We are concerned that some of our corporate users will download XP SP2 when
it comes out and screw up their machines. Who knows what applications will
be broken when it is installed. I am wondering if there is some way to
prevent our users from downloading SP2 before we can test it? I guess that
we could send out an "All Hands Email Bulletin" warning users to wait before
installing it so that our IT department can thoroughly test it. Is anyone
else out there thinking along these paranoid lines too?


Thanks,
Fred

Speak to you network administrator. On a normal corporate network they would be unable to install it.

--
----------------------------------------------------------
'Not happy John! Defending our democracy',
http://www.smh.com.au/articles/2004/...392635123.html

"Fred Yarbrough" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
>
> We are concerned that some of our corporate users will download XP SP2 when
> it comes out and screw up their machines. Who knows what applications will
> be broken when it is installed. I am wondering if there is some way to
> prevent our users from downloading SP2 before we can test it? I guess that
> we could send out an "All Hands Email Bulletin" warning users to wait before
> installing it so that our IT department can thoroughly test it. Is anyone
> else out there thinking along these paranoid lines too?
>
>
> Thanks,
> Fred
>
>

Lots IBM has informed all its employees NOT to install it for one and others
have concerns too read here:
http://channelzone.ziffdavis.com/art...1632395,00.asp

Testy

"Fred Yarbrough" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> We are concerned that some of our corporate users will download XP SP2
> when
> it comes out and screw up their machines. Who knows what applications
> will
> be broken when it is installed. I am wondering if there is some way to
> prevent our users from downloading SP2 before we can test it? I guess
> that
> we could send out an "All Hands Email Bulletin" warning users to wait
> before
> installing it so that our IT department can thoroughly test it. Is anyone
> else out there thinking along these paranoid lines too?
>
>
> Thanks,
> Fred
>
>


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.736 / Virus Database: 490 - Release Date: 8/9/2004

I am the network administrator.

Fred


"David Candy" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
Speak to you network administrator. On a normal corporate network they would
be unable to install it.

--
----------------------------------------------------------
'Not happy John! Defending our democracy',
http://www.smh.com.au/articles/2004/...392635123.html

"Fred Yarbrough" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> We are concerned that some of our corporate users will download XP SP2
when
> it comes out and screw up their machines. Who knows what applications
will
> be broken when it is installed. I am wondering if there is some way to
> prevent our users from downloading SP2 before we can test it? I guess
that
> we could send out an "All Hands Email Bulletin" warning users to wait
before
> installing it so that our IT department can thoroughly test it. Is anyone
> else out there thinking along these paranoid lines too?
>
>
> Thanks,
> Fred
>
>

Why would you think they can install it? What have YOU done to allow it.
--
----------------------------------------------------------
'Not happy John! Defending our democracy',
http://www.smh.com.au/articles/2004/...392635123.html

"Fred Yarbrough" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
> I am the network administrator.
>
> Fred
>
>
> "David Candy" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
> Speak to you network administrator. On a normal corporate network they would
> be unable to install it.
>
> --
> ----------------------------------------------------------
> 'Not happy John! Defending our democracy',
> http://www.smh.com.au/articles/2004/...392635123.html
>
> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> >
> > We are concerned that some of our corporate users will download XP SP2
> when
> > it comes out and screw up their machines. Who knows what applications
> will
> > be broken when it is installed. I am wondering if there is some way to
> > prevent our users from downloading SP2 before we can test it? I guess
> that
> > we could send out an "All Hands Email Bulletin" warning users to wait
> before
> > installing it so that our IT department can thoroughly test it. Is anyone
> > else out there thinking along these paranoid lines too?
> >
> >
> > Thanks,
> > Fred
> >
> >
>
>

Let me extrapolate. We do not enforce restrictive policies on our users. I
wish that we could, but our business is comprised of engineers, scientists,
and programmers that must have administrative privileges on their local
machines to do their job functions. Most of these guys are very sharp and
that is what concerns me


Thanks,
Fred.





"Fred Yarbrough" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I am the network administrator.
>
> Fred
>
>
> "David Candy" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
> Speak to you network administrator. On a normal corporate network they
would
> be unable to install it.
>
> --
> ----------------------------------------------------------
> 'Not happy John! Defending our democracy',
> http://www.smh.com.au/articles/2004/...392635123.html
>
> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> >
> > We are concerned that some of our corporate users will download XP SP2
> when
> > it comes out and screw up their machines. Who knows what applications
> will
> > be broken when it is installed. I am wondering if there is some way to
> > prevent our users from downloading SP2 before we can test it? I guess
> that
> > we could send out an "All Hands Email Bulletin" warning users to wait
> before
> > installing it so that our IT department can thoroughly test it. Is
anyone
> > else out there thinking along these paranoid lines too?
> >
> >
> > Thanks,
> > Fred
> >
> >
>
>

Service Pack 2 (Unless invoked with /n option) will backup the existing
configuration. So, worst case if someone installs it and an application
breaks it should be 25 minutes to back out SP2. What interests me in
your original post was the comment about testing the Service Pack.
Are you saying that during this development/beta period no one in your
organization has had access or pre-tested your applications ? & that
you are just now implementing preventative measures to stop users
from IT'ing the Service Pack themselves ?

"Fred Yarbrough" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Let me extrapolate. We do not enforce restrictive policies on our users.
> I
> wish that we could, but our business is comprised of engineers,
> scientists,
> and programmers that must have administrative privileges on their local
> machines to do their job functions. Most of these guys are very sharp and
> that is what concerns me
>
>
> Thanks,
> Fred.
>
>
>
>
>
> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> I am the network administrator.
>>
>> Fred
>>
>>
>> "David Candy" <(E-Mail Removed)> wrote in message
>> news:%(E-Mail Removed)...
>> Speak to you network administrator. On a normal corporate network they
> would
>> be unable to install it.
>>
>> --
>> ----------------------------------------------------------
>> 'Not happy John! Defending our democracy',
>> http://www.smh.com.au/articles/2004/...392635123.html
>>
>> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>> >
>> > We are concerned that some of our corporate users will download XP SP2
>> when
>> > it comes out and screw up their machines. Who knows what applications
>> will
>> > be broken when it is installed. I am wondering if there is some way to
>> > prevent our users from downloading SP2 before we can test it? I guess
>> that
>> > we could send out an "All Hands Email Bulletin" warning users to wait
>> before
>> > installing it so that our IT department can thoroughly test it. Is
> anyone
>> > else out there thinking along these paranoid lines too?
>> >
>> >
>> > Thanks,
>> > Fred
>> >
>> >
>>
>>
>
>

That would be correct. When you are severely under staffed and don't have
much time to beta test. Please don't kill the messenger here as I simply
have to deal with fires and not where they are coming from. I solely manage
60 Windows servers on the side when I am not performing AD migrations and
getting ready for Exchange 2003. We still have a few users on Windows 95
for God's sake!


Thanks,
Fred

"R. McCarty" <PcEngWork-NoSpam_@mindspring.com> wrote in message
news:hoVRc.19072$(E-Mail Removed)...
> Service Pack 2 (Unless invoked with /n option) will backup the existing
> configuration. So, worst case if someone installs it and an application
> breaks it should be 25 minutes to back out SP2. What interests me in
> your original post was the comment about testing the Service Pack.
> Are you saying that during this development/beta period no one in your
> organization has had access or pre-tested your applications ? & that
> you are just now implementing preventative measures to stop users
> from IT'ing the Service Pack themselves ?
>
> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Let me extrapolate. We do not enforce restrictive policies on our
users.
> > I
> > wish that we could, but our business is comprised of engineers,
> > scientists,
> > and programmers that must have administrative privileges on their local
> > machines to do their job functions. Most of these guys are very sharp
and
> > that is what concerns me
> >
> >
> > Thanks,
> > Fred.
> >
> >
> >
> >
> >
> > "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> >> I am the network administrator.
> >>
> >> Fred
> >>
> >>
> >> "David Candy" <(E-Mail Removed)> wrote in message
> >> news:%(E-Mail Removed)...
> >> Speak to you network administrator. On a normal corporate network they
> > would
> >> be unable to install it.
> >>
> >> --
> >> ----------------------------------------------------------
> >> 'Not happy John! Defending our democracy',
> >> http://www.smh.com.au/articles/2004/...392635123.html
> >>
> >> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> >> news:(E-Mail Removed)...
> >> >
> >> > We are concerned that some of our corporate users will download XP
SP2
> >> when
> >> > it comes out and screw up their machines. Who knows what
applications
> >> will
> >> > be broken when it is installed. I am wondering if there is some way
to
> >> > prevent our users from downloading SP2 before we can test it? I
guess
> >> that
> >> > we could send out an "All Hands Email Bulletin" warning users to wait
> >> before
> >> > installing it so that our IT department can thoroughly test it. Is
> > anyone
> >> > else out there thinking along these paranoid lines too?
> >> >
> >> >
> >> > Thanks,
> >> > Fred
> >> >
> >> >
> >>
> >>
> >
> >
>
>

Fred Yarbrough wrote:

> Let me extrapolate. We do not enforce restrictive policies on our users. I
> wish that we could, but our business is comprised of engineers, scientists,
> and programmers that must have administrative privileges on their local
> machines to do their job functions. Most of these guys are very sharp and
> that is what concerns me
>
>
> Thanks,
> Fred.
>
>
>
>
>
> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>>I am the network administrator.
>>
>>Fred
>>
>>
>>"David Candy" <(E-Mail Removed)> wrote in message
>>news:%(E-Mail Removed)...
>>Speak to you network administrator. On a normal corporate network they
>
> would
>
>>be unable to install it.
>>
>>--
>>----------------------------------------------------------
>>'Not happy John! Defending our democracy',
>>http://www.smh.com.au/articles/2004/...392635123.html
>>
>>"Fred Yarbrough" <(E-Mail Removed)> wrote in message
>>news:(E-Mail Removed)...
>>
>>>We are concerned that some of our corporate users will download XP SP2
>>
>>when
>>
>>>it comes out and screw up their machines. Who knows what applications
>>
>>will
>>
>>>be broken when it is installed. I am wondering if there is some way to
>>>prevent our users from downloading SP2 before we can test it? I guess
>>
>>that
>>
>>>we could send out an "All Hands Email Bulletin" warning users to wait
>>
>>before
>>
>>>installing it so that our IT department can thoroughly test it. Is
>
> anyone
>
>>>else out there thinking along these paranoid lines too?
>>>
>>>
>>>Thanks,
>>>Fred

<cross posting removed>

Lol..it's the fact that some of them, though very intelligent, are not
so smart in some ways that creates the problem. Too smart for their own
(and your) good.

Well you need to set restrictive policies. You can set the SP2 filename and prevent it from running. But admins can do anything. If they are admins they can get around any restrictions anyway. If I worked there you couldn't stop me installing it, just make it hard to.

I would set a local password for the local admin account that only I know (if they are a local admin you can't stop them without stopping yourself). I would put all admins but me in one OU, and block at that level (but they can unblock themselves), I would then block them from changing the GP. But they can still override their local registry where it ends up, so you'd have to block them there to. You can still get around it but by know it really should be a sackable offense as breaching the core network security is a no-no.

Sack em if they do it, or make it a condition - if you break, you fix - without IT/IS help (that would be effective, imagining wanting to go home at 5pm on friday but you have to install XP then SP1, and then all your apps before you are allowed to).
--
----------------------------------------------------------
'Not happy John! Defending our democracy',
http://www.smh.com.au/articles/2004/...392635123.html

"Fred Yarbrough" <(E-Mail Removed)> wrote in message news:(E-Mail Removed)...
> Let me extrapolate. We do not enforce restrictive policies on our users. I
> wish that we could, but our business is comprised of engineers, scientists,
> and programmers that must have administrative privileges on their local
> machines to do their job functions. Most of these guys are very sharp and
> that is what concerns me
>
>
> Thanks,
> Fred.
>
>
>
>
>
> "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > I am the network administrator.
> >
> > Fred
> >
> >
> > "David Candy" <(E-Mail Removed)> wrote in message
> > news:%(E-Mail Removed)...
> > Speak to you network administrator. On a normal corporate network they
> would
> > be unable to install it.
> >
> > --
> > ----------------------------------------------------------
> > 'Not happy John! Defending our democracy',
> > http://www.smh.com.au/articles/2004/...392635123.html
> >
> > "Fred Yarbrough" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > >
> > > We are concerned that some of our corporate users will download XP SP2
> > when
> > > it comes out and screw up their machines. Who knows what applications
> > will
> > > be broken when it is installed. I am wondering if there is some way to
> > > prevent our users from downloading SP2 before we can test it? I guess
> > that
> > > we could send out an "All Hands Email Bulletin" warning users to wait
> > before
> > > installing it so that our IT department can thoroughly test it. Is
> anyone
> > > else out there thinking along these paranoid lines too?
> > >
> > >
> > > Thanks,
> > > Fred
> > >
> > >
> >
> >
>
>