Security Groups

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ smallbiz
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Administrator not administrator I am currently setting up a new SBS 2000 box remotely before I deploy it on our current SBS 2000 Domain. The new SBS 2000 box is identical in it;s functionality, but it has the all important RAID5 redundancy and has a better spec. I have installed SBS 2000, and I am now patching up the whole machine using Windows Update. I will also run SP1a for SBS 2000. What I want to do now is make the Administrator user not Administrator, but to set up a new user that will be Administrator. This is for security, as I know that a lot of people do this, as Administrator as a Username is 50% of the way of cracking the password anyway. How is this done? Do I make a new user in AD on the new SBS and assign the same "Member Of" components to this user and then disable the user "Administrator"? I can then log the server on as this new Administrator knowing that the Username is not Administrator. Am I going along the right tracks...I need advice!! Thanks. Tag: Security Groups Tag: 137480
  - 2
    - Add Exchange to SBS2000 domain Hi everyone, I'm having big problems installing Exchange on to my SBS2k domain, and I'm currently pondering suicide :-) I am trying to move Exchange from SBS on to a new Win2k server in a data-center (i.e. on to a new server, running a full-blown copy of Exchange). I have created a new administrative group (i.e. a seperate admin group from the 'first storage group'), and the plan is now to install the new Exchange server here, and copy the mail boxes across. I understand that when you install Exchange you should be prompted, and asked which Organisation and administrative group you want to install within. For some reason I am not - the install runs through and the server does not appear in the administrative group I have created. Please Help!!! Any advice or pointers would be much appreciated. TIA, Stuart Arnold Tag: Security Groups Tag: 137475
  - 3
    - Calendar access I want to enable 3 people in our organisation to access my Calendar from their Outlook client. We are running SBS2000 (Exch 2000) and Outlook 2000 client. Please can you give me step-by-step pointers on how to do this please. Thanks. skc Tag: Security Groups Tag: 137471
  - 4
    - Adding SBS Client apps to a TS This is a bit of a repost, so I apologize up front for that. I'm trying to install the client apps for SBS (firewall client and IE) onto a Terminal Server. I added the SBS_LOGIN_SCRIPT.bat to the profile tab and told SBS to install the apps to the TS. When I log in under the TSAdmin account, there is an extremely short flash of the SBS script window (the minimized command prompt window) and then it runs the rest of the scripts I have. The SBS apps don't install. Am I misunderstanding the directions or the results? Here is the procedure I am following: To add a TSAdmin user account: 1.. From Small Business Server 2000, open Control Panel, and then click Administrative Tools. 2.. Click Active Directory Users and Computers, and then click Domain Users. ==>(Domain Users isn't a group, but Users is, and I assume this is what they mean) 1.. From the Microsoft Management Console window that appears, click Action, and then click New User. 2.. Name the user TSAdmin, and type in a unique password. 3.. On the remaining screens, use the default settings, except for Logon Script on the Profile screen. This field must contain the following: SBS_LOGIN_SCRIPT.bat ==>(There is no space in the new user setup to place this script pointer in, so I added it after the user was created under the profile tab) This ensures that the client installation program runs properly when you log on to the Terminal Server as the TSAdmin user. ==>(I set the TSAdmin user as a Domain Admin member and went to the SBS Personal Console and told it to install IE and the firewall client to the TS, but to no avail.) Any direction to investigate would be appreciated. Thank you. Tag: Security Groups Tag: 137465
  - 5
    - Exchange/Outlook We have SBS2000. We have not set up Exchange and Outlook on it yet. I would like to set both up for shared calendaring, task management, shared contacts, IM, however I do not want to host our own email server. We use POP3 email accounts provided by our ISP. Can anyone help. I have already been on MS website and went thru all the SBS2000 deployment guide but all seem to omit the above. Tag: Security Groups Tag: 137460
  - 6
    - SBS Office 2000 and Printer Lock-Up Hi. We've got a LAN with 8 workstations plus server running SBS2000. We have 3 printers on network and up until yesterday, all worked fine. Yesterday a user at a workstation sent a print job to the newest networked printer (HP Laserjet 4100). The job does not appear to have ever reached the printer itself (i.e. the printer is not acknowledging receiving any data and has no job to cancel). The job is, however, clogging up the print que. We have tried to cancel/delete the job, from both the user who created it's workstation and the server. Both attempts appear to be successful (i.e. no error message), and the job's status changes to "deleting", but it doesn't ever delete (over 24 hours now). We have tried uninstalling that printer from that workstation and reinstalling, which works, but when reinstalling, the subject bad job is still in que (under status "deleting"). We have tried deleting and/or uninstalling the subject printer from the server, which again appears to work (status of printer changes to "Deleting") but the printer never gets deleted. We're at wits end! Have searched net but could not find any information. Any help would be greatly appreciated. If you could cc: any responses to mcpineny[nospam] @netscape.net (without the text: "[nospam]") it would be doubly appreciated. Best regards. Tag: Security Groups Tag: 137454
  - 7
    - How does the CAL licensing thing work? Would someone explain to me how this CAL licensing things works for SBS 2000 or 2003? I'm gonna have two persons accessing Exchange on it, so obvioulsy I need 2 CALs. How about me, the admin, do I need a CAL for myself? What if I setup an ftp server on it, do I need a CAL for absolutely anyone who accesses the ftp server? Cause that makes no sense. Or are CALs used only when someone logs onto the domain? Any other access to the server is not counted as a CAL? Does SBS actually know how many CALs you have and prevents anyone from accessing it if you exceed it or is it just MS lawyers that do? Thanks, Harry -----= Posted via Newsfeeds.Com, Uncensored Usenet News =----- http://www.newsfeeds.com - The #1 Newsgroup Service in the World! -----== Over 100,000 Newsgroups - 19 Different Servers! =----- Tag: Security Groups Tag: 137453
  - 8
    - Help! Spoofing Using SBS2000, running Exchange, using GFI MailEssentials 9. Blocking 99% of spam using exchange manager filter along with GFI. However, there are a few spammers who are spoofing our domain and sending emails to our employees using the employee's email address. The spam messages gets through since all of my employees are on the GFI whitelist. How do you block these spammers from sending you email like this. I have relaying turned off and have run all the tests to ensure my server is not set up for relaying. Here is one of the smtp log entries: 2003-10-18 03:10:37 66.24.190.227 domain.com SMTPSVC1 MYEMAILSERVERNAME 192.168.1.2 0 EHLO - +domain.com 250 0 329 19 15 SMTP - - - - 2003-10-18 03:10:37 66.24.190.227 domain.com SMTPSVC1 MYEMAILSERVERNAME 192.168.1.2 0 MAIL - +FROM:<user@domain.com> 250 0 46 33 0 SMTP - - - - 2003-10-18 03:10:37 66.24.190.227 domain.com SMTPSVC1 MYEMAILSERVERNAME 192.168.1.2 0 RCPT - +TO:<user@domain.com> 250 0 34 31 0 SMTP - - - - 2003-10-18 03:10:37 66.24.190.227 domain.com SMTPSVC1 MYEMAILSERVERNAME 192.168.1.2 0 DATA - +<02b701c39526 $2c2d2631$b400a8c0@S0030140329> 250 0 128 1598 Thanks for your help. Scott Tag: Security Groups Tag: 137452
  - 9
    - Backup Exec and Exchange backup I have a member server that we use for backups to a DLT external tape drive using Backup exec 8.6. I can get the backup to work for the data files that I select on the SBS server (remote) but I can't get it to backup up the exchange on the remote server I keep getting an RPC error and it stops the BE Job Engine in services. I have the Exchange agent license but it tells me to install the system manager component on the media server. Will this conflict with the Exchange system manager on the SBS server and how can I install just the system Manger without causing any issues.. thanks in advance for your help. Bob Tag: Security Groups Tag: 137450
  - 10
    - SBS 2000 - Windows 2003 Upgrade Is it possible to migrate from SBS 2000 to Windows 2003 server? We need to start working on getting a trust going between two domains and we are almost getting over the limit of 50 computers. PLease provide me with suggestions in how to do it. Thanks Tag: Security Groups Tag: 137448
  - 11
    - Remote Access to SBS W2K Exchange Server Hi all, I am hoping that someone can help me. I have implemented SBS W2K and all is well. MS Exchange is currently configured to collect POP3 mail for our domain and this also works OK. We are on an ADSL line with a fixed IP address. There are an increasing number of users based overseas who need to access the server for their emails. Although they can use the Outlook Web Mail interface via a browser window I am wondering if there may be a better way of letting them collect their mail straight into their MS Outlook win32 client. Is there a way of achieving this short of implementing a VPN, eg: remote users collecting their mail via a POP3 connection to the server (this way they will also receive internally sent mail as opposed to creating a email forwarder at the ISP that they could collect from). Any suggestions or comments on possibilities or best practices much appreciated. Thank you in advance, Simon Tag: Security Groups Tag: 137442
  - 12
    - Exchange Tasks in "AD Users and Computers" I have installed W2K3 Admin tools on my XP to be able to administrate a 2K SBS-server. I can open "AD Users and Computers" and add/delete users etc, but I do not have the option called "Exchange Tasks" which can be seen on the server (right click on users) . -How do I get that? Tag: Security Groups Tag: 137440
  - 13
    - m-science SMS software Hi there, Has anyone installed the m-science SMS software in SBS2000. I am having proxy auth problems. I can ping their server from a workstation with no problems but when I use their SOCKS5 interface the proxy wont allow through. The port is 4100 for outbound and 4101 for inbound. How can I get the connection through?. The workstation user is an admin object so there shouldnt be any problems with permissions. Dont get it!!! Regards TIM Tag: Security Groups Tag: 137437
  - 14
    - downloads Can anyone please tell me how i can restrict what people are downloading. The main problem is people using Kazza etc to download movies etc. Is there a way i can stop this without affecting their access to the internet? Thanks in advance dan Tag: Security Groups Tag: 137427
  - 15
    - Security log isn't logging Hmmm... I've set the security log to audit logon/logoff attempts and I'm about to set a few other things - key directories etc. Even though I've refreshed the policy using SECEDIT /REFRESHPOLICY MACHINE_POLICY and USER_POLICY / enforce, nothing has changed. When I check the local security settings, audit logon/off is checked, but the effective policy is no auditing. Checking the Domain Security, auditing is enabled. So.. rather puzzled. Can someone help? Thanks Admin Tag: Security Groups Tag: 137412
  - 16
    - GFI Mail Essentials stops Backup Exec Hi I loaded GFI Mail Essentials evaluation version (for an email disclaimer). Now my Backup Exec SBS v9 fails to work. (W2K SBS, all current SP and patches.)Does anyone know of a workaround, or how to stop and restart GFI while the backup job is running? Thanks Harry Tag: Security Groups Tag: 137409
  - 17
    - relay Hi, Running SBS2K, our server seems to been infiltrated and attempted to be used as a relay - thankfully EX2K won't let it - but everything fell over as C Drive was already in need of room and all the mail in the badmail folder made it an unhappy person. So - I'm running ISA, Exchange is setup to not allow relays... how can I make it so people can't even access the server to get this far. I also want it so in the mean time if they try, my badmail won't fill up as well - Thanks heaps :) Marek Tag: Security Groups Tag: 137406
  - 18
    - Web Proxy error 14176 Hi I got this error for the first time yesterday, out of the blue mid afternoon - and it took down the Internet. I restarted the web proxy and it was OK. Am slightly concerned, the only thing to have changed is I loaded on GFI Mail Essentials in the morning. Is it something that I can safely ingore and put down as a one off - or may it have deeper significance? Thanks Harry Event Type: Error Event Source: Microsoft Web Proxy Event Category: None Event ID: 14176 Date: 22/10/2003 Time: 14:57:00 User: N/A Computer: JAVANT01 Description: Disk cache E:\urlcache\dir1.cdat failed to initialize. Some errors were encountered when ISA Server restored specific data cache files. ISA Server will now attempt to recover these files. These errors may have occurred because there was not enough time to complete all necessary shutdown operations, when ISA Server was previously shut down. To avoid this in future, you can increase the value of the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\WaitTo KillServiceTimeout registry key. Identify the reason for cache failure by examining previous recorded events, or the error code. The error code in the Data area of the event properties indicates the cause of the failure (internal code: 503.6332.3.0.1200.50). Data: 0000: 5c 06 00 00 \... Tag: Security Groups Tag: 137405
  - 19
    - Active Directory Migration Tool (ADMT) I was looking to move user profiles and their computers from an NT domain to SBS2K. The ADMT looks like the perfect tool except for the premise that they expect you to incrementally move users over to AD while allowing access to resources in both domains. This requires a trust - which SBS cannot allow. I just want to move user profiles over but the SID issue is a problem. I don't need to have users gain access to both domains, I can move everyone in one shot. Has anyone attempted the ADMT method on an SBS without involving trusts? Does anyone have any other suggestions? Thanks, Buddy Tag: Security Groups Tag: 137404
  - 20
    - set up a network Once again, it is off topic, but the input of this group is of high quality. I have 5 PC with XP Home. I have one broadband Internet Connection. Is it possible to have alll 5 PC to be online at the same time? Is it possible to have one PC store all the data files and let other PC to get access to the files? Is it possible to have all PC print to one printer? any article for reference? Many thanks for your tolerence for this off topic question. Tag: Security Groups Tag: 137402
  - 21
    - Windows Time Basic question that is dogging me on one server which is on the same network as a Novell server. The time seems to synchronize with the Novell server and not the SBS2000 server. Is there a workaround available? I have turned off the Windows Time server on the XP Pro Clients. I was getting an error in my event log. How should I set this up? Thx John Tag: Security Groups Tag: 137396
  - 22
    - POP3 connector mystery error I have a SBS 2K server with the pop3 connector that appears to connect to the ISP, download the mail and attempt to connect to smtp and deliver the mail. Only problem is the inbox never recieves the mail and the sender ends up getting an NDR from my server stating that there was a failed action with a status code of 5.2.2. I get and error in the event viewer #4032 with an NDR code of 1 which microsoft says is successful. Whats up with that and how do I get my mail to work? Tag: Security Groups Tag: 137393
  - 23
    - Web Server - Please help Howdi all. First off all congratulations on ths being one of the best resources around. Problem is. Client has sbs2k with 30 seats fully patched 2 nics and adsl. Works wonderfully. Client wants to set up win2k server under the current sbs domain. No probs so far. He wants the new box to host his web site and a bbs as well. Thats all. Can it be done? if so i have some questions. 1. The new server joins the domain and uses the sbs isa server for firewall client, true?. The IIS on the win2k server box is brought online and permission to acces it is handled by the sbs isa server..true/false? Will this be the best way to set up the new box? Please advise. Thanx in advance. Tag: Security Groups Tag: 137384
  - 24
    - Hardware auditing I just did a walk through in a local primary school looking at the computers they have etc. Has anyone any suggestions on methods of compiling a list of details of the hardware specs of each computer. What I thought would have been useful is a little program that I could execute from a floppy disk that would list out the basic specs of the computer such as: - processor and speed - ram installed - hard drive configuration - network card make and model - operating system running Has anyone come across something like this? Thanks Paul Tag: Security Groups Tag: 137382
  - 25
    - Installing Internet Mail Service Extension Imsext.dll I am trying to do the above so that I can append a disclaimer to outgoing emails. I run SBS2000. Knowledge Base Article 258206 explains how to do it but says that I need to copy the imsext.dll to \exchsrvr\connect\msexcimc\bin I dont have that folder. I dont have a connect folder within my exchsrvr folder. I do have \exchsrvr\bin or exchsrvr\bin\exchweb\bin Which bin folder of these should I put the dll file, if any? Thanks in advance. Tag: Security Groups Tag: 137358
- Next
  - 1
    - Exchange problems... My M:\ on sbs has disappeared... When I try to mount the information stores it says restart MS Exchange manager and informations store service... I've tried both to no avail... PLEASE HELP!!! Tag: Security Groups Tag: 137356
  - 2
    - Web Proxy bombs out Last week and this week my client loses internet access, but email and AOL IM work fine out to the web. When i try to restart the Web proxy it gives me an error and says stopping. I rebooted the server last time and it worked again but now I rebooted and I cannot Remote Desktop back... telling me it is busy.... Help. Peter V Tag: Security Groups Tag: 137353
  - 3
    - Making an SBS2000 a Backup Server I was just wondering if it is possible, and allowed, to make my old SBS2000 server a backup for a new server I am putting together right now. If so what procedures would I follow? Many Thanks Paul B Tag: Security Groups Tag: 137345
  - 4
    - Bogged Down SBS2k Server, no Resources Constrained: Virus? I have SBS 2k setup with a 2-NIC setup (perm connection via a T1.) I am running Trend's OfficeScan. Starting this Monday, with all clients powered off, everything is fine. With some XP clients started, the server is way bogged down: web surfing via the proxy is slow, connection to NT Shares slow, Outlook on clients slow, even circling the mouse on the actual server hangs up like it's at 100% utilization. I only have about 10 clients. But, no resources are being constrained. Plenty of mem free, CPU% at about 10-20%. No disk queueing. Only clue I have is that a couple of the XP clients (as seen with Netmon on the server) are doing continous ICMP's to addresses in incrementing order (ie 207.100.25.101, 207.101.25.102, 207.100.245.103, etc.). Seems very strange. One PC will do this, even with all (apparant) apps off and mappings off. NOTE: Addresses given in example are fake. The addresses the pc's are going after do not reolve with NSlookup. Do I have a virus problem that OfficeScan is not picking up? Do I have a worm or SpyWare? The network is basically useless when all the people are on. . . . . Help! Tag: Security Groups Tag: 137341
  - 5
    - Adding a windows 98 client I can't seem to add a computer running windows 98 to my small business server. Any suggestions? All my other client computers are running windows XP Pro so I am not familiar with the process for adding windows 98 clients. Thanks! Tag: Security Groups Tag: 137331
  - 6
    - Shared Fax displaying squares instead of characters I have a client that is using SBS with Shared Fax. Everything is working great except when they try to send faxes in Chinese. Instead of displaying the characters it displays squares. The chinese language set is installed on both the server and the workstation. When you look in the console Chinese characters display correctly in the recipient name, subject and document name fields but not in the actual fax which you can see by double clicking on it and bringing up imaging preview. Any idea on how to fix this or does Shared Fax not support non English characters? Cheers Damon Tag: Security Groups Tag: 137328
  - 7
    - DTS not installed on SBS? It seems that Data Transformation Services is not installed on SBS2000. Where do I find it to install? I've been all over and I can't find any info about this. Thanks, Troy D. Young Tag: Security Groups Tag: 137312
  - 8
    - New Service since WIN2K SP4 Installation I have a service running on my SBS2K called Wireless Configuration. It seems to have appeared the day after I applied WIN2k SP4 to my SBS2K server. Could some tell me, was this installed as part of the service pack? This is my only server that has SP4. The others still have SP3 and this service does not show up. Tag: Security Groups Tag: 137311
  - 9
    - Email from a web page problem Hi All, SBS 2k fully patched. I can send and receive e-mails from and to anywhere, but when an email is generated from a web page, it refuses to be delivered to the recipient. In other words: I fill in a form on the web page and then submit it, this will generate an email and in theory, the email should go to a specific recipient, buit it does not. I have looked at ISA as the culprit, but didn't find anything suspucious in there....Anyone have a clue?? Thanks in advance and regards GB Tag: Security Groups Tag: 137304
  - 10
    - IM Server on SBS2000 After fresh install of SBS2000 I do not see where to utilize the IM server. My protocols in Exchange system manager do not include the IM Server - What am I missing? Thank You Paul Tag: Security Groups Tag: 137301
  - 11
    - Complete Reformat / Reinstall of SBS2000 I am using SBS2000 to run our company network...there are about 19 computers connected to it and I've been having to deal with a lot of issues that I know a reformat/reinstall would fix... I've reformatted client computers over 100 times, so the process of reformat/reinstall isn't new to me - but i've never done it on a server...there are several things that i want to make sure i take care of from the beginning before starting...is there a FAQ or something posted about the steps to take to make sure i backup everything necessary? thanks in advance, jared Tag: Security Groups Tag: 137290
  - 12
    - "Open Licenses" for SBS 2003? I've been told that currently the only available CALs for SBS 2003 are retail boxes, and that "Open Licenses" will be available 11/01/03. Can anyone confirm this? And will the prices be substatially lower, i.e., is it worth waiting? thanks Chris Tag: Security Groups Tag: 137288
  - 13
    - XP Pro clients cannot connect to SBS2000 server I have replace an old Netware SBS server with a Microsoft SBS2000 server and have attached the Win98 clients, but cannot get the 4 XP PC's to attach to the new server. I get messages like the following: DNS does not exist (error code 0x0000232B RCODE_NAME_ERROR); the query was for the SRV record in .... (I checked the query lisitng, and it seemed to be correct). I have tried DHCP, static IP,etc. How is the domain name supposed to be input? (domain name) or (domain name.local)? I checked my WINS data and for my server it lists 1 record (01h - Other) at the current servers correct "internal" NIC's IP, another record (03h - Messenger)is set to the servers "external" NIC's IP (192.x.x.x), and one record (20h - File Server) at a different address (10.x.x.100) THIS may be the culprip, I'm thinking (I changed the server IP after initial setup from the 100 to the 101 address. Any thoughts? I would appreciate them!!! Tag: Security Groups Tag: 137287
  - 14
    - Mail problem with new computer (old user) Hi I am using SBS2000 with exchange. I connect to the sbs server with new computer(XP) but an old user. All is OK, but i can't send and recive external e-mail. Internal mail is ok. The Internet is ok. A nslookup can't solved the dns server? Is it ovnly a dns problem? And how can I solved is. Regards/Qurt Tag: Security Groups Tag: 137286
  - 15
    - RIS FAILED RECENTLY ON TWO DIFFERENT SITES: NTLDR is corrupt. The system cannot boot. RIS has been working ok, now there's suddenly problems. Installation begins normally but right after login part, when the actual installation is supposed to start, an error displays: NTLDR is corrupt. The system cannot boot. This is happening on two different sites. The other is SBS2000, other plain Win srv2003. Both clients are WinXP SP1a Finnish. No changes have been made to RIS, only windows update. In both cases app log show following warning: Event Type: Warning Event Source: BINLSVC Event Category: None Event ID: 1101 Date: 22.10.2003 Time: 19:51:49 User: N/A Computer: XXXX Description: An error occurred during parsing of an INF file netclass.inf in the given section Manufacturer. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 02 01 00 e0 Is this some magical MS patch work or have I just done something wrong? Thanks in advance, Jussi Tag: Security Groups Tag: 137277
  - 16
    - More than one server with SBS? We are an engineering design firm that uses a very large number of vendor catalogs and selection software. I've grown past weary of trying to keep all my client machines current with piles of typically poorly written software. I'd like to consolidate all this.....well, lets call it 'stuff' to be polite...onto one machine. I'm supposing a Windows 2000 Server Machine running Terminal Services is exactly what I want to do. My questions begin here: 1. Can a Windows 2000 Server running terminal services coexist in a SBS2000 Domain? 2. My W2K clients all have a TS license built in. Do I need to buy additional CAL's for the periodic connection to the W2K Server on top of the SBS? On average I should have no more than 5 people connected to the terminal server at one time. 3. Can this server talk to the SBS? IE, can I save documents to a project directory on the SBS and print to printers on the SBS? I'm not looking for people to have to waste their time trying to set it up for me, I just want to know if its possible before I start investing money into the project. Thanks everyone. Tag: Security Groups Tag: 137254
  - 17
    - Connect to VPN but cannot ping any intranet Hi, MY company have a SBS 2000 and we use a broadband router and the broadband router also act as a DHCP server. I config the RRAS for VPN, I can able to connect to VPN but after connect to the VPN, I can't ping or access any intranet resource. Any Idea? Thanks and Regards, Simon Tag: Security Groups Tag: 137247
  - 18
    - Migration to new SBS 2000 Help!! Hi, We have been running SBS2000 for around 2 years now where we have recently decided to upgrade our current Dell PE2500 due to redundancy reasons. The new Dell PE2600 has a RAID-5 array (PERC4), x3 36GB SCSI HDD, x2 NICs for LAN and WAN. We ordered the box from Dell with no OS, as there was no point considering that we had all the CDs and licencing for the old SBS2000 anyway. At the moment, the old SBS is being used as a Domain Controller, Email server (Exchange 2000), Web proxy (ISA 2000) via a 24/7 ADSL line, and runs the Symantec Corp Edition that protects and updates the server as well as all of the clients. The new SBS will take over the roll, as it will be much more powerful with RAID-5 redundancy (in case of a HDD crash). We already have a deployed fileserver on the network where I have configured the SBS logon script to map client drives to the fileserver. This is currently working quite well. We just had the new SBS Dell 2600 machine delivered, and I need some pointers as to how to set it up. I have been reading the Microsoft Small Business Server 2000 Migration Upgrade White Paper quite carefully, but I need some questions answered as well as comments on my method of approach. 1. Upon powering up the new Dell, it asked for the OpenManage CD as there was no OS installed out the factory. I loaded the CD, and it gives me a wizard. I am on step 2 or 3 where it asks me for the OS partition size. Can I specify 20GB instead of the normal 8 or 12GB on a typical RAID-5 array? The reason being, is that we are running anti-virus software that creates a quarantine folder on the C drive, and this is currently causing us problems on the current SBS. What limit is there on partition size for SBS 2000 sitting on Windows 2000 Server? 2. Page 4 suggests that I need to create new accounts on the new SBS 2000 machine: security groups, user accounts, mailboxes, computer accounts. Is there a way of getting these from the old SBS (export wizard?) or do I have to write-down each item and re-create it on the new SBS? What about SSID? Is it the case of simply recreating these objects in AD or are there any other things that need to be done? 3. It mentioned the configuration of ICW. We have two users setup who are allowed remote access (VPN). Does this need to be done in ICW or just in the user's account in AD? 4. The old SBS has a static IP address of 192.168.16.2 which I will re-use for the new one as well. All the clients are dynamic and assigned IP addresses via DHCP. Do I need to do anything to DHCP to recreate this, or do I just hardcode the 192.168.16.2 for the LAN adaptor of the new SBS and that is all? 5. For Exchange 2000, I need to create the mailboxes on the new SBS 2000 and Exmerge data out of the old SBS onto the new SBS. Can I create the new mailboxes using the add new user wizard in backoffice, as this adds the user to AD and has the wizard for creating new mailboxes 6. I intend to change the emails for the company, where currently it is <firstname>@domain.com. If I make the emails <firstname>.<lastname>@domain.com, then will this be quite easy? This is because we recently employed another John, which clashed with an existing John@domain.com. We pick up our email via POP3 at the ISP, so I will also have to leave the <firstname>@domain.com for a few weeks so that all external recipients are fully aware of the new email policy. 7. P12 suggests that I need to configure the ISA Server Local Address Table.what does this mean? Where can I find this out on the old SBS? Please help!!! Thanks. skc Tag: Security Groups Tag: 137244
  - 19
    - Instant messaging I've enabled this service for all users on SBS, where do I get the client software from ? Ta Tag: Security Groups Tag: 137239
  - 20
    - Instant Messaging I've enabled this service for all users on SBS, where do I get the client software from ? Ta Tag: Security Groups Tag: 137237
  - 21
    - Copy Active Directory Is there any way to copy Active Directory from a server to a standalone computer? I know that's not how it should work but that's what I've been asked to do. Any help is appreciated. Thanks. Richard Tag: Security Groups Tag: 137236
  - 22
    - SBS 2k & Terminal Services Hi, I have an issue with using IE from within a Terminal Services session on an SBS2k machine in that when I come across a web page that I would like to mail to a friend, when the send mail form appears and I open up the "To" button to display the list of recipients, I only get the Global Address List rather than those in my personal address book. I'd rather not have to add all my contacts to the Global Address book if possible. Does anyone know why this is or can help me fix the issue? Thanks in advance Richard Tag: Security Groups Tag: 137234
  - 23
    - Help with event ID 15108 I have been using ISA server on my SBS2000 for about 2 years and all of the sudden loads of warnings are now on my Event Viewer. This is the description I get: ISA Server detected a spoof attack from Internet Protocol (IP) address 127.0.0.1. A spoof attack occurs when an IP address that is not reachable via the interface on which the packet was received. If logging for dropped packets is set, you can view details in the packet filter log. I'm pretty sure this error has nothing to do with attacks from the outside because I've blocked all incoming traffic from the Internet at the Cisco level and the warnings are still there. Any help will be much appreciated. VC Tag: Security Groups Tag: 137233
  - 24
    - Exchange Mailbox Permissions / Backup and Logs Hi, I've been volunteered to sort out the network in our office and I've just looked at our exchange server and I have noticed that the administrator account has full access to all the mailboxes, should this be the case? I thought the only account that could log on interactivly that can access the mailbox is the associated user? I have also noticed that the backup process does not seem to be removing the logs, I was under the impression that if a successful backup was done then the logs would be deleted, is this not the case? We are using Veritas 8.6 Cheers Simon Tag: Security Groups Tag: 137230
  - 25
    - E2K full-text indexing problem This is a multi-part message in MIME format. ------=_NextPart_000_0012_01C398B8.B92303F0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable My Exchange server has full text indexes on both private and public = stores. Today I noticed that the mailbox index was in a 'paused' state. = It was probably paused for performance reasons, but when I resumed = (state changed to crawling) the index was not getting any bigger and no = documents were being indexed. So, I decided to stop the rebuild and = start it afresh. This also did not work (no documents being indexed). I decided to delete the full text index and re-create it. I was able to = delete the index OK but when attempting to re-create it, here's what I = get: A catalog with the name specified already exists. Choose another name = to create a new catalog. Facility: MSSearch.Admin.1 ID no: 80041901 Exchange System Manager I'm guessing that the search service's registry enties are out-of-step = with the exchange server. I can;t find anything in MSKB about this and I = don;t want to just wade into the registry without knowing what I'm = doing. Anyone know how to remove the catalog from the search service so = I can re-create it? Regards, Tim ------=_NextPart_000_0012_01C398B8.B92303F0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2800.1264" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY> <DIV> <DIV><FONT face=3DArial size=3D2>My Exchange server has full text = indexes on both=20 private and public stores. Today I noticed that the mailbox index was in = a=20 'paused' state. It was probably paused for performance reasons, but when = I=20 resumed (state changed to crawling) the index was not getting any bigger = and no=20 documents were being indexed. So, I decided to stop the rebuild and = start it=20 afresh. This also did not work (no documents being indexed).<BR><BR>I = decided to=20 delete the full text index and re-create it. I was able to delete the = index OK=20 but when attempting to re-create it, here's what I get:</FONT></DIV> <BLOCKQUOTE dir=3Dltr style=3D"MARGIN-RIGHT: 0px"> <DIV><FONT face=3DArial size=3D2><BR><BR><FONT face=3D"Courier New" = color=3D#008000>A=20 catalog with the name specified already exists. Choose another name to = create=20 a new catalog.<BR><BR>Facility: MSSearch.Admin.1<BR>ID no:=20 80041901<BR>Exchange System Manager</FONT></FONT></DIV></BLOCKQUOTE> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>I'm guessing that the search service's = registry=20 enties are out-of-step with the exchange server. I can;t find anything = in MSKB=20 about this and I don;t want to just wade into the registry without = knowing what=20 I'm doing. Anyone know how to remove the catalog from the search service = so I=20 can re-create it?</FONT></DIV> <DIV><FONT face=3DArial size=3D2></FONT> </DIV> <DIV><FONT face=3DArial size=3D2>Regards,</FONT></DIV> <DIV><FONT face=3DArial size=3D2>Tim</FONT></DIV></DIV></BODY></HTML> ------=_NextPart_000_0012_01C398B8.B92303F0-- Tag: Security Groups Tag: 137229

On a fresh SBS 2000 box that will replace our old one, I
want to assign security groups. There will ultimately be
three types of security groups: high, med, low - where
the high group will allow users to have full Admin access
to their machines, med will have semi-admin access and low
will be no admin rights at all.

Currently, we do not use security groups on the SBS
domain. All I do is take off Local Admin rights for each
user - so they cannot install/uninstall programs, move
files into the System/WINNT folders or change the clock.
Some software needs registry tweaks for it to work under
these conditions.

I want to deploy these three groupings (or maybe just two -
high and low), where I will assign myself "high" (as I
constantly add/remove software from my machine) and "low"
to all users so that they cannot do anything!

How do I set up these groupings and the necessary tasks
before I add the users one-by-one to AD and assign them to
the groups.

I need step-by-step help as I have not done this before.

skc

Top

Re: Security Groups by Susan

Susan
Thu Oct 23 14:46:40 CDT 2003

Win2k already has this.... admin, power user and users. Have you looked
at this security groups that are already included?

skc wrote:
> On a fresh SBS 2000 box that will replace our old one, I
> want to assign security groups. There will ultimately be
> three types of security groups: high, med, low - where
> the high group will allow users to have full Admin access
> to their machines, med will have semi-admin access and low
> will be no admin rights at all.
>
> Currently, we do not use security groups on the SBS
> domain. All I do is take off Local Admin rights for each
> user - so they cannot install/uninstall programs, move
> files into the System/WINNT folders or change the clock.
> Some software needs registry tweaks for it to work under
> these conditions.
>
> I want to deploy these three groupings (or maybe just two -
> high and low), where I will assign myself "high" (as I
> constantly add/remove software from my machine) and "low"
> to all users so that they cannot do anything!
>
> How do I set up these groupings and the necessary tasks
> before I add the users one-by-one to AD and assign them to
> the groups.
>
> I need step-by-step help as I have not done this before.
>
> skc

--
"Don't lose sight of security. Security is a state of being,
not a state of budget. He with the most firewalls still does
not win. Put down that honeypot and keep up to date on your
patches. Demand better security from vendors and hold them
responsible. Use what you have, and make sure you know how
to use it properly and effectively."
~Rain Forest Puppy
http://www.wiretrip.net/rfp/txt/evolution.txt

Top