[There's a reason that Yoda is the unofficial mascot of SBS.  Size indeed matters not.] November 2004 - Posts - THE OFFICIAL BLOG OF THE SBS DIVA

November 2004 - Posts

So the robocopy finished and I have copied over the data files and was checking to make sure that the data had copied and noticed the drive space on the newly build server was slowly decreasing.

Huh?

Then it hit me.  It was 11:00 p.m. and I had set up a test backup the night before of the little bit of data that was on the server at that time to backup to the drive since I hadn't yet moved over the tape drive.

Duh.  Nothing like backing up what you are backing up.  You've seen those circular errors in Excel haven't you? [Okay so maybe it's a beancounter thing] anyway I stopped the backup and cleaned up the log files and all is well. 

Tomorrow is clean up day... all the little things.  Okay off to bed and Happy Thanksgiving to those in the US as it's already Thursday for me. 

For those that aren't in the USA to celebrate to know what the day is about... well it's a day we give thanks for our blessings.

Mind a little indulgence while I say “thanks“?

Thank you to all the SBSers that pitch in and help each other out day in and day out.

Thank you to my friends, my extended family around the globe.  I'm not going to embarrass anyone by naming names but you guys know who you are.  You keep me in line, threaten to put duct tape on the email port when I go overboard, you keep me grounded and humble.  Some of you are in this photo.

Thank you to the folks that I know through ...well for lack of a better term.. geek relationships that go beyond way that.  You guys work so hard, are so talented, that it just makes me want to learn more, to do more.  You guys inspire me.  Who knows... I keep joking that one of these days I just might get comfortable with command line and scripting. 

Thanks to the SBS family members/Motherships from around the globe.  I don't think SBSers realize the passion and dedication of these folks.  From Dev to Support to Sales... the passion, the caring is beyond belief.

On this Thanksgiving day, thank you to the folks that touch SBS, affect SBSers.  You know who you are.

Thank you.

Posted Thu, Nov 25 2004 1:36 by bradley | with no comments
Filed under:

I made a painful decision to rip out my domain and rename it [as I stupidly named it the last time] to ensure that as I go forward I don't have to do this again, and rather can use other migration methods.  For me, it was a toss up between what I'm doing and ADMT method.  Right now I'm using a robocopy script in a command line [yes, you can pick yourself off the floor, the GUI gal is using script] to copy files from the spare harddrive in her computer that she “robocopied” them over to.

And look at all that nice big space I have on that nice big harddrive!

I've also found that there's one person on the office that is a packrat when it comes to email.  This one person has the BIGGEST mailbox.  I really need to get after this person to do a better job of cleaning out their inbox.  I need to go after.... um... well... me.  I'm definitely a piler, not a filer when it comes to email and that definitely needs to be something that I do a better job as I go forward.

  • Trend on this workstation is now hooked to the new server.
  • ISA client is updated [remember after ISA sp2 there's a new ISA client.
  • Data is flying by a black DOS window as it copies the data from the spare harddrive back to the server.

We got to talking about domain and computer naming schemas.  One person said they worked on a network where it was named after Lord of the Rings characters. Another was names of the bible.  I guess I'm kinda boring here.  We actually name them for the folks who have the desktops because we have some funky business applications that throw up the workstation name -not the username mind you- to let you know someone is still in the program and you need them out.

Posted Wed, Nov 24 2004 18:29 by bradley | 3 comment(s)
Filed under:

So I”m googling tonight for one last tweak.  I'm sharing out ALL my mailboxes in Exhange to all the other people in the office.  Yes, you heard that right, I'm sharing out the ENTIRE mailstore with all my other employees.  For all my paranoia why in the world am I doing that?

Because there should be nothing in the employees mailboxes that is private.

There are times that people are on vacation that need to go into another person's mailbox.  There are times that “I” need to check another mailbox.  Because all email inside the business should be, first and foremost for business, there should be no personal information, no private and confidential information that one wouldn't be willing to share with another person in the office.

So I've also flipped the Exchange to native mode, turned off circular logging [and thanks Sean, I wasn't sure exactly where that setting was actually], ensured that the quotas were turned off.

I “think” it's just a matter of adjusting the Mailbox store to allow all Authenticated Users [or even Everyone in 2k3 as that group no longer has anonymous users] to have full rights on that mailstore.  If that's NOT the place to do this [as I can't remember since it was such a long time I did this on Exchange 2000], can somone let me know?

I'll also be taking this laptop with me and doing the “rule of always have a way to get to the Internet and newsgroups” tomorrow as I start the cutover.

"The document name or path is not valid" error message when you open a new document in a Windows SharePoint Services document library that is hosted on a Windows Small Business Server 2003-based computer:
http://support.microsoft.com/?kbid=886619
You cannot connect a client computer to the network in Windows Small Business Server 2003:
http://support.microsoft.com/?kbid=889105

Dear Fellow SBS'ers, Great news!!! Small Business Server (SBS) author Harry Brelsford will be returning to Canada on January 11, 2005 to deliver his popular one-day Windows SBS 2003 workshop. This workshop provides a third-party look at SBS from both business and technical perspectives. Full workshop details are available at www.smbnation.com.

 

The workshop will take place from 9am-5pm at the Wyndham Bristol Place, 950 Dixon Road, Toronto, Ontario M9W 5N4. Phone   416/675-9444

 

The registration fee is $125.00 CAD and space is limited! All attendees will receive a complimentary copy of Harry's book titled "SMB Consulting

Best Practices," a $80 CAD retail value. Continental breakfast and lunch will be provided. 

 

To register for the event, please visit http://www.smbnation.com

or email Nancy Williams at sbs@nethealthmon.com

 

Posted Tue, Nov 23 2004 19:43 by bradley | 1 comment(s)
Filed under:

Today, well, actually I mean tomorrow, but in reality today ... um.. okay see Australia is a day ahead so “today“ in the USA is our SBS infamous “we survived the Sharepoint date issue” anniversary in Australia where the issue first popped up because they are a day ahead of us [got all that-- we'll have a quiz later]. 

As I said at the time, leave it to the SBS newbie keep us humble.  As it fades into the collective memories of SBS, sort of like a birthing experience and afterwards you end up with an adorable kid....here's a couple of things that “I'm“ doing or planning to do on my brand spankin' new SBSized Sharepoint.

  • Beancounters need to know when we're going to CPE [continuing education].  So we have two sign out calendars in my office, one for vacation, one for CPE.  So in addition to the built in vacation calendar, I added one for CPE.
  • I'm going to enable RSS feeds from it.  Why?  Besides the fact that I'm an RSS nutcase you mean? Because when I approached the idea of the Companyweb being the homepage for folks, I got a bit of a cool reception to that idea.  No worries.  I'll enable RSS feeds on that Sharepoint site using Sid Weber's parts and push the information out to Newsgator inside of Outlook in addition to showing people how to sign up for alerts.  If folks don't want to go, I'll push the info to them.
  • I'm planning to put all the things that make me go.. now where the heck did I put that? on Sharepoint:
    • The PDF of the latest human resource manual
    • The PDF of the latest computer policy
    • “Basic How To's“ to do basic stuff like email, Internet research and what not.  [Yes I get asked “how do I send an email“ enough.. file, send to, mail receipient as attachment.... blah blah...
  • Oooh I need to remind myself of putting the pdf icon thing in Sharepoint otherwise that will drive me crazy without the right “picture“ icon. Chad blogged about that earlier.
  • I'm going to stick up there marketing materials and brochures that we've done that I normally again go... uh...where did I put that?
  • One thing I'm definitely going to change and look for new ones is the theme.  Need something besides the defaults [it's a girl thing - we have to move around the furniture at least once a year or so].  Hey I just found some themes here, I'll have to check them out!
  • While I have a Ultrabac backup that specifically backs up SQL server, I think I'll be stsadm-ing too!

So think of all the things that you go ...uh...where did I put that? in your firms!  I'm off to Sharepoint tonight!

It's easy!  First I'll showcase “my” tool of choice for “sucking” in webblogs into Outlook.  It's called Newsgator.  Download it, try it out first [you can buy it later] and install it so it sits inside your Outlook [which is where it automatically goes]. 

Now the fun part.  Let's find RSS feeds.  Okay let's say for arguments sake you want to pull this blog into Outlook/Newsgator. See up there up above this post that Orange thing-a-ma-bob up there on the web site that says "XML".  Go move your mouse up there and right mouse click on it. See how there is now a "subscribe in newsgator" option that you didn't have before?  Click that.  See?  That's how easy it is to subscribe to an RSS feed and have it sucked into Outlook!

Oh and by the way, Nick's pointed to the fact that we have a new SBS “blogosphere” family member.  In addition to Charlie and Sean and the EHLO [Exchange] blog, and lots more we have the SBS documentation team blog hosted by Steve Holland!

Want to read Charlie's Volleyball referee adventures in Outlook along with SBS stuff [the Volleyball stuff is fun to read].. well there ya go....

Get some WAY WAY kewl tips from SeanDaniel.com?  Piece of cake!

See how easy this is?  Don't forget... any time you see this   it's a sign that you can read that in your favorite newsreader.  Now then every hour or so that Newsgator goes out and checks for updates.  So next time Charlie is refereeing, you'll know.  And the next time  SeanDaniel.com is finding some other way to backup to some bizarre media, you'll know, and then next time Steve blogs another kewl tip on SBS, you'll know that too and you won't have to go all over the Internet to find this stuff, it will just come to you automagically... kinda like how SBS does stuff all the time!

More information on newsreaders can be found here [and hint... it's also the place with info on Security bulletins via RSS  ;-) so don't forget to sign up for those while you are at it!

Look for those ORANGE ICONS and start Right Mouse Clickin'!

Posted Tue, Nov 23 2004 18:26 by bradley | 6 comment(s)
Filed under:

If you got forwarded this, it's because your friend considered you a geeky beencounter.  Wear this badge with pride my friend because I think that geeky beancounters will be more and more the drivers of technology in the future [but that's just my opinion].

So what's this post all about?  To ask if you are a member of the IT section of the AICPA, that's what!  If you are, you'd get the AICPA 2004 Top Technology Guide for free for downloading via a email link.  But because you aren't ... you are missing out on some really valuable information and insight.  Better yet become a Certified Information Technology Professional and show to the world what your friend always knows.  That you ARE a geeky beancounter and proud of it!

Posted Mon, Nov 22 2004 19:35 by bradley | with no comments
Filed under:

To the marketing department of Companies in Technology:

Two things came across my desk this week to inspire this post.  The first was a study to help “develop a share CIO/TMT understanding” and the other was this blog post.

First off, there's a fundamental flaw in how you market computers to decision makers.  You make it seem so easy to install networks and computers and technology in your message to decision makers and quite honestly, it's not, nor should it be. 

The study that I refer to above says “the CIO must consistently work to provide the TMT with realistic expectations of the capabilities of IS. If the CIO allows the TMT to understand how IS can realistically be used within their firm to meet specific objectives, the CIO and TMT will be better able to reach a mutual understanding regarding the role IS will play within their organization.” 

Let's translate for the SBS world, shall we?

The consultant must constantly fight against marketing materials that indicate that installing and migrating to a new system is so easy that all it takes is putting a cdrom in a drive and following clicks.  The consultant must try, as best as possible, to manage the expectations of the customer that have been improperly set by brochures and information that state that the network installation is so easy, will only take minutes, computers are a piece of cake, and 2 year olds can handle this. 

Gordonian was blindsided by the expectations that you gave his customer that upgrading was easy. Even on those “15 minute” preloaded machines, you do realize that it took me way longer than 15 minutes to find all the tweaks in Trend I needed to do, to add patches, to adjust some group policies.   Now granted, I was slowed down a bit by capturing what I did and blogging about it, but still, the process I've done took longer than you, the marketing department, has set as expectations. 

Yes, I'm sorry to call you guys the “dark side”.  I know you don't mean to.  It's hard to run a business that needs to “cheerlead” out new products at the same time you properly set expectations. 

But understand, that to set up a network, securely, safely takes time.  Computers aren't easy. There's a reason that the geek squad division of Best Buy is making a name for itself or that geeks are going home at Thanksgiving fixing computers..  [thanks to Anne for that blog link]

Have you seen the other message that marketing puts out?  It's an ad by Cisco advertising their Network protection feature.  You've seen it, Dad is at the office and there's a massive worm attack underway and they can't figure out how it got in and then “Sally” skips by and tells Dad “Oh, I just downloaded a game on your computer, Daddy!”. 

Well folks, first and foremost, there's a flaw in that commercial.   First, “Daddy” should never allow kids on corporate assets and this should be a written policy that technology isn't needed for.  Secondly, “Daddy” shouldn't have the rights to download everything and anything on his computer.  He should be protected from himself.  Jeff Middleton wrote a section of Harry Brelsford's next book on the concept of “least privilege”, but honestly that's not an easy thing to do.  Security takes time.   

We” need to change our view.  We need to change the idea that all of the packets on the inside of our networks are good packets.  That we can trust explicitly all traffic that is on the inside of our networks.  That we don't need outbound filtering because only “good stuff” can be traveling outside, right?  That workstations are protected enough as long as there's a firewall on the outside.  Steve Riley talked about this at Tech Ed this year and it was captured on some of the blogs and articles around that time [and for the record XP sp2 is out Windows 2003 sp1 is still in beta]. 

But let's start first by changing... managing...the expectations of the decision makers.  Putting in network infrastruture isn't easy.  It's hard work.  And quite honestly even if it WAS possible to install a network in 15 minutes.... it wouldn't be secure.  You can't get fast and secure at the same time. Decisions are involved here and the word alone implies thought, consideration, review... certainly longer than 15 minutes anyway.

So to all those folks that market.. make sure your message is clear and truthful.  Security is a process, it takes time.  Help the consultant manage those expectations by managing the message from the get-go. 

To all those customers out there ....hire competent folks that make the right decisions.  Understand that they are making decisions in your best interests and don't rush them.

To you consultants ....communicate to your customer of your process and why this isn't a 15 minute thing.

Let's all manage those expectations, shall we?

Posted Mon, Nov 22 2004 19:11 by bradley | with no comments
Filed under: ,

So today I called Ultrabac and got the license updated for use on the new server as the license is tied to the server name.  I lamely named my SBS2000 a firmname-year [don't do that] so I'm making a decision to have the server name nice and short so I had to get a license key from Ultrabac as a result.

So you are probably asking....so why did you choose Ultrabac when SBS 2003 already HAS a backup [and a pretty darn decent one at that]? 

Well there's a couple of reasons.  For one, it's a software that I have maintenance on.  It's bought and paid for.  I bought it because back on SBS 2000 I was not going to code and script a backup method and I wanted email notification.  Veritas caused an issue with Exchange licenses so I tried Ultrabac and liked it.  Then, I have a Sony quad loader and again, I've already bought the module that covers that.  Lastly I have now two servers and Ultrabac is licensed for that too.  Now I do have to put the Ultrabac ON the SBS box as I have the SBS license plus the addons.  At home I'm using the built in backup which is working quite nicely. 

These days tape backup is more and more restrictive so if I were you I'd be making sure that server has a USB 2.0 or Firewire on that puppy so you can use other means like USB harddrives.  Tape drivers are just harder and harder to justify as a backup platform anymore. 

Here is what my new baby ...um..server looks like.

And I'm going to test something out.  I'm “NOT“ going to disable smb signing and I'm going to see if the speed is fine with all my XP sp2 workstations as the fixes for that issue are already in SP2.  I am going to adjust off oplocking and autodisconnect because Quickbooks likes it with those adjusted.

 

Posted Mon, Nov 22 2004 13:12 by bradley | 1 comment(s)
Filed under:

Just a reminder... your end users.. your customers? 

THEY DON'T NEED TO OPEN EVERY ATTACHMENT THEY GET.

They don't need .scr or .exe or .pif or any of that gunk.  Go into Scanmail and click on “enable attachment blocking“.  Click on the “Ok“ that says turn this off after the incident.  Blow that off.  You want this setting on ALL THE TIME.  Now click on settings and  click “block specific attachments“ adjust to those items that you want to block.  Here's a sample from a University of what they block.  Figure out those minimal attachments you have to have for business and block everything else.

P.S.  In that same screen make sure the quarantine is on a large place.  Those bad files locations can fill up.  Exchange 2003 sp1 no longer saves “badmail” which is a good thing these days.

When I first got my other server, SBS 2000, I actually delayed the roll out of that server because you had to either wait for Exchange 2000 sp1 or do a funky registry workaround.  Because you never want to put a server in production without

  • Antivirus
  • Patching
  • Firewall
  • Backup

Fortunately for SBS 2003 we had antivirus protection AND Backup AND Firewall from Day 1.  The entire industry is working on the patching part [patience].

I like to have a server based antivirus that watches the server, the workstations and Exchange.  You don't want to have your workstations get the gunk... you want to block it at the server BEFORE it hits your desktops.

Loading up Trend and you can either follow Les's info or Amy's. 

Remember at the end, you have to add website of officscan into the Trusted site zone of your Internet Explorer.  Tools, Internet Options, Security and Add that website to the trusted site zone to get the web site to work.

Next make sure you exclude Exchange files AND exclude our SBS Cal file locations. Since I moved my Exchange server files to my E: partition, I had to adjust Les's exclude info.

The Exclude for the CAL location is:

  • File - %windir%\system32\licstr.cpa
  • Folder - %windir%\windows\system32\lls

We do this because if you scan those files you “may” end up only having 5 cals in the morning as the anitivirus corrupts the files.  They are similar to Exchange files that you want to make sure are excluded.  [and no this doesn't happen in all cases but I'm a paranoid nutcase who likes to be prepared - noticed I said “may“ and not “will“ - it doesn't always occur - and it's also caused sometimes by hardware issues]

Remember to enable the spyware setting in Trend as well and to ensure that Quaranteed virus files don't mess with your backup.

 

P.S.  To whomever thought to name the files that do the license counting.with the extension of .cpa ... was that a coincidence or did you just figured it had to be a boring beancounter to keep track of the licenses?

;-)

P.S.S.  Don't forget to go into the Scanmail console [I use the not web based for this as I don't want to load JAVA on the server] and make sure it is set to update every hour on the hour.

So getting ready to cut over and I'm ensuring that the tweaks and stuff I had in the old server are in the new one so I'm remoting into both the server at the office and the new server at home from my laptop while sitting at home in front of the TV.  Talk about a mouse potato.  The only calamity I nearly had was when my lip developed a leak and I spilled Mountain Dew into the touchpad of the laptop.  Fortunately it's my older laptop.

So I'm sure you want to know the point of this post other than the fact that I can't drink and compute at the same time?

You do know how to remote into your server and “be” at the server while sitting at your desk don't you?

It's EASY.

  • Start
  • Accessories
  • Communication
  • Remote Desktop Connection
  • Now put in the IP address of the server or the computer name
  • Log as Administrator and password and....
  • Voila

But SuperG would say do it via command line rather than my GUI way

To connect to the console session of a server

  1. Open Command Prompt. [start, run, cmd]
  2. Type: mstsc /v:server /console

Where “server” is the IP address or name of the server.  That connects you to the “console” session on that server.

 

See!  Easy!

Posted Sun, Nov 21 2004 17:33 by bradley | 5 comment(s)
Filed under:

Thought I'd show you what I did to enable the NoLMHash

How to prevent Windows from storing a LAN manager hash of your password in Active Directory and local SAM databases:
http://support.microsoft.com/default.aspx?scid=kb;en-us;299656

First I opened up the Group Policy from start, programs, administrative tools, group policy management and went down to the Domain Controller section and right mouse clicked to “Credit and link an GPO“ here.

Next I named it what it was doing [LAN Manager Hash] so I could know that was the policy doing the “pushing“.  Next I right mouse clicked on the name and clicked “Edit“

Now we drill all the way down, computer configuration, then expand windows settings, then security settings, then local policies, then security options and click on that section.

On the right hand side you should see a list of things you can do, scroll down to the “N” section and look for this setting:

Now double click and ENABLE that setting.

When you get all done the “resulting window should look something like this:

Got the SQL patch to work on the SBSMonitoring... it was weird because I reran the monitoring wizard leaving the “defaults” and then it patched like a champ.  The only “unpatched” item is the .Net 1.1 sp1 that Shalik can't report as patched [this will be fixed in another version].  So I think I'm good to go now on patches.  I just added the 5 CALs that I got due to our Sharepoint issue from last year and it got me thinking.  I almost should have put in the extra 5 cals that I got as a result of the Sharepoint date issue on November 24th, the anniversary of that issue. 

I have to give a huge thank you to Les Connor.  He was the one who spotted the trend of Sharepoints falling over in the public and partner newsgroups and the one who spotted the post from the guy who figured out it was an issue with the date. 

As we come up to the year anniversary of the Sharepoint moment... remember that we all win when we share our experiences.  I hate to sound like a broken record here, but it's in the patterns that we spot from all of us that we can learn the most.

What's the thing to remember most about the SBS 2003 box?  Don't forget the “To do“ list.  Stay with the “standards“

Don't do the remote/RRAS VPN wizard and you'll get your RRAS picking up a wonky name.

Don't do the Monitoring wizard and you can't patch your MSDE instance of SBSMonitoring.

Don't do the Connect to Internet wizard and you can't get out to the Internet correctly and safely in the first place.

Make sure you go down that To Do list and check those boxes.  They are there to help you standardize your system. 

 

Posted Sun, Nov 21 2004 12:40 by bradley | with no comments
Filed under:

Hmmmm..... there's two patches that won't push down from MBSA/Shavlik so I'm doing them manually.  The first is the .NET 1.1 sp1 and the second is the 03-31 for the SBSMonitoring SQL/MSDE instance.  One tweak I'm putting in place is the “Dr. J Password security tweak“.  What?  Don't know what I'm talking about? 

If you have a full Windows 2000/XP network OR have made your 9x clients use the active directory add on, you can turn off something called Lan Manager Hash.  What's that?  It's a legacy leftover from IBM that we really don't need to keep turned on if we have up to date networks.

In this KB it talks about how to ensure that this hash is not saved.  Why is this important?  Because if you've ever played with LC4 or LC5 or John the Ripper, you know how fast and quickly passwords can be retrieved if these hashes are saved. It's mere seconds that someone can retrive your passwords if they are saved in this manner.  I've seen LC5 nail a 9 character dictionary word in mere minutes.

  • In Group Policy, expand Computer Configuration, expand Windows Settings, expand Security Settings, expand Local Policies, and then click Security Options
  • In the list of available policies, double-click Network security: Do not store LAN Manager hash value on next password change
  • Click Enabled, and then click OK

So why are passwords important?  Let's think of all the ways and places that we rely on password for the first line of defense of security.

  • Banks and online banking.
  • ATMs and Debit cards and PIN numbers
  • Websites and online shopping

Don't you hope that all those places where YOU store passwords would enable that setting too?  [Granted you are probably not putting your password into a AD environment when you log in...but you get the point.] What other places do you put passwords in a computer system and probably don't know what procedures they have for protecting them?  I've seen places like Tmobile and ATT wireless airport signups demand that the password that I chose matched a secure policy.  I don't even want to admit how lame my Amazon.com password is.  Hmmmm... reminds me.... I should go change that sucker.  Excuse me while I go do that after I just admitted how lame it was  :-)

Finishing up the patching on the server and it was kinda getting a bit boring waiting for the patches and the reboots so I started multitasking and highlighting [patching] my hair at the same time [the blonde streaks were growing out].  Even with my Shavlik Patch tool there's a couple of patches that are not patched by Windows Update, MBSA, or HfnetchkPro and you must go to the download site to get.

The key ones to remember I'll pull out here:

You may also need some of these that can be obtained FOR FREE from Product Support.  Call your local Microsoft office and obtain the patches.

P.S.  Andy reminded me of a couple of others [check the feedback section and one in particular]

Pauli commented in “is there a Microsoft approved way to keep our boxes patched up?“

Yes, actually

If you use, like he does, only uses Windows Update and MBSA, you'll miss the asp.net vulnerability mitigation patch and the ISA server patch and some “fix up“ patches like our Exchange 2003 sp1 post patch. 

For Pauli, I'd recommend continuing what he's doing, WU and MBSA, but add visiting that Download page.  I do need to ping back to Microsoft that the ISA server patch isn't yet listed on that page but it was “just“ rereleased the other day to fix up an issue that they were having.

There is currently a public beta going on of something called WUS or Windows Update Services but its a BETA, at this time does not include SQL server or ISA server, and SHOULD NOT under any circumstances be run on a production box.  We're still on our way to “patch heaven”.   We're not there yet, so we'll have to be a bit more patient.  Aligning all the products to use two patch engines and getting them into a “one engine” patch mechanism has taken time.

I personally would recommend that you check out Shavlik.com's HfnetchkPro.  It's still my way way way preferred method of patching.  Through the kindness of their hearts they offer a free version that patches 1 server, 10 workstations.  About three years ago or so, I bought and put on maintenance their Hfnetchpro.  You'd have to pry my dead fingers off that interface.  I do wish they would have a per seat pricing structure, but even the 25 user version is only $24 per computer.  Look at it that way, and my data is way worth more than $24!  I do a combo of HfnetchkPro AND the download page to keep me patched up.

Thanks Pauli for the comment and I hope this helps?

Sorry for harping on this issue like a broken record but I'm finishing up the new server and just wanted to point out a few things:

Windows update may say I'm patched:


But Shavlik 's HfnetchkPro disagrees:

In fact we're missing 3 service packs and 8 security updates:

 


We're not done yet!

But even then, we need a bit more patches found on our download page:

The post Exchange sp1 fix up and our ASP.net mitigation to name just a few

One of the big changes in IE under XP sp2 is the ability to manage Internet Explorer add ins.  Details of this are showcased here:

How to manage Internet Explorer add-ons in Windows XP Service Pack 2:
http://support.microsoft.com/kb/883256

Tonight on Thundermain's RSS feed I spotted this KB and tracked back the KB that was released to the download page:

Download details: Update for Internet Explorer 6 for XP Service Pack 2 (KB888240):
http://www.microsoft.com/downloads/details.aspx?familyid=d788c59e-b116-4d38-b00c-ff1d529106c8&displaylang=en

Some add-ons are not listed in the Manage Add-ons dialog box in Internet Explorer on your Windows XP Service Pack 2-based computer:
http://support.microsoft.com/default.aspx?scid=kb;en-us;888240

Sounds like a good download to install, don't you think?  :-)

Posted Fri, Nov 19 2004 23:50 by bradley | with no comments
Filed under:
More Posts « Previous page - Next page »