Re: SBS Laptop Security Paradigm??

From: Lanwench [MVP - Exchange] (lanwench_at_heybuddy.donotsendme.unsolicitedmail.atyahoo.com)
Date: 06/21/04 

Date: Mon, 21 Jun 2004 09:25:36 -0400

Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
> Yeah and consultants who don't use the wizards and end up breaking
> things is my gripe. When I as a customer read the documentation and
> expect "A" to be there and "A" isn't there because a consultant didn't
> use the wizard... I want to know why "A" isn't there.
>
> Remember that too.

Duly noted; don't sic the dogs on me!

>
> I've posted in before the full details of what the connectcomputer
> wizard does. It's in the technet documentation too.
> But for the benefit of all... here's the cut and paste from the online
> technet SBS documentation

That's wonderful; exactly what I want. As I said, I don't mind wizards as
long as I know I could if needed do the same things manually - really
understand them for troubleshooting. Can you kindly point me at the same
info for the internet/mail wizard? Specifically the stuff that controls OWA
access from the Internet? Thanks much!

> -------------------------------
>
> Client Configuration
> The following section outlines the automatic configurations performed
> as part of client Setup for client computers running Windows XP
> Professional and Windows 2000 Professional, based on best practice
> implementations.
>
> Important: To connect client computers to the network, use DHCP to
> automatically assign IP addresses.
>
> Client Networking Configuration
> Once you have added users and computers using the To Do List, go to
> the client computer, open Internet Explorer, and type http://
> ServerName /connectcomputer (where ServerName is the name of the
> computer running Windows Small Business Server). Click Connect to the
> network now, and follow the instructions in the Small Business Server
> Network Configuration Wizard to configure networking settings for
> your client computers. The wizard requires the following:
>
> • You must be logged on as a member of the Local Admins security group
> on the client computer.
>
> • Only one network adapter can be enabled and configured to connect to
> the local network.
>
> • TCP/IP, Client for Microsoft Networks, and File and Printer Sharing
> for Microsoft Networks must be installed and bound to the network
> adapter. TCP/IP is configured to automatically obtain an IP address
> and DNS server addresses.
>
>
> Client Application Configuration
> After the applications that have been deployed by the Set Up Computer
> Wizard are installed, they are configured for each user and for the
> local network. The following settings are configured:
>
> Microsoft Internet Explorer 6 Service Pack 1
>
> Internet Explorer 6 provides the Web browser for client computers.
> Client Setup Configuration configures Internet Explorer 6 as follows:
>
> • The Home Page is configured to point to “My Company”
> (http://companyweb).
>
> • The following internal Web site links are added to the Favorites
> list Web site:
>
> Web site Address
> Microsoft Windows Small Business Server Web site
> http://go.microsoft.com/fwlink/?LinkId=17117
>
> My Company
> http://companyweb
>
> My E-mail
> http://sbsserver/exchange
>
> Information and Answers
> http://sbsserver/clienthelp
>
> Small Business Server Administration
> http://servername/tsweb/Default.htm?AutoConnect=1
>
>
>
> Microsoft Office Outlook 2003
>
> Outlook 2003 provides a single location for organizing and managing
> daily information, from e-mail and calendars to contacts and task
> lists. Client Setup Configuration configures Outlook 2003 as follows:
>
> • A user profile is created and configured to use Exchange Server
> 2003. The profile specifies Exchange connections and defines account
> information.
>
> • If the client computer contains existing profiles, the option for
> using Exchange is added and a new profile is created as the default.
> The old profile is backed up.
>
> • If you specify that the client computer will be used remotely,
> Outlook 2003 is configured to run in Cached Exchange Mode.
>
>
> Fax Client
>
> Fax Client enables users to send faxes directly from their desktops.
> Depending on the user permissions, users can view the status of faxes
> in the queue or cancel faxes. Client Setup Configuration configures
> Fax Client as follows:
>
> • Outlook is configured with faxing capability.
>
>
>
>
> Lanwench [MVP - Exchange] wrote:
>> Les Connor [SBS MVP] wrote:
>>
>>> It seems to me it's at least a regedit done during \connectcomputer,
>>> but it could be a combination of that and GP. But I can't confirm
>>> that today as my wizard manual is at work and I'm not ;-/.
>>
>>
>> ...which is a Good Thing, too.
>>
>>
>>> Email
>>> Marina if you need the answer today. The connectcomputer wizard
>>> isn't magical - I doubt you'll find much argument with what it
>>> does, and when you see what it does you'll agree that making all
>>> those configurations manually is not a great use of your time when
>>> you can just run the wizard ;-0.
>>
>>
>> I don't mind wizards - I just want to know *exactly* what they *do*.
>> I don't like mysteries. One of my main SBS gripes, actually. As my
>> high school math teacher said: it's fine to use a calculator as long
>> as you know how to work out the problem yourself on paper, dig? ;-)
>>
>>>
>>> "Lanwench [MVP - Exchange]"
>>> <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote in
>>> message news:OyyoMEuVEHA.264@TK2MSFTNGP10.phx.gbl...
>>>
>>>> That's a beautiful thing. Is it true even when you're like me and
>>>> do things the old fashioned way (join the computers to the domain
>>>> manually), or is this one of those mysterious "the wizard does it"
>>>> sorts of things?
>>>>
>>>> Les Connor [SBS MVP] wrote:
>>>>
>>>>> The ICF magically goes away when connected to the SBS lan ;-).
>>>>> (and re-appears when not connected).
>>>>>
>>>>>
>>>>> "Lanwench [MVP - Exchange]"
>>>>> <lanwench@heybuddy.donotsendme.unsolicitedmail.atyahoo.com> wrote
>>>>> in message news:uqV2EgjVEHA.1012@TK2MSFTNGP09.phx.gbl...
>>>>>
>>>>>> root wrote:
>>>>>>
>>>>>>> So what is the consensus about a laptop used on SBS2003 but also
>>>>>>> in the field connected to Wi-Fi hubs, cellular aircards like
>>>>>>> ATTWireless & Verizon and hotel 100BT and required security
>>>>>>> software?
>>>>>>>
>>>>>>> One of course runs XP and has all the latest WinUp stuff. A
>>>>>>> good virus checking client like Trend. What about SW firewall:
>>>>>>> Zonealarm, other or none?
>>>>>>
>>>>>> The Windows XP Internet Connection Firewall can be used on nearly
>>>>>> any network connection besides AOL....and it's easy to turn
>>>>>> on/off. Note that the ICF (pre SP2) doesn't block any outbound
>>>>>> traffic - only inbound. The user will need to remember to disable
>>>>>> the firewall before returning to work on the LAN.
>>>>>>
>>>>>>
>>>>>>> What are folks doing here and what are the interactions with
>>>>>>> SBS2003?
>>>>>>
>>>>>> What is the user connecting to when on the road? Any remote
>>>>>> connection (VPN?) to the office while traveling? If you're using
>>>>>> VPN, make sure that whatever VPN connection you use disables all
>>>>>> non-VPN traffic (i.e., no Internet connectivity through the local
>>>>>> Internet connection) while connected or you will likely get
>>>>>> uninvited visitors on your network.

Relevant Pages