Skip to main content

Posts

Showing posts from November, 2006

mom: maintenance mode hta

in other words, a gui. matt broadstock was kind enough to notify us about this utility on the msmom list. it's a 1.0 version so there are plenty of things to improve, but this makes changing maintenance mode en masse a very simple task. check it out. it's labeled mom maintenance mode utility gui. send up your feedback.

ds: dumping all dns records

i've linked an interesting article on dumping out dns records. the one requirement is that zone transfers has to be turned on for the receiving client. in this case, it'd be your workstation... what fun. here are the steps, in short: nslookupset type=anyls -d domain.com > mydnsrecords.txt exitread the full article if you want the details... :T or try this method with dnscmd.exe.

sms: itmu v3 installation failure

run into this error code with itmu v3? error code: 0x80004005this is because in order to successfully complete the install, you've got to rdp to the console session. as a reminder, in order to do this, from a run line type the following: mstsc /v: /console(by the way, the issue has been corrected in the newest bits. :)

os: time sync information

UPDATE: added some information regarding syncing to non-windows time sources.i hate dealing with time synchronization. the tools for windows are so hokey. you know, little nuances like deprecating net time in favor of w32tm just doesn't get enough press. oh well. recently, i had to look through this stuff again. i decided i'd write up a little blog note as a reminder for myself the next time i have to look at this stuff. to start off with, very useful links. how to turn on debug logging in the windows time service
how to configure an authoritative time server in windows server 2003
windows time server and internet communication
time synchronization may not succeed when you try to synchronize with a non-windows ntp server in windows server 2003... and now, some very useful commands:setting a time sync source:w32tm /config /update /manualpeerlist:time.nist.gov time.windows.com /syncfromflags:MANUAL verifying the settings:w32tm /dumpreg /subkey:parameters ... following the commands ab…

mom/sms: a couple of interesting articles...

i thought i'd point out a couple of interesting articles since the problem seems to surface on some of the listmail subscriptions i'm a part of. the first one is the neverending question... why do the active directory and exchange helper objects get installed on machines that aren't domain controllers or exchange servers? it's simple. the push installation does it automatically. here's the article that goes into detail about the asinine method to avoid this (manual installations or remove through arp). i included this one because it was something one of my coworkers discovered with microsoft (russ slaten to be exact). he's published a blog entry on it. here's the official article, however. basically it details how to get around (scripted or otherwise) the problem when you try to import a report, and it mercilessly tacks your cpu. basically the import object wizard can't handle large sql queries. :)

mom: securevantage directory services management pack

you're probably quite familiar w/ securevantage by now. if you don't, they produce management packs focused on security. it works right in mom... and is pretty wicked stuff. anyway, they offer a free directory services mp which does some basic functionality. if you don't have it, check it out... anyway, the really cool part is they mention me in the management pack description! nice! here's a snippet: Management PackPurposeThe Directory Services Controls MP (DCMP) provides low-level auditing for all types of objects in Active Directory. Directory Services events not only identify the object that was accessed and by whom but also document exactly which object properties were accessed.FeaturesThe Secure Vantage DSMP provides detailed OU auditing on user, group, gpContainer, dnsDomain and organizational units. The MP provides base event collection, control alerting, operational views, a forensic analysis report and KB content from Microsoft Security MVP Rand…

mom: evaluate all criteria

ever wonder how to get an event rule to evaluate all of the criteria that you specify? add this as part of the criteria set:
Message DLL - matches wildcard - *
make sure this goes to the top of the list (or second to the top anyway).