September 2007 - Posts - THE OFFICIAL BLOG OF THE SBS DIVA

As Quickbooks 2008 is about to release...

I got to thinking as to why my Quickbooks 2006 (yes 2006!) on my laptop has no issues with LUA and can launch and run just fine.

On my Vista desktop I'm running Quickbooks 2007 which is built for Vista, no UAC whatsoever. On my laptop, I can even run Quickbooks 2006 without getting any UAC prompt (and 2006 isn't really supported on Vista but mine works like a champ).

On Vista I don't even edit the compatibility to run like XP sp2.

I do have one leftover element on that Vista that used to be XP once upon a time... I hacked up the Registry to let Quickbooks run as a normal user on XP -- http://www.threatcode.com/quickbooks.htm and as soon as I fire up the laptop tomorrow, I'll confirm if that's why I can have Quickbooks (2006) run without a single UAC pop up.

Do make sure you are on the latest version of the Quickbook release as some of the early versions had some weirdness.

But it is my job to ensure that I can run systems as sure as I can, and that includes normal user mode on XP, and leaving UAC on in Vista.

Posted Wed, Sep 26 2007 23:00 by bradley | 3 comment(s)

Filed under: Quickbooks 2007

Packing the laptop...

In response to a poster who is having issues running Quickbooks without getting a UAC prompt... my Vista laptop runs Quickbooks with no UAC. I will post up here what setup I did to get it to "just work"...but tonight I have to pack the laptop, the wireless router so it can be shared out (Anne, Amy and I are having our own Women of IT pow wow), the Zune, the handouts, the business cards, the power cords, the batteries, the makeup.. the clothes... the raincoat (which I'm hoping that's in the closet since I haven't seen it in months), the umbrella, the AuthAnvil Crytocard....anything else?

Oh yeah...just did online check in for the (ugh) 6 a.m flight from Fresno to Seattle... will blog from Seattle and SMBnation.

The Transportation Security Administration (TSA) prohibits passengers from taking liquids, gels, and/or aerosols (e.g. beverages, lotions/ creams, shampoos, toothpastes, hair gels, and other items of similar consistency) through screening checkpoints.

Exception: One transparent resealable 1-quart (1 liter) size plastic bag containing liquids, gels, and/or aerosols in containers of 3.4 oz. (100ml) or less per container. The contents of the plastic bag must be completely closed and separate from the passenger's carry-on bag. Passengers who do not properly package items as indicated may be subject to secondary screening. In addition, passengers may carry baby formula/milk (to include breast milk) and baby food/juice in containers if a baby or small child is traveling, medications (liquid, gel, and aerosol), liquids (to include juice) or gels for diabetic or other medical needs. These items do not need to be in a clear plastic bag and may exceed 3.4 oz. if the passenger declares them to the TSA.

Oh yeah... a quart bag...

(and edited the post as starting off with that UAC comment probably didn't make any sense)

Posted Wed, Sep 26 2007 20:15 by bradley | with no comments

Filed under: smbnation

How NOT to patch at SMBnation.com

If I've done this right by pre-dating a blog post... my "how NOT to patch" resource page will show up on the blog a few hours before Wayne Small and I talk about the subject at www.smbnation.com . Until then.... I'll just taunt you with some images from it...

Posted Wed, Sep 26 2007 20:07 by bradley | with no comments

Filed under: smbnation

October 11 in Stockholm

Small Business Summit:
http://www.microsoft.com/sverige/technet/sbsummit/

Google doesn't have a translator... so you guys are on your own for translation

http://www.google.com/language_tools?hl=en

Posted Wed, Sep 26 2007 12:33 by bradley | with no comments

Filed under: News

Windows Home Server Remote Access

http://feeds.feedburner.com/~r/MicrosoftDownloadCenter/~3/161606254/details.aspx <http://feeds.feedburner.com/%7Er/MicrosoftDownloadCenter/%7E3/161606254/details.aspx>

This Technical Brief provides an in-depth look at the features and functionality of Windows Home Server Remote Access.

I'll cut to the chase.. it's like SBS's Remote Web Workplace!

Posted Wed, Sep 26 2007 12:18 by bradley | 1 comment(s)

Filed under: News

Happy Squeaky Lobster Day

http://msexchangeteam.com/archive/2006/06/15/427966.aspx

Born - Fri Sep 26 11:15:00 1997

Posted Wed, Sep 26 2007 12:16 by bradley | with no comments

Filed under: Exchange

Were you waiting in the download line?

Not for this....

But for this....

RC0 Download:
http://www.microsoft.com/windowsserver2008/audsel.mspx

Viridian Installation Instructions:
http://www.windowsvistaplace.com/installing-viridian-ctp-on-windows-server-2008-rc0/windows-server-virtualization

Viridian RC0 capabilities:
http://blogs.msdn.com/virtual_pc_guy/archive/2007/09/24/windows-server-virtualization-community-technology-preview-now-available.aspx

(thanks to Chris Knight for those links)

Posted Tue, Sep 25 2007 23:10 by bradley | 1 comment(s)

Filed under: News

I'm still going upside down

SMB Security Summit – November 23rd, 2007 - SBSfaq.com Blog Site:
http://blog.sbsfaq.com/Lists/Posts/Post.aspx?List=269e4081%2Dac58%2D42a6%2D9a54%2D383a6a3fb0d8&ID=28

I'm still going upside down this November and I hope you'll join me as well!

Sign up for it HERE: http://events.sbsfaq.com/

Posted Tue, Sep 25 2007 19:51 by bradley | with no comments

Filed under: News

SMBnation... almost here!

Don't forget to go up to go down.

When you arrive at the Seattle airport and get your baggage you'll find that after the baggage claim you'll need to go up the ramp, across, then down a floor to get cab/transportation/rides to the hotel.

And gee Wayne... I'm not that much of an ogre!

SMBNation – I’m on my way - SBSfaq.com Blog Site:
http://blog.sbsfaq.com/Lists/Posts/Post.aspx?List=269e4081%2Dac58%2D42a6%2D9a54%2D383a6a3fb0d8&ID=29

Join us for a Webinar on September 25

Join Harry Brelsford and Jenny Hall from SMB Nation, for last-minute conference updates, PLUS learn about the Super "Success Bundle" Book Launch Pre-Day Event, Friday, September 28th.

Title:		SMB Nation 2007 Fall Conference Updates, PLUS Super "Success Bundle" Book Launch Event!

Date:		Tuesday, September 25, 2007

Time:		9:00 AM - 10:00 AM PDT

System Requirements
PC-based attendees
Required: Windows® 2000, XP Home, XP Pro, 2003 Server, Vista

Macintosh®-based attendees
Required: Mac OS® X 10.3.9 (Panther®) or newer

Space is limited.
Reserve your Webinar seat now at:
https://www.gotomeeting.com/register/941424751

Also Richard Kenyon has been gracious enough to start a yahoo group for SMB Nation 2007 attendees to use as a online bulletin board to discuss the topics such as setting up meetings, parties, pre/post activities, sessions and whatever is related to SMB Nation 2007. Please visit http://tech.groups.yahoo.com/group/smbnation2007 Please use proper language and be respectful.

Right now you must submit to join either group as we want to keep the spammers out

Jenny Hall
Event Manager
SMB Nation Inc.15773 George Lane, Suite 201 Poulsbo, WA 98370360-779-1140 extension 5111.888.SMB.NAT1360-824-6042 Fax

From: Jennifer Hall
Sent: Monday, September 24, 2007 10:11 AM
Subject: SMB Nation Fall Conference UPDATES

We are only 1 week from the conference and I wanted to send you a note regarding conference updates.Early RegistrationFor your convenience we will have a registration booth set-up at the Marriott Town Center on September 28^th from 12:00pm to 8:00pm. Beat the morning rush on the 29^th and pick up your conference materials on the 28^th. To register to take the exam during the conferenceWe are excited to announce that we are taking reservation for onsite testing during the conference.To register for a testing time please contact Jackie at 360-779-1140 or email at Jackieo@smbnation.com.

CONFERENCE CALLJust a reminder that you are a panelist in the following Webinar that will take place tomorrow:

SMB Nation 2007 Fall Conference Updates, PLUS Super "Success Bundle" Book Launch Event!
Tuesday, September 25, 2007 9:00 AM - 10:00 AM PDT

1.	At the time above, please use a PC with Windows 2000 or higher and click the Join Webinar button or this link to join the Webinar:
	https://www.gotomeeting.com/pjoin/941424751/105559539

2.	Dial in to the conference call using this number:
	(641) 715-3399,

Webinar ID: 941-424-751

Transportation<!--For transportation to and from the airport I would contact www.shuttleexpress.com<!--There is a complimentary shuttle in the morning and evenings to and from the hotel to the conference center<!--Below is the first morning transportation schedule

September 29^th
AM Schedule
Marriott Town Center	Marriott Residence Inn	Conference Center
6:45	6:50	7:10
7:00	7:05	7:25
7:15	7:20	7:40
7:30	7:35	7:55
7:45	7:50	8:10
8:00	8:05	8:25
8:15	8:20	8:40
8:30	8:35	8:55
8:45	8:50	9:10
9:00	9:05	9:20
9:15	9:20	9:40

Weather Report

Thu
Sep 27

Few Showers

63°/50°

Fri
Sep 28

Showers

54°/46°

Sat
Sep 29

Few Showers

58°/49°

Sun
Sep 30

Showers

53°/51°

Mon
Oct 1

Showers

54°/50°

YAHOO GroupsKen Edwards has been gracious enough to start a yahoo group to assist coordinate rides and lodging for the SMB Nation Fall Conference.

Please visit http://finance.groups.yahoo.com/group/SMBNation2007Transport/ . Please use proper language and be respectful.

SMBNation2007 Transport is the group. Right now you must submit to join as I want to keep the spammers out. :^)http://finance.groups.yahoo.com/group/SMBNation2007Transport/ .
Another smbnation2007 yahoo group has been created “for SMB Nation 2007 attendees to discuss the various preliminary topics such as shared rides from the airport, shared accommodation opportunities, setting up meetings, parties, pre/post activities and whatever”.
http://members.smbtn.org/SMBNation2006

And now a word from our Sponsor
THERE’S A NEW GUY IN TOWN,
Steve Hogg will present “WHAT YOU NEED TO KNOW TO SUCCESSFULLY TRANSITION TO MANAGED SERVICES” Monday, October 1; 8:30 am; Cascade Auditorium at SMB Nation. “I highly recommend Steve’s sales training. Do it! I guarantee you will not be disappointed.” Tim Wilson, Charleston, West Virginia.

Pre-day EventsRobin Robins Friday, September 28, 2007
Marriot Redmond Town Center7401 164th Ave. NERedmond, WA 98052Registration: Noon - 1pmSeminar (1st Half) 1-3pmBreak 3-3:30pmSeminar (2nd Half) 3:30-6:30pmCocktail Reception 6:30 - 8:30pm “Give me half a day, I’ll show you the fastest, easiestand most fail proof way to attract all of thehigh-paying clients you can possibly handle inyour computer consulting business -

Karl Palachuk Seminar~ Friday, September 28, 2007Marriot Redmond Town Center 7401 164th Ave. NE Redmond, WA 98052 Registration: 12:30 - 1pm Seminar 1-4pm 1. HaaS - Hardware as a Service
How KPEnterprises jumped in with both feet andmade a bunch of money!

2. Perfect Projects Every TimeA true introduction to Karl’s Super-Good Project Management Binder. You even get a Start Here button!These are not technical seminars. These are business related discussions.

Super “Success Bundle” Book Launch Five Great Books - One Great Book Launch Friday, September 28, 20074:00 - 6:00pm Marriot Redmond Town Center7401 164th Ave. NERedmond, WA 98052 Book Launch 4-6pm Arlin Sorensen - Erick Simpson - Karl W. Palachuk -Matt Makowicz - Stuart R. Crawford
Moderator: Jeff Middleton

Five new books will be launched. This session will be a content filled panel discussion, moderated by Jeff Middleton, guaranteed to be worth your while. We’re all going to launch at the sametime, in the same room!

Accommodations

We have arranged special accommodations at the Redmond Inn, which is located within walking distance of the Marriott Residence Inn and Town Center. To make reservations please call 1.800.634.8080 and state you are with the SMB Nation Fall Conference (conference code(pre-smb))

Posted Tue, Sep 25 2007 19:37 by bradley | with no comments

Filed under: smbnation

You receive an error message when you try to open or to save a file type that was blocked by your registry policy settings in Word 2007 or in Word 2003:

You receive an error message when you try to open or to save a file type 
that was blocked by your registry policy settings in Word 2007 or in Word 2003: 
http://support.microsoft.com/kb/922849

From Gary in the newsgroup

Hi,

The "You are attempting to open a file that was created in an earlier 
version of Microsoft Office" error is one that seems not to impact many, but 
that is scant comfort if you are one of those impacted. MS's response is 
lame, so I've included a fix here. The .REG entries are included for Excel, 
PowerPoint, Word, and Corel Draw. All info was extracted from the current 
crop of MSKB articles that are available as of 9/23/2007.

What you'll need to do is create a .REG file appropriate to the version of 
Office (either 2003 or 2007) you'll be using it on. To do this, create a 
.TXT file from either of the following sections, then rename it 
O2K3Error.REG or O2K7Error.REG (other then the .REG extension, the actual 
name is unimportant) as appropriate to your version of Office, and merge it 
into the registry at each XP workstation experiencing the error. Please note 
that 1) although I am confident these fixes will work on W2K workstations, I 
have none to test these on, and 2) if you'll be using these on W2K machines, 
the REG files will have to be tweaked for the W2K version of Regedit.EXE. (I 
*think* that the only difference would be that the first line of the W2K 
version would have to say, "Windows Registry Editor Version 4.00," but alas 
I am not sure of this.)

If you have any comments, corrections, or additions, please post them here 
so they will travel with the thread.

GaryK

For OFFICE 2003 (do not include the dashed lines):
-------------------------------------------

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\PowerPoint\Security]

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\PowerPoint\Security\FileOpenBlock]
"FilesBeforePowerPoint97"=dword:00000000
"BInaryFiles"=dword:00000000
"HTMLFiles"=dword:00000000
"Converters"=dword:00000000
"Outlines"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\PowerPoint\Security\FileSaveBlock]
"FilesBeforePowerPoint97"=dword:00000000
"Converters"=dword:00000000
"Outlines"=dword:00000000
"HTMLFiles"=dword:00000000
"BinaryFiles"=dword:00000000
"GraphicFilters"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security]

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\FileOpenBlock]
"BinaryFIles"=dword:00000000
"FilesBeforeVersion"=dword:00000000
"HTMLFiles"=dword:00000000
"XMLFIles"=dword:00000000
"RTFFiles"=dword:00000000
"Converters"=dword:00000000
"TextFiles"=dword:00000000
"InternalFiles"=dword:00000000
"WLLFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\FileSaveBlock]
"BinaryFiles"=dword:00000000
"FilesBeforeVersion"=dword:00000000
"HTMLFiles"=dword:00000000
"XMLFiles"=dword:00000000
"Converters"=dword:00000000
"RTFFiles"=dword:00000000
"TextFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security]

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileOpenBlock]
"BinaryFIles"=dword:00000000
"LotusAndQuatroProFiles"=dword:00000000
"DifAndSylkFiles"=dword:00000000
"HtmlandXmlssFiles"=dword:00000000
"XMLFiles"=dword:00000000
"TextFiles"=dword:00000000
"XLLFiles"=dword:00000000
"Converters"=dword:00000000
"DatabaseandDatasourceFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Excel\Security\FileSaveBlock]
"BinaryFIles"=dword:00000000
"DifAndSylkFiles"=dword:00000000
"LotusAndQuatroProFiles"=dword:00000000
"DatabaseandDatasourceFiles"=dword:00000000
"TextFiles"=dword:00000000
"XMLFiles"=dword:00000000
"Converters"=dword:00000000
"XLLFiles"=dword:00000000
"HtmlandXmlssFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Graphics 
Filters\Import\CDR]
"Enabled"=dword:00000001

-----------------------------------------------


For OFFICE 2007 (do not include the dashed lines):

==========================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\Security]

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\Security\FileOpenBlock]
"FilesBeforePowerPoint97"=dword:00000000
"BInaryFiles"=dword:00000000
"HTMLFiles"=dword:00000000
"GraphicFilters"=dword:00000000
"Outlines"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\PowerPoint\Security\FileSaveBlock]
"FilesBeforePowerPoint97"=dword:00000000
"Outlines"=dword:00000000
"HTMLFiles"=dword:00000000
"BinaryFiles"=dword:00000000
"GraphicFilters"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Security]

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Security\FileOpenBlock]
"BinaryFIles"=dword:00000000
"FilesBeforeVersion"=dword:00000000
"HTMLFiles"=dword:00000000
"XMLFIles"=dword:00000000
"RTFFiles"=dword:00000000
"Converters"=dword:00000000
"TextFiles"=dword:00000000
"InternalFiles"=dword:00000000
"OpenXMLFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Word\Security\FileSaveBlock]
"BinaryFiles"=dword:00000000
"FilesBeforeVersion"=dword:00000000
"HTMLFiles"=dword:00000000
"XMLFiles"=dword:00000000
"Converters"=dword:00000000
"RTFFiles"=dword:00000000
"OpenXMLFiles"=dword:00000000
"TextFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Security]

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Security\FileOpenBlock]
"Binary12FIles"=dword:00000000
"OpenXMLFiles"=dword:00000000
"BinaryFIles"=dword:00000000
"DifAndSylkFiles"=dword:00000000
"HtmlandXmlssFiles"=dword:00000000
"XMLFiles"=dword:00000000
"TextFiles"=dword:00000000
"XLLFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Security\FileSaveBlock]
"Binary12FIles"=dword:00000000
"BinaryFIles"=dword:00000000
"DifAndSylkFiles"=dword:00000000
"TextFiles"=dword:00000000
"XMLFiles"=dword:00000000
"OpenXMLFiles"=dword:00000000
"HtmlandXmlssFiles"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Shared Tools\Graphics 
Filters\Import\CDR]
"Enabled"=dword:00000001

==========================

Posted Tue, Sep 25 2007 18:23 by bradley | 6 comment(s)

Filed under: News

4 gigs is not 4 gigs

When is 4 gigs of ram not 4 gigs of ram?

Based on my research and experiences, this issue occurs because the
available system RAM on a 32-bit computer is reduced to allow space within
the first 4 GB of address space for PCI hardware configuration
requirements. This behavior is expected on 32-bit computers that have 4 GB
of RAM installed.

Below is a workaround for this issue:

To enable a 32-bit version of Windows Vista to access more of the installed
RAM below 4GB that is reserved for hardware, enable Physical Addressing
Extension (PAE) in Windows Vista boot settings. First, your computer must
meet these requirements:

1. The chipset must support at least 8 GB address space. Chipsets with this
capability include the following chipsets: Intel 975X, P965, and 955X on
Socket 775.
2. Chipsets that support AMD processors that use sockets F, 940, 939 & AM2.
These are AMD socket/CPU combinations where the memory controller resides
in the CPU.
3. The processor (CPU) must support the x64 instruction set. AMD64 and
Intel EM64T CPUs support the x64 instruction set.
4. The BIOS must support the Memory Remapping feature where the segment of
system RAM previously overwritten by PCI configuration space is remapped
above the 4 GB address line. This feature must be enabled in the system's
BIOS configuration utility. See the product documentation for the computer
for information about how to enable this feature. Many consumer-oriented
computers may not support Memory Remapping. There is no standard
terminology for the feature in documentation or BIOS configuration screens.
Therefore, you may have to read the descriptions of the various BIOS
configuration settings that are available to determine which, if any,
result in this feature being enabled.

Contact the manufacturer or retailer to determine whether the computer
meets these hardware requirements. If your computer meets these
requirements, you can use the /PAE option in the Boot Configuration
Database (BCD) file. To do this, log on to the computer by uning an account
that has administrator privileges, and then type the following command at
the command prompt: "Bcdedit /set ID PAE ForceEnable" (without quotation)

The resolution of this issue is that to access 4 GB of RAM or more in
Windows Vista, make sure that the computer is running a 64-bit version of
Windows Vista.

Note: Some drivers might fail to load if PAE is enabled, because the device
might be unable to perform 64-bit addressing or the drivers might assume
that PAE mode requires more than 4 GB of RAM. For more information, see the
More Information section.

For more information, please refer to the following KB article:

Windows Vista or Windows Server 2003 may report less memory than you expect
http://support.microsoft.com/kb/929580

Posted Mon, Sep 24 2007 22:30 by bradley | 2 comment(s)

Filed under: News

Office 2003 sp3 on a computer with Office 2007

On workstations that have both Office 2003 and 2007 (like FrontPage 2003 along with Office 2007), I'm seeing that when clicking and launching a link in IE7 of companyweb (SharePoint version 2) that IE closes out.

Okay so more like "Dr. Watson" barfs out:

And in googling I found this....

http://forums.microsoft.com/TechNet/ShowPost.aspx?PostID=1090561&SiteID=17

At this time I think it's the Office 2003 and 2007 parts that are causing a bit of fits post the install of Office 2003 sp3. So I'm in the process of doing a repair install of Office 2007 to see if that fixes it up.

I'll let you know.. repairing Office 2007 takes a while...

And the answer is yes.. that's what fixed it.

Moral of this story... when you install Office 2003 SP3 on a system that has Office 2007, be prepared to go back into add/remove, click on Office 2007 and fire up a repair install of Office 2007 so that it is king of the hill.

Posted Mon, Sep 24 2007 21:46 by bradley | with no comments

Filed under: Sharepoint

The UAC count for the month....

The UAC count for the month.. that is, the number of times I've been "bothered" by a UAC prompt indicating that it needed approval for elevation.....

Is one.

One time this month I've been prompted with a UAC prompt.

One.

So everytime I see someone ask a question about "How do I turn off UAC", the thing I want to ask is "What are you doing that makes UAC prompt you?". The second question I want to ask is "Do you realize that by turning off UAC, you also turn off IE's protected mode?"

"Oh but I run Firefox" (or Opera or whatever), I hear you saying... doesn't matter, as has been seen in the past, Firefox can be used as a vector to attack via IE.

"But it's my machine", I see you post in the newsgroup. Fine, then take the time to understand that you just shut off IE in protected mode and what risk you just put your machine in. If you care about your machine and the data on that machine you'd leave it on.

And even when I hear noted security speakers and authors say "UAC isn't for you", I'd argue yes it is. Because I AM the biggest risk at my firm. I think I know better. I think I can surf safely. I'm even running with scissors at times (Administrator and Domain Admin rights) and I'm not smarter than the bad guys. I'm really not and I'm kidding myself if I think I am.

And the more I think I am smarter than the bad guys, the more at risk my firm is.

And finally, If I turn it off and don't experience it like what I'm asking my end users to do, am I a good administrator by not walking the walk and talking the talk? Experiencing what they are experiencing? If I truly think it's annoying and shut it off, then why am I asking my users to suffer? Isn't my job is to make security choices palatable? I'm not saying that they will love every moment of whatever security choice I make, but it's like the time someone in my office a several years ago, after they'd had a drive by browsing malware scare (of which we were not only a/v protected but patched as well), but regardless, it was the trigger event to not only push me into pushing non administrator on the desktops, but the folks in the office actually WANTED it. It took one 'in their face' example of a wrong google hit to hit home to them how brittle the edge of protection is in a small firm like mine. They understood how easy it was to put client information and data at risk and didn't want to be the cause of it in the office.

Sometimes when people understand the risks better, they make choices that are surprising. In fairness I don't know the impact of running in Standard user mode on Vista 'and' turning off UAC, whether that also disables the IE protected mode (and in fairness I should check for those that argue that Standard mode is the preferred manner of running Vista and then argue that they can counter that by turning off UAC and get a balance) but I like seeing THIS down at the bottom: and for now, UAC is on, not bothering me one bit, and Protected mode is on too.

Posted Sun, Sep 23 2007 23:54 by bradley | 6 comment(s)

Filed under: Security

Hi, my name is Susan and I edit GP right on the domain

You probably heard about Vista sp1 removing the Group policy management console from the OS. http://sdmsoftware.com/blog/2007/08/gpmc_not_part_of_vista_sp1.html

For many years SBS 2003 by default has shipped the GPMC inside the server. I just take it for granted in fact. So when you have Vista machines on your domain in a SBS 2003 box, and the only way you can edit them is to have a Vista machine that has GPMC installed, there's one thing that I'm really looking forward to in the Windows Server 2008 era...that GPMC is just like it was in SBS 2003... it's just up there. Yes, I'll admit it... contrary to best practice I edit the policies right up there ON the DC. Now it's recommended that you build the policy in an 'unenabled' condition, it's also recommended that you ALWAYS build a new group policy rule and not edit an existing rule. You want to know exactly which policies you have added.

But in the SBS 2003 era, I forget the Vista policies are up there.. Windows Server 2008 you can see them up there!

(Yes I'm starting a club for white knuckle Group Policy rule makers for those who edit straight on the DC)

Posted Sun, Sep 23 2007 23:43 by bradley | 2 comment(s)

Filed under: News

Want to watch some videos?

The Technet spotlight site has some cool videos up there -- http://www.microsoft.com/emea/spotlight/

Some from TechEd, some from WinHec, some from ITForum, now while I haven't figured out how I can sync it to my Zune to watch the videos at a later time, it's nice sometimes to see the video of a talk as well as hearing it.

http://www.microsoft.com/emea/spotlight/Steve_Riley_Making_the_Tradeoff_Be_Secure_or_Get_Work_Done.aspx

That's a good one to start with right there....

Posted Sun, Sep 23 2007 23:23 by bradley | with no comments

Filed under: Security

So do something!

http://www.thepizzafarm.com/

Yesterday I attended a firm picnic for my sister's office and went to the Cobb Ranch where there's a "Pizza Farm". You can read about the history of the Pizza Farm here on this page -- http://www.thepizzafarm.com/m-thepizzafarm.cfm. But bottom line someone challenged him to “Why don’t you quit complaining and do something about it!”.

So are you doing something about "it"?

Why not? And if you happen to be in the Fresno/Madera area, check out the Corn Maze opening up next weekend -- http://www.cobbranch.com/

Posted Sun, Sep 23 2007 23:06 by bradley | 1 comment(s)

Filed under: News

Vlad's blowing up Dallas

http://www.vladville.com/2007/09/just-about-24-hours-away-from-the-big-bang.html

Yoda will be offline tonight as Vlad blows up Dallas.

Since Yoda is only located in Dallas with no other redudant location (there is after all only one Yoda), but not to worry he'll be back on before you know it.

Posted Sat, Sep 22 2007 11:05 by bradley | with no comments

Filed under: News

The Official SBS Blog : Severity of SBS 2003 Update 936594 Raised:

The Official SBS Blog : Severity of SBS 2003 Update 936594 Raised:
http://blogs.technet.com/sbs/archive/2007/09/21/severity-of-sbs-2003-update-936594-raised.aspx

Today's SBS blog moment brought to you by Justin Crosby

Yeah .. I know.. two blog logos in one night...just another sign that the SBS blog kicks the butt of the Windows Server blog all the time...

Posted Fri, Sep 21 2007 21:04 by bradley | with no comments

Filed under: SBS Blog

The Official SBS Blog : New Windows Small Business Server 2003 R2 Update:

The Official SBS Blog : New Windows Small Business Server 2003 R2 Update:
http://blogs.technet.com/sbs/archive/2007/09/21/new-windows-small-business-server-2003-r2-update.aspx

Today's SBS moment brought to you by Damian Leibaschoff

Posted Fri, Sep 21 2007 21:02 by bradley | with no comments

Filed under: SBS Blog

Wonder if they make one in an earring version?

When I travel I normally don't take my car keys with me. So one of the decisions I made was to not put the www.ScorpionSoft.com AuthAnvil's cryptocard token on my key ring, because when I'm traveling and need the protection most, I don't want to leave the cryptocard at home.

Keep in mind the little things about deployment when you add such things to your clients' networks.

.... I wonder if they have a version that I can wear as earrings? I always wear those ;-)

Posted Fri, Sep 21 2007 20:51 by bradley | with no comments

Filed under: Security

THE OFFICIAL BLOG OF THE SBS DIVA

Search

Tags

News

Community

Syndication

Archives

Sharepoint

Exchange

Security

Microsoft Downloads

SBS - Blogs

ISA Server

SBS Team Blogs

Interesting Small Business Blogs

SBS - CRM

Interesting People I know

Patches