Setting a loopback policy setting for Domain Controllers/Preventing IE from accessing externally

Similar Messages

• Can I maually check for updates but prevent them from being automatically installed if it turns out one is available?

  Can I maually check for updates but prevent them from being automatically installed if it turns out one is available?
  Background:
  In options I have "check for updates, but let me choose whether to install them" ticked. This works fine, in that I periodically receive a notice of an available update, and it will ask me whether I want to I want to install it.
  But there are certain times -- for reasons I won't go into here (unless requested as part of seeking a solution) -- where I want to manually check for new versions, but RETAIN the ability to decide whether or not to install it. But if I click Help/About Firefox/Check for Updates, and it finds an update, it will immediately proceed to install it without asking for permission. While that seems quite inconsistent with my update preferences in Options, it is apparently normal behavior as described in https://support.mozilla.org/en-US/kb/update-firefox-latest-version#w_how-do-i-manually-check-for-updates.
  So is there any way I can manually check for new-update availability but then refuse the update if I so choose? Once an unwanted install begins, I'm concerned that if I click cancel I could end up with a partial installation or some "messed up," duplicated or corrupted FF files (e.g., multiple versions appended with (1), (2) etc, similar to what sometimes confusingly happens when I do an XP System Restore).
  Thanks.

  I think what needs to be made very clear here is that when a user clicks on "check for updates" the software should bloody well CHECK for updates and most certainly SHOULD NOT proceed to download and apply any updates. this is misleading and intrusive.
  I just wanted to check if there was an updated version but I DID NOT want to actually update at that moment. the software downloaded data, costing me money and tried to apply the update which could have potentially messed up my settings if I had not checked everything was ok first.
  I actually discovered how to prevent the update by searching through windows and manually deleting the files but why should anyone have to go to such lengths?
  the software should simply do as it is asked, not do things that have most certainly not been asked.

• The recent upgrade for i-tunes prevents me from adding and using the Field, "Show". How can I add this field in i-tunes?

  The recent upgrade for i-tunes prevents me from adding and using the Field, "Show". How can I add this field in i-tunes?

  Hold down shift as you right-click > Get Info to get the old style dialog box.
  tt2

• Allow log on through Remote Desktop Services Group Policy for Domain Controllers

  Hello,
  We want to allow our Helpdesk Operators to be able to connect to Domain Controllers with the Remote Desktop Services. This is by default not allowed but according to many sites, it should be able to configure by using a Group Policy.
  We made a new Group Policy with the setting 'Allow log on through Remote Desktop Services' and 'Allow log on locally' (as an extra for testing) and applied Security Filtering to only use it for a specific Security Group. Our test user is a member of this
  security group and should be able to access the Domain Controllers now. However this isn't working.
  The error message we receive upon trying to connect:
  The connection was denied because the user account is not authorized for remote login.
  For troubleshooting, we also applied the Security Group for that setting in the Default Domain Controllers Policy but that doesn't seem to work either. We want to avoid customization on our Default Domain Controllers Policy but this was just a test case
  for solving our problem.
  What should we do to solve our problem?
  I hope to hear from you soon.
  Thanks in advance.

  Hi, I just found out what the problem was. This site helped me alot:
  http://blogs.technet.com/b/askperf/archive/2011/09/09/allow-logon-through-terminal-services-group-policy-and-remote-desktop-users-group.aspx
  In my case, I had the group added to the Allow Logon Through Remote Desktop Services but was not added to the Builtin\Remote Desktop Users group. After knowing this I made some changes to our situation and are now using the builtin\Remote Desktop Users group
  rather than a new self made Security Group. I also added the Remote Desktop Users to the Allow Logon Through Remote Desktop Service in the Default Domain Controllers Policy as this is not done by default. By default only the Domain Administrators are able
  to logon through remote desktop services.
  You do not need the 'Log on Locally' permission within the Group Policies.
  In short:
  Add the desired users/groups to the 'Builtin\Remote Desktop Users' security group.
  Add the 'Builtin\Remote Desktop Users' security group to the 'Allow Logon Through Remote Desktop Services' within the 'Default Domain Controllers Policy'.
  Thank you anyway for the fast reply.
  Have a nice day!

• How to change the TCP session limit for Domain Controllers in TMG2010

  I've many errors in TMG2010, that relates with too many TCP sessions, that are generated from my two domain controllers.
  how can i change since settings?
  Regards!
  Lasandro Lopez

  Hi,
  create flood mitigation exceptions for the domain controllers:
  http://technet.microsoft.com/en-us/library/dd441028.aspx
  regards Marc Grote aka Jens Baier - www.it-training-grote.de - www.forefront-tmg.de - www.galileocomputing.de/3276?GPP=MarcGrote

• [svn:fx-trunk] 12207: Fix for [Managed] metadata prevents ASDoc from generating output for setter/getters

  Revision: 12207
  Revision: 12207
  Author:   [email protected]
  Date:     2009-11-25 11:53:15 -0800 (Wed, 25 Nov 2009)
  Log Message:
  Fix for metadata prevents ASDoc from generating output for setter/getters
  QE notes: None
  Doc notes: None
  Reviewed By: Paul
  Bugs: SDK-23940
  Tests run: checkintests, asdoc
  Is noteworthy for integration: No
  Ticket Links:
      http://bugs.adobe.com/jira/browse/SDK-23940
  Modified Paths:
      flex/sdk/trunk/modules/compiler/src/java/flex2/compiler/as3/genext/GenerativeSecondPassEv aluator.java

• Teamed network cards for domain controllers?

  can someone help me to resolve a debate we have: my colleage states that domain controllers (in our case Win2003SP2) should "not" have their network cards teamed for high availability (via HP's NIC teaming software).? I've not heard of this and cannot Bing/Google anything like this. I'm under the impression that a domain controller "should" have it's gigabit NICs teamed to make sure that directory services are highly available.
  any information on this would be great. thanks...Peter A. Berger Jr.

  Fault Tolerance and Network Teaming
                  Anyone who has called Microsoft for help with a networking problem has likely heard the question: "Are you using network teaming?" I have often heard this referred to by Microsoft's customers as a "quick out" or an excuse that Microsoft was looking to pass the responsibility on to someone else. As someone that has been on both ends of the phone, and at the highest escalation point within Microsoft's Network queues I can tell you that it is a question born of wisdom and tempered with experience. While working the phones at Microsoft, supporting the largest and most critical systems in the US it was rare to ever get a call about the same problem more than once. Even more rare was for everyone on our group to get the same calls, and have the same experiences. I recall it happening when we fought the blaster worm, and when Microsoft's "Scalable Networking Pack" was released with 2003 SP2. These were bad, but a few months went by and except for a few straggles the phone calls stopped, the world got wise to the issue and the problem was resolved. I was amazed though to experience 1-3 calls a week with network issues CAUSED by network teaming. I could not help but be blown away by the irony of a program meant to avoid network failure so often causing it. I talked to colleagues, (of which I have found no better single source in the industry than at Microsoft), and found that even the old timers having more than 15 years with the company had the same stories of problems caused by networking teaming as we are constantly experiencing today. I am amazed that an industry as wise and agile as the computer industry has been (and is), has stuck with such a poor technology. I always asked my customers as the called with problems, usually critical ones, "What is teaming these network cards getting you". Almost unanimously the answer would come fault tolerance, to which I would reply rhetorically "How often do you NICs or Switches fail and how often has teaming caused network failure?" In my opinion, it is unforgivable for an application to constantly cause the problem that it is written to avoid. It should cause pause and reflection as to whether the technology is well suited for its function, whether it is just written poorly or if all of its implementations have similar problems. Technology today is beyond network teaming. There are far better methods of providing fault tolerance with manual and automatic failover. Most application writers have taken into consideration fault tolerance at the service level superseding anything that network teaming offers, so that network teaming should be a dead technology, because it is killing us.
                  Finally, if you are considering using network teaming, or have had reason to reconsider its use, maybe these questions will help your assessment:
                  What is my goal with using network teaming?
                  Can I gain Availability through use of a more capable NIC card?
                  How often have my NIC cards failed?
                  When NIC cards have failed were they the only failure, or was it in conjunction with a Motherboard or other failure causing the service to be unavailable?
                  What are my needs for uptime for these services?
                  Would a manual failover (the simplest of options) be viable for this service?
                  What options for automatic failover do I have (since most applications can have multiple providers through configuration)?
                  One other note to add. While working on the phones at Microsoft, and later as a consultant to large and federal organizations, I found one thing that seemed to be true most of the time. When a problem occurred, it was rarely the OS itself, but something unnatural to its processes. Simplicity and minimalism is really one of the keys to a healthy server and environment. Often it is necessary to introduce other applications and services, but I do not think near as often as we do.
  Note: MSFT does not support network teaming, because they do not own the software that provides it. In certain instances though, like with OCS, they flat out will not support OCS if teaming is enabled on the server.
  Note2: I realize my comments above are very general, and so I want to apply these to this exact question. When I consider AD and how to make it fault tolerant, I cannot help but realize that the protocols, clients and services that make up Directory Services, are beautifully fault tolerant. In most cases, the loss of any one DC would not greatly affect the user's ability to authenticate to a computer or service within the domain. Even more, Directory services is inherently so fault tolerant that it can still function with the loss of a major part of the servers that make it up.
  Don't forget to give credit where credit is due, vote this as helpful if it helped you.

• Updating a field for a number of forms from an external table

  Good Day All;
  This one I could not find in the help section.
  I have designed a number of forms that all use the same “rates of pay” (there are 4 categories) for calculating. I was told to expect that a few more forms will be required and these new forms will also be using the same “rates of pay”
  Currently I am using “switch” to insert the “rates of pay” when the user selects a category from a dropdown.
  Is there a way I can update all the forms from an external “table” instead of having to update each form individually?
  Thanks All
  Chomp

  Hi,
  If the form is Reader enabled with Acrobat, then that is going to cut out data connectons.
  You should have a look at John Brinkman's blog: http://blogs.adobe.com/formfeed/2010/07/shared_data_in_packages_part_2.html. Two parts.
  Also there is an example of inter-form communication here, but it may be too clunky: http://assure.ly/qQivbm.
  Good luck,
  Niall

• Any suggestions for running an iTunes library from an external hard drive on two computers?

  I have two Mac computers: an iMac and a MacBook Air.  My iMac has 1TB of storage space (plenty enough for my 200+gigs of music) but my MacBook Air only has 250gigs of storage space.  I know I can access all of the music from my iMac on my MBA with HomeSharing.  But that doesn't work when I take my MBA out of the house for work.  I was going to switch over my iTunes library to an external HD but I don't know if I can access the library on the hard drive from my MBA, when the main library is on my iMac.
  Any suggestions as to how to get two different computers to access an iTunes library from an external hard drive?
  Thanks.

  I am confused as to what you had or have where and when.  The bottom line is, your library (for the standard user) is everything in the iTunes folder.  As far as iTunes' organization and display is concerned, your library is a file called "iTunes Library.itl" which points to all the other host of files and folders normally in the iTunes folder which all work together.
  What are the iTunes library files? - http://support.apple.com/kb/HT1660
  More on iTunes library files and what they do - http://en.wikipedia.org/wiki/ITunes#Media_management
  What are all those iTunes files? - http://www.macworld.com/article/139974/2009/04/itunes_files.html
  Where are my iTunes files located? - http://support.apple.com/kb/ht1391
  iTunes 9 [and later]: Understanding iTunes Media Organization - http://support.apple.com/kb/ht3847 - plus supplemental information about organizing to new structure https://discussions.apple.com/message/26404702#26404702
  Image of folder structure and explanation of different iTunes versions (turingtest2 post) - https://discussions.apple.com/docs/DOC-7392 and making an iTunes library portable.
  If you kept everything together in one place then you need to put the whole iTunes folder on the drive where you want it, start iTunes while holding down the option key and guide it to that .itl file.  If things were split up and you had media on the external and the rest of the library on the internal you need to get them back to exactly where they were before.  If you can't find that iTunes folder holding the critical .itl file anywhere then you have a bunch of media tracks and no organization and will need to rebuild the organization from ground level.

• Best Practice for Domain Controllers for a company of 500 users.

  Our company is expanding and is planning on having roughly 500 users managed by a domain controller. The question is, what sort of hardware do you actually need that will not be a bottleneck in the near future (3-5 years from now). We stick with Dell servers, and have been looking at the R430 option. Is this necessary? Is higher clock CPU better than having more cores but less core clock speed? How about Memory, Hard Drive RPM / SSD or other hardware? We'll be using Windows Server 2012 R2 Standard. Thanks!
  This topic first appeared in the Spiceworks Community

  Staffing teams’ sourcing acumen is key in the success of strategies involving channels such as referrals, job portals, social media, tech forums and salary/job comparison sites, says Mindtree’s VP- Talent Acquisition Kanchana Dwarakanath, TimesJobs.com Indian IT services companies have posted steady growth in 2014-15 and hiring has continued at a steady pace. Amid this, recruitment practices too are undergoing a sea change. So how are IT companies today putting in place new-age talent hiring options? TimesJobs.com spoke to Pankaj Khanna, vice-president, Talent Acquisition, Mindtree, on this. Excerpts from the interview: Q: Companies today are adopting new-age talent hiring options. How do you see it impacting hiring in the future? A: Talent available on job boards typically fulfill about 50-60 per cent of the demand for lateral hires...

• Horrible, irresponsible default setting for Thunderbird re: deleting mail from POP server

  Yesterday I downloaded and booted an ISO of Linux Mint 16 because I was curious about the current state of Linux and whether it would make sense to finally switch from Windows. The OS booted and ran without any major issues and seemed generally well-polished.
  Then I ran Thunderbird and did a quick setup of my POP3 e-mail account (provided by GoDaddy) using the default configuration, which I assumed would be appropriately configured for someone who wanted to give Thunderbird a test-run. I waited a few minutes while Thunderbird downloaded all the e-mail messages from GoDaddy's server and then I spent some time poking around with the program. Seemed fine.
  Unfortunately, I did not realize until after rebooting my system into Windows that Thunderbird was configured by default to delete all my e-mail messages from the server upon download, and I was shocked to find that I could no longer access my old messages via my Android phone. That's several months worth of important e-mails that Thunderbird unceremoniously wiped from my mail server without so much as a warning.
  This is a horribly irresponsible way to configure Thunderbird's default settings and I'm sure I'm not the only person who has gotten burned in this manner. Needless to say it has soured me not just on Thunderbird but on Linux in general as a desktop OS. As an attorney I frequently need to review previously-read e-mail messages in my account and your mail client's default settings have caused me a major inconvenience. I strongly suggest that you alter Thunderbird's default configuration to leave downloaded messages on the server in order to avoid upsetting users in the future.

  Thank you for your suggestions, but I had booted Mint directly from the DVD and had not installed it. I was simply testing it out. Thunderbird was remarkably easy to configure - I just gave it my e-mail address, name, and password and it figured out the rest. But nowhere did it indicate that it would remove downloaded messages from my mail server by default, hence my shock and dismay.
  I sincerely hope that somebody within Mozilla will acknowledge that this is a problem and change the default settings.

• Is it normal for files to go missing from an external hard drive?

  I've posted about this issue before but for slightly different reasons. I'm about to buy a new hard drive (the old one is full), probably I'll go for the exact same model, and I want to know if the problem I had described here has happened to Mac users.
  I use a Retina MBP with OS X 10.8.4 that also runs Windows 8 on boot camp. At the same time I have an Acer Aspire and what I used to do is download movies onto my external drive with my MBP in Mac - I would also rename the files in Mac - and then connect the drive to my Acer so I could access the movies there.
  One day I noticed that some of the files, after I had renamed and moved them to a new folder on the same partition, had gone missing. As I described in my old thread, it was a weird problem because those "missing" files would appear in Windows but not in Mac. But even in Windows when you could see the folders, they were all corrupted as the system indicated to me - the folders couldn't be accessed and the movies wouldn't play.
  Thankfully I haven't had this issue again but then I haven't dared to move any of my movies to a new folder either. Not since that incident. I'm pretty sure that I wouldn't have lost those movies and had them corrupted if I had kept them in their original location. Is it normal for files to go missing or be corrupted when you move them back and forth, especially when you use an external drive with one OS (Mac) and then switch to another (Windows)? I've always wondered if this was an issue. I never formatted the drive when I got it, I just plugged it in and used it. That was before I bought my MBP.
  I also was unable to delete those corrupted files/folders. Windows wouldn't let me and in Mac, they didn't even show up. I solved this eventually by using Disk Utility to repair the drive.
  Now I'm fine with letting my files stay put if that's what it takes to keep them safe and secure, but I'd be more comfortable if I can understand what went wrong all those months ago.
  The hard drive I have is this one from Samsung.

  Quick answer if you use iTunes' default preferences settings:  Copy the entire iTunes folder (and in doing so all its subfolders and files) intact to the other drive.  Open iTunes and immediately hold down the Option (alt) key (shift on Windows), then guide it to the iTunes Library.itl file in the moved iTunes folder.
  If you put the copied iTunes folder in the default location of Macintosh HD > Users > *User Name* > Music  then you don't even need to start with the option key held down, iTunes will automatically look for it there.  (Make sure there isn't anything already in the iTunes folder there that you want to keep since you will be replacing it with the one you are moving.)
  Longer answers if for any reason you do not think all library files are inside your iTunes folder (changed preferences settings at some point):
  iTunes: How to move [or copy] your music [library] to a new computer [or another drive] - http://support.apple.com/kb/HT4527 - a somewhat bewildering and not always easily understandable set of options.
  For the record there's this reference for iTunes 11 but it really doesn't strike me as having the specifics you need. iTunes 11 for Mac: Move your library to another computer - http://support.apple.com/kb/PH12168
  2011 ilounge article: Transferring your iTunes library - http://www.ilounge.com/index.php/articles/comments/moving-your-itunes-library-to -a-new-hard-drive/  - An article with good background information (similar to the links above), particularly if you are not sure your media files are all grouped for quick answer above. Unfortunately under the single term "transferring library" it describes two very different moves; relocating just your media (not  really transferring your library and not recommended unless you really need this configuration), and relocating media+database (really your whole "library").  Make sure you understand the difference before electing to move only media.

• I was involutarily upgraded to Firefox 5.0. F5 plug in won't install. This prevents me from accessing my employer's LAN. How can I get F5 plug in to install? Thanks for any help you can give. MH

  What do I do to successfully install F5 plug in? Firefox 5.0 does not seem to accept it
  My level of computer expertise is at the level of a three year-old - three year-old cat rather than a three-year old human. Please take that into account in giving me any instruction.
  Any help you can give would be greatly appreciated...
  MH

  For network access plugins, I suggest checking with your employer's IT personnel. They probably have tested this and can let you know whether there is a solution or you should downgrade.
  You can have Firefox ask you before installing updates. To manage your automatic upgrade settings, go here:
  orange Firefox button > Options > Advanced > "Update" mini-tab

• Automatic double domain name prevents podcasts from working correctly

  I recently uploaded a new podcast to itunes and I get the following error when I try to download the newest entry.
  Message: There was a problem downloading "What Kind of Host Are You?".
  The URL "http://www.coths.org/coths.org/Media/20090607_Entire.mp3" could not be found on the server.
  Since iWeb automatically includes the site name (coths.org) in the file location and my FTP host points the site to the file (which eliminates the double name) the two locations do not match.
  The website is www.coths.org and the podcast can be found under resourses, then podcast.
  Basically I need to eliminate the 2nd coths.org somehow.
  Any assistance is much appreciated.

  Basically I need to eliminate the 2nd coths.org somehow.
  It's your failure to upload the whole site, including the folder called coths.org, which is causing your problem. Complete iWeb sites, where everything functions, include the sitename folder. You can change the sitename to "c" or whatever and republish to avoid the duplication.

• I am using MS XP Professional Ver. 2002 Service Pack 3. I have created a Limited User Account for my nephew because he tends to experiment and screw up the computer quite often. I would like to know if there is a way to prevent him from changing any setti

  I am the System Administrator of my computer. I have managed to limit most of what my nephew can do via general Windows functions. However, I need to prevent him from changing his Firefox Options (listed under the Tools menu). He has already changed items that leave my computer vulnerable and although I've explained to him that he should not change anything in the Options area, he continues to do it. If there is not a way for me to prevent him from changing anything in Options, then I have no alternative than to prevent him from using the computer at all. I hope it doesn't come to that.

  ''"...although I've explained to him that he should not change anything in the Options area, he continues to do it. If there is not a way for me to prevent him from changing anything in Options, then I have no alternative than to prevent him from using the computer at all."''
  Maybe taking away his privileges will could teach him a valuable lesson------respect other people's property!