Robbo

Forum Replies Created

Viewing 25 posts - 1 through 25 (of 25 total)
  • Author
    Posts
  • Avatar
    Robbo
    Member
    in reply to: PDF files larger than actual size when printing #311050

    Re: PDF files larger than actual size when printing

    sorinso;103683 wrote:
    Be certain you are using a PS driver on those printers, instead of the PCL versions… Check and let us know.
    Another thing: how are those printers connected? Locally to their specific computers? Or to a print server? And if it’s a print server, what OS?

    Oops… We are running PCL 6 drivers for pretty much every printer we have..

    Do PS drivers handle PDFs differently then?

    Our printers are all managed by a print server and local IP ports. Windows 2003 standard, SP2.

    Avatar
    Robbo
    Member
    in reply to: Outlook 2007 ‘stalled’ #311049

    Re: Outlook 2007 ‘stalled’

    Lior_S;103548 wrote:
    or

    :confused:

    You seem pretty sure its outlook, however the symptom is the extended logon.
    Long logon times are usually associated with connections that time out. EG old mapped drive, incorrect DNS entry, duplicate static IP on the network, AV pointing to the wrong server, etc…

    If its just outlook, switch to non cached mode, delete the .ost, and put him back to cached mode (wait a while for it to re-sync)

    Hopefully that sent you in the right direction.

    Theres an old adage. Blame the last thing thats changed for a new issue

    Our DNS, Static Ips and the like have remained unchanged. Only since switching to 2007 has this problem since happened.

    Our antivirus is configured through login scripts to the server ip, not its name directly

    I have tried recreating his profile. It is cached mode and yes cached mode is required in our org :D

    Avatar
    Robbo
    Member

    Re: Audit and hardware question /Server 2003 Multi-master domain with AD and Group Po

    Hello

    We have had some success with a product called ARK (admin report kit) for windows server which can do all sorts of audits, including permissions audits. It exports straight from the program into flat text or csv

    We have a small site, but a pretty comprehensive permissions setup – it is a mighty report once its done! Printing on A3 is recommended

    See if this will help at all

    http://www.vyapin.com/products/enterprisenetworktools/ark.htm

    In terms of your bad sector question, there’s no method that I am aware of that will let you check a hard drive for bad sectors when the operating system is in use. Normally when a disk goes bad, you can check for ‘disk’ errors in the system log.

    No idea on solarwinds though sorry :google:

    Avatar
    Robbo
    Member
    in reply to: Vista SP1 anyone? #311044

    Re: Vista SP1 anyone?

    I’m waiting to hear a bit more about the benefits before I upgrade

    I had to upgrade the ram in my fiance’s laptop for vista to be what I would concider ‘usable’

    Dual 1.83ghz processor, 2 gbs of ram running Vista home premium

    I havent installed my copy on my gaming machine, for fear of having to reinstall all my games again / capability issues

    Avatar
    Robbo
    Member
    in reply to: Restricting Users & Computers for Certain Administrators #311043

    Re: Restricting Users & Computers for Certain Administrators

    You could create a custom group and add them to that, and using group policy you could make that custom group part of say, the ‘power users’ on the client Pcs

    Does this sound like a viable option?

    Avatar
    Robbo
    Member
    in reply to: web site blocking for workgroup #311042

    Re: web site blocking for workgroup

    Linux would be a cheap an easy alternative, but they can be tricky to administer sometimes, especially if you are not familiar with it

    If your workplace decides in doing something serious about their IT infastructure, then I would recommend windows 2003 / 2007 server with ISA installed

    We have ISA 2004 installed at our site here and it is incredibly granular in terms of what people can and can’t access. It integrates with active directory so you can grant or deny access based on the user group or OU.

    Web blocking is a pinch, just add a list of sites that users arent allowed to access, even content types or protocols. For example, we block flash games using a content filter.

    ISA has pretty comprehensive reporting options too so you can see who has done what where and when.

    Avatar
    Robbo
    Member
    in reply to: 2 NIC setup, wireless router question #311041

    Re: 2 NIC setup, wireless router question

    It would pay to have dhcp disabled on the router and have only one server on the network as a dhcp server.

    If you are running two different networks, ie say you have wireless clients set up on 10.1.1.x and wired clients on 10.1.2.x then you can configure dhcp to service both ranges

    Avatar
    Robbo
    Member
    in reply to: Block Web sites using GPO #311040

    Re: Block Web sites using GPO

    teiger;88498 wrote:
    You could possibly put the restricted sites in a HOSTS file which redirects them to a site in your internal domain. There they would get a custom web page explaining they were not allowed to visit such a site.
    However, you still need a mechanism to deliver the HOSTS file and a part-savvy user could bypass it!

    Expanding on this, you could deliver the HOSTS file via a startup script, just have the ‘main’ list hosted on a server share; and then have it copy over in the startup script. That way at least you only have one list that you have to update

    In terms of access, block users from accessing the windowssystem32 folder and that will solve the the bypass issues

    Other than that there is no real way to ‘block’ sites via GPO. You can add such sites to the ‘restricted sites’ tab in IE via GPO, but this does not ‘block’ access outright, it only disables *harmful content*

    Invest in ISA server. You can integrate access rules with active directory. You can specify global whitelists/blacklists or block certain content type (ie flash games and movies). You can also easily monitor and report on traffic use also

    Avatar
    Robbo
    Member
    in reply to: Shutdown and install updates script #311039

    Re: Shutdown and install updates script

    Thanks Rems. I figured I would have to do something like that

    We are soon to deploy a WSUS server and I thought I’d ask the question before I got too far ahead of myself

    I had a look at another useful link http://www.microsoft.com/technet/community/columns/sectip/st0506.mspx
    which basically goes through the active directory options for WSUS and you can set the default behavior for installed updates there.

    Coupled with this script, I’m sure I’ll be able to schedule a ‘install updates and shutdown’ option as part of our preventative maintenance program here

    Thanks again :smile:

    Avatar
    Robbo
    Member
    in reply to: Local only #311038

    Re: Local only

    So from your post you have two wireless cards?

    I would configure just one to work with your AP (access point) and disable the other completely. I would also check that the device is using windows zero configuration to connect to the wireless points as I have heard of countless instances of the built-in AP tools that some wireless providers using causing issues connecting.

    Check that your wireless card isn’t going to sleep by setting the power options on the device to never turn off (this can be done in device manager)

    Other than that, check your channels aren’t being interfered with, check your security settings and the like to.

    Linksys routers are usually pretty stable. Ive had a few instances of my dlink at home going a bit crazy until I flashed the firmware

    Avatar
    Robbo
    Member
    in reply to: Printers go "Unable to Connect" #311037

    Re: Printers go "Unable to Connect"

    It could be an IP issue. Check to make sure that the server has valid entries in DNS and check the Laptops IP configuration (whether its static or automatic)

    It sounds strange that it is just the one computer having issues where others are not; and a royal pain that its your BOSS’s machine that is having the issue (I think thats part of Murphys law isn’t it?)

    Check that the spooler service on the Laptop isn’t randomly dying and causing this issue.

    Windows firewall by default allows file and printer sharing, but check your AD’s settings and remedy them if you have to (we’ve disabled windows firewall here because its caused too many issues with SQL)

    Being just the one machine that is having the issue, check to see whats different between that and other pcs in the organisation. Is it part of a different OU? Is it part of a different security group? Does the same problem occur if you log onto the laptop with a different account?

    As always, it could be bugs / spyware / whatever. Give it a good scan to be sure.

    Check the power settings. It seems strange that it dies after 20 minutes or so. Leave it on the ‘always on’ profile and see if that helps

    See how you go

    Avatar
    Robbo
    Member
    in reply to: PC startup failure #311036

    Re: PC startup failure

    BSODs are always good fun

    Typically 90% of BSODs are hardware related. 9% software 1% random

    I would say about 70-80% of hardware related BSODs are either related to the hard drive or RAM

    Its a good idea to first see if its your RAM or hard drive that is causing the problem. When I was a full time techie in a repair shop, we used a Hirens boot disk (http://www.hiren.info/pages/bootcd) to test hardware. Basically if you can get your hands on a hirens bootdisk there are two specific tests / software you want to run

    Seeing as you have tried a second hard drive, it *may* not be the problem

    1) seatools desktop edition. Most recommended hard drive testing tool. Simple, easy to use and under stand. Tick the tests you want it to run, it tests and reports any errors (does full system and file system scans)

    2) memtest. Very simple, old as DOS itself RAM testing tool. Test one stick at a time (if you are running more than one) and if it passes 5 or so full tests the ram is fine.

    Other than that, follow the advice to disable power saving options, and check your drivers. Boot into safe mode and see if you get any BSODs there. Your specific problem may be driver related. Check to see what drivers / software is installed for power savings (i.e. AMDs ‘cool n quiet’ utility)

    If you have a spare hard drive, try a clean installation of windows and only install the base drivers for the system. If you get a BSOD, then its definitely hardware

    If you are having a look in your system, check that your mother board capacitors are not bulging or popped. I have seen plenty of systems with busted capacitors running, but causing random BSODs. If this is the case, you will most likely need to get a new motherboard

    Hope that is helpful :)

    Avatar
    Robbo
    Member

    Re: Internet Monitoring Software – Opinions – Recommendations?

    bill_sffcu;87035 wrote:
    Hmm, I guess I didn’t include that because we don’t need a firewall type product because we’re getting a new ASA.

    But…ISA does have a lot of features that otherwise would be nice to have.

    Here is one thing I’ve seen in other products that maybe ISA does not have. A database of websites that have been pre-categorized. So we could easily block a huge swathe of adult, gambling, and even shopping sites easily.

    I wonder what type of reporting ISA has?

    Thanks for the suggestion Biggles! I’ll definitely throw ISA into the mix. :grin:

    ISA is a little more work – intensive to set up for category filtering etc

    We run isa 2004 here and we have written a keyword filter and ‘block’ list. We have also blocked attachments and flash downloading. Reporting is very useful. You can specify a unique user and see what sites they have visited, total traffic etc. ISA does not have category reporting, but does have traffic per time of day, denied user requests and the like

    GFI (http://www.gfi.com) have products that integrate with ISA that allow more indepth catergory blocking. There is also a product from BurseTek (burseteck log analyzer) that allows more in depth reporting – it will analyze ISA logs and give website category reports so you can see what people are viewing etc.

    Basically, visit http://www.isaserver.org and have a look in the products section to see if there is anything that you like

    Your website monitoring software is only as useful as you company policies for internet traffic. If they are strict and people actually get fired for internet abuse, then you will find that there are less users willing to do the wrong thing.

    Hope that goes well for you. Firewall software is very interesting and fun to configure.

    Avatar
    Robbo
    Member
    in reply to: Password reset (BIOS or so) #311034

    Re: Password reset (BIOS or so)

    Being a HP notebook, their POSTs will give you an option to boot from CD (i think its f10 or f11 from memory)

    HP notebooks are *typically* set to boot from CD first in the bios anyway.

    Being a notebook, its a little hard to reset the bios via the motherboard, as you would have to take the thing completely apart – which I DON’T suggest lightly, I would go to your nearest HP service center and get those boys (or girls) to do it

    I worked at a HP repair center and it takes about an hour and a half to fully disassemble and reassemble a HP notebook, depending on the model. Most are identical, but the smaller Compac / HPs are nasty little beggars due to the complexity of the screw arrangement.

    Avatar
    Robbo
    Member
    in reply to: I want to reinstall XP onto a messed up syste. #311033

    Re: I want to reinstall XP onto a messed up syste.

    Altanana;86629 wrote:
    I just did a repair after a jerk put xp pro over my xp home. It really messed up my puter. Now I have an icon that says this version of win xp is no longer secure. What does that mean?

    I still want to uninstall pro and reformat my hd that was partitioned and get rid of the dual boot…how can I do this?

    Is there anywhere online I can get someone to do this for me by remote access? I am willing to pay a small fee.

    Thanks, Alta

    As biggles suggested, sometimes its easier to backup / format / reinstall

    Not knowing the full extent of whats happened, I would assume from your post that they have either upgraded xp home to xp pro, or they have installed xp pro on a different partition with windows home as the ‘base’ operating system

    If the first thing is what has happened, I don’t know of any real way to revert back to xp home. I don’t think a repair install will undo the changes that xp pro would do. I would suggest backup / format / reinstall

    If the second is what has happened, thats a little easier to deal with. Basically in essence you would modify the boot.ini file to omit the installation option (xp pro), boot into windows home, navigate to the partition where xp pro is installed and delete it, then do whatever you want with the partition that it was in

    In terms of remote access, it is possible to do option #2. But probably not #1. I don’t know of any program that lets you remote into a system that you have just formatted :shock:

    If your windows is saying that it’s ‘not secure’ it could mean a few things

    1) the version you have is pirated (yaaarrrrr)
    2) automatic updates is off
    3) a firewall is not installed / configured
    4) antivirus is not installed / configured

    most of these options (other than 1) can be addressed from the ‘security center’ in control panel (if its windows xp sp2) other than that, you can enable windows firewall, install your proffered antivirus program and tun on automatic updates.

    Hope that some of that is useful

    Avatar
    Robbo
    Member
    in reply to: Is the Hard-Drive the bottle neck of a PC: #311032

    Re: Is the Hard-Drive the bottle neck of a PC:

    Either a raptor or SSD (solid state disk drive) would do the trick

    You see some more performance maniacs running raid setups with raptors, but that gets expensive.

    Raptors are faster drives, SSD’s are faster still, the only difference is price and that they usually are smaller (35gb, 75gb are common size raptor drives – but thats plenty for an OS)

    I’ve used two identically spec’d systems, one with a raptor and one with a normal SATA drive. There is a notable difference between the two, although I would say it is fairly comparable.

    The main factor in a Pc’s speed is processor / ram. A good amount of ram and a fairly decent processor will give considerable performance increases over a different hard drive

    Avatar
    Robbo
    Member
    in reply to: WSUS Errors #311031

    Re: WSUS Errors

    Definitely sounds like a configuration error. Make sure your clients are set to request updates from the WSUS server, either from group policy (http://www.microsoft.com/downloads/details.aspx?FamilyID=92759d4b-7112-4b6c-ad4a-bbf3802a5c9b&DisplayLang=en) or from a startup script.

    Also, check what groups the computers are in on the WSUS server and make sure they are configured to periodically check for updates

    No doubt you have probably read this, but the following is a link for a basic WSUS setup

    http://technet2.microsoft.com/WindowsServer/en/library/51c8a814-6665-4d50-a0d8-2ae27e69ca7c1033.mspx?mfr=true

    hope that helps

    Avatar
    Robbo
    Member
    in reply to: Outllok XP "Free/busy" data error message #311030

    Re: Outllok XP "Free/busy" data error message

    Thanks, I know my original post was a little obfuscated, but it was a permissions error afterall

    I added the mailbox to my own login; and was able to add / remove schedules without receiving the error. Then I got thinking, whats the permission difference? Well, they’re a publishing editior and I’m an administrattor. Administrators have “owners” permission by default

    Since it would be a little silly to give these users administrator access, I changed their access to Owner on the calendar and the problem went away!

    Seeing as it’s a common shared calendar, there would be no issues having more than one user as owner in this case

    Kudos given to Sembee for pointing me in the right direction :bowdown:

    Avatar
    Robbo
    Member
    in reply to: remote scheduled tasks #311029

    Re: remote scheduled tasks

    Sorry, I left my check in there for a local, not remote computer task

    ‘Create Calculator Job
    strComputer = “servername”

    Set objWMIService = GetObject(“winmgmts:” _
    & “{impersonationLevel=impersonate}!\” _
    & strComputer & “rootcimv2”)
    JobID = “Calc”
    name = “Calc”
    Set objNewJob = objWMIService.Get(“Win32_ScheduledJob”)
    errJobCreate = objNewJob.Create _
    (“c:calc.exe”, “********080000.000000+540”, True , 1, , True, name)

    This should work

    Following the second half of your request, by default scheduled tasks are shared on a server. The windows directory is also shared by a hidden share of $admin. By default, “Authenticated users” have read and execute permissions to this share. To let users ‘see’ this folder, you have to assign them a permission of ‘modify’

    Avatar
    Robbo
    Member
    in reply to: My biggest frustration so far… #311028

    Re: My biggest frustration so far…

    Crazy users… Always fun

    People that pass the blame from other peoples mistakes onto you. For example, I had a client who had some viruses on his PC. I went out, cleaned them all off and rescanned again and it was all good and he was happy. One week later, he had viruses again (downloading some dodgy software before you ask) then he had a ‘friend’ come around to remove them. This ‘friend’ formatted his machine completely and only installed the operating system, no drivers, no programs or nothing

    I get an angry call “You removed some viruses from my machine last week and now my programs are missing”

    He was completely oblivious to the fact that a week ago all of his programs were in fact on his machine and working; and that his ‘friend’ was indeed the culprit; and that somehow magically I had removed his programs a week later

    Lucky I take full Images of machines after I’m done. I still got blamed for it though

    My biggest peeve is the assumption that PC knowledge somehow translates into general electrical knowledge. I have been asked “do you know whats wrong with the kettle? Its not boiling as hot as it normally does?” I say “I dont know, it could be the element or something” They say “What do you mean you dont know, its got electronics in it??”

    Uhh, yeah… IT AND kettle expert…. Hrmmmm

    I’ve lost count of how many VCRs and DVD players I’ve installed and tuned in.

    Avatar
    Robbo
    Member
    in reply to: Windows 2003 and GPO #311027

    Re: Windows 2003 and GPO

    The second half of your request is a little open ended

    If you are running Active directory in an organization, you can manage internet access by using a perimeter firewall program like ISA server and configuring a ‘blacklist’ of URLs or keywords that you want to deny access to.

    There are many third party programs that can take the hassle out of manually handling blacklists such as products from GFI (http://www.gfi.com/webmon/)
    but I have found that a fairly comprehensive keyword blocker and blacklist will keep most users at bay. In our organization, there is a strict policy against non-work related sites and our logs are reviewed weekly. It depends on your company policy as to how effective products like this will be

    On the other hand, if you are looking for a simple home solution, then there are many programs like net nanny out there that will protect young ones from accidentally clicking on something that they really shouldnt

    I hope this helps

    Avatar
    Robbo
    Member
    in reply to: Windows 2003 and GPO #311026

    Re: Windows 2003 and GPO

    Hello

    The first half of your problem is easily solved

    To create a GPO that will not allow users to access control panel, etc first open Active directory users and computers, then right click on the OU you wish to manage, select properties and then group policy, then “Open group policy management”

    Create a new GPO and link it to the folder where the users (or computers) are stored in

    The settings for control panel are under “User configuration” -> “Adminstrative templates” -> control panel

    From there you can flat out disallow access to the control panel, or if you wish certain control panel applets (for example, we have disallowed all applets except “mail”)

    If all of your users in your AD are set up as standard, non power users, they shoul d not be able to install software.

    Avatar
    Robbo
    Member
    in reply to: remote scheduled tasks #311025

    Re: remote scheduled tasks

    Note that jobs created via this script run as SYSTEM and not a specified user

    Avatar
    Robbo
    Member
    in reply to: remote scheduled tasks #311024

    Re: remote scheduled tasks

    You could opt out of using the schtasks command and script the scheduled task

    Note that scripting scheduled tasks requires the tasks executable/script to be present in the location specified

    The following is a vb script. Copy and paste the text into a text file with an extention of .vbs

    <


    code start (dont copy this line)


    >

    ‘Check if job already exists
    If objFSO.FileExists(“c:windowstaskstest.job”) Then wscript.quit(1)

    ‘Create Calculator Job
    strComputer = “.” ‘Put server name here (leaving it as “.” runs against local machine)
    Set objWMIService = GetObject(“winmgmts:” _
    & “{impersonationLevel=impersonate}!\” _
    & strComputer & “rootcimv2”)
    JobID = “Calc”
    name = “Calc”
    Set objNewJob = objWMIService.Get(“Win32_ScheduledJob”)
    errJobCreate = objNewJob.Create _
    (“c:calc.exe”, “********080000.000000+540”, True , 1, , True, name)

    <


    code end (dont copy this line)


    >
    Explanation:
    The one line that you need to really worry about is the last one, which I’ll break down for you as best I can

    The c:calc.exe is the path to the scheduled executable
    The ********080000.000000+540 is the time that the task will run, in UTC time. This is of the form YYYYMMDDHHMMSS.MMMMMM(+-)OOO, where YYYYMMDD must be replaced by ********. Example: ********083000.000000+540, which implies 8:30 A.M. Western australian daylight savings time (+8GMT)

    The +540 is calculated by getting the hours ahead of GMT and multiplying it by 60. If daylight savings is in effect, add 60 to this

    So I am in Perth, which is +8GMT. Therefore 8*60 = 480. With DST in effect, it makes it 540

    I go on holidays to Hawaii which is -10GMT. Therefore -10*60 = -600. If DST was in effect, it would make it -540

    The rest of the syntax can be pretty well ignored; except for the 1 This corresponds to the day of the week that the task will run

    1 – Monday

    2 – Tuesday

    4 – Wednesday

    8 – Thursday

    16 – Friday

    32 – Saturday

    64 – Sunday

    To run the task on multiple days, use a logical OR to combine values. For example, to run a task on Tuesday, Thursday, and Saturday, use the following code:

    (“c:calc.exe”, “********080000.000000+540”, True , 2 OR 8 OR 32, , True, name)

    The “True” Values mean that this task will run repeatedly
    If you set this to “False” It will run once and end on the specified day

    let me know if this helps

    Avatar
    Robbo
    Member
    in reply to: Hello, Hi, Welcome, Introduction – archive #7 #311023

    Re: Hello, Hi, Welcome, Introduction – Newcomers – post HERE

    Hello All

    Very New to this site, but looking forward to helping out (where I can) and bouncing ideas and questions of fellow Techies :-D

    I have had quite a lot of experience in Windows server management and have started learning ADSI scripting to help automate active directory tasks. Feel free to ask me any questions you may have relating to this and I’ll try my best to help

    Kind Regards

    Rob

Viewing 25 posts - 1 through 25 (of 25 total)