Thu, Nov 25 2004 23:07
There's always one that drives you to drink
Well day two of the “you really don't want to do it like I'm doing it and I never want to do this again and have to “touch” the workstations like I'm having to do it” migration.
I got the permissions needed for Lacerte working, and used the “touching the workstations” opportunity for a good spyware inventory. There are a couple of workstations that I did a “what the heck is that!” in the add/remove directory. Time to prepare the troops for “user mode” by Christmas. A little too many funky programs in there that just shouldn't be there.
And of course there's one workstation that had to make my day. I've never seen a Window XP that wouldn't let me flip from the “cutesy” control panel to classic mode, but I did certainly today. It also only has “restricted site zone” in Internet Explorer. That's it, no internet, no trusted zone, nothin'. Just “restricted”. Like I said, I've never seen a machine do what this one is doing. Oh, did I happen to mention that it had [notice the past tense] AOL on this workstation? Remember the other machine [a laptop] that I had xp sp2 upgrade issues with was also a machine that had AOL on it.
I'll let you decide about supporting AOL in a firm environment, but I know I'm putting my foot down and not installing it anymore as I've wasted too many hours with machines that have had it on and it just gives some really weird issues. Now granted in might be coincidence, but given that two out of two computers with AOL have been my problem children, it just makes you go hmmmmm, doesn't it?
Kevin actually recommends a different approach if the owner “has“ to have AOL:
- Use Enetbot's utility that will send/receive AOL email into Outlook [http://www.enetbot.com]
- Or use the AOL webmail [which in reality isn't too smart either as you are blowing past all of your Exchange based antivirus]
Well there's a repair install of XP in the cards for tomorrow. The worse thing about this workstation is it's one of the ones with a Nvideo Digital card. I have two of these machines in the office and they hate the SP2 driver so I have to boot into safe mode and roll them back to the sp1 video driver. I even tried totally building a new profile on this system and it still was an obviously not so healthy box. Mind you.. this is one of the partner's computer [of course... it would have to be his computer, wouldn't it?] so I want to get it ... well... kinda working.. ya know?
So I took this opportunity to
- Update the ISA client
- Update to the new Trend suite
- Ensure that the antivirus was being seen by the XP sp2 security center
- Ensured that a port was opened up for Trend to listen at 24091 [Trend's default]
- Reviewed Windows update to see if “it thought“ I needed any additional patches [for example one machine “thought“ it needed XP sp2 even though I had previously applied it. Under the theory that just let it do it's thing and don't argue... I let it reapply SP2. The other machines wanted to load the GDI+ tool
- The annoying thing is I have to launch the time and billing program for each workstation and make it build a local calc space and reattach to the right billing database
- Some programs don't bat an eye when you've ripped out their UNC name and some do
Funny thing. I was contacted on Wednesday to give feedback on patching. It's very fitting that I “just“ finished “patching“ a new server up to snuff and then had to take inventory of all these machines. It's still not easy to patch. Even with my Shavlik patch tool, it's still NOT “blonde“ enough for a do it yourselfer or even a consultant that isn't the wacko for patches that I am. The impact of the ISA patch the other day points out that many folks did not realize that ISA Server sp2 had come out as far back as last May. I still want an RSS feed that keeps track of all Service packs. I think I'll ask Santa for that for Christmas ;-)
Filed under: Rants