, etc to work with. Windows Steady State is not available for Windows 7 and I have yet to find an acceptable alternative\solution for "locking the desktop." This temporary profile seems like it could be the answer, but I have only seen it referenced in posts where it was an unwanted annoyance.
Thanks in advance, and if I need to be more clear, I will be.
using pop email, any email larger than a few kb in size and/or with an attachment will not send. The Outlook error message lists 'server timeout' or 'unable to connect to outgoing server' as the issue. No one else is having this issue, all server settings are correct, I have removed and recreated the profile, updated Windows, experimented with different settings.
This is a new laptop. The PST came from an XP machine running Office 2007.
Google has nothing for me. I am hoping that you guys do.
Please ask questions if I need to be more specific. I am not sure what else to include.
laptop is a Dell Latitude E6510 running Windows 7 Enterprise. Office 2007. McAfee 8.7i (which I have disabled).
I recently replaced a failing SCSI drive in a Windows 2000 server with an IDE drive. I made an image of the SCSI drive and Ghosted it. The purpose of the machine was to give out DHCP at one location and host a couple of files.
When I restarted the machine with the new drive, DHCP appears to be working fine, but I cannot get to any of the shares. Instead, I get the following message when attempting to navigate to the rebuilt server from any other computer using Windows Explorer.
Logon Failure: the target account name is incorrect
Also, when running NET VIEW \\servername I get System Error 5 has Occurred. Access Denied.
It appears that this machine is not communicating with the main domain controller. Changes to user accounts (performed on the domain controller) are not replicated on this machine.
EDIT - clarification
EDIT - System Logs shows Failed to Authenticate
I am running Ubuntu Server and using putty to check on it from time to time. There shouldn't be any traffic at all on this machine unless I initiate it. About once/twice per month when I run 'vnstat -l' to check the traffic, I notice that it's transmitting and receiving more than usual.
I want to know exactly what it's doing. I have been a Windows admin for years and know my way around Microsoft like the back of my hand. I can look at the services/processes running on any Windows machine and easily identify them. I can't do this with linux yet. I want to be just as comfortable with Ubuntu (as I am with Windows), which is why I have set up this machine.
I would like to be pointed in the right direction here. I know a handful of basic commands and have some Linux cheatsheets with some vague suggestions, which usually suffice, but I am still not satisfied that my machine is safe.
I am running ufw with one open port, 22, for putty. When I use the machine for other things I usually open up other ports, such as 80, but immediately close it when finished.
Today I am deploying 20 brand new Dell workstations. These will all be for public use at a local library and will be replacing 20 older workstations, which will be moved to another branch of the library, all today and by me alone.
Once deployed, I have a new image for all 40 machines. Immediately after imaging, I need to change the name of each machine to a name that will be determined shortly before deployment.
Is there a script that I could work into a batch file or wmi which can be run from the desktop and will prompt me to enter a new name and workgroup for the machine? Is this the easiest way to change the name and workgroup of 40 machines? I have to visit each desktop anyway to configure Windows SteadyState Disk Protection.
I'm not a stranger to WMI and batch files and I usually wouldn't ask for help writing one, but it's late and I am running out of time and haven't been able to come up with anything that will suffice.
Any other info would be appreciated also. I have been doing this for years, but could always use some help. Thanks in advance.
I have a Smoothwall machine with 'green + red' setup. The Smoothwall machine can see the outside world and I can connect to it from inside my network with its local address (I can also connect from the outside world with my static IP).
The problem is that machines on my network are not receiving DHCP. They appear to try to get an IP, but fail. Where would I start troubleshooting this? The machines will receive DHCP from my wireless router, so I know my switch is good. I have not tested the 'green' network card, but I assume its good.
Any advice would be helpful. I am totally new to Smoothwall.
EDIT - DHCP is enabled. Only one of my cards show up in the dropdown box on the DHCP config screen.
UNBELIEVABLE EMBARASSING EDIT - total newbie mistake...I had the network cables switched. It is now giving out DHCP, but cannot connect to the outside world. I think this is probably simply an issue with ip config.
This issue is difficult to illustrate if you aren’t familiar with how the Ricoh Aficio C2500 series printer operates and is setup in our office, so here is some necessary background.
All staff have an account on the Ricoh (which is not, in any way, connected to their domain account). So when they print to it from their desktop, the print job is stored and only printed when the user enters his/her credentials from the panel on the front of the Ricoh.
Example: Alice prints a document to the Ricoh. She walks to the printer, presses the document server button and selects her name from a list of other users who also have documents waiting to be printed. Once her name is selected, she enters her PIN, selects the document and presses print. The document is now printed. This is how its supposed to work.
Recently, since we upgraded to Office 2007, users printing documents created by others are unable to print these documents correctly. When the user sends the document to the Ricoh, instead of being stored under his/her username, it is stored under the name of the user who originally created the document. This occurs even if the user has edited and resaved the document to his/her desktop.
Example: From her desktop, Alice opens an Excel document stored on a network drive (or stored anywhere); she edits the document and saves the changes. Then she sends it to the Ricoh. When she walks over to the Ricoh to print it out, she discovers that it is not under her username. Instead, it has been stored under Bobs username. Bob originally created the Excel document for Alices department to use.
This occurs with all Office 2007 documents and all users. Any Office documents sent to the Ricoh appear under the name of the user who created the document instead of the user who printed the document.
This issue only occurs with Office 2007 documents. We had this issue sporadically with Publisher 2003, but at the time it wasn’t a priority.
I realize this may not be very clear, so please feel free to ask any questions.
What are some good methods to protect staff machines from the staff who use them? I am looking for something that is totally seamless, that the user would not notice...something that would not hinder performance of the machine and would allow the user read/write access to My Documents, his/her desktop, and a couple of folders in Program Files.
My current setup works well, but there is something about it I am not crazy about:
I have partitioned the drive on the staff machines and am storing all static folders on the D partition. The C partition is protected by Windows Steadystate (Disk Protection only, no restrictions yet) and gets restored at each restart.
As I said, this works, but is there an easier way? In the past we have lost some critical staff machines at the worst possible times to malware.
Does anyone else remove or disable 3rd-party software that controls wireless on laptops? I prefer to just have Windows manage it so that all of my portable machines are consistently configured. Also, I just dont want anything unnecessary running on my machines.
For a Ubuntu Samba file server running Apache and an ftp client what amount of network traffic would be normal when no users are connected?
I am strictly a Windows admin and have just installed Ubuntu Server for the first time. I am using it as a file server/ftp server (for the IT Dept only) and I am hosting a website (which is also available to the IT Dept only).
I have noticed what appears to be traffic when the machine should be not in use. I have installed and am running VNSTAT, which shows about 82kb rx and 84kb tx in about an hour. This may or not be accurate. It looks like there is more traffic on the switch for that port.
I am looking for advice on monitoring and understanding network traffic for Ububtu Server.
Understanding network traffic, while part of my daily job, is probably my weakest area. I try to learn something new everyday/week and it seems there is alot out there on this subject, but nothing specifically written for a newby to see satisfying results immediately.
I guess my questions are- 1) how much traffic is normal for the situation listed above and 2) whats a good starting point (that I can build on) for understanding traffic
Can just one machine on our network generate enough network traffic, whether it be from malware or P2P or whatever, to affect all network/internet users?
My company has many public machines available for anyone to browse the internet on. If just one of these machines became infected with a virus could it affect all internet traffic in the building? How about if a user were running P2P software?
..and what about our wireless? We have an open/unsecured wireless AP available to the public. Could someone using a wireless laptop generate/use-up enough traffic to cripple the entire network.
We are on a 5mb DSL Verizon businesss line located in a med-sized city. Lately, at certain times of the day, internet traffic is at a standstill. I cant even browse to small sites like Google.com and I cant check my mail without Outlook timing out numerous times for several hours.
Thanks.
I work strictly with Windows machines only (save for the one small aix unix box that was just replaced). In the past, in an attempt to self-educate in Linux, I have installed various versions of Ubuntu desktop/sever and Fedora only to realize that I dont have the time to teach myself.
The time has come for me to replace a home file/ftp/http server that previously ran Windows. I have all of the files on a separate NTFS drive and will be installing the OS on a smaller drive.
I have downloaded the latest version of Unubtu Server, but havent installed it yet. I want to use this home server as my Linux-starter-kit and start off right, but very simple. Once the install is complete I want to begin by setting up a SIMPLE file server for home use in order to become proficient enough to replace a small file server at work. This will eventually lead to less Microsoft at work.
I am looking for advice on starting out simple: home-file-server to work-file-server over a period of time. Ideally this machine will not have a monitor/keyboard/mouse and will be accessible remotely only.
Does anyone have experience with network cams used for security purposes?
I need to monitor a remote location (server room) from both the local network and the internet preferably. I also need the ability to record-on-event (such as motion detection), run a process on event (such as email me), and capture stills. Additionally I need an interface that will allow 2 or 3 users to view the feed simultaneously.
Are there other features that I havent thought of that would be desirable? THe camera will be placed outside the doors of a small server closet in a building located an hour away. Because I share this closet with staff in the building (who use it for storage), the doors do not lock. On-site staff are unable to police the area, which is located in a building that is open to the public. The closet contains a rack, some switches, router, DHCP server, and misc cables and spare hardware.
I apologize in advance for the long-winded post. I posted it all because I believe its informative and may be useful. Also, I posted my question at the end.
Moments ago I was RDC to a file server in my home (from inside my home). I had opened Firefox and Googled for a manufacturers website. Immediately after clicking the link, Firefox abruptly closed. This seemed odd to me to so I checked the running processes and discovered d.exe, e.exe, and f.exe running.
I Googled these processes on a different machine and found them belonging to a key-logger/screen-capturer/trojan called defender.exe, which according to the Prevx lives in c:\documents and settings\user\local settings\temp. (Prevx link http://www.prevx.com/filenames/147352809685142526-X1/DEFENDER32.EXE.html)
Simultaneously, an obviously-spoofed Windows Firewall popup appeared on the server asking me to click ‘yes’ to update Windows Firewall.
At this time I ended all rogue processes, emptied the temp folder, removed defender.exe from startup, and checked my registry and a few other locations. Before deleting Defender.exe I noted that it was created moments ago, just before Firefox crashed. I believe that I was ‘almost’ infected with this malware. I believe that it needed me to click the phony popup in order to complete infection because it wasn’t allowed to execute processes from the temp folder. After cleaning the machine, I restarted it and have been monitoring it for over an hour. I am debating on whether or not to restore the Windows partition (a separate physical drive from the data) or to just watch it for awhle.
I should mention that, because of the specs on this machine, I do not run antivirus software, but I know it well and inspect it regularly. It is a very old Compaq with a 400mhz processer and 512mb of ram. I have a static IP and the server is in the DMZ running an FTP client and some HTTP server software. All files transferred to and stored on this machine are scanned for malware before transferring. Usually the machine only runs 19 processes and performs pretty well for its intended purpose.
I posted the story so that you could be aware of a possible new piece of malware and how it acts, but I also have a question or two. First, over the last few months I have noticed that PREVX is listed at the top of most of my Google searches when researching malware, especially for new or obscure malware…and they always want you to purchase something. I don’t think they are one of the top AV companies, so it seems odd that they are always the top Google result. Does anyone have any experience with any of their products?
Also, what sites do you rely on for malware researching? Recently, I have found it difficult to find good info because of HijackThis-logs and other deadend info cluttering up my searches.
And lastly, besides antivirus, third-party firewall, etc, what settings would you use to lock down a machine to make it more secure in instances where a stubborn admin like myself refuses to run AV?
Thanks.
My company has several Gateway E2300's, the slim desktops. One of the machines in particular may be having a thermal issue. THe symptoms are: at seemingly random times throughout the day the fan speed will increase for anywhere from 5-15 minutes making it impossible to work because of the "Darth Vader-like" noise (thats how the end user described it).
I have completely dusted the inside of the machine, the heat fins, and the fan. I have also reseated the processor after cleaning it and reapplying more thermal paste.
This specific machine isnt running any unique software that would make it get hot and it isnt sitting in direct sunlight.
Any info would be appreciated. Thanks.
This really isnt my area of expertise...and it may be obvious, but here it is: We have what I guess you could call a virtual network. We have 4 locations in 4 cities connected by broadband internet (Comcast and Verizon) all 5mb business lines. One location houses a file server and a database server for all other locations. This system has been in place since before my time. We have budgeted for a fiber connection in the next couple of years.
The problem is that opening even the smallest files (mostly Office docs) takes forever. Even files that are just kilobytes in size seem to take a very long time to open or even transfer over. Saving changes to a med-sized Excel (or any Office doc)over the network temp freezes up your machine.
What can I use to troubleshoot this problem? ALso, this issue is worse at certain times of the day and particular bad at a certain location. I should also mention that machines located inside the LAN where the servers are stored have no issues at all.
Am I expecting too much by wanting near-lan-like speeds from this setup?
We have almost 100 Outlook 2003 and 2007 users and we do not yet run our own exchange server. All of us have SPAM problems, but a lot of users have very serious SPAM problems, sometimes receiving over 1000 or more SPAM messages per day.
Our provider does label suspected SPAM with a number rating and I have created custom filters to direct these to the Junk folder, but this isnt enough.
Is there an Outlook feature or an opensource plugin that will take care of SPAM for me?
Ideally I would love an opensource solution that would "pre-check" mail and delete SPAM before the user even sees it.
Thanks.
EDIT - I guess I should have been more clear from the beginning....apologies....Ideally I would love an opensource solution that would "pre-check" mail and delete SPAM before the user even sees it.
Anyone have any experience with Windows Defender? Is it a replacement for antivirus software or something else to run alongside?
We are looking for something that isnt as bloated as McAfee 8.5i.
I used to use an application that could ping or maybe run a port scan on a machine even if the machine was configured to not allow it.
I am currently trying to ping a remote machine on our WAN, but I have configured the machine to not allow ping. Is there something similar to ping that I can use?
Again, this a machine located in another city that is part of our wan.