Mike

Enable Admin Audit Logging Exchange 2010

Exchange 2010 allows auditing of administrative actions. All actions can be audited or just specific cmdlets and parameters. To enable Audit Logging open the Exchange Management Shell and run the following commands.

Audit All cmdlets
Set-AdminAuditLogConfig -AdminAuditLogCmdlets *
or
Only audit New-Mailbox, all transport rules, all management, all set-transport cmdlets
Set-AdminAuditLogConfig -AdminAuditLogCmdlets New-Mailbox, *TransportRule, *Management, Set-Transport*

Set-AdminAuditLogConfig -AdminAuditLogParameters *

or

Set-AdminAuditLogConfig -AdminAuditLogParameters Database, *Address*, Custom*, *Region
Audits just the parameters that have Database, all parameters with *Address*, begins with Custom, ends with Region.

Set-AdminAuditLogConfig -AdminAuditLogMailbox AdminAudit@adatum.com
All auditing is sent to the mailbox of AdminAudit.

Set-AdminAuditLogConfig -AdminAuditLogEnabled $True

All of the commands can be run on a single line if you prefer.

After creating a new mailbox by either using the EMC or the EMS, an email is sent to the AdminAudit Mailbox. Make sure the Mailbox is secured appropriately and archive or delete the mail after a specified amount of time. A command Set-AdminAuditLogConfig –AdminAuditLogAgeLimit DD.HH:MM:SS is not available for the RTM release of 2010 so be sure to watch the size of the mailbox.

Below is a screenshot of the message sent to the AdminAudit Mailbox after creating a new Mailbox and User.

SharePoint 2010 and Office 2010 Launch

Microsoft officially announced that May 12th, 2010, is the launch date for SharePoint 2010 & Office 2010. In addition, they announced their intent to RTM (Release to Manufacturing) this April 2010.

ISInc has a SharePoint 2010 First Look clinic scheduled for April 8, 2010.   Please visit here to register!

Project 2010: Sync to SharePoint

If you have been using 3rd party tools to synchronize your projects with SharePoint, you should be excited for Project 2010!  The latest version is supposed to have this capability built into the product.  Please read more about it here:  http://blogs.msdn.com/project/archive/2009/10/19/project-2010-introducing-sync-to-sharepoint.aspx.

ISInc Virtual Classroom

Do you have staff in remote locations, and find it difficult to get them the training they need? There comes a time when your resource is too valuable to send off site for a class.  This is where ISInc’s Virtual Classroom can come into play.  Now your students can access the same classes via their desktop computer.  

ISInc’s Virtual Classroom training is live, interactive online training for those who would like to attend one of our face-to-face instructor-led training courses without leaving their offices, homes or classrooms.  Learners can listen to the presentation, ask questions, hear others’ questions and get live answers, all from wherever they choose.  They can engage in discussions with others in the physical classroom and  throughout the country who are involved in the same class session.

ISInc’s Virtual Classroom training blends the best from traditional face-to-face instructor-led training with the latest in conferencing technology, allowing us to deliver live training to multiple locations at one time.  This model is based on our over 27 years experience as trainers and the general premise that the classroom is the foundation of a great training experience.

So, if you have employees in remote offices that you are trying to schedule for IT training, consider ISInc Virtual Classroom Training.

photo credit: brandongreer

Microsoft Alert – Critical Product Vulnerability – October 23, 2008 Microsoft Security Bulletin Release (Out of Band)

Microsoft just released an alert to provide you with an overview of the new security bulletin released (out of band) on Thursday, October 23, 2008. Microsoft has released security bulletin MS08-067, Vulnerability in Server Service Could Allow Remote Code Execution (958644), to address a vulnerability in all currently supported versions of Windows. This security update was released outside of the usual monthly security bulletin release cycle in an effort to protect customers. We request that you take action immediately by first assessing and preparing your own systems and networks and applying the security update, then reaching out to your customers to assist them in securing their systems and networks by applying the update.

Details about this security update are below, but here are your key resources:

·         The full bulletin for MS08-067 is available at http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx

·         We recommend that you use the Microsoft TechNet Security TechCenter as a source of security information: http://technet.microsoft.com/security

Summary

This security update resolves a privately reported vulnerability in the Server service. The vulnerability could allow remote code execution if an affected system received a specially crafted RPC request. On Microsoft Windows 2000, Windows XP, and Windows Server 2003 systems, an attacker could exploit this vulnerability without authentication to run arbitrary code. It is possible that this vulnerability could be used in the crafting of a wormable exploit. Firewall best practices and standard default firewall configurations can help protect network resources from attacks that originate outside the enterprise perimeter. The security update addresses the vulnerability by correcting the way that the Server service handles RPC requests.

Recommendations

Microsoft recommends that you assess your systems and networks and apply this security update to secure your systems and networks and to help ensure that your computers are protected from attempted criminal attacks.

New Security Bulletin Technical Details

Regarding Information Consistency

We recommend that our customers use the Microsoft TechNet Security TechCenter as a key source of security information: http://technet.microsoft.com/security, and that you sign up for comprehensive alerts at http://www.microsoft.com/technet/security/bulletin/notify.mspx.  We strive to provide you with accurate information in static and dynamic (Web-based) content. Microsoft’s security content posted to the Web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s Web-based security content, the information in Microsoft’s Web-based security content is authoritative. 

ISInc Support Options

If you are interested in ISInc support to keep your networks up to date, please contact us at 916-920-1700 to hear about our Managed Services options.

5 ways to “Green” your IT

photo credit: Rob Shenk

Running an Enterprise IT Environment has more cost than just the equipment and power that is used. Now we need to keep in mind the entire eco-system to run our infrastructure, from the power each machine uses to the amount of time people need to support it. Running a “Green” IT will not only help the environment, it will often relieve some of the stress on your IT staff.

Here are some steps your IT group can take to make your company more environmentally friendly. More »

Have Software Assurance? Don’t Let Your Training Vouchers Expire!

Many Microsoft License packages include the option for Microsoft Software Assurance. If your organization has an Enterprise Agreement, or have purchased Software Assurance with your current license package, be sure to take advantage of the free training or consulting services available to your organization. More »

ISInc awarded Novell Partner of the Year!

ISInc is the 2008 Novell Partner of the Year for Training.  This is a great accomplishment and it has to do a lot with our team here at ISInc.  Thank you to all of our customers who have helped us achieve this benchmark within the Novell organization!

We have been a partner with Novell since their program inception.  ISInc continues to maintain a Novell Platinum rating and we look forward to rolling out more services soon.  Take a look at the classes we have to offer in the Novell section of our website.