Jump to content


  • Posts

  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country

    United States

Everything posted by ravashaak

  1. Before I did anything else, I would make sure that my install CD is not infected with any trojans, malware, etc. I would next install the OS and patch it completely without putting the system on the network. Rename the built-in administrator account and give it a strong complex password that you have never used previously anywhere! Set a policy to use only complex passwords and a decent minimum character length (at least 8 characters IMHO). Set a policy to lock accounts for 5 minutes after 3 unsuccessful logon attempts. Disable the guest account and any other unnecessary accounts. Change the RDP port and only allow admins to logon via RDP. Be careful about any other third-party apps you install. Make 100% certain they are not infected. I would also consider a properly-configured hardware firewall. - Ravashaak
  2. You should probably confirm that both DNS servers can resolve your domain. It's possible that your DNS replication is not functioning properly. You could go into the DNS zone on each server and confirm the proper record for your domain. Another way to confirm proper DNS operation would be to run the following commands from your XP client... nslookup testing.com AD1.testing.com nslookup testing.com AD2.testing.com
  3. When you say "access group policy", exactly what do you mean and from what computer (DC or client)? How often do you see these errors in the logs? Do they occur at regular intervals, and if so, what is the interval? Have you applied any security templates to these systems or to the domain? I once had the same set of symptoms and it wound up being due to MupCache needing to be purged. You might need to purge MupCache, which is done as follows: 1. If you have NOT already installed the Windows Server 2003 Support Tools, install them from the \SUPPORT\TOOLS\SUPTOOLS.MSI file of the Windows Server 2003 CD-ROM. 2. Start / Run / CMD.EXE / OK. 3. Type dfsutil /PurgeMupCache and press Enter. If that doesn't fix it, then most of the time it traces back to DNS problems. Download dcdiag and netdiag from Microsoft and install them on your DC and run them. Any errors of note? Confirm that the computer accounts have at least read access to SYSVOL and the folder where the GPT part of the GPO is located (both NTFS and share permissions) - Ravashaak
  4. Check your system and application logs for clues. Beyond that, I'd update ALL my device drivers. Shutdown issues are often caused by a hanging device driver. If all else fails, try shutting down via the command line: shutdown -s - Ravashaak
  5. I think many people recognize that XP comes at least somewhat bloated, and removing excess components can not only speed up your OS, but also make it more secure. However, when you take this route, you need to be aware of future ramifications (with regards to dependencies, etc). So long as you know enough to be mindful of the potential pitfalls, you will be fine. A full, untweaked, bloated OS? Yuck! - Ravashaak
  6. I'm not a big fan of DEP myself, and I disable it on all of my machines. It causes too many problems for my tastes. However, YMMV. - Ravashaak
  7. Microsoft Baseline Security Analyzer is free and can perform the same functions via its command line component, mbsacli.exe. Version 2.0 can still output results in plaintext files, if you know the proper syntax. - Ravashaak
  8. There's a space between your open quotation mark and your drive letter. Close that space and re-test. - Ravashaak
  9. TCPView might also be of some assistance. I think you can get it at sysinternals.com. - Ravashaak
  10. If others in the same group have the same problem, then maybe you should take a closer look at the group itself. Check its properties, specifically it's security permissions. Compare the group's permissions to that of other groups. Could be one explanation why it's not showing up when you list membership. - Ravashaak
  11. Variation on the name of a character (Ravashack) from an old turn-based strategy game called Master of Magic. - Ravashaak
  12. Being someone who has dealt with configuration and deployment issues for Symantec products for a few years now, I can attest to their shockingly poor documentation. Even when you can locate the docs you need, they are usually poorly organized (if not dyslexically organized), ambiguously worded, and often times lacking even basic information someone would need to configure and administer the product. On a quality scale of 1-10 (10 being best) I'd at most grant them a 2. - Ravashaak
  13. You can create a scheduled task that runs a shutdown command from the command line. Something like: shutdown.exe -s -f The -s signifies shutdown (where a -r would merely perform a reboot) and the -f forces any open applications to close immediately. Try shutdown /? at the command prompt for more information. Also, if you're not using XP, you can download the psshutdown utility from sysinternals.com. It's free and works like a charm. Cheers! - Ravashaak
  14. You could use REG.exe to check a specific registry entry. Type REG QUERY at the command prompt for further syntax information. You could pipe the results into a FIND command to verify installation. You could also check the %errorlevel% system variable immediately after the REG QUERY in order to verify installation. If there are no appropriate registry entries to be checked, a last resort is to use FILEVER.exe to determine the version of the executable. - Ravashaak
  15. You could also write a script which is called periodically via a scheduled task. The script could be made to appear like some minor system error, followed by an "Are you sure?" type of dialog, just to be safe. The dialog could be written counter-intuitively so that your boss would answer with common sense, which would initiate data deletion in the background, etc. There are free third-party utilities that you could use to create the pop-up (fake system error) dialogs. Of course, you would know how to properly answer the dialog, and prevent data deletion. - Ravashaak
  16. Sorry for not responding sooner or I would have helped you with the FOR loop and parsing stuff. Glad someone else got to it and helped. I tend to get busy lately trying to take care of a million things due to hurricane katrina's mess. And I too am amazed at the sheer utility of DOS/Windows Command environment. And if you add a few free utilities here and there, it becomes even more powerful. - Ravashaak
  17. Running QChain won't hurt anything. So, unless you are absolutely certain it's unneeded, run it. - Ravashaak
  18. Another thing you could potentially do would be to push the script to the target systems via PSEXEC from sysinternals.com. Please note that if you try this method, I'd recommend thoroughly testing it first as not all installers react well to remote installation via PSEXEC. - Ravashaak
  19. You could use group policy to trigger a script (startup scripts runs under system context, so it would likely be best) which silently installs the driver. However, if you have a mix of systems, and only SOME of them need the driver, then I'd recommend first creating an OU solely for these systems and then dropping all systems needing this driver update into the new OU, then assign your startup script to the new OU. A reboot of these systems would then trigger the script and the driver update would install. However, I'd recommend coding the script to also sense whether or not the system had already been updated to the new driver version myself (either through a registry check or some sort of file version comparison). Tools such as reg.exe and filever.exe would be helpful in these cases. - Ravashaak
  20. Hmmm, maybe I misunderstood you. I'm not sure now that I'm 100% clear on exactly what you mean by the following: - Ravashaak
  21. Try the following: reg query "\\lf-accnt01\HKLM\SOFTWARE\InterNetworX Systems\ICS\Configuration" /v "Workstation ID" > c:\id_log.txt Or this to echo it to a network fileshare instead: reg query "\\lf-accnt01\HKLM\SOFTWARE\InterNetworX Systems\ICS\Configuration" /v "Workstation ID" > \\servername\sharename\id_log.txt Of course, you'll need to configure the permissions appropriately on the share. Additionally, using >> as opposed to > allows you to append to the end of a file rather than overwriting it. - Ravashaak
  22. I have a relatively new domain with one Server 2003 domain controller, and many Windows XP Pro SP2 clients. Members of the "Domain Users" group are unable to change file associations via Folder Options --> File Types in Windows Explorer. When they navigate to that location, all buttons are grayed out. I've checked HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer as well as HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer for the NoFileAssociate dword value. Numerous search results indicate this value controls access to the "File Types" dialog. However, I can't find this value anywhere within the registry on the systems of my domain users. Attempts to create the value and give it the appropriate data still fail to yield results. I'm a little stumped so far. Any thoughts or ideas? - Ravashaak
  23. Thanks indeed for the heads-up. This one got by me. - Ravashaak
  24. That's why I've always hated Compaqs. From day one they have employed dirty sneaky tricks to make this component or that component just non-standard enough to force their customers into buying their upgrades from Compaq. So, to me at least, your experience comes as little surprise. Although I'll admit that since the Compaq-HP merger, I'd assumed that Compaq would have ceased this practice. I guess old habits die hard. I never recommend Compaq to anyone because of the reasons above. I want to be able to go buy an upgraded component that should work in my system, and stand a reasonable chance of it actually working when I install it. And of course, I have a major problem dealing with a company that is essentially lying to their customers (so that they may later bilk said customers out of upgrade money). - Ravashaak
  • Create New...