|
My suggestion is that you get routers with builtin VPN.
Trust me, it's gonna save you a lot of grey hairs!
|
|
|
|
|
Our linksys has VPN passthrough and we already have 2 Windows 2003 servers. No need to go buy more hardware.
In either case, I figured out the problem. I had to set an IP range on the VPN server for IP's to be handed out to clients. I set aside 50 IPs (.200-.250) and made sure the router allowed those addresses. The server gives out the addresses in that range, and being a small company we will never eat up 100 addresses in the range 100-200 to have to worry about multiple machines getting the same address.
Broken Bokken
You can't carry out a ninja-style assasination dressed as an astronaut. It's the luminous fabric; too visible. - Tripod
The story of your fighting is a poem of two words: YOU SUCK.
|
|
|
|
|
Environment: Windows Server 2003
I have enabled FTP and created an FTP account. I can log in from another computer via FTP with a specific account and password and can use get and put to transfer files. But I cannot log in with anonymous. The IIS utilities have the option set to allow anonymous. When it asks for a password and I send something like me@here.com, the request is always denied. Is there some other method of controlling access of which I am not aware. ACL (Acces Control List) comes to mind but I know nothing of them.
I found the Microsoft deployment books for Server 2003 from their web site, but that is a bunch of data. I have yet to see anything in the chapter name descriptions that looks like it will lead me to the right place for thd answers I need.
Does anyone know all the ways that anonymous ftp acccess can be denied?
Thanks for your time
|
|
|
|
|
When I upgrade a users XP box I usually need to move all of their local data from their current machine to the new one. In most cases I need to do this online (unless I want to be at work very late). In the past I found that windows explorer was horrible at this (slow, stops on errors, and asks you are you sure too many times...) so I have tried and used a few file synchronizers. Filesync http://www.fileware.com/[^] and unison http://www.cis.upenn.edu/~bcpierce/unison/[^] are the ones I have used.
The problem is now I have 100s of GB of data to move (every user has gigabit to the desktop) and both programs choke and die when stepping into profile folders. Neither program makes it easy to select what folders to sync out of what is different and unison takes hours to get to the sync process.
What I am looking for is a good tool for the purpose and has a license such that I can buy one license and install it on any machine that I want but not pay a fortune for it.
John
|
|
|
|
|
http://www.2brightsparks.com/downloads.html[^]
SyncBack is a nice program and even the free version is very useful, and has pretty good logging too to see what happened. We use it where I work all the time.
The choking and dying could be due to permissions on the profile folders.
|
|
|
|
|
Thanks for the suggestion. I will try that.
requesttimedout wrote: The choking and dying could be due to permissions on the profile folders.
The choking and dying have to do with IE cache folders. I am not sure why but filesync crashed when it hit these folders and unison said it could not copy them and since it hit an error it also did not copy several levels up in the tree. I guess I could have forced the users to empty their cache but I want a program that does not have these problems..
John
|
|
|
|
|
I need to change 'Regional Settings' without going thru control panel, regional options application. I need to do it thru a command text, either typed from command prompt of given into run prompt.
Pls help, I am using windows Xp.
|
|
|
|
|
Hi,
most if not all control panels are files with .cpl extension in the Windows\system32 directory.
So you can type the filename and get the panel opened for you.
|
|
|
|
|
Thanks ........... It had been a great help.
intl.cpl does the job.
|
|
|
|
|
you're welcome.
|
|
|
|
|
There is a handful of Windows dynamic system environment variables,
e.g. %TIME%, %DATE%
But annoyingly these variables once expanded contain the characters "/" and ":" - the very characters you can't use in a filename !!
So the above vars are sadly useless for creating e.g. log filenames.
Doh !! Sad that MS hadn't catered for that usage originally ...
Yes, I could write a bit of script to run each time to generate my own
env vars with an up-to-date and filename-legal time/date stamp.
But it would be interesting/useful to know if there was either:
a) a 'hook' function that would let you e.g. reformat an existing dynamic system env variable
b) an API for creating your own dynamic system env var with a callback with which you set the string value.
Either way I could run a bit of code at system startup, then could use an %env var% string as part of a command shortcut property for auto-log naming.
And MS could address this sadly lacking aspect of %TIME% and %DATE% in their _next_ release ... (only 20 years late !)
|
|
|
|
|
you can try the following syntax
%TIME:~3,2%
see set /? for more info.
I've been usign this for a long time for rotating backup folders through weekdays.
The only problem I found is that the format of the date/time string depends on language and system settings, so you can't easily move one config to another PC.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist
|
|
|
|
|
Hi,
I created a small C program that returns a number, either the date or the time, in the formats
yyyyMMdd or HHmmss, and I typically use _yyyyMMdd_HHmmss as part of a file name when creating
either a log file or a backup file.
The program returns a number (as an exit code), because you can't return a string.
And I run it twice (date and time) because a single datetime would overflow the int range.
|
|
|
|
|
We have a few "roaming PC's" that are not always connected to ther network, and are used by different people.
We have most data on a share usually mounted as drive W:\, but that's painful for these PC's. I would like to either:
(a) mount the share permanently on these computers (i.e. they should be available after logon with a local account), but credentials for the share should be asked when accessing it after logon.
OR
(b) create a shortcut that mounts the share and asks for credentials with the "normal" dialog.
What I can do now is:
- create a shortcut for the share, credentials asked when clicking it (sux for various reasons)
- make them members of the domain (doesn't work well for various reasons)
- mount the share permanently under specific credentials (not what I need)
Any suggestions?
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist
|
|
|
|
|
Until you tell us why your different alternatives doesn't work or sux, it's a bit hard to guess what you want/need.
But anyway, here's a fourth alternative.
At an old customer of mine we used an autostarting Guest-cd with a simple script that mounted a drive and a printer with guest privileges.
Just make sure you get the CD back.
Here is a shortened simplified version of the script without exception handling:
@ECHO off
cls
:start
ECHO.
ECHO 1. Add Printers and drive v:
ECHO 2. Remove printers and drive v:
ECHO 3. Exit
set choice=
set /p choice=Enter the number of your choice.
if not '%choice%'=='' set choice=%choice:~0,1%
if '%choice%'=='1' goto add
if '%choice%'=='2' goto remove
if '%choice%'=='3' goto end
ECHO "%choice%" is not valid please try again
ECHO.
goto start
:add
echo INSTALLING PRINTER AND DRIVES.. PLEASE WAIT....
net use \\domain\ipc$ /USER:domain\visitorname visitorpass
net use v: /delete
net use v: \\dcalswgb01\visitor
rundll32 printui.dll,PrintUIEntry /in /n\\domain\printer1
rundll32 printui.dll,PrintUIEntry /in /n\\domain\printer2
goto end
:remove
net use v: /delete
rundll32 printui.dll,PrintUIEntry /dn /n\\domain\printer1
rundll32 printui.dll,PrintUIEntry /dn /n\\domain\printer2
goto end
:end
|
|
|
|
|
Some of these computers are mobile and don't have a permanent LAN connection.
On all of these computers, different users work under the same local account. However, to access the share, they need to authenticate against the domain controller, each user with his/her own credentials, of course.
Using the share (i.e. browsing to \\server\exchange) is clumsy for various reasons, e.g. everyone is used to find the stuff on w:\, and for some tools the share needs to be mounted as a drive.
I could include the computers in the domain (at least the desktop machines), but I don't see how this would help, as all users want and should share the same local acocunt. Also, some connect via WLAN which is a tad slower (Domain Controlller login isn't really fast for still unknown reasons, and I would rather spend the budget on some other tools than CAL's. That's the "sux" part.
One solution would be a version of "net use" that asks for credentials (rather than taking them from the command line). I could put that into startup, or as link on the desktop.
I considered a small skript/an app that asks for username and pwd, but I don't want to "teach" people to enter their credentials into some uncommon dialogs, and deal with plaintext passwords in a cmd/wsh script.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist
|
|
|
|
|
Do you have more users than computers?
Otherwise it doesn't make sense to me.
|
|
|
|
|
No.
Could you explain what you would do?
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist
|
|
|
|
|
Sorry for not answering, it's been really nice weather (still is) and I'm on vacation
Something you could try to do is to create mandatory user profiles for the computers where people should have the same profile. The users would still log on with their personal account and therefore retain their personal rights on the fileserver, but they would get the same profile at logon. All changes to the profile would of course be lost at logoff.
My (very unclear) question was referring to your CALs. What I should have asked is if you have user based or device based CALs. Normally the CAL is user based and you can connect as many computers as you feel like as long as you have one CAL per user. Device based CALs basically only make sense if you have more users than computers which might be the case where you're working in shift.
BTW, slow Domain Controllers are usually DNS related.
|
|
|
|
|
You are right, the reference to CAL's was pointless.
I found a neat trick (see below), so I don't have to mess around with the profiles. Anyway, thanks for helping!
Jörgen Andersson wrote: BTW, slow Domain Controllers are usually DNS related.
Yeah, every little issue I google blames DNS. However, clients seem to be set up correctly, and error logs don't show anything. Do you knwo a good, complete article/checklist what to check and could be wrong?
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist
|
|
|
|
|
Point one and two on my checklist is netdiag and dcdiag thats included with the support tools on the server cd
|
|
|
|
|
Mount the share permanently under all the Domain credentials, making everyone a domain member. When the laptop's on the network everything will now be fine. Also give everyone who uses the laptop detached a local user account on the laptop that does not have the share at all. Make the credentials for the local accounts the same as the domain ones. Users will still attempt to log onto the domain when disconected and most times it will work due to cached credentials but at least when they have problems you can tell them they should use their local machine account when not on the network.
This probably isn't ideal for you but it's the only way we've managed to get a workable solution in exactly the same situation.
"The secret of happiness is freedom, and the secret of freedom, courage."
Thucydides (B.C. 460-400)
|
|
|
|
|
I found a trick, see my post below.
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist
|
|
|
|
|
I found something that does what I want, so no messing around with the domain necessary
create a batch file
net use W: \\server\share
but store it on \\server\share (or a sub folder)
Create a shortcut to the batch file, using \\server\share (NOT W:\..)
When starting the shortcut, windows will ask for credentials to access the share. When it reache sthe net use , you are already authenticated.
With some extras:
(allow to run multiple times, error checking, open explorer)
<br />
@echo off<br />
<br />
IF EXIST W:\NUL goto OK<br />
net use w: \\wolfgang\exchange<br />
IF EXIST W:\NUL goto OK<br />
<br />
echo could not mount server share. Error=%ERRORLEVEL%<br />
pause<br />
goto END<br />
<br />
:OK<br />
start explorer /e,/select,W:\User<br />
goto END<br />
<br />
:END<br />
We are a big screwed up dysfunctional psychotic happy family - some more screwed up, others more happy, but everybody's psychotic joint venture definition of CP blog: TDD - the Aha! | Linkify!| FoldWithUs! | sighist
|
|
|
|
|