ASA 5580 - AD / XP SysPrep And Automatically Creating User Folders
Jan 25, 2012
I've only worked with 7/asa5580 in an Active Directory setting. Sysprepping to clone those machines with default profiles with unattends was very easy, but XP is a different story. I'm now faced with moving several buildings with XP machines to a few Server 2008 R2 boxes, which all will all be in one location. There are around 700 machines but this will be a building by building process, maybe 100 at a time over the course of a year or more. Moving these machines to Win 7 is not an option. There are several buildings but they are all in the same town, all connected with fiber. I do not manage the physical network. My plan is to just offer each user thier mapped network home drive and possibly redirected folders. I'm just keeping it basic.
How important is it to sysprep these XP machines after I do clean installs? I've heard it's very important but also know a lot of people on AD that just clone machines without sysprepping. I've heard not sysprepping can screw with WSUS, but in the years up to this point the machines on Novell have been cloned without sysprep and WSUS worked fine.
Also, will Sites give me the advantage of forcing groups/buildings of machines to authenticate to a specific DC? Otherwise I only know of Sites to allow you to control the replication between servers over WAN. What other benefits is there to using Sites for each building?
If I'm running a few DC/FS's, how to handle DNS? Each server that needs DNS installed will have it installed per requirement, but as for configuring the workstations DNS settings, should I dedicate one server to DNS or have two, or something different?
My last question is about folder permission inheritance. My previous experience, I created a folder inheritance system where when the user was created, their home drive pointed to a folder using \%username%, and a folder would be automatically created, give ownership to the user, and inherit permissions to only view that folder and no one elses. It works brilliantly. My problem is that when I use group policy to deploy folder redirections, I couldn't figure out a way to automatically create folders. I ended up pointing the redirection policy back to their own home folder. It ended up working out OK, but whenever the users look in their network drive they could see the redirected folders.
View 6 Replies
ADVERTISEMENT
Aug 17, 2012
I have set up LogMeIn Hamachi with my Linux server and a few clients. I have also created a simple shared folder on the server which shares with a Windows 7 machine.
I'm a bit confused though as to where the data is actually stored - presumably, because I have created the folder ON the server, and then shared it with the client Windows - the data is written on the server, and then accessed by the client if opened.
What I want is to create 2 copies, and automatically create a local copy of anything I put into this shared 'network' folder as well - so essentially there will be a folder when I can throw things into that will instantly duplicate (I run backup protocols separately of this).
View 4 Replies
View Related
Nov 25, 2012
I've recently bought a wdtv live streamer to play all my music and videos.
Firstly, my setup. Wdtv live connected via USB3 to 1tb wd elements hdd. Also connected via rj45 to router. Laptop on same network, but wireless.
My first question concerns transfer rates. When sending any kind of media to the networked drive from my laptop, I'm only getting transfer speeds of about. 2 mb/s. I thought I would get much more than this as when the wdtv streams to my iPad, it will need faster speeds than this.
The second question is just to make my life easier. Is there any way I can set up folders on my laptop to automatically sync with a chosen folder on the networked hdd? Just to save any effort on my part really
What I want is if I import a cd using iTunes into my library, it will automatically see it and copy it across to the hdd so I can play it over the network.
As an aside, would it be easier to store my whole iTunes library just on the networked drive?
View 2 Replies
View Related
Nov 29, 2011
I am having a problem in which when ever I check "Computer" later on in the day, one of the network drives is duplicating itself over and over using a different drive letter each time. By the end of the day if untouched I can have approx 20 of them!To give you more information about the scenario, the computer is on Windows 7 pro, it is on a domain in which the server is 2008 r2, there are 2 network drives in total (only one is duplicating), the only 2 changes I recall that may have caused it is box.net is running on the server syncing all content on the networks drives and a new printer has been added on the network.
View 5 Replies
View Related
Sep 28, 2012
We have shared network drives on my network whose folder structure must not change. We have users who must have full access to the contents of these folders and be able to read/modify/erase and create new files inside these folders. However, the structure of the folders must not change so that other users/programs can locate files within these folders.
Some users sometimes "aggressively click" and drag and drop folders into different locations and can't remember where they dropped them. This makes them inaccessible for other users. We have a lot of folders so I implemented FileWatcher Simple program to monitor these folders and if there is a change in folder structure I get an email with an attached log. The log tells me which folders got created/deleted/renamed and I am able to restore the folder structure if need; but I cannot see who caused these changes.
1. Is there a way for me to see which user in my domain modified the folders?
2. Is there a way to disable users from drag and dropping, deleting, renaming folders yet still maintain full access to the files within these folders?
View 1 Replies
View Related
Mar 8, 2012
I have a Windows Home Server v.1 I set it up nearly a year ago, and everything runs fine.I have 3 different user accounts that are password protected.On my PC, i have been running Windows 7 and using the server as my My Documents folder.I recently installed Windows 8 Consumer Preview on an old Hard Drive, and i can't seem to access any folder on the server that isn't already given public permission. Whenever i try to access my User folder i get an access denied message, but no prompt to enter a password so i can use it.
View 3 Replies
View Related
Jan 12, 2012
Windows Server 2003, XP and W7 desktops. I have a growing number of user folders that are seemingly in the wrong place. When I am looking at the directories locally on the server, there are some document folders that are directly in the Users folder, rather than existing as subfolders within a user's folder. In fact, the user's folder is not present at all. So rather than Joe Smith's folder structure being 'Users/jsmith/', there are a series of folders under 'Users' that are named 'Documents'. As I click on each one though, I see in the address bar 'Users/jsmith' etc. In the tree, there is no folder named jsmith, but in the address bar there is. And in the address bar, there is no folder named 'Documents'.This seems to be limited to newer users and older users who have Windows 7 PCs, but I don't know for sure if that's the source of the change.
View 2 Replies
View Related
May 27, 2012
I Need to create more options on Cisco ACS 5.2 under internal identity store in users. How to do add, default not showing all.i have seen on internet.
View 1 Replies
View Related
Dec 12, 2011
I have an ACS 5.2 server integrated with Active directory . Now i need to create an internal user account to login to some radisu devices using internal user database .I have near about 600 users all are authenticating through AD .
View 3 Replies
View Related
Jan 13, 2009
What is the command for creating a user on an ASA 5500 running 7.2(3) that can only view the config but not make any changes?
View 8 Replies
View Related
Aug 9, 2011
Using Custom Reports from Reports> Report Designer> User Tracking to create an end host report we get this error message: the syntax is not valid the system cannot find the path specified.
View 9 Replies
View Related
Sep 19, 2011
I have installed LMS 4.0.1 again. Now LMS is running on a Windows 2008 R2, 64 bit. Using Custom Reports from Reports> Report Designer> User Tracking to create an end host report I get this error message: "The syntax is not valid: the system cannot find the path specified". Anyway, the report is created but I’m not able to edit or delete: it is not listed on Available Custom Reports.
View 6 Replies
View Related
Jul 24, 2012
Is it possible to have emails stored automatically on a network drive after email is been read by the user? I know for sure that on a mailserver there is a feature that can be set up to have a copy stored and than send it to the users application.
View 1 Replies
View Related
Sep 22, 2011
We are running ACS 5.2 patch 6 and want to restrict access for users to be able to add devices to the system.For example, admin person in site A can only add devices into the site A group and cannot see/access other sites groups.
View 1 Replies
View Related
Apr 20, 2009
We are using an ASA 5510 and remote access (SSL VPN) using the AnyConnect client.
Is it possible to display a user message when a user connects using the AnyConnect client, matching a specific dynamic access policy? Can the message be displayed when the action is "Continue" rather than "Terminate"? I can't seem to get this to work and wondered if there was a LUA function to do this.
We have a DAP which gives a restricted ACL when the user's anti-virus is out of date, and I wanted to notify the user to update their anti-virus and reconnect.
View 4 Replies
View Related
Oct 10, 2011
I want to create a local user in my Cisco ASA 5520 to allow the user to use the ASDM in Read-Only mode. I want the user to view the Dashboard only.
View 1 Replies
View Related
Nov 21, 2012
Is it configurable to allow wifi user to user traffic on WLC 5508?
View 4 Replies
View Related
Oct 15, 2011
accessing my cisco ASA, last night we were doing VA on our ASA, after that iam not able to access it through ssh nor telnet. its not giving me any error.. i tried from different system also. SSH & telnet allowed from inside to 0.0.0.0 i have re-generated rsa keys when it was working. ASA version is 8.2 now when i connect telent is giving me blank prompt. i can login using ASDM.
View 5 Replies
View Related
Jun 20, 2012
Our ASA is a 5580 version 8.1(2) and is the L2L VPN peer for a handful of remote offices including a L2L VPN with a vendor who will provide a service for these remote offices. I have two questions/issues:We will need to provide this vendor access to the remote office network(s) only on port 9100 (printing to specific printers at these offices). I know there is an issue with L2L VPNs ability to see each other but if there is a global command allowing all to see each other that would be bad as we have others and don’t want all to see each other.The remote offices are using CIDR 172.20.0.0/16 so each one is assigned for example 172.20.3 the next office is 172.20.4 and so on. For the crypto map access list for this vendor can we use 172.20.0.0/16 or do we need to specify each individual network?
View 3 Replies
View Related
Mar 1, 2012
In the Firewall Dashboard of my ASA 5580, I get data on every pane, except for the Top 10 Sources and Top 10 Destinations. Why is that, and what do I need to do to get data there?
View 1 Replies
View Related
Sep 27, 2011
I got a problem with a cisco asa 5580 like two days ago and the device stop working (there was a mainteinance window and after that the device didn't work). Now we receive the RMA and we are trying to configure the failover so the new device get the configuration form the one that is working.
But this is the message that I gettin:
Failover message decryption failure. Please make sure both units have the same failover shared key and crypto license or system is not out of memory
We already changed the shared key and crypto license but the failover is still down, what are the features that the cisco need to activate to enable the failover?
View 5 Replies
View Related
Feb 11, 2012
I am receiving allot of Errors "%ASA-4-405001: received ARP collision from IP/MAC on interface dmz1 with existing ARP Entry IP/MAC
When i checked this MAC address in the same firewall it shows too many IP Addresses. What could be the reason ?
View 0 Replies
View Related
Jul 2, 2012
We have a corporate site with a Cisco ASA 5580 (8.1), a remote office with a Cisco ASA 5510 (8.2) with a L2L VPN to corporate. A vendor has a L2L VPN to the corporate ASA with access to the remote office across the VPNs (hairpinning). The corporate office accesses an application at the vendor on port 23. Everything is working with regards to the vendor accessing resources to the remote office and the corporate office accessing the application at the vendor. Our goal now is to restrict the vendor to port 23 from the corporate network and port 9100 to the remote office. On the corporate ASA I setup a VPN filter and applied to the vendor's L2L vpn but when I apply the filter (see below) all traffic stops to the vendor such as telnet.
View 6 Replies
View Related
Mar 26, 2013
I connected my intranet cable to coreswitch 4510 created one vlan 600,that vlan gateway is routable from asa5580.now my intranet people able to ping my vlan gateway but iam unable to ping their ip.i added static route on asa route inside 192.0.0.0 255.255.255.0 10.100.106.1 1 but iam unable to ping remote ip.
View 2 Replies
View Related
May 23, 2012
We are using Cisco ASA 5580 (8.2) firewall. When i try to ping from inside lan to firewall DMZ interface IP it is not pingable and but from inside users i am able to ping firewall inside interface IP address.
I think we can't ping to other interfaces of ASA by default. But can we allow the single IP address who can ping all the interfaces of firewall?
We are not doing any natting in firewall, for that we used the Load Balancer.
View 7 Replies
View Related
Mar 29, 2011
Our company has a handful of sites that use the EasyVPN technology.On my remote router (Cisco1841) - I add the crypto inside to the FA0/0 and the Loopback0 interface.On the other end my Cisco ASA 5580 - 8.41 code - I have RRI enabled and the tunnel comes up fine.However I only see the static route from the fa0/0 interface on the remote router. I can not figure why I can not see the Loopback0 address?Wondering if this is a limitation or feature not enabled.
I added multiple interfaces on the Cisco 1800 and can see the networks.I run "show crypto ipsec sa" on the Cisco ASA and see the spi encaps/decaps for the loopback, but the SH ROUTE does not show the static route being injected.
View 3 Replies
View Related
Apr 28, 2013
I have a strange issue with certificate based authentication anyconnect. We have an ASA with two internet links, both have a CA authenticated Cert for anyconnect VPN’s. We have an anyconnect client profile also, when we simulate a link failure on the ASA the anyconnect should automatically attempt a re-connect to the backup server list in its configuration (which is the other interface on the ASA 5580) which it does but we get a certificate trust error.
View 3 Replies
View Related
May 16, 2011
A customer's ASA is presenting the System LED flashing red.I have already analysed the show tech-support and show environment output: Found nothing, everythink seems OK.Cisco ASA 5580-20 - 8.2.1.Single appliance, no failover, multiple context and transparent mode.
View 5 Replies
View Related
Sep 22, 2012
I wanted to perform the customization of the SSL WebVPN page. But When I tried to create a new Customization object is is not happening as the DfltCustomization object is not available.We are having so many webvpn configuration and objects that i cant issue "revert webvpn all" command.Can I able to import the File from any location or the default customization object file so the I can export it into the ASA and create new custmixed object accordingly.Or what other steps I can take to have customization happening in my Cisco ASA 5580. 8.2 (5) and ASDM 6.4.
View 1 Replies
View Related
Aug 19, 2012
we are going to upgrade our 5580 ASA Cluster from 7.2 to 8.2 and want to do it like this way ( which worked for all 7.x upgrades ) :download asa8.2 Image to primary + secondary Firewallreboot primary ( message come up " mate version ...)reboot secondary.Does it works any experience? Does it work if both firewall can see each other during the boot process ?
Do I have to bring the secondary into the monitor mode so the fw is not visible for the primary ?
View 2 Replies
View Related
Mar 29, 2011
I want to ask that does ASA 5580 support the nat-pt for IPv6?
View 2 Replies
View Related
Mar 5, 2011
i'm new with the asa's...i'm familiar with the FWSM's on 6500's and pix..I'm running Version 8.3(2) and i wanted to setup nat-control and use of identify nats for advertising inside subnets to my outside networks.
the old command was static(inside,outside) 10.x.x.x 10.x.x.x netmask 255.255.255.x i'm having a little difficulty decyphering the pdf about the static nat...the command itself is no longer used, nat-control is no longer used, but i'm not quite sure what the equivalent nat command is that equates to the old static inside,outside command.
View 8 Replies
View Related
Apr 8, 2012
In my ASA 5580-20 system LED is flashing RED how can i trobleshoot this.
I checked rarepanel everything is ok also i saw environment also showing ok
View 1 Replies
View Related
