We have inherited an active directory from another company.  On every
Windows 2000 and Windows 2003 server in their active directory, even if you
are an Administrator, you cannot install Windows hotfixes.  The only way we
seem to be able to push updates is by using their Tivoli ...

I have 1 Windows 2003 Ent. Server (Domain) and 60 Windowxp professional
client.
I want to implement Group Policy in our Domain Environment.
Also I want to implement Local Policy on Every Client Machine.

Have a problem after updating Win2003 to SP1.
On one of our servers I enable for one of users (not Admin on server) to
restart IISADMIN service remotely (user can do this ftom his workstation
using Computer Management MMC concole). But after upgrading server to SP1

The Desktop team in our department has been deploying PC's with the C:\
drive
permissions changed. They thought it would be convenient for the user if
everyone had full control of the entire c:\ drive.

Is there any way to prevent OS fingerprinting scans on Windows 2003?

System: Win2k3 SRV (Std Edition) with SP1 in workgroup mode.
Implemented three security templates from Microsoft (hisec.inf, High
Security - Bastion Host.inf, High Security - IIS Server.inf) to lock down IIS
6.

Since installing SP1 I am no longer able to reach clients in remote subnets
from the local subnet.  If I type \\machinename\C$ nothing, however if I log
on to a DC in a remote subnet, and type the same, I'm instantly connected.
Can anyone point me in the right direction as to ...

Is there any way of rolling back the installation of security templates on
Windows 2003. I am about to deploy them to a live system after testing on a
test system bit would like some way of rolling back.

i have Windows2000 Advanced Server as Domain Controller and Active
Directory.
and save many users in AD
how i can make Backup from My AD

The company that I work for has a Windows 2003 domain and a second
Windows 2000 domain for our HR department. WE have recently merged all
other domains into the 2003 domain and now I am being asked how safe is
it to add the HR\Payroll department to the 2003 domain. Are the risks

I'm assuming that on the basis that a password policies is specific to the
domain controller GPO that I cant set different/multiple password strengths
and policies for different users?
Or can I?

I've been asked to make our Win2k3 server audit user logins, and e-mail a
report to a user at a specified time so we can tell if employees are
showing up for work on time. I've been over the logging/auditing
documentation and have become increasingly confused by the various event

I have a public environment and usually when i troubleshoot the area I log
onto local ws as Administrator. Is there a way of telling if keyloggers have
been installed on workstations? How do I know that my administrator account
for the local ws is not being compromised?

I recently upgraded to SBS 2003std, and am needing to allow a vendor remote
access to the server to do some software updates on their program.  I had no
problem setting up the user, adding them to the Mobile Users group, and
connecting to the Remote Web Workplace.  Unfortunately, ...

Colleagues,
Is local system account member of local Administrators group?
Thank you very much and best regards,
Peter