Using IAS to authenticate remote users....

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ smallbiz
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
 - 1
 - <<< SECURITY BULLETINS THIS MONTH>>> October Summary http://www.microsoft.com/technet/security/Bulletin/ms04-oct.mspx Critical Bulletins: MS04-032 - Security Update for Microsoft Windows (840987) http://www.microsoft.com/technet/security/Bulletin/ms04-032.mspx MS04-033 - Vulnerability in Microsoft Excel Could Allow Code Execution (886836) http://www.microsoft.com/technet/security/Bulletin/ms04-033.mspx MS04-034 - Vulnerability in Compressed (zipped) Folders Could Allow Code Execution (873376) http://www.microsoft.com/technet/security/Bulletin/ms04-034.mspx MS04-035 - Vulnerability in SMTP Could Allow Remote Code Execution (885881) http://www.microsoft.com/technet/security/Bulletin/ms04-035.mspx MS04-036 - Vulnerability in NNTP Could Allow Code Execution (883935) http://www.microsoft.com/technet/security/Bulletin/ms04-036.mspx MS04-037 - Vulnerability in Windows Shell Could Allow Remote Code Execution (841356) http://www.microsoft.com/technet/security/Bulletin/ms04-037.mspx MS04-038 - Cumulative Security Update for Internet Explorer (834707) http://www.microsoft.com/technet/security/Bulletin/ms04-038.mspx Important Bulletins: MS04-029 - Vulnerability in RPC Runtime Library Could Allow Information Disclosure and Denial of Service (873350) http://www.microsoft.com/technet/security/Bulletin/ms04-029.mspx MS04-030 - Bulletin Title Vulnerability in WebDAV XML Message Handler Could Lead to a Denial of Service (824151) http://www.microsoft.com/technet/security/Bulletin/ms04-030.mspx MS04-031 - Vulnerability in NetDDE Could Allow Remote Code Execution (841533) http://www.microsoft.com/technet/security/Bulletin/ms04-031.mspx Re-Released Bulletins: MS04-028 - Buffer Overrun in JPEG Processing (GDI+) Could Allow Code Execution (833987) http://www.microsoft.com/technet/security/Bulletin/ms04-028.mspx This represents our regularly scheduled monthly bulletin release (second Tuesday of each month). Please note that Microsoft may release bulletins out side of this schedule if we determine the need to do so. -- http://www.sbslinks.com/really.htm http://www.msmvps.com/bradley http://www.threatcode.com [let's get vendors to step up to the plate too] https://www.ecora.com/ecora/jump/pm99.asp Tag: Using IAS to authenticate remote users.... Tag: 165887
 - 2
 - strange DHCP lease SBS2000-ISA/DHCP/DNS/IIS/EXCHANGE ~50 W2K clients periodically I take a look at the leases folder of the DHCP tree in the SBS console. Almost everything looks OK, except the twice now I have noticed a lease for a computer called "pat". Problem is that I do not know of any system named "pat" and nobody is owning up to connecting to the network. Therefore I'd like to prevent "pat" from connecting and getting a network IP address. The only info I have is the NIC "00010267a972" and the computer name "pat" Is there a way of locking "pat" out? Please be specific. Thanks RickD Tag: Using IAS to authenticate remote users.... Tag: 165886
 - 3
 - RWW and ISA SP2 Help While installing a new SBS2003 box, I installed ISA and no longer could find service pack 1 but found SP2, after the update I ran the CIW but can no longer access the computer using RWW or OWA. I get the following error: 403 Forbidden - The server denies the specified Uniform Resource Locator (URL). Contact the server administrator. (12202) Internet Security and Acceleration Server Any ideas why I can't connect? Need to get this to work soon TIA Blake Tag: Using IAS to authenticate remote users.... Tag: 165885
 - 4
 - recover a Public Folder post deleted in error? Hi all, We have a public folder used as an incoming email message folder for a specific set of email addresses. These mails appear as posts on the public folder and our outlook clients are set read only for the folder. We've started to get spam in there and while cleaning the folder, by deleting the entries, a valid post got zapped in error. I need to get that back. How can I recover that post? It was deleted by the idiot with the one and only outlook account with delete authority for this public folder.. (mine!) but I cannot seem to find any way to undelete it or otherwise recover it? thanks. win2k & Exchange2k servers to latest SP's and hot fixes as at october 2nd. Tag: Using IAS to authenticate remote users.... Tag: 165879
 - 5
 - Dual Boot with W2K3 Hi Can I set up W2K3 to dual boot with my W2K SBS installation. I have a migration planned on the same box and three spare HDD slots in the server. So...I was thinking about lobbing in some new HDD and building it on the same machine. Should make data transfer easier. Then once all done I can remove the old HDD and reset the boot sector and off I go? Any comments TIA lewej Tag: Using IAS to authenticate remote users.... Tag: 165877
 - 6
 - Exchange server error message when trying to change permissions on public folders I am receiving error message "Invalid windows handle ID no: 80040102 Exchange System Manager" when trying to change permissions on a public folder in Exchange 2000. I have found kb article 313333, which addresses this issue: http://support.microsoft.com/default.aspx?scid=kb;en-us;313333 I cannot find the file pfinfo on my server. Where can I locate this file and the pfadmin utility? The article also says these utilities will only work with the retail version of Exchange or Exchange with SP 1. I have Exchange patched to SP 3. Does anybody know how this issue can be resolved with SP 3 installed? Regards Andrew Stevens Tag: Using IAS to authenticate remote users.... Tag: 165872
 - 7
 - SMTP Problem Our SBS Exhange server has geen sending out thousands of messages via SMTP. These messages have not originated from our company. Even when the server is disconnected from both local and internet the messages queue up. The only way I have found to halt their creation is to stop the SMTP service. Can anyone help me to find a solution. Chris Bartholomeusz Tag: Using IAS to authenticate remote users.... Tag: 165871
 - 8
 - Is it possible to see the network neighbourhood through the VPN? Hello, I just set up the VPN for our server, and the initial connection worked. I can access the resources from the server. What I am interested in is to have the ability to browse the network neighbourhood or access other computer (other than the VPN Server). Since I am rather new, I am just wondering if this possible? TIA for any advice or guidelines in putting me in the right direction. Tag: Using IAS to authenticate remote users.... Tag: 165870
 - 9
 - Printing problem Hi, Out of the blue today we started having trouble printing to our network printers. The problem seems to only occur with our windows 98 SE clients. We seem to be able to print fine from windows XP clients and from the server itself. The symptoms are that things just don't print, the printer icon doesn't appear in the system tray. If I try and do a printer test page from the printer properties I get the following error message "There was an error writing to server/queue for printer printername. The access code is invalid The printer will be set to work offline To save your job in the local printer queue, click ok" I have tried reinstalling the printer dirvers on the server and the clients, but still get the same problem. I have also tried turning all machines off, server and clients, and still the same problem. Can anyone offer any ideas as to how to solve this problem.? Thanks Mark S. Tag: Using IAS to authenticate remote users.... Tag: 165868
 - 10
 - RAID 1 versus RAID 5 Yesterday in my office there was a discussion with Marina Roos and Jeff (online) about howto to setup the best practice RAID partitioning. In the past I followed the SBS2K deployment guide which states: RAID 1 is the only way you can back up your boot and system partition. In the case of RAID 5, you require at least three disks and you can use up to two-thirds of the total disk space for data storage. This provides better performance, but it cannot give fault tolerance to your boot and system partitions. I have 2 9.1GB HDs and another 4 36GB HDs. In the past I installed the system programs on the 9.1 partitions and the data files of exchange, SQL and users and company shared folders on the 36GB disks. Is the deplyment guide wrong in stating that the boot and system disk can only be backuped with RAID 1? Furthermore what happens in an all RAID 5 situation if the system partition disk goes bad? Is it in this case also just a matter of hot swapping a new disk and move on? Or ... I can use the 9.1Gb to expand a RAID 5 partition on other server, so moving to RAID 5 would be welcome. TIA, Fred Tag: Using IAS to authenticate remote users.... Tag: 165867
 - 11
 - Removing ISA 2000 and 2nd Nic Hi All, I have a client who wants to do some apps back and forth between their main office (SBS 2000) and their branch office (NT4.0 Server). After much trial and tribulation with ISA, we decided that we will remove ISA ( well, put it in just Caching Mode) and the 2nd Nic so that the apps will work from server to server. They have a VPN router at each office with a full time VPN connection running. Now, what probs will I face doing this? Any order I should do things in? Thanks, Mike Tag: Using IAS to authenticate remote users.... Tag: 165864
 - 12
 - OWA connect issue I just setup OWA on a client's SBS 2000 server. It tested out fine on my PCs (W2K and XP Pro) but my clients could not get in on their XP Pro PCs at home. I am not using SSL at this time. They get the login dialog box type in their User-ID and password but get a page could not be displayed message instanteously. Any ideas? Tag: Using IAS to authenticate remote users.... Tag: 165858
 - 13
 - mail-domain problem, domain within domain Hello, the problem is this: using SBS2000, 30 clients, The mail send-part is the problem. The company is international working, lets call it, The company Buzz, so info@buzz.com is legal. All of the people within the whole company world-wide will have the form firstname.lastname@buzz.com so that it appears to the whole world as 1 company. In the netherland there is site1, in germany site2, in england site3, etc. If someone sends a mail to big.ben@buzz.com it will arrive at the master-mail-server in england, here it gets sorted and forwarded to the pop-mailbox@site3 because Big Ben is working in England at site3, so will the mail send to amster.dam@buzz.com beiing forwarded to pop-mailbox@site2 because miss Amster Dam is working in the Netherlands at Site1. Ok this is all working ok. Now miss Amster Dam gets a mail from Big.Ben@buzz.com and reply's to it, now here it goes wrong, if she send the mail, exchange will see that there is a mail coming from amster.dam@buzz.com as reply to big.ben@buzz.com and exhange will know that all of this is within it's own domain........ it searches for Big Ben locally but can't find it. And send a nice message to Amster Dam that it can not reach Big Ben. And end the transmission with <server-x.buzz.intra #5.1.1> Q1. can i work around this? Q2. can i configure a list of adresses that exchange looks into and can make the decision to kick the mail on the internet? Q3. help Tag: Using IAS to authenticate remote users.... Tag: 165849
 - 14
 - Network Scanner Does anyone know of a network scanning software that can be run against a network from outside to test open ports? Thanks. Peter Tag: Using IAS to authenticate remote users.... Tag: 165845
 - 15
 - Adding WinXP Pro to SBS2000, Disk or NO Disk? Looked at the info on smallbizserver.net about adding a WinXP Pro client to SBS2000 and it says, "DO NOT USE THE CLIENT FLOPPY DISK." Then is says, "See more info 316418 - How to Set Up a Windows XP Professional Client in an SBS 2000 Network." KB article 316418 says, "You can use the SBS 2000 Setup Computer Wizard to create a floppy disk that you can use to configure a client computer in an SBS 2000 network. Microsoft recommends that you use the Computer Setup Wizard to configure Windows XP based client computers." Any insight and/or clarification on this would be appreciated! Thanks. Tag: Using IAS to authenticate remote users.... Tag: 165839
 - 16
 - Migrating from SBS 2000 or Windows 2000 to SBS 2003 Hi Our compnay would like to repalce our cuurent server to a new New Server . Can anybody please tell me that by following this link http://download.microsoft.com/download/6/d/c/6dccf9b4-d915- 4c95-b5af-100b89e02add/SBS_MigratingSBS2k.doc I will be able to successfully perform this task. Many Thanks A Tag: Using IAS to authenticate remote users.... Tag: 165835
 - 17
 - checking email delivery hi.. is there anyway to check whether an email has been received by a user on a sbs 2k box. have a user that insists that they didn't receive an email, from outside domain, but the sender insists they sent it. without looking at the users mailbox is there any other log that would show delivery etc. cheers Tag: Using IAS to authenticate remote users.... Tag: 165834
 - 18
 - RDP from SBS <-> SBS To ALL, I am at client "A" who is running SBS2K with ISA and have another unrelated client(client "B") who is running SBS2K w/ISA. They are completely different companies. I would like to use remote desktop connections to access client "A" from client "B" for offsite support and visa versa. Do I need to make any access policies in ISA or open any ports on the routers? Thanks in advance. RickD Tag: Using IAS to authenticate remote users.... Tag: 165828
 - 19
 - exchange we are having problems sending and receiving mail through our exchange server.can any body please tell me how i can change the send and receive schedule. and force it to do it now? or anything else that might be relevent. thanks in advance Tag: Using IAS to authenticate remote users.... Tag: 165819
 - 20
 - Kentucky Small Business Server User Group (KYSBSUG) October Meeting You are cordially invited to the Kentucky Small Business Server User Group (KYSBSUG) October Meeting Next Meeting Information: Date: Tuesday October 19, 2004 Time: 6:00 pm - 8:00 pm Eastern (GMT -5) Cost: Admission, parking, and refreshments are FREE! Location: University of Louisville - Shelby Campus Building: Information Technology Resource Center (iTRC) Room: Large Conference Room Address: 9001 Shelbyville Road City/State/Zip: Louisville, KY 40222 Contact: Tim Barrett (timbarrett@rehabdesigns.com) Meeting Agenda: 6:00 - 6:30 - Networking 6:30 - 6:45 - Meeting starts - SBS News & Events, Orientation for new members 6:45 - 7:45 - Featured speaker: Bryan Von Axelson (Microsoft TechNet) - Windows Sharepoint Services 7:45 - 8:00 - Wrap-up give-aways -Tim Barrett Kentucky Small Business Server User Group (KYSBSUG) http://www.kysbsug.org timbarrett@rehabdesigns.com -------------------------------------------------------------------------------- This message created using Microsoft Outlook® Web Access (OWA) for Exchange 2003 http://www.microsoft.com/exchange/owa/ Tag: Using IAS to authenticate remote users.... Tag: 165818
 - 21
 - Domain Controller Redundancy Hi, I have two domain controllers on my domain (one SBS2003 server (DHCP + DNS server) and one Windows 2003 server). I want to have the domain controllers configured to so that if either one is unavailable users on the network will still be able to logon and be authenticated. These are my questions : 1 - In order for a DC (domain controller) to authenticate clients it needs to be a GC (Global Catalog Server) ? Do I have to configure the Windows 2003 DC server as a GC ? 2 - DHCP : to provide DHCP redundancy do I have to configure DHCP scopes for two different ranges, disable the DHCP server service on my Windows 2003 server and enable it when my SBS2003 fails ? 3 - DNS : forward and reverse zones on SBS2003 are Active-Directory Integrated zones. How do I have to configure DNS zones on my Windows 2003 server ? How do I have to set up primary and secondary DNS server addresses on my lan network cards ? (primary = itself, secondary = the other DC ?). Thanks, Andrea Tag: Using IAS to authenticate remote users.... Tag: 165815
 - 22
 - <<SBS news of the week - October 10, 2004>> Kevin's song of the week news://msnews.microsoft.com/usNPp5arEHA.1152@TK2MSFTNGP11.phx.gbl Sean Daniel blogs some good stuff Good stuff on Seandaniel.com blog today: http://msmvps.com/bradley/archive/2004/10/09/15349.aspx -------------------------- THIS WEEK IS SECURITY BULLETIN WEEK Tuesday is Security day -------------------------- We have not heard back regarding the ASP.net patch so hang tight and I'll try to get something by Tuesday ASP.net vulnerability update - Remote Web Workplace: http://msmvps.com/bradley/archive/2004/10/07/15232.aspx ------------------------ Interesting blogs this week: Favorite tools of Eric Fleischman http://blogs.msdn.com/efleis/archive/2004/10/08/239670.aspx Xp sp2 media sensing issues http://interprom.blogspot.com/2004/10/media-sensing-quietly-causes-domain.html Bruce Schnider now blogs Larry reports http://weblogs.asp.net/larryosterman/archive/2004/10/07/239547.aspx Nothin' but Sharepoint blogs http://www.sharepointblogs.com/ Microsoft has work to do says Bruce http://www.schneier.com/blog/archives/2004/10/schneier_micros.html New geek term PODCAST http://radio.weblogs.com/0001011/2004/10/09.html#a8381 Timezones anyone? http://msmvps.com/bradley/archive/2004/10/10/15398.aspx ---------------------------- In other news Wallace denies wrongdoing in fed anti-spyware case The man at the center of the nation's first spyware case ? a businessman notorious for his junk Internet mailings ? says federal regulators were politically motivated in targeting him for enforcement of new bills outlawing intrusive software. http://news.zdnet.com/2100-1009_22-5403438.html http://www.gcn.com/vol1_no1/daily-updates/27597-1.html http://www.msnbc.msn.com/id/6207252/ http://computerworld.com/governmenttopics/government/legalissues/story/0,10801,96528,00.html http://www.cnn.com/2004/LAW/10/08/tech.spyware.reut/index.html http://www.usatoday.com/tech/news/computersecurity/2004-10-07-ftc-spyware_x.htm http://www.theregister.co.uk/2004/10/08/us_anti-spyware_laws/ - - - - - - - - - - - - - - - - - - - - NISCC wins gong for its fight against cybercrime The National Infrastructure Security Co-ordination Centre (NISCC) got a pat on the back today. Director of Roger Cumming received one of two annual awards from the research and education body the SANS Institute at its top 20 Internet Security Threats conference in London today. http://news.zdnet.co.uk/internet/security/0,39020375,39169463,00.htm http://computerworld.com/securitytopics/security/story/0,10801,96516,00.html - - - - - - - - - - Expert: Online extortion growing more common Online extortion is rife and that cybercrime is set to get worse, the SANS Institute's research director said Friday. "Six or seven thousand organizations are paying online extortion demands," Alan Paller said at the SANS Institute's Top 20 Vulnerabilities conference in London. "The epidemic of cybercrime is growing. You don't hear much about it because it's extortion, and people feel embarrassed to talk about it." http://news.zdnet.com/2100-1009_22-5403162.html - - - - - - - - - - Word open to exploit An unpatched security vulnerability in popular older versions of Microsoft Word poses a severe threat to users, security reporting firm Secunia warned yesterday. The flaw stems from an input validation error in Word. This creates a mechanism for creating malicious files capable of crashing Windows boxes providing a user can be tricked into opening dodgy documents. The bug might also (at least potentially) be used to inject malicious code into vulnerable systems. http://www.securityfocus.com/news/9676 'Highly critical' security flaw found in Office http://news.zdnet.co.uk/0,39020330,39169436,00.htm - - - - - - - - - - - - - - - - - - - - New reason to avoid 'unsubscribe' links We've always been told that trying to "opt- out" from spam messages is probably a bad idea. Spam filtering firm MessageLabs now says there's a new reason not to click -- spammers are starting to sneak special code into that opt-out link which turns the spam recipient into an unwitting accomplice. The link is really a clever trick designed to turn the victim's computer into a zombie that can be used to send out more spam. http://www.msnbc.msn.com/id/6208701/ - - - - - - - - - - Spam: Leave it to the sender In today's Internet e-mail system, the sender creates a message and sends it to an SMTP (Simple Mail Transport Protocol) server. That server, in turn, sends the message to all the recipients' SMTP servers -- where it is stored until it is retrieved by services like POP3 (Post Office Protocol), Microsoft's MAPI (Messaging Application Programming Interface), IMAP (Internet Message Access Protocol), and DMSP (Distributed Mail System Protocol). http://news.zdnet.com/2100-1009_22-5402746.html Spam gets political http://news.zdnet.co.uk/internet/security/0,39020375,39169618,00.htm - - - - - - - - - - CEOs 'too trusting' of outsourcer's security CEOs aren't taking the care that they should with their customers' data when they outsource, according to a new survey of senior management. The Ernst & Young Global Information Security Survey queried 1,233 companies from 70 countries and found that most were trusting their outsourcer's security to chance rather than actively tracking how secure data is. http://news.zdnet.com/2100-1009_22-5403254.html http://int.sitestat.com/ernst-and-young/international/s?Technology-and-Security-Risk-Service-Global-Information-Security-Survey-2004&ns_type=pdf - - - - - - - - - - Ask Tom Ridge or bust George Bush's political guru, Karl Rove, must own a super lucky rabbit's foot. When Amit Yoran last week became the third cybersecurity chief to leave his post in less than two years, most folks barely noticed. What with the baseball playoffs, the sexual exploits of Scott Peterson and the political silly season, other things apparently occupied their attention. http://news.zdnet.com/2100-1009_22-5403025.html <hmmmm ... I noticed... wonder what that says about me?> Cybersecurity expert Howard Schmidt returning to DHS Howard Schmidt, a former Bush administration cybersecurity adviser, will return to government as a consultant to the Homeland Security Department. DHS officials briefed congressional staff members yesterday about their plans to use Schmidt as an IT security adviser. A DHS official familiar with the Capitol Hill briefing confirmed the plans. Schmidt will not be paid by DHS but by the Computer Emergency Readiness Team Coordination Center, a federally funded R&D center run by Carnegie Mellon University, the official said. http://www.gcn.com/vol1_no1/daily-updates/27548-1.html http://computerworld.com/securitytopics/security/story/0,10801,96470,00.html Interim cybersecurity chief named The Department of Homeland Security named an acting U.S. cybersecurity chief on Thursday as Congress weighed whether to give the position greater clout to fight hackers, viruses and other online threats. Andy Purdy was named interim U.S. cybersecurity director one week after Amit Yoran suddenly resigned from the post amid reports that he was frustrated with his lack of authority. Purdy was Yoran's deputy and had advised the White House on cybersecurity issues. http://www.cnn.com/2004/TECH/10/07/cyber.security.reut/index.html - - - - - - - - - - Trojan pretends to do good Security company Symantec is warning Internet users of a Trojan horse that removes adware but alters the settings in computers. While Downloader.Lunii eliminates a variety of adware programs--often known as spyware-- the Trojan also tries to maliciously change the security settings of Windows PCs and then downloads files from unknown Web sites, Symantec said. http://news.zdnet.com/2100-1009_22-5400982.html - - - - - - - - - - Noomy.A virus spreading via chat rooms IRC users hoodwinked with promise of software cracks and Kournikova screensavers. Security experts have warned internet users to update their antivirus systems to protect against a newly discovered worm dubbed Noomy.A, which "could represent a new trend in malicious code techniques". http://www.vnunet.com/news/1158607 - - - - - - - - - - House passes bill imposing prison time over 'spyware' The House on Thursday passed the second bill in three days that would outlaw ``spyware,'' irritating software that quietly monitors the activities of Internet users. It would add penalties of up to five years in prison for people convicted of installing such programs without a computer user's permission. http://www.siliconvalley.com/mld/siliconvalley/news/editorial/9860491.htm - - - - - - - - - - Email privacy strikeout suspended Privacy groups have succeeded in persuading a First Circuit Appeals Court to reopen a case with some nasty unintended consequences for email users. A June ruling inadvertently opened the door for spooks and Feds to snoop on email without a court order, but that's now been suspended, pending the hearing in December. http://www.theregister.co.uk/2004/10/07/email_wiretap/ - - - - - - - - - - - - - - - - - - - - Microsoft delays IM beta over security concerns Microsoft confirmed on Thursday that it has suspended the beta release of MSN Messenger 7.0 because of a potential security hole affecting one of the program's features. The security concern stems from a feature called "winks," essentially Flash- based animated buddy icons with sound effects that users can send to one another. Apparently hackers can exploit the hole to send their own unauthorized winks to people, causing a "security problem" for the recipient, a Microsoft representative said. http://news.zdnet.com/2100-9588_22-5401516.html http://computerworld.com/securitytopics/security/story/0,10801,96475,00.html - - - - - - - - - - Market for IPv6 security is starting to grow IP Version 6, the next-generation Internet Protocol, is still in the early adoption phase, but commercial demand for tools to secure IPv6 networks is beginning to grow, according to one vendor. Check Point Software Technologies Ltd. of Redwood City, Calif., has installed 750 of its combination firewall and VPN products on IPv6 networks this year, said Andrew Singer, the company?s manager of market intelligence. http://www.gcn.com/vol1_no1/daily-updates/27552-1.html - - - - - - - - - - Fueling the Fire The latest Symantec Threat Report can provide us with information, knowledge, and even a little bit of wisdom -- about what has truly become an epidemic and an avenue for organized crime. Being an intellectual dilettante, the fields of Systems Theory and Knowledge Management interest me greatly. One of the key principles of those fields is the DIKW Hierarchy first developed by Russell Ackoff, the idea that human minds (ideally) interact with the world and progress through what they find in a hierarchical process, from Data to Information to Knowledge to Wisdom (Ackoff also adds Understanding, but not everyone does). http://www.securityfocus.com/columnists/271 - - - - - - - - - - Nine questions to ask when evaluating a security threat You've just learned that a new worm from a former Soviet country is spreading fast because it doesn't rely on e-mail ? it automatically exploits a vulnerability in Microsoft's Internet Information Server. Now what? Do you cancel your evening plans and stay late testing patches, or can you safely ignore this worm? http://computerworld.com/securitytopics/security/story/0,10801,96425,00.html 'Do the right thing' for continuous protection and network safety http://computerworld.com/securitytopics/security/story/0,10801,96417,00.html -- http://www.sbslinks.com/really.htm http://www.msmvps.com/bradley https://www.ecora.com/ecora/jump/pm99.asp Tag: Using IAS to authenticate remote users.... Tag: 165811
 - 23
 - pc hangs Hi, I have a sbs 2k domain with about 30 client pc's All has been running well until I ran into a problem where someone could log in as a domain user no problem, but as soon as they openned "My Computer" and clicked on their personal share (which is on the sbs server) the pc hangs. Ctrl alt del does nothing and the only way to recover is to power off the pc and start again. It only happens with a handful of users. I have swapped pc's, swapped cat cables, swapped ethernet switch, re made roaming profiles all to no avail. There are no error messages under the event viewer to indicate a problem. I am at my wits end trying to sort this because as I say when the pc locks up you need to start from scratch. Last week I restarted the sbs server without some users being logged off. This resulted in a few corrupted files that were open at the time. I am wondering if this has caused the problem with the users. Any help appreciated as I don't know where to go from here Regards Simon Tag: Using IAS to authenticate remote users.... Tag: 165810
 - 24
 - vpn from xp pro client to sbs2000 I've setup vpn on sbs2000. Have Linksys BSFR41 router and configured to allow ipsec and pptp passthrough. I'm confused about "static ip" address. SBS server has internal NIC of 192.168.16.2. SBS makes internet connection using BellSouth DSL (PPPOE with static ip assigned). To setup XP Pro at home to access SBS2000VPN....have BellSouth DSL service on XP Pro also (different account no static IP). Which IP address do I provide to the XP connectoid to access the SBS2000VPN? Thanks, Tag: Using IAS to authenticate remote users.... Tag: 165801
 - 25
 - Hung fax, Brooktrout Windows 2000 SBS using the Brooktrout TruFax 100 PCI with end users on 95, 98, 2000, and XP machines. In the past few weeks I encountered an appearance of the board being "hung". Won't send or receive and I've tested the phone line. Stopping and starting the service does not restore it and the last time re-booting did not restore it. I had to un-install and re-install the hardware/software to get it up and running. The driver version is 4.3.1.59. I've gone to the Brooktrout website several times and I even down loaded the drivers from there but it continues to come up with the same driver. Is there a new driver or another way rather than re-booting the server to get this back up and running when it hangs? Thanks Rick Tag: Using IAS to authenticate remote users.... Tag: 165798
- Next
 - 1
 - SQL Reporting Service on SBS2000 A question to the collective wisdom of the group. I am trying to install SQL Server 2000 Reporting Services update to my SBS2000 server with SQL Server 2000 installed. I keep getting an error at the end of the Reporting Services installation saying that it was not possible to initialise Reporting Services. I have tried a few methods to initialise Reporting Services but to no avail. Before I continue with my quest to fix the problem I just wanted to confirm that it is actually possible to install SQL Server Reporting Services on a SBS2000 Server. Thanks in advance to all who reply. -- Regards, Steve ------------------------------------------- Steve Remington Hawthorn, Victoria, Australia newsgroup@steveremington.notmy.name (Remember Steve Remington "is" my name so remove the "notmy" to send an email) ------------------------------------------- Great spirits have always encountered violent opposition from mediocre minds. Albert Einstein ------------------------------------------- Tag: Using IAS to authenticate remote users.... Tag: 165793
 - 2
 - SBS xp client I have replaced an old PC on our network with a new PC running XP pro. I have attempted to install outlook 2000 via Small Business Server Application Installer. I need to give the XP PC administrator rights to allow the install. I have been unable to find the method of doing this. Anyone give me some pointers. Jilly Tag: Using IAS to authenticate remote users.... Tag: 165792
 - 3
 - Maintenance on www.smallbizserver.net Hi all, Due to some work I have to do the site will be offline for several hours today. To be more excact: At least between 13:00 and 22:00 hours CET the site will be down. -- Mariëtte Knap - MVP http://www.smallbizserver.net Take part in SBS forum: http://www.smallbizserver.net/Default.aspx?tabid=154 Tag: Using IAS to authenticate remote users.... Tag: 165791
 - 4
 - << SBS Posting FAQ for New Users - V:1.0 - Last Updated: 2004-07-21>> An HTML version of this document is available at: http://www.sbs-rocks.com/netiquette.htm -------------- The following tips are designed to help you get the fastest and most appropriate answer to your questions. They suggest which newsgroup to use,what basic research to do before posting, information to include in your posting, newsgroup etiquette, and alternate sources of useful information. Following them will help us to help you. =================================================== - Post to the appropriate newsgroup: For SBS 4/4.5: microsoft.public.backoffice.smallbiz For SBS 2000 : microsoft.public.backoffice.smallbiz2000 For SBS 2003 : microsoft.public.windows.server.sbs Microsoft News Server: news.microsoft.com The SBS Newsgroups provide a free forum for threaded discussion and peer support on issues related to Small Business Server by users, service providers and interested parties. Please remember when posting that non Microsoft people don't get paid to be here, and MVPs are -not- Microsoft employees. { Who are the Microsoft MVPs ? http://mvp.support.microsoft.com/default.aspx?scid=fh;EN-US;mvpfaqs } Everyone here is giving generously and freely of their time, experience and expertise to enhance the Small Business Server Community. Join it, support it, respect it and enjoy it. - SBS Rocks ! =================================================== A Web interface to the SBS 2003 newsgroup is at: http://support.microsoft.com/newsgroups/?pr=newsgsbs2003 You'll find the Rules of conduct on the MS Website at: Welcome to Microsoft Discussion Groups http://communities2.microsoft.com/communities/newsgroups/en-us/default.aspx =================================================== - Do some basic researches for previously posted solutions. ( It's most likely been posted and solved before. ) Advanced Google Search: http://www.google.com/advanced_search Domain: microsoft.com experts-exchange.com Advanced Google Groups Search of the Usenet archives: http://groups.google.com/advanced_group_search Advanced Microsoft Search: http://search.microsoft.com/search/search.aspx?st=a&View=en-us (Note that you can also just enter a KB, Q or Error Number) Event Log Entries associated with your issue or setup: http://www.eventid.net (Enter the Event number from the Event Log) http://search.microsoft.com (Enter '1001' (for example) or 'error 1001') Your Public Interface: http://www.dnsreport.com http://www.dnsstuff.com Your network Settings on Servers and workstations: Start > Run > cmd : ipconfig /all Ports Status Start > Run > cmd : netstat -an =================================================== - Post with a meaningful subject line so those with expertise or interest in the topic can find it quickly. - Posting with a purely attention seeking topic such as "DISASTER" or "No-One Ever Responds to Me" may get you noticed -once- but is likely to get you ignored or dropped in future. Remember -everyone's- issue is important to them, so que jumping won't enhance anyone's opinion of you within the newsgroup. Mentioning the SBS component, Exchange, ISA, SQL Server, RAS, Pop Connector etc.in the heading will be a big help in catching the eye of experts in that field. =================================================== - If posting a Question, post with sufficient information for a complete stranger to understand your SBS version, environment; your issue, what you have tried and what failed. You're not cutting down on the typing as you'll be asked anyway, and it can only enhance the speed to diagnosis and resolution. A secondary benefit to this is that in correctly framing the question, the resolution often presents itself. Note: Stating your SBS version ( 4, 4.5, 2000, 2003 ) is particularly important as is whether your SBS 2003 is Standard or Premium and whether you have ISA installed. Please state all messages and IDs in failure notices and/or in the event viewers. Also what may have been installed/changed/updated prior to or during the issue. =================================================== - Posting In capitals on is considered SHOUTING! ...Please don't. =================================================== - Don't overlook or discount Paid Support. If the Issue is urgent or complex, the time you spend searching for a "free" solution. ...and cost factors such as Worker Downtime, Customer Irritation, Lost Productivity, and Hair Replacement costs will likely far outweigh the cost of a Support Call to Microsoft PSS (Product Support Services ) or a Support Professional. Note: Hotfixes are free of charge. Just ask for the specific Hotfix. =================================================== - It's difficult to convey human emotions on Usenet (Humour, Pathos, Sarcasm, Tongue-In-Cheek ) so use of emoticons and/or acronym tags is advised. .... and no; you -don't- have to be serious all the time. It's a community. Enjoy ! =================================================== - There are many paths to a solution and as many experiences in getting there as there are posters. Sometimes the paths are well worn, tried and true. Sometimes paths diverge, sometimes converge, and sometimes new trails are blazed. Understand and respect that, and use what suits you and your situation. =================================================== - People are different, but people are people. You should be nice to them. This is a technical newsgroup and not a place for Egos or Flame Wars. As a community we try to leave them at the door and respect each other. What you post here is archived and available to anyone, anytime. Remember ...."Please don't feed the Trolls!" =================================================== - Newsgroups are not your only source of Information / Help. Many of the members of the SBS Community provide support via Websites, Lists and Blogs such as: http://www.sbslinks.com/ ( Susan's Links to all things SBS) http://www.smallbizserver.net/ ( Mariette's Website and Forum ) http://www.sbs-rocks.com/articles.htm ( Andy's SBS Articles) http://www.sbsfaq.com/ ( Wayne's Website ) sbs2k@yahoogroups.com ( SBS Forum on Yahoo ) Blogs by: Chad, Charlie, Kevin, Susan http://www.msmvps.com/cgross/ http://blogs.msdn.com/canthe http://www.msmvps.com/kwsupport/ http://www.msmvps.com/bradley/ The Microsoft SBS Websites: Small Business Server Homepage for all sorts of Information, Demos, Whitepapers Upgrades, Migrations Events and Training http://www.microsoft.com/windowsserver2003/sbs/default.mspx Small Business Community Sharepoint Site: http://sbcomm.sts.winisp.net/default.aspx Downloads for Windows Small Business Server 2003 - Keep Your Server Up to Date - http://www.microsoft.com/windowsserver2003/sbs/downloads/default.mspx =================================================== - Don't be shy to post a Question ....or an Answer. SBS encompasses a lot and has been known to make even corporate SysAdmins Cringe and MCSEs cry. None of us knows -all- the answers. We were all "Newbies" once and none of us has experience with every permutation, combination, setup and environment SBS is deployed in, so there are -no- stupid or dumb questions. That's the domain of answers that imply that there are. If you're asking a question and know the answer to another one on the page, muck in and post it. The poster may get a faster resolution than they would have, and an additional member may get a response they wouldn't have otherwise Your solution may be a something that we can all learn from. - What goes around, comes around.- =================================================== - It's not only Break/Fix. Anecdotes, Wishlists, Insights and Brickbats are all grist to the mill of SBS Topics and all on-topic for the community. =================================================== - Don't Multi-post*. ( *the Same Posting within different newsgroups or within the same thread.) If you must post to several newsgroups, Cross-post to just the relevant ones. A response in one will then show up in the others and all can follow the thread. =================================================== - Be patient. Newsgroups are not Instant Messaging, and people aren't on-line just waiting for you to post. If the situation -is- that urgent, then Paid Support will pay for itself. Remember: No-one -owes- you a response. =================================================== - Things get missed. Things do get lost or missed, or someone with the appropriate skills or experience may not be available, so if you haven't had a response after 3 Days or so, post again, perhaps with more detail and things you've tried in the interim. ============================================ - Lastly, -enjoy - and remember, SBS Rocks ! For and on behalf of the SBS Community. SBS FAQ Poster *To avoid seeing this Post in the future add it to your Ignore Filter.* Tag: Using IAS to authenticate remote users.... Tag: 165787
 - 5
 - An example of a crosspost with set followup try replying to it. Tag: Using IAS to authenticate remote users.... Tag: 165786
 - 6
 - Boot up...file missing in \Winnt\System32\Config\Systemced lol... http://support.microsoft.com/?kbid=269075 ... the system doesn't boot so how you supposed to do most of this. system is only 3.4mb Yes taught me a lesson to ensure ERD disks are upto date and CHECKED...floppy faulty !!!, but was out of date by a few months. Its a Dell 1600SC Raid 5...been running for 14 months no prob. Earlier indications were no mail, RDC to it very slow then server had rebooted with above screen... Anyone else successfully resolved systemced ? Tag: Using IAS to authenticate remote users.... Tag: 165780
 - 7
 - Song of the Week - Oct 8, 2004 This is a multi-part message in MIME format. ------=_NextPart_000_0030_01C4AD8D.1966D4A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Some of us were recently looking back on the days of 1200 baud modems, = 5mb hard drives, 51/4" floppies and using Microsoft Multiplan. = (Multiplan was the predecessor to Excel). Looking back is always fun, = because it's easy to measure how far we have traveled and improved. But = looking to the future is harder, because that requires hope. Here's = hoping that everyone enjoys this weekend and song! Looking back all the way to 1968: Those Were The Days, My Friend (aka Those Were The Days, Bill Gates) http://www.niehs.nih.gov/kids/lyrics/thosewere.htm Once upon a time there were computers Remember how we used DOS 3.3 Thinkin' how we coded through the hours And talked of all the great things we might see Chorus: Those were the days, Bill Gates We thought they'd never end We'd code and code forever and a day We had so much to bring When IBM was king For we were young and sure to have our way La la la la la la La la la la la la As the busy years went rushing by us We dreamed of using Windows on our way And if by chance we saw the Apple logo We'd smile at one another and we'd say Those were the days, Bill Gates We thought they'd never end We'd code and code forever and a day We had so much to bring When IBM was king For we were young and sure to have our way La la la la la la La la la la la la Just tonight I stood before my system Nothing seemed the way it used to be In the glass I saw a strange reflection Was that error message meant for me? Those were the days, Bill Gates We thought they'd never end We'd code and code forever and a day We had so much to bring When IBM was king For we were young and sure to have our way La la la la la la La la la la la la Through the error there came familiar coding I saw your face and heard you call my name Oh, my friend, we're older and are balding But in our hearts the dreams are still the same... Those were the days, Bill Gates We thought they'd never end We'd code and code forever and a day We had so much to bring When IBM was king For we were young and sure to have our way La la la la la la La la la la la la --=20 Kevin Weilbacher [SBS-MVP] "The days pass by so quickly now, the nights are seldom long" ------=_NextPart_000_0030_01C4AD8D.1966D4A0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=3DContent-Type content=3D"text/html; = charset=3Diso-8859-1"> <META content=3D"MSHTML 6.00.2900.2180" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff background=3D""> <DIV>Some of us were recently looking back = on the days=20 of 1200 baud modems, 5mb hard drives, 51/4" floppies and using Microsoft = Multiplan. (Multiplan was the predecessor to Excel).  Looking back = is=20 always fun, because it's easy to measure how far we have traveled and = improved.=20 But looking to the future is harder, because that requires hope. Here's = hoping=20 that everyone enjoys this weekend and song! Looking back all the = way to=20 1968: Those Were The Days, My Friend (aka Those Were The Days, = Bill=20 Gates) <A=20 href=3D"http://www.niehs.nih.gov/kids/lyrics/thosewere.htm">http://www.ni= ehs.nih.gov/kids/lyrics/thosewere.htm</A></DIV> <DIV> Once upon a time there were=20 computers Remember how we used DOS 3.3 Thinkin' how we coded = through the=20 hours And talked  of all the great things we might=20 see Chorus: Those were the days, Bill Gates We thought = they'd=20 never end We'd code and code forever and a day We had so much to=20 bring When IBM was king For we were young and sure to have our = way La=20 la la la la la La la la la la la As the busy years went = rushing by=20 us We dreamed of using Windows on our way And if by chance we saw = the=20 Apple logo We'd smile at one another and we'd say Those were = the days,=20 Bill Gates We thought they'd never end We'd code and code forever = and a=20 day We had so much to bring When IBM was king For we were young = and=20 sure to have our way La la la la la la La la la la la = la Just=20 tonight I stood before my system Nothing seemed the way it used to = be In=20 the glass I saw a strange reflection Was that error message meant for = me? Those were the days, Bill Gates We thought they'd never=20 end We'd code and code forever and a day We had so much to = bring When=20 IBM was king For we were young and sure to have our way La la la = la la=20 la La la la la la la Through the error there came familiar = coding I=20 saw your face and heard you call my name Oh, my friend, we're older = and are=20 balding But in our hearts the dreams are still the = same... Those were=20 the days, Bill Gates We thought they'd never end We'd code and = code=20 forever and a day We had so much to bring When IBM was king For = we were=20 young and sure to have our way La la la la la la La la la la la=20 la -- Kevin Weilbacher [SBS-MVP] "The days pass by so = quickly now,=20 the nights are seldom long"</DIV></BODY></HTML> ------=_NextPart_000_0030_01C4AD8D.1966D4A0-- Tag: Using IAS to authenticate remote users.... Tag: 165773
 - 8
 - http://localhost/intranet/ Hi all - I am not sure if I have a problem or not. There is an icon that is created in the favorites for the SBS Users Guide and has an address of http://localhost/intranet/default.htm. This address comes as Page cannot display. If I address the system by IP or by NETBIOS name, the site comes up. Do I have a problem? What do I need to change to get it to recongnize localhost? TIA -- Cheers, John Tag: Using IAS to authenticate remote users.... Tag: 165769
 - 9
 - Problems with one user exchange distrubution list Hi everyone. Someone sent an email to a distribution group emial called "partners" all the people included within the DL received the message with the exeption of one. How can I find why he never received it and what happened with that message? He is already included on the DL. I try sending test emails to him. from my account and from the person computer who sent the message to him and I can cofirm he received both tests. Where in Exchange I can look for any errors? Please any input or help will be appreciated. Thanks in advance. Denise Tag: Using IAS to authenticate remote users.... Tag: 165751
 - 10
 - Errors on computers in domain I am receiving 3 errors on the workstations that are in a domain within the first 5 minutes of bootup, they are as follows: First error---------------------------------------------------------------------------------- Event Type: Error Event Source: Userenv Event Category: None Event ID: 1054 Date: 10/8/2004 Time: 8:56:11 AM User: NT AUTHORITY\SYSTEM Computer: 1 Description: Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Second Error----------------------------------------------------------------------------- Event Type: Error Event Source: AutoEnrollment Event Category: None Event ID: 15 Date: 10/8/2004 Time: 8:57:08 AM User: N/A Computer: 1 Description: Automatic certificate enrollment for local system failed to contact the active directory (0x8007054b). The specified domain either does not exist or could not be contacted. Enrollment will not be performed. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Third Error---------------------------------------------------------------------------------- Event Type: Error Event Source: Userenv Event Category: None Event ID: 1053 Date: 10/8/2004 Time: 9:01:39 AM User: NT AUTHORITY\SYSTEM Computer: 1 Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. ---------------------------------------------------------------------------------------------The computers are able to reach the domain and I have gone through the links provided and they have not provided answers that have helped. Regarding the autoenrollment error it suggests that you follow the advice in knowledge base article #310461 and shut off the certificate autoenrollment. I have not tried this because I am unsure of how this will effect security regarding loading applications on the computer. These errors started to occur at the same time our switch failed. Since this time we have purchased and installed a new managed switch. Any Ideas would be appreciated. We run Server 2000 and Windows XP on the workstations. Compdeb -- Learn and teach, 2 words that go well together not matter which comes first Tag: Using IAS to authenticate remote users.... Tag: 165742
 - 11
 - granting a domain user local "power user" rights... We have a windows 2003 terminal server. Our accounting application demands that the logged on user (TS session) has local "power user" rights in order to run the app. In XP, you could add the domain user using the Control Panel applet "Users and Passwords" where you could specify the domain the user belonged to - hence giving the domain user logging onto that machine the appropriate local rights... This app is nowhere to be found on my Windows 2003 server and I am logged on as the administrator. How can I grant a domain user local rights on a windows 2003 server? Thanks, Brad Tag: Using IAS to authenticate remote users.... Tag: 165740
 - 12
 - Webcam wont work through MSN on SBS2000 Hi, I am having a lot of problems getting my webcam to work through Messenger from my XP workstation sitting on an SBS network. We have everything else working except the video. I dont know too much about setting ports so any help would be fantastic. Many thanks, James Tag: Using IAS to authenticate remote users.... Tag: 165728
 - 13
 - manage server not on start menu I am trying to find out what licenses i have on my small business server 2000 the licensing from the admin tools tells me to use the manage server icon on the start menu but this is not there can you help further Tag: Using IAS to authenticate remote users.... Tag: 165727
 - 14
 - Webcam not working on SBS2000 Hi, I am having a lot of problems getting my webcam to work through Messenger from my XP workstation sitting on an SBS network. We have everything else working except the video. I dont know too much about setting ports so any help would be fantastic. Many thanks, James Tag: Using IAS to authenticate remote users.... Tag: 165726
 - 15
 - Webcam behind firewall Hi, I am having a lot of problems getting my webcam to work through Messenger from my XP workstation sitting on an SBS network. We have everything else working except the video. I dont know too much about setting ports so any help would be fantastic. Many thanks, James Tag: Using IAS to authenticate remote users.... Tag: 165725
 - 16
 - FTP access from SBS client Hello, A client needs to access an external ftp site from an SBS2k network client workstation. At present he gets an (unspecified) error when he tries. Before I go onsite, is there any particular procedure required to allow this? -- Regards, Tom Horsley Tag: Using IAS to authenticate remote users.... Tag: 165721
 - 17
 - Slow Outlook Hi there, I have a client with a SBS2K server with 20 or so users and a second site with a W2K member server and 5 or so users. Exchange is used by all users with Outlook 2K on the desktop. One of the users at the main site where outlook is on the LAN has problems with it being slow to send mail and it only seems to send or recieve mail when the send or recieve button in outlook is clicked. There is only this one user having this problem, and although it is only minor it is annoying. Any ideas? Many thanks Sam. Tag: Using IAS to authenticate remote users.... Tag: 165719
 - 18
 - Terminal server account restrictions. I am attempting to configure Terminal server access for a couple of people in my organisation. I can get users logged onto the server without any problem and I have locked the terminal sessions down in a new OU just for the remote users using the Q278295 knowledge base article on locking down the session to restrict what the user can and cant do. The problem that I have is that the users who connect remotely also log onto the LAN using XP machines. The restrictions that have put in place for the terminal sessions also restrict the users XP machines. Is there a way of keeping the restrictions to just the terminal sessions and not on their XP machines. Many Thanks for your thoughts. Tag: Using IAS to authenticate remote users.... Tag: 165715
 - 19
 - ISA server 2000 sp1 FTP problem Hi All I installed ISA2000 & config it fine but...... I have a problem regarding FTP & how to have web site usage by users in the office email to me I had it working on a sbs2k server in another clients office. How do I sort out the FTP?. How do I get the server to email me the log files?. Simon Tag: Using IAS to authenticate remote users.... Tag: 165714
 - 20
 - VPN Error code 781 help please Hi I have setup VPN on a sbs2k3 server running 2 nic & ISA server sp1. I have run the RCW & ICW I can connect to VPN in the office LAN but when I get home I get the error code 781 the encryption failed because no valid certificate was found?. What do I need to do & were do I need to correct this? If any one have a link or comments for help please post. Simon Tag: Using IAS to authenticate remote users.... Tag: 165712
 - 21
 - WINS could not start - Problem with logs We recently had a motherboard failure. we had to replace the motherboard with similar but not identical board. The hard drive was repaired from the setup CD's and everything is pretty ok except in a couple of areas. WINS will not start with Error 2 Cannot find file. Any clues about this. Reading the system log is a problem. In management console reading the logfile has bizarre results. Application and Security seem ok but System has a list with a generic icon and no details under date time source et. Just an empty list. Clicking on the invisible list shows some events are empty but others have correct deails and messages. The more recent ones are empty. On clicking around suddenly are 6 logs report there are no items to view. This is obviously a pain in trying to find out what has happened to WINS and ant thing else. I think SBS must have reinstalled as we do not seem to be on SBS SP1 anymore. Simon Tag: Using IAS to authenticate remote users.... Tag: 165711
 - 22
 - ISA logs time offset Is there a time offset to be applied to the isa log events? The time between the isa log event and the time on our server is not the same. And a of offset +1 standard is also not accurate. TIA, Fred Tag: Using IAS to authenticate remote users.... Tag: 165710
 - 23
 - EXPN and VRFY exploit signature? Our virusscanner log showed the following entry: Thu Oct 07 16:16:08 2004 MAIL DENIED ACCESS (SPAM-Relay detected): Received from IP Address: OUR IP ADRESS! (External) Supposed sender: blade@lans Recipient list: test@lans Searching blade@lans I found references to an EXPN and VRFY exploit. What is it and are we at risk here? They seem to be able to use (spoof) our IP adress or was this locally send? It is detected due to a DNS configuration fro mail-relay in our mailscanner. Most people would base there relay detection on there own IP adress and not use DNS. If you enable it on Exchange it will warn for the performance consequence. Can they combine a spoofed IP adress with your domain and go undetected? I seem to be connected for no reason for long periods of time to yahoo.com and pwei.org to port 25. This hould be outgoing but the queus are empty. TIA, Fred Tag: Using IAS to authenticate remote users.... Tag: 165708
 - 24
 - Outgoing Email Not Working Please help. Our outgoing email recently stopped working. There are SMTP Connector - Remote Delivery items sitting in the Queue. We recently had to switch ISPs (now with Megapath). Incoming mail is working. I have tried several things and at this point not sure which way is up. We have an mx record pointing to mail.ourdomain.com. This resolves to our external ip address. Thank you for any input. Corey Tag: Using IAS to authenticate remote users.... Tag: 165702
 - 25
 - Backup - "The specifif media cannot be found" So far, I have been able to do Interactive backups, and schedule daily backups. Unfortunately the daily backup (which is scheduled to run every week) only runs properly once. After Monday.job runs once (properly), the next time it is scheduled to run, I get a "The operation cannot be performed because the specific media cannot be found" message. Monday.job is set to use tape "Monday" and overwrite (renaming the tape "Monday"). How can I set the Backup Utility to use any tape? Tag: Using IAS to authenticate remote users.... Tag: 165700

We have a windows 2000 small business server. Due to the fact that we also
have a Watchguard Firebox 700 in our environment, I have not really looked
too closely at the value edded by configuring the IAS server.

However, now we are in a bit of a predicament. Because we are being 1:1
NATTED to our firebox by our wireless IP provider (where our public IP is
located), the java authentication applet running on the Firebox that a
remote user would normally run before they could get through the firewall
does not know the IP address of the actual browser that initiated the
request. It only knows the exteral IP of the Firebox which is a private ip -
not our public IP.

(Don't ask questions - it just doesn't work - Watchguard tech support has
told me so!!!) So, because of this we have not been able to authenticate any
remote users before they actually get to our production servers. ''

The only authentication (we user terminal services, Outlook Web Access and
have an FTP server as well) is when they actually have to supply a domain
username/password - and if supplied correctly - gain access to our Terminal
server...

I now want to change this so that a user must authenticate first and then if
authenticated, will be able to access the terminal server, FTP server,
etc... I really wanted to have this authentication take place prior to
hitting my production machines, but I don't see any other solution (unless
someone else has) to doing this... The firewall is obviously the best place
to provide this security feature...

What would I have to configure in IAS to provide this type of a thing? A
RADIUS server?

Any help in this matter would be greatly appreciated!

Thanks,

brad

Top