Login_Logoff script at user login

login
echo Logon to, %computername%, by, %username%, at, %time%, on, %date%, >>\\spcsrv\Login_logoff_Events$\Login\in.txt
logoff
echo Log Off of, %computername%, by, %username%, at, %time%, on, %date%, >>\\spcsrv\Login_logoff_Events$\Logoff\out.txt

 

How Reset Symantec Endpoint Protection Manager Admin Password

You can use ‘resetpass.bat’ file, it will reset the password for the Symantec Endpoint Protection Manager admin account.
1. open Windows Services, then stop ‘Symantec Endpoint Protection manager’
2. Go to:
C:\Program Files\Symantec\Symantec Endpoint Protection Manager\Tools
then, double-click the Resetpass.bat.
3. start again the ‘Symantec Endpoint Protection manager’ service.
4.Launch Symantec Endpoint Protection Manager Console
user: admin
password: admin
—-

 

Symantec EndPoint Protection How-To- Install & Configure

How to Install Symantec Endpoint Protection Manager:

Requirement:

• Windows 2000 Server with Service Pack 3, Windows XP, or Windows Server 2003
• Internet Information Services (IIS) version 5.0 or later, with World Wide Web services enabled
• Internet Explorer 6.0 or later
• Java Runtime Environment 5.0, update 13 or above recommended
• Hardware:

Component	32-bit	64-bit
Processor	900 Mhz Intel Pentium III	1 Ghz on x64 only with the following processors:- Intel Xeon with Intel EM64T support-Intel Pentium IV with EM64T support-AMD 64 Opteron-AMD 64 AthlonNote: Itanium is not supported. The management components are 32-bit applications.
Memory	1 GiB RAM Minimum (2-4 GiB Recommended)	1 GiB RAM Minimum (2-4 GiB Recommended)
Hard Disk	4 Gib for server, plus Additional 4 Gib for database	4 Gib for server, plus Additional 4 Gib for database
Display	Super VGA (1024×768 ) or higher resolution	Super VGA (1024×768 ) or higher resolution
Database	The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or later- MS-SQL server 2005	The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or laterMS-SQL server 2005

Installation Process:

a. Insert the installation CD and start the installation.

b. In the installation panel, click Install Symantec Endpoint Protection manager:

c. In the Welcome panel, click Next.

d. In the License Agreement panel, check I accept the terms in the license agreement, and then click Next.

e. In the Destination Folder panel, accept or change the installation directory.

f. Do one of the following:

- To configure the Symantec Endpoint Protection Manager IIS Web as the only Web server on this computer, check Create a custom Web site, and then click Next.

- To let the Symantec Endpoint Protection Manager IIS Web server run with other Web servers on this computer, check Use the default Web site, and then click Next.

g. In the Ready to Install panel, click Install.

h. When the installation finishes and the Install Wizard Complete panel appears, click Finish. Wait for the Management Server Configuration Wizard panel to appear, which can take up to 15 additional seconds.

How to Install Endpoint Protection Client:

Requirement:

• Windows 2000 Professional with Service Pack 3, Windows XP, Windows Server 2003, or Windows Vista
• Internet Explorer 6.0 or later
• Hardware :

Component	32-bit	64-bit
Processor	400 Mhz Intel Pentium III	1 Ghz on x64 only with the following processors:- Intel Xeon with Intel EM64T support-Intel Pentium IV with EM64T support-AMD 64 Opteron-AMD 64 AthlonNote: Itanium is not supported. The management components are 32-bit applications.
Memory	256 MiB of RAM	256 MiB of RAM
Hard Disk	600 MiB	700 MiB
Display	Super VGA (1024×768 ) or higher resolution	Super VGA (1024×768 ) or higher resolution
Database	The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or later- MS-SQL server 2005	The Symantec Endpoint Manager includes an embedded database. You may also chose to use one of the following version of MS-SQL database:- MS-SQL server 2000 with service pack 3 or laterMS-SQL server 2005

a. Endpoint Protection Client (Unmanaged/Standalone)

1. Insert the installation CD and start the installation.
2. In the installation panel, click Install Symantec Endpoint Protection:
3. In the Welcome panel, click Next.
4. In the License Agreement panel, check I accept the terms in the license agreement, and then click Next.
5. Select setup type: TYPICAL or CUSTOM, typical for default. click Next
6. In the Ready to Install panel, click Install.
7. Here the Symantec Endpoint Client screen shoot:

b. Endpoint Protection Client (Managed)

1. Start>>All Program>>Symantec Endpoint Protection Manager>>Migration And Deployment Wizard
2. Click “Next” then select “Deploy the Client”
3. follow the on-screen instructions.

Another method:

1. From Endpoint Manager Console, click “Client” icon then click ‘Find Unmanaged Computers”.
2. Insert the client ip address range, user/passwd, domain/workgroup then click “Search Now”.
3. you will see the client with ‘Deployment Status’ NO, select the client then click”Start Installation” button.
4. Wait for client installation till finish.
5. more detail, see the picture below. click to resize.

How To configure Endpoint Protection Manager:

A. Exporting/Create Client Installation Package:

When you export client software packages, you create client installation files for deployment. When you export packages, you must browse to a directory to contain the exported packages. Read more on Admin Guide, page 101:

B. Install and configure Symantec Live Update Administrator:

- Double-click ‘LUA21ESD.EXE’ from SEP disc2 (TOOLS\LIVEUPDATE Folder)

1. launch Symantec LiveUpdate Administrator, login with your username and password

2. Click ‘Configure’

3. click ‘Add New Products’

4. Select ‘Symantec Endpoint Protection’>’Symantec Endpoint Protection v11.0 English’

5. Configure ‘Source Server’

6. configure ‘Distribution Center’

-By default, SEP create 2 Distribution server, for Production and Testing. click ‘Add’ button to create a new Distribution Center

7. Add ‘Symantec Endpoint Protection v11 English’ Product to ‘Distribution Center’ coverage

-Click your distribution Center>Edit

Scroll down, then on ‘Product List’ >>click ‘Add’ >> select ‘Symantec Endpoint Protection 11 english’

8. Edit the ‘Preference’

9. Configure ‘Download and Distribute’, add Download schedule

10. Click ‘Run Now’ if you want to run the LiveUpdate now.

11. After fininshing the Update Process, run the ‘Manual Distribution request’ or you can create ‘Distribution Schedule’.

12. Last Step, Configure Symantec EndPoint Manager Live Update Policy .

C. Configure Device Policy (Exp. Block All USB device, CD/DVD Drives, Bluetooth)

(Exclude Human Interface Device: USB mouse, Joysticks, Gamepads)

-Click “Client”, select the User Group, click “Policies”, then right-click “Application and Device Control Policy” then select ‘Edit Policy’

-Click ‘Device Control’ tab

-in ‘Blocked Device’ click ‘Add’ button. select the device you want to block (USB, CD/DVD Drivers & Bluetooth Radios)

-in ‘Device Excluded from Blocking’ add/select ‘Human Interface Device (Mice, Joysticks, game pad and system control’;

D. Configure Security Policy (Firewall Rule)

 

How to increase the Exchange Server 2003 Service Pack 2 18-gigabyte database size limit

To increase the Exchange Server 2003 SP2 database size, follow these steps.

Important Before you increase the maximum size of an Exchange database, verify that sufficient hard disk space is available for the larger database.

1. On the computer that is running Exchange 2003 SP2, click Start, click Run, type regedit, and then click OK.
2. Click one of the following registry subkeys, as appropriate for the store that you want to increase:
   • For a mailbox store, click the following registry subkey:
     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\Server name\Private-Mailbox Store GUID
   • For a public folder store, click the following registry subkey:
     HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\Server name\Public-Public Store GUID
3. On the Edit menu, point to New, and then click DWORD Value.
4. In the New Value #1 box, type Database Size Limit in Gb, and then press ENTER.
5. Right-click Database Size Limit in Gb, and then click Modify.
6. Click Decimal, and then type an integer from 1 to 75 in the Value data box.

   Note These integer values represent the maximum size of the database in gigabytes (GB). For example, a value of 75 represents a database that has a maximum size of 75 GB.

7. Click OK, and then exit Registry Editor.
8. Restart the Microsoft Exchange Information Store service. To do this, follow these steps:
   1. Click Start, click Run, type cmd, and then click OK.
   2. At the command prompt, type the following command, and then press ENTER:
      net stop msexchangeis
   3. After the Microsoft Exchange Information Store service has stopped successfully, type the following command, and then press ENTER:
      net start msexchangeis
9. Examine the Application log to verify that the database size has been set successfully. To do this, follow these steps:
   1. Click Start, click Run, type eventvwr, and then click OK.
   2. In the Event Viewer tool, click Application.
   3. Double-click event ID 1216 to verify that the database size has been set successfully.

 

Creating the Outlook Auto-Reply

The second part is to write an Outlook rule that uses this template whenever it processes an incoming email that meets your criteria. In our example, the criteria are an email from someone in your contacts folder AND it was sent to the old email address.

1. From the Tools menu, select Rules and Alerts.

2. In the Rules and Alerts dialog, click New Rule…

3. In the Rules Wizard, click “Check messages when they arrive”. This is under Start from a blank rule.

4. Click Next.

5. In Step 1, check “with specific words in the recipient’s address”.

6. In the lower pane, click the hyperlink for “specific words”.

7. Enter the email address you are retiring.

8. Click Add.

9. Click OK.

10. Scroll down and check “sender is in specified Address Book”.

11. Click the hyperlink “specified” in the lower pane.

12. Highlight your address list and click Add.

13. Click Next.

14. For action, select “reply using a specific template”.

15. Click the hyperlink “a specific template” in lower pane.

16. In the Select a Reply Template, change the Look In: value to “User Templates in File System”.

17. Select the template you made.

18. Click Open.

19. Click Next.

20. Add any exceptions you wish and click Next.

21 Give your rule a name.

22. Click Finish.

 

Creating an Outlook Email Template

The first part is to create an email template for the rule. The template contains the information you wish to convey. In my friend’s case, he might enter his new information and also include a vCard attachment. For illustration purposes, these steps are using Outlook 2007.

1. Open Outlook

2. From the File menu, select New and then Mail Message.

3. Type a Subject: for the email. As example, “New contact info for …”

4. Add the content for your email.

Optionally, you can use the Insert tab and add your Business Card. This will attach your vCard, which may make it easier for people to add your contact details to their address books.

5. Click the Office button in the top left and select Save As.

6. In the Save As dialog, change the Save as type: field to “Outlook Template (*.oft). By default, the file will be saved in the Template folder.

7. Provide a descriptive File name for the template.

8. Click Save.

9. Press Alt+F4 to close the template.

10. Click No when asked if you wish to save draft.

Note: If you wish to check your template, you can click the triangle next to the New button and select Choose Form… Change the Look In: selection to “User Templates in File System”.

 

Backing up your IIS 6.0 Metabase

Load IIS from the Administrative tools in the Control Panel by clicking Start -> Administrative Tools -> IIS Manager (or loading the Control Panel, entering the Administrative Tools folder, and double clicking IIS Manager).

Right click your computer name, put your mouse over “All tasks” and click “Backup/Restore Configuration”

Click Create Backup

Now you can make up any name you want, not including dots (.) You can also password protect the back up if you choose

That’s it, you’re done! To restore the backup you can now select the backup you just made and press the Restore button

Your backup is stored in C:\WINDOWS\system32\inetsrv\MetaBack under the name you gave it. Actually, it will be 2 files. In the example I gave above 2 files were created:

visualwin backup.MD0
visualwin backup.SC0

I recommend the copying of these files to another folder, just in case.

 

How can I preview attachments in Microsoft Office Outlook 2007?

A: Outlook 2007 lets you preview attachments directly in the preview pane or the body of an open message. This feature has multiple benefits: Workstation and network security are improved, and user efficiency is increased. When you click an attachment to a message, you see a prompt in the preview pane for displaying the attachment’s contents, as Figure 1 shows. If you click the Preview file button, the attachment displays in the preview pane, as Figure 2 shows. If you click an attachment and the extension isn’t associated with a preview handler, you’ll see a message in the preview pane that says “This file cannot be previewed because there is no previewer installed for it.” You’ll also see a link that you can click for more information about Outlook 2007 preview handlers. New Outlook 2007 preview handlers are constantly being developed. For example, Adobe recently added the previewer functionality, which is available to Outlook 2007 when Adobe Reader 8.1 or later is installed.

The attachment preview feature is enabled by default. To disable the feature, select Tools, Trust Center; then open the Attachment Handling section, as Figure 3 shows, and select the Turn off Attachment Preview check box. You can use Group Policy or the Office Customization Tool (OCT) to enable this setting for administrative deployments or changes. You can also manually configure the registry subkey that controls this setting (e.g., through distribution of a .reg file). To disable the attachment preview feature when you next restart Outlook 2007, go to the HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Preferences\DisableAttachmentPreview registry subkey and set the DWORD value to 1.

Outlook 2007’s Trust Center includes an option for listing installed preview handlers. In the Attachment Handling section, click Attachment and Document Previewers. A dialog box similar to the one that Figure 4 shows will open. You can enable or disable various previewers for Outlook 2007 email accounts in this dialog box. The list of disabled items is also stored in the HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Outlook\Resiliency\DisabledItems registry subkey.

From a security standpoint, using Outlook 2007’s attachment preview is safer than using the associated application to open an attachment. Any malware or script code that’s embedded in an attachment is likely directed at weaknesses in the application expected to open the attachment. The preview pane doesn’t let scripts execute. Thus, if an infected attachment makes it past server and local filtering, the attachment preview reduces the risk of infection that occurs if an attachment is opened with its intended application.

An application’s preview handler status is maintained in the HKEY_CLASSES_ROOT registry subtree. However, editing this subtree to manipulate preview handlers isn’t a user-friendly solution. Stephen Toub, Technical Editor for MSDN Magazine, wrote an application called the Preview Handler Association Editor (http://blogs.msdn.com/toub/archive/2006/12/14/preview-handler-association-editor.aspx) that parses the HKEY_CLASSES_ROOT registry subtree and compiles a list of attachment extensions that you can preview in Outlook 2007.

The previewer technology isn’t solely a component of Outlook. Outlook 2007 and Windows Vista subscribe to the same preview mechanism. Preview handlers are hosted applications that present read-only previews of content to their host. Hosts currently include Outlook 2007 and Microsoft Internet Explorer (IE) in Vista. Third-party software companies can use Microsoft-provided tools to add their documents to the list of attachments that can be previewed in Outlook 2007. For more information about Preview Handlers, see the Microsoft Windows Software Development Kit for Windows Vista and .NET Framework 3.0 Runtime Components Web site (http://www.microsoft.com/downloads/details.aspx?familyid=c2b1e300-f358-4523-b479-f53d234cdccf) and the MSDN Preview Handlers Web site (http://msdn2.microsoft.com/en-us/library/aa969368.aspx).

 

How to create an Active Directory-integrated zone

How to create an Active Directory-integrated zone

1. Click Start, Administrative Tools, and then click DNS to open the DNS console.
2. In the console tree, select the DNS server that you want to create a new DNS zone.
3. From the Action menu, click the New Zone option.
4. On the initial page of the New Zone Wizard, click Next.
5. Select the zone type that you want to create. The options are Primary, to create a new standard primary zone; Secondary, to create a copy of the primary zone; and Stub, to create a copy of zone but for only the NS record, SOA record, and the glue A record.
6. Select the default selected option – Primary zone.
7. To integrate the new zone with Active Directory, and if the DNS server is a domain controller; then you can select the Store the zone in Active Directory (available only if DNS server is a domain controller) checkbox.
8. Click Next.
9. On the Active Directory Zone Replication Scope page, accept the default setting for DNS replication: To all domain controllers in the Active Directory domain. Click Next.
10. Select the Forward lookup zone option on the following page which is displayed by the New Zone Wizard, and then click Next.
11. 1 Enter a zone name for the new zone. Click Next.
12. 1 The options that you can select on the following page pertain to dynamic updates. The Allow only secure dynamic updates (recommended for Active Directory) option is only available if you are using Active Directory-integrated zones. Click Next.
13. 1 Click Finish to add the new zone to your DNS server.

OR

Integrate DNS with Active Directory Domain Services

Updated: March 10, 2009

Follow these steps to integrate DNS with Active Directory Domain Services by making the Management Server your primary DNS server for your domain’s forward and reverse lookup zones.

To make the Management Server the primary DNS server for forward and reverse lookup zones

1. In the Management Server with the DNS Management console open, right-click the forward zone that you created, and then click Properties.
2. On the General tab, click Change (next to Type).
3. In the Change Zone Type dialog box, click Primary zone, and then click OK. Do not change any other options yet.
4. Click Apply in the Properties dialog box.
5. On the General tab, click Change (next to Type).
6. In the Change Zone Type dialog box, verify that Store the zone in Active Directory… is selected, and then click OK.
7. In the confirmation dialog box, click Yes when asked if you want to integrate the domain with Active Directory®.
8. On the General tab, click the Dynamic updates drop-down list, and then change the value to Secure only.
9. On the Name Servers tab, if the name of your existing DNS server appears in the Name servers list, click it and then click Remove.
10. Click OK to close the Properties dialog box.
11. Repeat steps 1 through 10 to integrate each reverse zone. If you do not have any reverse zones, skip this step.

Proceed to Section B to continue the DNS migration.

 

cannot create file. Right-click the folder you want to create file in, and then click properties on the shortcut menu to check your permission for the folder

1. Open REGEDIT.EXE and go to Edit -> Find… In the Find dialog box type “OutlookSecureTempFolder” without the quotes and locate that registry key.
2. That key will contain the actual folder location, and will look like:
C:\Documents and Settings\%USER_NAME%\Local Settings\Temporary Internet Files\OLK#\ (where # is a random letter or number)
3. Copy the location of that folder.
4. Click on Start -> Run… and paste the folder location from step #4 then click OK.
5. Windows Explorer will open that folder. Please, delete all files present.
6. Restart Microsoft Outlook and you should be able to open your attachments.