One of Profile Migrator’s new features in version 2.3 is the new licensing model for service providers and integrators. Coincidentally one of those recently reported an issue with Profile Migrator and redirected folders. During his tests the service provider relocated redirected folders while migrating profiles from Server 2003 to Server 2008. Unfortunately after logging on migrated users received an error message telling them that they had no access to their redirected data. So what happened?
Filtered articles: "Security"
Filtered articles: "Security"
Permissions on redirected folders - Use the scripting force |
 |
Profile Migrator 2.3: Only one password to memorizeA while ago I explained how user passwords in common applications like Outlook are stored and encrypted. Unfortunately the tie of encryption and user accounts made a migration impossible for a number of migration scenarios. |
|
Mandatory Profiles – Insecure by Default?Published by Helge Klein on 12/13/2010 | 10 Comments | 3,263 Views Mandatory profiles are generally considered fast and secure because they usually are small in size and cannot be modified by the user. While that is true – mandatory profiles stay pristine indefinitely – there is more to security than read-only access. |
 |
New Articles, Tools, Tips and Tricks: Windows (7 and 2008 R2), PowerShell and CitrixPublished by Helge Klein on 02/11/2010 | 8 Comments | 7,668 Views Windows GeneralGood info for troubleshooting DFS-Namespaces in the MS KB: Storage locations, inconsistencies and how to deal with them. Complex passwords and security guidelines for end users? No, thank you, says MS researcher. I agree. |
|
New Articles, Tools, Tips and Tricks: Bugs, Annoyances, PowerShell and some other StuffBugs and AnnoyancesICA connections initiated over the ICA client object (ICO) SDK fail because 128-bit encryption cannot be enabled. Apparently, setting EncryptionLevelSession does not work. Annoyingly, this bug is more than a year old, was fixed in the ICA client 10.2 and reappeared in the current version 11.0. Bugs like this one are bad for the entire Citrix ecosystem, because they break cool tools like Citrix Quick Launch, xConnect and others I may not even know about. [Update 2009-09-30: this bug has been fixed in ICA client 11.2.] Windows 7's version of Robocopy does not copy EFS-encrypted files to an unencrypted location on another computer. Even Explorer can do that. Vista's version of Robocopy was not so narrow-minded. |
|
How Forcing Password Changes Actually Weakens SecurityPublished by Helge Klein on 06/22/2009 | 3 Comments | 4,354 Views When was the last time you got that not too friendly message stating that your password has expired and asking you to change it? Probably only a few weeks ago, and just as sure as day follows night, it is going to appear again only too soon. At least that is the typical user's point of view. Security conscious administrators see this differently: they seem to think that passwords become weaker over time, like human beings growing old, and therefore force a rejuvenation process every couple of weeks. But is that really necessary? I do not think so. |
|
Cleaning up the Mess Left Behind by Multiple EFS CertificatesPublished by Helge Klein on 05/13/2009 | 2 Comments | 3,024 Views In case you have (un?)wittingly been juggling around with multiple EFS certificates like me, you may feel a strong urge to clean up the mess. Which mess? It can happen quite easily that different files are encrypted with different keys. In addition to that, directories that are marked for encryption have EFS certificates associated with them, and there is no UI to manipulate that. In order to straighten this out, once the proper certificate is in place each file and directory needs to be "touched" in order to update their encryption keys. |
|
Tales from the Crypt - EFS and the Upgrade to Windows 7 RCHow can you mess up a simple OS upgrade by using encryption? Simple. Here is what happened to me when I upgraded my Windows 7 beta system to the RC version. |
|
How to Find and List Unsigned Executable FilesPublished by Helge Klein on 05/04/2009 | 2 Comments | 4,236 Views Executable files can (and should be!) digitally signed. Without a digital signature you can never be sure the files on your hard disk have not been tampered with. There is really no exception to this rule, except maybe smaller open source projects that lack the budget to buy the digital certificate required for signing. Digitally signing executable files is so important that Microsoft made it a requirement in the Windows 7 Logo Program. One might think that such a simple yet important thing as signed executables can be taken for granted by now. Well, let's have a look! |
|
Do You Still Hide Your Share$?Published by Helge Klein on 03/01/2009 | 1 Comments | 5,730 Views Subtitle: Fighting Another Legacy of the NT Era Hiding network shares by appending a dollar sign is a common practice among administrators. While by itself that is neither good nor bad, it is a perfect example of how customs establish themselves in the IT industry in exactly the same way they do in other subcultures. Putting it differently, another fine specimen of an IT legend. |
|
Most Viewed Posts
| 155,450 Views |
Where is the Hosts File on Windows x64?by Helge Klein (06/04/2009) |
| 83,172 Views |
Deleting a Local User Profile - Not as easy as one Might Assumeby Helge Klein (10/16/2008) |
| 53,149 Views |
Printer Driver Isolation in Windows 7 and Server 2008 R2by Helge Klein (04/08/2009) |
| 44,286 Views |
How to Reduce the Size of Roaming Profilesby Helge Klein (11/17/2008) |
| 32,177 Views |
Aufbau einer KMS Infrastrukturby Thorsten Christoffers (03/19/2009) |
Most Popular Tags
Blog Categories
64-Bit Windows (x64)
Application Delivery
Citrix
Citrix / Terminal Services / Remote Desktop Services
Community
Configuration Manager
Infrastruktur
Presentation Server / XenApp
Profile Migrator
Scripting
sepago
System Center
System Management
Terminal Services
User Profiles
Windows 7
Windows General
Windows Internals
Windows Server 2003
Windows Server 2008
