Today we’re going to dive into something that admins have been doing for years: deploying Adobe Reader via Group Policy. You would be hard-pressed to find a company that doesn’t use PDFs, and while options for viewing and editing PDFs have greatly increased, the official Adobe Reader application remains the go-to PDF viewer for most companies.
Unfortunately, Adobe Reader is prone to high-risk security vulnerabilities. To help mitigate the risk of using Reader, one must be sure to keep the application up-to-date. Group Policy allows us to not only deploy the application, but also to push out new versions as they are released. Working out how, exactly, to accomplish that can take a bit of work, but this tutorial should help to clear things up.
Here’s the situation: A Windows 7 user on an Active Directory Domain is getting prompts to enter their password every time they try to access the Internet.
What could be going on? Has something changed in the corporate firewall? Did their permissions get corrupted in Active Directory?
Lately, much of my work time has been spent upgrading the servers that keep the company network running. As the Extended Support End Date for Server 2003 has crept closer and closer, it has become essential to role out updated hardware running the latest version of Windows Server. There’s almost two years left before Server 2003 loses its support, but the earlier I can get things upgraded, the better. Now, any server upgrade can be a scary proposition, but my latest upgrade was particularly worrisome. It was time to upgrade the Primary Domain Controller (PDC), or perhaps more correctly, the Domain Controller (DC) that has the PDC emulator role assigned to it. For those not familiar with Windows networking, here’s a simple overview. DCs are the servers setup to store all network information on them. These servers work together to run a system called Active Directory (AD). Many items are stored in AD, but the most familiar to an average user would be user logins. Without AD, you wouldn’t be able to log in and access files and services on the network. So, not only was I upgrading one of the core machines behind “the network,” but I was upgrading the one that handles the bulk of the networking workload. That makes for a lot of potential for something to go wrong. Continue reading