[Feature]
"OEM Software": Good Deal or Theft?
How do those "OEM software" guys sell software so cheaply?
—
Mark Minasi
“Shipping Is a Feature…” Argh.
Mark laments the fact that Microsoft considers shipdate to be an important feature of its Windows Hypervisor product.
—
Mark Minasi
10 Reasons Not to Deploy Windows Vista
The decision to upgrade to Vista has to make business sense, but many companies find the costs in training and application compatibility problems outweigh any benefits Vista brings.
—
Alan Sugano
10 Reasons to Deploy Windows Vista
The decision to upgrade your XP systems to Vista is simple when you consider features such as easier backup, a great desktop search, and vastly improved security options.
—
Mark Minasi
4 Ways to Help PowerShell Find External Tools
Learn how to help PowerShell locate external tools, saving time and keeping you organized.
—
Alex K. Angelopoulos
5 Ways to Trim Your IT Budget
Standardizing IT equipment is the first step toward making reduced IT budgets stretch further.
—
Mark Smith
A Healthy Dose of Windows Server 2008 Wariness
Microsoft will probably release Windows 2008 to manufacturing by October or November of this year, at the latest. And, you see, that's why I'm worried.
—
Mark Minasi
Access Security Event Logs with PowerShell
See how using Windows PowerShell with Windows Security event logs can help you guard against intrusion.
—
Robert Sheldon
Accessing Database Data with ADO
—
Robert Sheldon
Accessing SQL Server Data from PowerShell, Part 1
Learn how to use ADO.NET to retrieve SQL Server data through PowerShell scripts.
—
Robert Sheldon
Accessing SQL Server Data from PowerShell, Part 2
Because PowerShell is integrated with the.NET framework, you can leverage the .NET object model within PowerShell scripts and build ADO.NET objects that retrieve SQL Server data; learn how to use ADO.NET to insert, update, and delete SQL Server data.
—
Robert Sheldon
Am I Who I Say I Am?
David Chernicoff explains the advantages of authenticating email as a way to combat spam.
—
David Chernicoff
App-V Security
Use App-V's SystemGuard, MSI utility, and Sequencer to deploy virtual applications seamlessly in secured environments, protecting the integrity of desktops and terminal servers.
—
Russell Smith
Are Recycle Bins Wasting a Lot of Space on Your Windows Servers?
Here's a VBScript script you can use to monitor how much disk space is being consumed by the Recycle Bins stored in a server's Recycler folder and how much space is available on that server's local hard drives.
—
Jim Turner
Attention Windows 7.0: Please Don’t Interrupt Me!
Mark yearns for a more polite Windows.
—
Mark Minasi
Backing Up and Restoring Microsoft Exchange Server 2007, Part 1
NTBackup and simple Windows PowerShell commands can help bring your data back when the unthinkable happens
—
Nathan Winters
BitLocker and AD, Together at Last
Here's what you need to know about BitLocker/AD integration.
—
Mark Minasi
Can Slow-and-Steady Win the Wireless Race?
Mark proposes a new, more user-friendly wireless standard.
—
Mark Minasi
Cell Phone–and-PDA Combo Devices
Mark Smith checks out some of the current cell phone–and-PDA combinations. Find out what product he finally chose and why.
—
Mark Smith
Certifications: Pass or Fail?
A discussion of the pros and cons of vendor-sponsored certifications.
—
Mark Minasi
Connect Microsoft Email Clients to Gmail
Gmail is a powerful email server that supports millions of mailboxes. Use IMAP to connect Outlook or other email clients to Gmail to create the best of two worlds—well-developed email UIs in popular clients with a good (and free) email server.
—
Tony Redmond
Countdown to XP SP2: Dealing with ICF
Mark continues his evaluation of one of XP SP2's biggest features: enabling ICF by default.
—
Mark Minasi
Countdown to XP SP2: Forced Protection
Windows XP Service Pack 2 (SP2) is nearly here. In the next four installments of his VIP column, Mark considers the pros and cons of some of the changes that SP2 will bring.
—
Mark Minasi
Countdown to XP SP2: More than a Firewall
After an in-depth discussion of Windows XP Service Pack 2's (SP2's) Windows Firewall, Mark examines some of the service pack's other interesting features.
—
Mark Minasi
Countdown to XP SP2: Planning Ahead
Mark continues his look at the forthcoming Windows XP Service Pack 2 (SP2) Windows Firewall feature.
—
Mark Minasi
Data Manipulation with ADO
ActiveX Data Objects (ADO) let you access, filter, sort, and retrieve data from Microsoft SQL Server and Microsoft Access databases using VBScript and other scripting languages. Here are some of the most common uses of ADO for databases.
—
Robert Sheldon
Deployment Blockers for Upgrading to Exchange Server 2007
Avoid the gotchas and ensure a successful upgrade. You’ll need to be clear on AD topology, and then deal with deployment issues with public folders, client software, archival and retention, fax, mobility, and coexistence with other Exchange versions.
—
Paul Robichaux
Disaster Recovery in the Wake of Katrina
Mark's thoughts turn to disaster recovery in the wake of a devastating tragedy.
—
Mark Minasi
Disks, Spin No More
What's interesting about PQI's announcement of its new hard disk? It's a solid state disk.
—
Mark Minasi
Do Betas Make Sense Anymore?
Mark suggests that betas don't make sense as testing tools anymore.
—
Mark Minasi
Don't Let Daylight Saving Time Sneak Up on You
By simply double-clicking GetDLSDates.vbs, you can get a reminder of when daylight saving time begins and ends in the current year. Without having to change any code, this script will work the same year after year.
—
Jim Turner
DPM 2007: Protecting and Restoring Data
DPM 2007 uses Microsoft VSS to provide in-depth protection to your key Microsoft application platforms. Learn about setting up recovery points and restoring data, enabling end-user restores, and performing bare-metal restores.
—
John Savill
DPM 2007: Set It Up and Get Started
Get all the information you need about what Microsoft System Center Data Protection Manager is and how it works, and walkthrough the installation and setup process for DPM 2007.
—
John Savill
Dual-Core Turions: A Nice, Cool Surprise
Here's a quick look at how AMD and Intel are taking advantage of something called "nonlinear heating rates."
—
Mark Minasi
Enhance PowerShell's Syntax Display
The author’s Get-Usage script displays usage for more categories of command types than PowerShell’s Get-Command or Get-Help cmdlets.
—
Alex K. Angelopoulos
Establishing Quotas for Exchange 2007 Mailboxes
Learn the important factors to consider when setting Exchange 2007 mailbox quotas, including disk performance, database overhead, and backup-window limitations. You'll also get practical formulas to determine your maximum mailbox and database volumes.
—
Brien Posey
Exchange 2003 SP2's Direct Push Technology
Learn about Direct Push, an Exchange 2003 SP2 feature that pushes email to a mobile device from an Exchange server while conserving bandwidth and minimizing mobile-service charges.
—
Nathan Winters
Exchange 2007 Deployment Postmortem
Learn from someone else's Exchange 2007 migration experiences.
—
Michael Dragone
Exchange 2007 SP1 and OCS 2007: What You Get
Exchange 2007 and OCS 2007 are complementary parts of Microsoft's UC strategy. Exchange 2007 SP1 enhances this relationship with features such as additional dial plan options, better fax handling, and Communicator access for remote workers.
—
Paul Robichaux
Exchange 2007 SP1's Standby Continuous Replication
You can add site resilience to your Exchange organization by implementing SCR with Exchange 2007 SP1. Find out the steps for setting up SCR and what you need to do to recover in the event of a failure.
—
Tony Redmond
Exchange 2007 Transport Rules
Implementing Exchange Server 2007’s new transport rules feature makes complying with regulatory requirements easier than in Exchange Server 2003 or Exchange 2000 Server. Learn how to use transport rules to add a disclaimer and apply an ethical firewall.
—
Tony Redmond
Exchange Management with EMS: Fundamental Concepts
With PowerShell's basic syntax and consistent grammar, managing your Exchange systems through EMS is easier than you might think.
—
Paul Robichaux
Exchange Management with EMS: Getting Exchange Objects
You can use EMS to retrieve any type of Exchange object and its properties, then use the pipelining feature to pass results to another command. Be sure your scope is correct.
—
Paul Robichaux
Exchange Management with EMS: Setting Properties
Exchange Management Shell lets you set mailbox quotas, establish maintenance cycles, and manage every aspect of your Exchange environment, and built-in safety features help you get into property manipulation without fear of breaking anything.
—
Paul Robichaux
Exchange Management with EMS: Turning Actions into Scripts
Learn how to construct PowerShell scripts through Exchange Management Shell to automate common Exchange Server tasks by using things such as relational and logical operators, evaluative statements, and loops.
—
Paul Robichaux
Exchange Server 2007 for Exchange 2003 Admins, Part 1
A redesigned architecture has given us a new set of management tools that you need to learn how to use.
—
Brien Posey
Exchange Server Database Integrity
Learn how Exchange keeps tabs on database integrity, and see how you can use Eseutil and Isinteg to rectify any problems.
—
Michael B. Smith
Exploring CAS Technology
Learn the core concepts of the .NET Framework's Code Access Security (CAS) feature and how to administer it.
—
Jan De Clercq
Feeling Sorta Blue, Ray
It’s the great next-generation DVD format war: Blu-ray or HD DVD, which will win? After the past couple of weeks, I think we all know which will be victorious, and it worries me a trifle.
—
Mark Minasi
Finding a User’s Last Logon
The JScript script this article presents lets you discover exactly when a user last logged on to the domain. It also tells you which server authenticated the logon, and it doesn’t require Windows Server 2003 forest functional mode.
—
Bill Stewart
Function Creates Multidimensional Arrays from Delimited Text Files
You don’t have to write a separate routine for text-based processes to arrange data into a usable form—use this VBScript script to create a multidimensional array of the data to reference it by rows and columns like a database.
—
Jim Turner
Future Computing in the Past
Mark makes a few suggestions for fun holiday reading, IT style.
—
Mark Minasi
Get Compliant with Exchange Server 2007 Journaling
Regulatory compliance and internal audit policies force many organizations to journal email messages, voicemails, and fax messages. Exchange Server 2007 makes journaling easy by establishing managed journal rules enforced through the Hub Transport server.
—
Siegfried Jagott
Getting Started with Exchange 2007 UM
UM with Exchange Server 2007 combines email, fax, and voicemail in your Exchange Inbox. Using Exchange Management Console, you can configure the settings to get your organization unified.
—
J. Peter Bruzzese
Getting Started: Remote Administration
Learn how to install and run Microsoft terminal services tools.
—
Kathy Ivens
Getting the Dell Express Service Code
DellSerial.js can shorten the call time required when you need to work with Dell's technical support team. This script also demonstrates how JScript is sometimes easier to use than VBScript.
—
Bill Stewart
Group Policy Made Great
The Group Policy Management Console will greatly improve Group Policy but doesn't go far enough. Mark Minasi offers suggestions for improvements.
—
Mark Minasi
Has Outlook Become Inlook?
Mark turns cynical when answering the question, Why is Outlook regressing?
—
Mark Minasi
Hawking Certification Like Light Beer
Mark disusses his appalled reaction to a prurient advertisement for an MCSE boot camp.
—
Mark Minasi
How About a Rational Vista License?
How does Microsoft get away with its software licensing, given US copyright law?
—
Mark Minasi
How to Easily View the Extended Properties of Files
Windows Server 2008 and Windows Vista have seven times more file properties than their predecessors. Here's how you can easily select and view the properties you're interested in seeing, no matter whether you're using the newest or an older OS.
—
Jim Turner
How to Find Constants and Their Values
Because of the COM technology behind scripting objects, scripts don’t get access to any constants’ values embedded in those objects. Here are several ways to obtain those crucial values.
—
Alex K. Angelopoulos
How to Implement SDI Using IPSec in a Mixed Environment
This step-by-step guide shows you how to configure UNIX and Linux OSs to use IPSec with preshared keys so that Server and Domain Isolation (SDI) is supported for both outgoing and incoming connections.
—
John Howie
How to Multi-Thread VBScript Scripts
What can you do when you want to check your servers every 60 minutes but your script takes 90 minutes to run against all your computers? Try MultiThreader.vbs. This script executes a worker script in parallel processes, simulating multi-threaded behavior.
—
Chris Scoggins
How to Preload Commands in a Command Shell Window
Learn how to preload commands and change the color of the command shell window.
—
Dick Lewis
IIS 6.0 Improvements
Learn how Windows .NET Server 2003 improves the quality of IIS 6.0.
—
Michael Otey
In Praise of Canon Printers
Recently, I’ve experienced what you might call a paradigm shift. I’ve abandoned Epson and HP printers in favor of Canon printers. I didn’t make this decision lightly. In fact, you might say I didn’t make the decision at all: Epson and HP made it for me.
—
Mark Minasi
Integrating Exchange Server 2007 and SharePoint Server
Learn how to configure Microsoft Office SharePoint Server (MOSS) to work with Exchange Server and Outlook Web Access (OWA) so your organization can use an intranet to easily share documents.
—
Brien Posey
Introducing the ADSI Edit Utility
When Active Directory replaces the Directory Store in Exchange 2000, the ADSI Edit utility replaces using Exchange Administrator in raw mode as a means for interacting with directory data at a low level.
—
Tony Redmond
Introduction to ADO
Learn about the primary ADO objects--Connection, Command, Parameter, Recordset, and Field--and follow example scripts that demonstrate how to use ADO within VBScript.
—
Robert Sheldon
Introduction to DNS Configuration for Exchange Admins
Every Exchange administrator should know some DNS basics. This includes understanding how DNS should be configured for Exchange and how to verify that DNS has been configured properly for your domains.
—
Michael B. Smith
Keep Track of BlackBerry PINs the Easy Way
BlackBerry PIN maintenance is a complex and arduous task. Here’s a script that automates the process of initially obtaining PIN information, then keeps that information up-to-date.
—
Joseph Neubauer
List Locally Logged-on Users
Query locally logged-on users with this handy JScript script.
—
Bill Stewart
Making PowerShell's Out-Printer Cmdlet Easier to Use
The names that Out-Printer uses to identify printers aren’t obvious and aren't directly available to you in PowerShell. Here are several ways you can obtain and make printer names available to your code with no copying and pasting and minimal typing.
—
Alex K. Angelopoulos
Managing IP Routes Through WMI
You can use WMI to remotely view and manage IP routing tables on your Windows Server 2003 and Windows XP systems.
—
Alain Lissoir
Managing Mailboxes with Exchange Management Shell
You can easily accomplish mailbox management tasks with Exchange Management Shell. You can create new mailboxes; view, set, and change mailbox properties; and control permissions, all either in bulk or on individual mailboxes.
—
Paul Robichaux
Managing Secure Database Connections with SQL Server
Learn how to use SQL Server to protect your valuable data and create and manage secure database connections.
—
William Sheldon
Microsoft CRM for the .NET Environment
Microsoft enters the customer relationship management (CRM) market with a product that leverages the Microsoft .NET platform.
—
John D. Ruley
Microsoft Lowers Its Standard, To Enterprise’s Gain
Is Microsoft quietly raising the price of the Windows Server OS? In fact, is the company, in effect, quadrupling the price?
—
Mark Minasi
Microsoft's Antispyware Gambit
Mark thinks Windows AntiSpyware might fail if Microsoft doesn't keep in mind three considerations: assurance of no surprise fees in the future, ease of deployment, and Group Policy integration.
—
Mark Minasi
Modernizing Exchange Server Backup and Recovery
Traditional tape-based backups have problems with performance and recovery options, but disk-to-disk-to-tape and Microsoft VSS–based solutions can help you modernize your backup system.
—
Brien Posey
Moving Away from PSTs
Getting users to stop using PSTs won't be easy, but with planning—and the right tools—you'll be able to manage this difficult transition.
—
Brien Posey
Moving to Windows 2003? Be Prepared to Dig Deep
Mark Minasi tells you what you need to know about Windows Server 2003 and licensing.
—
Mark Minasi
New Features Freshen OWA in Exchange Server 2007 SP1
A slew of improvements to Outlook Web Access, such as a more robust OWA Light, personal DLs, and new or improved support for WebReady Document Viewing, S/MIME, public folders, and monthly calendars, give your end users a better Outlook webmail client.
—
Brien Posey
Nowhere Left to Grow
No more COMDEX; Microsoft giving away cash ... what's going on?
—
Mark Minasi
Palmed Off
Mark laments Palm's decline in usability.
—
Mark Minasi
Parsing Error Codes
Errors happen but sometimes displayed error messages aren't the easiest format to read. ErrorParser.hta solves this problem by converting decimal, hexadecimal, and negative-number system and network error codes into standard error messages.
—
Bill Stewart
PowerShell One-Liners for Accessing WMI
Windows PowerShell can help you efficiently manage WMI objects. You can get started by learning just a few basic commands.
—
Robert Sheldon
PowerShell One-Liners for Managing Events
Quick commands let you easily work with the event logs on a local or remote system.
—
Robert Sheldon
PowerShell One-Liners for Managing the File System
Windows PowerShell offers all the commands you need to manipulate files and folders on your file system. Here are some of the common functions you might need to perform.
—
Robert Sheldon
PowerShell Script Lists Group Hierarchies in Any LDAP Directory
You can extend PowerShell's capabilities by taking advantage of the Microsoft .NET Framework. If you work with non-Microsoft LDAP directories, one particularly useful .NET tool is the System.DirectoryServices.Protocols namespace.
—
Ethan Wilansky
, et al.
Preparing for Office Communications Server 2007
OCS can be a bear to install, so make sure you're ready before you start.
—
Brien Posey
Produce Pivot Tables Programmatically
Creating pivot tables in Excel just got easier.
—
Jim Turner
Reading Delimited Files Using ADO
Find out how to set up ADO and Microsoft's Jet OLE DB text driver so that you can use them to read delimited files.
—
Bill Stewart
Refining Your Exchange Management in the Shell
Exchange administrators can benefit from using server-side filters and running PowerShell scripts in batch mode to manage Exchange Server 2007.
—
Tony Redmond
Reflections on the PC's 25th Birthday
Sure, the PC has been successful, but has it lived up to its potential?
—
Mark Minasi
Repair Network Connections from the Command Line
This RepairNetwork script offers a quick, quiet command-line alternative to a laborious GUI process.
—
Alex K. Angelopoulos
Requiem for WinFS
Learn about three enticing—but dropped—features that WinFS would have brought to the Longhorn feature list.
—
Mark Minasi
Rest in Peace, ACS
What's the hang-up with ACS? As far as Mark can see, it's an indispensable tool. Unfortunately, Microsoft has changed its release plans.
—
Mark Minasi
Running the Small Mobile Office…Almost
Keeping in sync with your small office isn't as easy as it sounds.
—
Mark Minasi
Saving the Internet
If the Internet really was a highway, maybe traveling it would be safer ...
—
Mark Minasi
Script Inventories Remote Computers and Writes the Information to a Database
If you often need inventory information about the remote computers you manage, check out Computer_Inventory.vbs. With this script, all you need to do is create an input file, run the script, then query the database that the script creates.
—
Readers
Scripting Data Flow in SQL Server Integration Services
Use the Script component to create a custom script that extends your SSIS package.
—
Robert Sheldon
Secure Email with S/MIME
S/MIME and Outlook make it easy to provide persistent, end-to-end encryption for email messages once you've designed and deployed an underlying certificate-handling mechanism.
—
Jan De Clercq
Security and the "Booga-Booga" Factor
Are security professionals providing a service or just securing their own jobs when they claim that no company can be sure its data is secure?
—
Mark Minasi
Security-Obsessed Vista Makes Your Computer Top Secret
Even the most casual observer of Windows Vista walks away with the impression that Microsoft is really attempting to secure this OS.
—
Mark Minasi
Setting Up Exchange Management Shell
Here are a few tips on getting Exchange Server 2007's Exchange Management Shell to look and perform the way you want it to, including making sure your AD searches have the right scope.
—
Tony Redmond
Simplify Security Reporting Using Audit Collection Services
Follow the steps to set up Audit Collection Services, a Microsoft System Center Operations Manager 2007 reporting feature, then start using it to streamline security event-log auditing on your servers.
—
John Howie
Simplify Your Exchange 2007 Transition
Transitioning to Exchange Server 2007 need not be daunting, if you do so in an orderly way. Set a comfortable coexistence period, use ExBPA to flag potential issues, and install server roles and move mailboxes in an optimum sequence.
—
J. Peter Bruzzese
Sometimes, Convergence Works
—
Mark Minasi
Stomp Out Dragware?
Sick of hidden autostart programs?
—
Mark Minasi
Strategies for Migrating Public Folders to SharePoint
Your public folder migration to SharePoint requires a strategy, careful planning, and the right tools. And that's just the beginning. The process for getting rid of public folders is straightforward, but it pays to work through the steps carefully.
—
Paul Robichaux
Testing Exchange Server 2007
Use PowerShell commands to manage and test Exchange 2007 objects such as mailboxes, servers, and distribution groups.
—
Tony Redmond
The (Timely) Fall of Static IP
—
Mark Minasi
The Business Process Engine
How can IT keep up with all the revolutions in computing? There are two developments in software that will meet the challenge: SOA and BMP.
—
Barry Briggs
The Day the Cell Phones Stood Still
Could this year's Cabir worm be a sign of things to come?
—
Mark Minasi
The Event Log Query Utility
This HTML Application lets you query a variety of machines for a variety of event types.
—
Jim Turner
The Great Question of Vista SP1’s Ship Date
Let's not pressure Microsoft into releasing Vista SP1 as quickly as possible. Haven't we learned our lesson?
—
Mark Minasi
The Group Policy Management Console
Run—don't walk—to the Microsoft site to download the GPMC. Its many neat features include a folder-free view of GPOs and a GPO backup and restore capability.
—
Mark Minasi
The Importance of Expert Systems When Buying Systems
Mark laments the impossibility of buying a system that's expertly configured to his needs.
—
Mark Minasi
The Magnificent Six
Take a few minutes to get these 6 Microsoft downloads.
—
Mark Minasi
The Microsoft Remedy
Mark Smith plays judge for a day and proposes remedies that would have increased competition and fairness while protecting Microsoft’s right to innovate.
—
Mark Smith
The Soul of Windows, Revisited
Readers and Microsoft executives alike had plenty to say about Mark Smith's recent article regarding Microsoft's abandonment of Windows administrators.
—
Mark Smith
The Year of the Database Worm?
Don't be afraid of running a database server, even if it's MSDE. Just stay on top of the patches and be aware of where your servers are.
—
Mark Minasi
Time for a Fourth Type of Event Log Entry
Mark finds it troubling that a small AD environment's DCs are prone to worrisome and time-consuming--and ultimately innocuous--error messages.
—
Mark Minasi
Time for a New Year’s Upgrade!
Mark's New Year’s resolution is to fend off an old adversary: disk space.
—
Mark Minasi
Top 10 Exchange Server 2007 Troubleshooting Tools
Hundreds of utilities are available to troubleshoot Exchange Server problems, including database, mail flow, and performance issues. Here are my top 10 utilities to identify and solve network problems.
—
Brien Posey
Top 12 Features of Exchange Server 2007 SP1
Take a tour through one Exchange administrator’s top 12 favorite features in Exchange Server 2007 SP1. In this unusually feature-rich service pack, the number one pick is the ability to install Exchange 2007 SP1 on Windows Server 2008.
—
Damir Dizdarevic
Tracking Messages in Exchange 2007
Use PowerShell commands to interrogate message tracking log data directly.
—
Tony Redmond
Troubleshooting Exchange ActiveSync
Solve mobile device synchronization problems in Exchange Server 2003 with these tips and a free Microsoft tool that you can use for problems related to Exchange ActiveSync (EAS), Always Up to Date (AUTD), and mobile messaging in general.
—
Brien Posey
Understanding IIS 7.0 Authentication
Microsoft IIS 7.0 provides more methods for limiting access to your web server, and its componentization feature lets you select only those authentication types you want to enable.
—
Jan De Clercq
Unify UPNs!
—
Mark Minasi
UNIX Migration Trends
A recent ChangeWave Research survey reports that more and more IT managers are migrating their systems from UNIX to Windows.
—
Mark Smith
UPHClean Provides Faster Logoffs For All
Microsoft has quietly released the User Profile Hive Cleanup service.
—
Mark Minasi
Use Group Policy to Distribute JRE With Its Automatic Update Feature Disabled
JRE's automatic update feature can cause a lot of headaches for network administrators. Instead of taking aspirin after the fact, administrators can be proactive and prevent problems by following five simple steps.
—
Bill Stewart
Use Scripts to Automate Windows Utilities
Use scripts to automate and improve your control over Windows utilities, such as NTBackup and Dfscmd.
—
Alistair G. Lowe-Norris
Using Exchange and Outlook's New Message-Classification Feature
In Microsoft Exchange Server 2007 and Microsoft Office Outlook 2007, you can classify email messages and use transport rules to ensure that sensitive communications reach only their intended recipients.
—
William Lefkovics
Using MRM to Manage Mailboxes
Use managed folders to help users in your Exchange organization clean up and organize their mailboxes and retain messages that should be saved to comply with legal and security regulations.
—
J. Peter Bruzzese
Using Saved Queries for Active Directory Management
Saved queries let you create, save, and organize queries that you'll use repeatedly for administering AD objects. Learn how to create basic queries with the wizardlike interface and custom queries using LDAP strings for more advanced searches.
—
Jim Turner
Using the Shell to Manage Exchange 2007
With many administrative tasks gone from the GUI, Exchange administrators will need to get familiar with doing things through Exchange Management Shell. Find out how to use scripts to manipulate mailbox statistics into useful output.
—
Tony Redmond
Using WMI to Monitor AD
Learn how to use WMI to monitor AD group modifications.
—
Alain Lissoir
Virtualization Delivers Exchange Disaster Recovery
Virtualization technology can play a key role in an Exchange disaster recovery plan, as an IT administrator discovered when he restored an Exchange cluster using VMware Server.
—
Eric B. Rux
Vista Migration: Things I Wish I’d Known
This candid account of a Windows Vista migration can help you figure out what to expect in your own environment and how to deal with—or avoid—common mistakes.
—
LJ Zacker
Vista RC1 Pleasantly Surprises
Mark has a change of heart regarding Vista, thanks to the latest build.
—
Mark Minasi
Vote with Computers? I’d Sooner Let Them Do My Driving
—
Mark Minasi
We’re Not High-Tech, We’re High-Connect
Mark wonders, “Why does everyone still think that computers are ‘high tech,’ particularly given how little really new stuff arrives?”
—
Mark Minasi
What Applications Are Installed on the Computers in Your Network?
If you often need to identify the software that's installed on the computers in your network, here's a PowerShell script you can use to easily audit one or more computers.
—
Bill Stewart
What's So Great About Longhorn?
In case you haven't been following the Longhorn buzz, here's what three of its most promising features will do.
—
Mark Minasi
What’s So Great About R2? FRS! Kind of ...
Mark rethinks his criticism of R2 and the value of FRS.
—
Mark Minasi
What’s So Hard About a Service Pack?
Mark laments Microsoft's refusal to release Win2K Service Pack 5 (SP5).
—
Mark Minasi
What’s Your Computer Name?
Create custom attributes in Active Directory to search for computer names, as well as the name of the user who last logged on, to improve security, inventory tracking, and Help desk support.
—
Aaron Goldrick
Where's the Response to "Get a Mac"?
Mark is starting to get fed up with those Mac vs. PC commercials. Why has Microsoft been so slow to respond?
—
Mark Minasi
Whip Script Data Into Shape
Two simple functions let WSH scripts export dictionary data to an XML file and read it back with no extra work.
—
Alex K. Angelopoulos
Who Is R2’s Audience?
—
Mark Minasi
Why Don't All Developers Sign Their Apps?
Mark Minasi muses on why so many software vendors don't use digital certificates on their applications.
—
Mark Minasi
Widescreen Wishes
Widescreen displays are full of potential. Here's an idea that would make them much more attractive to networkers. Are you listening, Microsoft?
—
Mark Minasi
Windows 2003 Gems
Should you bother upgrading to Windows Server 2003? Mark points to stub zones and conditional forwarding as two reasons why you should.
—
Mark Minasi
Windows Administrators’ Top Three Wishes
Microsoft addresses long-standing requests from Windows administrators with each release of its server product--but Mark Minasi claims the company still has work to do.
—
Mark Minasi
Windows PowerShell Transforms Exchange Server 2007 Management
PowerShell lets you customize your Exchange 2007 management environment—but first you need to learn to speak the language. A consistent, logical syntax and extensive, accessible Help let you ease gracefully into the scripting world.
—
Tony Redmond
Windows Rights Management Services
Microsoft's new Windows Rights Management Services (RMS) lets users lock down documents, email messages, and Web content like never before.
—
John Howie
Windows Server 2008, the Ultimate Desktop OS
John Savill shares a step-by-step process for making Windows Server 2008 a functional OS.
—
John Savill
[Reader to Reader]
Copy Group Memberships from One AD User to Another
CopyMembership.vbs is a real time-saver if you need to copy group memberships. Even if you don't, you'll likely find its dn function a handy piece of code for your scripting toolbox. This function converts usernames into distinguished names (DNs).
—
James Lim
[Editorial]
Software Assurance Isn't Reassuring
Although SA is marketed as a two-way street, its benefits are heavily weighted in Microsoft's favor.
—
Michael Otey
WinFS’s Intelligent File System Makes Sense
Mark looks at the change-the-world part of WinFS: non-file items.
—
Mark Minasi
[Feature]
10 Tips for a Painless Exchange 2000 Migration
Migrating from Exchange 5.5 to Exchange 2000 doesn’t have to be a painful process. Just follow these 10 tips.
—
Jim McBee
10 Tips for Taking Exchange on the Road
If you work remotely, you can configure server-based folders for offline use, and then either work remotely or synchronize your offline folders with the folders on the server. Here's how to work offline most effectively.
—
Tony Redmond
5 Things They Never Told You About the ADC
Learn how to work around the Active Directory Connector's quirks as you use the ADC to synchronize the Exchange Server 5.5 Directory with Active Directory.
—
Kieran McCorry
5 Things You Should Know About Exchange 2007
These five points will help you design and deploy your Exchange 2007 architecture.
—
Paul Robichaux
6 Common Backup and Restore Mistakes
Avoid these common errors to keep on top of your Exchange backup and restore operations.
—
Paul Robichaux
6 Reasons to Try Exchange 2000 Now
Exchange 2000 Server is different from its predecessors. Here's why you need to start working with it right away.
—
Tony Redmond
6 Steps to Prepare Win2K for Exchange 2000
Exchange 2000 is closely integrated with Windows 2000. What do you need to do to make the integration proceed smoothly?
—
Dung Hoang Khac
7 Daily Checks to Keep Exchange 2000 Running Smoothly
Monitor your Exchange 2000 system daily so that your workdays don’t deteriorate into an endless cycle of reacting to problems.
—
Joseph Neubauer
7 Things You Need to Know About SharePoint Services
Are you the go-to person for all things SharePoint? If so, you would do well to heed these seven essential nuggets of SharePoint wisdom.
—
Randy Franklin Smith
8 Tips for the Solo Exchange Administrator
Are you the sole Exchange administrator in your company? These eight tips will help you cut to the heart of the matter and maintain an effective system.
—
Paul Robichaux
8 Ways to Improve Your Exchange Cluster, Part 1
This is the first of two articles that describe the steps to a better Exchange cluster.
—
Daragh Morrissey
8 Ways to Improve Your Exchange Cluster, Part 2
In the second of two articles, learn four more areas--configuration, security, failovers, and service packs--that can influence the effectiveness of your Exchange cluster.
—
Daragh Morrissey
A Closer Look at Exchange Best Practices Analyzer
Exchange Best Practices Analyzer (ExBPA) performs its seemingly magical analysis of an Exchange organization by using a detailed, Microsoft-supplied configuration file. Learn more about this file and the latest version of ExBPA.
—
Kieran McCorry
A Novel Approach to Synchronizing Exchange Organizations
When you need only to establish mail flow and exchange address lists between Exchange Server 5.5 servers with different organization names, you can leverage Exchange Server's functionality to act like a Microsoft Mail post office.
—
Frank Plawetzki
A Public Folder Checklist
Streamline your public folder deployment with these tips for setting up the hierarchy, granting top-level permissions, assigning user permissions, and sharing folder content.
—
Drew McDermott
A Tricky Migration to Exchange Server
Migrating users from a foreign email system to Exchange requires keeping track of user information and understanding the relationship between domain SIDs, machine accounts and names, and the information in the Exchange Directory Store.
—
Drew McDermott
A Viral Survival Checklist
Email computer viruses are proliferating. Here are 13 actions you can take to protect your organization.
—
Evan Morris
Accountable Email
Add accountability and tracking to your company's email system.
—
Joseph Neubauer
Active Directory Connector Redux
Take a close look at a few ill-documented or barely publicized aspects of the ADC that nevertheless have significant importance for Exchange administrators.
—
Kieran McCorry
ADC Filtering and Object-Matching
Learn two techniques for selective directory synchronization with the ADC.
—
Kieran McCorry
Address Rewriting in Exchange Server 2003
New address-rewriting functionality in Exchange 2003 lets you easily map your users' addresses to other addresses.
—
Donald Livengood
Administering Exchange Server in a Cross-Platform Environment
Learn basic strategies for administering cross-platform mail systems with as little trouble as possible.
—
Brien Posey
An Exchange 2000 Disaster Recovery
Learn from the author's experience as he troubleshoots a corrupt mailbox store caused by a hardware failure, then restores the database.
—
Daragh Morrissey
An Exchange 2003 Journaling Primer
If storing all your users email indefinitely is the bane of your existence, especially in these days of heavy regulatory compliance, read this article to find out more about Exchange 2003 message journaling.
—
Kieran McCorry
Are You Listening, Lotus?
Tony Redmond believes that Lotus has misinterpreted some of his comments about Exchange. Tony sets the facts straight.
—
Tony Redmond
Automatically Create User Accounts and Mailboxes in Exchange 5.5
You can use ADSI, WSH, and the AcctMgmt class to automate the process of creating Exchange 5.5 mailboxes and user accounts in either an AD or NT domain.
—
Ethan Wilansky
Automatically Delete User Accounts and Mailboxes in Exchange 5.5
Use ADSI and VBScript to automate the process of deleting Exchange 5.5 mailboxes and user accounts in either an AD or NT domain.
—
Ethan Wilansky
Automatically Generate Mail Profiles
As Benjamin Franklin said, "Time is money." Here's a solution that saves money by automating the time-intensive task of configuring Outlook 2003 mail profiles to reference users' mailboxes.
—
Joseph Neubauer
Background Maintenance for Exchange Servers
Exchange Server performs multiple maintenance tasks, typically at night, to keep the mail server performing well with limited downtime.
—
Tony Redmond
Backing Up an Exchange Server
Learn how a backup works, review several backup methods, and think about a strategy, and look at some helpful Exchange utilities.
—
Mark Ott
Beef Up Security for Your Mobile-Device Fleet
Now you can lock down your fleet of mobile computing devices and perform remote wipes. Get the lowdown on installing Exchange Server 2003 SP2 and configuring MSFP for Windows Mobile 5.0, and ensure better security for your mobile devices.
—
Randy Franklin Smith
Better OWA Attachment Security
OWA is a handy tool for remote users, but its attachment handling leaves networks vulnerable to malicious code and intruders. Here are some tips to reduce the risks.
—
Paul Robichaux
BlackBerry 4.0 Tips and Tricks
Dig into some tips and tricks that you can use to get a handle on your BlackBerry-related tasks.
—
Joseph Neubauer
BlackBerry Enterprise Server 4.0
Should you upgrade to the new version of BES? The short answer is yes.
—
Joseph Neubauer
BlackBerry Enterprise Server Day to Day
If you have users who rely on BlackBerry devices, you should understand how these handheld devices work and how to monitor them and troubleshoot their problems.
—
Joseph Neubauer
BlackBerry Enterprise Server's New Features, Part 1
New features in BES 3.6 and BES 3.5, including policies that let you secure BlackBerry devices, make upgrading to these software versions worthwhile.
—
Joseph Neubauer
BlackBerry Enterprise Server's New Features, Part 2
BES 3.6 and BES 3.5 offer enhancements that your BlackBerry users have probably been asking for: the ability to read attachments, look up names in the GAL, synchronize more easily, surf the Web, and access corporate data.
—
Joseph Neubauer
Blocking Client Access to Exchange Servers
Discover how you can prevent your users from accessing an Exchange server while the system is running.
—
Tony Redmond
Build an Email-Discovery Plan
More than likely, your company will have to produce saved email messages in a court case or compliance investigation. Use these ideas to develop your own email-discovery plan and learn about tools that can facilitate e-discovery for Exchange admins.
—
David Sengupta
Build an Exchange 2003 Cluster: Install Exchange on the Cluster
Have you wanted to run Exchange on a cluster but haven't had the nerve to try? Here's help: Use these easy-to-understand instructions as your guide in installing Exchange Server 2003 on a Windows Server 2003 cluster.
—
Daragh Morrissey
Build an Offline Exchange 2000 Server in 9 Steps
An offline copy of your production Exchange server can be invaluable. Find out how you can use it and how to build one.
—
Joseph Neubauer
Build Quality into an Exchange 2000 Environment
By using provisioning tools and services, you can repeatedly produce the same result—properly built and configured servers and applications—throughout an Exchange 2000 environment.
—
Evan Morris
Bulk Object-Manipulation in Exchange 2000
With Exchange 2000’s switch from the DS to AD, you need a new method for manipulating user objects in bulk. A few Win2K tools provide the answer.
—
Barb McDonald
Calendaring: Understanding the Client Side
Do you wonder why you can't always share calendar information within your group? Find out how Outlook handles appointments and what you can do to improve calendaring performance.
—
Siegfried Jagott
Canning Spam
You need to know how the new federal antispam law affects your messaging operations. To help you stay on the right side of the feds, we present the law's finer points and explain some provisions that your users should understand.
—
Paul Robichaux
Cleaning Up Public Folders
Microsoft plans to replace public folders with another repository in a future release of Exchange. Using PFDAVAdmin now will help you prepare for the transition.
—
Tony Redmond
Closing Out Exchange Mailboxes
These nine configurations and options can help you deal effectively with former employees' mailboxes.
—
Joseph Neubauer
Command-Line Mailbox Creation
Learn how you can use a script to create mailboxes in Exchange Server 5.5.
—
Paul Niser
Comparing Windows Mobile 2003's IMAP with ActiveSync
With Windows Mobile 2003, you can use IMAP or ActiveSync to access Exchange over a wireless connection. Here are some factors to consider when you’re deciding which protocol to use.
—
Joseph Neubauer
Configuring Outlook Express
Outlook Express's support of POP3 and IMAP4 gives the email client some advantages over other Exchange 2000 Server email clients. This article describes how to configure Outlook Express to work with these protocols.
—
Ronald Stewart
Connect Exchange Servers Over a VPN
A virtual private network provides a secure, inexpensive way to connect LANs via the Internet.
—
Frank Plawetzki
Connecting Mobile Users to Exchange
You can broadly classify the wireless devices that offer email access by the type of interface they provide. Here’s a look at those classifications.
—
John Rhoton
Control Client Network Traffic
To control client-generated messaging traffic, you need to estimate your bandwidth needs, connect clients efficiently, and modify some bad user habits.
—
Tony Redmond
Control Mailbox Size with Mailbox Manager
Exchange Server 5.5 SP3 includes a new mail-management utility. Find out how you can use Mailbox Manager to control ever-growing mailboxes.
—
Tony Redmond
Coping with Unsolicited Email
Learn how you can ensure that outsiders don't mistake your Exchange installation for a UCE mailer and how you can configure Exchange to follow current Internet standards for preventing UCE.
—
Mark Howard
Create a URL for Outlook Web Access
Simplify your users access to email through a Web browser by creating a simple URL they can use to get to OWA.
—
Barb McDonald
Creating a Group Policy for Outlook 2002
Learn how to use Group Policy to disable menu and toolbar commands.
—
Sue Mosher
Creating Exchange 2000 Mailboxes
The interaction between AD and Exchange and the need to populate multiple attributes have made mailbox creation more complex in Exchange 2000 than it is in Exchange 5.5. Learn the process so that you can find, then resolve problems.
—
Tony Redmond
Customize Exchange Details Templates
Use Exchange Server details templates to display information about recipients that is typically available only at the server.
—
Mark Ott
Customize Your Exchange Display Templates
Customizing Exchange templates makes them even more valuable for displaying directory information such as attributes about users, contacts, distribution groups, and public folder objects.
—
Tony Redmond
Customizing OWA 2000
Here's how to take advantage of Outlook Web Access's URL addressability to customize the user's OWA experience and reuse OWA components in your applications.
—
Kevin Laahs
Customizing OWA 2000 Access
Segmentation is a handy tool for administrators who want to prevent users from accessing certain OWA 2000 features but don’t want to spend a lot of time learning how the WSS forms engine works.
—
Paul Robichaux
Customizing Your Exchange 2000 Server Installation
Although Exchange 2000 doesn’t include Performance Optimizer, you can use ADSI Edit and modify the registry to move Exchange components where you want them.
—
Daragh Morrissey
Dealing with Databases
Do you dread having to manage your Exchange databases? Follow these recommendations and leave the worry behind.
—
Kieran McCorry
Deleting User Accounts and Exchange 2000 Mailboxes
This useful script performs email-enabled user-account deletion tasks.
—
Ethan Wilansky
Demystifying Exchange 2003 Custom Recipients, DLs, and Profiles
Learn how to deal with Microsoft Office Outlook 2003 Messaging API (MAPI) profiles and how Exchange 2003 handles custom recipients and DLs during cross-administrative group mailbox moves.
—
Kieran McCorry
Demystifying Exchange 2003 Mailbox Moves
The Exchange 2003 SP1 Move Mailbox Wizard takes the pain out of cross-administrative group mailbox migrations.
—
Kieran McCorry
Deploying Exchange Intelligent Message Filter
IMF on an Internet-facing bridgehead server is a valuable adjunct to other spam-reduction measures.
—
Paul Robichaux
Develop an Exchange Compliance Strategy
Exchange provides key compliance features such as journaling and messaging security—but you'll likely have to add capabilities such as archiving and PST management via third-party products.
—
Devin L. Ganger
Diagnosing Exchange Server 2003 Problems
Discover the tools and techniques that will help you troubleshoot Exchange stability and performance problems.
—
Daragh Morrissey
Distribution Lists in Exchange 2000
As a subset of the Exchange directory, Exchange 2000 DLs are also part of AD. Here’s what this change means for your migration to Exchange 2000.
—
Jason Seim
Do-It-Yourself Test RBLs
Create an inhouse RBL to test Exchange 2003's block list–integration feature.
—
Donald Livengood
Documenting Your Exchange Server 5.5 Systems
Proper documentation is invaluable during disaster recovery.
—
Drew Nicholson
Does Single-Instance Storage Matter Anymore?
Single-instance storage was an important feature in early versions of Exchange. Have new systems and Exchange 2000 changed its value?
—
Tony Redmond
Eliminate Unnecessary System Messages
When your network connection is slow or unreliable, system messages can impede message delivery. You can reduce the volume of system messages without affecting the messaging function.
—
Richard Riley
Emulating UNIX Aliases' Functionality in Exchange
If an Exchange server is your primary Internet mail hub in your organization, use this technique to relay mail for non-Exchange users to the appropriate mail server.
—
John Frandsen
Enabling Message Journaling on Exchange Server
If government or corporate policies require you to save all messages, message journaling is the tool you need. Find out how message journaling works, how to plan for and configure it, and what it can't do.
—
Mark Ott
, et al.
Entourage 2004 for Mac
Entourage 2004 for Mac is well integrated with the rest of the Office 2004 suite, is stable, and provides Mac users the most-often-requested Exchange features.
—
Paul Robichaux
Exchange Server 2003 OWA Overview
Take a look at the new OWA functionality that Exchange 2003 brings to the mobile user.
—
Kevin Laahs
Exchange 2000 and Exchange Server 5.5 Public-Folder Interoperability
Mixed environments present special challenges for public folders. Learn how to smooth your transition.
—
Kieran McCorry
Exchange 2000 Backup and Restore
Exchange 2000 has enhanced backup and restore functionality. Get to the know the basics.
—
Tony Redmond
Exchange 2000 for Developers and Users
The Web Store, server-based events, CDO 3.0, and item- and column-level security in Exchange 2000 will help developers and users do their job better. But what's missing?
—
Sue Mosher
Exchange 2000 Hosting: The ASP Model, Part 1
Use the same infrastructure ASPs use to host Exchange for multiple customers, and learn how to set up customized user logon names in AD.
—
Evan Morris
Exchange 2000 Hosting: The ASP Model, Part 2
Configure different address lists and addresses with different suffixes for different groups in the same AD forest.
—
Evan Morris
Exchange 2000 Instant Messaging
Tony Redmond answers some Exchange Instant Messaging FAQ to smooth your way in adopting this new subsystem.
—
Tony Redmond
Exchange 2000 Interforest Synchronization
In this age of company mergers, how do you synchronize two or more Exchange 2000 servers? Microsoft Metadirectory Services might be the tool you need.
—
Greg Dodge
Exchange 2000 SMTP Logging and Archiving
Exchange 2000's SMTP logging and archival tools help you diagnose communication problems with other systems.
—
Joseph Neubauer
Exchange 2000 SP2 CDOEXM Updates
Learn about a small but extremely useful CDOEXM enhancement in Exchange 2000 SP2 that will help you manage mailbox security.
—
Alain Lissoir
Exchange 2000 SP2 WMI Updates
Microsoft has added two new WMI providers to manage the Message Tracking Logs and the DSAccess components. Here's how to use these providers in WSH 5.6.
—
Alain Lissoir
Exchange 2000's Mailbox Manager
The popular Mailbox Manager utility is back in SP1. Find out how it works and how to use it to clean up your users' mailboxes.
—
Henrik Damslund
Exchange 2003 Advanced Journaling
Exchange 2003's envelope journaling is a sophisticated journaling method for organizations that are serious about journaling. Learn how to enable it and how to make it work in a multiserver environment.
—
Kieran McCorry
Exchange 2003 and the Windows Storage Server Feature Pack
Learn about Windows Storage Server, how it works with Exchange 2003, and when using it as an Exchange storage mechanism does (and doesn't) make sense.
—
Paul Robichaux
Exchange 2003 ArchiveSink
You can use the free ArchiveSink tool to get some granular control over message archiving.
—
Kieran McCorry
Exchange 2003 Clusters: Rolling Upgrades
Take a look at some of the changes in implementing rolling upgrades to an Exchange 2003 cluster
—
Daragh Morrissey
Exchange 2003 Deployment Fundamentals
Exchange 2003 deployment doesn't differ much from Exchange 2000 deployment, but little changes add up to big improvements.
—
Kieran McCorry
Exchange 2003 SP1 RPC over HTTP
Exchange 2003 SP1's new managed RPC over HTTP topology provides enhances deployment and administration of RPC over HTTP access.
—
Kieran McCorry
Exchange 2003 SP2 On the Road
Check out the new Exchange 2003 SP2 mobility features and think about how you can best use them in your environment.
—
Paul Robichaux
Exchange 2003 SP2: Migrate or Wait?
Deciding whether to move to Exchange Server 2003 SP2? Paul Robichaux, helps you examine your options.
—
Paul Robichaux
Exchange 2003’s Recovery Storage Group
Here's a strategy for using the RSG, a specially tailored version of a regular storage group to which you can restore a backup copy of a mailbox store.
—
Tony Redmond
Exchange Disaster Recovery Tips
Incorporate these ideas in your Exchange-specific disaster recovery plan.
—
Menko den Ouden
Exchange Ideas
Get tips, news, and community resources for messaging admins.
—
Lisa Pere
Exchange Ideas
Get tips, news, and community resources for messaging admins.
—
Lisa Pere
Exchange Ideas
Get tips, news, and community resources for messaging admins
—
Lisa Pere
Exchange Ideas
Get tips, news, and community resources for messaging admins
—
Sue Mosher
, et al.
Exchange Ideas
Get tips, news, and community resources for messaging admins.
—
Brien Posey
Exchange Ideas
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Ideas
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Ideas, December 2006
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Ideas, January 2007
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Ideas, July 2006
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Ideas, May 2006
Get tips, news, and community resources for messaging admins
—
Anne Grubb
Exchange Ideas, November 2006
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Ideas, October 2006
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Ideas, September 2006
A compilation of tips, news, and community resources for messaging administrators.
—
Various Authors
Exchange Relay Review
Learn how to ensure that every Exchange server capable of hosting SMTP connections can't be overtaken by others who want to use the server to relay malicious email.
—
Joseph Neubauer
Exchange Relay Testing
In his follow-up to December's "Exchange Relay Review," Joe shows you how to make sure your relay configuration is working the way you want.
—
Joseph Neubauer
Exchange Server 2003 OWA End-User Features
The latest version of OWA offers new end user functionality that makes the email client look and function much like Outlook.
—
Kevin Laahs
Exchange Server 5.5 Interorganizational Solutions
Find out about two tools that can help you merge two or more Exchange organizations: The InterOrg Synchronization Tool and the Active Directory Connector.
—
Greg Dodge
Exchange Server 5.5 SP3 Hits the Streets
Unlike most service packs, SP3 introduces new features: Mailbox Manager, an antivirus hook, and an MTA mixer.
—
Tony Redmond
Exchange Server and Virus Checkers
Pick up some tips for choosing and using a virus checker.
—
Tony Redmond
Exchange Server's Perplexing Permissions
Exchange permissions aren't intuitive and are often inconsistent with Windows NT permissions. Find out about Exchange role and rights and how permissions flow.
—
Mark Ott
Exchange Survey
Tell us about the kind of content you'd like to see in Exchange & Outlook Administrator.
—
Lisa Pere
Exchange, Outlook & SharePoint FAQs
A compilation of FAQs about Exchange 2007 and Exchange 2003, Outlook 2007 and Outlook 2003, and Microsoft SharePoint technologies.
—
Various Authors
Filling Administrative Gaps with ADSI and LDAP
The Lightweight Directory Access Protocol fills the administrative void in Exchange 2000 Server and simplifies Exchange Server 5.5's tedious tasks. Find out how LDAP works and how you can make it work for you.
—
Joseph Neubauer
Filtering Messages in Exchange 2003
Exchange 2003's recipient filtering, sender filtering, restricted groups, and restricted recipients features help you protect your messaging environment against unwanted email.
—
Donald Livengood
Fine-Tune Active Directory Connector Synchronization
The author explains how to fine-tune the ADC to improve synchronization in your environment.
—
Kieran McCorry
Fine-Tune Exchange Connections
In Exchange Server 5.5, Microsoft introduced address-space restrictions to give systems administrators more control over users' access to connectors. You can use this restrictions to configures your organization the way you want it.
—
Steve Schwartz
Forms-Based Authentication in OWA 2003
Learn how to enable forms-based authentication to help secure your OWA implementation.
—
Kevin Laahs
Fortify Your Email Transport, Part 1
You can use several of Exchange 2000’s configuration and routing options to provide high availability for your Internet email transport systems.
—
Joseph Neubauer
Fortify Your Email Transport, Part 2
Configure your Exchange 2000 systems to prevent and fight use as open relays, mail loops, and DoS attacks.
—
Joseph Neubauer
Get a Load of Log Parser
Dreaming of a way to round up Exchange data from a variety of sources? Log Parser is your dream come true.
—
Tony Redmond
Get Inside Active Directory Connector Synchronization
Learn about the ADC's hidden mechanisms so that you'll be better able to properly implement an ADC-based synchronization environment.
—
Kieran McCorry
Get the Most from Exchange Antispam Tools
Exchange has a surprisingly good set of built-in spam reduction tools that can contribute to the solid protection your messaging system needs. Learn how connection, content, and sender and recipient filtering work and the configuration options you have.
—
Paul Robichaux
Getting Started with ExMon
Monitor the performance of individual Outlook client connections with the Exchange server in near real time and possibly identify heavy resource usage.
—
Kieran McCorry
Good Migrations
Check out these techniques for assessing permissions and building a good migration schedule, including using a VBScript that groups mailboxes by permissions relationships.
—
Joseph Neubauer
Guidelines for Deploying Independent Autonomous Sites
Implementing a large Exchange Server Organization in independent autonomous (or franchised) sites can be difficult. Guidelines can help companies set up naming conventions, connectors, directory replication, public folders, and address book views.
—
Steve Schwartz
Head Off Public Folder Replication Storms
Exchange 2003 SP2 offers a useful feature for stopping public folder replication storms.
—
Tony Redmond
Hello Exchange & Outlook Pro VIP!
The new Exchange & Outlook Pro VIP will deliver the same great Exchange and Outlook content that you've come to expect in
Exchange & Outlook Administrator in a more timely online format.
—
Anne Grubb
Hosting Email Services
You can use Exchange 2000 and OWA to provide small-scale hosted email services to partners, customers, or associates.
—
Paul Robichaux
Hosting Email Services, Part 2
This second part of a two-part article about hosting email services describes creating a recipient policy and building and securing an address list for each hosted organization.
—
Paul Robichaux
How ACLs Magically Affect Your GAL
Denying a user access to an object means that the user can't access the object from any application, right? Not necessarily! Learn why ACLs can have different effects on searching and browsing from Outlook, OWA, OMA, and Outlook Express.
—
Kevin Laahs
How Message Tracking Works
Find out how to enable message tracking in Exchange and how to use log files to see where a message went.
—
Tony Redmond
How to Customize DS-to-AD Attribute Synchronization
As you synchronize objects from the Exchange Directory to Active Directory, find out how you can modify attribute defaults to address your circumstances.
—
Kieran McCorry
How to Remove the Last Exchange 5.5 Server
Careful planning and a systematic approach are essential when you delete the last Exchange 5.5 server from an Exchange 2000 administrative group. Here’s what to do.
—
Daragh Morrissey
How to Use WinRoute and MailQ
These two tools can help you monitor the health and performance of your Exchange 2000 routing service.
—
Donald Livengood
Implementing a Group Mailbox or Public Folder
You, too, can have a group mailbox--or maybe a public folder--for your customer support department. Here's how you set them up.
—
Sue Mosher
Implementing IPSec for Front-End/Back-End Communication
Front-end/back-end server configurations can improve Exchange 2000’s performance and scalability, but you need to secure communication between those servers. Here’s what you need to do.
—
Martin Tuip
Improve Your Custom Outlook Forms
Mismatches between a form’s item and folder fields can cause problems, including inoperative code. Follow these best practices for creating custom fields in Outlook.
—
Sue Mosher
In the Know: Message Tracking
Why enable this feature on your Exchange servers?
—
Tony Redmond
In the Know: Exchange 2003 SP2 Database Increases
Exchange 2003 SP2 increases the database size limit to 75GB. What do you need to know about these changes?
—
Tony Redmond
In the Know: Exchange Connections
Catch up on the news from the most recent conference and get ready for 2006.
—
Lisa Pere
Increasing Outlook User Acceptance
These 10 simple configuration changes to Outlook settings can dramatically improve user acceptance.
—
Joseph Neubauer
Information Store—More Pfadmin Commands
Pfadmin is a handy tool that can help you manage your Exchange Server 5.5. public folders. The second part of this two-part series describes the tool's Rehome, Setreplicas, Listacl, Listreplicas, and Messageclasses commands.
—
Drew Nicholson
Inside MAPI Profiles
Understanding the MAPI profile structure can help in troubleshooting situations and can lead to innovative solutions to migration problems that might at first seem difficult to solve.
—
Kevin Laahs
Integrate SharePoint into Your Exchange Environment
Integrating Exchange and SharePoint features can help your Exchange users become more comfortable working with SharePoint.
—
Matt Ranlett
, et al.
Intelligent Email Routing
Learn how to route incoming email to free up network resources and improve delivery.
—
Kieran McCorry
Intrasite and Intersite Directory Replication
Exchange maintains the directory by copying changes from one server to others. Review how the directory works and how to configure Exchange components across your enterprise for optimal performance.
—
Mark Ott
Introducing CDO for Exchange Management Objects
Learn how this new server-side tool can help you simplify many Exchange 2000 Server management task.
—
Kevin Laahs
Is Your Exchange Server Relay-Secure?
If you want to prevent a malicious user from using your Exchange server for relaying messages, the obvious approach might not be the best one. Find out what you need to do.
—
Joseph Neubauer
Is Your IT Infrastructure Compliance-Ready?
Learn about the most significant sets of regulations that are likely to affect your company and see which core business processes
those regulations touch on.
—
Elliot King
IT Books: Caveats and Kudos
IT books assemble information to make sense of complex subjects, but find out what you need to look for and obtain Tony Redmond's latest recommendations.
—
Tony Redmond
Keep Tabs on Exchange Server
You can use Performance Monitor to obtain realtime feedback on Exchange Server's performance and set alerts to head off disastrous events.
Large Mailboxes Are Here to Stay
Exchange 2007 provides more storage capacity for larger mailboxes. But are supersized mailboxes the answer? Here are some compelling arguments for maintaining mailboxes at a reasonable size.
—
Tony Redmond
Lessons from the Melissa Virus
Melissa warned the email world to be vigilant about incoming messages. Here's what to look for and what to do.
—
Tony Redmond
Life with Exchange Server Clusters
Review the pros and cons of clustering now and in the future.
—
Tony Redmond
Making Exchange ActiveSync Work
EAS provides wireless access to calendar, contact, and message data without requiring the addition of any server-side software—all you need is Exchange 2003 and a compatible device.
—
Paul Robichaux
Making Sense of SharePoint Search
Learning about Windows SharePoint Services and SharePoint Portal Server search architectures will help you determine which product is right for your users' collaboration needs.
—
Kevin Laahs
Making the Move to a New BES
Considering a move to BlackBerry Enterprise Server 4.0? Read this first.
—
Joseph Neubauer
Manage Saved Messages with the Exchange Archive Agent
If you must journal all your email messages, you need a method for storing and retrieving the messages. The Microsoft Exchange Archiving Agent is a tool for low-budget, high-volumn message archiving.
—
Mark Ott
, et al.
Managing Exchange 2003 with WMI, Part 1
Exchange 2003 offers several new WMI providers. This first installment of a three-part series looks at how to use the providers to manage Exchange servers, logons, and mailboxes.
—
Alain Lissoir
Managing Exchange 2003 with WMI, Part 2
This second installment of a three-part series looks at how to use Exchange 2003’s new WMI providers and their classes to manage Exchange public folders.
—
Alain Lissoir
Managing Exchange 2003 with WMI, Part 3
This final installment of a three-part series looks at how to use Exchange 2003’s new WMI providers and their classes to manage Exchange queues and links.
—
Alain Lissoir
Managing Mailbox Quotas
Read how to calculate the size of the private Information Store, allocate and dminister quotas, control message storage, analyze storage patterns, and help users stay within their quota.
—
Tony Redmond
Managing User Accounts, Part 1
Learn how to use DHTML and ADSI to create a powerful, lightweight tool for updating AD user accounts.
—
Ethan Wilansky
Managing User Accounts, Part 2
In the conclusion of this series about 3U-a powerful, lightweight tool for updating AD user accounts—learn about the tool's scripting details.
—
Ethan Wilansky
Managing Your Email Content, Part 1
Content management goes beyond filtering for malicious code. It lets you control the flow of email content coming into or circulating withing your organization. Here's how you can protect your organization.
—
Evan Morris
Managing Your Email Content, Part 2
Find out how to use Exchange 2000 and Microsoft's Virus Scanning API and Internet Security and Acceleration Server to protect your organization.
—
Evan Morris
MAPI Client Directory Access in Exchange 2000
Find out how MAPI clients use Active Directory in Exchange 2000 and what it means for placing Global Catalog Servers.
—
Kieran McCorry
Migrating from Exchange 5.5 to Exchange 2003
Here's a look at the basic approaches you can take to move from Exchange 5.5 to Exchange 2003. They're not all that different from those of an Exchange 2000 migration.
—
Kieran McCorry
Migrating GroupWise Mail and Calendars
The Exchange Server Migration Wizard is a free tool that can help to ease your migration from GroupWise.
—
Mark England
Migrating Microsoft Mail Gateways to Exchange Server
This article describes how to replace a third-party SMTP gateway with the Exchange Server Internet Mail Service and how to reconfigure MS Mail post offices to use Exchange services.
—
Robert O'Connell
Migrating Microsoft Mail Users and Groups to Exchange
Follow the author step by step through migrating users and shared folders from MS Mail to Exchange.
—
Steve Jones
Migrating Public Folders from Exchange to SharePoint
—
Jeffrey Rosen
Migrating Special Mailboxes to Exchange 2000
Understanding how Exchange 5.5 mailboxes use NT 4.0 accounts and cleaning up your Exchange 5.5 DS is crucial to a successful migration to Win2K and Exchange 2000.
—
Kieran McCorry
Migrating to Exchange 2003
Migrating from Exchange 2000 to Exchange 2003 is a straightforward process if you use these upgrade approaches.
—
Kieran McCorry
Mining the Depths of Exchange Tracking Logs
Exchange tracking logs are a gold mine of performance and usage data. And you can use scripting to easily turn raw data into usable statistics.
—
Joseph Neubauer
Monitoring Exchange 2000
Learn how to use built-in monitoring tools to perform basic monitoring in your Exchange environment.
—
Daragh Morrissey
More BlackBerry 4.0 Tips and Tricks
Here are further tips and tricks that your BlackBerry guru can use.
—
Joseph Neubauer
More Exchange Design Considerations
This article rounds out the top 10 steps in building a solid Exchange organization.
—
Mark England
Move Server Wizard War Stories
Microsoft's utility for moving servers has some shortcomings. Two cumbersome inadequacies are the wizard's inability to work with clusters and its clunky way of dealing with custom recipients.
—
Tony Redmond
Moving Made Simple
Put the Exchange 2003 Move Mailbox wizard and a few mailbox-transfer tips to work, and you'll enjoy a smooth move.
—
Tony Redmond
Moving to 64-Bit Exchange
Learn how Microsoft's decision to develop Exchange 12 for 64-bit systems poses challenges for administrators.
—
Tony Redmond
Moving Users to Exchange 2000, Part 1
You’ve completed the preparations, and now you’re ready to move mailboxes from Exchange 5.5 to Exchange 2000. Here’s what you do.
—
Kieran McCorry
Moving Users to Exchange 2000, Part 2
Make your life easier by scripting intraorganizational migrations and using the Exchange Server Migration Wizard for interorganizational migrations
—
Kieran McCorry
Network News Transfer Protocol
Learn how to configure NNTP to bring newsgroups to your users.
—
Joseph Neubauer
Not Ready for an Antispam Solution?
If your organization is reluctant to implement an antispam solution, be prepared to present the facts about spam and antispam solutions to the decision makers.
—
Joseph Neubauer
Office 2003 and SharePoint: Better Together
By integrating Office 2003 and the SharePoint platform, you can make collaboration a far more productive and enjoyable experience for users.
—
Kevin Laahs
Outlook 10 and Office Designer
Read about the great new features--especially the Local Web Storage System and Office Designer--that Microsoft had slated for its next version of Outlook. Unfortunately, the company decided the features aren't ready for prime time.
—
Sue Mosher
Outlook 2000 Custom Installation Wizard
You can use the tools in the Microsoft Office 2000 Resource Kit to create an installation package for Outlook 2000. Follow these steps to learn how to do it.
—
Marie Davis
Outlook 2001 for Macintosh
At last, Microsoft offers an Outlook version that's a true Macintosh application as well as fully compatible with Outlook for Windows.
—
Paul Robichaux
Outlook Messaging Profiles with Mandatory Profiles on WinDD
Find out how to control the look and feel of the desktop to reduce performance overhead in a thin-client environment.
—
Martin McClean
, et al.
Outlook Support for cc:Mail
Transcend's Microsoft Outlook support for Lotus cc:Mail service (or ConnectorWare) can help ease users' transition to Outlook. Find out how to install the service and what it can--and can't--do.
—
Olivier D'Hose
OWA 2000 Features and Limitations
Take a look at what Outlook 2000 can do--and what it can't do.
—
Jim McBee
OWA 2000 Security and Scalability
OWA 2000 offers better scalability than its predecessor, but security problems still exist if you configure it improperly. Here’s how to implement an OWA 2000 system that’s not only scalable but also secure.
—
Jim McBee
OWA in Exchange 2000
Outlook Web Access 2000 offers improved performance and a better user experience. See what you can do with it.
—
Jim McBee
OWA Spell Checking
Outlook Web Access doesn't yet include built-in spell-checking functionality, but third-party options are available. Find out how such products work with Exchange 2000 OWA.
—
Kieran McCorry
PAE and Exchange 2003
Exchange administrators have always had to find ways to use Exchange’s limited physical memory efficiently. Learn about recent advances in hardware and the Windows OS that help you make the most of the memory you have.
—
Tony Redmond
Partial Exchange 2000 Migration
Here's how to upgrade your Exchange 5.5 sites to Exchange 2000 in isolation from the rest of your environment.
—
Kieran McCorry
Personal Distribution List Considerations
Administrators don't hear about users' personal distribution lists until problems occur. Here are some situations to watch for.
—
Tony Redmond
Plan a Smooth Migration
Before you move any mailboxes, here's how to check for associations between them so that you can keep these mailboxes on the same server throughout migration and not inadvertently split them up.
—
Joseph Neubauer
Plan Your Exchange Server Deployment
Walk through the steps of creating and fine-tuning your Exchange organization simulation by using Microsoft System Center Capacity Planner 2006.
—
Brien Posey
Planning an Exchange 2000 Migration Strategy
When you move to Exchange 2000, don't take the flaws of your current infrastructure with you. Here's what you need to clean up.
—
Tony Redmond
Planning for and Configuring the Active Directory Connector
The Active Directory Connector (ADC) is an essential tool for migrating Exchange directory information to the Windows 2000 Active Directory. Find out how to plan for the ADC and put it to use in your installation.
—
Bill English
Prevent MAPI Clients from Hanging
The explanation of why MAPI clients apparently hang over slow links illustrates that you need to watch all your resources, not just Exchange.
—
Tony Redmond
Preventing Directory Harvest Attacks
Learn how directory harvest attacks consume your system resources and find out the techniques you can use to foil the spammers.
—
Brien Posey
Pursuing Pesky Mail Messages
Meet the resources you need for troubleshooting message queues and tracking messages: message queue management, Performance Monitor workspaces, and a message tracking search engine.
—
Mark Ott
Recovering Exchange 2000
Planning for Exchange 2000 Server recovery? Be sure you understand some of the basics of AD recovery as well.
—
Evan Morris
Reduce Exchange Server's Bandwidth
You can improve performance by limiting message size from the client and the server, by optimizing network traffic, and carefully managing distribution lists.
—
Mark Ott
Regulatory Compliance
Companies large and small are seeking ways to make their messaging systems comply with recent legislation. Kieran reviews the primary messaging-related provisions and translates them into practical advice.
—
Kieran McCorry
Removing Orphaned Objects from the Exchange Directory
Why do objects you think you've deleted from a site remain in the directory of remote sites? Find out about orphaned objects and what you can do about them.
—
Matt Inman
Restoring a Broken Exchange Cluster
When your Exchange Server/Microsoft Cluster Server configuration is irretrievably broken, here are two procedures you can use to restore the cluster.
—
Fabio Longo
Restoring a Deleted Exchange Object
Learn how to manually restore single items (e.g., mailboxes, public folders, messages) and entire Exchange servers that you've permanently deleted.
—
Fabio Longo
Restoring an Exchange 5.5 IS Database
Use this alternative method to restore deleted items to an Exchange 5.5 IS database.
—
Bill Stewart
Restoring an Exchange Server Computer
Walk through recovery of an Exchange server when a crash hasn't affected Windows NT and log files are intact but disk drive failure has destroyed database files.
—
Mark Ott
Restoring the Exchange 2000 Store Step by Step
Restoring the Information Store in Exchange 2000 is different from the process in Exchange Server 5.5. Here are the steps to follow.
—
Joseph Neubauer
Restricting SMTP Connectors
To restrict SMTP-based connectors, you must use ESM to set the limitations, then add two registry values to enforce them.
—
Tony Redmond
Risky Business
Don’t put your company and users’ personal information at risk. Here are four types of automated responses that you should block.
—
Steve Bryant
Run Exchange 2007 Under Virtual Server 2005
Follow along with a veteran Exchange admin as he explains how he set up VMs to test beta versions of Exchange 2007, Outlook 2007, and Outlook Web Access using Virtual Server 2005 R2.
—
Michael Dragone
Running Exchange Server 5.5 on Windows 2000
Exchange Server 5.5 on Win2K offers some interesting benefits. Find out the advantages and how to set up your system.
—
Fabio Longo
Running Exchange Services from LocalSystem
In Exchange 2000, Microsoft runs Exchange Services from the Windows 2000 LocalSystem account instead of the service account. Find out what this change means to you.
—
Tony Redmond
Safeguard Exchange for Mobile-Device Access
EAS and OMA, new components in Exchange Server 2003, help meet users’ demand to receive email on their handheld devices while keeping access secure.
—
Paul Robichaux
Sail Through Public Folder Migration
Learn about the new features in Microsoft Exchange Server 2003 that make public folders more efficient and streamline migration of user and system public folders.
—
Kieran McCorry
Scaling Out OWA
Get some tips for implementing Outlook Web Access (OWA) in a large environment.
—
Kieran McCorry
Scaling Out OWA Storage Configurations
This follow-up to the June 2003 article "Scaling Out OWA" describes storage-configuration details and subtle server-tuning aspects of building a large messaging data-center platform.
—
Kieran McCorry
Script User Account and Mailbox Creation
Use ADSI, CDOEXM, and VBScript to automate the process of creating AD user accounts and mailboxes.
—
Ethan Wilansky
Secure Client Communications with SSL
Use SSL support to protect your company’s email communications.
—
Joseph Neubauer
Secure OWA Architectures, Part 1
Learn how to set up your network for offsite users who use OWA to access their Exchange mailboxes.
—
Kieran McCorry
Secure OWA Architectures, Part 2
Discover the most secure architecture for accessing Web mail from outside the corporate firewall.
—
Kieran McCorry
Securing the Exchange Server 5.5 Internet Mail Service
Using the Internet as a network backbone exposes the network to security risks. Find out how Exchange Server 5.5 protects the IMS by preventing unauthorized access and using encryption to secure message traffic.
—
Steve Schwartz
Send Individual Messages to Distribution List Members
You can use an Exchange Event Service script to manage a large mailing list and send individually addressed messages to hundreds of people.
—
Sue Mosher
, et al.
Set Up Multiple Email Identities for a Single Account
Setting up multiple addresses for one email account lets you keep mailboxes to a minimum while providing email identities you can use for different business functions.
—
Randy Franklin Smith
Setting OWA Mail and Calendar Notifications
Discover how the WebDAV protocol’s Subscribe and Poll methods combine to support OWA email notifications and calendar reminders.
—
Kevin Laahs
SharePoint Offers a Different Outlook
WSS raises the bar for Outlook 2003 from an application for personal use to an application for personal use and team collaboration.
—
Kevin Laahs
SharePoint Portal Server Visual Elements
SharePoint Portal Server's Grouped Listing Web Part gives you flexibility in displaying portal listings, so that you can streamline your SharePoint Portal's navigation structure.
—
Bob Mixon
SharePoint Solutions
Microsoft and others have done a great job of touting the strengths of SharePoint Portal Server and Windows SharePoint Services.
Our goal is to inform you of these products' weaknesses.
—
Ethan Wilansky
, et al.
SharePoint Tips & Techniques
If you're getting started with Windows SharePoint Services, you'll find these FAQs helpful.
—
John Savill
Simple Customer-Satisfaction Surveys
Create custom Outlook survey forms that make collecting valuable user feedback a snap.
—
Jason Joy
Simple Database Scripting With CDOEXM
Learn to create and delete storage groups and mailbox databases and mount and dismount databases.
—
Paul Robichaux
Simple Exchange Monitoring
You might be surprised at the monitoring and control functionality built right into your Exchange and Windows servers.
—
Paul Robichaux
Simplify Performance Analysis with ExPTA
ExPTA, a free Microsoft tool, lets you instantly compare your Exchange server's performance with Microsoft’s best practices and spot potential performance problems.
—
Kieran McCorry
Sizing an Exchange 2003 System
Before you use a sizing calculator or load-testing tool to design an Exchange 2003 system, you must know how people use the current mail system.
—
Joseph Neubauer
Spam Beacons
Set up a demo to show the side effects of opening spam messages.
—
Joseph Neubauer
Storing Exchange Server Messages
Find out the advantages of storing messages on the server over storing messages in personal folders.
—
Tony Redmond
Subtle Changes in Exchange 2003 SP2
Do you have a problem with Exchange? It's possible that Microsoft has already fixed the bug. Check out this hotfix for Exchange 2003 Service Pack 2.
—
Tony Redmond
TCP/IP and Exchange Server
TCP/IP is a commonly used network protocol. Read how you can keep TCP/IP from slowing client connections.
—
Tony Redmond
test file upload
—
Ramon Ali
Testing Outlook in a Corporate Environment
How do you know Outlook won't cause problems with your organization's mission-critical applications? Before you migrate to Outlook, here's a plan to test how it will affect your desktop environment.
—
Samantha Guthrie
The Active Directory Connector Account Cleanup Wizard
Smooth out the migration of directory information from Windows NT 4.0 and Exchange Server 5.5 to Active Directory by using the Active Directory Connector Account Cleanup Wizard to eliminate duplicate objects.
—
Kieran McCorry
The BlackBerry Connection
Speed, size, and simplicity have made this mobile email device many users' top pick.
—
Tony Redmond
The Care and Feeding of Public Folders
Learn how the email client interacts with public folders and how the mail administrator can configure public folder options within the organization for optimal performance.
—
Mark Ott
The Exchange 2000 Offline Address Book
Exchange 2000’s OAB is a valuable tool for road warriors yet is surprisingly easy to set up and use.
—
Tony Redmond
The Exchange 2003 Move Mailbox Wizard
The Exchange 2003 Move Mailbox Wizard is a much improved tool for moving mailboxes from legacy Exchange servers to Exchange 2003.
—
Kieran McCorry
The Exchange 5.5 Reality Check
Many Exchange administrators continue to support Exchange 5.x installations. Here’s how to minimize downtime in existing Exchange 5.5 systems.
—
Jim McBee
The Exchange 5.5 Security Check
Review several practical steps for securing Exchange 5.5 in a Windows NT 4.0 environment.
—
Jim McBee
The Exchange Best Practices Analyzer
A new free tool from Microsoft performs an automated check of your Exchange servers to determine their compliance with recommended practices.
—
Paul Robichaux
The Exchange Intelligent Message Filter
Exchange 2003 is about to wise up when it comes to stopping spam. Find out how the forthcoming Microsoft Exchange Intelligent Message Filter (IMF) can help your antispam efforts.
—
Tony Redmond
The Exchange Mailbox Manager, Part 1
Mailbox Manager lets you clean up users' mailboxes by deleting and moving items. In this first article of a two-part series, learn how to create Exchange recipient policies to manage how Mailbox Manager works within an organization.
—
Tony Redmond
The Exchange Mailbox Manager, Part 2
In this second article in a two-part series, learn how the Exchange Server Mailbox Manager utility processes user mailboxes and helps you comply with your organization's data-retention policies.
—
Tony Redmond
The Exchange Recipient Update Service
Understanding this important Exchange Server service can help you keep things running smoothly.
—
Tony Redmond
The Free/Busy Map
Outlook’s free/busy map facilitates scheduling in calendars.
—
Joseph Neubauer
The Importance of the Global Catalog
Global Catalogs are crucial to a smoothly functioning messaging system. Find out how you can use GCs effectively.
—
Tony Redmond
The Infamous DS/IS Consistency Adjuster
The DS/IS Consistency Adjuster verifies that every object in the IS has a matching entry in the DS and fixes inconsistencies that arise in the Exchange database. Review this feature and how to avoid some common pitfalls in using it.
—
Tony Redmond
The Mystery of MTA Malfunctions
Two MTA problems might have baffled you: NDRs for messages to a DL that included a deleted object and stuck messages. But don't worry--SP2 fixes both problems.
—
Tony Redmond
The Pros and Cons of SP4
Service Pack 4 consolidates fixes big and small bugs in Exchange Server 5.5. Is upgrading worth the pain?
—
Tony Redmond
The Sender ID Standard
Want help stopping spam and other troublesome email? Consider implementing Sender ID.
—
Paul Robichaux
The Server Side of Calendaring
Find out how an Exchange server handles free/busy information, how to conduct backups and restores, and how to modify the contents of the system's FREE BUSY folder.
—
Siegfried Jagott
The Site Replication Service
Are you running a mixed Exchange Server 5.5/Exchange 2000 environment? Find out how the Site Replication Service works with the Active Directory Connector to make Directory Service to Active Directory synchronization easier.
—
Kieran McCorry
The Wonderful Wizard of ORK
The Microsoft Office 2003 Resource Kit’s Office Profile Wizard does a lot more than you might expect.
—
Sue Mosher
Tips for Clustering Exchange Successfully
Here's what you need to know to achieve a successful and highly available Exchange cluster.
—
Dennis Lundtoft Thomsen
Tips for Interpreting Messaging Benchmarks
To promote their messaging and collaboration applications, companies publish benchmarks proclaiming their product's performance. What do benchmarks tell you--and what else do you need to know?
—
Jerry Cochran
Tips from an Email Road Warrior
Efficient offline working habits, an understanding of OST files, and trading some Outlook functionality for shorter online sessions can make using email on the road quicker and less expensive.
—
Tony Redmond
To Virtualize or Not to Virtualize?
Consider these helpful hints before you jump headfirst into running your Exchange 2003 mailbox servers on virtual machines (VMs).
—
Tony Redmond
Tools and Techniques to Troubleshoot MAPI Client Connections
Here are some troubleshooting tools and techniques that you can use when you have problems connecting to Exchange 2003 from Outlook 2003 in classic online mode.
—
Kieran McCorry
Top Exchange Design Considerations
Designing (or redesigning) an Exchange organization? Read these top 10 tips before you begin.
—
Mark England
Tricks and Tweaks for Maintaining Exchange Databases
Learn how to modify Exchange's automated maintenance processes to keep it running at peak performance.
—
Brien Posey
Troubleshooter: Blocking MSN Messenger
Find out how to prevent Exchange Instant Messenger users from accessing MSN Messenger.
—
Paul Robichaux
Troubleshooter: Enabling Message Journaling
Learn about the performance impact and concerns of enabling message journaling.
—
Paul Robichaux
Troubleshooting Message Transport Problems
Learn where to search for clues about the cause of your email delivery problems.
—
Joseph Neubauer
Troubleshooting RPC over HTTP Connections
Here’s a handy checklist you can use to help you determine why an RPC over HTTP connection has failed.
—
Kieran McCorry
Tuning the X.400 Connector and the Message Transfer Agent
When you're operating Exchange Server over slow or unreliable WAN links, you can tune the MTA to minimize message retransfers and get the most efficient message delivery.
—
Bill English
Understanding Exchange 2000 Global Messaging Defaults
Set message formats and message delivery properties for your entire organization.
—
Tony Redmond
Understanding Exchange 2003 Global Settings and Message Limits
Learn more about two Exchange 2003 components—global size limit settings and public folder replication—and how each component affects the other.
—
Donald Livengood
Understanding Front-End Servers
Learn the pros and cons of front-end Exchange servers, and discover an alternative approach that combines security and ease of use.
—
Kieran McCorry
Unified Messaging and Exchange
Thinking about UM? Be sure you understand the pros and cons.
—
Kieran McCorry
Update to "A Viral Survival Checklist"
You can protect your system from attacks like the VBS/LoveLetter by beefing up your Outlook attachment security settings and default Windows file association settings. Here's what to do.
—
Evan Morris
Updated Exchange 2003 SP2 Algorithm Aids Write Access to Objects
Microsoft has updated the Global Catalog selection algorithm in Exchange 2003 Service Pack 2 (SP2), and Tony Redmond takes you on a quick tour of this seemingly simple yet important change.
—
Tony Redmond
Upgrading to Outlook 2003
Outlook 2003 offers many enhancements that might make upgrading an easy choice.
—
Tony Redmond
Use a Recovery Server with Exchange 2000
Follow the procedure outlined here to successfully restore a mailbox Store.
—
Tony Redmond
Use DNS and UNIX Relay Hosts to Route Messages to Exchange Server
Learn how to transparently integrate mail servers by configuring DNS to route messages from a UNIX relay host to an Exchange server.
—
Todd McGrath
Use Exchange Tracking Logs to Classify Users
Tracking logs in Exchange Server 2003, Exchange 2000 Server, and Exchange Server 5.5 can be a gold mine of useful information that can help you pinpoint email usage in your organization.
—
Joseph Neubauer
Using Address Book Views in Exchange Server
ABVs let you group mailboxes into a set of logical containers independent of the container in which they physically reside, and you can hide these views from other groups in the GAL.
—
Mark Ott
Using an Exchange 5.5 Server as a Mail Switch
You can take advantage of Exchange Server 5.5 Internet Mail Service's (IMS's) address-rewriting capabilities to create an effective mail switch for multi-mail system environments.
—
Kieran McCorry
Using and Configuring Outlook Direct Booking
Learn how to configure and use Outlook direct booking.
—
Joseph Neubauer
Using ETRN in Exchange Server
When you don't need 24x7 connectivity, the SMTP command ETRN lets your Exchange server periodically connect to an ISP to send and retrieve your mail. Find out how ETRN works and how to configure it.
—
Mark Ott
Using Exchange Public Folders
A look at the key questions surrounding public folder deployment and management will help you lay out a public folder design.
—
Tony Redmond
Using Exchange Server as a List Server
With a combination of a public folder, and distribution list, and the Network News Transfer Protocol, you can add basic list server functionality to Exchange Server.
—
Tony Redmond
Using Exchange Server Link and Server Monitors
Learn how to use these built-in monitors to keep tabs on Exchange and Windows NT services, synchronize clocks, and check messaging links.
—
Mark Ott
Using IPsec with Exchange
Learn how to use IPSec to secure communications between your front-end and back-end servers.
—
Paul Robichaux
Using MIXER for SMTP Internet Connectivity
MIME Internet X.400 Enhanced Relay (MIXER) lets SMTP users communicate with users on X.400 systems. Find out MIXER’s ins and outs and some interesting ways to use this feature.
—
Fabio Longo
Using Outlook 2003 as a Windows RMS Client
Learn how you can use RMS to protect the content of email messages and documents.
—
Sue Mosher
Using Palm III to Connect to Exchange Server
You can use conventional SMTP/POP3 and Palm III's HotSync features to connect to Exchange Server and retrieve and send email remotely.
—
Martin McClean
, et al.
Using SharePoint Portal Server 2001 to Approve and Publish Documents
Microsoft's new information management server offers a way to collaborate on documents. Read what you can do.
—
Bill English
Using the IMS Extension DLL
Here's the tool you need to add disclaimers to messages and journal some or all of your outbound and inbound SMTP mail.
—
Joseph Neubauer
Using Thread Compressor
Evan Morris explains how to clean up and consolidate sets of email messages that relate to a common topic.
—
Evan Morris
Using Web Storage System Forms
Although you can develop applications for the WSS platform without using the forms registry, WSS offers a powerful technology that can make your applications more adaptable and manageable.
—
Kevin Laahs
Using Windows Mobile 2003 to Access Exchange
Pocket PC 2002's successor provides valuable security enhancements.
—
Joseph Neubauer
Virtualizing Exchange 2003
Before you virtualize any part of Exchange 2003 in a production environment, you should be aware of Microsoft's support limitations, virtual machine (VM) performance considerations, and deployment issues.
—
Tony Redmond
Want to Tick Off Spammers? Try Sender ID
Exchange 2003 SP2 introduces Sender ID, another brick in the wall to block spam.
—
Kevin Laahs
What to Do When Your IMS Fails
To deal with IMS malfunctions, learn how the IMS works with the IS to move and store messages, why problems occur, and how to troubleshoot problems.
—
Tony Redmond
Windows Server 2003 Domain Renaming with Exchange Server 2003
With Windows Server 2003 and Exchange Server 2003 SP1, Microsoft has provided two tools—Rendom and XDR-Fixup—that let you rename a Windows 2003 domain and make the necessary changes to AD to support Exchange 2003 after the rename.
—
Tony Redmond
Wireless PDA Access to Exchange
Before you choose a method to let users access Exchange Server email from their PDAs, you need to pin down which solution you want to use, how your users plan to use it, and which devices and software offer the best fit.
—
Joseph Neubauer
Zero Downtime Exchange 2000 Recovery
If you can't afford for your Exchange 2000 email system to be unavailable to your users while you restore the databases, here's what you can do.
—
Evan Morris
[Information Store]
Information Store: Event Log Tools
Two Event Log tools provide easy—-and free—-monitoring capabilities for keeping tabs on your Exchange services.
—
Drew Nicholson
Information Store—Pfadmin’s Setacl Command
The first article in this new column explains how to use Pfadmin‘s Setacl command to set ACLs on public folders--and alerts you to some of the tool’s gotchas.
—
Drew Nicholson
Rem: Scripting the Creation of Datasources
To automate the creation of datasources, you can use a script to create the required registry entries.
—
Michael Otey
[TOP 10]
Exchange Server 2007 New Features
The newest features of Exchange Server 2007 offer prefab modular server roles, messaging protection, quick and easy resource booking, a host of security options, and more.
—
Michael Otey
SBS 2003 Features
The new SBS 2003 Standard Edition and SBS 2003 Premium Edition provide a host of worthwhile features. Here are the best of them.
—
Michael Otey
[Writing Secure Code]
Avoiding Buffer Overruns with String Safety
—
David LeBlanc
Bind Basics
—
David LeBlanc
Controlling Socket Connections
When you're dealing with sockets and other network connections, you want to be selective about which hosts you accept connections from.
—
David LeBlanc
Defeating Denial of Service – CPU Starvation Attacks
This week, David tells you how to protect yourself from CPU starvation attacks, where an attacker leverages your mistakes to cause your system to consume all available processing resources.
—
David LeBlanc
Defeating Denial of Service Attacks
Learn how attackers attempt to starve the resources associated with your application and how to protect yourself from these types of Denial of Service attacks.
—
David LeBlanc
Detecting Alternate Data Streams
Alternate data streams occasionally crop up as security concerns because an attacker might use these streams to hide files. Find out how you can track down these data streams so that you can protect your systems.
—
David LeBlanc
Good Programming and the Rules for Writing Secure Code
—
David LeBlanc
Overflowing Buffers
—
David LeBlanc
Parsing POP
—
David LeBlanc
Restricting Processes
David LeBlanc shares some code to help you control the access levels that a process uses in Windows 2000.
—
David LeBlanc
Secure Services
Securing services is important to overall network security. Programmers need to be aware of the user context that a service will use and be careful when deciding which choice is right for each service.
—
David LeBlanc
Setting Security
If your information is the least bit sensitive, inherited security permissions typically won’t be appropriate for your needs. Learn how to create and apply an ACL to protect your sensitive data.
—
David LeBlanc
Setting Security, Part 2
In Part 2 of his series on Setting Security, David LeBlanc presents an application you can use to initialize the discretionary access control list on a Registry key to give Administrators full control, making your applications more secure.
—
David LeBlanc
Structured Exception Handling and Security
Learn how to use the structured exception handling (SEH) function that comes with the Win32 API to let C code handle errors in your application in much the same way that C++ handles exceptions.
—
David LeBlanc
Understanding Process Tokens
Learn how process tokens work, and find out about a piece of code that can expose the information within these tokens to help you debug your code.
—
David LeBlanc
Writing a Secure POP3 Server
—
David LeBlanc
[Ultimate Security Toolkit
]
A Bootable Network Security Toolkit
Add to your arsenal of security tools with this handy, all-in-one security toolkit.
—
Mark Joseph Edwards
CyberCop 5.5
—
Steve Manzuik
HackerShield 2.0
—
Steve Manzuik
Intact Enterprise 3.0
Check out this software tool for automatic detection and correction of changes that intruders make to your system.
—
Shawn Porter
Internet Scanner 6.1
—
Steve Manzuik
LT Auditor +, 7.0
Check out this Windows-based intrusion detection and audit trail security software. LT Auditor +, 7.0, provides 24x7 monitoring of network activity across the enterprise, protecting organizational assets accessible through NT and Novel networks.
—
Shawn Porter
MailRecall 1.1
Does your company require ultimate control over its email and file attachments? Learn how you can use this software to keep your sensitive documents from ending up in the wrong hands.
—
Shawn Porter
NetRecon 3.0
—
Steve Manzuik
Praesidium WebEnforcer for Windows NT 1.1
Learn about HP's entry into the burgeoning server security scanning software market.
—
Shawn Porter
Raptor Firewall 6.5
Axent Technologies improves on its Raptor enterprise-level firewall product and gives the user an all-new management interface, malicious traffic filters, and definable custom proxies.
—
Mark Joseph Edwards
Retina 3.0
Find out about the Common Hacking Attack Methods (CHAM) and Fix-It features in the latest version of eEye Digital Security's Retina 3.0 security scanner for Win2K and NT networks.
—
Shawn Porter
SecurePC
—
Steve Manzuik
Specter 5.01
Learn how you can use this honeypot-deception software to trick would-be intruders into thinking they are accessing your systems and to respond to them.
—
Shawn Porter
WebTrends 3.0
—
Steve Manzuik
[Windows 2000 Security
]
Analyzing Security Fixes in Win2K Service Pack 1
Microsoft's release of Windows 2000 Service Pack 1 (SP1) fixes 17 security problems, but do you need to install this latest fix? Randy Smith walks you through the service pack and to help you find some answers.
—
Randy Franklin Smith
Auditing Windows 2000
In addition to NT’s seven categories of audit events, Win2K provides two new categories to track additional areas of activity. Find out where Microsoft has added enhancements to this important feature.
—
Randy Franklin Smith
Checking Your Current Configuration in Group Policy
As I discussed in a previous column, the way you configure Windows 2000 is very different from the way you configure Windows NT. In general, you no longer directly touch a system’s settings in Win2K.
—
Randy Franklin Smith
Code Red and Proactive Security
If you always read Microsoft security bulletins and load hotfixes on your Windows 2000 IIS servers, you're probably already protected from the Code Red worm. However, Randy Smith shows you an even more important way to practice proactive security.
—
Randy Franklin Smith
Cracking User Passwords in Windows 2000
For years, Windows NT administrators have used L0phtCrack 2.5 to obtain users' passwords in their domain. But, if you’ve tried to use this tool on your Windows 2000 domain controller, you know that it doesn’t work.
—
Randy Franklin Smith
Creating a Custom Password-Reset MMC
Last time, I showed you how to give your Help desk staff the authority to handle forgotten passwords without giving them sweeping administrative privileges.
—
Randy Franklin Smith
Dangerous Services, Part 1
Windows 2000 comes with some unnecessary services enabled by default. Attackers use these services to access confidential information or impersonate a high-level user. Consider disabling these vulnerable services on workstations and servers.
—
Randy Franklin Smith
Dangerous Services, Part 2
Randy Smith continues his look into Windows 2000 services that can pose unnecessary security risks. Find out which services you will want to consider disabling to keep attackers from accessing your systems.
—
Randy Franklin Smith
Dangerous Services, Part 3
Randy Smith concludes his look into Windows 2000 services that can present security risks. Learn how to use Group Policy to control services on all computers in your domain and to change security settings to keep your systems secure from network attacks.
—
Randy Franklin Smith
Delegating Password Reset Control in Windows 2000
—
Randy Franklin Smith
Don't Shoot Yourself in the Foot with Group Policy Security Settings, Part 1
If you aren't careful with your Group Policy Security Settings, you can easily shoot your security in the foot. Randy Smith shows you how to implement some fail-safe measures to protect your systems.
—
Randy Franklin Smith
Don't Shoot Yourself in the Foot with Group Policy Security Settings, Part 2
In Part 2, Randy Smith shows you how to use change control techniques and least privilege to protect the rest of your domain from administrator mistakes.
—
Randy Franklin Smith
Group Policy
—
Randy Franklin Smith
Internet Explorer Security Options, Part 1
You take the serious risk of suffering from a security attack each time you browse the Web. Randy Smith shows you how to reduce this risk by properly configuring the security options available in Internet Explorer (IE) 5.0.
—
Randy Franklin Smith
Internet Explorer Security Options, Part 2
Randy Smith continues his look into security options available when you use Internet Explorer (IE) 5.0 to browse the Web. Learn how to configure the Custom Level settings for the security zones.
—
Randy Franklin Smith
Internet Explorer Security Options, Part 3
Web browsing leaves cookies and downloads that might be security risks to your systems. Randy Smith shows you how to how to control cookies and file downloads by properly configuring the security options available in Internet Explorer (IE) 5.0.
—
Randy Franklin Smith
Internet Explorer Security Options, Part 4
Randy Smith continues his look into security options available when you use Internet Explorer (IE) 5.0 to browse the Web. Learn how to control permissions for Java applets you encounter on Web sites and how to configure the settings under Miscellaneous.
—
Randy Franklin Smith
Internet Explorer Security Options, Part 5
Web browsing exposes your systems to dangers associated with active scripts. Randy Smith shows you how to properly configure the security options for scripting that are available in Internet Explorer (IE) 5.0.
—
Randy Franklin Smith
Internet Explorer Security Options, Part 6
Randy Smith completes his look at the security options that are available in Internet Explorer (IE) 5.0. Learn how to use Group Policy to configure the security options centrally for all your users.
—
Randy Franklin Smith
IP Security Filtering
Attackers are always scanning the Internet for unsecured PCs. Randy Smith shows you how to use Windows 2000 IP Security (IPSec) Filtering to protect onsite and offsite computers exposed to the Internet.
—
Randy Franklin Smith
New Rights in Windows 2000
—
Randy Franklin Smith
Protect Confidential Information Using IPSec and Group Policy
Learn how to use Group Policy to implement a limited rollout of IPSec and protect your classified information as it traverses your Windows 2000 network.
—
Randy Franklin Smith
Protect Confidential Information Using IPSec and Group Policy – Part 2
In part 2 of this series, Randy shows you how to use a GPO's ACL permissions to assign the Server (Require Security) IPSec policy for your secure servers.
—
Randy Franklin Smith
Protecting Data Recovery Certificates in EFS
Learn the importance of exporting and deleting the recovery agent certificate when you are using Win2K-based systems that aren't members of an Active Directory (AD) domain.
—
Randy Franklin Smith
Protecting the Administrator Account
Find out why Windows 2000's built-in Administrator account needs special protection against attacks because of several idiosyncrasies that Win2K inherited from Windows NT.
—
Randy Franklin Smith
Reducing the Risks Associated with Windows 2000's Group Policy
—
Randy Franklin Smith
Securing Win2K Laptops with EFS
Learn how to securely implement EFS on Win2K Professional laptops and protect your mobile users.
—
Randy Franklin Smith
Setting Active Directory Property Permissions
By the time a user calls the Help desk to ask for assistance with a forgotten password, Windows 2000 will likely have locked out that user's account as a result of several failed logons.
—
Randy Franklin Smith
Terminal Services, Part 1
Terminal Services lets you fully administer a remote server. With the graphical, interactive environment of a PC and the manageability and simplicity of a mainframe, Terminal Services offers the best of two worlds.
—
Randy Franklin Smith
Terminal Services, Part 2
Randy Smith continues his look at some of the features available in the Microsoft Management Console (MMC) Terminal Services snap-in. Learn how to use Terminal Services features to keep your server secure during remote administration.
—
Randy Franklin Smith
Terminal Services, Part 3
Randy Smith continues his look at features in the Microsoft Management Console (MMC) Terminal Services snap-in. Learn how to use some of the properties for Terminal Services connection objects to keep your server secure during remote administration.
—
Randy Franklin Smith
Terminal Services, Part 4
Randy Smith completes his look at features in the Microsoft Management Console (MMC) Terminal Services snap-in. Learn how to use IP Security (IPSec) protocol to wrap a final layer of security around your server.
—
Randy Franklin Smith
Updating Service Packs and Hotfixes with Boot Scripts
Learn how to use a few simple scripts and Group Policy to keep your Win2K systems up-to-date and secure and still get home at a decent hour.
—
Randy Franklin Smith
Win2K SP1 Security Improvements
Find out what improvements Microsoft has made in Win2K SP1 to help you keep your systems up to date and secure.
—
Randy Franklin Smith
Windows 2000 Installer Package for Service Pack 1
Using service packs to keep servers and workstations up-to-date is crucial to your entire OS and Internet Explorer. Now you can use Windows 2000 Installer to deploy service packs throughout your network with little effort.
—
Randy Franklin Smith
Windows 2000's Advances in Administrative Authority
—
Randy Franklin Smith
[Hot Tips]
Cause Microsoft ISA to Automatically Dial Out
Some of you use Microsoft's new Internet Security and Acceleration (ISA) Server in conjunction with a modem-based connection.
—
Mark Joseph Edwards
Convert to NTFS During an Unattended Installation
As you know FAT file systems offer very little in the way of security. Therefore its always wise to format your drives to use the NTFS file system, where you gain the ability to control access to files and directories on a per user basis.
While
—
Mark Joseph Edwards
Enable Auditing in Windows 2000
In order to track security related events, auditing must be enabled on the system to be monitored. To enabled auditing on Windows 2000 systems, open Control Panel, select Administrative Tools, Local Security Policy, and then Audit Policy.
In the right
—
Mark Joseph Edwards
Event Log Security ID Descriptions
You use event logs to audit security events on your systems, but do you always know what a given event ID code represents? It's hard to remember details about each event ID because Microsoft lists more than 50 different security event ID codes.
—
Mark Joseph Edwards
Guard System Files on Windows 2000
Windows 2000 comes with the ability to monitor its critical system files and protect those files from being changed or deleted. But did you know a Registry key controls the functionality of Win2K's system file checker protection?
Microsoft article
—
Mark Joseph Edwards
How Can I Determine Which Containers Link to Group Policy?
This hot tip explains how to determine which containers link to group policy.
—
Mark Joseph Edwards
How Can I Enable Users to Set the Administrator Password During an RIS Installation?
When you use the Microsoft Remote Installation Services the Administrator password is set to null during the installation. You can let the user set a password during the final GUI portion of installation. To do so, perform the steps in this FAQ.
—
Mark Joseph Edwards
How Can I Hide the Logon Script Dialog Box on Windows NT
When you use logon scripts, a dialog box appears on the screen where you can observe the script commands as they process. However, in many cases, this might not be preferable system behavior--you ight want to hide the dialog box from the user.
—
Mark Joseph Edwards
How Can I Restrict Active Directory Replication Traffic to a Specific Port?
By default, Active Directory (AD) replication via remote procedure calls (RPCs) takes place dynamically over an available port via the RPC Endpoint Mapper using port 135 (the same port as Microsoft Exchange).
—
Editors
How Do I Clear Saved Passwords/Form Information from Within Internet Explorer?
Internet Explorer (IE) has a neat feature--Autocomplete--that remembers
previous answers to password prompts and forms and automatically fills them in on subsequent visits.
—
Mark Joseph Edwards
How Do I Create a Captive Account?
It is possible to force a user to run a program, and if they close that program they can be automatically logged off. Learn how in this tip.
—
Editors
How Do I Enable Debug Logging for IPSec?
A readers asks whether it's possible to enable logging for IPSec. The answer is yes. To enable IPSec logging, perform the following registry change--but be careful--incorrect registry edits can lead to a non-bootable system:
Start the Registry
—
Mark Joseph Edwards
How Do I Enable Verbose Boot, Shutdown, Logon, and Logoff
By default, Windows 2000's policies are configured to provide standard
message output for certain situations, such as when a user logs on or
off or shuts down or restarts the system.
—
Mark Joseph Edwards
How Do I Enter a Shutdown Description from the Command Line?
In Windows XP, the new version of shutdown.exe (the tool used to
shutdown/reboot from the command line) contains support for tracker
descriptions via the -d (description/reason code) and -c (comment)
attributes.
—
John Savill
How Do I Use the SYSKEY Functionality of Service Pack 3?
Learn how to use SYSKEY to protect your system's SAM database in this Hot Tip!
—
Editors
How to Detect Certain Virus and Worms
The recent Love Letter virus infected millions of computer users. As you know, Love Letter spread quickly by accessing the user's address book and sending a copy of the virus to everyone listed therein.
Outlook users (and possibly users of other
—
Mark Joseph Edwards
How to Recover a Lost Administrator Password
Now and then many of you find yourselves in the unfavorable position of having to retrieve an NT system's lost Administrator account password. I can't even count the number of "help me!" messages I've received in this regard.
As I tell
—
Mark Joseph Edwards
How to Recover Lost Administrator Passwords
Now and then many of you find yourselves in the unfavorable position of having to retrieve an NT system's lost Administrator account password. I can't even count the number of "help me!" messages I've received in this regard.
As I tell
—
Mark Joseph Edwards
How to Restore Default File and Directory Permissions
A user asked how they could restore the default security settings for NT files and directories. Doing so is easy, provided you've got a copy of the NT Resource Kit handy. In the Resource Kit you'll find a tool called FIXACLS.EXE. The tool will reset NT's
—
Mark Joseph Edwards
How to Secure Communications Between Terminal Services and the Client Systems
Windows 2000 Server's Terminal Services supports three levels of
encryption: low, medium, and high. The default encryption is medium,
which uses a 56-bit key to encrypt traffic flowing between the client
and server.
—
Mark Joseph Edwards
I've Entered a Password for a Terminal Services Client Connection. Why Does the System Continue to Prompt Me?
By default, a Windows 2000 Server Terminal Services connection always prompts for a password, even if you've configured one in the connection logon information. To disable this option, perform the following steps:
—
Mark Joseph Edwards
Limit Buffer Size on IIS
If you read theWin2KSecurity Advice mailing list, you know that Marc (from the eEye Digital Security Team) recently pointed out that a new Microsoft Support Online article (Q260694) reveals a useful security configuration setting within IIS.
If you run
—
Mark Joseph Edwards
Make My Computer Display Username and Machine name
As you know, each Windows desktop has a My Computer icon. Clicking the icon opens the My Computer folder, displaying available resources such as hard disks, printers, Dialup Networking, scheduled tasks, and mobile device connections. Did you know you can
—
Mark Joseph Edwards
Microsoft's Online Security Papers
Many people still aren't familiar with Windows 2000-related security. To help get up to speed, Microsoft has made lots of information available online. For example, in one streaming media presentation, Microsoft's Darol Timberlake discusses
—
Mark Joseph Edwards
Minimize Risk Under Win2K Pro
Windows 2000 Professional (Win2K Pro) is a brand new OS with lots of bells and whistles, so its available services deserve careful inspection before connecting it to the Internet. If you perform your own Win2K Pro installation, install only the services
—
Mark Joseph Edwards
Prevent Windows 2000 Upgrade From Overwriting Custom Security Settings
When you upgrade a Windows NT system to Windows 2000, the security settings for the new installation are defined in one of two configuration template files: dwup.inf for Win2K Professional and dsup.inf for Win2K Server. To prevent the upgrade from
—
Mark Joseph Edwards
Protect Drives Against Unwanted Access
I can't begin to count the number of file system-related security holes that never became a problem on my systems. For example, older versions of IIS were known to expose sensitive information through the use of a URL that ended in a period or a
—
Mark Joseph Edwards
What Is a Digital Signature and How Does it Work?
A digital signature is a mechanism you can use to authenticate a message's sender or document's signer.
—
Editors
When I Try to Install the Proxy Server 2.0 Update in Windows 2000, Why Does Setup Hang When It's Stopping or Restarting the WWW Service?
For Microsoft Proxy Server 2.0 to function properly on a Windows 2000-based server, you must update Proxy Server using the Microsoft
BackOffice Server 4.5 Readiness Kit for Windows 2000.
—
Mark Joseph Edwards
Which Software Can Help Monitor Event Logs?
This week's tip is based on a message Bob Free posted to our HowTo for Security mailing list. Learn more about the mailing list by visiting the Web site.
http://63.88.172.96/go/loader.asp?id=/security/howto-faq.htm
—
Mark Joseph Edwards
Which Users at Which System?
A member of our HowTo for Security mailing list mailing list recently asked how they could determine which user is logged in to which system? The goal was to identify user who may be using a generic guest account instead of their properly assigned user
—
Mark Joseph Edwards
[Product Reviews]
Baseline +Plus 2.2.1
Administrators and Help desk support personnel often struggle with inconsistent file versions on computers throughout an organization. Computing Edge's Baseline +Plus 2.2.1 eases this struggle by analyzing the difference between a baseline
—
Mark Joseph Edwards
CyberwallPLUS-SV 5.1.1
CyberwallPLUS-SV is a software-based embedded firewall that resides at the kernel level on an NT server, between the host's Ethernet NICs and the network protocol stacks. During installation, the program bonds its proprietary virtual network device
—
Mark Joseph Edwards
Enterprise Backup Software
Data that you store on enterprise networks represents money, and for most organizations, irrecoverable loss of such data would be a financial catastrophe. Thus, choosing the correct backup software is like picking the right vehicle to take your
—
Mark Joseph Edwards
SecureNT 1.2
A growing reliance on computers for the processing and storage of critical data means that securing system integrity is crucial. A lot of public hype exists about the external threats that system crackers pose, yet internal threats are more likely to
—
Mark Joseph Edwards
SFProtect 2.0
Scanning your systems for security vulnerabilities is a paramount task, so selecting a security scanner that is right for your network is important. If you're looking for an agent-based system security scanner, SFProtect 2.0 might be the solution for
—
Mark Joseph Edwards
UltraBac 5.5 Stand Alone Disaster Recovery for Windows NT
UltraBac.com's UltraBac 5.5 Stand Alone Disaster Recovery (SADR) for Windows NT streamlines partition-image backup and restoration. You can write the backup images to any local device on the NT 4.0 Hardware Compatibility List (HCL), and SADR includes
—
Mark Joseph Edwards
[How To]
Advanced Security in Exchange 2000, Part 1
Microsoft Exchange Server has always provided the Advanced Security subsystem to let users secure their mail messages. Advanced Security guarantees confidentiality and message content integrity and verifies the sender’s authenticity. Advanced Security
—
Mark Joseph Edwards
Encrypting Files for Added Security
If you're running NTFS on your Win2K system, you can give yourself extra security by encrypting files. To do so, open My Computer, drill down to the file or folder you want to encrypt, and right-click it to bring up a menu. Select Properties and
—
Mark Joseph Edwards
Internet Explorer's Upcoming Cookie Management Update
Microsoft will soon release a public beta of its upcoming cookie management update for Internet Explorer (IE) 5.5.
—
Mark Joseph Edwards
Microsoft Releases IIS 5.0 Security Checklist
Microsoft recently released a new security-related document that helps administrators better secure their Internet Information Server 5.0 systems.
—
Mark Joseph Edwards
Multibooting Windows 2000 Systems
You're probably just taking the shrink-wrap off your new copy of Windows 2000 (Win2K) and wondering how Win2K will integrate into your existing system configuration. If you've configured multiboot systems with Windows NT 4.0 in the past, you
—
Mark Joseph Edwards
Quickly Disable Network Access to Your System
Here's a handy tip for disabling access to NT 4.0 systems while you perform maintenance or upgrade tasks, or if you suspect your system is being attacked via NetBIOS. Unless you have modified the default settings, the Everyone group has the right
—
Paula Sharick
Secure E-Commerce with Smart Cards
Your company might still consider smart cards to be a futuristic technology. To help make them a present reality, Windows 2000 (Win2K) will offer highly integrated support for smart cards. In this article, I introduce you to smart cards, show you why
—
Mark Joseph Edwards
Tougher Computer Crime Laws Sought
White House Chief of Staff John Podesta made a proposal for updates to existing computer crime laws.
—
Mark Joseph Edwards
White House Eases Encryption Export Policy
The White House announced a new policy on Monday designed to ease restrictions on export of strong encryption.
—
Mark Joseph Edwards
Windows 2000's Network Address Translation
In Windows 2000 Server (Win2K Server), Microsoft offers you two ways to connect SOHO networks to the Internet: You can use a routed connection or a translated connection. With routed connections, Win2K Server acts as an IP router and forwards packets
—
Mark Joseph Edwards
Your Web Browser is Bugged
Cookies have been the nemesis of privacy advocates for quite some time now, but cookies are relatively tame compared to their sneakier siblings, Web bugs, which stealthly track you as you view content from around the Internet.
—
Mark Joseph Edwards
[Access Denied]
Access Denied
Randy answers your Windows 2000 security questions about restoring local logon privileges, correctly configuring auditing in the Default Domain Policy OU, changing the Administrator account name on every computer in your domain, and more.
—
Randy Franklin Smith
Access Denied
Randy answers your Windows 2000 security questions about restricting concurrent logons, monitoring who is logged on to a domain’s servers, changing the number of days in a password-expiration notification, and more.
—
Randy Franklin Smith
Access Denied
—
Randy Franklin Smith
Access Denied
—
Randy Franklin Smith
Access Denied
—
Randy Franklin Smith
Access Denied
Get answers to your security-related Windows 2003, XP, and Win2K questions
—
Randy Franklin Smith
Access Denied
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied
—
Randy Franklin Smith
Access Denied
Get answers to your Windows security questions
—
Randy Franklin Smith
Access Denied
—
Randy Franklin Smith
Access Denied
—
Randy Franklin Smith
Access Denied
Every month, Randy Franklin Smith answers your questions about security. Click the links above to see individual Q&As from this month's column. Send your questions to Randy at rsmith@ultimatewindowssecurity.com.
—
Randy Franklin Smith
Access Denied
—
Randy Franklin Smith
Access Denied
Every month, Randy Franklin Smith answers your questions about security.
—
Randy Franklin Smith
Access Denied
Every month, Randy Franklin Smith answers your questions about security. Click the links above to see individual Q&As from this month's column.
—
Randy Franklin Smith
Access Denied
Randy answers your Windows 2000 security questions about using GPOs to enforce password-protected screen savers, forcing Win2K to apply group policy immediately, and more.
—
Randy Franklin Smith
Access Denied
Randy answers your Windows 2000 security questions about migrating to Win2K before deploying Active Directory, using L0phtCrack on Win2K, finding and using the Win2K replacement for the NT User Manager utility, and more.
—
Randy Franklin Smith
Access Denied, April 2006
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied, August 2006
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied, July 2006
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied, June 2006
Get answers to your Windows security questions.
—
Randy Franklin Smith
Access Denied, May 2006
—
Randy Franklin Smith
Access Denied, October 2006
—
Randy Franklin Smith
Access Denied, September 2006
—
Randy Franklin Smith
Access Denied--Addressing Group Policy Conflicts
Discover which Group Policy settings affect other settings.
—
Randy Franklin Smith
Access Denied--Auditing User Account Lockouts
Learn how to audit user account lockouts.
—
Randy Franklin Smith
Access Denied--Configuring Group Policy’s Effective Settings
Discover how to configure Group Policy’s Effective Settings.
—
Randy Franklin Smith
Access Denied--Controlling Read and Write Access to AD Objects
Learn to use AD to publish employee information but still control read and write access to AD objects.
—
Randy Franklin Smith
Access Denied--Evaluating Anonymous Events in the Security Log
Discover the risks associated with anonymous logons and logoffs.
—
Randy Franklin Smith
Access Denied--Handling Console Unlocks in Win2K
Learn how Win2K handles password changes and console unlocks.
—
Randy Franklin Smith
Access Denied--Implementing NTLMv2 on Win2K, NT, and Win9x machines
Learn how to upgrade NT LAN Manager (NTLM) to NTLMv2 on your Win2K, NT, and Win9x machines.
—
Randy Franklin Smith
Access Denied--Keeping Users from Running Unauthorized Commands
Find out how you can keep users from running unauthorized commands.
—
Randy Franklin Smith
Access Denied--Knowing FTP from a Network Perspective
Learn how FTP works from a network perspective.
—
Randy Franklin Smith
Access Denied--Logging Off Users Automatically
Discover how to log off users automatically when their logon time has expired.
—
Randy Franklin Smith
Access Denied--Restoring Access for Recreated User Accounts
Learn how to restore access for a recreated user account.
—
Randy Franklin Smith
Access Denied--Understanding the User Privileges that Event ID 578 Logs
Learn how event ID 578 (privileged object operation) can help you manage access to object properties.
—
Randy Franklin Smith
Access Denied--Win2K Server–Reboot Security Events
Discover the significance of security events logged when you reboot a Win2K server.
—
Randy Franklin Smith
Access Denied: .vbs Virus Protection
Learn how to protect users agains VBScript viruses.
—
Randy Franklin Smith
Access Denied: A Basic File Encryption Tool
Windows provides no built-in utility for encrypting files, but two scripts in the Platform SDK use CryptoAPI to let you encrypt and decrypt text files from the command line.
—
Randy Franklin Smith
Access Denied: Activating the IAS Log
Learn about a Windows 2003 tool for scanning the IAS log and where to find documentation of the log's columns and codes.
—
Randy Franklin Smith
Access Denied: Administering All Domains in a Forest
Learn what group to use when your responsibilities include managing an entire forest.
—
Randy Franklin Smith
Access Denied: Allowing Guest-Client Access to the Internet Over a WLAN
How can you give visiting clients and business partners access to the Internet via your WLAN while maintaining security? Here are two approaches.
—
Randy Franklin Smith
Access Denied: Alternatives for Safeguarding Your WLAN
Use a trick with your DHCP addresses to prevent an intruder from capturing information sent between wireless clients or connecting to your network and attacking your computers.
—
Randy Franklin Smith
Access Denied: Applying a Domain Lockout Policy to Win2K's Built-In Administrator Account
Set the domain's PwdProperties property to protect the Administrator account.
—
Randy Franklin Smith
Access Denied: Applying a Registry Value Across All a Domain's Computers
Don't want to go from computer to computer to modify a registry value? Here's an alternative.
—
Randy Franklin Smith
Access Denied: Assign Rights with Group Policy
Randy explains how to use group policy to assign user rights to local users and groups.
—
Randy Franklin Smith
Access Denied: Audit Account Logon Events
Randy explains how to use GPOs to control the audit policy on computers in your domain.
—
Randy Franklin Smith
Access Denied: Audit Control List Editing Rights for a Win2K Object
Learn whether you can delegate access to editing rights for the audit control list of a Windows 2000 object.
—
Randy Franklin Smith
Access Denied: Auditing Account Logon Events Centrally
Learn how Windows 2000’s new audit category Audit account logon events lets you track logon activity centrally.
—
Randy Franklin Smith
Access Denied: Auditing Users Who Might Be Starting and Stopping Services
Discover how to audit users who might be starting and stopping services.
—
Randy Franklin Smith
Access Denied: Automatically Log Off Inactive Users
Randy tells how you can automatically log off inactive Win2K users and close their open files.
—
Randy Franklin Smith
Access Denied: Automating Service Pack Installation
Group Policy can install a service pack on multiple computers the next time they reboot.
—
Randy Franklin Smith
Access Denied: Automating User Account Creation in AD
You can automate AD account creation either interactively or through a script.
—
Randy Franklin Smith
Access Denied: Avoiding Unnecessary Work with IPSec
Learn how to ensure that when you edit an IP Security (IPSec) policy in a Group Policy Object (GPO), the changes take effect.
—
Randy Franklin Smith
Access Denied: Backing Up GPOs
The Group Policy Management Console (GPMC) lets you document and back up GPO settings.
—
Randy Franklin Smith
Access Denied: Blocking Inheritance and Overrides of Group Policies
Learn how the Group Policy "Block Policy inheritance" and No Override options work and how they affect each other.
—
Randy Franklin Smith
Access Denied: Changing an Account's UPN Suffix
To create a user account with a unique name, you sometimes need to change the account's UPN suffix.
—
Randy Franklin Smith
Access Denied: Clearing Logs on Win2K and NT Servers
Learn how to clear the Application, Security, and System logs on Windows 2000 and Windows NT servers.
—
Randy Franklin Smith
Access Denied: Comparing Anonymous-Connection Policies in Win2K and Later
Here's a look at the anonymous-connection policies in Win2K as compared with those in Windows 2003 and XP.
—
Randy Franklin Smith
Access Denied: Comparing Code Access Security with User Access Permissions
Which one takes precedence? The answer is neither; they are equal.
—
Randy Franklin Smith
Access Denied: Configuring a Different Lockout Policy for Dial-Up or VPN Users
Learn how to set up a separate lockout policy for your dial-up or VPN users.
—
Randy Franklin Smith
Access Denied: Configuring a Separate Lockout Policy for Remote Access
You can use the registry to configure a remote access lockout policy that's different from your domain account lockout policy.
—
Randy Franklin Smith
Access Denied: Configuring a Win2K System to Log On Automatically
A reader has trouble getting a Win2K system to log on automatically.
—
Randy Franklin Smith
Access Denied: Configuring Anonymous Access on Win2K
Win2K lets you configure NT-style anonymous connections—if that's what you really want to do.
—
Randy Franklin Smith
Access Denied: Configuring Certificates with IIS 5.0
When you follow best practice and keep your root CA offline, make sure to configure your CA so that it can find the CRL.
—
Randy Franklin Smith
Access Denied: Configuring DHCP Server Logs
If your logs are too small, you'll have holes in your logging coverage.
—
Randy Franklin Smith
Access Denied: Configuring Office Macro Security for Multiple Users
Use Group Policy to lock down Office for multiple users without separately configuring each workstation.
—
Randy Franklin Smith
Access Denied: Configuring XP File Sharing
A new XP setting controls file sharing of local XP accounts.
—
Randy Franklin Smith
Access Denied: Configuring XP to Require Ctrl+Alt+Del for Logon
You can modify the registry to configure standalone XP computers to use the classic logon window, but you need to use the MMC Local Security Policy snap-in to require users to press Ctrl+Alt+Del.
—
Randy Franklin Smith
Access Denied: Connecting to a DC to Edit a GPO
Because the MMC Active Directory Users and Computers snap-in doesn't necessarily connect to the local DC, you might think that only some DCs will log GPO change events.
—
Randy Franklin Smith
Access Denied: Controlling Enterprise Administrators Access to a Child Domain
Learn how to prevent Enterprise Administrator group access to a child domain.
—
Randy Franklin Smith
Access Denied: Controlling SAM Accounts and Shares
New settings in XP cause it to behave differently from Win2K with regard to allowing enumeration of SAM accounts and shares.
—
Randy Franklin Smith
Access Denied: Controlling the Right to Add New Computers to a Domain
Learn several methods you can use to control the right to add new computers to a domain.
—
Randy Franklin Smith
Access Denied: Controlling Which CAs Windows Can Trust
Decide for yourself which Certification Authorities (CAs) are trustworthy. Use Group Policy to mandate which CAs Windows can trust.
—
Randy Franklin Smith
Access Denied: Convincing Management About Security Risks
Discover how to convince your company's managers that security risks from internal users are real.
—
Randy Franklin Smith
Access Denied: Cracking Kerberos Packets
Although Kerberos is stronger than NTLM, Kerberos packets can still be cracked. Learn about the available options for protecting Kerberos packets from attack.
—
Randy Franklin Smith
Access Denied: Creating Multiple Event Viewer Views
Learn to use Event Viewer to view multiple event types without having to change filters.
—
Randy Franklin Smith
Access Denied: Creating New UPN Suffixes
Creating and using new UPN suffixes can make your user account names less transparent but doesn't take the place of strong security.
—
Randy Franklin Smith
Access Denied: Delegating the Right to Unlock User Accounts
Learn how to delegate the right to unlock user accounts.
—
Randy Franklin Smith
Access Denied: Deleting a File on an NTFS Volume and Erasing the Data
Learn how to erase the data after you delete a file on an NTFS volume.
—
Randy Franklin Smith
Access Denied: Detect When Someone Views or Dumps the Security Log
Randy gives ideas for determining whether local administrators are conscientiously checking their logs.
—
Randy Franklin Smith
Access Denied: Detecting NetBus on Company Computers
Learn how to detect and remove NetBus from all your company’s computers.
—
Randy Franklin Smith
Access Denied: Detecting PPTP Attacks on Remote Access Servers
Learn how to determine if an attacker is trying to access your RAS server by guessing usernames and passwords.
—
Randy Franklin Smith
Access Denied: Determining from Which Computer a User Logged On
On Win2K and later DCs, you need to use event ID 672 to discover the computer from which a user logged on.
—
Randy Franklin Smith
Access Denied: Determining the Risks of Using Group Policy to Distribute a Preshared Key
Is it safe to use Group Policy to deploy IPSec's preshared key authentication?
—
Randy Franklin Smith
Access Denied: Determining When a Server’s Time and Date Were Changed
The Windows Security log provides information about when a system's time and date were changed.
—
Randy Franklin Smith
Access Denied: Determining Which Programs Access Files
A Win2K bug makes determining which application accessed a given file on a remote computer difficult, but you can compile a list of possibilities.
—
Randy Franklin Smith
Access Denied: Disabling Group Policy
A registry setting in the Win2K beta that let users disable Group Policy doesn't threaten security in the final release of Win2K or XP.
—
Randy Franklin Smith
Access Denied: Disabling IE's Enhanced Security Configuration Feature
Disabling this Windows 2003 feature isn't recommended, but it's possible.
—
Randy Franklin Smith
Access Denied: Disabling Schema Changes in AD
Disable Active Directory (AD) schema changes to prevent malicious or accidental tampering.
—
Randy Franklin Smith
Access Denied: Disabling the Administrator Account under Windows XP
You can disable the Administrator account under XP to prevent attackers from using the account to access users' machines.
—
Randy Franklin Smith
Access Denied: Disabling Windows Messenger on XP Workstations
Disable Windows Messenger to protect systems from potential exploits.
—
Randy Franklin Smith
Access Denied: Disconnecting All Users from a Server
Discover how to set up an automated procedure to disconnect all users from a server at a certain time each day.
—
Randy Franklin Smith
Access Denied: Discouraging Administrators from Unnecessarily Using Their Privileges
You can't prevent administrators from using elevated privileges for tasks that don't require them, but you can make doing so inconvenient.
—
Randy Franklin Smith
Access Denied: Displaying a Blank Logon Screen for a Terminal Services Client
Learn how to prevent a Terminal Services client from displaying the name of the last user to log on.
—
Randy Franklin Smith
Access Denied: Displaying a Legal Notice When Users Log On
You need to configure more than one setting to display a legal notice.
—
Randy Franklin Smith
Access Denied: Doing Security Scans That Comply with NSA Recommendations
A free version of Pedestal Software's SecurityExpressions WebScan can do what the Microsoft Baseline Security Analyzer (MBSA) can't.
—
Randy Franklin Smith
Access Denied: Edit Ticket Lifetime
Randy explains Win2K's service tickets and user tickets and tells how you can edit ticket lifetime and other Kerberos policies.
—
Randy Franklin Smith
Access Denied: Editing the Dssec.dat File
Learn how to delegate to a Help desk the right to unlock user accounts.
—
Randy Franklin Smith
Access Denied: Email Notification About Security Events
Learn how to set up daily email to notify you about suspicious security events.
—
Randy Franklin Smith
Access Denied: Enabling Permissions Inheritance
Here's how to propagate permissions from a parent object to its child objects.
—
Randy Franklin Smith
Access Denied: Enabling Users to Access Two Domain Accounts
In some cases (e.g., during a migration), you might need to let users log on to two domain accounts and access files. A freeware tool makes setting up such a scenario easy.
—
Randy Franklin Smith
Access Denied: Ensuring That GPOs Are Applied When You Move a Computer to a New OU
Learn why an OU's GPOs might not be in effect immediately on a computer that you move to that OU.
—
Randy Franklin Smith
Access Denied: Evaluating EFS
Consider the effectiveness of Encrypting File System (EFS) on various Windows OSs.
—
Randy Franklin Smith
Access Denied: Forcing All Users to Change Their Password at Next Logon
The MMC Active Directory Users and Computers snap-in doesn't provide a multiple select option, but you can use an alternative approach to make all users change their password at the next logon.
—
Randy Franklin Smith
Access Denied: Group Policy and the Administrator Account
Learn how to prevent group policies from being applied to the Administrator account.
—
Randy Franklin Smith
Access Denied: Identifying Logon Attempts That Use Disabled Accounts
Three event IDs can help you identify logon attempts that use accounts an administrator has disabled.
—
Randy Franklin Smith
Access Denied: Identifying Trust-Relationship Changes
You can find information about changes to domain trust relationships by looking in the Security log at event IDs 610, 611, and 620.
—
Randy Franklin Smith
Access Denied: Identifying Unauthorized Logon Attempts
Discover the identity of someone trying to use a local account to access your network.
—
Randy Franklin Smith
Access Denied: Installing a New NT 4.0 BDC into a Windows 2003 Domain
Here's the reason for the Assign this computer as a backup domain controller option in the New Object - Computer dialog box in Windows 2003.
—
Randy Franklin Smith
Access Denied: Installing SUS on DCs
SUS SP1 adds functionality that lets you install SUS on DCs.
—
Randy Franklin Smith
Access Denied: Knowing When Win2K Uses NTLM Rather Than Kerberos Authentication
Find out in which situations Win2K still uses NTLM rather than Kerberos authentication.
—
Randy Franklin Smith
Access Denied: Letting Trusted Users Start Windows Messenger
Learn to set Windows Messenger policies so that only users who need the application can start it.
—
Randy Franklin Smith
Access Denied: Letting Users View Security Logs
Simply editing a GPO will let a group of users view Security logs but will also allow them to clear the logs. A more restrictive solution takes more work.
—
Randy Franklin Smith
Access Denied: Limiting Access to Users at the Forest and Domain Levels
The Authenticated Users group includes global users in trusted domains and realms. You need another approach to limit access to users in the forest and domain.
—
Randy Franklin Smith
Access Denied: Limiting User Access from the Desktop
Prevent users from using Internet Explorer (IE) to browse restricted drives.
—
Randy Franklin Smith
Access Denied: Locating All the GPOs in Your Domain
Discover how to get a list of all GPOs in your domain without accessing the Group Policy tab for each OU.
—
Randy Franklin Smith
Access Denied: Locking Down PCs' Portable-Media Drives
Don't forget about portable-media drives when you're securing PCs.
—
Randy Franklin Smith
Access Denied: Logging the Workstation Name on Win2K
When Win2K uses Kerberos for a logon, the OS doesn't log the workstation name. But you can determine the workstation's name from its IP address.
—
Randy Franklin Smith
Access Denied: Looking for the MMC Local Security Settings Console
Windows Server 2003 DCs don’t have the Local Security Settings console under Administrative Tools. Windows 2003 computers that aren't a domain member do have the console.
—
Randy Franklin Smith
Access Denied: Making MBSA Ignore Patches to Disabled Services
Prevent updates for disabled services and features from generating false positives on MBSA reports.
—
Randy Franklin Smith
Access Denied: Managing Office Updates
Currently, SUS handles only OS updates. To manage patches to Office applications, you need a third-party solution.
—
Randy Franklin Smith
Access Denied: Mitigating a Problem with Computer-Only Authentication to a WLAN
Basing client authentication to your wireless LAN on the computer's certificate instead of the user's certificate could let an intruder access your entire LAN. Learn how to avoid this threat.
—
Randy Franklin Smith
Access Denied: Mixed Mode vs. Native Mode
Learn the difference between mixed mode and native mode in AD domains.
—
Randy Franklin Smith
Access Denied: Monitoring for Unauthorized Scheduled Tasks
Windows Server 2003 offers an event ID that reveals whether someone has scheduled an unauthorized task.
—
Randy Franklin Smith
Access Denied: Monitoring Security with Custom MMC Consoles
Set up custom MMC views to easily and efficiently monitor security events on multiple computers.
—
Randy Franklin Smith
Access Denied: NTFS Permissions
Learn the best way to reset NTFS permissions on a partition after converting it from FAT32.
—
Randy Franklin Smith
Access Denied: Obtaining a Server Certificate from Your Own CA
Configuring IIS to use HTTPS for a secure Web site requires you to install a server certificate. If you don't have a third-party Certification Authority from which to get a certificate, an alternative is to set up your own CA.
—
Randy Franklin Smith
Access Denied: Operation-Based Auditing
Whereas earlier versions of Windows can tell you only whether a file has been accessed, Windows Server 2003 can reveal whether operations were performed on the file.
—
Randy Franklin Smith
Access Denied: Overriding a Trust Relationship Within a Forest
You can't disable the trust relationship between domains within a forest, but you can use the deny logon user rights to effectively override it.
—
Randy Franklin Smith
Access Denied: Prevent Administrators from Overriding EFS
Randy provides information about securing confidential data in user home directories.
—
Randy Franklin Smith
Access Denied: Preventing Administrators from Using L0phtCrack
You can't completely stop administrators from using L0phtCrack to crack passwords, but you can make L0phtCrack less effective.
—
Randy Franklin Smith
Access Denied: Preventing Anonymous Users from Gaining Access to Files and Other Resources
Learn how to manage the Everyone group to prevent anonymous users from gaining access to your files and other resources.
—
Randy Franklin Smith
Access Denied: Preventing Attackers from Bypassing IP Security Packet Filtering
A sophisticated attacker can spoof the source port to make a packet look like a legitimate Kerberos or IKE packet. Learn how to block such attacks.
—
Randy Franklin Smith
Access Denied: Preventing Users in Trusted Domains from Accessing Servers Through Telnet
A registry tweak lets only users in your domain access your servers through Telnet.
—
Randy Franklin Smith
Access Denied: Printing ACLs
Find out a way to document who has been delegated authority over an OU without having to keep manual listings.
—
Randy Franklin Smith
Access Denied: Proactive Web Server Security
Learn how you can proactively secure your systems against unforeseen vulnerabilities.
—
Randy Franklin Smith
Access Denied: Protecting PCs with XP SP2 Windows Firewall
Even if you have a perimeter firewall, XP SP2 Windows Firewall's extra layer of protection is a good idea.
—
Randy Franklin Smith
Access Denied: Protecting Workstations from Remote Access
Make sure no one can use Remote Assistance, Remote Desktop, or Terminal Services to remotely access sensitive data.
—
Randy Franklin Smith
Access Denied: Protecting Your Internal Network Against Attacks from Untrusted Networks
Know the options for protecting your internal network against attacks from untrusted networks.
—
Randy Franklin Smith
Access Denied: Protection from L0phtCrack
Learn how to protect your Windows 2000 and Windows NT servers from LOphtCrack and similar tools.
—
Randy Franklin Smith
Access Denied: Putting MBSA Scan Information into a Database
To combine MBSA reports for multiple computers into a single report, use a third-party utility to export the information to a database.
—
Randy Franklin Smith
Access Denied: Recovering Files Encrypted with EFS
Learn how to recover files encrypted with Encrypting File System (EFS).
—
Randy Franklin Smith
Access Denied: Recovering Write Permissions to GPOs
If a malicious employee has changed GPO permissions to deny administrators write access, you can use the GUI to reset those permissions.
—
Randy Franklin Smith
Access Denied: Reducing the Risk of Viruses from HTML Email
Reduce the risk of receiving viruses that spread through HTML-formatted email messages.
—
Randy Franklin Smith
Access Denied: Regaining Administrator Access to an OU
Learn how to regain Administrator access to an organizational unit (OU) after the ACL has been edited to remove Administrator access.
—
Randy Franklin Smith
Access Denied: Remove Users from Local Admin Group
Randy tells you how to remove users from the local Administrators group on all workstations—without having to visit each computer.
—
Randy Franklin Smith
Access Denied: Requiring VPN Users to Run Certain Software
Using Windows 2003's IAS, you can prevent VPN users who aren't running antivirus or other necessary software from logging on to your network.
—
Randy Franklin Smith
Access Denied: Reset the Administrator Password on a Locked-Out Machine
Randy explains how to reset the Administrator password on locked-out, non-DC Windows 2000 Server, Windows 2000 Professional, and Windows NT systems.
—
Randy Franklin Smith
Access Denied: Resetting Permissions for a Directory Tree
Learn how to reset permissions for a directory tree in one step.
—
Randy Franklin Smith
Access Denied: Restricting Anonymous Connections in Win2K
You can set the Additional restrictions for anonymous connections policy to one of three values: None. Rely on default permissions, Do not allow enumeration of SAM accounts and shares, or No access without explicit anonymous permissions
—
Randy Franklin Smith
Access Denied: Restricting Guest Access to Logs
Use Group Policy to prevent the Guests group from accessing System and Application event logs.
—
Randy Franklin Smith
Access Denied: Restricting Permissions on Servers Upgraded from Windows NT
Use a security template and Group Policy to restrict permissions on registry keys on servers that have been upgraded from NT Server to Windows 2003 or Win2K Server.
—
Randy Franklin Smith
Access Denied: Restricting the Programs Users Can Run
Software restriction policies provide more control than APPSEC does.
—
Randy Franklin Smith
Access Denied: Restricting Users' Ability to Install Printer Drivers
By default, Win2K Pro users who belong to the local Users group can install printer drivers. You can modify the registry to restrict this ability to Administrators and Power Users.
—
Randy Franklin Smith
Access Denied: Restricting Users' Read Access to AD Objects
Restrict Read permissions on AD objects that you don’t want users to be able to read, but be judicious, or you might run into problems.
—
Randy Franklin Smith
Access Denied: Returning to a Domain's Default Permissions
The Dsacls command lets you configure AD permissions from the command line.
—
Randy Franklin Smith
Access Denied: Reviewing the No Override Option for GPOs
Review the rules that govern the No Override option for GPOs.
—
Randy Franklin Smith
Access Denied: Safeguarding FTP Files
Get around FTP's weak authentication by using encryption and implementing proper user permissions.
—
Randy Franklin Smith
Access Denied: Safeguarding Web Users' Confidential Data
Use public/private key encryption to protect confidential Web user files that are temporarily stored in a staging file on the Web server.
—
Randy Franklin Smith
Access Denied: Scanning for Office Updates
MBSA can't scan for missing Office updates, but you can use one of two other options to do the job.
—
Randy Franklin Smith
Access Denied: Scheduling Jobs on a Remote Server
You'll need a third-party product to let users schedule jobs remotely on a server.
—
Randy Franklin Smith
Access Denied: Securely Administering a Remote Server
Learn why remotely administering a server through Terminal Services is more secure that using MMC snap-ins.
—
Randy Franklin Smith
Access Denied: Securing a Wireless Network
Use 802.1x authentication to help you secure your wireless network by leveraging the Windows and AD infrastructures you've already built.
—
Randy Franklin Smith
Access Denied: Securing Crucial Servers in a WLAN Environment
Here are four ways to limit access to servers on a wired network to just employees but let both employees and visitors use a wireless network to access a Web-based collaboration tool.
—
Randy Franklin Smith
Access Denied: Securing DHCP So That It Leases Addresses Only to Clients with Reservations
Learn methods for securing your DHCP servers.
—
Randy Franklin Smith
Access Denied: Setting Permissions on Windows Server 2003 Shared Folders
Learn how Windows 2003's share-level permissions differ from Windows 2000's permissions.
—
Randy Franklin Smith
Access Denied: Solving Password Problems That Involve Your PDC
Learn how to address password problems that involve your PDC.
—
Randy Franklin Smith
Access Denied: Specifying Spooler Permissions on Just One DC
Learn how to manually assign permissions for the print spooler service without modifying the Default Domain Controller Policy.
—
Randy Franklin Smith
Access Denied: Terminal Services Alternatives
Find out where and how to download Windows 2000 Server Terminal Services.
—
Randy Franklin Smith
Access Denied: The Importance of Windows XP SP2
The soon-to-be-released XP SP2 is so important to the security of your network that you should start testing it now.
—
Randy Franklin Smith
Access Denied: The Microsoft Product Support Life Cycle
Want to know how much longer Microsoft will continue to support Windows NT or other products? Microsoft has a consistent and predictable policy for product support.
—
Randy Franklin Smith
Access Denied: Tracking IP Addresses to Specific Machines
Learn how to use the DHCP server log to determine which computer had a specific IP address at a certain time.
—
Randy Franklin Smith
Access Denied: Tracking Terminal Services Logons
Use process tracking to differentiate Terminal Services from other interactive logons.
—
Randy Franklin Smith
Access Denied: Tracking Users Who Use Telnet to Connect to Your Computers
Learn how to track users who use Telnet to connect to your computers.
—
Randy Franklin Smith
Access Denied: Troubleshooting a "Failed to open the Group Policy Object" Error
If Windows can't find a GPO, use these tips to find the problem.
—
Randy Franklin Smith
Access Denied: Troubleshooting IPSec
Learn how to confirm that IPSec policies are active and working properly.
—
Randy Franklin Smith
Access Denied: Troubleshooting User Rights Problems
How do you change permissions and user rights on a file server?
—
Randy Franklin Smith
Access Denied: Understand the Difference Between AD OUs and Groups
Randy explains the difference between putting a user in a group and putting a user in an organizational unit (OU).
—
Randy Franklin Smith
Access Denied: Understanding EFS Limitations
Because EFS protects only copies of files stored on disk, you need to take extra measures to protect files in the pagefile, temporary files, and files on computers that hibernate.
—
Randy Franklin Smith
Access Denied: Understanding Event ID 560
Learn how to distinguish between password changes and password resets.
—
Randy Franklin Smith
Access Denied: Understanding Event IDs 683 and 682
Learn the significance of disconnecting from and reconnecting to winstation sessions.
—
Randy Franklin Smith
Access Denied: Understanding Logon Type 10
Find out what logon type 10 tells you about an event.
—
Randy Franklin Smith
Access Denied: Understanding the "Increase quotas" User Right
Contrary to what you might think, "Increase quotas" applies to processor quotas, not to user disk space quotas.
—
Randy Franklin Smith
Access Denied: Understanding the Access this computer from the network User Right
The Access this computer from the network user right applies only to the Server service and the resources it provides, including remote access to files and printers and to the resources you see in the Microsoft Management Console Computer.
—
Randy Franklin Smith
Access Denied: Understanding the Anonymous Enumeration Policies
By default, Windows 2003 and XP disable the Network access, which means anonymous connections can enumerate shares but can't list local user accounts.
—
Randy Franklin Smith
Access Denied: Understanding Windows Server 2003's Local Security Settings
The MMC Local Security Settings snap-in changed with Windows 2003 and XP but still tells you everything you need to know.
—
Randy Franklin Smith
Access Denied: Understanding Wireless-Security Protocols
The pursuit of wireless security has led to a plethora of protocols. Clear up the confusion with this high-level view of the relationship between 802.11, 802.1x, 802.11i, WEP, and WPA.
—
Randy Franklin Smith
Access Denied: Using a DC's Last-Logoff Field
Although you can access last-logon and last-logoff information for users on a DC, the data is unreliable.
—
Randy Franklin Smith
Access Denied: Using AD's Send As and Receive As Permissions
Use the Send As and Receive As permissions to let users send and receive email from mailboxes without revealing their identify.
—
Randy Franklin Smith
Access Denied: Using EFS with and Without AD
Discover the differences between working with Encrypting File System (EFS) with and without Active Directory (AD).
—
Randy Franklin Smith
Access Denied: Using Group Policy to Install Service Packs
SUS doesn't support service pack installation, but Group Policy makes applying updates to multiple computers easy.
—
Randy Franklin Smith
Access Denied: Using Group Policy to Log Off Users
Learn the difference between two Group Policy Object (GPO) settings and how to use them to log users off automatically.
—
Randy Franklin Smith
Access Denied: Using IPSec with NAT
Because of an incompatibility between IPSec and NAT, you can't use L2TP over a firewall that performs NAT.
—
Randy Franklin Smith
Access Denied: Using L2TP to Protect VPNs
PPTP VPNs might be open to misuse by savvy end users. To secure your VPN, use Layer Two Tunneling Protocol instead.
—
Randy Franklin Smith
Access Denied: Using Log Parser to Audit Domain Logons
The Log Parser tool lets you use SQL-like queries to extract data from log files.
—
Randy Franklin Smith
Access Denied: Using One GPO to Control Both Windows XP and Windows 2000 Settings
To manage XP's and Win2K's settings from the same GPO, you first need to update the GPO to include XP's new settings.
—
Randy Franklin Smith
Access Denied: Using Passwords with Kerberos
Although more resistant to cracking than NTLM, Kerberos is still vulnerable in the absence of strong passwords.
—
Randy Franklin Smith
Access Denied: Using the "Audit account logon events" Category on Member Servers and Workstations
Learn how to use the "Audit account logon events" audit category to gather useful information about member servers and workstations.
—
Randy Franklin Smith
Access Denied: Using the MMC Active Directory Users and Computers Snap-In to List Users in Your Domain
Learn how to use the MMC Active Directory Users and Computers snap-in to list users in your domain.
—
Randy Franklin Smith
Access Denied: Using the Windows .NET Framework to Control Mobile Code
The Framework can't yet mitigate the risk associated with most code that users download from the Internet, but Windows XP's software restriction policies can provide some help.
—
Randy Franklin Smith
Access Denied: Using Win2K Group Policy to Manage New XP Group Policy Settings
Learn how to centrally manage XP's new Group Policy settings.
—
Randy Franklin Smith
Access Denied: Using Windows Server 2003's Certificate Templates
Microsoft significantly enhanced certificate templates in Windows 2003 but makes the new functionality available only in Enterprise Edition and Datacenter Edition.
—
Randy Franklin Smith
Access Denied: Using Windows Update with IP Security Policies
Using IP packet filtering to lock down your system can prevent you from downloading Microsoft updates. Here's how to work around the problem.
—
Randy Franklin Smith
Access Denied: Viewing Hidden Permissions for Individual Properties
Many of the properties AD defines for user objects are hidden from view by default. You can cause some hidden properties to appear in the MMC Active Directory Users and Computers snap-in, but you need to use a script to access others.
—
Randy Franklin Smith
Access Denied: Windows Server 2003's Permissions to Cmd.exe
Windows 2003's tighter security might mean that some scripts and batch files don't work after you migrate. Here's how to fix the problem.
—
Randy Franklin Smith
Implementing Least Privilege with AD
Learn how to apply the concept of least privilege to AD administration.
—
Randy Franklin Smith
Setting Permissions on Win2K Services
Learn how to view and edit the permissions on Win2K services.
—
Randy Franklin Smith
Troubleshooting Problems with the Start, Stop and Pause Permission
Learn the trick to solving a problem with the Start, stop and pause permission.
—
Randy Franklin Smith
Using the SELF Subject in Win2K ACLs
Learn how to use the SELF subject to assign permissions at the OU level.
—
Randy Franklin Smith
[Feature]
10 Tips for Securing Your Service Accounts
Using a service account for application services is much safer than using a System account. However, even with service accounts, you still face some security risks. Here’s how to thwart them.
—
Jarvis Robinson
11 Port Enumerators
Have you found an open port on your computer? Worried you might have a virus? Here's a look at 11 port enumerators that can help you track open ports to their source programs.
—
Roger A. Grimes
3 Ways to Rein in Your Wireless Signals
You can use three basic methods to limit wireless network radio signals. Here's how they work.
—
Mark Joseph Edwards
5 Techniques for Establishing Highly Secure Systems
Paula Sharick describes 5 TCP registry modifications you can implement to protect your systems from Denial of Service (DoS) attacks and other common exploits.
—
Paula Sharick
9 Ways to Diagnose Windows 2003 IPsec Problems
Here's how to ensure that IPsec is running smoothly in your environment and how to use built-in Windows 2003 tools to diagnose problems if they do crop up.
—
Orin Thomas
A Matter of Trust
Want to really get a handle on security? Be sure you understand the fundamental concepts that surround Windows security authorities and OS trust.
—
Jan De Clercq
AD Delegation Eases Administration
You can assign permissions on selected AD objects to certain users and groups—for example, giving Help desk staff authority to reset user account passwords—to make a large AD infrastructure more manageable.
—
Jan De Clercq
AD Tombstone Objects
Windows 2003 lets you restore deleted objects in AD. Find out the basics of AD's tombstoning process and how to bring deleted objects back from the dead.
—
Robbie Allen
Audit Your Organization’s Password Strength with L0phtCrack
Use L0phtCrack auditing to improve the quality of passwords in your organization.
—
Randy Franklin Smith
Audit Your Passwords
Audit your password security—and whether your users adhere to password policies—with the Cain & Abel password-cracking tool.
—
Tony Howlett
Audit Your Web Applications for Better Security
You can prevent some problems when you install and configure Web applications, but you should also audit your system regularly to detect potential vulnerabilities and address them.
—
Mark Joseph Edwards
Auditing IIS Security with Log Parser
This free command-line tool draws data from your Web server's logs that you can examine for suspicious activity.
—
Orin Thomas
Authenticate Internet Access with ISA Server
Use Microsoft ISA Server to provide clients secure—and authenticated—Internet access.
—
Leon Braginski
Avoiding WinZapper's Sting
Learn to protect your NT security log from a new utility that lets intruders erase the log while the OS is running.
—
Randy Franklin Smith
Barricading Terminal Services
Windows 2003's new version of Terminal Server gives you a plethora of granular security settings that you can use to lock down your installation.
—
Jeff Fellinge
Bluetooth Security Essentials
As Bluetooth becomes more widespread, it's important that you understand its security features and potential risks.
—
John Howie
Build a Bastion Host
Protect against Internet attacks by building a server that has a highly secure OS.
—
Christopher Witter
Building a 3-Tier CA Hierarchy
Learn about certificate technology and how to set up your own CA.
—
Joseph Neubauer
Building a Secure VPN
Keep in mind some major considerations when purchasing a VPN solution and follow a few recommendations about how to securely run it, and you can achieve the Private in a Virtual Private Network.
—
Tony Howlett
Building and Using an Incident Response Toolkit, Part 1
Quickly and appropriately responding to a computer security incident is vital. Learn how to build a toolkit that lets you quickly collect data from the compromised machine.
—
Matt Lesko
Building and Using an Incident Response Toolkit, Part 2
In this second installment of a two-part article, you’ll learn how to use an incident response toolkit to quickly collect data from a compromised machine’s file system.
—
Matt Lesko
CA Trust Relationships in Windows Server 2003 PKI
Windows 2003 PKI's enhanced trust features make Windows PKI more powerful and flexible but also more complex. Learn about the different PKI trust models and choose the one that best suits your environment.
—
Jan De Clercq
Change Local Administrator Account Passwords Automatically
Good security practices include regularly changing local Administrator account passwords. Here's a script that does the job for you automatically.
—
Alex K. Angelopoulos
Combating Hoax Virus Messages
Learn how to identify and defend against hoax virus messages.
—
Roger A. Grimes
Configuring ISA Server Clients
ISA Server's Web Proxy Autodiscovery capability and Firewall Client software make setup a breeze for intranet clients that use ISA Server to get to the Internet.
—
Leon Braginski
Configuring ISA Server for SSL/TLS
Learn how to configure SSL/TLS protocols for secure Web connections in a typical ISA Server environment.
—
Jan De Clercq
Configuring SSL/TLS
This article discusses some hidden traps you might encounter when you use IIS 6.0 to configure SSL/TLS for secure Web communications.
—
Jan De Clercq
Crank Up Security with MBSA 2.0
Does the security state of your network devices meets Microsoft's security recommendations? Are your devices up to date with the patches and security updates that Microsoft has released? Run the Microsoft Baseline Security Analyzer tool to find out.
—
John Howie
Danger: Remote Access Trojans
Remote Access Trojans (RATs) can scurry through your PC, causing considerable damage. Learn how to detect and extermination these malicious pests.
—
Roger A. Grimes
Defense In-depth
The IP Security (IPSec) protocol can help you defend your system from attack. Learn how to use IPSec to secure your environment.
—
Michael Howard
Deploy Your Network IDS Effectively
Where you place your network Intrusion Detection System (IDS) sensors and how you manage the information they provide are crucial factors in how well the IDS protects your network.
—
Jason Harper
DNS Lockdown
Many administrators overlook DNS implementing security. Take these 6 steps to ensure that DNS doesn't become a security liability on your network.
—
Joe Rudich
Do You Need to Update YourSecurity Hotfixes?
Microsoft recently acknowledged that file-version-number problems affect 24 English-language security updates and two OS hotfixes. Learn how to find out if your hotfixes are affected and how to fix them.
—
Paula Sharick
EFS Enhancements in Windows XP
Windows XP improves EFS data recovery but introduces a key flaw in EFS’s new password reset disk feature.
—
Randy Franklin Smith
Enhancing Win2K Logon Security with Smart Cards
With the release of Windows 2000, Microsoft has expanded support for smart cards. Here’s a look at how to set up a smart card logon system in your Win2K network.
—
John Howie
Essential Network Monitoring for the SMB, Part 1
In this first part of a two-part series, we identify the various devices and systems that you should monitor in an SMB for both security and operations purposes. We also identify the most common data-monitoring sources.
—
Randy Franklin Smith
Essential Network Monitoring, Part 2: The Tools
In this second part of a two-part series, we show you how to build a barebones monitoring solution by using free or inexpensive tools that are Windows event log–centric
—
Randy Franklin Smith
Evaluating ICF
Learn how to configure Windows XP's Internet Connection Firewall, which can provide basic, one-way security protection against mischievous probes and malware.
—
Roger A. Grimes
Evaluating Security Certifications
Information security–related certifications are becoming more prevalent. Here's how to decide whether one or more might be a good move for you and your career.
—
Randy Franklin Smith
Exposing IE’s Hidden Zone
Hidden from view, the My Computer zone goes unnoticed by many people. However, exposing this zone and manipulating its security settings can help tighten security in IE.
—
Mark Joseph Edwards
Extending Windows SSO to Enterprises
ENTSSO is a valuable service for enterprises that want to streamline and integrate the Windows-rooted portions of their IT infrastructures and applications with other legacy systems and applications.
—
Jan De Clercq
File-Healing Utilities Help Prevent DLL Hell and Malicious Code
To help prevent DLL hell, Microsoft includes SFC, WFP, and SFP in several Windows OSs. Although not their primary intention, these utilities also prevent malicious code.
—
Roger A. Grimes
Filter for Security
The third in a series, this article goes farther in depth to show you how to design LogParser queries to find important security information.
—
Randy Franklin Smith
Firewall Appliances, Part 1
Firewalls aren't what they used to be, which is a good thing. As attacks have become increasingly sophisticated, firewall solutions have had to adapt. In this first part of a two-part series, we look at firewall solutions for low-security SMBs.
—
Thomas W. Shinder
Firewall Appliances, Part 2
In this conclusion to our two-part series, we take a look at popular firewall appliances that are well suited to high-security SMBs and enterprise branch offices.
—
Thomas W. Shinder
FOR MORE INFORMATION
Understanding how EFS works is the key to securing your environment. Here are a few resources to get you started.
—
John Howie
Get Ready to Bump Up Security with IE 7.0
Microsoft's browser has had lots of bad publicity because of its security vulnerabilities. But Beta 1 of IE 7.0 gives a preview of security enhancements that will make your users and your systems safer.
—
Jeff Fellinge
Getting to Know ADAM
ADAM is a truly lightweight solution for environments that require only a simple LDAP directory or that struggle with integrating directory security with Windows security.
—
John Howie
Golden Rules to Group By
This introduction to groups in Windows discusses group types, group scopes, and important rules for using groups to set up resource permissions.
—
Jan De Clercq
Group Policy Changes in Windows Server 2003
Through new tools and overall fine-tuning, Windows 2003 beefs up the ROI of implementing Group Policy.
—
Joe Rudich
Guarding Your Certificate Authorities
Implement some disaster-prevention and recovery techniques that will help keep your CAs and the certificates they issue secure.
—
Brien Posey
Hands-On NAQC
Here's a hands-on tutorial for implementing NAQC for XP VPN clients, using strictly Microsoft-based tools so that you don't have to go out and seek third-party products.
—
Orin Thomas
Hardening Service Applications
Harden third-party software and reduce your security risk—create a user account for your software application to run on and grant it only the privileges necessary to do its job.
—
Mark Burnett
Hfnetchk: Microsoft's New Hotfix Tool
Microsoft's new tool, Hfnetchk, simplifies the process of auditing and installing security hotfixes on your network system.
—
Paula Sharick
Hidden Risks in Email and Newsgroup Messages
Guard against several vulnerabilities that exist in email and newsgroup messages.
—
Roger A. Grimes
Honeyd for Windows
Familiar with the benefits of a honeypot solution? Here's a look at how to configure and deploy a new Windows port of the popular UNIX-based Honeyd utility.
—
Roger A. Grimes
Honeypots and Resource-Integrity Tools
Learn how to track system intruders with honeypots and resource-integrity tools. Honeypots can lure attackers so that you can study their methods of operation, and resource-integrity tools can alert you to changes in files or other system resources.
—
Michael Howard
How to Build a Snort Server
IDSs are an important part of any network. One free, open-source tool for implementing an IDS is Snort.
—
Morris Lewis
How to Choose an Antivirus Scanner
Determining the perfect antivirus product for a given environment can be a difficult task. To do so, you need to understand the ingredients of a good antivirus scanner. Here's where to begin your research.
—
Roger A. Grimes
How to Set Up a DMZ with ISA Server
Without a DMZ to separate your publicly accessible servers from your internal LAN, you’re exposing your internal network to unnecessary risk.
—
Randy Franklin Smith
IIS Application Isolation
Enabling application isolation on an IIS server involves controlling the application's process identity and the user identity, along with expert use of NTFS permissions.
—
Brett Hill
IM Security Primer
Learn the basics of Instant Messaging, meet the four big IM networks, come to know the most common attacks, and find out how to protect your network against them.
—
Roger A. Grimes
Improve Security with Windows XP's Command-Line Tools
Windows XP provides new command-line tools, as well as new versions of some old favorites, to help you secure your systems.
—
John Howie
Interoperable Windows and UNIX Security
Microsoft SFU 3.0 supports secure interoperability between Windows and UNIX.
—
Jan De Clercq
Introducing Credential Manager
Microsoft includes a single sign-on solution called Credential Manager in Windows Server 2003 and Windows XP.
—
Jan De Clercq
IPSec and Group Policy: A Stronger Defense
Use IP Security and Win2K Group Policy to build a strong internal defense around your mission-critical resources.
—
Randy Franklin Smith
IPSec and Group Policy: The Next Step
The second article in this two-part series discusses IPSec's certificate-based authentication.
—
Randy Franklin Smith
IPSec Tunneling with ISA Server
If you use ISA Server as a router or firewall, you already have everything you need to create an effective Internet VPN.
—
Roger A. Grimes
ISA Server 2004: Safer Services, Continued
Part 2 of this two-part series walks you through the remaining steps in a sample ISA Server 2004 configuration that can increase security for Internet-facing applications.
—
Thomas W. Shinder
ISA Server 2006’s New Publishing Tasks
If you've struggled to publish Exchange Web Client Access or SharePoint sites, you'll find the publishing tasks in ISA Server 2006 more to your liking.
—
Orin Thomas
ISA Server's Caching Capabilities, Part 1
This first article in a two-part series explains how to configure and test ISA Server's Web cache.
—
Leon Braginski
ISA Server's Caching Capabilities, Part 2
This second article in a two-part series explains ISA Server's active caching feature, how to prepopulate the cache, advanced cache options, how to monitor the cache, and how to use scripts to work with the cache.
—
Leon Braginski
Keep Out: Spam and Viruses
Check out how your small business can benefit from a multilayered security strategy that deploys antispam and antivirus protection across a network.
—
Paul Robichaux
Learn To Be Least
Use these simple techniques to put least privilege into practice.
—
Jan De Clercq
Learning from SQL Slammer
Learn how to protect your systems from future attacks by SQL Slammer and similar worms.
—
Shon Harris
Leveraging EFS with Your PKI
EFS is a powerful technology that lets users protect sensitive data by encrypting it. Find out how to leverage EFS by tying it into your PKI.
—
John Howie
Logon Rights: The Heart of Windows Access Control
Learn about the 10 logon rights in Windows Server 2003 and Windows XP and how to use them to control how users can log on to local systems, over a network, or via Terminal Services.
—
Jan De Clercq
LogParser
Use Microsoft's LogParser tool to find the vital events buried in your Security logs.
—
Randy Franklin Smith
Map Out Your Wireless-Security Audits
Use graphical maps of your wireless network to increase security.
—
Tony Howlett
Messaging CIA
Whether main charge is security or Exchange Server, ensuring the confidentiality, integrity, and availability of your messaging systems is in your best interest.
—
Paul Robichaux
Messaging Security
Learn about 5 methods for encrypting your email communications: encrypted MAPI, SSL/TLS, IPsec, PGP, and S/MIME.
—
Devin L. Ganger
Microsoft Baseline Security Analyzer
The agile MBSA offers a lightweight but thorough approach to monitoring your systems for common vulnerabilities.
—
Jeff Fellinge
Microsoft Security Readiness Kit 4.1
Microsoft combines security-related documentation, tools, and patches in a convenient package that creates a valuable addition to your security library or toolbox.
—
Jeff Fellinge
MOM for SMBs
MOM 2005 Workgroup Edition is designed for use in networks with up to 10 servers. Here's how to prepare for, install, and use it.
—
John Howie
Monitoring Your Systems with ISA Server
ISA Server offers you built-in monitoring and reporting functionality through logs, alerts, and reports.
—
Jeff Fellinge
Navigating the File System Permission Jungle
Windows' object-access control mechanism is so granular that it can be hard to work with. Here's a guide for cutting through the complexity and properly securing folders and files.
—
Roger A. Grimes
Nessus Security Scanner
Nessus Security Scanner is traditionally a UNIX vulnerability scanner, but a new client called NessusWX brings this powerful program's functionality to Windows. Here's how to set it up.
—
Matt Lesko
Netcat
Discover the varied uses of this handy port-scanning and file-transfer tool.
—
Jeff Fellinge
Network Port Fundamentals, Part 1
n this first part of a two-part series, learn about the importance of understanding how computers and network devices such as firewalls use network ports.
—
Jeff Fellinge
