RE: [ActiveDir] Ntds.dit file corruption
Distributed systems hurt the head in that it is not clear *where* the problem is. It is hard to point a finger at something/someone and say there's the issue! when the issue lies in the state in which some number of servers exist relative to one another. However, in a system which aims to provide convergence (in mission and in assumption by clients), such divergence is, I think, corruption. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, December 06, 2005 5:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Ntds.dit file corruption Good post ~Eric, thanks for chiming in. I see where you are coming from with the corruption at the distributed level. In terms of corruption at that level I see it as corruption but just can't get myself to see it as AD corruption. I am not sure if I can put it down in words why. I just don't. :) joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman Sent: Tuesday, December 06, 2005 5:42 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Ntds.dit file corruption snip I would generally not call USN rollback a corruption either, but I think Dean make a fair and quasi-valid point that if you consider the distributed system, yes such a thing is a corruption. Feel free to shim in a AD Distributed System Logical Layer in the above stack, between AD Logical Layer and App Logical Layer. I'm waffling on this point though, as somethign smells differnent that other types of corruption. I'm going to think about that for a long time ... in fact Eric yes the ~Eric) is at my door and says he would consider it corruption, so there is a long debate in my future as well ... /snip Over lunch, Brett and I discussed this some more. My contention is that USN rollback would be a form of corruption under a somewhat broad definition. The reality is that there is a layer that Brett mentioned which actually has a two parts when looked at from a high level. Namely, this layer: AD Logical Layer The first piece could be thought of as local logical layer. That is, data hierarchy, conforming to the code assumptions of how it should be, data conforming to the schema as defined, etc. This is a layer of data that clearly need be proper (leaving the definition of proper to another day), else we are in some sort of corrupt state. Brett and I both agree on this I'm pretty sure. However, there is then distributed systems corruption. In AD, one of the services we aim to provide is convergence. If we do not converge, we define this divergence as at a minimum bad, perhaps corrupt. USN rollback breaks our convergence guarantees, it breaks replication such that you will not attain convergence in the system. I would as such consider it a form of corruption. Over Teriyaki a few minutes ago, Brett posited the question well if USN rollback is corruption, what else? Valid question. I would concede that if USN rollback is considered distributed systems corruption, so too would be other conditions which yield divergence. Perhaps this is a slippery slope that goes too far. I need to think about this some more. I would also toss out there that corruption should not be confused with forever broken. There are many states in which the directory can exist where it is functional, but in some way broken. Such divergences can typically be repaired with administrative action, so long as it is a savvy administrator. :) If we are willing to assume that divergence is corruption, I'd tend to believe that most people on this list have recovered from some form of corruption before. The worse the corruption, the more help you likely want to recover from it. :) Anyway, we'll likely debate this for a few months, as we usually do on such points. More thoughts to come as we debate further. ~Eric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley Sent: Tuesday, December 06, 2005 12:04 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Ntds.dit file corruption I wouldn't say that, joe ... Lets take another hypothetical real quick, lets say you have a column for the RDN of an AD object (well we do) and that value is NULL. From AD's perspective this object is well not really an object, it would be corrupt, and might even crash lsass.exe (I don't know, it might). However, from ESE's persepctive though, the table/row/column is valid, it has a particular column that doesn't have a value. A column which I might add is declared optional (real term is tagged) in the ESE layer schema (real term is catalog). ESE is simply a store of data, it passes no judgement on the data as long as it fits the schema guidelines for the column. Joe, is the DB corrupt? An AD object without an RDN? I have tendency to think in layers and sources of corruption. App Logical Layer AD Logical Layer ESE Logical Layer [ESE] Physical
RE: [ActiveDir] remove logon script?
That did itthanks Joe. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, December 06, 2005 8:21 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] remove logon script? Yeah I have seen odd things like that before if you cut and paste from email or doc files, some bogus character you can't see is in there or something like that. Retype it... [Tue 12/06/2005 20:20:01.78] G:\Adfind -f ((objectCategory=person)(objectClass=user)(scriptpath=logon.bat)) -default -dsq | admod -unsafe scriptpath:- (objectClass was unexpected at this time. [Tue 12/06/2005 20:20:07.26] G:\Adfind -f ((objectcategory=person)(objectclass=user)(scriptpath=logon.bat)) -default -dsq | admod -unsafe scriptpath:- AdMod V01.06.00cpp Joe Richards ([EMAIL PROTECTED]) June 2005 DN Count: 0 No object DNs to update. The command completed successfully. [Tue 12/06/2005 20:20:10.93] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, December 06, 2005 4:11 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] remove logon script? I get the following error: (objectClass was unexpected at this time. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Tuesday, December 06, 2005 2:00 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] remove logon script? It works against the current default domain which is the domain of the default domain controller. You can determine what that is with adfind -default -s base -dn If you want it to work against another domain, remove -default and add -b domain_dn (i.e. change the search base of the adfind query). From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, December 06, 2005 1:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] remove logon script? This will work for the currently logged in domain right? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, December 05, 2005 4:44 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] remove logon script? One tiny correction :) Adfind f ((objectCategory=person)(objectClass=user)(scriptpath=logon.bat)) default dsq | admod unsafe scriptpath:- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, December 05, 2005 4:00 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] remove logon script? Adfind and admod from joeware.net Adfind f ((objectCategory=person)(objectClass=user)(scriptpath=logon.bat)) default dsq | admod unsafe scriptpath- Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Monday, December 05, 2005 3:40 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] remove logon script? How can I remove the logon.bat from all my user (2000+) accounts at one time in my domain? Ive switch to GPO for the logon scripts. Devon Harding Windows Systems Engineer Southern Wine Spirits - BSG 954-602-2469 __ This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use or distribution of the information included in the message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank You. __ This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use or distribution of the information included in the message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank You.
[ActiveDir] search option for file and folders dont work
Hi, My search options for files and folders dont work in 2000. Though it works very well when opened from Windows Explorer. Any pointers to the probable reasons are appreciated. Regards, Sudhir Kaushal Systems Engineer (GIS) Computer Sciences Corporation. India - + 91 120 2582323 Ext. 2649 Denmark - + 45 70100024 Ext. 2649 “You never win Silver, You lose Gold” This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose.
[ActiveDir] Found bug in Active Directory DNS (integrated)
Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
RE: [ActiveDir] Found bug in Active Directory DNS (integrated)
You're sure that it wasn't your client cache returning the value after the initial query? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ADSent: Wednesday, December 07, 2005 7:36 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Found bug in Active Directory DNS (integrated) Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
[ActiveDir] Netware 5, 2000 AD, and Exchange 5.5 to 2003
Netware 5 with 2000 AD and Exchange 5.5 will all be migrated to 2003. Anyone have experience with this - any tips/suggestions? Thank you, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Found bug in Active Directory DNS (integrated)
Your NodeName is incorrect... NodeName -- name of node for which a record will be added - FQDN of a node (name with a '.' at the end) OR - node name relative to the ZoneName OR - "@" for zone root node OR - service name for SRV only (e.g. _ftp._tcp) The FQDN of the node in your example below should be "hostA." (note the . at the end of the name) not "hostA.myDomain.com" ... Essentially, you added a host to the sub-domain myDomain.com.myDomain.com instead, which is why it doesn't show up in the GUI where expected. Joe Pochedley A computer terminal is not some clunky old television with a typewriter in front of it. It is an interface where the mind and body can connect with the universe and move bits of it about. -Douglas Adams From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ADSent: Wednesday, December 07, 2005 9:36 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Found bug in Active Directory DNS (integrated) Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
RE: [ActiveDir] Moving 3rd party DNS to AD
I appreciate the feedback on your experience with QIP and MS DNS. It will all help -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Schofield Sent: Tuesday, December 06, 2005 8:52 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Moving 3rd party DNS to AD probably not needed but here is a script I used and deployed with SMS to all my member servers to update the DNS order. The script was used to add a third DNS server for 'just in-case' lookups but was effective in updating the member servers w/o having to manually do it. Probably won't be useful but thought I would pass along. You could easily make this accept command line switches but by default only runs on the local machine. Hope that helps. Sub Main() SetDNSServerSearchOrder() End Sub Sub SetDNSServerSearchOrder() ' On Error Resume Next Err.clear dim aDNS(1) 'Primary DNS server aDNS(0) = x.x.x.x 'Alternate DNS server aDNS(1) = x.x.x.x 'Set Networking Managing Objects strComputer = . set objWMIService = GetObject(winmgmts:\\ strComputer \root\cimv2) Set colItems = objWMIService.ExecQuery(Select * From Win32_NetworkAdapterConfiguration Where IPEnabled = 1) For Each objItem in colItems errDNS = objItem.SetDNSServerSearchOrder() wscript.sleep 500 errDNS = objItem.SetDNSServerSearchOrder(aDNS) Next set objWMIService = Nothing set colItems = Nothing End Sub Steve Schofield Microsoft MVP - ASP/ASP.NET ASPInsider Member - MCP http://www.orcsweb.com/ Managed Complex Hosting #1 in Service and Support - Original Message - From: Steve Schofield [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Tuesday, December 06, 2005 10:39 PM Subject: Re: [ActiveDir] Moving 3rd party DNS to AD Boy that is a real toughie! I have experience both with AD using QIP (6.x version) which was really good and now for the past year getting used to MS DNS with integrated zones on DC's which was ok but has been rock solid with w2k3 sp1 (lots of DNS fixes in w2k3 sp1). What would I do, boy not sure but here is an attempt. If your goal is have AD/DNS hosted on MS to quickly cutover one brainstorm is to have your DNS servers in AD be secondary's and ability to *import* the QIP zones so you could have real-time updates up to and just before cutover. Not sure off-hand if that is possible but believe so. Then for cutover, unplug QIP network cable, change the IP on the MS dns servers, convert to a primary zone to allow dynamic updates if you are supporting that. You can also setup the QIP to be the forwarders for the AD ones but would suggest to stay away from that if possible and just use the ROOT servers. As far as performance, DNS is not a very intensive process for a standard type setup. I would suggest RAID 1 for redundancy with 1 or 2 gig of ram. A dual proc machine would be more than sufficient. The RAID should use a hardware based controller with some cache for added boost. One benefit if these were DC's vs. standard DNS servers is the multi-master replication being integrated into AD database providing redundancy. Depending on your AD database size and DC's size, the entire database is loaded into memory could provide a pretty good boost. The ISP I work for (orcsweb.com) our internal AD servers take a lot of requests and those machines sit idle regarding DNS (we send lots of emails a day pretty DNS lookup intensive and works well). The QIP experience I didn't directly manage so I can't provide any stats there sorry. Hope that provides some ideas, the UI management tool in QIP is better than AD but the MMC is ok for a few domains.. Good luck, feel free to contact me [EMAIL PROTECTED] Steve Schofield Microsoft MVP - ASP/ASP.NET ASPInsider Member - MCP http://www.orcsweb.com/ Managed Complex Hosting #1 in Service and Support - Original Message - From: Figueroa, Johnny [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Tuesday, December 06, 2005 3:18 PM Subject: [ActiveDir] Moving 3rd party DNS to AD I will be removing a couple of Lucent QIP DNS servers running on Sun Solaris with Microsoft DNS. We already have our AD infrastructure. The _zones in the QIP DNS servers were delegated to AD DNS/DCs so the domain controllers could update their SRV records. We debated if we should integrate the zones owned by the QIP solution into AD (DC/DNS Servers) or create a couple of standalone DNS servers in AD, which will not be domain controllers. We chose to go with the standalone DNS servers mainly so that the testing, cutover and potential roll back could be done with minimal changes. I.e. turn off QIP DNS servers, change IP on the MS DNS servers to that of the old QIP servers and we are done. Roll back would be something like turn off MS DNS servers and turn QIP back on. The _zones in question are in our empty root domain, the clients and the AD resource records
RE: [ActiveDir] Netware 5, 2000 AD, and Exchange 5.5 to 2003
More than half a year ago I did a migration from Netware 5, NT4 and Exchange 5.5 to Windows/Exchange 2003. I remember posting information about it. Guido also posted some info about a migration job he did. Don't remember if it was last year or in the beginning of this year. So you might want to check out the archives. Another source you could use is the library from Quest. It contains 3 articles about migrating from Novell (http://wm.quest.com/library/) I assume Netware 5 is used for file and print services and AD is used as the primary authentication system. Right? Jorge From: [EMAIL PROTECTED] on behalf of Danny Sent: Wed 12/7/2005 4:23 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Netware 5, 2000 AD, and Exchange 5.5 to 2003 Netware 5 with 2000 AD and Exchange 5.5 will all be migrated to 2003. Anyone have experience with this - any tips/suggestions? Thank you, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. winmail.dat
Re: [ActiveDir] Netware 5, 2000 AD, and Exchange 5.5 to 2003
On 12/7/05, Almeida Pinto, Jorge de [EMAIL PROTECTED] wrote: More than half a year ago I did a migration from Netware 5, NT4 and Exchange 5.5 to Windows/Exchange 2003. I remember posting information about it. I will dust off the archives, then. Thanks. [...] Another source you could use is the library from Quest. It contains 3 articles about migrating from Novell (http://wm.quest.com/library/) Checking it out. I assume Netware 5 is used for file and print services and AD is used as the primary authentication system. Right? File, Print, and user login - with some type of syncronizcation between the two directories so that Exchange and Outlook works. Thanks, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Help with VB script to map printers
Hi I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
RE: [ActiveDir] Found bug in Active Directory DNS (integrated)
I concur. I understand why it does not show up in the gui but I do not understand why the server is still caching it. Deleting the object, clearing the pc cache and the server DNS cache does not get rid of the A record. I was hoping someone can try it in their environment and see if they get the same results. Y From: Joe PochedleySent: Wed 07/12/2005 10:34 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Found bug in Active Directory DNS (integrated) Your NodeName is incorrect... NodeName -- name of node for which a record will be added - FQDN of a node (name with a '.' at the end) OR - node name relative to the ZoneName OR - "@" for zone root node OR - service name for SRV only (e.g. _ftp._tcp) The FQDN of the node in your example below should be "hostA." (note the . at the end of the name) not "hostA.myDomain.com" ... Essentially, you added a host to the sub-domain myDomain.com.myDomain.com instead, which is why it doesn't show up in the GUI where expected. Joe Pochedley A computer terminal is not some clunky old television with a typewriter in front of it. It is an interface where the mind and body can connect with the universe and move bits of it about. -Douglas Adams From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ADSent: Wednesday, December 07, 2005 9:36 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Found bug in Active Directory DNS (integrated) Ok, this is the scenario.I needed to create 123 DNS entries really quick so I decided to use DNSCMD. It ended it being a big mistake. The mandatory parameters for DNSCMD /RECORDADD are the following: servername /RecordAdd Zone NodeName RRType RRData [command parameters] So I typed in the following: (entered it on different lines for easy readibiltiy). ncdc01 /RecordAdd myDomain.com hostA.myDomain.com A 192.168.1.2 The command completes with a "Command Completed Successfuly". Great. Only one problem. It does not show up in the DNS management console. I can see it in the directory but not in the DNS snapin. When I do a NsLookup on that record it comes up as hostA.myDomain.com.myDomain.com. Ok so I figured out that you do not need to specify the domain name for the NodeName parameter of the command. I go ahead and delete the entry in ADUC because I can't see it in DNS console, clear the DNS cache on the server and clear the cache on my client. When I run NsLookup on the host again it shows up as hostA.myDomain.com.myDomain.com. That is impossible right? The only way I was able to clear this entry from the server cache was to restart DNS on the DC. Not a feasible solution when you have 20 DC across the country. Has anyone seen this before? Thanks Yves
RE: [ActiveDir] Help with VB script to map printers
My wsh book shows the command to be .AddPrinterConnection not .AddWindowsPrinterConnection HTH Thanks, JD Northrop Grumman Information Technology Commercial, State Local Solutions 512-377-x235 Alphapage 866-521-6091 E-Page [EMAIL PROTECTED] From: Noah Eiger [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 07, 2005 1:10 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Help with _vbscript_ to map printers Hi - I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
RE: [ActiveDir] Help with VB script to map printers
Actually both are valid. From: WILLIAMS, J.D.Sent: Wed 07/12/2005 2:31 PMTo: 'ActiveDir@mail.activedir.org'Cc: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Help with _vbscript_ to map printers My wsh book shows the command to be .AddPrinterConnection not .AddWindowsPrinterConnection HTH Thanks, JD Northrop Grumman Information Technology Commercial, State Local Solutions512-377-x235 Alphapage 866-521-6091 E-Page [EMAIL PROTECTED] From: Noah Eiger [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 07, 2005 1:10 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Help with _vbscript_ to map printers Hi - I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = "\\server.abc.private\HP Color LaserJet 3500" UNCpath2 = "\\server.abc.private\HP LaserJet 3300" UNCpath2 = "\\server.abc.private\HP LaserJet 5000" Set multiPrinter = CreateObject("WScript.Network") multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo "Your printer is mapped from : " UNCpath1 _ ' "and from : " UNCpath2 WScript.Quit ' End of _vbscript_ --No virus found in this outgoing message.Checked by AVG Free Edition.Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
RE: [ActiveDir] Help with VB script to map printers
Try using Chr(34) instead of quotes for your paths i.e. UNCpath1 = \\server.abc.private\ Chr(34) HP Color LaserJet 3500 Chr(34) Chr(34) is how you get quotes into a string at least its the only way Ive ever gotten to work my WSH doesnt seem to like the double quotes I see some people use sometimes (i.e. MsgBox I said, Hello. would always give me an error. MsgBox I said, chr(34) Hello. Chr(34) works) Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Sent: Wednesday, December 07, 2005 1:10 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Help with _vbscript_ to map printers Hi I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
Re: [ActiveDir] Help with VB script to map printers
I'd guess that you have path problem. Try copying and pasting \\server.abc.private\HP Color LaserJet 3500 , with the quotes, in your start-run box and see if it connects that printer. If it doesn't work then you need to look at the ip name and share name, and double check security permissions. On 12/7/05, Noah Eiger [EMAIL PROTECTED] wrote: Hi – I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005 -- Paul Wilkinson[EMAIL PROTECTED]
RE: [ActiveDir] Help with VB script to map printers
This should work: UNCpath1 = "\\server.abc.private\"HP Color LaserJet 3500""" Ed Crowley MCSE+Internet MVPFreelance E-Mail PhilosopherProtecting the world from PSTs and Bricked Backups! From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich MilburnSent: Wednesday, December 07, 2005 12:17 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Help with _vbscript_ to map printers Try using Chr(34) instead of quotes for your paths i.e. UNCpath1 = "\\server.abc.private\" Chr(34) HP Color LaserJet 3500" Chr(34) Chr(34) is how you get quotes into a string at least its the only way Ive ever gotten to work my WSH doesnt seem to like the double quotes I see some people use sometimes (i.e. MsgBox I said, Hello. would always give me an error. MsgBox I said, chr(34) Hello. Chr(34) works) Rich ---Rich MilburnMCSE, Microsoft MVP - Directory ServicesSr Network Analyst, Field Platform DevelopmentApplebee's International, Inc.4551 W. 107th StOverland Park, KS 66207913-967-2819--I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah EigerSent: Wednesday, December 07, 2005 1:10 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Help with _vbscript_ to map printers Hi I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = "\\server.abc.private\HP Color LaserJet 3500" UNCpath2 = "\\server.abc.private\HP LaserJet 3300" UNCpath2 = "\\server.abc.private\HP LaserJet 5000" Set multiPrinter = CreateObject("WScript.Network") multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo "Your printer is mapped from : " UNCpath1 _ ' "and from : " UNCpath2 WScript.Quit ' End of _vbscript_ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. --No virus found in this outgoing message.Checked by AVG Free Edition.Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
RE: [ActiveDir] Help with VB script to map printers
Strange. I've never had problems with double double-quotes in a _vbscript_. Ed Crowley MCSE+Internet MVPFreelance E-Mail PhilosopherProtecting the world from PSTs and Bricked Backups! From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich MilburnSent: Wednesday, December 07, 2005 12:17 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Help with _vbscript_ to map printers Try using Chr(34) instead of quotes for your paths i.e. UNCpath1 = "\\server.abc.private\" Chr(34) HP Color LaserJet 3500" Chr(34) Chr(34) is how you get quotes into a string at least its the only way Ive ever gotten to work my WSH doesnt seem to like the double quotes I see some people use sometimes (i.e. MsgBox I said, Hello. would always give me an error. MsgBox I said, chr(34) Hello. Chr(34) works) Rich ---Rich MilburnMCSE, Microsoft MVP - Directory ServicesSr Network Analyst, Field Platform DevelopmentApplebee's International, Inc.4551 W. 107th StOverland Park, KS 66207913-967-2819--I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah EigerSent: Wednesday, December 07, 2005 1:10 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Help with _vbscript_ to map printers Hi I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = "\\server.abc.private\HP Color LaserJet 3500" UNCpath2 = "\\server.abc.private\HP LaserJet 3300" UNCpath2 = "\\server.abc.private\HP LaserJet 5000" Set multiPrinter = CreateObject("WScript.Network") multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo "Your printer is mapped from : " UNCpath1 _ ' "and from : " UNCpath2 WScript.Quit ' End of _vbscript_ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. --No virus found in this outgoing message.Checked by AVG Free Edition.Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
RE: [ActiveDir] Help with VB script to map printers
Quite. And, when I change the script for a server\printer on my network, it works. The only difference is that I don't have any printer shares with spaces. Not sure if it would be a big deal. Along with what Rich said, if you write scripts in Word, opposed to Notepad, the " character is not translated correctly. Word may use the 66 99 looking ones, depending on your font, I guess. If you haven't, try to copy it to Notepad and edit it there. May also try creating a test printer share with no spaces, see if that helps. Thanks, JD Northrop Grumman Information Technology Commercial, State Local Solutions 512-377-x235 Alphapage 866-521-6091 E-Page [EMAIL PROTECTED] From: AD [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 07, 2005 1:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Help with _vbscript_ to map printers Actually both are valid. From: WILLIAMS, J.D. Sent: Wed 07/12/2005 2:31 PM To: 'ActiveDir@mail.activedir.org' Cc: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Help with _vbscript_ to map printers My wsh book shows the command to be .AddPrinterConnection not .AddWindowsPrinterConnection HTH Thanks, JD Northrop Grumman Information Technology Commercial, State Local Solutions 512-377-x235 Alphapage 866-521-6091 E-Page [EMAIL PROTECTED] From: Noah Eiger [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 07, 2005 1:10 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Help with _vbscript_ to map printers Hi - I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
RE: [ActiveDir] Help with VB script to map printers
Thanks to all for suggestions. I pasted the path directly into the run line as Paul suggested. This worked fine and brought up the printer immediately. I then made the Chr(34) change as Rich suggested. When I did this, it told me the printer name was wrong. If I add an echo as below, the result is 0. UNCpath1 = \\server.abc.private\ Chr(34) HP Color LaserJet 3500 Chr(34) Wscript.Echo UNCpath1 Hmmm. From: Rich Milburn [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 07, 2005 12:17 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Help with _vbscript_ to map printers Try using Chr(34) instead of quotes for your paths i.e. UNCpath1 = \\server.abc.private\ Chr(34) HP Color LaserJet 3500 Chr(34) Chr(34) is how you get quotes into a string at least its the only way Ive ever gotten to work my WSH doesnt seem to like the double quotes I see some people use sometimes (i.e. MsgBox I said, Hello. would always give me an error. MsgBox I said, chr(34) Hello. Chr(34) works) Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Sent: Wednesday, December 07, 2005 1:10 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Help with _vbscript_ to map printers Hi I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005 -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
Re: [ActiveDir] Netware 5, 2000 AD, and Exchange 5.5 to 2003
Danny wrote: Netware 5 with 2000 AD and Exchange 5.5 will all be migrated to 2003. Anyone have experience with this - any tips/suggestions? Check out this document: Solution for Migrating File, Print, and Directory Services from Novell NetWare to Windows Server 2003 http://www.microsoft.com/downloads/details.aspx?familyid=19be5289-37a8-469c-b03a-70a189e8314fdisplaylang=en -- Tomasz Onyszko http://www.w2k.pl List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Netware 5, 2000 AD, and Exchange 5.5 to 2003
http://www.microsoft.com/downloads/details.aspx?familyid=19be5289-37a8-469c-b03a-70a189e8314fdisplaylang=en http://www.microsoft.com/downloads/details.aspx?familyid=19be5289-37a8-469c-b03a-70a189e8314fdisplaylang=en A guide for IT Professionals on the process and tools needed to migrate file, print, and directory services to a Microsoft Windows Server from a Novell Netware platform. Danny wrote: On 12/7/05, Almeida Pinto, Jorge de [EMAIL PROTECTED] wrote: More than half a year ago I did a migration from Netware 5, NT4 and Exchange 5.5 to Windows/Exchange 2003. I remember posting information about it. I will dust off the archives, then. Thanks. [...] Another source you could use is the library from Quest. It contains 3 articles about migrating from Novell (http://wm.quest.com/library/) Checking it out. I assume Netware 5 is used for file and print services and AD is used as the primary authentication system. Right? File, Print, and user login - with some type of syncronizcation between the two directories so that Exchange and Outlook works. Thanks, ...D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Help with VB script to map printers
You shouldn't need the extra quotes in the printer name/path. The value of the variable is passed in its entirety, it doesn't get truncated because it contains spaces. Someone else already recommended trying to connect to the printer from the Run line, I'll second that. -Andrew From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP]Sent: Wednesday, December 07, 2005 2:32 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Help with _vbscript_ to map printers This should work: UNCpath1 = "\\server.abc.private\"HP Color LaserJet 3500""" Ed Crowley MCSE+Internet MVPFreelance E-Mail PhilosopherProtecting the world from PSTs and Bricked Backups! From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich MilburnSent: Wednesday, December 07, 2005 12:17 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Help with _vbscript_ to map printers Try using Chr(34) instead of quotes for your paths i.e. UNCpath1 = "\\server.abc.private\" Chr(34) HP Color LaserJet 3500" Chr(34) Chr(34) is how you get quotes into a string at least its the only way Ive ever gotten to work my WSH doesnt seem to like the double quotes I see some people use sometimes (i.e. MsgBox I said, Hello. would always give me an error. MsgBox I said, chr(34) Hello. Chr(34) works) Rich ---Rich MilburnMCSE, Microsoft MVP - Directory ServicesSr Network Analyst, Field Platform DevelopmentApplebee's International, Inc.4551 W. 107th StOverland Park, KS 66207913-967-2819--I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah EigerSent: Wednesday, December 07, 2005 1:10 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Help with _vbscript_ to map printers Hi I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = "\\server.abc.private\HP Color LaserJet 3500" UNCpath2 = "\\server.abc.private\HP LaserJet 3300" UNCpath2 = "\\server.abc.private\HP LaserJet 5000" Set multiPrinter = CreateObject("WScript.Network") multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo "Your printer is mapped from : " UNCpath1 _ ' "and from : " UNCpath2 WScript.Quit ' End of _vbscript_ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. --No virus found in this outgoing message.Checked by AVG Free Edition.Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005 smime.p7s Description: S/MIME cryptographic signature
[ActiveDir] logon scripts
What happends if you have 2 differentlogon scripts for users- one in the legacy location and one in a domain GPO? how do they execute? does one start sooner? are there any issues with doing things this way for a short time period? Both scripts do completley different things. Thanks
Re: [ActiveDir] Help with VB script to map printers
Try multiPrinter.AddWindowsPrinterConnection \\server.abc.private\HP Color LaserJet 3500etc.Rewrite it all out in a basic text editor like notepad to ensure you aren't getting some hidden character junk. Btw, I've confirmed in one of my login scripts that has the same line, and it works with a printer share that has spaces. No need for extra quotes.On 12/7/05, Noah Eiger [EMAIL PROTECTED] wrote: Hi – I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005 -- Paul Wilkinson[EMAIL PROTECTED]
[ActiveDir] DNS Question
As I am getting ready to migrate a number of zones from a QIP DNS server to a Microsoft DNS server, I have a concern about giving support folks access to the DNS MMC. Some folks just need to be able to use the MMC to troubleshoot, so I thought I would give them Read Only access to DNS. I see dhcp and wins users (view only) but I do not see the same thing for DNS. I created a test user in the domain, I tried to start the DNS mmc and it told me that access was denied. I then went to the DNS server object and gave the user list and read access to the objects. To my surprise the test userid was able to add or delete DNS records in the AD DNS zone. It probably should not be a surprise since the zone is AD integrated and set to secure updates. I take it this means that as long as a user is a member of the domain, they CAN create and delete resource records in DNS. I take it all I did was expose the UI by giving the user read access to the objects. How do you mitigate this? Thanks Johnny Figueroa Enterprise Network Consultant/Integrator Network Services Banner Health Voice (602) 495-4195 Fax (602) 495-4406 WARNING: This message, and any attachments, are intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged, confidential and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or employee/agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of the communication is strictly prohibited. If you receive this communication in error, please notify us immediately List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] logon scripts
Tom- Its not a problem to do this. Both will end up running at roughly the same time (independent of one another) and by default will run asynchronous to the Explorer shell being up and available (i.e. before the user sees their desktop). So, just make that you are not relying on one script completing before the other runs. Darren From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom KernSent: Wednesday, December 07, 2005 12:58 PMTo: activedirectorySubject: [ActiveDir] logon scripts What happends if you have 2 differentlogon scripts for users- one in the legacy location and one in a domain GPO? how do they execute? does one start sooner? are there any issues with doing things this way for a short time period? Both scripts do completley different things. Thanks
RE: [ActiveDir] Help with VB script to map printers
Ok. The problem appears to be that I was testing it on the machine that held the shares. I was under the (mistaken) impression that you could map a network printer on the machine that is sharing that printer just as you can do with file shares. Guess not. When I tried it (finally) from a workstation, the original script ran correctly. This process has led me to other questions: - So far, all of these printers have the default Windows drivers. What if I try to automate the install of a new printer or want to specify a different driver? - If the printer is already installed, the script appears to leave it alone. Is it actually leaving it alone or is it just writing over it? If someone has made a change to the printer under their profile, will that get wiped away? Thanks again for all the help. -- nme From: Paul Wilkinson [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 07, 2005 1:42 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Help with _vbscript_ to map printers Try multiPrinter.AddWindowsPrinterConnection \\server.abc.private\HP Color LaserJet 3500 etc. Rewrite it all out in a basic text editor like notepad to ensure you aren't getting some hidden character junk. Btw, I've confirmed in one of my login scripts that has the same line, and it works with a printer share that has spaces. No need for extra quotes. On 12/7/05, Noah Eiger [EMAIL PROTECTED] wrote: Hi I am trying to modify a VBS found on the Internet to map multiple printers. This will be run for every user in an OU. I keep getting the following error for line 8: 8007007B - The filename, directory name or volume syntax is incorrect I have played around with the syntax but think I am missing something very basic here. Any thoughts? I got this from: http://www.computerperformance.co.uk/ezine/ezine16.htm#Example%203:%20Mapping%20Multiple%20Printers ' Poached from Guy Thomas February 2004. ' ** Dim multiPrinter, UNCpath1, UNCpath2, UNCpath3 UNCpath1 = \\server.abc.private\HP Color LaserJet 3500 UNCpath2 = \\server.abc.private\HP LaserJet 3300 UNCpath2 = \\server.abc.private\HP LaserJet 5000 Set multiPrinter = CreateObject(WScript.Network) multiPrinter.AddWindowsPrinterConnection UNCpath1 multiPrinter.AddWindowsPrinterConnection UNCpath2 multiPrinter.AddWindowsPrinterConnection UNCpath3 ' WScript.Echo Your printer is mapped from : UNCpath1 _ ' and from : UNCpath2 WScript.Quit ' End of _vbscript_ -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005 -- Paul Wilkinson [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.371 / Virus Database: 267.13.12/194 - Release Date: 12/7/2005
RE: [ActiveDir] Ntds.dit file corruption
Replication is at an attribute level and the corruption is usually a bit flip - whichisn't replicated. The data itself (a table or an index) is checked and if found to be invalid, I *believe* (joe, ~Eric, brettsh) is marked as such and is no longer replicated. -r --Posting is provided "AS IS", and confers no rights or warranties ... From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]Sent: Tuesday, December 06, 2005 2:49 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Ntds.dit file corruption Is this guaranteed? How can we/you be sure that the system will recognise the corruptions and therefore not replicate them? Surely this is akin to the new feature added to e2k3 sp1, but which is (sadly) missing from AD(?) I must be missing a subtle point - please show me the light :) neil From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve LinehanSent: 05 December 2005 19:26To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Ntds.dit file corruption We do not replicate corruption so if you have local corruption as noted below there is no worry that it would replicate around to other servers in the environment. Thanks, -Steve From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Phil RenoufSent: Monday, December 05, 2005 1:04 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Ntds.dit file corruption Will Read Only DC's take care of this? I don't know much about them yet, but it makes sense that if the copy of the dit that a DC has is RO that it won't try to replicate that anywhere and would only be the recipient of replication. Anyone with more knowledge about how RO DC's will work to comment on that? Phil On 12/5/05, Medeiros, Jose [EMAIL PROTECTED] wrote: Well at least the corruption occurred on just a single DC. One thing that has bugged me about Active Directory is not being able to select if you want a DC in a remote office to not have the ability to replicate back in a large enterprise environment. Since most remote offices only have a few people at the location and a DC is usually placed for improvised logon and authentication time, many companies will either use a very low end server or a very old decommissioned one from their production data center ( Which is probably close to useable life ). I am always concerned that once the NTDS.DIT file becomes corrupt it will replicate the corruption to the other DC's in the Forrest.Maybe I am just being a worry wort and this really is not an issue.Sincerely,Jose MedeirosADP | National Account Services ProBusiness Division | Information Services925.737.7967 | 408-449-6621 CELL-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Susan Bradley,CPA aka Ebitz - SBS Rocks [MVP]Sent: Monday, December 05, 2005 8:53 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Ntds.dit file corruptionI did? :-)I think I still said all I know is what the poster said:-)I think I need a course in event log reading because even with the logs, and the default size of the logs, I still don't see a smoking gun.Thedirectory services one is filled with events 'post' blow up.What is interesting is that it seems to me big server land goes .. ohyeah... ntds.dit corruption... and sbsland freaks out.Either we doindeed need to ensure we have a secondary DC or we need to park a secondcopy of a system state offsite [say at the vap/var]Brett Shirley wrote: She replied offline, very likely a single bit flip, tragedy, they aren't one release later (Longhorn), where this would've probably been non-disruptively handled, logged, and possibly self-healed: http://blogs.technet.com/efleis/archive/2005/01.aspx Anyway, this kind of thing is usually hardware ... While there are much better disk sub-system testers, one that is freely available to any box with Exchange is jetstress.You might give that a try.If you can reproduce the event / error with jetstress I would not use that box in production. If you do reproduce the issue several times (several times is key, as you want a trend before you start playing the variable game), some things you might vary (one at a time):- Try making sure you have the latest driver and motherboard / controller firmware.Then see if you can reproduce. - Try a different RAID configuration, such as RAID1/RAID1+0 if you're on RAID5.- Try swapping out the hard drives, one at a time.- Adding the jetstress files to the exclude list in the Anti-Virus software. (A low probablility, I've never heard of Anit-Virus causing this paticular type of error, and I can't imagine the mistake an anti-virus product would have to have to cause this side effect) - If you can reproduce it several times, you could followup with Dell. Good luck. I'm not sure if I answered your question ...
[ActiveDir] Listserv software with Active Directory intergration
Group, Does anyone know of a piece of software for creating / maintaining listserv(s) that integrates with Active Directory and/or Sharepoint? Management wants to createcollaboration between departments and other groups, internally, for issues or discussions. They looked at the Sharepoint collab, but it was not robust enough for them. Any thoughts? Thanks S
RE: [ActiveDir] Help with VB script to map printers
--- Original Message --- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Thursday, 8 December 2005 7:17 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Help with VB script to map printers : my WSH doesn't seem to like the double quotes I see some people : use sometimes (i.e. MsgBox I said, Hello. would always give me an error. You'd get an unterminated string constant error if you ran that code snippet :-) MsgBox I said, Hello. would work Cheers Ken List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] VBScript help(OT)
I have this _vbscript_ i wrote/stole tomove all files with an .eml extension from many subdirs into a folder only if the folder is empty and only to move 999 at a time. it works great except when it sees files with duplicate names it bombs out while moving them. i'd like it to rename the dup(maybe add some random #'s or characters to the end) and continune movingall thefiles. I think I have to use FileExists method and Select...Case but I'm not sure how. Was wondering if anyone could help me with this. Here is the code- source=H:\tempxtendertarget=c:\inetpub\mailroot\drop\ Set fso = CreateObject(Scripting.FileSystemObject)set root=fso.getFolder(source)set targ=fso.getFolder(target) dim full doif targ.files.count=0 then full=falseif full=false then call folderlist(root)wscript.sleep 1000loop sub folderlist(grp)call filelist(grp)if full then exit subfor each fldr in grp.subFolders set nf=fso.GetFolder(fldr.path) call folderlist(nf) set nf=nothingnextend sub sub filelist(grp)for each file in grp.files if targ.files.count=999 then full=true:exit for if lcase(fso.getextensionname) = eml then file.move targetnextend sub My aologies for bugging you guys with this OT. Thanks
[ActiveDir] Bit OT: ports needed to authenticate
Hi, Can someone tell me the ports that I need to open for a server behind a firewall to authenticate to the DCs. It's a secured space but it need to be on another interface of a PIX (call it secure DMZ if you want). I know that it's not the best configuration, but I need to make it work. Thanks! List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Bit OT: ports needed to authenticate
Bruyere, Michel wrote: Hi, Can someone tell me the ports that I need to open for a server behind a firewall to authenticate to the DCs. It's a secured space but it need to be on another interface of a PIX (call it secure DMZ if you want). I know that it's not the best configuration, but I need to make it work. This document should be helpful: http://www.microsoft.com/downloads/details.aspx?FamilyID=c2ef3846-43f0-4caf-9767-a9166368434eDisplayLang=en -- Tomasz Onyszko http://www.w2k.pl List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Ntds.dit file corruption
I've been informed that I'm wrong on this. Please ignore, and listen to joe/~Eric/Dean/Brett/Anyone else. Cheers! -r --Posting is provided "AS IS", and confers no rights or warranties ... From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick KingslanSent: Wednesday, December 07, 2005 5:19 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Ntds.dit file corruption Replication is at an attribute level and the corruption is usually a bit flip - whichisn't replicated. The data itself (a table or an index) is checked and if found to be invalid, I *believe* (joe, ~Eric, brettsh) is marked as such and is no longer replicated. -r --Posting is provided "AS IS", and confers no rights or warranties ... From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]Sent: Tuesday, December 06, 2005 2:49 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Ntds.dit file corruption Is this guaranteed? How can we/you be sure that the system will recognise the corruptions and therefore not replicate them? Surely this is akin to the new feature added to e2k3 sp1, but which is (sadly) missing from AD(?) I must be missing a subtle point - please show me the light :) neil From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve LinehanSent: 05 December 2005 19:26To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Ntds.dit file corruption We do not replicate corruption so if you have local corruption as noted below there is no worry that it would replicate around to other servers in the environment. Thanks, -Steve From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Phil RenoufSent: Monday, December 05, 2005 1:04 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Ntds.dit file corruption Will Read Only DC's take care of this? I don't know much about them yet, but it makes sense that if the copy of the dit that a DC has is RO that it won't try to replicate that anywhere and would only be the recipient of replication. Anyone with more knowledge about how RO DC's will work to comment on that? Phil On 12/5/05, Medeiros, Jose [EMAIL PROTECTED] wrote: Well at least the corruption occurred on just a single DC. One thing that has bugged me about Active Directory is not being able to select if you want a DC in a remote office to not have the ability to replicate back in a large enterprise environment. Since most remote offices only have a few people at the location and a DC is usually placed for improvised logon and authentication time, many companies will either use a very low end server or a very old decommissioned one from their production data center ( Which is probably close to useable life ). I am always concerned that once the NTDS.DIT file becomes corrupt it will replicate the corruption to the other DC's in the Forrest.Maybe I am just being a worry wort and this really is not an issue.Sincerely,Jose MedeirosADP | National Account Services ProBusiness Division | Information Services925.737.7967 | 408-449-6621 CELL-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Susan Bradley,CPA aka Ebitz - SBS Rocks [MVP]Sent: Monday, December 05, 2005 8:53 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Ntds.dit file corruptionI did? :-)I think I still said all I know is what the poster said:-)I think I need a course in event log reading because even with the logs, and the default size of the logs, I still don't see a smoking gun.Thedirectory services one is filled with events 'post' blow up.What is interesting is that it seems to me big server land goes .. ohyeah... ntds.dit corruption... and sbsland freaks out.Either we doindeed need to ensure we have a secondary DC or we need to park a secondcopy of a system state offsite [say at the vap/var]Brett Shirley wrote: She replied offline, very likely a single bit flip, tragedy, they aren't one release later (Longhorn), where this would've probably been non-disruptively handled, logged, and possibly self-healed: http://blogs.technet.com/efleis/archive/2005/01.aspx Anyway, this kind of thing is usually hardware ... While there are much better disk sub-system testers, one that is freely available to any box with Exchange is jetstress.You might give that a try.If you can reproduce the event / error with jetstress I would not use that box in production. If you do reproduce the issue several times (several times is key, as you want a trend before you start playing the variable game), some things you might vary (one at a time):- Try making sure you have the latest driver and motherboard / controller firmware.Then see if you can reproduce. - Try a different RAID configuration, such as RAID1/RAID1+0 if you're on RAID5.- Try swapping out the hard drives, one at a time.- Adding the
RE: [ActiveDir] VBScript help(OT)
I dont see the need for a select case, but File.Exists would help. What I would do is something like this Dim moveName moveName = CurrentNameOfFile While TargetFolder.FileExists(currentNameofFile) currentNameOfFile = currentNameofFile + Cstr(Int(Rnd * 1)) Wend moveTheFile() Rnd*1000 will get you some random # 0 1000 int makes it an integer and cstr makes it a string. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Wednesday, December 07, 2005 7:01 PM To: activedirectory Subject: [ActiveDir] _vbscript_ help(OT) I have this _vbscript_ i wrote/stole tomove all files with an .eml extension from many subdirs into a folder only if the folder is empty and only to move 999 at a time. it works great except when it sees files with duplicate names it bombs out while moving them. i'd like it to rename the dup(maybe add some random #'s or characters to the end) and continune movingall thefiles. I think I have to use FileExists method and Select...Case but I'm not sure how. Was wondering if anyone could help me with this. Here is the code- source=H:\tempxtender target=c:\inetpub\mailroot\drop\ Set fso = CreateObject(Scripting.FileSystemObject) set root=fso.getFolder(source) set targ=fso.getFolder(target) dim full do if targ.files.count=0 then full=false if full=false then call folderlist(root) wscript.sleep 1000 loop sub folderlist(grp) call filelist(grp) if full then exit sub for each fldr in grp.subFolders set nf=fso.GetFolder(fldr.path) call folderlist(nf) set nf=nothing next end sub sub filelist(grp) for each file in grp.files if targ.files.count=999 then full=true:exit for if lcase(fso.getextensionname) = eml then file.move target next end sub My aologies for bugging you guys with this OT. Thanks
RE: [ActiveDir] logon scripts
We had this happen by accident for a short time. The old logon script specied in the user account properties was running as well as the desired logon script, which we tie to AD Sites. Both were running, and if I remember right the drive mappings in the legacy script were winning - which would mean that it was running after the script that was triggered by group policy. I don't think there is any harm provided there aren't conflicting drive mappings or other settings where script timing would need to be verified and accounted for. Jeff From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom KernSent: Wednesday, December 07, 2005 12:58 PMTo: activedirectorySubject: [ActiveDir] logon scripts What happends if you have 2 differentlogon scripts for users- one in the legacy location and one in a domain GPO? how do they execute? does one start sooner? are there any issues with doing things this way for a short time period? Both scripts do completley different things. Thanks ConfidentialThis e-mail and any files transmitted with it are the propertyof Belkin Corporation and/or its affiliates, are confidential,and are intended solely for the use of the individual orentity to whom this e-mail is addressed. If you are not oneof the named recipients or otherwise have reason to believethat you have received this e-mail in error, please notify thesender and delete this message immediately from your computer.Any other use, retention, dissemination, forwarding, printingor copying of this e-mail is strictly prohibited.
Re: [ActiveDir] VBScript help(OT)
Thanks. My real problem is, I'm not sure where to put that in my exisiting script without screwing things up Should that be a seperate sub? Thanks again On 12/7/05, Brian Desmond [EMAIL PROTECTED] wrote: I don't see the need for a select case, but File.Exists would help. What I would do is something like this Dim moveName moveName = CurrentNameOfFile While TargetFolder.FileExists(currentNameofFile) currentNameOfFile = currentNameofFile + Cstr(Int(Rnd * 1)) Wend 'moveTheFile() Rnd*1000 will get you some random # 0 – 1000 int makes it an integer and cstr makes it a string. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tom KernSent: Wednesday, December 07, 2005 7:01 PMTo: activedirectory Subject: [ActiveDir] _vbscript_ help(OT) I have this _vbscript_ i wrote/stole tomove all files with an .eml extension from many subdirs into a folder only if the folder is empty and only to move 999 at a time. it works great except when it sees files with duplicate names it bombs out while moving them. i'd like it to rename the dup(maybe add some random #'s or characters to the end) and continune movingall thefiles. I think I have to use FileExists method and Select...Case but I'm not sure how. Was wondering if anyone could help me with this. Here is the code- source=H:\tempxtendertarget=c:\inetpub\mailroot\drop\ Set fso = CreateObject(Scripting.FileSystemObject)set root=fso.getFolder(source)set targ=fso.getFolder(target) dim full doif targ.files.count=0 then full=falseif full=false then call folderlist(root)wscript.sleep 1000loop sub folderlist(grp)call filelist(grp)if full then exit subfor each fldr in grp.subFolders set nf=fso.GetFolder(fldr.path) call folderlist(nf) set nf=nothingnextend sub sub filelist(grp)for each file in grp.files if targ.files.count=999 then full=true:exit for if lcase(fso.getextensionname) = eml then file.move targetnextend sub My aologies for bugging you guys with this OT. Thanks
Re: [ActiveDir] logon scripts
The 2nd script reads a value from HKCU\Software and writes it to file I need to read a value from it but I can only access it when the current user is logged on. I don't know how else to gain access to that key since i don't know the user's sid, so i put it into a user logon script via GPO so i can read it when the user logs on and that key is loaded. should i run scripts sycncronously to get this key or is there a way to read it without the user logged on? thanks On12/7/05, Jeff Salisbury [EMAIL PROTECTED] wrote: We had this happen by accident for a short time. The old logon script specied in the user account properties was running as well as the desired logon script, which we tie to AD Sites. Both were running, and if I remember right the drive mappings in the legacy script were winning - which would mean that it was running after the script that was triggered by group policy. I don't think there is any harm provided there aren't conflicting drive mappings or other settings where script timing would need to be verified and accounted for. Jeff From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom KernSent: Wednesday, December 07, 2005 12:58 PMTo: activedirectorySubject: [ActiveDir] logon scripts What happends if you have 2 differentlogon scripts for users- one in the legacy location and one in a domain GPO? how do they execute? does one start sooner? are there any issues with doing things this way for a short time period? Both scripts do completley different things. Thanks ConfidentialThis e-mail and any files transmitted with it are the propertyof Belkin Corporation and/or its affiliates, are confidential,and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not oneof the named recipients or otherwise have reason to believethat you have received this e-mail in error, please notify thesender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printingor copying of this e-mail is strictly prohibited.
RE: [ActiveDir] Listserv software with Active Directory intergration
Here are the ones I've heard of. Build your own: http://www.ftponline.com/wss/2002_04/magazine/columns/maximumexchange/ Exchange-based products: http://www.ikakura.com/ http://www.gfi.com/mes/ (More than just a list server) Ed Crowley MCSE+Internet MVPFreelance E-Mail PhilosopherProtecting the world from PSTs and Bricked Backups! From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve ShaffSent: Wednesday, December 07, 2005 3:33 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Listserv software with Active Directory intergration Group, Does anyone know of a piece of software for creating / maintaining listserv(s) that integrates with Active Directory and/or Sharepoint? Management wants to createcollaboration between departments and other groups, internally, for issues or discussions. They looked at the Sharepoint collab, but it was not robust enough for them. Any thoughts? ThanksS
RE: [ActiveDir] VBScript help(OT)
if lcase(fso.getextensionname) = eml then Pseudo code from me End if Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Wednesday, December 07, 2005 7:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] _vbscript_ help(OT) I dont see the need for a select case, but File.Exists would help. What I would do is something like this Dim moveName moveName = CurrentNameOfFile While TargetFolder.FileExists(currentNameofFile) currentNameOfFile = currentNameofFile + Cstr(Int(Rnd * 1)) Wend moveTheFile() Rnd*1000 will get you some random # 0 1000 int makes it an integer and cstr makes it a string. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Wednesday, December 07, 2005 7:01 PM To: activedirectory Subject: [ActiveDir] _vbscript_ help(OT) I have this _vbscript_ i wrote/stole tomove all files with an .eml extension from many subdirs into a folder only if the folder is empty and only to move 999 at a time. it works great except when it sees files with duplicate names it bombs out while moving them. i'd like it to rename the dup(maybe add some random #'s or characters to the end) and continune movingall thefiles. I think I have to use FileExists method and Select...Case but I'm not sure how. Was wondering if anyone could help me with this. Here is the code- source=H:\tempxtender target=c:\inetpub\mailroot\drop\ Set fso = CreateObject(Scripting.FileSystemObject) set root=fso.getFolder(source) set targ=fso.getFolder(target) dim full do if targ.files.count=0 then full=false if full=false then call folderlist(root) wscript.sleep 1000 loop sub folderlist(grp) call filelist(grp) if full then exit sub for each fldr in grp.subFolders set nf=fso.GetFolder(fldr.path) call folderlist(nf) set nf=nothing next end sub sub filelist(grp) for each file in grp.files if targ.files.count=999 then full=true:exit for if lcase(fso.getextensionname) = eml then file.move target next end sub My aologies for bugging you guys with this OT. Thanks
RE: [ActiveDir] VBScript help(OT)
At the moment you have this line which does the copy: if lcase(fso.getextensionname) = eml then file.move target So, instead of doing the copy, check to see if the file exists at the target, and if not do the copy. If it does exist, rename the file at the source, then do the copy. If LCase(FSO.getExtensionName) = eml Then If objTarg.FileExists(strSourceFileName) Then ' Rename Source File End If ' Now do the copy End If Cheers Ken From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Thursday, 8 December 2005 12:00 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] VBScript help(OT) Thanks. My real problem is, I'm not sure where to put that in my exisiting script without screwing things up Should that be a seperate sub? Thanks again On 12/7/05, Brian Desmond [EMAIL PROTECTED] wrote: I don't see the need for a select case, but File.Exists would help. What I would do is something like this Dim moveName moveName = CurrentNameOfFile While TargetFolder.FileExists(currentNameofFile) currentNameOfFile = currentNameofFile + Cstr(Int(Rnd * 1)) Wend 'moveTheFile() Rnd*1000 will get you some random # 0 - 1000 int makes it an integer and cstr makes it a string. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Wednesday, December 07, 2005 7:01 PM To: activedirectory Subject: [ActiveDir] VBScript help(OT) I have this VBScript i wrote/stole to move all files with an .eml extension from many subdirs into a folder only if the folder is empty and only to move 999 at a time. it works great except when it sees files with duplicate names it bombs out while moving them. i'd like it to rename the dup(maybe add some random #'s or characters to the end) and continune moving all the files. I think I have to use FileExists method and Select...Case but I'm not sure how. Was wondering if anyone could help me with this. Here is the code- source=H:\tempxtender target=c:\inetpub\mailroot\drop\ Set fso = CreateObject(Scripting.FileSystemObject) set root=fso.getFolder(source) set targ=fso.getFolder(target) dim full do if targ.files.count=0 then full=false if full=false then call folderlist(root) wscript.sleep 1000 loop sub folderlist(grp) call filelist(grp) if full then exit sub for each fldr in grp.subFolders set nf=fso.GetFolder(fldr.path) call folderlist(nf) set nf=nothing next end sub sub filelist(grp) for each file in grp.files if targ.files.count=999 then full=true:exit for if lcase(fso.getextensionname) = eml then file.move target next end sub My aologies for bugging you guys with this OT. Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] VBScript help(OT)
Oops, I guess i didn't check my code. before i made any changes, i get Wrong number of arguments or invalid propery assignment:'fso.getextensionname'. sorry. I wonder why that is? On 12/7/05, Ken Schaefer [EMAIL PROTECTED] wrote: At the moment you have this line which does the copy:if lcase(fso.getextensionname) = eml then file.move targetSo, instead of doing the copy, check to see if the file exists at the target,and if not do the copy. If it does exist, rename the file at the source, thendo the copy.If LCase(FSO.getExtensionName ) = eml Then If objTarg.FileExists(strSourceFileName) Then ' Rename Source File End If ' Now do the copyEnd IfCheersKen From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED] ] On Behalf Of Tom KernSent: Thursday, 8 December 2005 12:00 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] _vbscript_ help(OT)Thanks. My real problem is, I'm not sure where to put that in my exisiting scriptwithout screwing things upShould that be a seperate sub?Thanks againOn 12/7/05, Brian Desmond [EMAIL PROTECTED] wrote:I don't see the need for a select case, but File.Exists would help.What I would do is something like thisDim moveNamemoveName = CurrentNameOfFileWhile TargetFolder.FileExists (currentNameofFile)currentNameOfFile = currentNameofFile + Cstr(Int(Rnd * 1))Wend'moveTheFile()Rnd*1000 will get you some random # 0 - 1000 int makes it an integer and cstrmakes it a string. Thanks,Brian Desmond[EMAIL PROTECTED]c - 312.731.3132From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]] On Behalf Of Tom KernSent: Wednesday, December 07, 2005 7:01 PMTo: activedirectory Subject: [ActiveDir] _vbscript_ help(OT)I have this _vbscript_ i wrote/stole tomove all files with an .eml extensionfrom many subdirs into a folder only if the folder is empty and only to move999 at a time. it works great except when it sees files with duplicate names it bombs outwhile moving them.i'd like it to rename the dup(maybe add some random #'s or characters to theend) and continune movingall thefiles. I think I have to use FileExists method and Select...Case but I'm notsure how.Was wondering if anyone could help me with this.Here is the code-source=H:\tempxtender target=c:\inetpub\mailroot\drop\Set fso = CreateObject(Scripting.FileSystemObject)set root=fso.getFolder(source)set targ=fso.getFolder(target)dim fulldoif targ.files.count=0 then full=falseif full=false then call folderlist(root)wscript.sleep 1000loopsub folderlist(grp)call filelist(grp)if full then exit subfor each fldr in grp.subFoldersset nf=fso.GetFolder(fldr.path )call folderlist(nf)set nf=nothingnextend subsub filelist(grp)for each file in grp.filesif targ.files.count=999 then full=true:exit forif lcase(fso.getextensionname) = eml then file.move targetnextend subMy aologies for bugging you guys with this OT.ThanksList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] DMZ domains and IPSec - looking for explanation re resource access and authentication
Title: DMZ domains and IPSec - looking for explanation re resource access and authentication Hi all, I'm looking for an explanation this is a bit of a complicated scenario but I'll try to be succinct. Whilst I have a fair bit of AD experience, I'm not the AD administrator at my current place of work. The AD administrators are not forthcoming with information, hence my post here. We have a corporate network with a Windows 2003 forest (mixed-mode) with multiple domains. We also have a DMZ, in which there is a separate Windows 2003 forest with a single domain. There is an IPSec policy set up between domain controllers in the DMZ domain and domain controllers in one of the domains in the corporate forest (I'll call it the internal domain). There is a one-way trust, the DMZ domain trusts the internal domain. Our aim is to provide access to resources in the DMZ domain, by using accounts in the internal domain. My role includes managing Member Servers. We built a server in the internal domain, added some groups from that domain into the Administrators group, then physically moved it to the DMZ. Then, the names in the Administrators group would no longer resolve (since it is still a member of the internal domain, but physically disconnected from it). Next, we made the server a member of the DMZ domain, and the names now resolve. So, it seems the Member Server is talking to the DMZ DC which is querying the internal DC to resolve the name. What we cannot do, is log onto the Member Server in the DMZ and add an account from the internal domain. The reasoning we are given is that the IPSec policy and trust is between DCs only, and not the Member Server. If the DMZ Domain Admin logs onto the DMZ DC, then makes a Computer Management connection to the Member Server, then groups from the internal domain can be added to the Member Server. Can anyone explain to me why this is so? I don't understand why resolving names is different to adding a user, it seems to me the same authentication path is followed. Thanks in advance Sakti **This message is intended for the addressee named and may containprivileged information or confidential information or both. If youare not the intended recipient please delete it and notify the sender.**
[ActiveDir] What to do with FSMO's
Brian Puhl's Weblog : What to do with FSMO roles...: http://blogs.technet.com/bpuhl/archive/2005/12/07/415761.aspx -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] logon scripts
Yes, your best bet is probably to set that GP logon script to run synchronously, which gives you a better chance of being able to read out of HKCU after its loaded. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom KernSent: Wednesday, December 07, 2005 5:35 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] logon scripts The 2nd script reads a value from HKCU\Software and writes it to file I need to read a value from it but I can only access it when the current user is logged on. I don't know how else to gain access to that key since i don't know the user's sid, so i put it into a user logon script via GPO so i can read it when the user logs on and that key is loaded. should i run scripts sycncronously to get this key or is there a way to read it without the user logged on? thanks On12/7/05, Jeff Salisbury [EMAIL PROTECTED] wrote: We had this happen by accident for a short time. The old logon script specied in the user account properties was running as well as the desired logon script, which we tie to AD Sites. Both were running, and if I remember right the drive mappings in the legacy script were winning - which would mean that it was running after the script that was triggered by group policy. I don't think there is any harm provided there aren't conflicting drive mappings or other settings where script timing would need to be verified and accounted for. Jeff From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom KernSent: Wednesday, December 07, 2005 12:58 PMTo: activedirectorySubject: [ActiveDir] logon scripts What happends if you have 2 differentlogon scripts for users- one in the legacy location and one in a domain GPO? how do they execute? does one start sooner? are there any issues with doing things this way for a short time period? Both scripts do completley different things. Thanks ConfidentialThis e-mail and any files transmitted with it are the propertyof Belkin Corporation and/or its affiliates, are confidential,and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not oneof the named recipients or otherwise have reason to believethat you have received this e-mail in error, please notify thesender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printingor copying of this e-mail is strictly prohibited.