|
How are you losing data with redirected folders? Are they vanishing, being deleted, is Windows gobbling them up? While redirected folder and roaming profiles can act up, we've never lost any data in the places we've used them. We've found that placing shortcuts on the desktop to drive letters or UNC mappings is easier for people to deal with though.
|
# ¿ Oct 11, 2011 20:21 |
|
|
# ¿ Apr 28, 2024 12:37 |
|
FISHMANPET posted:So here's an SCCM problem I can't run away from. When this happens what does the NIC look like under device manager? Is it possible that the wrong drivers are being installed by PE? On an HP I have I was having a problem with Bluetooth, it turned out that even though it took the bluetooth drivers they were actually the wrong drivers and I had to install another driver for it to work. Windows 7 is pretty good about NIC drivers, so it may see the device is not working correctly and on reboot installs the correct drivers. Although if that's the case you should not be getting the wrong drivers in the first place.
|
# ¿ Oct 28, 2011 21:54 |
|
How much does that thing cost.
|
# ¿ Apr 18, 2012 04:24 |
|
Unfortunately, Dell has made it really easy to get all your drivers in a single package; it's not really a challenge. http://en.community.dell.com/techcenter/enterprise-client/w/wiki/2065.dell-driver-cab-files-for-enterprise-client-os-deployment.aspx Gumshoes, here's your challenge, create a silent install for any Adobe product.
|
# ¿ Apr 24, 2012 22:46 |
|
We're slowly changing to Active Directory from eDirectory. We have GPOs to give different computers different DNS suffixes (so one may be it.domain and another budget.domain). While the policy immediately takes effect on the computer, confirmed with ipconfig /all, it takes a few reboots of the computer for DNS (server 2008) to move the record to the correct location. Is this normal? Soon we'll get SCCM and Forefront and all that good stuff. The only people that don't like Dameware for remote control are the people that won't be using it. They are trying to convince us that using Windows Remote Assistance will be easier somehow. We already use VNC so if we don't go with Dameware we'll just stick with VNC. It looks like SCCM also provides remote control so maybe we'll just go with that if it works well.
|
# ¿ Sep 26, 2012 23:55 |
|
Nitr0 posted:I use SCCM remote control it works fine.
|
# ¿ Sep 27, 2012 01:17 |
|
Anybody know how DFS redirects users to the correct location? Our domain has the same name as an external domain we have, our network admin deleted the records pointing the name to the domain controllers. While \\domain sends us to the external domain \\domain\namespace still works correctly. I thought deleting the records would break DFS but it did not. We thought there was some other DNS shenanigans going on but did not find any records for the namespace. Edit: That was easy, I should have looked harder. If anybody else has this dumb and easy to answer question go to your DFS share and open the properties on on of the folders shared out with DFS. There will be a DFS tab in there that shows the share locations in a referral list and will show the active server being used for the client. I assume it uses Sites and Locations to determine which location will be active by default. The namespace works the same way, DFS creates a shared folder on the server hosting the namespace, you'll find the same DFS tab showing the server hosting the namespace. Presumably DFS causes the redirect when you type in \\domain\namespace since it still works if your domain is not resolving to the server hosting the namespace. Yaos fucked around with this message at 19:44 on Nov 8, 2012 |
# ¿ Nov 8, 2012 18:52 |
|
Everybody is asking complicated questions and here I am asking a dumb one. We're getting Active Directory set up on a 2008 domain, part of that is getting home folders created. We would like to have the home folders match the user's logon name, however the %username% variable only uses the pre-windows 2000 logon name which has a limit of 20 characters. While most usernames will fall under this, we have a few that are cut off. Does anybody know how to get the user's full username and not just the pre-windows 2000 name? More important, why is this not an optional field? Yaos fucked around with this message at 18:37 on Nov 26, 2012 |
# ¿ Nov 26, 2012 18:26 |
|
We use DokuWiki and it supports uploading files, although it does not support displaying files in the browser. Most likely you'll have to find an add-on that will add the feature you want since I've never seen a site that supports in-browser viewing of a word document other than Google Docs or whatever Microsoft's overpriced version is called.
|
# ¿ Dec 12, 2012 02:33 |
|
For books any of the Server 2008 and Windows 7 Microsoft Press books should be good, they cover everything you need to know. For CALs in active directory you should already be OK, licensing has never taken into account the OS authenticating to AD. If you want to learn more about MS licensing you will need a few years to figure it all out. For thin clients do what LamoTheKid says and use virtual desktops, do not try to shoehorn HyperV to do this, use VM software that was designed with this in mind. For patching Server has WSUS for free (they may have changed the name) and there are 3rd party utilities that will integrate with it to provide 3rd party patches. Solar Winds and Psecunia offer these services but they cost a bit of money. For software deployment you can deploy with group policy, or use SCCM from Microsoft. You can also bash your head in trying to make silent installs be every Windows install is made by an idiot. Microsoft also offers anti-virus with Forefront. SCCM and Forefront cost money. If virtual desktops will not work because of the undetectable lag while reading facebook, you will want to learn everything about Microsoft Depolyment Toolkit. All the tutorials were written by plagerists as they are all poor copy and pastes from a Microsoft cert book. Here's the documentation I wrote, if there's anything confusing it's most likely a typo or me being dumb. https://docs.google.com/document/d/1bdclu7NBmhygfb1UZZVRvwz8IbJ37uJs4aQeCJLxNhM/edit This documentation is only for running MDT with your own PXE server, Microsoft offers their own PXE server calld Windows Deployment Services. If you want to use WDS and your own PXE server on the same network you'll want to look up PXEChain which lets you select which PXE you want to boot to. We've not implemented this yet. Deployment can take around 30 minutes to and hour even if you have everything automated; I've seen people claim it takes 15 minutes, which is amazing considering on a gigabit network it takes about 15 minutes for Windows 7 to install and another 15 minutes for Sysprep to finish whatever it does. You'll also want to learn about Sysprep. For system management you'll use Group Policy which is built into Windows, you can already access it right now on your current server. You can manage just about everything in Windows with it; lock down computers, map drives, push out applications if you're too poor for something better, etc. To prevent people from installing software just don't make them local admins; by default all normal user accounts are not local admin. You will also discover lots of lovely software that requires users to be local admin, you'll tell yourself you'll just give them full rights to the locations the software needs, then you'll give up and make them local admin. You can also be a jerk and have something setup to detect when new software (SCCM and Spiceworks can do this) is installed, and if it's not authorized start deleting files. Group Policy does not allows you to remove applications that were not installed with Group Policy for some reason even if it's in add/remove programs. You can use roaming profiles or folder redirection and get calls asking why there desktop full of pirated movies takes so long to load when they try to log in on somebody else's computer. You may also want to get Spiceworks, http://www.spiceworks.com/. It's completely free, but you can pay to have ads removed. It provides network monitoring, a ticket system, inventory, and can return information about installed applications and hardware. They want Windows because they think Microsoft Office The Most Expensive Edition will come with it, and MS Office is the only way to post notes on the wall about refilling the coffee jug. They will also all want the most expensive copy of Photoshop so they can resize pictures. You will also suddenly find yourself supporting 15 year old software your company has never used and was made obsolete 10 years ago by free software. My question I have an question that I can not figure out. Sometimes I need to add shortcuts to the desktop of a bunch of users. They all have roaming profiles and we are about to switch them to a a 2008 domain, although they still use XP. What is the easiest method of getting shortcuts on their desktop? These are usually shortcuts to a URL. Yaos fucked around with this message at 01:57 on Jan 9, 2013 |
# ¿ Jan 9, 2013 01:37 |
|
spidoman posted:Just add the shortcut to the all users desktop using whatever you use to manage stuff. SCCM, GP, or the real best option: put it in the base image and avoid additional shortcuts at all costs because it's extra garbage for both you and your users to manage. I'm an idiot, I forgot to mention all the computers that I would need to do this to have DeepFreeze on them, on boot this wipes out any changes made. Also the shortcuts randomly change for no reason. I guess I could use GP to put the shortcut into the all users desktop though and just leave it there. It's not my choice to do it this way, a bunch of people think that every single thing they do needs to be a shortcut on the desktop, and every single program they might use needs to start up when the user logs in. I'd much rather just email them, give them the link, and tell them to bookmark it, and also tell them to start the programs that they actually need to use.
|
# ¿ Jan 9, 2013 02:01 |
|
I do have direct access, it only takes about 5 minutes to copy the shortcuts, but it just feels wrong doing it manually. I did try a script somebody else made, but apparently batch files don't support wildcards in the middle of paths, only at the end, and it was faster to copy them manually than to figure out how do it with a script. The computers can be in use 24/7 so I just hit them as they open up when I need to do something, I've tried to set a schedule for maintenance but nobody listened.
Yaos fucked around with this message at 03:19 on Jan 9, 2013 |
# ¿ Jan 9, 2013 03:15 |
|
How is printer deployment supposed to work in Server 2008 R2 64-bit to Windows 7 32-bit? I had it working, printers were deploying, but suddenly printers have stopped deploying. The only thing I can think of is that I need to add 32-bit drivers to the printers on Server 2008, however when I first did this I don't recall needing to do this. I just deployed to group policy using print management, and on login the printers showed up on the clients. This occurs on computers that already have the driver locally and do not have the driver locally. RSOP says the printer policy is hitting the account I'm testing with but the printer does not show up. Even if I do need to add 32-bit drivers it won't let me; on the server it says it's the wrong architecture, if I go from the client and manually connect to the shared printer it says no suitable driver can be found when I try to give it one even though I can install locally with the same driver. Edit: Tried it again on a clean 32-bit system, since the server refuses to let me add the drivers I tried installing them locally on the machine but that did not let the printer appear either. Yaos fucked around with this message at 01:29 on Jan 18, 2013 |
# ¿ Jan 18, 2013 01:07 |
|
That's where it was coming up, in the sharing tab when adding additional drivers. I did find out how to do it though, you have to add the driver into the driver part of print management, when it asks for x86 media do this. http://social.technet.microsoft.com/Forums/en-US/winserverprint/thread/59c1d8e4-76f4-415a-9ec1-7046c9d417a2 quote:To install an x86 additional driver on a Windows Vista x64 host, you first
|
# ¿ Jan 18, 2013 02:23 |
|
I've got it working, thanks for your help guys. For group policy I had to restart the computer, I had only logged out and was so perturbed I just gave up after that.
|
# ¿ Jan 18, 2013 14:23 |
|
Changing the name every other day suddenly makes sense, if you can not find it then you can not uninstall it and that means you like it! So we are going to start moving people over to active directory soon and everybody will be limited users. Any gotchas we should know about? We will be on 2008 with XP and 7 machines. We already have policies, mapped drives, and printers set up. We have a sane structure for the domain instead of things thrown wherever we wanted in eDirectory. We are going to turn off automatic updates for java, adobe reader and flash so people won't be bugged by it. I am hoping we can push out updates easily through SCCM once we get that up and running. I was thinking that I should poke around more too see if we can convert local profiles to AD profiles, but then I realized it is time for as much as a fresh start as we can get so screw their probably malware filled profiles. Also, Novell sucks. Yaos fucked around with this message at 09:14 on Jan 21, 2013 |
# ¿ Jan 21, 2013 09:12 |
|
We are slowly getting rid of XP, all new machines we put out will be Windows 7 Pro x64. We don't have the money to replace everything though so XP will be with us for awhile. A co-worker showed me the magic of remote assistance. We've been using TightVNC, but it's kind of slow and has no features in it, probably should have used UltraVNC but I don't care now. We found a hack that let's us connect Windows 7 to XP without solicitation. It's included with Windows so we don't have to spend anything, which is nice. Only problem is the user needs to be logged in, although if we need in we can just RDP in. Once SCCM goes up we'll be using that though. I wish we had the money for 3rd party patch management so I can be lazy.
|
# ¿ Jan 23, 2013 23:27 |
|
Cpt.Wacky posted:So I've got a problem with printers. Just about everyone has their own personal laser printer in their office. We've been setting them up on wireless so it's more convenient to install in these offices. Then we've got one group policy that pushes out all the printers on the print server to everyone. Now people are starting to complain that they don't like trying to find their own printer out of a list of 30 or more. I don't know if this is easier than setting up GPOs per user/group though.
|
# ¿ Jan 29, 2013 22:16 |
|
Everybody that loves authentication I have great news, we just tried out authentication software called Digital Persona that supports regular Windows login, face, smartcard, bluetooth, RFID, fingerprint, and I believe something else I can't remember. It can run in stand alone mode or with Active Directory. We'll be using it for fingerprint authentication in vehicles to login to laptops and other software. It also supports seamless authentication to 3rd party programs, kind of like LastPass. Credentials can be saved to the server or local only, so if the client computer dies the user won't lose any of their settings. The server side adds some extensions to AD and Group Policy. On the client side if the client detects the user has no registered authentication methods it provides a simple step-by-step guide on adding their allowed authentication methods that the user will ignore.
|
# ¿ Feb 8, 2013 00:46 |
|
We just moved our first department to Active Directory and it was very smooth. Now we just have to get SCCM up and running and we can spend years figuring out how to silently deploy applications! Maybe if I have time figure out zerotouch deployment too and save about an hour every couple of months. I do have a question, which patches are need for Windows XP when using Server 2008 R2? We have the GPO client side extensions but are not sure if there was another one.
|
# ¿ Feb 23, 2013 19:49 |
|
We use MDT for imaging and it works great. It's completely free and you can PXE boot from your own server or use WDS to perform PXE boot.
Yaos fucked around with this message at 23:57 on Mar 11, 2013 |
# ¿ Mar 11, 2013 23:54 |
|
I just joined my computer to the domain here and have come across an issue where I can't remote control my computer with any account, but I am able to remote control other computers with the same accounts. The error is "the user has requested a type of logon (e.g., interactive or network) that has not been granted." I'm not sure what's going on since this only effects my computer. I did not think you could specifically deny remote control to a certain computer. I've already left and joined the domain which did not fix it. Edit: Something is just messed up on my computer, remote assistance does not work either. Guess it's time for a reinstall. Yaos fucked around with this message at 20:57 on Mar 19, 2013 |
# ¿ Mar 19, 2013 17:46 |
|
Wizard of the Deep posted:It's simple, but are you sure you have RDP/Remote Assistance enabled on your PC, with appropriate accounts/groups granted access? It should be unless joining the domain changed it. I will have to check it out. Thanks.
|
# ¿ Mar 20, 2013 02:33 |
|
Wizard of the Deep posted:It's simple, but are you sure you have RDP/Remote Assistance enabled on your PC, with appropriate accounts/groups granted access? This settings appears to have also caused a few remote services in the remote admin pack to not work either. Yaos fucked around with this message at 13:14 on Mar 20, 2013 |
# ¿ Mar 20, 2013 13:09 |
|
Our SCCM class will be "we have the new server time to install SCCM" then we will fart around with it for a while trying to get it to work.
Yaos fucked around with this message at 23:19 on Apr 3, 2013 |
# ¿ Apr 3, 2013 22:52 |
|
Is there a way to organize GPOs under the "Group Policy Object" folder or do they all just have to live under that one folder?
|
# ¿ Apr 4, 2013 20:30 |
|
I've come across an odd problem. We have a server running Server 2008 R2 with 3 volumes; C and D which are on a raid array in the server, and an E drive which is a USB hard drive. Volume D has shadow copies enabled and Volume C does not, however the error log is filled with errors telling me that VSS is trying to run on C and can't find any diff space, which it won't since C has shadow copy disabled. If I turn shadow copy on the errors stop, if I turn it back off the errors start rolling in. I guess I'm stuck in a puzzle, how do I stop a service that's not running? Edit: May have already solved it. I turned it on, then deleted the schedules, then deleted the created shadow copy, and it disabled itself on C! Turning it on and off apparently fixed it, although I had to turn it off in a round about way. Yaos fucked around with this message at 21:13 on Apr 19, 2013 |
# ¿ Apr 19, 2013 21:09 |
|
I have tried to deploy VNC in group policy but have no luck. It works fine on my test machine with or without a previous version but not a single computer got the install. You could always buy 3rd party software that hooks into WSUS and get updates that way. Yaos fucked around with this message at 18:48 on May 21, 2013 |
# ¿ May 21, 2013 18:45 |
|
I use a single thick image made in a vm and then install per-user programs after that. Since all our programs are poo poo most can not be silently installed so it is easier to install it after I am done with an internal installer rather than MDTs install thing. I don't bother with changing anything in the task sequence other than turning off the gpo settings that break connecting to non-windows shares.
|
# ¿ Aug 13, 2013 12:48 |
|
Question for anybody running SCCM 2012 R2. We're trying to test it out, I've got it installed on an evaluation copy of Server 2012 Standard. I have BITS installed, but the SCCM installer claims BITS is not installed. Server features says it's installed, I can't install it any more than it already is. Any hints out there?
|
# ¿ Aug 15, 2013 21:29 |
|
skipdogg posted:Google-Fu is pointing me to an IIS role service missing, probably IIS6 WMI Compatibility FISHMANPET posted:Can you figure out what specific version of BITS it's looking for? I remember when installing SCCM 2007 on Server 2008 R2, the version of IIS installed was higher than the version of IIS SCCM was expecting, so I had to go through some hoops to get everything working. You might be in a similar situation. Thanks for the help, I'll have to take another look as the error message does say what version of IIS it wants. Hopefully it will be as simple as the WMI compatibility.
|
# ¿ Aug 15, 2013 21:51 |
|
Yaos posted:Thanks for the help, I'll have to take another look as the error message does say what version of IIS it wants. Hopefully it will be as simple as the WMI compatibility.
|
# ¿ Aug 17, 2013 03:34 |
|
Anybody know of good material on how to use SCCM 2012? We're getting the SCCM 2012 Unleashed book, wanted to see if anybody else had suggestions. I can't figure out anything in this beast of a program, I can't even figure out if it's doing anything at all.
|
# ¿ Aug 20, 2013 19:10 |
|
Right now I'm just trying to bring in computers so they show up in SCCM. I have two computers in the test environment, the SCCM server and the domain controller. The only thing showing up under all devices is the SCCM server and two unknown computers. Supposedly AD integration is enabled, but my domain controller does not show up in all devices, I have no idea what the unknown computers are or where they came from. I'm guessing collections are the most basic part of SCCM though, and I assume is the first thing explained in the SCCM books. I'm looking forward to jumping in and figuring everything out. I'm having Eve Online flashbacks right now.
|
# ¿ Aug 20, 2013 20:19 |
|
Thanks for the information everybody, and of course Windows-noob is being blocked here. I'll have to get the network dude to unblock it. SCCM is making my head explode, just like Eve Online.
Yaos fucked around with this message at 20:43 on Aug 20, 2013 |
# ¿ Aug 20, 2013 20:34 |
|
I downloaded the PDF versions of the windows-noob sccm guide and will follow it and see what happens. I've been looking at the technet articles on sccm as well. Thanks for the help everybody.
|
# ¿ Aug 21, 2013 12:45 |
|
I've gotten SCCM 2012 going with the Windows Noob guide, but I don't understand anything at all. I'm just following a guide but I have no idea what's going on or why anything does what it does. The most confusing is endpoint protection, turning on the role instantly starts deployment to SCCM clients. I thought I would have a chance to play around with deploying it myself, but it just did it on it's own.
|
# ¿ Aug 23, 2013 03:17 |
|
kiwid posted:My boss just informed me that we need to provide remote desktop access to a small group of users that will support a particular software suite at all our branches rather than having our help desk deal with it. What is the best way to do this? These users can have absolutely administrative access to any machines except for a whitelisted group. I supposed we'll be giving them local admin on those machines where the software is installed. They also need to be restricted from connecting to any machine that isn't part of the whitelisted group. Should we be using remote desktop or some other software? Dameware Mini-Remote Control should work too, it's licensed per technician and costs $259 which could be expensive if you've got a lot of technicians, but they offer discounts for buying more licenses. It will do exactly what you want. There's a more expensive version that gives you some AD controls and other cool features in addition to remote control. Best of all it supports pushing installs directly from the software, very nice if you don't have this capability already. http://www.dameware.com/products/mini-remote-control/product-overview.aspx quote:DameWare MRC allows you the flexibility to set permissions for access to remote computers based on roles within your organization. Yaos fucked around with this message at 19:53 on Dec 20, 2013 |
# ¿ Dec 20, 2013 19:50 |
|
Question about resolving to domainname.local in Server 2008. At some point domainname.local (not the real domain name, just an example) on clients would always resolve to a local DC server for the site. However, at some point after adding a few DCs, DNS suddenly started doing round robin so if we ping domainname.local it would return DC 1, then pinging it again returns DC 2, and so on through all of our DCs. When this occurred everything still worked normally. DFS shares appear to use sites and services to select the correct targeted folder, authentication also uses sites and services and looks like it resolves the actual DC name. As far as I can tell this only effects being able to bring up a local DC by resolving to the domain name. Does it actually matter what DC domainname.local resolves to?
|
# ¿ Jun 5, 2014 04:11 |
|
|
# ¿ Apr 28, 2024 12:37 |
|
I just interviewed for a lead tech position, it's in the same organization I'm already in. If I get the job I'll be handling migration to Active Directory (with the help of a tech from another department that has already done this), creating inventory for IT, getting a ticket system running(none exists there!), creating documentation for everything, handling issue resolution, and providing purchase recommendations. I'll be looking for existing inventory, which may not exist. I'll be using Spiceworks for live inventory and tickets, and using an existing manual inventory system to document what we are supposed to have. Unfortunately, the previous IT lead left on bad terms, so I'll have to make sure everybody knows I am there to help. I'll be coming from working for multiple years in a regular desktop support position where I also helped a bit with servers and getting AD going at our site. Any gotchas I should know about when moving between these two types of positions? Any tips the pros can provide? I'm so excited! I hope I can get it. Yaos fucked around with this message at 22:55 on Jun 27, 2014 |
# ¿ Jun 27, 2014 22:53 |