Jump to content


  • Posts

  • Joined

  • Last visited

  • Donations

    0.00 USD 
  • Country


Everything posted by playsafe

  1. On same road at the end you can see their Flying Carrier
  2. I have now enable auditing on this member server as well, it was just that this server got missed and I have to check for an incident on server. Thanks a lot for your replies and guidance.
  3. @MrJinje I am looking for remote desktop (yes interactively) into a member server (Win 2003). The below logs are from my domain controller which has auditing enabled. The user in question has part of I.T team and has appropriate rights to logon to this server officially. I just wanted to check against an event that happened on member server. @cluberti The auditing is not enabled on member server but it is enabled on domain controller, my point was if authentication request goes to domain controller it may hold some related logs. And I found those from domain controller but just want to confirm if it was access to a share or interactive remote desktop as both could initiate the authentication process.
  4. I have found below log on my domain controller, 1/9/2010,7:57:29 AM,Security,Success Audit,Logon/Logoff ,540,TMN\USERNAME,DC,"Successful Network Logon: User Name: USERNAME Domain: TMN Logon ID: (0x0,0xE55832A) Logon Type: 3 Logon Process: Kerberos Authentication Package: Kerberos Workstation Name: Logon GUID: {3362e1d8-b952-9b84-8911-df846e16c05e} Caller User Name: - Caller Domain: - Caller Logon ID: - Caller Process ID: - Transited Services: - Source Network Address: 172.18.10.xxx Source Port: 0 From Information above and related articles on internet, i conclude that either of following, i) User logged into this server Or i) User accessed some share on this server though its authentication event triggered on domain controller where I have found this log. Correct me if I am wrong.
  5. Hello All, I have a AD domain controller running 2003 server, and one Windows 2003 storage server as member server. Unfortunately, i did not set logon auditing at member server. Now I want to check who logged on to this server between specific time interval. Is there any other way to check it. Logon Auditing is enabled set on domain controller though, can it help in some way that authentication is performed by Domain controller and it may show somewhere that a user requested to login to member server and came for authentication. Thanks for going through above text.
  6. Is there a way to restrict users from coping files with certain extension to the windows 2003 or 2008 server ? I want to stop users from coping "avi" and "mov" files to the server from network users. A domain is setup on windows server 2008 and network storage with win 2003 storage server. If it is possible on any server please share.
  7. I am running windows server 2008 as forest root domain at Head Office. Head Office has three domain controllers, 1 working as DC and other 2 are additional. Also on 3 different sites we are running two additional domain controllers each, and they are configured as primary AD integrated DNS servers as well. Their clients point to their local DNS server for queries. I have to add user of all sites manageing IT in DomainAdmins group, due to this they are able to connect all server of all sites for through management console. I want to know some method so they could only be able to connect DNS for their site DNS servers only. NOTE: Our AD has only one zone, there is no problem if they are able to modify DNS, but through their local servers only. Thanks.
  8. Well, I have currently found a solution. I have created a deny rule, which block HTTPS and HTTPS Server protocols from Internal network to defined URLSETS. Here I have created a URLSet, which has enteries for eg, http://www.facebooks.com, http://www.gmail.com etc.. With this it is only blocking HTTPS traffic for these specified urls, and other urls on https are working properly.
  9. Hi All, I am stuck while blocking some https sites in ISA. For example I blocked www.facebook.com through ISA 2004, but now users can go through https://www.facebook.com. And I am unable to see any other option in ISA. In URLSet, it says that these urls can only be defined for HTTP protocol. I need a solution to this without using some heavy third-party software.
  10. I have checked rules, and even set my pc all allow. But in case if ISA blocks my traffic it would disallow my browsing but server is completely blocking my ip. I once saw Panda giving a message of "prot scan", maybe Panda blocks my ip as skype tries to scan port. Today even by running Utorrent it again blocked my ip.
  11. I am running WinXP SP2. In my network there are two ISA servers, let me reference them as ISA1 and ISA2. My system works perfectly by connecting through both ISA servers. But as Skype starts to login, my system is disconencted from ISA2, here disconnects mean that my ping to ISA2 server breaks within 5 seconds. Whereas all other network access from my systems works ok, which means ISA2 server blocks my ip. Also ping to ISA2 comes back after approx 10 minutes, and goes off again if skype is still trying to connect. Skype works ok from all other systems going on network thru same ISA. Can someone get a clue what is causing ISA server to block my ip. One more thing, if I change my ip it gets back ping reply but again blocked at new IP as well when skype connects.
  12. I have attached a diagram of three systems connecting using multiple networks. How can I get them connected (ping each system from every system). I don't want to use RRAS. Can I specify some routes on each system to make it possible. I am confused if windows can forward incoming packets based on its windows routing table.
  13. Thanks very much. Further I would also like to get help on following scenario. For ex. in Vonage (VOIP device), it does not work as DHCP server. So my system would not get any IP assigned by this device. What if we forget its ip after configuring it and don't want to reset it.
  14. The following entry worked by setting it to 0. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Network Connections\NC_EnableAdminProhibits and network restrictions were also applied to Admins.
  15. How can we get DSL modem's IP (Or other IP based devices like Wifi Router etc) if directly connected through Ethernet cable with a system. If we dont have any idea of its current IP and it is already configured. I dont want to Reset the modem settings.
  16. I want to find which registry key is added or changed when we enable following group policy (Local Computer Policy), User configuration\Administrative Templates\Network\Network Connections\Enable Windows 2000 Network connections settings for administrators I have used regshot for comparision after and before change, but cant get the exact registry key. Can anyone help me out as I want some LAN properties to be disabled for all users including Administrators by using registry file. And it works in combination with \Network Connections\Prohibit access to prperties of LAN connection[/b, I am able to find this entry in registry.
  17. If files are deleted from a Network share by client on server machine. Can we set something that those files move to some specific folder on server machine and not be deleted.
  18. It seems that these characteristics are binding and no workaround to get the best of both exist.
  19. I have two problems here regarding emails: I am using MDaemon Mail server at my office premises. Previously I was using IMAP for emails. But now I want to have local copy of email at client thus I chose to use POP3 with "Leave a copy on server" option 1) If I create folders on client Outlook, these are just local and are not mirrored in Server. Can it somehow be created on server. So everything for every user is at one place. 2) I want to keep sent emails on server, previously in IMAP I would create a rule to move sent emails to IMAP.Sent. Which I am unable to achieve in POP3. I know these are characteristics of POP3, but is there some workaround as some users badly need it. OR in other words what is the best scenario that medium size companies can use.
  20. @Idontwantspam Thanks for your suggestion, This is what i normally do. As with MS Office 2003, a printer is installed. So when the system with printer shuts down, i change the default printer to the MS Office Document Printer. That solves the problem. Otherwise the users are advised, the last person leaving from a specific section is responsible to shut down the printer system. @nmX.Memnoch Thanks for your suggestion as well, certainly I am going to act on your advice of hooking all printers through TCP with server because it is always on. The problem with applying GPO to restrict user from shutting system is that it will remain on through the night. But in that case i can schedule it to go down late at night. I have been really helped by you people, Thanks a lot for all your suggestions.
  21. Yes I am using win 2003 as server. I will follow your advise to setup printers. I will just have to buy couple of network cards for printers and i will be ready to go. In meantime I will setup the printers with Network Cards. One more question for current scenario, When a client Win XP system attached with printer is shut down. Other systems which are using that printer as their default printer slow down extremely, because MS Office products look for printer drivers even when saving or opening files or previewing files. It becomes irritating for users. The only solution i see is to switch temporarily to a fake local printer as default printer. Is there a better solution so that drivers are not searched over network but contained locally? I hope you understand my question.
  22. If u are using Internet Explorer: Go to Tools -> Options Content Tab click Auto complete button and uncheck use AutoComplete for FORMS And If u are using FireFox: Go to Tools -> Options Go to Privacy Tab Uncheck "Remember what I enter in forms and Search Bars" Hope this answers your question.
  23. I am not that good at computers but i surely know more than basics of it. But I try to learn as i see different things which sometimes is not good as "Jack of All trades is master of none". and normally before completing something i move to some other thing. As per discussion in this poll and related post I would love to be called a Nerd but again I m not all that good. So I m a geek and would love to be a nerd.
  24. Yes I m running Windows 2003 running on IBM x236 which has AD and working as a file server as well for user map drives. Does the word "actual" have some specific meaning in your question?

  • Create New...