DosFreak 2 Posted July 16, 2002 *clears throat* Mmmmhmmmm. [rant] Any BSOD's that you received under NT4/2K and did not receive under XP were caused by driver problems not a "superior OS". [/rant] [rant] Crappy hardware (such as the SB Live!) does not a stable system make. This is not the OS's fault no matter how much you wish to blame it as such. [/rant] [rant] By the very fact of being around longer. Being developed for longer and being marketed for a specific market, it is foolish to declare Windows XP as more Stable/Less buggy than Windows 2000. Windows XP Pro is obviously simply the uncrippled Home version and the Home version is the crippled Pro version. Which means that the Pro version is not as "Pro" as 2000 Pro. This is a fact. This is not debatable. Yes, get over it. Windows 2000 Pro is currently and will likely forever be more "Pro" than XP Pro. YES. IT IS. [/rant] Share this post Link to post
Uykucu 0 Posted July 17, 2002 Quote: *clears throat* Mmmmhmmmm. [rant] Any BSOD's that you received under NT4/2K and did not receive under XP were caused by driver problems not a "superior OS". [/rant] [rant] Crappy hardware (such as the SB Live!) does not a stable system make. This is not the OS's fault no matter how much you wish to blame it as such. [/rant] [rant] By the very fact of being around longer. Being developed for longer and being marketed for a specific market, it is foolish to declare Windows XP as more Stable/Less buggy than Windows 2000. Windows XP Pro is obviously simply the uncrippled Home version and the Home version is the crippled Pro version. Which means that the Pro version is not as "Pro" as 2000 Pro. This is a fact. This is not debatable. Yes, get over it. Windows 2000 Pro is currently and will likely forever be more "Pro" than XP Pro. YES. IT IS. [/rant] I dig your style. If possible i would write the msg above on the moon so everybody can read it. Share this post Link to post
Brian Frank 0 Posted July 22, 2002 For a strictly office machine, Win2k. If it's a multipurpose machine or a gaming machine, XP is better IMO. Share this post Link to post
sapiens74 0 Posted July 22, 2002 I second Brians statement Office machine dont have the horsepower to run XP. But I have had 3 crashes with XP since i have had it. Inluding the Betas and 2 VIa MB. It's stable as hell. Then Again so is my calculator. It usually when morons play admin that things go bad on any NT based OS. Share this post Link to post
Admiral LSD 0 Posted July 22, 2002 Quote: *clears throat* Mmmmhmmmm. [rant] Any BSOD's that you received under NT4/2K and did not receive under XP were caused by driver problems not a "superior OS". [/rant] [rant] Crappy hardware (such as the SB Live!) does not a stable system make. This is not the OS's fault no matter how much you wish to blame it as such. [/rant] [rant] By the very fact of being around longer. Being developed for longer and being marketed for a specific market, it is foolish to declare Windows XP as more Stable/Less buggy than Windows 2000. Windows XP Pro is obviously simply the uncrippled Home version and the Home version is the crippled Pro version. Which means that the Pro version is not as "Pro" as 2000 Pro. This is a fact. This is not debatable. Yes, get over it. Windows 2000 Pro is currently and will likely forever be more "Pro" than XP Pro. YES. IT IS. [/rant] ;( Whatever man... BUT, why should I waste my time ****ing around with the "superior" Windows 2000 when the "inferior" Windows XP solves all my problems? Share this post Link to post
Preacher 0 Posted July 22, 2002 I´ll give XP a definate try once the first service pack is out and my firewall system is up and running. Is a PII 450 on an Asus P2B-S with 256MB RAM going to be enough to run Conectiva Linux? Share this post Link to post
DosFreak 2 Posted July 22, 2002 Admiral, What a craptacular response. Try READING my post. Pay particular attention to the word PRO (aka PROFESSIONAL). Apply it to a work environment because that is what the PRO version of Windows 2000/XP is for. Now compare Windows 2000/XP in a work environment. Consider all factors. Now tell me why Windows XP is better for the sane minded indivdual. Geesh, ABC123. Share this post Link to post
clutch 1 Posted July 22, 2002 I can tell you why it's better: 1. Even tighter integration with (current and future iterations of) Active Directory as it has more keys to work with 2. It will support administration of .NET server and newer server releases directly rather than having to use Terminal Server all the time 3. Remote Desktop 4. Can be trimmed to look like Win2K, or keep Luna which does make life easier for some users There's some reasons why to keep XP Pro (yep, PRO as in PROFESSIONAL) in the work arena. Share this post Link to post
DosFreak 2 Posted July 23, 2002 Quote: Originally posted by clutch can tell you why it's better: 1. Even tighter integration with (current and future iterations of) Active Directory as it has more keys to work with. I don't see .NET server out yet...and it will not be out yet for quite a while. We are talking about XP not .NET so XP will not improve AD in any way, the admin tools for XP on a 2000 AD administration don't seem all that different to me but mabye you see something I don't. Quote: 2. It will support administration of .NET server and newer server releases directly rather than having to use Terminal Server all the time. ??. Quote: 3. Remote Desktop Tell me how this improves the DOMAIN. I do not see any benefits. Yes, Remote Desktop connecting to a TS (the RD client installs in 9x,NT4,2000 too) but not User to User where you need to control the user's desktop remotely. SMS/3rd party solutions are still king here. Quote: 4. Can be trimmed to look like Win2K, or keep Luna which does make life easier for some users. From what I've seen the 2K desktop is easier for the user to understand. It's also easier to troubleshoot over the phone. Too much variation in the XP desktop for quick troubleshooting. Yes, you could apply a policy to alter the desktop for all users and lock it down. Also trimming the features down does not get rid of all XP annoyances to PROFESSIONAL work. I've seen it time and time again. XP get's in the way. You'll need to go through hundreds of tweaks and then apply a policy just to get a useable desktop for a work environment. Quote: There's some reasons why to keep XP Pro (yep, PRO as in PROFESSIONAL) in the work arena. I'm waiting for some good ones...... Share this post Link to post
clutch 1 Posted July 23, 2002 I couldn't quite follow your post with your markup tags, so I will just reinforce what I stated: Quote: I can tell you why it's better: 1. Even tighter integration with (current and future iterations of) Active Directory as it has more keys to work with The next version of active directory that comes with .NET server will be further upgraded with tighter integration with the clients. This link (as posted a long while ago) can help clarify a bit, but if you were in the beta program you might have known this (and I should have mentioned it earlier for those who didn't): http://support.microsoft.com/default.aspx?scid=KB;EN-US;Q304718& Quote: 2. It will support administration of .NET server and newer server releases directly rather than having to use Terminal Server all the time See above Quote: 3. Remote Desktop I have used PCAnywhere and VNC, and I have used SMS Remote Control for quite a while I can most assuredly state that remote desktop is clearly better. It is much faster, and doesn't force the user to start a client manually, plus has built-in auditing that can be centrally mananged via AD or all the way down to the individual client using a single group policy either locally on the computer or connecting from another XP Pro box (these keys don't show up as options from a Win2K box unless you already have them configured on the client). Quote: 4. Can be trimmed to look like Win2K, or keep Luna which does make life easier for some users The adaptive menu system has been helpful for some, and intrusive for others, but in either case it wasn't a big deal to simply disable it. And now here's another reason: 5. It runs CAD/CAM renderings faster assuming that the app takes advantage of hardware acceleration in video cards. I first noticed this in Q3, but thought it was just limited to gaming. Then, I noticed a dramatic improvement in model loading time and model handling on my machine, not to mention the handling of multiple models simultaneously. So yes, I would have to say these are *very* good reasons for running Windows XP Pro in a work environment. You might have other reasons for not using it, and I can understand, but the ones I am listing are still sound. Share this post Link to post
clutch 1 Posted July 23, 2002 I do see that you are referencing Citrix a lot, and that's fine except I don't see many people loading that onto a client strictly for remote control purposes. Share this post Link to post
clutch 1 Posted July 23, 2002 The Terminal Services application came from Citrix actually, so it is probably just as efficient as the older ones that you are mentioning, but probably nowhere near as scalable and functional as the current offerings from Citrix. MS states that if you want expanded functionality to contact Citrix for one of their products. The main target of my post was that Windows XP Pro does indeed have several benefits over Windows 2000 in the workplace. I remember many people whining and complaining about how Win2K had "too many" wizards to go through and that it was too bloated. Now it just carries on to WinXP, and this will more than likely continue indefinately not just for operating systems, but in pretty much any software package from any manufacturer. Share this post Link to post
clutch 1 Posted July 23, 2002 Actually, the wizards have no effect on the users as I setup everything for them anyway. As a matter of fact, the less contact they have with system config options the better. Now, to answer your question, how do I let 'noobz' install WinZip? Well, I don't. Using SMS, I push this batch file: Code: md "%systemdrive%\Program Files\WinZip"cd "%systemdrive%\Program Files\WinZip"copy "\\server6\smspkgd$\AT100016\*.*" "%systemdrive%\Program Files\WinZip""%systemdrive%\Program Files\WinZip\winzip32.exe" /autoinstallmd "%userprofile%\..\all users\start menu\programs\WinZip"cd "%userprofile%\..\all users\start menu\programs\WinZip"copy "\\server6\smspkgd$\AT100016\Shortcuts\*.*" "%userprofile%\..\all users\start menu\programs\WinZip"copy "\\server6\smspkgd$\AT100016\Shortcuts\WinZip 8.0.lnk" "%userprofile%\..\all users\desktop"del "%systemdrive%\Program Files\WinZip\winzipsetup.bat" And presto, WinZip is installed. Share this post Link to post
clutch 1 Posted July 24, 2002 I generally don't let anyone have elevated access to anything. The only problems that I have had were users complaining of Win2K/WinXP going into low power mode either in workstations or laptops. In those cases I would let them be admins temporarily to adjust the power options on those systems, and then lock'em back out again. Once I get the time, I plan on making a template for those settings so I can push those out via AD. The only other time I have to screw with permissions is with poorly written apps like AutoCAD, which don't support NT permissions properly and you have to make them a local admin because of the installation layout. I *think* if I were to either A. Repackage the installer (gay), or B. Use a monitor to watch a fresh installation process *and* the first start up of the app under admin privies and then change all the permissions on those reg entries and files then I could probably (and have in the past) get around this. But for the most part I just lock'em down so it's less hassle. Oh, and with SMS you could trash a great many things with it, but over the last 2 years of using it I haven't run in to anything major. Share this post Link to post
DosFreak 2 Posted July 25, 2002 Quote: * Tell me, just curious... when you know a user KNOWS what's he or she is doing... do you let them have a little more "Freedom of Movement" regarding stuff they install? (I have yet to have a network admin constrain me, or other developers I have worked with is why I ask... most times, we get "Free Reign" & are given Domain Admin priveleges ourselves, and to a great deal of the REALLY valued stuff: The data, or at least, what is pertinent to the project at hand! We have to have access to it, cannot do our work otherwise!) \ A USER knows nothing. You must place that assumption firmly into your head upon becoming a Tech. Assume nothing. Usually when a USER does "KNOW" something they usually know very little or only half of what they should know. Unfortunately due to time constraints, minimal personel, quality of users most networks cannot edumacate theirs users fully nor will they ever be able to. So here's the rights that I give: USERS: Domain User rights. No admin access to local machine. Full access (Read/Write) to their directories on the server. WGM'S: Local Admin, Also usually Full Access to the Entire office files of which they administrate. Domain Admins: Full Control, We try to split it up and assign Backup Admin, Print Admin, etc etc but with constant coming and going this will never work out so we've pretty much given up on that. Also auditing is turned on and I'm constantly fine tuning it. When I get back I plan to also try to find better ways to audit my co-workers so we can pinpoint "mysterious things that happen all by themselves" ;( Share this post Link to post
DosFreak 2 Posted July 25, 2002 Quote: Whew, you're basically calling users stupid man, lol... I've yet to have any network admin I worked with do that to me at least. Not stupid but ignorant and yes they are. We all are but the users especially because mostly computers is not their field of expertise. Of course a network admin is not going to call you stupid/ignorant to your face! Have they every put ya on mute? If so that's them probly cussing you out! LOL! I do it almost ALL the time! I'm in the middle of creating an SMS query/package or pinpointing an access problem by looking through an ACL and a USER call's me instead of HelpDesk because HelpDesk is on their 3 hour lunch break! Now of course I could tell them to contact their WGM or I could enter their data into Remedy and create a ticket but I NEVER use Remedy if I can help it and I never point them to their WGM because usually the WGM call's me! So usually I have to help the USER out with their simple problems when I have much bigger fish to fry. (Don't worry I bring up these issues with management but it never seems to help as much as it should). I make constant use of the MUTE problem and either fume quietly or thing up some really nast words so that when I get back on the line I am as nice as you please and I can operate at the USER level...which is really how you must think when troubleshooting most USER problems. Quote: ON SOME OF YOUR USERS THOUGH ON YOUR GENERALIZATION: Some of your users? Coders specifically, can write your network stack, & the software tools you (keyword next) USE! Think a few did not start out as network techs & admins & do stretches as pros? When I was a techie & even junior admin... man, I was a user with a better password I felt, this is me cutting down me, then. This still doesn't mean that they need more permissions than they need. A programmer does not need Domain Admin rights. Unless they are on MY floor and I have day to day conversations with them or keep in constant touch then they will NOT have domain admin rights no matter how advanced they are or think they are. This is simply a very basic part of securing and protecting your network. Quote: Personally, segmenting networks & such to create security or more addresses etc. is not difficult... nor is working on the hardware either if you understand protocols & OSI model (or can read a manual). Scriptings way watered down coding, & not generally millions of lines or even procedural programming rudiments. Troubleshootings more of a pain than anything, R&D new tools is fun though software & hardware (ADMIT IT), & aiding in purchases is fun too. Agreed. Building a network is not as complicated as troubleshooting an optimizing a network. Quote: I dunno... I just don't think users are stupid! Especially engineers I have met at some of those companies. Freaking geniuses & one DBA was a genius, the guy OOZED intelligence & knew E.F. Codd by rote. Was THAT good. The John Carmack of information systems technology if you ask me in my experience in this field. Another "sharpie" you may have seen in Windows NT/2000/.NET mag is Mr. Tony Woo, who worked for MS & certified me in Citrix & Terminal Server back in 1998 in Atlanta... Great guy too, smart as a whip. Works for himself now, after being at MS & Citrix in fact, I can see that too. IMO, There are no "genius's" in the computer world. Just those who work harder, spend more time, study harder, etc etc. IIRC, genius is the ability to make "leaps" where the connection is not obvious. A->C instead of A->B. I really do not know of any in the computing world. Quote: Now, this one I know you'll understand & appreciate: I DO KNOW FOR A FACT ALOT OF KNOWLEDGE THAT SEPARATES ADMINS & TECHS is kept from users to keep them well... 'brow-beaten' let's say. You know it, I know it. Been there, done that myself years ago. I try not to now. Yes, sometimes you have to for security reasons. This is not busting on ya DosFreak, you're one of my fav folks online... but that's a HARSH DESCRIPTION BRO! Does not always apply either to all users. When & if you get to being a coder or DBA if you do, you'll understand that all above. Clutch is on his way now at the MIS coding levels from our discussion regarding what I am calling personally his "evolution", I am not sure if you mess with that part or want to. Maybe not...[/qupte] Need To Know is all I have to say. If the user does not Need To Know. Then I don't tell 'em. If your learning about the stuff or want more information then I'm happy to explain to them but I state VERY FIRMLY, The network is NOT your playground. If you want to play. PLAY AT HOME. Uh oh, your getting into the "Programmer's" better than "Network Admin" bit again. Different fields man. Different fields.Above all: I truly think the IT guy of tomorrow will have to be both people (competent coder & tech/admin) in order to compete, & be effective as well... just my opinion though! IMO, Not possible and not necessary. Scripting yes but real programming? (Well the programming of today isn't really all that different ) I really do not see programming as necessary for an IT. I'm getting into it however. I see ton's of tools that I would like to improve and things that I would like to do personally that I think could be done better. Quote: P.S.=> Man, I think you two will be ticked off at me now, but don't be... remember, I've been in your shoes as a pro (maybe not to same level, maybe more so or just diffent parts of it). Until you've been to this side of the field & at same level... well, until then I will wait on your comments if you guys attack me & all that, I hope not! apk See, this is why "When ARS attacks!" ROFL! Some people are just really insecure. I have no such problem. I know my strength's/weakness's and I'm not afraid to state them or be told by other's what they are. I do detect tho, just very slightly, by yourself that you think that you have "progressed/evolved" beyond the IT field which is why you get attacked. You have to remeber that they are totalling different things and cannot really be compared. Share this post Link to post
Uykucu 0 Posted July 25, 2002 Ahhh the same old user rights.... About XP @work, i can't comment i have not deployed it anything larger than 10 clients... About the user rights, well since i am not a resident admin and we manage a number of medium sized networks here is what happens if you don't restrict the users. First and with upmost urgency they have a tendency to install ICQ/ Gnutella and any other crap they can get their hands on and then complain their computer does not work properly (they can't say icq etc because that will get them fired) when we look at it they say this or that does not work of course it doesn't the ports are blocked. Then we get into how dare we restrict mr or mss blah blah... All those software which can vary from dictionarys to games or divx players just mess the system up. If a customer says, they don't want/need any restrictions or security the service agreement price immediately goes up %100. We explain what it is to the boss etc. And they agree. But they don't want to be restricted themselves, so we just keep a monthly ghost image of his system on the server for the next time he is going to screw up his machine... Another thing is, the users who say they don't know nothing does not scare me, the ones that had some how to use windows course and claim to be an advanced users does. Those are the doddgy ones since they cause the problem on the networks with putting their goddamn nose where it does not belong. Last week one of my techs forgot to log off the server while leaving the site. guess what a wise *** got in, and tryed to change the firewall/router config so he can surf **** sites. I can give you many more examples like this . Share this post Link to post
Uykucu 0 Posted July 25, 2002 Quote: [/b] Honestly, if doing NT oldstyle Domain ones is anything or working with NDS from Novell? You'd grasp it in a flash on that part! Well, not in a flash, but I bet you would quick. [/b] You must reprimand that tech... make him run cable thru ducts he has to crawl thru, lol... * GOOD REPLY! APK First that tech is at the moment in Saudi Arabia, running fiber in a ISP project. Then he is moving to lebenon. in total it makes about a month. And I have canceled his weekends in the civilized world so he has to stay there all the time. That should be punishment enough. If he wants to he can buy his own tickets to come back. It is 60 degrees in arabia and not a drop of cold beer or anything alcholoc For the other thing we do NT networks all the time. And as further as i got, i have not seen any difference between xp and 2k apart from the screwed up interface They are both stable OS's but XP needs 2 service packs at least in my opinion. Or maybe MS will create a miracle and do it in one SP but i doubt it BTW: About the Tech, I know i am mean. He was *****ing about it to his mum and girlfriend all week over the e-mails. But he did deserved it. And yes i do read their e-mails time to time and the ones containing certain business related word combinations are marked for my attention also... Share this post Link to post
DosFreak 2 Posted July 25, 2002 Sometime's it's required. I have to sniff my network. I have to read the email's that get affected by viruse's or are likely to be affected. I have to backtrack an employee's activities for a length of time, which of course inolves reading their email. If it's sooooooooooooooo personal that they would complain about it then they shouldn't be doing it on my network. Some poeple just don't seem to realize that. For instance, the rest of the Domain Admin's at my job could read my email if they really wanted too. Do I use PGP because of this? No, because I couldn't care less if they read my email. If they want to read some stupid little email to my parent's or a response to a thread on the net helping somebody well...I feel pretty sorry for 'em but they are welcome to read all they want. Also when I do read their email I usually inform them if I dig down deep but If I do a cursory inspection I don't. Share this post Link to post
clutch 1 Posted July 25, 2002 The network is owned by the company, and should be treated as such, period. If they own a locker, they can go into it. Many companies require waivers to allow for searches of handbags and such as they enter/leave the property (and some others require the use of clear plastic handbags or none at all). PCs are not meant to have anything personal on them, and should be treated as such. Share this post Link to post
clutch 1 Posted July 25, 2002 OK, you are confusing the two different topics. First, if someone was on my property trying to break in or listen to what I am saying, that is trespassing AND invasion of privacy. If this person was off my property, but was trying to listen in (via directional mic or whatever) that would be invasion of privacy as well as I am still on my property. Now, let's say that you were to be held responsible for ANYTHING that can be said/written/expressed on your property by anyone either on OR off of your property, would you have more incentive to keep an eye on things? You haven't been an admin in quite a while to ride the more current court rulings, so you probably haven't had to deal with HR's perspective on these legal issues. It's company property, and the company can and is held liable for anything held/displayed by it. Share this post Link to post
Uykucu 0 Posted July 25, 2002 Good point clutch. Also i would like to state the flagged msg's i pay attention to are not i miss you etc. It is about insider information. I do contracts in many places some of the dodgy like lebanon or arabia as i said before. Competition is fierce because amounts of money involved are unreal. I have to protect myself and i would rather do it covertly. i don't want my employees looking over their shoulder if they piss on the floor in the toilet by accident. $hit happens, i accept that and not hold them responsible. But i would like to prevent it happening deliberately, and cannot trust it upon a 1 hour max interview i had with a guy. There is such a thing as industrial espionage. i am not a defense contractor or such but even a quote we gave can have massive effects on a contract bid if it ever got out. Not everybody has the same ethics we do. You will make a mistake if you think so. I would like to trust my employees from the trainees to the Tech majors (I give them sort of military rank to keep them motivated with advances and reprimads and all.) but i can't. Hell, i don't even trust my own uncle or father in that sense. Not they will do something deliberate but accidents do happen. I know u are going to say i am paranoid alecstaar but remember; Even paranoids have enemies sometimes! Share this post Link to post
clutch 1 Posted July 26, 2002 Quote: My question & statement however is: Who's "guarding the guards", the admins?? Pointless question, as it can endlessly be applied to the guards guarding them and so on. The systems are property of the company, and the admins are held responsible for their operation. If the admin is charged with monitoring email or anything else on the system, so be it. Kids have lockers in schools that are subject to search, while adults that have lockers at work have the same rules as well. Very simple; don't jack around with or on the computer, and you will do fine. Share this post Link to post
clutch 1 Posted July 26, 2002 You have got to be kidding. The example you have shown actually proves just how *big* your method is and how long it takes to get anywhere. Sure, in something as complicated as running a country it may work out OK, but in something as lame as monitoring email traffic that is simply overkill. Assigning personnel to watch other personnel is very resource intensive. And even if it's assigned as a "side" duty, it is still an overhead that can't be overlooked. Have you ever been involved in a project that just couldn't get anywhere because you *constantly* had to get someone "on-board" with the project? Or, there was so much debating about some mundane detail that it nearly (or may have) canceled the project? This is what happens when you drag too many people into the equation. Congress takes forever to move a stupid bill around, and that's a hell of a lot more important than reviewing email or scanning files. Share this post Link to post
clutch 1 Posted July 27, 2002 OK, your response was way too big so I skimmed it. The response of "guards watching guards" on my part was in response to your question of "who's guarding the guards?" which is something that has been applied to many areas of security over the years (who's policing the police? Internal Affairs, but who's policing them?). Here's how it works; you ask any real admin who has to support not only workstations, servers, and their respective applications but enforce policies on the behalf of the company (usually through personnel or HR) and they will tell you that a fully open environment is simply the best policy. No privacy, period. So no, I did not contradict myself in any manner, but merely pointed out the overhead and flaws of your suggestion (and why it isn't implemented). Have a nice day (as in, end of this discussion for me). Share this post Link to post