Microsoft Servers with Mcafee SIEM auditing settings

Similar Messages

• Microsoft Server with Mcafee SIEM auditing settings

  Hi,
  Recently we have implemented Mcafee Enterprise security Manager SIEM
  To collect all events and logs from all network, servers, event viewer and other logs.
  I'm looking for what exact configurations should be made on Microsoft servers to enable audit, loggings to be collected by SIEM.
  Shall Microsoft has standard on that or recommendation for each application if I monitor this application and need to get the maximum logs what configurations should be made in this app. To get that
  I did some research but I didn't get clear or complete answer for that
  Servers list I've:
  Exchange 2010 highly available
  Active directory 2008 / 2012
  SQL server 2008 / 2012
  Hyper-V Servers 2010 / 2012
  SharePoint Server 2010
  DNS servers 2008
  DHCP servers 2008
  Thanks

  These ones may help. For more info I'd ask in a TechNet/MSDN forum for that specific technology.
  https://technet.microsoft.com/en-us/library/dd335144(v=exchg.150).aspx
  https://technet.microsoft.com/en-us/library/dn487457.aspx
  https://technet.microsoft.com/en-us/library/cc280505(v=sql.105).aspx
  https://support.office.microsoft.com/en-us/article/Configure-audit-settings-for-a-site-collection-a9920c97-38c0-44f2-8bcb-4cf1e2ae22d2?CorrelationId=a54f4b90-d3d3-48b1-8d19-8dfaa268e835&ui=en-US&rs=en-US&ad=US
  http://blogs.technet.com/b/yuridiogenes/archive/2008/03/06/auditing-a-dns-zone.aspx
  https://technet.microsoft.com/en-us/library/cc758251(v=ws.10).aspx
  Regards, Dave Patrick ....
  Microsoft Certified Professional
  Microsoft MVP [Windows]
  Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

• Support configuring PlayBook on a Microsoft VPN with default settings

  We have a Microsoft VPN running at work. I can connect to it from any Windows 7 PC with the default VPN settings. How can I configure the PlayBook to connect to the VPN. I have had no success after trying various settings.

  Can anyone shed some insight into the correct settings - I too am attempting to get a VPN operational against a standard Microsoft Server VPN.
  Is there something that I need to be able to ask IT ? where should I look ?
  When I configure a new win 7 laptop all I need is the URL of the VPN server...

• Command to set modify Advanced Security Settings (Audit Settings for folders) on windows 2008

  Hello,
  We have requirement to modify  Advanced Security Settings (Audit Settings for folders) on windows 2008. I am looking for a command which does this job.
  I know, using group policies I can do this; in fact I had done this using group policies. However, I need to do this on number of servers which are not in domain. There are around 15 folders on which I need to enable Auditing; manual editing folder advanced
  permissions is a cumbersome job. Hence, I am looking for a command line options.
  I need to know how command can be utilised to enable Audit option on a folder. Please share a command which can do this; once I get the command, I will create a batch file for other necessary folders. (BTW, this is not a scripting question, I just need to
  know the command hence, please do not re-direct me to scripting forum)
  Manually through GUI, I am setting following.. snaps are given below
  Thanks !

  You can try using Auditpol.exe: http://technet.microsoft.com/en-us/library/cc731451%28v=ws.10%29.aspx
  This
  posting is provided "AS IS" with no warranties or guarantees , and confers no rights.   
  Microsoft
  Student Partner 2010 / 2011
  Microsoft
  Certified Professional
  Microsoft
  Certified Systems Administrator: Security
  Microsoft
  Certified Systems Engineer: Security
  Microsoft
  Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration
  Microsoft
  Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
  Microsoft
  Certified Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
  Microsoft
  Certified Technology Specialist: Windows 7, Configuring
  Microsoft
  Certified Technology Specialist: Designing and Providing Volume Licensing Solutions to Large Organizations
  Microsoft Certified IT Professional: Enterprise Administrator
  Microsoft Certified IT Professional: Server Administrator
  Microsoft Certified Trainer
  Thanks but I guess, auditpol ca be used only to manipulate system audit policies. how do I specify a folder and user in auditpol ? I could not find or understand how folder can be included with auditpol command line options.
  Thanks !

• Error at RSOP while trying to set Audit settings via GPO

  Hello,
  i've configured Audit Policy via GPO and when i run RSOP on the server 2008 R2 i get X with the error "the policy engine did not attempt to configure the setting For more
  information, see %windir%\security\logs\winlogon.log on the target machine.
  Please help???

  Hi,
  This problem may occur if the "Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" policy setting is enabled. To resolve this issue, use one of the following methods, as appropriate for your situation.
  Method 1: Disable the policy setting by using Group Policy Object Editor
  Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings
  Method 2: Disable the policy setting by using Registry Editor
  Note: Please backup the registry key before modify.
  1.Locate and then click the following registry subkey:
  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA
  2.Right-click SCENoApplyLegacyAuditPolicy, and then click Modify.
  3.Type 0 in the Value data box, and then click OK.
  Restart the computer after you make the change.
  For more information, please refer to:
  Security auditing settings are not applied to Windows Vista-based and Window Server 2008-based computers when you deploy a domain-based policy
  http://support.microsoft.com/kb/921468/en-us
  RSOP: the policy engine did not attempt to configure the setting
  http://social.technet.microsoft.com/Forums/en-AU/winserverGP/thread/fde42cfc-bb74-4e11-8b60-c1a3cb5d80ed
  If the problem still continues, please check the %windir%\security\logs\winlogon.log and reply the information in this log.
  Regards,
  Bruce

• Cannot open your default e-mail folders. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost)

  Fresh installation of Exchange Server 2013 on Windows Server 2012.
  Our first test account cannot access their email via Outlook but can access fine through OWA. The following message appears - "Cannot open your default e-mail folders. You must connect to Microsoft Exchange with the current profile before you can synchronize
  your folders with your Outlook data file (.ost)" is displayed.
  If I turn off cached Exchange mode, setting the email account to not
  cache does not resolve the issue and i get a new error message - "Cannot open your default e-mail folders. The file (path\profile name).ost is not an Outlook data file (.ost). Very odd since it creates its own .ost file when you run it for the first
  time.
  I cleared the appdata local Outlook folder and I tested on a new laptop that has never connected to Outlook, same error message on any system.
  Microsoft Exchange RPC Client Access service is running.
  No warning, error or critical messages in the eventlog, it's like the healthiest server alive.
  Any help would be greatly appreciated. I haven't encountered this issue with previous versions of Exchange.

  So it looks like a lot of people are having this issue and seeing how Exchange 2013 is still new (relatively to the world) there isn't much data around to answer this. I've spend ALOT of time trying to figure this out.
  Here is the answer. :) - No I don't know all but I'm going to try to give you the most reasonable answer to this issue, in a most logical way.
  First thing I did when I was troubleshooting this issue is that I ignored Martina Miskovic's suggestion for Step4 http://technet.microsoft.com/library/jj218640(EXCHG.150)because it didn't make sense to me because I was trying to connect
  Outlook not outside the LAN but actually inside. However, Martina's suggestion does fix the issue if it's applied in the correct context.
  This is where the plot thickens (it's stew). She failed to mention that things like SSL (which I configure practically useless - anyone who ever worked in a business environment where the owner pretty much trusts anyone in the company, otherwise they don't
  work there - very good business practice in my eyes btw, can confirm that...) are some sort of fetish with Microsoft lately. Exchange 2013 was no exception.
  In exchange 2003, exchange 2007 and exchange 2010 - you could install it and then go to outlook and set it up. And when outlook manual Microsoft Exchange profile would ask you for server name, you would give it and give the name of the person who you setting
  up - as long as machine is on the domain, not much more is needed. IT JUST WORKS! :) What a concept, if the person already on premises of the business - GIVE HIM ACCESS. I guess that was too logical for Microsoft. Now if you're off premises you can use things
  like OutlookAnywhere - which I might add had their place under that scenario.
  In Exchange 2013, the world changed. Ofcourse Microsoft doesn't feel like telling it in a plain english to people - I'm sure there is an article somewhere but I didn't find it. Exchange 2013 does not support direct configuration of Outlook like all of it's
  previous versions. Did you jaw drop? Mine did when I realized it. So now when you are asked for your server name in manual outlook set up and you give it Exchange2013.yourdomain.local - it says cannot connect to it. This happens because ALL - INTERNAL AND
  EXTERNAL connection are now handled via OutlookAnywhere. You can't even disable that feature and have it function the reasonable way.
  So now the question still remains - how do you configure outlook. Well under server properties there is this nice section called Outlook anywhere. You have a chance to configure it's External and Internal address. This is another thing that should be logical
  but it didn't work that way for me. When I configured the external address different from the internal - it didn't work. So I strongly suggest you get it working with the same internal address first and then ponder how you want to make it work for the outside
  users.
  Now that you have this set up you have to go to virtual directories and configure the external and internal address there - this is actually what the Step 4 that Martina was refering to has you do.
  Both external and internal address are now the same and you think you can configure your outlook manually - think again. One of the most lovely features of Outlook Anywhere, and the reason why I had never used it in the past is that it requires a TRUSTED
  certificate.
  See so it's not that exchange 2013 requires a trusted certificate - it's that exchange 2013 lacks the feature that was there since Windows 2000 and Exchange 5.5.
  So it's time for you to install an Active Direction Certificate Authority. Refer to this wonderful article for exact steps - http://careexchange.in/how-to-install-certificate-authority-on-windows-server-2012/
  Now even after you do that - it won't work because you have to add the base private key certificate, which you can download now from your internal certsrv site, to Default Domain Policy (AND yes some people claim NEVER mess with the Default Domain Policy,
  always make an addition one... it's up to you - I don't see direct harm if you know what you want to accomplish) see this: http://technet.microsoft.com/en-us/library/cc738131%28v=ws.10%29.aspx if you want to know exact steps.
  This is the moment of ZEN! :) Do you feel the excitement? After all it is your first time. Before we get too excited lets first request and then install the certificate to actual Exchange via the gui and assign it to all the services you can (IIS, SMTP and
  there is a 3rd - I forgot, but you get the idea).
  Now go to your client machine where you have the outlook open, browse to your exchange server via https://exchang2013/ in IE and if you don't get any certificate errors - it's good. If you do run on hte client and the server: gpupdate /force This will refresh
  the policy. Don't try to manually install the certificate from Exchange's website on the client. If you wanna do something manually to it to the base certificate from the private key but if you added it to the domain policy you shouldn't have to do it.
  Basically the idea is to make sure you have CA and that CA allows you to browse to exchange and you get no cert error and you can look at the cert and see that's from a domain CA.
  NOW, you can configure your outlook. EASY grasshoppa - not the manual way. WHY? Cause the automatic way will now work. :) Let it discover that exachange and populate it all - and tell you I'm happy! :)
  Open Outlook - BOOM! It works... Was it as good for you as it was for me?
  You may ask, why can't I just configure it by manual - you CAN. It's just a nightmare. Go ahead and open the settings of the account that got auto configed... How do you like that server name? It should read something like [email protected]
  and if you go to advanced and then connection tab - you'll see Outlook Anywhere is checked as well. Look at the settings - there is the name of the server, FQDN I might add. It's there in 2 places and one has that Mtdd-something:Exchange2013.yourdomain.local.
  So what is that GUID in the server name and where does it come from. It's the identity of the user's mailbox so for every user that setting will be different but you can figure it out via the console on the Exchange server itself - if you wish.
  Also a note, if your SSL certs have any trouble - it will just act like outlook can't connect to the exchange server even though it just declines the connection cause the cert/cert authority is not trusted.
  So in short Outlook Anywhere is EVERYWHERE! And it has barely any gui or config and you just supposed to magically know that kind of generic error messages mean what... Server names are now GUIDs of the [email protected] - THAT MAKES PERFECT
  SENSE MICROSOFT! ...and you have to manage certs... and the only place where you gonna find the name of the server is inside the d*** Outlook Anywhere settings in the config tab, un it's own config button - CAN WE PUT THE CONFIG ANY FURTHER!
  Frustrating beyond reason - that should be Exchange's new slogan...
  Hope this will help people in the future and won't get delete because it's bad PR for Microsoft.
  PS
  ALSO if you want to pick a fight with me about how SSL is more secure... I don't wanna hear it - go somewhere else...

• Cannot Start Microsoft Outlook. Cannot open the Outlook Window. The set fo folders cannot be opened. You must connect to Microsoft Exchange with the current profil

  Cannot Start Microsoft Outlook. Cannot open the Outlook Window. The set fo folders cannot be opened. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost)
  OK. This is a new outlook setup on a laptop. The mail account is on a MS Exchange Server 2010. The user can log on to their laptop no problem with their AD login and password. To setup the outlook profile we have checked the name OK. When we click finish
  and try to start outlook we get the above error message. It is driving me pots as I have tried also of things. I have tried to connect without catching the files. The error message then says that the Exchange Server is down, yet we checked the name OK and
  I can log on to the MS Exchange server and see the setup.
  What else is it that I need to look at as I have tried everything. I will add that they one service I see not running is the Exchange RPC service. If I try to start it, it fails saying Some services stop automatically if they are not in use by other services
  or programs.
  What can I do?

  The major cause of this problem is a corrupted Navigation Pane settings file – profilename.xml, where “profilename” is the name of your Outlook profile. A good sign that the
  file is corrupted is when the size of the file is shown 0 KB. No one knows the precise reason why this takes place, but all versions of Outlook from 2003 to 2013 may get affected.
  Other causes may be when you run Outlook in the compatibility mode, or if you are using a profile generated in an older Outlook version, or if the Outlook data file (.pst or .ost)
  was removed or damaged as the result of faulty uninstallation or reinstallation of MS Outlook.
  Follow the steps given below to resolve this problem
  1. Recover Navigation Pane configuration file
  2. Repair your Outlook PST file using Inbox Repair tool
  3. Create a new Outlook profil and import data from the old PST file
  4. Turn off Compatibility Mode
  5. Start Outlook in Safe Mode
  For more info, you can visit http://www.ablebits.com/office-addins-blog/2013/12/06/cannot-start-microsoft-outlook-solutions/

• Has anyone had issues with McAfee antivirus blocking tethering?

  Hello all - trying to help my mother out with her laptop.
  She has an Iphone 5S, and we tested - when she activates mobile hotspot, other devices can use it - I tried with my tablet & phone and had no issue - but her laptop is not able to connect to it.
  She is running McAfee antivirus on the computer with Windows 7 Ultimate.  In her wireless settings, the laptop can see the hotspot, but when she connects to it and enters the password, she gets a connection failure message and it drops.  I'm thinking she has a case of over-zealous anti-virus software here - thoughts, hints, solutions?

  I don't believe the anti-virus would affect the ability to connect to a wi-fi connection. You might, however, want to check the firewall, and or delete any reference to the network in the computer. Windows will allow you to connect to guest networks as long as they are identified as such. Once you begin the connection process, it asks you to identify the network type, home, public, etc. That will put some protections into place, and that has nothing to do with McAfee. I've never had my McAfee interfere with the connection to any wi-fi network, and I've been around a lot of different ones.

• In which table can I find security audit settings from SM19?

  Hello everybody,
  I'd like to give certain users access to the security audit settings that we defined in SM19. They are supposed to be able to read them but not change anything. I've experimented a bit with SM19 authorizations and figured out that a read-only access to SM19 is possible if I deactivate S_C_FUNCT. The problem is that the aforementioned users already have complete access to S_C_FUNCT and are supposed to keep it. The also have AUDD and AUDA in S_ADMI_FCD. Ergo: If I just add the S_TCODE for SM19 they'd be able to change security audit settings and I don't want to allow that.
  Does anybody know the table where SM19 saves its settings? Maybe I could grant read-only access to that table via SM30 or SE16...
  Looking forward to your answers!
  Kind regards
  Mario

  Hi Mario,
  Restrict  access for table RSAUPROF , It should do!!!
  Regards

• Dell PowerEdge Servers with non-dell storage

  yes I do I have a few 2950's that I run with WD red drives they work fine. moslty that stuff is to keep warranties upheld and to keep repeat customers coming back. its up to you how much you want to deal with. some of the raid functions and raid configurations may not be available if they have custom firmware from Xbyte or require custom firmware installed.personally if the server hardware is past dell's warranty I am using the cheapest most reliable drives I can get my hands on because at that point its on me any way. that also means wiping the PERC controller to default and rolling with default settings and then modifying them to what I need.Then again it goes back to how much responsibility do you want on you for this hardware. if you want as little as possible play by your distributors rules and have little or take it all yourself...

  Hi,
  I am pricing out some refurbished Dell PowerEdge servers primarily from xbyte.com and received feedback from them that they are extremely apprehensive about using non-dell storage in the server due to the custom firmware in the drives themselves. That being said they offer non-dell hard drives with custom xbyte firmware which apparently work... and yet they will still report a non-mission critical error in the manager.
  Does anyone run production servers with 3rd party drives? If it is not recommended to do so, does anyone run the "Xbyte drive firmware" in production servers?
  Thanks!
  This topic first appeared in the Spiceworks Community

• Problem with playback in Audition CC

  Hello everyone,
  im new here and work with Audition CC at the moment..
  now i went into an error or problem that i dont know how to solve.
  Simple as that i have a laptop with a Realtek HD Audio Soundcard and want to play many clips in a multitrack in Audition..
  the thing is, it seems that Audition does not have a problem playing back the whole audio track or bigger parts of it..
  But when i cut the clip into smaller clips and paste them each after one then Audition seems to have playback crackle problems..
  It could be that the latency is not accurate or the bits of the soundcard (currently at 24bit, 48kHz) are not correct..
  I dont know what to do exactly?!
  I tried many things but it didnt come to a conclusion yet..
  this is how the multitrack looks like atm:
  The bigger parts could be played back by Audition, the smaller ones NOT!
  this is how the preferences look like atm:
  Can you help me??
  Thanks in advance,
  MiqJaqqer

  MiqJaqqer wrote:
  4 questions:
  1. can i convert a whole multitrack session to 32bit after working with it is done??
  or is there a driver or sth that supports 32bit for my soundcard?? (im no expert on this area..)
  2. is 24bit so much worse than 32bit?? does it sound differently?
  3. how can i solve it that if i exit Audition without saving any track sometimes doesnt save the standard settings i made before like standard view (bars & beats) or last imported files are all gone! or new multitrack session preferences??? thats soo bad if i have to make the settings all again
  4. can i drag & drop a mp3-file into Audition instead of pressing the Open.. button??
  1 & 2. Generally, unless you've set them otherwise, multitrack sessions will be in 32-bit Floating Point anyway - it's the internal working format. It's the Floating Point bit that's different - this isn't an integer format like 24-bit at all. It is like 24-bit - that's it's basic bit depth, but it goes further than that; the other bits are scaling and sign bits, and it's these that make it far more flexible in production - you virtually can't overload the format, neither can you shrink signals so small that they can't be fully recovered; it's clever! Unfortunately sound devices can't cope with this though, and if you present a massive 32-bit signal to them, then they will overload their outputs and sound dreadful. So, the driver in your sound device interprets the 32-bit signals correctly, converts them to 24 bit internally, because that's how real world signals fed to an A-D converter have to be. It's up to you to get it right. Other than that, there's absolutely no sound difference at all.
  So in production terms, the big advantage of Floating Point signals is that you don't get the loss you'd get from shrinking integer signals too small, and saving them as such, when you'd lose the bit depth for ever.
  3. You have to save your desktop layout as a separate preset, and then you should be able to recall it with all of its settings. If all of your settings are disappearing though, then it's possible that the .xml file that they are being written to is being deleted by something like a system protection system, and then you'll be back to a vanilla system when Audition can't find them (the vanilla files get restored automatically).
  4. I think you can drag and drop MP3 files, yes. They will automatically get converted into whatever the session format is though - Audition can't handle them directly in that format at all.
  HTH

• TS3899 I can receive, but not send emails on iPad. All settings checked several times and with internet provider. imap settings confirmed as ok. Account deleted and set up under guidance of service provider several times - problem not solved - help!!

  I can receive, but not send emails on iPad. All settings checked several times and with internet provider. imap settings confirmed as ok. Account deleted and set up under guidance of service provider several times - problem not solved - help!!

  iOS: Unable to send or receive email
  http://support.apple.com/kb/TS3899
  Can’t Send Emails on iPad – Troubleshooting Steps
  http://ipadhelp.com/ipad-help/ipad-cant-send-emails-troubleshooting-steps/
  Setting up and troubleshooting Mail
  http://www.apple.com/support/ipad/assistant/mail/
  Using a POP account with multiple devices
  http://support.apple.com/kb/ht3228
  iOS: Adding an email account
  http://support.apple.com/kb/HT4810
  iOS: Setting up an Outlook.com, Hotmail, Live, or MSN email account
  http://support.apple.com/kb/ht1694
  iPhone, iPad, iPod touch: Microsoft Outlook 2003, Outlook 2007, Outlook 2010 may not display contacts and calendars after sync
  http://support.apple.com/kb/TS1944
  Server does not allow relaying email error, fix
  http://appletoolbox.com/2012/01/server-does-not-allow-relaying-email-error-fix/
  Why Does My iPad Say "Cannot Connect to Server"?
  http://www.ehow.co.uk/info_8693415_ipad-say-cannot-connect-server.html
  How to Sync Contacts with Your iPad Using iTunes
  http://www.dummies.com/how-to/content/how-to-sync-contacts-with-your-ipad-using- itunes.html
  iOS: 'Mailbox Locked', account is in use on another device, or prompt to re-enter POP3 password
  http://support.apple.com/kb/ts2621
  iCloud: Create a group and add contacts to it
  http://support.apple.com/kb/PH2667
  eMail Groups - You can use a third party app that many users recommend.
  MailShot -  https://itunes.apple.com/us/app/mailshot-pro-group-email-done/id445996226?mt=8
  Group Email  -  https://itunes.apple.com/us/app/mailshot-pro-group-email-done/id445996226?mt=8
  iPad Mail
  http://www.apple.com/support/ipad/mail/
  Configuration problems with IMAP e-mail on iOS with a non-standard SSL port.
  http://colinrobbins.me/2013/02/09/configuration-problems-with-imap-e-mail-on-ios -with-a-non-standard-ssl-port/
  Try this first - Reset the iPad by holding down on the Sleep and Home buttons at the same time for about 10-15 seconds until the Apple Logo appears - ignore the red slider - let go of the buttons. (This is equivalent to rebooting your computer.)
  Or this - Delete the account in Mail and then set it up again. Settings->Mail, Contacts, Calendars -> Accounts   Tap on the Account, then on the red button that says Remove Account.
   Cheers, Tom

• 2 Hyper-V Servers with Failover Cluster and a single File Server and .VHDs stored on a SMB 3 Share

  I have 2 X M600 Dell Blades (100 GB local storage and 2 NICs)  and a Single R720 File Server (2.5 TB local SAS storage and 6 NICs).  I´m planning a Lab/developer enrironment using 2 Hyper-V Servers with Failover Cluster and a single File Server putting
  all  .VHDs stored on a SMB 3 Share on the File Server.
  The ideia is to have a HA solution, live migration, etc, storing the .VHDs onm a SMB 3 share
  \\fileserver\shareforVHDs
  It is possible? How Cluster will understand the
  \\fileserver\shareforVHDs as a cluster disk and offer HA on it?
  Or i´ll have to "re-think" and forget about VHDs on SMb 3 Share and deploy using iSCSI?
  Storage Spaces makes difference in this case?
  All based on wind2012 R2 STD English version

  I have 2 X M600 Dell Blades (100 GB local storage and 2 NICs)  and a Single R720 File Server (2.5 TB local SAS storage and 6 NICs).  I´m planning a Lab/developer enrironment using 2 Hyper-V Servers with Failover Cluster and a single File Server putting
  all  .VHDs stored on a SMB 3 Share on the File Server.
  The ideia is to have a HA solution, live migration, etc, storing the .VHDs onm a SMB 3 share
  \\fileserver\shareforVHDs
  It is possible? How Cluster will understand the
  \\fileserver\shareforVHDs as a cluster disk and offer HA on it?
  Or i´ll have to "re-think" and forget about VHDs on SMb 3 Share and deploy using iSCSI?
  Storage Spaces makes difference in this case?
  All based on wind2012 R2 STD English version
  You can do what you want to do just fine. Hyper-V / Windows Server 2012 R2 can use SMB 3.0 share instead of a block storage (iSCSI/FC/etc). See:
  Deploy Hyper-V over SMB
  http://technet.microsoft.com/en-us/library/jj134187.aspx
  There would be no shared disk and no CSV just SMB 3.0 folder both hypervisor hosts would have access to. Much simplier to use. See:
  Hyper-V recommends SMB or CSV ?
  http://social.technet.microsoft.com/Forums/en-US/d6e06d59-bef3-42ba-82f1-5043713b5552/hyperv-recommends-smb-or-csv-
  You'll have however a limited solution as your single physical server being a file server would be a single point of failure.
  You can use Storage Spaces just fine but you cannot use Clustered Storage Spaces as in this case you'll have to take away your SAS spindles from your R720 box and mount them into SAS JBOD (make sure it's certified). So you get rid of an active components
  (CPU, RAM) and keep more robust all-passive SAS JBOD as your physical shared storage. Better then a single Windows-running server but for a true fault tolerance you'll have to have 3 SAS JBODs. Not exactly cheap :) See:
  Deploy Clustered Storage Spaces
  http://technet.microsoft.com/en-us/library/jj822937.aspx
  Storage Spaces,
  JBODs, and Failover Clustering – A Recipe for Cost-Effective, Highly Available Storage
  http://blogs.technet.com/b/storageserver/archive/2013/10/19/storage-spaces-jbods-and-failover-clustering-a-recipe-for-cost-effective-highly-available-storage.aspx
  Using
  Storage Spaces for Storage Subsystem Performance
  http://msdn.microsoft.com/en-us/library/windows/hardware/dn567634.aspx#enclosure
  Storage
  Spaces FAQ
  https://social.technet.microsoft.com/wiki/contents/articles/11382.storage-spaces-frequently-asked-questions-faq.aspx
  Alternative way would be using Virtual SAN similar to VMware VSAN in this case you can get rid of a physical shared storage @ all and use cheap high capacity SATA spindles (and SATA SSDs!) instead of an expensive SAS.
  Hope this helped :)
  StarWind VSAN [Virtual SAN] clusters Hyper-V without SAS, Fibre Channel, SMB 3.0 or iSCSI, uses Ethernet to mirror internally mounted SATA disks between hosts.

• 2008 R2 SP1 Domain Controllers Local Audit Settings

  Question for the forum -- On a DC should the Audit settings in Local Security Policy (under administration tools) match the Audit settings that are set in the Default Domain Controller
  policy in Active Directory?
  My default domain controller policy has a lot of stuff set for auditing -- when I look at the local policy it shows "No Auditing"  -- I can't change it as I would expect
  When I run RSOP.MSC I see that the DC is getting its auditing settings from the Default Domain Controller Policy.
  When I look at the event log -- I would expect to see more events being logged -- and I don't.  Its logging events in the security log -- but I don't see anything for account management activities where it set to success & failure
  in the default domain controller security policy.
  Thanks. 

  Hi,  
  Did you enable Advanced Audit Policy Configuration? If yes,
  The audit policy under Computer Configuration\Polices\Windows Settings\Security Settings\Local Policy will not work.
  I recommend you to run command
  auditpol.exe /get /category:*to
  check the audit policy. If account management policy do not applied, we could check if the following file exists:
  Windows\SYSVOL\sysvol\domain name\Policies\ {6AC1786C-016F-11D2-945F-00C04fB984F9}\MACHINE\Microsoft\ Microsoft NT\ audit.csv
  If yes, we could delete it and then refresh the group policy.
  For more detailed information about
  Audit Policy, please refer to the following link:
  Getting the Effective Audit Policy in Windows 7 and 2008 R2
  http://blogs.technet.com/b/askds/archive/2011/03/11/getting-the-effective-audit-policy-in-windows-7-and-2008-r2.aspx
  Best Regards,
  Erin

• OS-Deployment to virtual servers with SCVMM 2012 R2 vs SCCM 2012 R2 or integration with both?

  Hi,
  OS-Deployment to virtual servers with SCVMM 2012 R2 vs SCCM 2012 R2 or integration with both?
  Is SCCM just for physical servers, and SCVMM for virtual?
  What are benefits of integrating them?
  /SaiTech

  Hi,
  Please refer to the links below:
  Introduction to Configuration Manager
  http://technet.microsoft.com/en-us/library/gg682140.aspx
  Virtual Machine Manager
  http://technet.microsoft.com/en-us/library/gg610610.aspx
  The System Center 2012 Integration Guide provides information about automating each of the System Center components and integrating them with each other and with other systems and applications.
  For more information, see the
  System Center 2012 Integration Guide.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.