Admin News
IVV Naturwissenschaften – Administrator-News
Sie können die Nachrichten auf dieser Seite auch als RSS-Feed unter der Adresse https://www.uni-muenster.de/NWZ/en/Aktuelles/feed_admin.rss abonnieren.
IVV Naturwissenschaften – Administrator-News
Sie können die Nachrichten auf dieser Seite auch als RSS-Feed unter der Adresse https://www.uni-muenster.de/NWZ/en/Aktuelles/feed_admin.rss abonnieren.
Due to the expiration of the Sophos national contract on September 30, 2024, we have published a corresponding notification via the keyserver as a "popup" today.
After logging in, users will receive a message instructing them to contact the responsible administrator regarding migration to Cisco Secure Endpoint.
Due to the switch in virus protection from "Sophos Intercept X" to "Cisco Secure Endpoint," we will disable the tamper protection on August 21, 2024.
The state contract for "Cisco Secure Endpoint" will become active on October 1, 2024, and we currently do not know whether our Sophos Central instances will still be manageable at that time.
All systems that have not adopted the disabled tenant protection in Sophos Intercept X by September 30, 2024, will likely require a reinstallation.
Change of the NWZ Domain Policy
The WSUS update path has been changed from http to https.
Current update path: https://nwzsus2019.nwz.wwu.de:8531
The “New Outlook” or “Outlook (new)” is part of Windows from Windows 11 2023H2. This is not the conventional “Outlook” as it is known as part of Microsoft Office, but a completely different application with a similar name.
The conventional Outlook as part of Microsoft Office is not affected under Windows.
We have deactivated the button to start the application with the following registry key via the NWZ domain policy:
[HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\Options\General] “HideNewOutlookToggle”=dword:00000001
The WDS service will not be available on Wednesday, July 10, 2024, as some tests are being carried out.
On Wednesday 05.06.2024 there will be all-day maintenance work on ConfigMgr from approx. 07:00 am.
Please close your open ConfigMgr Console on Citrix with your end of service today and restart it first with the announcement of the end of the maintenance work.
Existing deployments will continue to run so that your Windows clients can continue to install software.
There was the following change to the “NWZ Domain Policy” this morning.
Deactivation of the setting: Computer Configuration > Administrative Templates > Windows Components > Widgets
This will deactivate the weather/news widget in the Windows bar.
BitLocker is recommended for encryption of hard disks of portable Windows computers in NWZ. And was presented in detail in an IVV colloquium lecture in the summer semester 2022.
The recovery keys are stored securely in Active Directory on the respective computer object. Previously, these keys were only visible to domain administrators.
As of today, these keys can now also be viewed by the relevant admin groups (Y accounts).
Due to changes in the central user database (WWUBEN), user provisioning in the NWZ failed during the night of May 22-23, 2023.
Access to the required database view is now restored and any tasks that have been incurred will be caught up on the next night.
The Domain Functional Level of the NWZ Active Directory has been raised from Windows Server 2012R2 to Windows Server 2016.
The Forest Functional Level of WWU.DE is currently Windows Server 2012, therefore the new features introduced with the Windows Server 2016 Functional Level by Microsoft cannot be activated in the NWZ yet.
The group policy "IVV4_rename-local_admin" will be deactivated and removed on 07.10.2021 around 16h.
.
This will rename the local computer account administrator back to match your institute defaults.
Windows 10 installations are now stagnant and therefore we see no further use for this measure.
The Windows Defender anti-virus, which should have been automatically disabled by Sophos Anti-Virus, had to be disabled via the 'NWZ Domain Policy for Windows 10' Group Policy.
In the Windows 10 versions 1903 and 1909 there was a mutual blocking, which resulted in a 100% CPU load.
Additionally there is the "NWZ Windows Defender disabled" policy. This policy also deactivates the Windows Defender Antivirus.
Two Group Policies are now available in the NWZ to configure the energy-saving settings in Windows. Click on the headline for more information.
With the introduction of Windows 10 Anniversary Edition and Windows Server 2016, Microsoft has tacitly introduced the new version 6 of user profiles.
For all those who have already used Windows 10 Anniversary Edition and Windows Server 2016, the new profile was automatically created as I:\Profile\[user ID].V6 at the first login of Windows and can be used since then.
However, Y-Accounts support is not yet possible with this new profile version, as the profile directories are automatically created by Windows without the required access rights.
As of 24.11.2016, the profile directories for all newly created user IDs will be prepared in versions 1-6 (previously 1-5).
For all existing user IDs, the .V6 profile directory will be created in the course of 23.11.2016 and provided with the appropriate access rights. If a .V6 directory already exists, only the access rights will be modified accordingly.
On 30.11.2016 we discontinue the operation of Microsoft App-V in the NWZ. Currently only Corel Painter X3, CorelDRAW Graphics Suite X7 and Corel PaintShopPro X6 are offered via App-V, a newer version of these programs is already available for installation via our SCCM server.
At this time, both the App-V servers will be shut down and an attempt will be made to uninstall the App-V client via the GPSI policy.
Further information about SCCM can be found here
In the NWZ Domain Policy the setting of the Firefox Session Restore Interval has been changed. By default, this feature continuously saves the opened tabs in a file every few milliseconds in order to be able to restore them if necessary. This can result in significant traffic of up to 100 GB per user per day. For this reason, the value has now been set to 15 minutes.
The following setting has been changed:
Computer Configuration Policies-Administrative Templates-Mozilla Advanced Options-Locked Settings-browser
Setting: browser.sessionstore.interval - activated
Number: 900000 (ms = 15 Minuten)
Until now, the Windows Recycle Bin is enabled by default in the NWZ domain, so files are not deleted directly, but moved to the Recycle Bin.
As of 14.03.2016 we will deactivate the Recycle Bin by default so that files are actually deleted when they are deleted.
If you still want to leave the recycle bin activated in your OU, you must change the following setting in your policy:
User Configuration – Policies – Windows Components – File Explorer – Do not move deleted files to the Recycle Bin --> deactivated
Due to the Crypto-Trojan threat, the execution of macros in Microsoft Office documents via NWZ Domain Policy is now only possible after prior confirmation by the user.
When opening Microsoft Office documents from emails in Outlook, they are only opened in safe mode.
If you distribute your own Office configurations via the group policy, you may have to adjust the settings accordingly. You can use the settings made in the NWZ Domain Policy as a template.
Cryptotrojans encrypt data unnoticed and only release it for ransom, if at all.
The main distribution channels of malware are prepared web pages and e-mails. An up-to-date and secure software configuration (especially operating system, virus scanner, browser, browser plugins and e-mail program) is a basic requirement, but it does not offer 100% security. The conscious and careful handling of the Internet and email is important.
Do not open emails, especially attachments from senders you don't know or that look suspicious. This includes Microsoft Office, Adobe PDF documents or ZIP archives.
If you become a victim of an encryption strojan, notify your IT-Administrator IMMEDIATELY. This is the only way to contain the spread to other data sets and to restore encrypted files from the backup of an earlier version.
Mozilla Firefox will be converted to the Community Edition as of today in the NWZ.
The previously known desktop icon will change to a blue globe and the shortcut on the desktop is now "FrontMotion Firefox". The installation is done automatically via the existing GPSI policy. Administrators now have the ability to set certain Firefox settings automatically via Group Policy. For more information please click on the link in the headline.
The Autodesk Product Design Suite Ultimate 2016 is now available in the NWZ as Published Software.
For instructions on how to change and extend network access rules (ACLs) yourself in the NIC_online network zone browser, see the administrator help in the new "Security" section.
These rules in the network work independently of the operating system and a firewall. They are the preferred method to control network access within the university, but do not replace a firewall.
If you want to protect devices with public IP addresses (128.176.*.*) against external access, please contact ZIV for advice on setting up a firewall.
The software MathCAD 13 is now available in the NWZ as Published Software to every administrator for installation via the control panel.
DNASTAR Lasergene v11 is no longer available via App-V for technical reasons. The program will now start again with a central share on DFS. You will find the links in the start menu under Biology - DNASTAR 11.
As decided by the IVV4 expert group, the NIC has moved all terminal devices that were still in the NWZnet application environment "WDS-NWZNET" to the application environment "NWZ-WDS"..
Instead of the NWZnet WDS server, the end devices are now offered the NWZ WDS server for installation.
The change of the "Subdomain" from "nwznet.uni-muenster.de" to "nwz.wwu.de" and the check of the "Canonical Name" must still be done manually in NIC_online before a new computer is installed.
A few adjustments have been made to the NWZ Domain Policy (new domain) that affect all client systems..
Some programs that were previously installed unasked via the Domain policy for each client are now available in NWZnet as an optional GPSI policy.
This affects the following software:
The firewall rules in the domains NWZnet and NWZ have been changed in the following areas:
* File and Printer sharing exception
* Remote Administration exception
* Remote Desktop exception
A subnet was added in each case.
If you have defined your own filter rules in the group policy, add the rules according to the settings in the NWZnet Domain Policy for Windows XP/7 or NWZ Domain Policy.
The software Surfer 10 is now available as Published Software. For installation instructions, see here.
In letzter Zeit häufen sich die Fälle, wo der Zugang zu Dokumentationen unter https://sso.uni-muenster.de/IVVNWZ/hilfe/administration verwehrt wird. Dies kann mehrere Gründe haben.
Wir haben dies zum Anlaß genommen, eine bereits länger mögliche Bereinigung vorzunehmen, die eine Reihe von Problemen beseitigt.
From now on, the documentation is only accessible with the standard ID of an IT administrator and not with the administrative ID (W or Y account) as before.
If you are denied access despite using the standard ID and you are an officially appointed IT administrator, please check whether you have not changed your password for a longer period of time.
An outdated password (last changed in 2007), which is no longer accepted after the conversion of the web server park, can be the reason for the login failure. Please change your password via myZIV.