Most of these tips are very basic. But we all need to start somewhere.

The initial settings that you should make to get Active Directory secure for your network before you dive into setting up the entire structure.

1.Create an Administrative Account for Yourself
2.Set a Complex and Long Password for the Administrator Account

Top 10 Security Settings to make directly after Installing Active Directory

Popularity: 1% [?]

Related posts

• Non-Admin Issues
• Microsoft Standard User Analyzer
• Four quick links
• Five command line tools to detect Windows hacks
• Best Practice Tips for Windows Server 2003 Cluster Service (MSCS)

wow, I’ve never even heard of wmic or openfiles as command line tools. Nice article.

Let’s face it, Windows machines get hacked, and in some environments it happens a lot. Fortunately, Microsoft has built numerous tools into Windows so administrators and power users can analyze a machine to determine whether it’s been compromised

Five command line tools to detect Windows hacks : Information Security Expert Tips

Popularity: 3% [?]

Related posts

• Top 10 Security Settings to make directly after Installing Active Directory
• Four quick links
• Securing XP for the small or medium sized business
• Non-Admin Issues
• Movable Type 3.16 released

This is a great write up about a sweet tool from sysinternals. I guess I still prefer a way to change the password via startup script, just so I know I get every machine. Plus we’ve changed the name of most of the local admin accounts, so I’ll have to run multiple versions of this command.

Changing local admin password?

I just find a good method to change the local admin password of client PC remotely from MCPMAG. By using this method, you don’t need to put the new password in script in order to make it work. You may reference this:

SysInternals offers a free too called PsPasswd
http://www.sysinternals.com/Utilities/PsPasswd.html , which
allows you to remotely reset passwords on a range of computers
on your network. The tool will also report successes and
failures of changed passwords, and allows you to run a single
command against a list of computers. Since the password is just
included within the syntax of a command that you run, it will
never be stored as plain text in a batch or script file.
To use PsPasswd, you’ll first need a list of all computers in
your domain. To enumerate all computer objects in a domain,
you could run this script:
LogFile = "C:\computers.txt"
Const ForWriting = 2
Const ADS_SCOPE_SUBTREE = 2
Set objConnection = CreateObject("ADODB.Connection")
Set objCommand = CreateObject("ADODB.Command")
objConnection.Provider = "ADsDSOObject"
objConnection.Open "Active Directory Provider"
Set objCOmmand.ActiveConnection = objConnection
objCommand.CommandText = _
   "Select Name, Location from ‘LDAP://DC=mcpmag,DC=com’ " _
   & "Where objectClass=’computer’"
objCommand.Properties("Page Size") = 1000
objCommand.Properties("Searchscope") = ADS_SCOPE_SUBTREE
Set objRecordSet = objCommand.Execute
objRecordSet.MoveFirst
Set objFSO =
CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.CreateTextFile(LogFile, ForWriting)
Do Until objRecordSet.EOF
   objFile.WriteLine objRecordSet.Fields("Name").Value
   objRecordSet.MoveNext
Loop
Note that the script will output to a file named "computers.txt"
on the C drive. This could be changed by editing the LogFile
variable assignment in the first line of the script. Note that
in your environment, you will also need to change the domain
referenced in line 12. In my example, I use mcpmag.com
(DC=mcpmag,DC=com).
Once you have a list of all computers, you can then run
pspasswd.exe to change the local administrator password on
all systems in the list. Here’s the syntax that I used on my
test network:
pspasswd.exe @c:\computers.txt administrator P@ssword!
Following the @ symbol in the command syntax is the path to
the file containing all computer names. The next part of the
syntax is the name of the account whose password will be
changed, followed by the new password (P@ssword!).
Now here is the output that was generated from the command:
PsPasswd v1.21 - Local and remote password changer
Copyright (C) 2003-2004 Mark Russinovich
Sysinternals - www.sysinternals.com
\\PC1:
Error changing password:
The network path was not found.
\\BSODME:
Password for BSODME\administrator successfully changed.
Since the output will list both success and failures, you will
be able to note the systems in which the password was not
successfully changed. In my case, the system named PC1 was not
located. So I would have to ensure that PC1 was online and then
run the command a second time. (Note that PsPasswd can also be
run against a single computer.) Since the command relies on UNC
paths to connect to systems, you will need to ensure that the
target systems have File and Print Sharing enabled and that File
and Print Sharing is not being blocked by the system’s firewall.
By default, the Windows XP Pro SP2 firewall does not allow File
and Print sharing. However, this can be quickly changed via
Group Policy.
As you can see, with a simple list of computers on your network,
remotely changing the local administrator password using PsPasswd
is a relatively painless process.

Changing local admin password?
Richard
Fri, 31 Aug 2007 10:28:00 GMT

Popularity: 3% [?]

Related posts

• Top 10 Security Settings to make directly after Installing Active Directory
• Microsoft Standard User Analyzer
• Five command line tools to detect Windows hacks
• Twitter Updates for 2007-09-26
• Significant Group Policy Announcement by MS

• BenwayNet: How can I Remove Backgrounds From A Picture Quickly in Photoshop?: I’m just .. http://tinyurl.com/2hr6zo #
• BenwayNet: Links for 2007-09-25 [del.icio.us]:
  tlbox - System Administration Tools http://tinyurl.com/38wyd5 #
• 2nd day of vwmare training. Today’s topic Security #

Powered by Twitter Tools.

Popularity: 2% [?]

Related posts

• Twitter Updates for 2007-10-04
• Twitter Updates for 2008-02-23
• Twitter Updates for 2008-02-19
• Twitter Updates for 2008-02-15
• Twitter Updates for 2008-02-12

 you should setup this script as a scheduled job to run after hours.

I’m going to start sharing some useful scripts that I use to automate many processes. Most of the ones I will share, I have gathered from the Internet and edited. Who knows just what I will share, but I can guarantee they can help you out with many system admin tasks!

The first one I will share is a Defragment script I have implemented to run every day on many of the XP workstations I manage. Defragmentation is a big problem if not taken care of every once in a while.

What is defragmentation? When a file is saved to the hard drive, it tries to keep everything in the same location (or cluster) Over the course of time files will be deleted, leaving blank areas between files. If you install another large program, the hard drive tries to fill the holes, thus breaking up the program storage block. This effects your system performance by as much as 200% since programs have to access more areas of the hard drive, just to run.

The script I will show below is based on a threshold of fragmentation. A drive will be defragmented only if it’s fragmentation percentage is determined to be equal to or greater than the FragThreshold value. You can edit to whatever you want.

REQUIREMENTS: The script has to be executed locally on only XP or Server 2003 systems and under account with permissions to defragment local fixed drives.

Defrag All Drives

Source: Windows Admin Script: Defrag Drives Based on Threshold
Originally published on Sun, 22 Apr 2007 00:05:08 GMT by bcarderma

Popularity: 3% [?]

Related posts

• Four quick links
• Help Make Blogs More Visible!
• Twitter Updates for 2007-09-14
• Twitter Updates for 2007-09-04
• Retro-Rant: Pregnant Youth

Overview

The Standard User Analyzer
helps developers and IT professionals diagnose issues that would prevent a
program from running properly without administrator privileges. On Windows
Vista, even administrators run most programs with standard user privileges by
default, so it is important to ensure that your application does not have
administrator access as a dependency.

Using the Standard User Analyzer to
test your application can identify the following administrator dependencies and
return the results in a graphical interface:

* File access
* Registry
access
* INI files
* Token issues
* Security privileges
* Name
space issues
* Other issues

This tool also complements the
Application Compatibility Toolkit (ACT) 5.0. ACT 5.0 will include a User Account
Control agent that you can deploy to user desktops to identify applications that
require administer privileges. The Standard User Analyzer is designed to be run
on the developer or tester’s workstation to test and troubleshoot a specific
application. Issues identified with the Standard User Analyzer can also be
entered into you ACT 5.0 database so you can track the application compatibility
across your environment.

Continue to this article at Bink.nu

[Via Bink.nu]

Popularity: 2% [?]

Related posts

• Windows Admin Script: Defrag Drives Based on Threshold
• Movable Type 3.16 released
• Four quick links
• What a week
• Top 10 Security Settings to make directly after Installing Active Directory

I’ve been searching for a way to allow a non-admin on Windows XP to change the network settings (IP address,subnet,gateway,dns,etc)
Well I was search for a solution I found this blog posting about a nice little script that will make a user an admin, start a new process with admin rights, then remove the user from the admin group. Its using runas, so to be really usefull I need to find a way to script in the admin password (encrypted)

Also I still have not been able to find a way to have a non-admin user change network settings. If you found a way, please let me know.

Thanks,jb

Popularity: 1% [?]

Related posts

• Words that a network admin would like to see banned
• Windows Admin Script: Defrag Drives Based on Threshold
• Top 10 Security Settings to make directly after Installing Active Directory
• REVIEW: Google Talk
• Movable Type 3.16 released

Wednesday morning 5am, I get a call that nothing it working at work. On my drive in I call our desktop support person to see what he can access….Nothing. The server room is dark. Not good.
We had storms Tuesday night, but we have a huge UPS and a generator…..yah…

I get into work, into the server room…The UPS is off!!! it has power its just off…..Once I turn it on.. all the servers and network equipment power up. I spend the rest of the morning cleaning up errors from the equipment going down hard.

Now I need to findout why the UPS was off. We call the vendor in and all they can do is gather logs and get back to me.
[Read more →]

Popularity: 2% [?]

Related posts

• Lost the backplane
• Dear Mr. Ex President Clinton
• Words that a network admin would like to see banned
• Movable Type 3.16 released
• Four quick links

Randy points out another media blunder. The media is so against Bush, that they will pin anything on him.

NeoWin: In their second major ruling on Monday, the U.S. Supreme Court reversed a federal court verdict that would have required cable companies to open up their networks to third party Internet service providers. The decision will severely limit broadband operations for competing ISPs such as Brand X and EarthLink.

The Bush administration has made it clear that they are hostile toward small, independent service providers like us. And we think that is a big disaster for consumers, and a huge win for the monopolistic phone and cable companies, which spend millions of dollars on lobbying efforts, said Jim Tickrell, president of Brand X Internet.

While I’m not disputing that this is a blow for consumers or that the Bush administration might be hostile towards… well… anyone these days, I wonder how is that a factor here at all?

The Supreme Court is independent of the President. In fact, one of the sole reasons why they exist is to piss off the President: they are the biggest check of the checks and balances system. There’s no way in hell that the Bush administration should be part of this conversation - and if they are influencing the court, there’s a bigger problem than cable systems in D.C. Besides… none of the sitting Justices were put there by Bush Jr. - I think two or three were from Clinton and the rest from Bush Sr. or dare I say one or two from Reagan?

I mean honestly: if you fight your own battle properly shut the hell up already.

[Via RandyRants.com]

Popularity: 2% [?]

Related posts

• Dear Mr. Ex President Clinton
• Lost the backplane
• long week
• Words that a network admin would like to see banned
• Windows Admin Script: Defrag Drives Based on Threshold

So true

Most of the time I’m a patient person, and then there are those days when a few words sprinkled here and there just kinda annoy me…..

“It always takes ten minutes to open my Outlook.“

I’ll get a stop watch.. I’ll bet you

• It’s not ten minutes


• It’s not always

“My machine always does that“

Again, let me get a program that watches every keystroke and I’ll bet you

• It’s not always

“My machine is extremely slow“

Why is it that the people with the fastest machines in the office, always think there’s is the slowest?  What’s up with that?

• No, it’s not always

There are times when issues are caused by computers and technology and tcp/ip packets and …well whatever… and then there are those times when… let’s just say it’s not always caused by computers, shall we?

• No, it is indeed not always caused by computers

[Via E-Bitz - SBS MVP the Official Blog of the SBS “Diva”]

Popularity: 1% [?]

Related posts

• MS PowerToys Blog
• SBS Stuff
• FireFox Extensions
• Windows Admin Script: Defrag Drives Based on Threshold
• When Will People Learn?