administration

Feb 11 2009   8:08PM GMT

Tracking down that user/computer that locks AD accounts

Posted by: Troy Tate
Data security, administration, analysis, antivirus, anti-virus, diagnostics, howto, information security, malicious activity, malware, Microsoft, Microsoft Windows, Active Directory, AD, network security, Password, policy enforcement, reporting, risk, risks, scanning, search, Security, security notification, tools, troubleshooting, Windows, password management, account management

With an environment spanning 18+ sites and more than 3000 computers around the globe, you could understand how challenging it would be to track down what device/user might be locking user accounts. There are tools out there that you can pay for that can help do this. However, Microsoft has some free tools that with a little testing and use will permit you to quickly track down where the account is being locked and address the situation.

We had a situation recently where malicious software got onto a couple of machines and attempted to use the Administrator account to login. We have account lockout on our Windows 2003 AD domain, so after the appropriate number of invalid tries the Administrator account was locked out in the domain. This is because the machines were members of the domain and the malware did not distinguish the local administrator account from the domain administrator when attempting to elevate authority. Note that we use least user authority in our environment so the malware was not able to spread beyond these two machines. We suspect the machines became infected due to out of date antivirus signatures.

Unfortunately, the antivirus we use did not alert us to the situation. The way we were alerted was by our Microsoft Systems Center Operations Manager (SCOM) implementation. It notified the SCOM admin that the domain Administrator account was locked. The operations team was then tasked with tracking down what or who was locking this account. This is where the Microsoft Account Lockout and Management Tools came in use and helped isolate the cause. Continued »

Dec 22 2008   7:20PM GMT

Improving yourself in 2009 - part 2

Posted by: Troy Tate
administration, planning, tools, reporting, CIO, performance monitoring, Performance, howto, Metrics, blog, education, toolkit, professional

Maybe Bubbletimer mentioned in part 1 is not something that will help improve your professional value in 2009. How about the Printable CEO series then? The tools David Seah offers on his blog seem like great resources to track your goals, tasks and time. Sometimes those we work for wonder what all we do in our positions. We sometimes have to prove our worth to the organizations who pay us. The When is something worth doing? tool that David outlines may help you improve your decision making and therefore your professional value.

What other professional development and/or tracking tools do you use in your job?  Please leave some feedback and let me know what you use or if this Printable CEO made a difference in your job.

Dec 19 2008   8:55PM GMT

Microsoft’s environmental campaign - XP goes green

Posted by: Troy Tate
administration, hardware, tools, Microsoft Windows, power management, Monitoring, DataCenter, Vista, design, environment, Performance, facility, awareness, XP, facility management

Microsoft has a special section of their website dedicated to fostering environmental sustainability. To that end, they have released a product called Edison PC Power Management software. The application will work on XP and Windows Vista. According to the Microsoft Environment website features include:

• Scheduling. Identify work and non-work schedules to optimize power schemes based on when your PC is in use or on standby.
• Settings. Choose from among several options for power savings and settings.
• Estimated Savings Reports. Find information that shows how PC power settings correlate to money, kWh and CO2 savings.
• Intuitive User Interface. Drag easy-to-use sliding bars to choose settings and instantly see the power and monetary savings. Clearly marked tabs make the interface easy to navigate.

So… if you want to reduce your carbon footprint in 2009, check this out. I know I will.

Dec 15 2008   9:05PM GMT

Improving yourself in 2009

Posted by: Troy Tate
administration, planning, tools, website, Performance, professional

It is going to be another year end here in a few weeks and the new year begins. We all struggle to meet deadlines, track what we do and where our time goes. I have found a few tools that I will be sharing with you in the next couple of blog entries. Maybe one of these will help you in 2009 and make you more valuable to your organization.

The first of these is called the BubbleTimer. It  is meant to help you meet your goals through better time management. This may be useful if you are a consultant or need a way to quickly track time on projects.

Hope this is of use to you in 2009!

Dec 10 2008   2:41PM GMT

Did you see this? - Microsoft Infrastructure Planning & Design Guides

Posted by: Troy Tate
administration, planning, tools, Microsoft Windows, documentation, IT education, design, Microsoft, howto, awareness, education, toolkit

Microsoft has become much better offering documentation beyond just marketing materials about their products and systems. The Infrastructure Planning and Design (IPD) guides are the next version of Windows Server System Reference Architecture. The guides in this series help clarify and streamline design processes for Microsoft infrastructure technologies, with each guide addressing a unique infrastructure technology or scenario.

The guides available include:

• Exchange Online—Evaluating Software-plus-Services
• Microsoft System Center Configuration Manager 2007 SP1 with R2
• Microsoft Application Virtualization 4.5
• Windows Server 2008 File Services
• Windows Server 2008 Print Services
• Infrastructure Planning and Design Series Introduction
• Internet Information Services 7.0
• Selecting the Right NAP Architecture
• Selecting the Right Virtualization Technology
• System Center Operations Manager 2007
• System Center Virtual Machine Manager 2008
• Windows Deployment Services
• Windows Server 2008 Active Directory Domain Services
• Windows Server 2008 Terminal Services
• Windows Server Virtualization (for Windows Server 2008 Hyper-V and Virtual Server 2005 R2 SP1)

As you see, there is a lot of information here to absorb and make use of in your environment. I’m going to be checking out the Systems Center Operations Manager 2007 implementation guide. It’s gonna be an interesting ride but at least Microsoft is offering some free support assistance in the planning and design phase.

Try some of these guides out. Share with us your thoughts and how effective the guides were in helping your organization meet operational demands.

Dec 4 2008   6:54PM GMT

Did you see this? - IBM creates Microsoft-free linux virtual desktop

Posted by: Troy Tate
administration, hardware, IBM, Microsoft Windows, Linux, Virtualization, reporting, design, Microsoft

Many IT trade publications are reporting that IBM is launching alternative to Microsoft-centric software and the bloated hardware required by recent operating system releases.

The Virtual Linux Desktop ranges in price from $59 to $289 per user, depending on level of software and service desired, according to the report. IBM estimates that the software package could save corporate customers up to $800 per user, when compared with the cost of maintaining Microsoft’s Vista operating system, Office suite, and collaboration tools, the newspaper said.

For more information see:

Wall Street Journal -IBM Creates ‘Microsoft-Free’ Desktop: Applications for Thin Clients Would Operate From Back-Office Server

VNUNet

Silicon.com

What do you think? Can Big Blue pull it off?

Dec 3 2008   8:58PM GMT

Did you see this? - Windows Powershell Scriptomatic tool

Posted by: Troy Tate
administration, tools, Microsoft Windows, reporting, Microsoft, Powershell, policy enforcement, toolkit

A new utility that writes Windows PowerShell scripts that harness the power of WMI (Windows Instrumentation Management) for use in system management and administration. This tool was created by Microsoft consultant and author Ed Wilson.

 

Windows PowerShell Scriptomatic

Dec 3 2008   3:50PM GMT

Holiday greeting cards, holiday shopping and computer security awareness

Posted by: Troy Tate
administration, Firewalls, Security, Microsoft Windows, Browsers, IT education, spam, antivirus, homeland security, Data security, malware, SSL, phishing, Firefox, Microsoft, anti-virus, online identity, risk, awareness, vulnerability, education, data loss

I just sent this email reminder to all users in my organization. I would recommend you do something similar if you are not already ensuring users are aware of these issues. Feel free to use my content and add your own.

 It is that time of year again when folks send electronic holiday greeting cards to one another. Some of the greetings may also be games that bear holiday messages. It is also a time when malicious software spreads using these same types of messages and software. You should also be cautious when doing any holiday shopping online or at stores. It is important that you and those you communicate with understand these risks. Your finances and identity are always at risk in today’s technology environment, but you may be less attentive during the holiday season. The following 10 tips are meant to remind you of some important security precautions.

 

1.    Do NOT use your company email address for personal holiday greetings or shopping activities. Merchants may sell your email address to other non-reputable sources and this puts your company identity at risk.

 

2.    If you receive personal holiday greetings or “cute” games at your company email address, ask the sender to not send those to you at work. Use a personal email account for those communications.

 

3.    If you do receive holiday greetings or games at your personal email address, check with the sender before opening to be sure they sent the message. Spammers and malicious software writers can easily deceive you through social engineering. They will do everything possible to get you to open their message and potentially damage your computer and/or harvest your email address as a valid address.

 

4.    Don’t trust everything you see online. Finding something on the internet does not guarantee that it is true. Anyone can publish information online, so before accepting a statement as fact or taking action, verify that the source is reliable.

 

5.    If it looks too good to be true, it probably is. You have probably seen many emails promising fantastic rewards or monetary gifts. However, regardless of what the email claims, there are not any wealthy strangers desperate to send you money. Beware of grand promises—they are most likely spam, hoaxes, or phishing schemes. Also be wary of pop-up windows and advertisements for free downloadable software—they may be disguising spyware. Close the pop-up windows by clicking the X in the top right corner. Do not click the YES, NO, or CANCEL buttons in the window. It may cause unwanted computer issues if you do. Do not trust what you see in these pop-up windows. Contact IT support if you have any questions or issues.

 

6.    Avoid phishing schemes. Banks and other institutions will not actively solicit personal information by email. When you click a link in an email asking for this type of information, your choice may risk your finances and personal identity. The link may take you to a website hosted by someone with malicious intentions. If you enter your personal information on the website, you have just had your identity taken by a social engineering attack and may have incurred a financial loss.

 

7.    If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a web site connected to the request; instead, check previous statements for contact information. Information about known phishing attacks is also available online from groups such as the Anti-Phishing Working Group (http://www.antiphishing.org/phishing_archive.html).

 

8.    If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. Consider reporting the attack to the police, and file a report with the Federal Trade Commission (http://www.ftc.gov/).

 

9.    Do not participate in forwarding chain letters or perpetuating hoaxes or urban legends. Hoaxes attempt to trick or defraud users. A hoax could be malicious, instructing users to delete a file necessary to the operating system by claiming it is a virus. It could also be a scam that convinces users to send money or personal information. Phishing attacks could fall into this category. Urban legends are designed to be redistributed and usually warn users of a threat or claim to be notifying them of important or urgent information. Another common form are the emails that promise users monetary rewards for forwarding the message or suggest that they are signing something that will be submitted to a particular group. Urban legends usually have no negative effect aside from wasted network bandwidth, server resources and time. If you want to check the validity of an email, there are some web sites that provide information about hoaxes and urban legends: Urban Legends and Folklore - http://urbanlegends.about.com/;  Urban Legends Reference Pages - http://www.snopes.com/; Hoaxbusters - http://hoaxbusters.ciac.org/; TruthOrFiction.com - http://www.truthorfiction.com/; Symantec Security Response Hoaxes - http://www.symantec.com/avcenter/hoax.html; McAfee Security Virus Hoaxes - http://vil.mcafee.com/hoax.asp

 

10. Protect yourself while shopping online. Use and maintain anti-virus software, a firewall, and anti-spyware software. Keep software, particularly your web browser, up to date. Do business with reputable vendors. Take advantage of security features like secure passwords and encrypting information between your computer and the vendor’s website (look for the “lock” symbol in the browser or the website address beginning with “https” rather than “http”. Use a credit card rather than a debit card. Check your statements for any unusual or unauthorized activity.

 

Hopefully these tips will help you and those around you to have a happy holiday and reduce the risk of an unwelcome holiday event due to being uninformed. Please feel free to share these tips with your friends and family to help increase awareness and reduce risky behavior.

 

See the CERT Cyber Security Tips website for more information like this.

Dec 1 2008   7:40PM GMT

Did you see this? - FREE TRAINING: Technet Virtual Lab: Managing Bandwidth Using Windows QOS

Posted by: Troy Tate
administration, Networking, Microsoft Windows, Monitoring, IT education, Policy, design, server, troubleshooting, Performance, howto, education, analysis

For those of you considering using Microsoft Windows Server 2008, you might want to check out this TechNet Virtual Lab: Managing Network Bandwidth Using Windows Quality of Service (QOS) You will learn about using Windows Server 2008 to control bandwidth usage using protocol definitions as well as control bandwidth for particular applications. In case you have not done any of these Virtual labs, they are an excellent FREE! training resource.

Nov 24 2008   7:43PM GMT

Tools for documentation - Network discovery & monitoring

Posted by: Troy Tate
administration, Networking, tools, documentation, Monitoring, reporting, performance monitoring, design, troubleshooting, Performance, howto, network analysis, Metrics, threshold, toolkit, facility management

If you have not begun the process of documenting your network, then please begin as soon as you finish reading my first posting on Tools for documentation - screen marking & screen captures and this posting. These tools will come in real handy in a crunch to identify causes of issues and when you are not around to help with resolution.

The next tool I would like to describe is NeDi - short for network discovery. Take a look at this 4 minute movie about NeDi and what it can do for you.

A week with NeDi

Are you impressed yet? I know I was when I discovered this network tool and how it can be used and extended. Some of the screenshots below may help you with the decision if this tool will work for your environment or not.

Network Health

Device Listing

Network Map

Node Status

Device Write

I’m sure you have other tools and processes you use. Please feel free to share them with the others here and help make someone else’s life easier. Enjoy the movie above. I think the guy has a very good sense of humor and knows his movies!