Slides and Notes from the South Florida Security & Compliance User Group Meeting -1/28/10

The South Florida Security & Compliance User Group Board of Directors would like to thank everyone who attended the meeting at the Citrix Building on January 28, 2010.  Here attached are the powerpoint presentations that took place.  If anyone would like to present or host a future meeting please let us know.  Please spread the word about our group!  If our group continues to grow so will our experience and knowledge.

The Powerpoint presentation file

  • BE12_VCB is titled : Symantec Backup Exec 12.5 VMware – Virtual Consolidate Backup 
  • SIMs is titled: Security Information Managers [SIM/SIEM]

More to come in the near future please continue to benefit from using our resources at Symantec.


Scheduled Tasks w/ GUI issue

Are there issues running Scheduled Tasks in Windows 2003 when the task has a GUI? I have one that worked fine in Windows 2000 but won’t run on Windows 2003.


I have a .bat job that ran every hour throughout the day on an old Windows 2000 server for many years. I finally retired that server last week and moved the job (and associated programs and files) to a Windows 2003 server.

The .bat file calls a couple cmd line apps first, but the final step is a GUI based .NET app (it does some OCR on image files and then shuts itself down).

From the new server, logged on as the Scheduled Task owner I can run the .bat file from the command line successfully.

From the new server, again logged on as the Scheduled Task owner, I can right-click on the task in the Scheduler and run it successfully. This task simply runs that same .bat file.

If the Scheduled Task owner is logged on to the 2003 server and the task is started from a remote server (where the user started Scheduled Tasks and connected to this server) it’ll also run successfully.

If the scheduled task owner is not logged on to this server then the scheduled task fails at the step where the GUI app is launched. We can’t get any error messages. Running ProcMon from a different session/user account monitoring that user account didn’t turn up anything either.

For the moment, my horrible work-around is to leave the scheduled task owner logged on at the console with the screen locked. Of course, this becomes a pain each time that server is rebooted…

The scheduled task owner is our “domain service account” and is working with all other tasks on all other servers. It isn’t locked out or anything like that.

I even tried modifying the Task Scheduler to check the “Allow service to interact with desktop box” but that didn’t change anything. (Yes, I restarted the service after the change.)


Updated (1/19/2010)

I need to clarify a bit: The .NET app I mentioned does a bunch of stuff that works. It isn’t until it gets to the point where it needs to open a window that the app then hangs. We can see the progress of the app via the logging entries it leaves behind so we can see it working fine with the last log entry being “about to start OCR”… and that’s where she hangs.


How to migrate Samba User Accounts to a new linux server?

I have an Ubuntu 6.06 server that needs to be replaced by an Ubuntu 9.04 server clean setup, I already copied the entire samba file server directory to the new 9.04 server using rsync. I need to know how to migrate the existing user accounts (machine accounts) to the new server so as when I physically transfer the connections everything will be ok and I don’t have to manually enter smbpasswd -a <user> on the new server.

passdb backend = tdbsam

network workstations accessing the share are either vista or xp.


How to run VMWare ESX or ESXi in a virtual machine?

Can VMWare ESX or ESXi be installed and used inside a virtual machine?

It can be installed inside VMWare Workstation or Server, but then it doesn’t work; the main symptoms are:

  • It runs REALLY slowly.
  • It lets you create VMs, but when powering up them it gives an error stating "You may not power on a virtual machine in a virtual machine".


How to reconnect to a disconnected ssh session

Is there a way to connect to an ssh session that was disconnected? We are having problems with our network connection to a remote site that we are working on separately; however, in the mean time we experience a large number of disconnects due to lost packets while connected to servers at the remote location. Many times the session stays active for a while, and sometimes it happens to be in the middle of some action (file editing, running some process, etc…) that I need to get back to rather than restart if possible.


Can I use SSH key authentication to log into a remote system with a different username?

Suppose I have a remote system named “remotesystem”, and a user account “foouser” on that system.

I know that on my local system, I can generate an SSH key pair as local user “foouser”, put the public key in the “/home/foouser/.ssh/authorized_keys” file on “remotesystem”. When I SSH as “foouser” from my local system to “remotesystem”, SSH uses the key pair to authenticate me.

But what if my local username is not the same as the username on the remote system? That is, what if I want to SSH as local user “baruser” to “remotesystem”? Obviously, I will need to generate a key pair for “baruser” and add the public key to “/home/foouser/.ssh/authorized_keys”. Then, I should be able to “ssh foouser@remotesystem” while logged in as “baruser” locally, and SSH will use the key pair to authenticate, right?

I’m asking because I am trying to get the key authentication working in this scenario, without success. I’m not sure if its due to the username mismatch, or a configuration issue with the SSH server on the remote system.