Jump to content


  • Posts

  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country


About playsafe

  • Birthday 01/10/1980

Contact Methods

  • Website URL

Profile Information

  • OS
    Windows 7 x64

playsafe's Achievements



  1. On same road at the end you can see their Flying Carrier
  2. I have now enable auditing on this member server as well, it was just that this server got missed and I have to check for an incident on server. Thanks a lot for your replies and guidance.
  3. @MrJinje I am looking for remote desktop (yes interactively) into a member server (Win 2003). The below logs are from my domain controller which has auditing enabled. The user in question has part of I.T team and has appropriate rights to logon to this server officially. I just wanted to check against an event that happened on member server. @cluberti The auditing is not enabled on member server but it is enabled on domain controller, my point was if authentication request goes to domain controller it may hold some related logs. And I found those from domain controller but just want to confirm if it was access to a share or interactive remote desktop as both could initiate the authentication process.
  4. I have found below log on my domain controller, 1/9/2010,7:57:29 AM,Security,Success Audit,Logon/Logoff ,540,TMN\USERNAME,DC,"Successful Network Logon: User Name: USERNAME Domain: TMN Logon ID: (0x0,0xE55832A) Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Workstation Name: Logon GUID: {3362e1d8-b952-9b84-8911-df846e16c05e} Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 172.18.10.xxx Source Port: 0 From Information above and related articles on internet, i conclude that either of following, i) User logged into this server Or i) User accessed some share on this server though its authentication event triggered on domain controller where I have found this log. Correct me if I am wrong.
  5. Hello All, I have a AD domain controller running 2003 server, and one Windows 2003 storage server as member server. Unfortunately, i did not set logon auditing at member server. Now I want to check who logged on to this server between specific time interval. Is there any other way to check it. Logon Auditing is enabled set on domain controller though, can it help in some way that authentication is performed by Domain controller and it may show somewhere that a user requested to login to member server and came for authentication. Thanks for going through above text.
  6. Is there a way to restrict users from coping files with certain extension to the windows 2003 or 2008 server ? I want to stop users from coping "avi" and "mov" files to the server from network users. A domain is setup on windows server 2008 and network storage with win 2003 storage server. If it is possible on any server please share.
  7. I am running windows server 2008 as forest root domain at Head Office. Head Office has three domain controllers, 1 working as DC and other 2 are additional. Also on 3 different sites we are running two additional domain controllers each, and they are configured as primary AD integrated DNS servers as well. Their clients point to their local DNS server for queries. I have to add user of all sites manageing IT in DomainAdmins group, due to this they are able to connect all server of all sites for through management console. I want to know some method so they could only be able to connect DNS for their site DNS servers only. NOTE: Our AD has only one zone, there is no problem if they are able to modify DNS, but through their local servers only. Thanks.
  8. Well, I have currently found a solution. I have created a deny rule, which block HTTPS and HTTPS Server protocols from Internal network to defined URLSETS. Here I have created a URLSet, which has enteries for eg, http://www.facebooks.com, http://www.gmail.com etc.. With this it is only blocking HTTPS traffic for these specified urls, and other urls on https are working properly.
  9. Hi All, I am stuck while blocking some https sites in ISA. For example I blocked www.facebook.com through ISA 2004, but now users can go through https://www.facebook.com. And I am unable to see any other option in ISA. In URLSet, it says that these urls can only be defined for HTTP protocol. I need a solution to this without using some heavy third-party software.
  10. I have checked rules, and even set my pc all allow. But in case if ISA blocks my traffic it would disallow my browsing but server is completely blocking my ip. I once saw Panda giving a message of "prot scan", maybe Panda blocks my ip as skype tries to scan port. Today even by running Utorrent it again blocked my ip.
  11. I am running WinXP SP2. In my network there are two ISA servers, let me reference them as ISA1 and ISA2. My system works perfectly by connecting through both ISA servers. But as Skype starts to login, my system is disconencted from ISA2, here disconnects mean that my ping to ISA2 server breaks within 5 seconds. Whereas all other network access from my systems works ok, which means ISA2 server blocks my ip. Also ping to ISA2 comes back after approx 10 minutes, and goes off again if skype is still trying to connect. Skype works ok from all other systems going on network thru same ISA. Can someone get a clue what is causing ISA server to block my ip. One more thing, if I change my ip it gets back ping reply but again blocked at new IP as well when skype connects.
  12. I have attached a diagram of three systems connecting using multiple networks. How can I get them connected (ping each system from every system). I don't want to use RRAS. Can I specify some routes on each system to make it possible. I am confused if windows can forward incoming packets based on its windows routing table.
  13. Thanks very much. Further I would also like to get help on following scenario. For ex. in Vonage (VOIP device), it does not work as DHCP server. So my system would not get any IP assigned by this device. What if we forget its ip after configuring it and don't want to reset it.
  14. The following entry worked by setting it to 0. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Network Connections\NC_EnableAdminProhibits and network restrictions were also applied to Admins.
  15. How can we get DSL modem's IP (Or other IP based devices like Wifi Router etc) if directly connected through Ethernet cable with a system. If we dont have any idea of its current IP and it is already configured. I dont want to Reset the modem settings.

  • Create New...