The Consolidated B&EC "Quick Question" Thread.

Discussion in 'Business & Enterprise Computing' started by looktall, Jun 6, 2015.

  1. mr626

    mr626 Member

    Joined:
    Jul 17, 2011
    Messages:
    2,746
    So I'm in the midst of refreshing one of our print servers. 2012r2 with the Print Management role added.

    Can I use Type 4 printer drivers if I have Windows 7 hosts needing to access the printers? Or am I stuck with Type 3, separate x86 and x64 drivers etc (unfortunately I have plenty of Windows 7 x86 machines to support).

    Edit: I swear, as soon as I post here I find what I'm looking for:

    https://blog.thinprint.com/the-new-microsoft-v4-printer-driver-model/

    So if I'm reading that right, the point and print compatibility driver should work for my Windows 7 clients?
     
    Last edited: Sep 28, 2017
  2. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,286
    Fucking with Offline Roaming Profiles.

    Users have roaming profiles stored in \\server\profiles$\username

    I need to make a global change to a HKCU registry entry.

    If I load ntuser.dat and modify it, then unmount and login as a user... I end up with a corrupt profile.

    I can't just script it to happen at login, because some of these users won't login for 6 months or more, and we need it to be free and clear well before then.

    Any tips for modifying roaming profiles without fucking them?
     
  3. GreyWolfe01

    GreyWolfe01 Member

    Joined:
    Aug 1, 2001
    Messages:
    2,321
    Location:
    Sydney, Australia
    Serious question for peeps.

    Being asked to integrate SSO for one of our apps, based around SAML 2.0 spec.

    As the vendor who's product utilises several internal roles to manage permissions, how do you manage roles around SSO? Do you configure the indentify provider or AD to pass through roles (requiring the Ad team to manage application roles)? Or do you simply log everyone on initially as a base user role, then require the application managers to assign further roles once the users have been 'seen' once?

    Open to any opinions here.
     
  4. cvidler

    cvidler Member

    Joined:
    Jun 29, 2001
    Messages:
    14,151
    Location:
    Canberra
    technically, depends if the app will accept groups/roles being passed to it.

    logically, if you can have AD do all that. one place to manage roles is far better than multiple, and keeping them in sync, auditing them etc.
     
  5. GreyWolfe01

    GreyWolfe01 Member

    Joined:
    Aug 1, 2001
    Messages:
    2,321
    Location:
    Sydney, Australia
    Logically yes, but since when does an AD team have time to manage roles for a third party application? That's the part I'm worried about.
     
  6. cvidler

    cvidler Member

    Joined:
    Jun 29, 2001
    Messages:
    14,151
    Location:
    Canberra
    :confused:
    create AD groups to match the roles, give appropriate users access to manage those groups. AD team does nothing (as usual).
     
  7. Doc-of-FC

    Doc-of-FC Member

    Joined:
    Aug 30, 2001
    Messages:
    3,379
    Location:
    Canberra
    :)

    albeit slightly out of scope for most SMBs
     
  8. m0n4g3

    m0n4g3 Member

    Joined:
    Aug 5, 2009
    Messages:
    3,701
    Location:
    Perth, WA
    i take it you have done the below? This is just from a quick google search haven't tested.

    # Load ntuser.dat
    reg load HKU\Vincent C:\users\vincent\NTUSER.DAT
    # Create a new key, close the handle, and trigger garbage collection
    $result = New-Item -Path 'Registry::HKEY_USERS\Vincent\Software\FancyStuff'
    $result.Handle.Close()
    [gc]::Collect()
    #Unload ntuser.dat
    reg unload HKU\Vincent

    PS: this is from here: https://www.pdq.com/blog/modifying-the-registry-of-another-user/
     
    Last edited: Sep 29, 2017
  9. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,286
    yeah, it fooks it.
     
  10. AzonIc

    AzonIc Member

    Joined:
    Jan 7, 2002
    Messages:
    1,373
    Location:
    Adelaide
    has anyone ever seen Outlook [2016 if it matters] automatically change a distribution list to the expanded list of members without the user manually choosing to click the + symbol

    Got an EA who's had some problems emailing a dl and some members not getting it. Closer investigation shows that problem has been occuring when the email has been sent to the expanded list instead of the actual DL, and some of the members are hidden so get removed when it's expanded. When the actual DL is used no problem.

    EA claims it's not them doing it.. IT has some doubts
     
  11. pantner

    pantner Member

    Joined:
    Aug 31, 2004
    Messages:
    2,248
    Location:
    Perth, WA
    got a e-mail size restriction on the DL? Are they expanding it to get around that? That's what ours do...
     
  12. AzonIc

    AzonIc Member

    Joined:
    Jan 7, 2002
    Messages:
    1,373
    Location:
    Adelaide
    Nope & they claim to not be expanding it manually.. but they got very pissy when we worked out that was the cause of the issue, before we even asked if they were doing it
     
  13. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    14,286
    DL from Address book? or DL they've setup in Outlook with the same name :).
     
  14. AzonIc

    AzonIc Member

    Joined:
    Jan 7, 2002
    Messages:
    1,373
    Location:
    Adelaide
    From the GAL
     
  15. 7nothing

    7nothing Member

    Joined:
    Feb 15, 2002
    Messages:
    1,531
    Location:
    Brisbane
    Just politely explain to them that lying to you is not in their best interests.

    Rip that band-aid off and stop putting up with (presumably) her bullshit.
     
  16. TehCamel

    TehCamel Member

    Joined:
    Oct 8, 2006
    Messages:
    4,183
    Location:
    Melbourne
    USMT Help

    Customer has an SBS 2003 domain, with 5 users/computers.
    Building a new domain is far easier so going to 2016 but I'm trying to automate moving profiles. The old and new domains have tthe same name (company.local)

    would I be accurate here with usmt?

    1. To capture the current profile on the current computer:
    Code:
    net use U: \\server\usmt
    scanstate U:\Store\%user% /ue:*\* /ui:dom\%user% /O /v:13 /i:miguser.xml /i:migapp.xml /i:migdocs.xml 
    
    then, once the computer has departed the old domain and joined the new one:

    Code:
    net use U: \\server\usmt
    loadstate U:\store\%user%/i:migapp.xml /i:migdocs.xml /i:miguser.xml /mu:olddomain.local\%user%:newdomain.local\%user% /v:1 
    
    I'm worried it will throw a tantrum due to having the same domain name..

    I mean.. sure, it's 5 computers.. I could run around and use easytransfer on each computer
    but i'd much rather schedule this to occur on Friday and copy several hundred gigs over their 100Mb network on the weekend, then remotely reconnect everything and have it just work on mondya, then go in and do it all manually
     
    Last edited: Oct 5, 2017
  17. 7nothing

    7nothing Member

    Joined:
    Feb 15, 2002
    Messages:
    1,531
    Location:
    Brisbane
    Why USMT to network? Use local disk, makes hardlinks, should be much quicker.

    If you're keeping same username format, rename old profiles before first logon on new domain, have had Outlook spazz with OST after cross domain migration where new profiles were created as username.DOMAIN since plain c:\users\username already existed (I assume USMT hardlinks will tolerate the rename)
     
  18. TehCamel

    TehCamel Member

    Joined:
    Oct 8, 2006
    Messages:
    4,183
    Location:
    Melbourne
    yea, i thought of using local already and amended my script a bit, thanks
     
  19. KDog

    KDog Member

    Joined:
    Jan 9, 2002
    Messages:
    263
    Location:
    ACT
    How do you find info about Business fibre plans? Telstra has fibre going to two of our buildings. I can't find any info on ISPs who can use this fibre or plans/contracts. Had a chat with an Optus rep who verified that Telstra had fibre to the buildings but he wouldn't send me any information or links on actual plans etc.

    Does anyone know where to find info about this or which ISPs can give me 100/100mbs lines?
     
  20. cvidler

    cvidler Member

    Joined:
    Jun 29, 2001
    Messages:
    14,151
    Location:
    Canberra
    If it's telstra fibre you'll have the choice of telstra, telstra or telstra.
     

Share This Page

Advertisement: