nguyennp

Forum Replies Created

Viewing 30 posts - 1 through 30 (of 62 total)
  • Author
    Posts
  • Avatar
    nguyennp
    Member
    in reply to: Share your experiences about Private Cloud storage #249603

    Re: Share your experiences about Private Cloud storage

    RomanZ;287069 wrote:
    Hi,

    Some responses to your questions:

    2. None of devices support out-of-the-box Sync protocol. Though, there is a packages for major NAS vendors.
    3. If laptop is lost – the data in sync folders will remain. Even if you remove folder from NAS, data on laptop won’t be removed – so it’s better to take care of drive encryption.
    4. There are plenty of solutions to keep drive encrypted without connecting your PC to domain. I personally used Truecrypt (7.1a and older), it runs fine.

    Thanks for your response. For encryption, I’ll check the other encrypt solution as Truecrypt said they are not secure any more when I go to Truecrypt homepage.

    Avatar
    nguyennp
    Member
    in reply to: RAID1 & RAID10 for 8 disks – what’re differences ? #249602

    Re: RAID1 & RAID10 for 8 disks – what’re differences ?

    Ossian;278505 wrote:
    The RAID controller will determine that – you will have (for 8 drives)
    1A, 1B, 1C, 1D mirrored to 2A, 2B, 2C, 2D

    So the “A” drives mirror each other, as do “B” etc.

    Thanks, I understand.

    Thanks for your link, biggles77. Actually I had checked the link http://en.wikipedia.org/wiki/RAID but they give example for only 2 disks. I also searched “RAID 1 for more than 2 disks” to see if there’s a visualize image but couldn’t find.

    Avatar
    nguyennp
    Member
    in reply to: RAID1 & RAID10 for 8 disks – what’re differences ? #249601

    Re: RAID1 & RAID10 for 8 disks – what’re differences ?

    Ossian;277742 wrote:
    In RAID 1 they are written to a drive, and mirrored to its copy.

    Thanks for your explanation. As above, can I understand that there’re also 4 disks with 4 mirrored disks here and when a file written in 1 disk (full file written in 1 disk), it will be mirrored to one of 4 mirrored disks ? In this case, how can I know which disk is the mirror disk of a certain disk ?

    Avatar
    nguyennp
    Member

    Re: Which option to organize the RAID to get highest performance in I/O ?

    wullieb1;260238 wrote:
    You can’t set the block size on VMFS5 volumes from memory.

    Please see this

    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1003565

    Specifically

    Hi, I mean the Stripe size when I configure the RAID before install ESXi 5 using IBM RAID Configure Wizard (built-in, not DVD Server Guide).

    Avatar
    nguyennp
    Member

    Re: Which option to organize the RAID to get highest performance in I/O ?

    wullieb1;260169 wrote:
    Not massive amounts of I/O for ESXi but it is best to keep the OS and storage seperate.

    I see. Thanks. Also, for performance issue, can you share which is the best stripe size I should format for RAID10 ?
    This storage will store MS SQL 2008 R2 + ERP Application so should be heavy I/O.
    Should I let the Stripe size is 1MB which is default for VMFS 5 ? I have confuse between the Stripe size in Host & Strip size in Guest so don’t know what I should choose.

    Avatar
    nguyennp
    Member

    Re: Which option to organize the RAID to get highest performance in I/O ?

    wullieb1;260163 wrote:
    RAID 10 will giove you the best performance so option 1 for your storage and if possible install ESXi onto a USB key or SD Card.

    Thanks so much. For install ESXi onto a USB key or SD Card, you mean there’s many I/O in ESXi while VMs running and have to separate ?

    Avatar
    nguyennp
    Member
    in reply to: Granting SQL read only access #249597

    Re: Granting SQL read only access

    Lior_S;251377 wrote:
    Good.
    By default sql does not grant access to any user, so in sql server management you will have to make some changes.
    But first Create a group in AD, like “MyDatabaseAccessUsers”
    Then in visual studio or enterprise manager you add that group read only access to that specific DB.
    See here for 2000
    or management studio for 2005/2008

    Sorry, I also care about this. But when I tick the database to assign the role to user –> there’s always public role and with public role, the user can insert/update/delete data.

    My situation :

    We would like to allow the developer to create/alter stored proc, create table, select data but don’t allow them to update/insert/delete data.

    Thanks for any idea.

    Avatar
    nguyennp
    Member
    in reply to: Can not access google vn website – it’s weird #249596

    Re: Can not access google vn website – it’s weird

    Sorry, that’s only my habit, save the screenshot to word file to have any comment instead of .jpg file.

    I also attached the .jpg here.

    Avatar
    nguyennp
    Member

    Re: Allow administrator log onto TS only from some computers

    nguyennp;72256 wrote:
    Hi,

    Can we allow only some computers make the remote desktop connection to Terminal Server via administrator account ? (based on MAC address or computer name, ….). That means with administrator account, we can only log onto Terminal Server from our admin computers.

    Thanks.

    Hi all,

    Sorry but correct me if I’m wrong. I accidentally remember that Internal Firewall or even VLAN can’t solve the issue. I don’t want to denied admin users make the remote connection, what I want is : they (admins) only can log on using admin account from their computer. With Internal Firewall, VLAN, GPO, I can allow some computers connect to TS but can’t control if they’re using admin account to log on or not.

    Avatar
    nguyennp
    Member
    in reply to: Allow administrator log onto TS only from some computers #249594

    Re: Allow administrator log onto TS only from some computers

    @entadm & ahinson: If use VLAN, I have to change a lot. I think that’s the last choice for me.

    @sorinso: yeah, Internal firewall is a good idea. Yet, there’re no budget for that. So I want to find a simple solution or workaround. I’m thinking of your idea about GPO. Can you show me the TS policies which solve the issue ? I don’t see any TS policy in GPO similiar to my requirement.

    Thanks so much for all replies.

    Avatar
    nguyennp
    Member

    Re: Unload roaming profile on Terminal Server + show Quick Launch

    sorinso;70762 wrote:
    Well, there’s a big difference between Roaming Profiles and Folder Redirection. There are two different things:
    In Folder Redirection, a user that logs in will get his/hers specific folders from another location. But only those folders. This setting is available throguh Group Policy.
    When using Roaming Profile, the whole profile is taken from a shared source, inlcuding the ntuser.dat and all (not only specific folders). This setting is available in Active Directory Users and Computers.
    From what you’re describing, you are using Folder Redirection and not Roaming Profiles (you are talking about two different profiles, one on the laptop and one on the TS server). At this point, I would ask myself what exactly I am trying to achieve and start designing the user’s environment from there. From the info you gave so far, I cannot tell you if your setup so far is the best one. This is the reason I asked “why”.
    Regarding the PST files, I can tell you our setup: every user maps a home drive on the server (let’s say X:). We configure Outlook to use the PST file X:FilesOutlook.pst . This way, the PST file is on the server (and so, we back it up).
    Disadvantages:
    – whenever the computer looses the X: drive, the PST file may become corrupt. We rarely had such problems, although it happened a lot that the mapped drive was lost.
    – if you don’t have the option of backing up open files, the users have to close their Outlook when they leave home. Otherwise, the PST file will not be backed up.

    Hope this helped a bit. Keep the forum posted.

    Recommended reading:
    Configuring user states: http://technet2.microsoft.com/WindowsServer/en/Library/b41402c2-c982-4bfb-891e-91b47f211e181033.mspx?mfr=true . In the same TechNet branch, follow the sub-branches dealing with Implementing roaming profiles and Implementing Folder Redirection.
    Another good article: http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html

    Yes, I know the different between Roaming Profiles & Folder Redirection. I read a lot from Microsoft and other sites, they recommend that we should combine Roaming Profiles + Folder Redirection and offline files also.

    What I want that :

    1. User profiles + Application settings + Users’ documents + Mail will be saved on File Server so that we can easy to backup.
    2. Restrict users’ desktop & settings. That means user can only have some shorcut on their desktops and run it.

    What I did :

    1. Configuring roaming profiles & HomeDirs for all users. Configuring Folder redirection for Application Data and My Documents redirect to Users home folders.
    2. Creatng some folders on File Server : pr_user_desktop, hr_user_desktop, … and put necessary shorcuts in these folders. Configuring Folder Redirection for Desktop to these folders. For example : PR users will have the desktop which comes from pr_user_desktop.
    3. Creating some other policies : Disable some Desktops, Startup & Menu settings, Software Restriction Policy, Disable Windows Tour, Disable IE, Show Quich Launch, … Apply to OUs containing users.

    The problems I’m facing :

    1. Some users belong to PR department, they also need to remote to Terminal Server. When they made the connection to Ts and they were also applied the policies what I set up. But you see, there’re some different between Windows XP and Windows Server 2003, the Disable Windows Tour (which contains a logon script modifying the Registry) didn’t work with Windows Server 2003 and show error. Additionally, their desktop was also be redirected. This is the issue I though I found a workaround in the last post – TS Profiles, but it’s not (coz in the last post, I only tested with Mobile users who don’t have Desktop Redirection).
    So how can I don’t allow the policies apply when the users log onto Terminal Server ? Is Replace Mode in Group Policy loop back an answer for my question ? This policy make me confused so much.

    2.With *.PST file, I also think that I should put it in the File Server but the problem is that *.PST file couldn’t marked as an offline file. That’s the problem with laptop users.

    So thanks so much if anyone can share the experience about the problems I’m facing.

    Avatar
    nguyennp
    Member

    Re: Unload roaming profile on Terminal Server + show Quick Launch

    sorinso;70594 wrote:
    Are your users using roaming profiles? If so, why?
    The TS profile’s solution means you are creating another profile for every user. What will you do with My Documents? With PST files (if you have any)? And all other user-related settings? Will you have one for their laptop and another for their TS session?

    Hi,

    Yes, they’re using roaming profiles. What do you mean “Why” ?
    With My Documents & Application Data, I use Folder Redirection. So when they log on to Terminal Server, they’re also have Mapped drive, My Documents & App Data redirected via Group Policy. Yet, at that time, they’re not using their roaming profiles, but their TS profiles (Yes, they wil have 1 profile for their laptop and 1 for their TS session).

    PST files –> will be put on their local disk so they can’t access from TS session. Coz they’re using laptops and PST file is not supported offline file, I couldn’t put it on File Server. I really really want to put PST files on Server so that we can backup mail for user but I have no idea to do that.

    I’m not experience on this. That’s a best way I know after a long week searching and doing LAB.:???

    Any advice will be appreciated.

    Thanks.

    Avatar
    nguyennp
    Member

    Re: Unload roaming profile on Terminal Server + show Quick Launch

    sorinso;70572 wrote:
    For the first issue, you may want to try User Profile Hive Cleanup Service . Although is not quite clear what do you mean by “have their desktops with a lot of error shorcut”. What errors are those? Maybe there is another, better way to solve them?
    The second issue is also unclear. I am using GPO settings to disallow my TS users to make changes to the Taskbar, but they have the Quick Launch bar.
    So, what did you do? And what exactly is the problem? Isn’t Quick Launch showing at all? Or you just want to edit it too?

    It will be nice if you could give some more details.
    TIA.

    Thanks for your reply.

    1.That means the laptop users have their laptops which contains shorcuts from may softwares on their computers. For example : YM, Skype, … When they log on to Terminal Server, these shorcuts are invalid ( coz there’re no YM, Skype on TS).
    Yet, I was told a solution is Terminal Services Profile. Until now, I think it can solve my problem.

    2. Yes, by default, when user log on, they don’t have Quick Launch. We’re using Windows Server 2003 SP1 and Windows XP SP2. I also found a .exe file so that I can run at logon and show the Quick Launch to user. Anyway, thanks. It’s greate to be here.

    Avatar
    nguyennp
    Member
    in reply to: Script to schedule save event log #249590

    Re: Script to schedule save event log

    Rems;70371 wrote:
    A script like this one perhaps?
    http://www.go-itservices.com/Windows_Server_2003_Maintenance_Strategy.pdf
    **** Edited by Dumber. No need to quote so much info. ****
    Rems

    That’s so great. Thank you so much. I will try. I’m not good at script so don’t know how to make a script like that. Thank again.

    Avatar
    nguyennp
    Member
    in reply to: Allow users safely remove hardware #249589

    Re: Allow users safely remove hardware

    Dumber;70264 wrote:
    nguyennp,
    Have you already tried start monitoring with filemon and regmon?

    Yes, I did try but honestly, I’m not good at these things.

    With filemon running, when I unplug a USB disk, the screen showed that it is accessing to hotplug.dll file in C:WindowsSystem32

    With regmon running, when I unplug a USB disk, the screen showed that it is accessing to HKLM….DeviceAccess ( I don’t remember exactly).

    So you mean I should give the user the access right to the file & that registry path ?

    Avatar
    nguyennp
    Member
    in reply to: Allow users safely remove hardware #249588

    Re: Allow users safely remove hardware

    Thanks.

    I tried on my local computer, only Administrators group has that right (load/unload drivers). Yet, the user could safely remove hardware ( Ex: USB Pocket disk ) without problem. So I’m not sure if this right is correct for safely remove hardware or not.
    I’m still searching for the answer.:sad:

    Avatar
    nguyennp
    Member
    in reply to: Allow users safely remove hardware #249587

    Re: Allow users safely remove hardware

    Hi,

    Did you find out ? I also have a problem with this. I had tried google …. but no result. Anyone did it, please tell me.

    Thanks so much.

    Avatar
    nguyennp
    Member
    in reply to: Default Domain Security was applied incorrectly ????? #249586

    Re: Default Domain Security was applied incorrectly ?????

    sorinso;61153 wrote:
    I would do this:
    Login to a computer, with one of the users that display the PPS file.
    Run at command prompt gpresult > c:gpos.txt.
    Run at command prompt notepad c:gpos.txt .
    Open GPMC and check each GPO that is listed under User Configuration -> Applied GPOs in the TXT file displayed in Notepad. Check in Settings tab (click show all to see all the settings) which one has a PPS file.
    That should do. Hope this will solve the problem. Keep the forum posted.

    Hi,

    Thanks for your reply. I have just tried the way you showed me this moring. In .txt file, there’re only 2 GPOs applied to my user account : Default Domain Policy and Local Policy. Again, I check these 2 Policies and nothing related to .pps file. (
    As you saw in my previous post, I use Resultant Set of Policy check and surely this setting ( play .pps automatically) was applied from Default Domain Policy).

    Avatar
    nguyennp
    Member
    in reply to: Couldn’t access shared folder on External HDD #249585

    Re: Couldn’t access shared folder on External HDD

    It seems that the problem is not only caused by Antivirus software. It was solved in my situation although I had no Antivirus here. Thanks.

    Avatar
    nguyennp
    Member
    in reply to: How to build ISA Lab using Microsoft Virtual PC 2004 SP1 #249584

    Re: How to build ISA Lab using Microsoft Virtual PC 2004 SP1

    daviddavis;49160 wrote:
    Hi nguyennp,
    MS Virtual PC (or server) would be great for this.
    I know that in Virtual Server, it comes with an External and Interal network, already defined. The External network is connected to your local active network adaptor. The Internal network is a private network.
    In your scenario, you should be able to create just one more network, call it DMZ. Your host PC would already be connected to the virtual external network (that could be your Internet network). You could then create another virtual machine and put it on the Internal (private) network. If you had the resources, you could even create a virtual web server and put it on the DMZ network for testing.
    You shouldn’t have to worry about drivers, the Virtualization product will use its own virtual drivers.
    You could do something like this-
    External – (whatever IP address scope is on your current LAN, say 192.168.1.0/24)
    DMZ – 172.16.1.0/24
    Internal – 10.1.1.0/24

    Let me know if that helps or if you have more questions.

    If you need some training on setting up the networks and rules, I can personally recommend the TrainSignal ISA video :grin: at this weblink-
    http://www.trainsignal.com/index.asp?PageAction=VIEWPROD&ProdID=42
    Thanks
    David

    Thanks so much. I now can build this Lab. What I’m considering is find the scenario to test. ISA is so sophisticated. I read much material and I thought it doen’st like in real.
    Again, thanks for your help.

    Avatar
    nguyennp
    Member
    in reply to: Look for software to monitor Shutdown events #249583

    Re: Look for software to monitor Shutdown events

    biggles77 wrote:
    Event Viewer.

    I know it, but it took us a long time to collect and monitor the logs file. Is there any softs for this???

    Avatar
    nguyennp
    Member
    in reply to: Can you share your experience about SAN #249582

    Re: Can Windows 2003 & SQL 2005 Enterprise support 6TB data file

    nguyennp wrote:
    Hi,

    We’re planning to deploy SharePoint Portal Server. So we want to save a file about 6TB ( database file).

    That’s the hell file.

    Avatar
    nguyennp
    Member
    in reply to: Built Fax System Client/Server without using modems #249581

    Re: Built Fax System Client/Server without using modems

    danielp wrote:
    It sure is! What made you come up with the formula that FAX = Active Directory issues?

    :evil:

    Because I think that it was built based on Client/Server and integrated with AD.
    But you know, I was sorry :mrgreen:
    BTW, thanks a lot for all information.

    Avatar
    nguyennp
    Member

    Re: Please give me an explanation of Terminal Per Device Licensing.

    Hi,

    Thanks for the link.

    I used the script AddLicenseServers.vbs and the Terminal Server could see the Terminal License Server now.

    BTW, how can I get back the CALs which issued to the devices to let the 4 other devices make the Remote Connection without waiting for the expiration date of the old devices ?

    Avatar
    nguyennp
    Member
    in reply to: Slow File Server #249579

    Re: Slow File Server

    Hi,

    Thanks for your reply.

    With the server like that, I think it’s too expensive for us.

    Avatar
    nguyennp
    Member
    in reply to: Intrusion Detection without Firewall #249578

    Re: Intrusion Detection without Firewall

    Hi,

    For example, I suspect there’s a intrusion in my computer but I don’t have any firewall now. So I have to do the detection manually.

    Thanks,

    Avatar
    nguyennp
    Member
    in reply to: can ping but can’t access #249577

    Re: can ping but can’t access

    Hi. Thanks so much for all replies.

    Unfortunately, I don’t have more time to fix this error because it’s urgent. I had to reinstall Windows and it’s OK now.

    Thanks again.

    Avatar
    nguyennp
    Member
    in reply to: Uninstall LPT port without restarting the computer #249576

    Re: Uninstall LPT port without restarting the computer

    It’s EPSON EPL-6100L Advanced – a laser printer and it seems it couldn’t be uninstalled the drivers separately from the LPT port.

    Avatar
    nguyennp
    Member
    in reply to: Uninstall LPT port without restarting the computer #249575

    Re: Uninstall LPT port without restarting the computer

    Hi. Thanks.
    Have you uninstalled the printer drivers then before removing the LPT port??
    Unistalled the printer drivers is the same as removing the LPT port from Device Manager??
    Are there any conflicts in device manager??
    No, it said it is working.
    Are there any conflicts in the BIOS??
    How can I know if there’s a conflick in the BIOS ?
    Is the LPT port set to the correct mode in the BIOS??
    I just let it as default : Standard.

    Avatar
    nguyennp
    Member
    in reply to: can ping but can’t access #249574

    Re: can ping but can’t access

    Certainly I tried to use IP instead of computer name. But the same error. Is there any Policy causes this ?

Viewing 30 posts - 1 through 30 (of 62 total)