RE: [ActiveDir] GPO refresh interval
Sorry I should have been more specific. The "group policy refresh interval for computers" setting in the Computer Configuration/Administrative Templates/System/Group Policy if configured at LSDOU levels for a computer or user, how is it used? Is the refresh value configured on each policy applicable to each individual GPO or is the net result value from LSDOU used? Thanks M@ Subject: RE: [ActiveDir] GPO refresh intervalDate: Mon, 9 Jan 2006 11:55:43 -0800From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org Not sure I understand the question. Each system will apply GP at an interval dependent upon its role. For DCs its every 5 minutes. For member servers and workstations its every 90 min plus a +-30 minute randomizer. For a given system, the next processing interval is determined when processing occurs, and you can see this in the userenv.log on a given system. Did I miss the question? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matheesha WeerasingheSent: Monday, January 09, 2006 11:40 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] GPO refresh interval Hi I had a quick query about GPO refresh interval. Is this an aggregate of all values which apply to Computer/User or is it applicable per GPO it was configured for? I am pretty sure its the former but I'd like it clarified. thanks M@ Express yourself instantly with MSN Messenger! MSN Messenger Express yourself instantly with MSN Messenger! MSN Messenger
[ActiveDir] Spoofed emails
Title: Rights needed for joining devices under reduced permission sets Dear list, For the past couple of weeks, a few staff members were receiving emails with the 'Subject', 'From', and 'To' fields being blank. It was not taken too seriously until I received such an email. In the advent the zero-day exploits such as the WMF, I realize what a big security problem this can be. Imagine if this email was sent last week with an image attached and upon viewing it, would run code taking advantage of the aforementioned exploit. Below is the actual email header with server names justwith type of server: Microsoft Mail Internet Headers Version 2.0 Received: corporate webmail server by Exchange server with Microsoft SMTPSVC(6.0.3790.1830); Sun, 8 Jan 2006 05:59:05 -0500 Received: from p101m059.symantecmail.net by webmail server with Microsoft SMTPSVC(6.0.3790.211); Sun, 8 Jan 2006 05:59:06 -0500 Received: from unknown [65.33.35.111] (HELO 111.35.33.65.cfl.res.rr.com) by p101m059.symantecmail.net (mxl_mta-2.9.0-24p5) with SMTP id 970f0c34.2568223664.41029.p101m059.symantecmail.net (envelope-from ); Sun, 08 Jan 2006 03:59:05 -0700 (MST) X-Spam: [F=0.50; BMI=0.500(none); SC=none] X-MAIL-FROM: X-SOURCE-IP: [65.33.35.111] From: Bcc: Return-Path: Message-ID: [EMAIL PROTECTED] webmail server X-OriginalArrivalTime: 08 Jan 2006 10:59:07.0229 (UTC) FILETIME=[8BC9C0D0:01C61442] Date: 8 Jan 2006 05:59:07 -0500 I was going to call the ISP to whom this address is registered to and notify them of email abuse generating from within their network but, I received another email from a different address (213.226.189.173) so I am thinking that the addresses are spoofed. Any helpin shedding light into this situationwould greatly be appreciated. -Nav
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7. In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem? Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Scripting Issue.
Hmmm SDO eh? Going further OT... I don't suppose you (or anyone else) has figured out how to check the PPTP box on XP (the box under Virtual Private Network on the Incoming Connections properties dialog)? I've figured out how to script netsh to configure RRAS almost completely, but I would rather have done it with vbscript. This is on workgroup (unfortunately) computers... but I could not figure out a way to enable PPTP with a script. I'll have to look into this SDO stuff... Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Monday, January 09, 2006 7:35 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Scripting Issue. Didn't like my answer in the Sunbelt group, eh? Server Data Objects are your portable way to do this, regardless of your domain mode (at least through Windows Server 2003). It wraps the MprAdminUserSetInfo and MprAdminUserGetInfo functions on both Windows 2000 and Windows 2003. For example, http://msdn.microsoft.com/library/en-us/sdo/sdo/changing_dial_in_setting s.asp I use SDO all over the place (unfortunately). Sub RasInfo (ByVal objWinNT, ByVal strServer, ByVal strName) Dim objWinUser Dim element, v, msg, str Dim objSDOMachine, objU Set objSDOMachine = CreateObject (IAS.SDOMachine) objSDOMachine.Attach (strServer) Set objWinUser = GetObject (WinNT:// strServer / strName ,user) Set objU = objSDOMachine.GetUserSDO (0, strName) msg = vbCrLf _ Name: objU.GetProperty (PROPERTY_SDO_NAME) vbCrLf _ Full name: objWinUser.Get (fullname) vbCrLf _ Description: objWinUser.Get (description) vbCrLf _ vbCrLf v = objU.getproperty (PROPERTY_USER_ALLOW_DIALIN) If IsEmpty (v) Then str = Control access through Remote Access Policy Else If v = True Then str = Allow access Else str = Deny access End If End If msg = msg Remote access permission: str vbcrlf Set v = Nothing ... ... ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Brown Sent: Monday, January 09, 2006 5:06 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Scripting Issue. I have a script that I run in an ASP page to list all RAS Users as a check to make sure that we don't have anyone with permissions that shouldn't have them. However, I'm finding now that we are migrating to W2k3 that this script doesn't work on 2k3. I read in a newsgroup that the RasPermissions in ADSI was removed due to security concerns. Is this correct? Is there another way to access this information via ADSI? Script is below Thanks, Erik Function ReportRasUsers() If DOM = Then DOM = corp strRasUsers=Table id= table1 cellspacing= 1 cellPadding= 1 width= 500 border= 1 strRasUsers=strRasUsers THUser Name/THTHFull Name/THTHRAS Type/TH Dim AccountObj,MachObj,PassAge,fs,fsOut,strRasUsers,strFN Set AccountObj = GetObject(WinNT://DOM) AccountObj.Filter = Array(User) For Each User In AccountObj Set UserObj = GetObject(WinNT:// DOM/ User.Name) Ras=UserObj.get(RasPermissions) strFN=UserObj.get(FullName) If Ras=9 Then strRasUsers=strRasUsers TRTD User.Name /TDTD strFN /TDTDNo Dial Back/TD/TR ElseIf Ras=10 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD bgcolor= Red strFN /TDTD bgcolor= Red Dial Back Enabled/TD/TR ElseIf Ras=12 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD bgcolor= Red strFN /TDTD bgcolor= Red Dial Back Enabled/TD/TR End If Next response.Write(strRasUsers) End Function List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is
RE: [ActiveDir] OT: DEC 2006
Ditto for me… My title doesn’t start with a C _ _ so I’m afraid to even ask for a paid trip to Vegas J --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- ”I love the smell of red herrings in the morning” - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose Medeiros Sent: Monday, January 09, 2006 1:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 I would love to go, unfortunately as most people on the list unless our employeers pay for it, we just can not afford to attend. Jose - Original Message - From: McLeod, Scotty To: ActiveDir@mail.activedir.org Sent: Monday, January 09, 2006 7:45 AM Subject: RE: [ActiveDir] OT: DEC 2006 Am attending again, looking forward to it. Scotty From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: 05 January 2006 22:17 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: DEC 2006 Of the list how many people are going to DEC this year? www.directoryexpertsconference.com Tomorrow is the last day for the early bird registrations if anyone wants to day some $£€’s. Mark This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system.
RE: [ActiveDir] OT: Scripting Issue.
Excellent! Thanks for all of the responses. Not sure how I missed all of that in my search... Erik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Monday, January 09, 2006 7:35 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Scripting Issue. Didn't like my answer in the Sunbelt group, eh? Server Data Objects are your portable way to do this, regardless of your domain mode (at least through Windows Server 2003). It wraps the MprAdminUserSetInfo and MprAdminUserGetInfo functions on both Windows 2000 and Windows 2003. For example, http://msdn.microsoft.com/library/en-us/sdo/sdo/changing_dial_in_setting s.asp I use SDO all over the place (unfortunately). Sub RasInfo (ByVal objWinNT, ByVal strServer, ByVal strName) Dim objWinUser Dim element, v, msg, str Dim objSDOMachine, objU Set objSDOMachine = CreateObject (IAS.SDOMachine) objSDOMachine.Attach (strServer) Set objWinUser = GetObject (WinNT:// strServer / strName ,user) Set objU = objSDOMachine.GetUserSDO (0, strName) msg = vbCrLf _ Name: objU.GetProperty (PROPERTY_SDO_NAME) vbCrLf _ Full name: objWinUser.Get (fullname) vbCrLf _ Description: objWinUser.Get (description) vbCrLf _ vbCrLf v = objU.getproperty (PROPERTY_USER_ALLOW_DIALIN) If IsEmpty (v) Then str = Control access through Remote Access Policy Else If v = True Then str = Allow access Else str = Deny access End If End If msg = msg Remote access permission: str vbcrlf Set v = Nothing ... ... ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Brown Sent: Monday, January 09, 2006 5:06 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Scripting Issue. I have a script that I run in an ASP page to list all RAS Users as a check to make sure that we don't have anyone with permissions that shouldn't have them. However, I'm finding now that we are migrating to W2k3 that this script doesn't work on 2k3. I read in a newsgroup that the RasPermissions in ADSI was removed due to security concerns. Is this correct? Is there another way to access this information via ADSI? Script is below Thanks, Erik Function ReportRasUsers() If DOM = Then DOM = corp strRasUsers=Table id= table1 cellspacing= 1 cellPadding= 1 width= 500 border= 1 strRasUsers=strRasUsers THUser Name/THTHFull Name/THTHRAS Type/TH Dim AccountObj,MachObj,PassAge,fs,fsOut,strRasUsers,strFN Set AccountObj = GetObject(WinNT://DOM) AccountObj.Filter = Array(User) For Each User In AccountObj Set UserObj = GetObject(WinNT:// DOM/ User.Name) Ras=UserObj.get(RasPermissions) strFN=UserObj.get(FullName) If Ras=9 Then strRasUsers=strRasUsers TRTD User.Name /TDTD strFN /TDTDNo Dial Back/TD/TR ElseIf Ras=10 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD bgcolor= Red strFN /TDTD bgcolor= Red Dial Back Enabled/TD/TR ElseIf Ras=12 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD bgcolor= Red strFN /TDTD bgcolor= Red Dial Back Enabled/TD/TR End If Next response.Write(strRasUsers) End Function List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Automagically move AD computers into new/appropriate OU
On 1/10/06, Kamlesh Parmar [EMAIL PROTECTED] wrote: If you know the admin password of all new computers, you can use netdom.exe to join machine remotely, and at the same time put it in exact ou where you want to put it. NETDOM JOIN comp1 /DOMAIN:WINDOM /UO:LocalAdmin /PO:LocalAdminPassword /UD:WinDom\DomAdmin /PD:DomAdminPassword /OU:OU=MyComps,dc=dom,dc=com Where comp1 = remote computer to join the domain windom = domain to join localadmin = local administrator of comp1 computer localadminpassword = localadmin 's password windom\domadmin = domain account with rights to join machine to domain DomAdminPassword = windom\domadmin's password Excellent, I will try this! Thanks! ...D -- CPDE - Certified Petroleum Distribution Engineer CCBC - Certified Canadian Beer Consumer List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Windows update out of control??? [signed]
I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? -- [ SECURITY NOTICE ] To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 10 January 2006 at 14:59:24 UTC. Verify this digital signature at http://www.ciphire.com/verify. --- [ CIPHIRE DIGITAL SIGNATURE ] --- Q2lwaGlyZSBTaWcuAjhhY3RpdmVkaXJAbWFpbC5hY3RpdmVkaXIub3JnAG5ldmVzY0Bta WRyaXZlcnMuY29tAGVtYWlsIGJvZHkA2AEAAHwAfAEAAADMy8ND2AEAAPMDAAIAAg ACACBJR/O7jEgoIzh1c1ppi6Zr3sUTtiV651EXvXV186FI9wEAGENpVjq6ik/aqASATD3 nc5pNbut/CknArrKTYbiF7TOlQg+LkxOxK05F8qXsv2gGjD5Ey4gCnjzFmYRFGeng7eAy mNkGU2lnRW5k - [ END DIGITAL SIGNATURE ] - List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: DEC 2006
On-site support visit. I count 12 Applebee’s locations in the greater Vegas area. Surely there’s a piece of AD broken in one of them J Me? We’ve got pants and shirts scattered all over Vegas hotels and casinos and I still can’t go L mc From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, January 10, 2006 9:55 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 Ditto for me… My title doesn’t start with a C _ _ so I’m afraid to even ask for a paid trip to Vegas J --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- ”I love the smell of red herrings in the morning” - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose Medeiros Sent: Monday, January 09, 2006 1:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 I would love to go, unfortunately as most people on the list unless our employeers pay for it, we just can not afford to attend. Jose - Original Message - From: McLeod, Scotty To: ActiveDir@mail.activedir.org Sent: Monday, January 09, 2006 7:45 AM Subject: RE: [ActiveDir] OT: DEC 2006 Am attending again, looking forward to it. Scotty From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: 05 January 2006 22:17 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: DEC 2006 Of the list how many people are going to DEC this year? www.directoryexpertsconference.com Tomorrow is the last day for the early bird registrations if anyone wants to day some $£€’s. Mark This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. This e-mail transmission contains information that is intended to be confidential and privileged. If you receive this e-mail and you are not a named addressee you are hereby notified that you are not authorized to read, print, retain, copy or disseminate this communication without the consent of the sender and that doing so is prohibited and may be unlawful. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please delete and otherwise erase it and any attachments from your computer system. Your assistance in correcting this error is appreciated.
[ActiveDir] GPO - Windows classic view without losing Quick Launch bar in Win2000
Through GPO, is there a way to enforce Windows Classic View in the Folder View (WinXP SP2) - without losing the Quick Launch bar on the Windows 2000 computers. Thanks, ...D -- CPDE - Certified Petroleum Distribution Engineer CCBC - Certified Canadian Beer Consumer List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Strange deleted object issue
I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] OT: Scripting Issue.
Here is the solution that I found that works for me now. Thanks for all of your help. On Error Resume Next Const ADS_SCOPE_SUBTREE = 2 Set objConnection = CreateObject(ADODB.Connection) Set objCommand = CreateObject(ADODB.Command) objConnection.Provider = ADsDSOObject objConnection.Open Active Directory Provider Set objCommand.ActiveConnection = objConnection objCommand.Properties(Page Size) = 1000 objCommand.Properties(Searchscope) = ADS_SCOPE_SUBTREE objCommand.CommandText = _ SELECT Name FROM 'LDAP://dc=corp,dc=fcfs,dc=int' WHERE objectCategory='user' _ AND msNPAllowDialin = TRUE Set objRecordSet = objCommand.Execute objRecordSet.MoveFirst Do Until objRecordSet.EOF Wscript.Echo objRecordSet.Fields(Name).Value objRecordSet.MoveNext Loop Erik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Brown Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Scripting Issue. Excellent! Thanks for all of the responses. Not sure how I missed all of that in my search... Erik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Monday, January 09, 2006 7:35 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Scripting Issue. Didn't like my answer in the Sunbelt group, eh? Server Data Objects are your portable way to do this, regardless of your domain mode (at least through Windows Server 2003). It wraps the MprAdminUserSetInfo and MprAdminUserGetInfo functions on both Windows 2000 and Windows 2003. For example, http://msdn.microsoft.com/library/en-us/sdo/sdo/changing_dial_in_setting s.asp I use SDO all over the place (unfortunately). Sub RasInfo (ByVal objWinNT, ByVal strServer, ByVal strName) Dim objWinUser Dim element, v, msg, str Dim objSDOMachine, objU Set objSDOMachine = CreateObject (IAS.SDOMachine) objSDOMachine.Attach (strServer) Set objWinUser = GetObject (WinNT:// strServer / strName ,user) Set objU = objSDOMachine.GetUserSDO (0, strName) msg = vbCrLf _ Name: objU.GetProperty (PROPERTY_SDO_NAME) vbCrLf _ Full name: objWinUser.Get (fullname) vbCrLf _ Description: objWinUser.Get (description) vbCrLf _ vbCrLf v = objU.getproperty (PROPERTY_USER_ALLOW_DIALIN) If IsEmpty (v) Then str = Control access through Remote Access Policy Else If v = True Then str = Allow access Else str = Deny access End If End If msg = msg Remote access permission: str vbcrlf Set v = Nothing ... ... ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Brown Sent: Monday, January 09, 2006 5:06 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Scripting Issue. I have a script that I run in an ASP page to list all RAS Users as a check to make sure that we don't have anyone with permissions that shouldn't have them. However, I'm finding now that we are migrating to W2k3 that this script doesn't work on 2k3. I read in a newsgroup that the RasPermissions in ADSI was removed due to security concerns. Is this correct? Is there another way to access this information via ADSI? Script is below Thanks, Erik Function ReportRasUsers() If DOM = Then DOM = corp strRasUsers=Table id= table1 cellspacing= 1 cellPadding= 1 width= 500 border= 1 strRasUsers=strRasUsers THUser Name/THTHFull Name/THTHRAS Type/TH Dim AccountObj,MachObj,PassAge,fs,fsOut,strRasUsers,strFN Set AccountObj = GetObject(WinNT://DOM) AccountObj.Filter = Array(User) For Each User In AccountObj Set UserObj = GetObject(WinNT:// DOM/ User.Name) Ras=UserObj.get(RasPermissions) strFN=UserObj.get(FullName) If Ras=9 Then strRasUsers=strRasUsers TRTD User.Name /TDTD strFN /TDTDNo Dial Back/TD/TR ElseIf Ras=10 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD bgcolor= Red strFN /TDTD bgcolor= Red Dial Back Enabled/TD/TR ElseIf Ras=12 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD bgcolor= Red strFN /TDTD bgcolor= Red Dial Back Enabled/TD/TR End If Next response.Write(strRasUsers) End Function List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive:
Re: [ActiveDir] Windows update out of control??? [signed]
No, this is not normal. Sounds like you have group policy settings in place coming from a server? Automatic Updates options are greyed out?: http://windowsxp.mvps.org/aupolicy.htm BTW two patches today. Chris Neves [c] wrote: I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Windows update out of control??? [signed]
Sounds like a GPO lock down, permissions, or corrupted .CPL. -Z.V. Chris Neves [c] wrote: I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Windows update out of control??? [signed]
That is usually a result of GPO being set to restrict (or direct) use of Auto Update. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Neves [c] Sent: Tuesday, January 10, 2006 8:59 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows update out of control??? [signed] I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? -- [ SECURITY NOTICE ] To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 10 January 2006 at 14:59:24 UTC. Verify this digital signature at http://www.ciphire.com/verify. --- [ CIPHIRE DIGITAL SIGNATURE ] --- Q2lwaGlyZSBTaWcuAjhhY3RpdmVkaXJAbWFpbC5hY3RpdmVkaXIub3JnAG5ldmVzY0Bta WRyaXZlcnMuY29tAGVtYWlsIGJvZHkA2AEAAHwAfAEAAADMy8ND2AEAAPMDAAIAAg ACACBJR/O7jEgoIzh1c1ppi6Zr3sUTtiV651EXvXV186FI9wEAGENpVjq6ik/aqASATD3 nc5pNbut/CknArrKTYbiF7TOlQg+LkxOxK05F8qXsv2gGjD5Ey4gCnjzFmYRFGeng7eAy mNkGU2lnRW5k - [ END DIGITAL SIGNATURE ] - List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Windows update out of control??? [signed]
It is most likely being controlled via Group Policy. Otherwise make sure you are logged on as an Administrator. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Neves [c] Sent: Tuesday, January 10, 2006 9:59 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows update out of control??? [signed] I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? -- [ SECURITY NOTICE ] To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 10 January 2006 at 14:59:24 UTC. Verify this digital signature at http://www.ciphire.com/verify. --- [ CIPHIRE DIGITAL SIGNATURE ] --- Q2lwaGlyZSBTaWcuAjhhY3RpdmVkaXJAbWFpbC5hY3RpdmVkaXIub3JnAG5ldmVzY0Bta WRyaXZlcnMuY29tAGVtYWlsIGJvZHkA2AEAAHwAfAEAAADMy8ND2AEAAPMDAAIAAg ACACBJR/O7jEgoIzh1c1ppi6Zr3sUTtiV651EXvXV186FI9wEAGENpVjq6ik/aqASATD3 nc5pNbut/CknArrKTYbiF7TOlQg+LkxOxK05F8qXsv2gGjD5Ey4gCnjzFmYRFGeng7eAy mNkGU2lnRW5k - [ END DIGITAL SIGNATURE ] - List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Strange deleted object issue
how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
Re: [ActiveDir] Windows update out of control??? [signed]
Um, is there any Group Policy in effect on your domain? -ASB FAST, CHEAP, SECURE: Pick Any TWO http://www.ultratech-llc.com/KB/ On 1/10/06, Chris Neves [c] [EMAIL PROTECTED] wrote: I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Windows update out of control??? [signed]
If the auto-update settings are grayed out, there might be a GP in place. Local admin account should not be affected by the Group Policy so you can perform updates via that route...assuming that you have the local admin password. -Nav -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Neves [c] Sent: Tuesday, January 10, 2006 9:59 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows update out of control??? [signed] I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? -- [ SECURITY NOTICE ] To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 10 January 2006 at 14:59:24 UTC. Verify this digital signature at http://www.ciphire.com/verify. --- [ CIPHIRE DIGITAL SIGNATURE ] --- Q2lwaGlyZSBTaWcuAjhhY3RpdmVkaXJAbWFpbC5hY3RpdmVkaXIub3JnAG5ldmVzY0Bta WRyaXZlcnMuY29tAGVtYWlsIGJvZHkA2AEAAHwAfAEAAADMy8ND2AEAAPMDAAIAAg ACACBJR/O7jEgoIzh1c1ppi6Zr3sUTtiV651EXvXV186FI9wEAGENpVjq6ik/aqASATD3 nc5pNbut/CknArrKTYbiF7TOlQg+LkxOxK05F8qXsv2gGjD5Ey4gCnjzFmYRFGeng7eAy mNkGU2lnRW5k - [ END DIGITAL SIGNATURE ] - List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: DEC 2006
Ha you’re funny Mark J I might try that but it won’t fly, I don’t do that kind of support J --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- ”I love the smell of red herrings in the morning” - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Creamer, Mark Sent: Tuesday, January 10, 2006 9:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 On-site support visit. I count 12 Applebee’s locations in the greater Vegas area. Surely there’s a piece of AD broken in one of them J Me? We’ve got pants and shirts scattered all over Vegas hotels and casinos and I still can’t go L mc From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, January 10, 2006 9:55 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 Ditto for me… My title doesn’t start with a C _ _ so I’m afraid to even ask for a paid trip to Vegas J --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- ”I love the smell of red herrings in the morning” - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose Medeiros Sent: Monday, January 09, 2006 1:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 I would love to go, unfortunately as most people on the list unless our employeers pay for it, we just can not afford to attend. Jose - Original Message - From: McLeod, Scotty To: ActiveDir@mail.activedir.org Sent: Monday, January 09, 2006 7:45 AM Subject: RE: [ActiveDir] OT: DEC 2006 Am attending again, looking forward to it. Scotty From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: 05 January 2006 22:17 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: DEC 2006 Of the list how many people are going to DEC this year? www.directoryexpertsconference.com Tomorrow is the last day for the early bird registrations if anyone wants to day some $£€’s. Mark This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. This e-mail transmission contains information that is intended to be confidential and privileged. If you receive this e-mail and you are not a named addressee you are hereby notified that you are not authorized to read, print, retain, copy or disseminate this communication without the consent of the sender and that doing so is prohibited and may be unlawful. Please reply to the message immediately by informing the sender that the message was misdirected. After replying, please delete and otherwise erase it and any attachments from your computer system. Your assistance in correcting this error is appreciated. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding,
RE: [ActiveDir] Strange deleted object issue
Try adfind with the -showdel flag From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 8:11 AMTo: activedirectorySubject: [ActiveDir] Strange deleted object issue I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
[ActiveDir] Looking for group policy setting
Does anyone here happen to know where the setting is to turn off new users on a computer getting the Getting Started popup on windows 2000? Scott Klassen
[ActiveDir] Changing network password for remote user
Title: Changing network password for remote user Hi all I have a problem that I cant seem to figure out. We have a remote user who is using a laptop w/ Windows XP SP2. The laptop is set to log into the domain. I've changed his network password. How can I get his computer to see that I've changed his network password? Even though his computer is logging into the domain, the computer still wants his old password. Once he's connected via VPN, the connection to his network drives wants his new password. Help? Thanks Russ
Re: [ActiveDir] Strange deleted object issue
Thanks. That worked. Now my question is, why didn't LDP show that? is it because i'm running the win2k3 verison against a win2k forest? what am i doing wrong with ldp? Thanks again On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Try adfind with the -showdel flag From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 8:11 AMTo: activedirectorySubject: [ActiveDir] Strange deleted object issue I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] Windows update out of control??? [signed]
It can also come from your local GP settings, as well as domain. Set the settings there and you can't control them from control panel. Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Neves [c] Sent: Tuesday, January 10, 2006 8:59 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows update out of control??? [signed] I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? -- [ SECURITY NOTICE ] To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 10 January 2006 at 14:59:24 UTC. Verify this digital signature at http://www.ciphire.com/verify. --- [ CIPHIRE DIGITAL SIGNATURE ] --- Q2lwaGlyZSBTaWcuAjhhY3RpdmVkaXJAbWFpbC5hY3RpdmVkaXIub3JnAG5ldmVzY0Bta WRyaXZlcnMuY29tAGVtYWlsIGJvZHkA2AEAAHwAfAEAAADMy8ND2AEAAPMDAAIAAg ACACBJR/O7jEgoIzh1c1ppi6Zr3sUTtiV651EXvXV186FI9wEAGENpVjq6ik/aqASATD3 nc5pNbut/CknArrKTYbiF7TOlQg+LkxOxK05F8qXsv2gGjD5Ey4gCnjzFmYRFGeng7eAy mNkGU2lnRW5k - [ END DIGITAL SIGNATURE ] - List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Strange deleted object issue
Oh yeah, can you reanimate an object from Deleted Objects in win2k or is that only a win2k3 DFL feature? What are my options for restoring the account? Just backup and repopulate group membership/acl's? Thanks again On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: Thanks. That worked. Now my question is, why didn't LDP show that? is it because i'm running the win2k3 verison against a win2k forest? what am i doing wrong with ldp? Thanks again On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Try adfind with the -showdel flag From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 8:11 AMTo: activedirectorySubject: [ActiveDir] Strange deleted object issue I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] Looking for group policy setting
Theres a widely publicized reg entry but I have had no success in making it work. I havent found a corresponding GPO entry. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Tour] RunCount=dword: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\Tour] RunCount=dword: --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of klas9574 Sent: Tuesday, January 10, 2006 10:07 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Looking for group policy setting Does anyone here happen to know where the setting is to turn off new users on a computer getting the Getting Started popup on windows 2000? Scott Klassen ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system.
Re: [ActiveDir] Looking for group policy setting
Computer Settings\Administrative Templates\System\Logon A good resource here is the Policy Settings.xls spreadsheet downloadable from http://www.microsoft.com/downloads/details.aspx?FamilyID=7821C32F-DA15-438D-8E48-45915CD2BC14displaylang=en (watch wrapping on that URL). Gives you a list of all the GPO settings that are available, where they're located in the tree, and what OSs they are supported by. - Laura On 1/10/06, klas9574 [EMAIL PROTECTED] wrote: Does anyone here happen to know where the setting is to turn off new users on a computer getting the Getting Started popup on windows 2000? Scott Klassen -- --- Laura E. Hunter Microsoft MVP - Windows Server Networking Author: _Active Directory Consultant's Field Guide_ (http://tinyurl.com/7f8ll) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Strange deleted object issue
You need to set the LDAP control flags in LDP to view deleted objects. (It's what the -showdel switch is doing for you in adfind.) It's under Options somewhere, look for it and you'll see it. - Laura On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: Thanks. That worked. Now my question is, why didn't LDP show that? is it because i'm running the win2k3 verison against a win2k forest? what am i doing wrong with ldp? Thanks again On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Try adfind with the -showdel flag From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 8:11 AM To: activedirectory Subject: [ActiveDir] Strange deleted object issue I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks -- --- Laura E. Hunter Microsoft MVP - Windows Server Networking Author: _Active Directory Consultant's Field Guide_ (http://tinyurl.com/7f8ll) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] [List Owner] IE7 and ActiveDir
Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time.RichOh and it was blank. ---Rich MilburnMCSE, Microsoft MVP - Directory ServicesSr Network Analyst, Field Platform DevelopmentApplebee's International, Inc.4551 W. 107th St Overland Park, KS 66207913-967-2819--I love the smell of red herrings in the morning - anonymous-Original Message- From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] [List Owner] IE7 and ActiveDirTony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content.David RollingPresidentwww.infovue.netOn the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died=-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tony MurraySent: Monday, January 09, 2006 9:10 PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] [List Owner] IE7 and ActiveDirI've had a report that ActiveDir.org appearswellempty whenviewedwith IE7.In other words, the pages load without errors but no content isvisible.Has anyone else experienced this problem?Just trying to gather somemoredetail.Tonywww.activedir.orgList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive:http://www.mail-archive.com/activedir%40mail.activedir.org/---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments.This information is strictly confidential and may be subject to attorney-clientprivilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding,printing, copying, distribution, or using such information is strictlyprohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message.Unauthorized interception of this e-mail is a violation of federal criminal law.Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent toor from this e-mail address may be stored on the Applebee's International, Inc.e-mail system.List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Changing network password for remote user
What we do is find out what the user has set the pw to on the laptop, then set the pw on the domain to match (checking user must change pw at next login), force replication on the DCs, and have the user log into the laptop and VPN with the now-matched credentials. We then educate the user that the only way to correctly change the pw is to be logged into the VPN and the use ctrl+alt+del and change pw. ** Charlie Kaiser W2K3 MCSA/MCSE/Security, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Etts, Russell Sent: Tuesday, January 10, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Changing network password for remote user Hi all I have a problem that I can't seem to figure out. We have a remote user who is using a laptop w/ Windows XP SP2. The laptop is set to log into the domain. I've changed his network password. How can I get his computer to see that I've changed his network password? Even though his computer is logging into the domain, the computer still wants his old password. Once he's connected via VPN, the connection to his network drives wants his new password. Help? Thanks Russ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] GPO refresh interval
Right, so that policy is processed by the computer, and thus is subject to LSDOU. It does not effect the actual GPO where its set. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matheesha WeerasingheSent: Tuesday, January 10, 2006 2:53 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] GPO refresh interval Sorry I should have been more specific. The "group policy refresh interval for computers" setting in the Computer Configuration/Administrative Templates/System/Group Policy if configured at LSDOU levels for a computer or user, how is it used? Is the refresh value configured on each policy applicable to each individual GPO or is the net result value from LSDOU used? Thanks M@ Subject: RE: [ActiveDir] GPO refresh intervalDate: Mon, 9 Jan 2006 11:55:43 -0800From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org Not sure I understand the question. Each system will apply GP at an interval dependent upon its role. For DCs its every 5 minutes. For member servers and workstations its every 90 min plus a +-30 minute randomizer. For a given system, the next processing interval is determined when processing occurs, and you can see this in the userenv.log on a given system. Did I miss the question? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matheesha WeerasingheSent: Monday, January 09, 2006 11:40 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] GPO refresh interval Hi I had a quick query about GPO refresh interval. Is this an aggregate of all values which apply to Computer/User or is it applicable per GPO it was configured for? I am pretty sure its the former but I'd like it clarified. thanks M@ Express yourself instantly with MSN Messenger! MSN Messenger Express yourself instantly with MSN Messenger! MSN Messenger
RE: [ActiveDir] Changing network password for remote user
Once this user has VPNed in have him lock the laptop and then open it back up using the new passy. Sometimes this works... From: [EMAIL PROTECTED] on behalf of Etts, Russell Sent: Tue 1/10/2006 18:10 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Changing network password for remote user Hi all I have a problem that I can't seem to figure out. We have a remote user who is using a laptop w/ Windows XP SP2. The laptop is set to log into the domain. I've changed his network password. How can I get his computer to see that I've changed his network password? Even though his computer is logging into the domain, the computer still wants his old password. Once he's connected via VPN, the connection to his network drives wants his new password. Help? Thanks Russ The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any reproduction, dissemination or distribution of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. Tellabs winmail.dat
RE: [ActiveDir] Strange deleted object issue
In LDP you have to set the Return Deleted Objects predefined control (OID 1.2.840.113556.1.4.417) on the query. Wook From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 8:31 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue Thanks. That worked. Now my question is, why didn't LDP show that? is it because i'm running the win2k3 verison against a win2k forest? what am i doing wrong with ldp? Thanks again On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Try adfind with the -showdel flag From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 8:11 AM To: activedirectory Subject: [ActiveDir] Strange deleted object issue I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] Spoofed emails
You could get a spam filter that does something as simple as reverse dns checks... It's spam - welcome to email. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] on behalf of Navroz Shariff Sent: Tue 1/10/2006 7:54 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Spoofed emails Dear list, For the past couple of weeks, a few staff members were receiving emails with the 'Subject', 'From', and 'To' fields being blank. It was not taken too seriously until I received such an email. In the advent the zero-day exploits such as the WMF, I realize what a big security problem this can be. Imagine if this email was sent last week with an image attached and upon viewing it, would run code taking advantage of the aforementioned exploit. Below is the actual email header with server names just with type of server: Microsoft Mail Internet Headers Version 2.0 Received: corporate webmail server by Exchange server with Microsoft SMTPSVC(6.0.3790.1830); Sun, 8 Jan 2006 05:59:05 -0500 Received: from p101m059.symantecmail.net by webmail server with Microsoft SMTPSVC(6.0.3790.211); Sun, 8 Jan 2006 05:59:06 -0500 Received: from unknown [65.33.35.111] (HELO 111.35.33.65.cfl.res.rr.com) by p101m059.symantecmail.net (mxl_mta-2.9.0-24p5) with SMTP id 970f0c34.2568223664.41029.p101m059.symantecmail.net (envelope-from ); Sun, 08 Jan 2006 03:59:05 -0700 (MST) X-Spam: [F=0.50; BMI=0.500(none); SC=none] X-MAIL-FROM: X-SOURCE-IP: [65.33.35.111] From: Bcc: Return-Path: Message-ID: [EMAIL PROTECTED] webmail server X-OriginalArrivalTime: 08 Jan 2006 10:59:07.0229 (UTC) FILETIME=[8BC9C0D0:01C61442] Date: 8 Jan 2006 05:59:07 -0500 I was going to call the ISP to whom this address is registered to and notify them of email abuse generating from within their network but, I received another email from a different address (213.226.189.173) so I am thinking that the addresses are spoofed. Any help in shedding light into this situation would greatly be appreciated. -Nav winmail.dat
RE: [ActiveDir] OT: DEC 2006
Its not Vegas the Green Valley Resort is in Henderson, NV. :) Nope, nothing to see here. No gambling, no shows, no fast women. Just boring technical sessions. Move along. -gil From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich MilburnSent: Tuesday, January 10, 2006 7:55 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: DEC 2006 Ditto for me… My title doesn’t start with a C _ _ so I’m afraid to even ask for a paid trip to Vegas J ---Rich MilburnMCSE, Microsoft MVP - Directory ServicesSr Network Analyst, Field Platform DevelopmentApplebee's International, Inc.4551 W. 107th StOverland Park, KS 66207913-967-2819--”I love the smell of red herrings in the morning” - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose MedeirosSent: Monday, January 09, 2006 1:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: DEC 2006 I would love to go, unfortunately as most people on the list unless our employeers pay for it, we just can not afford to attend. Jose - Original Message - From: McLeod, Scotty To: ActiveDir@mail.activedir.org Sent: Monday, January 09, 2006 7:45 AM Subject: RE: [ActiveDir] OT: DEC 2006 Am attending again, looking forward to it. Scotty From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark ParrisSent: 05 January 2006 22:17To: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: DEC 2006 Of the list how many people are going to DEC this year? www.directoryexpertsconference.com Tomorrow is the last day for the early bird registrations if anyone wants to day some $£€’s. Mark This e-mail and any attachments may contain confidential and privilegedinformation. If you are not the intended recipient, please notify thesender immediately by return e-mail, delete this e-mail and destroy anycopies. Any dissemination or use of this information by a person otherthan the intended recipient is unauthorized and may be illegal. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system.
Re: [ActiveDir] Strange deleted object issue
I did. No go. I selected the load predefined and return deleted objects. I also used the OID for the ldap control manually. Both didn't work. Load Predefined just gives me linkTrackOMTEntry objects. Manually putting in that control gives me- **Searching...ldap_search_ext_s(ld, DC=opandco,DC=com, 2, (isDeleted=*)., NULL, 0, svrCtrls, ClntCtrls, 0, 0 ,msg)Error: Search: Filter Error. 87Server error: Error94: ldap_parse_result failed: No result present in message Getting 0 entries: Thanks On 1/10/06, Laura E. Hunter [EMAIL PROTECTED] wrote: You need to set the LDAP control flags in LDP to view deleted objects.(It's what the -showdel switch is doing for you in adfind.)It's under Options somewhere, look for it and you'll see it.- LauraOn 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: Thanks. That worked. Now my question is, why didn't LDP show that? is it because i'm running the win2k3 verison against a win2k forest? what am i doing wrong with ldp? Thanks again On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Try adfind with the -showdel flag From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 8:11 AM To: activedirectory Subject: [ActiveDir] Strange deleted object issue I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him.we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks -Laura E. HunterMicrosoft MVP - Windows Server NetworkingAuthor: _Active Directory Consultant's Field Guide_ (http://tinyurl.com/7f8ll )List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Acitve Directory Other OS's
I did a pretty involved investigation of it last summer: If all you are looking to do is sign on to the operating system (logon in Unix), then you can set up a PAM module to do that. Its not too hard, but you do need Kerberos installed on the *nix side, which isnt always the case by default. (In Server 2003 setting up a Kerberos trust is even part of the Trust Wizard.) With 2003R2 or FSU installed, AD can integrate with NIS. I did a presentation on the topic at DEC last springNetpro should still have it up or I could sent it offline. Vintela (now owned by Quest) and Centrify do a lot more and integrate nicely with the ADUC GUIs. The problem with doing it yourself is in a heterogeneous environment your Unix side is likely to be very heterogeneous in itself, forcing you to multiple solutions to integrate with AD. Then theres the question of integrating the web servers (Apache, for ex) and applications. Also, you need somebody who understands both Unix and Windows authentication. Apple has its own AD integration guide for the Mac but I have not looked into it. But can it be done? Absolutely. The technology is there. AL Al Maurer Service Manager, Naming and Authentication Services IT | Information Technology Agilent Technologies (719) 590-2639; Telnet 590-2639 http://activedirectory.it.agilent.com -- Cry 'Havoc!' and let slip the dogs of war - Anthony, in Julius Caesar III i. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, January 05, 2006 4:25 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Acitve Directory Other OS's The proper answer is to kerberize the non-MS platforms. This is not always that easy, I have known grown men who have started crying trying to do it. Kerberos is not easy to wrap your noodle around. That is why products from Centrify and Vintela are so great for companies, it makes this something that can be done in days, weeks, months instead of years (I am serious, I know of a large company that went a couple of years trying to figure out how to do this well and finally just purchased Centrify products to do it, would have saved a fortune had that decision been made initially and if the product had existed). You especially want to look at these products if you have a multidomain forest (called Multiple-realm in the Kerberos world) or do anything a bit different from the standard such as disjoint namespaces, etc. Also they have Group Policy pieces in their products to help manage the non-MS platform machines which could be extremely helpful. You have other options such as using LDAP in PAM modules but anytimes someone says they are using LDAP for authentication my mind immediately kicks back, LDAP isn't an authentication protocol. Sure it has to authenticate users as part of the accessing of the directory, but that isn't the purpose behind it and there are issues that can crop up when you try to do it like for instance passwords in clear text flying all over the network. You can also look at using SAMBA but last I heard, the integration across the various aspects of the platform were nowhere near what you get out of the Centrify and Vintela products. joe From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pennell, Ronald B. Sent: Thursday, January 05, 2006 1:00 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Acitve Directory Other OS's Let say that I want to have a single logon for my users who use windows and Unix/Linux platforms. They must maintain separate user account and passwords. I would like to combine them into the AD. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Thursday, January 05, 2006 12:03 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Acitve Directory Other OS's Let's attack from another angle then. What is the end state of what you're trying to accomplish? In other words, what is it you want to be able to do with these machines and what does integrate mean to you? Al On 1/5/06, Pennell, Ronald B. [EMAIL PROTECTED] wrote: Did not find what I was looking for on the Archives. I realize that this is kind of a broad subject. But, I guess I can say that most issues can be solved by using middleware products Like SAMBA for unix for file and print. I know in my present organization, my Linux, Unix servers contain their own directory services (user accounts, passwds, etc.) They have not been integrated into the AD, therefore we do not have the single sign-on for users. Ron From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Al Mulnick Sent: Thursday, January 05, 2006 9:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Acitve Directory Other OS's The archives of this list would be a good place to start. You may also want to check out the web sites
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of SteveSent: Tuesday, January 10, 2006 8:53 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time.RichOh and it was blank.---Rich MilburnMCSE, Microsoft MVP - Directory ServicesSr Network Analyst, Field Platform DevelopmentApplebee's International, Inc.4551 W. 107th St Overland Park, KS 66207913-967-2819--"I love the smell of red herrings in the morning" - anonymous-Original Message- From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] [List Owner] IE7 and ActiveDirTony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content.David RollingPresidentwww.infovue.netOn the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died=-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tony MurraySent: Monday, January 09, 2006 9:10 PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] [List Owner] IE7 and ActiveDirI've had a report that ActiveDir.org appearswellempty whenviewedwith IE7.In other words, the pages load without errors but no content isvisible.Has anyone else experienced this problem?Just trying to gather somemoredetail.Tonywww.activedir.orgList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive:http://www.mail-archive.com/activedir%40mail.activedir.org/List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive:http://www.mail-archive.com/activedir%40mail.activedir.org/---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments.This information is strictly confidential and may be subject to attorney-clientprivilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding,printing, copying, distribution, or using such information is strictlyprohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message.Unauthorized interception of this e-mail is a violation of federal criminal law.Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent toor from this e-mail address may be stored on the Applebee's International, Inc.e-mail system.List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Automagically move AD computers into new/appropriate OU
Don't know the size of your environment, but in mine we have 60+ machines join daily. I tell the admins which OU to join them to, and then sweep up behind them in the Computers container with a script like Alain's with dsquery and dsmove: we query for operating system then place accordingly. Al Maurer Service Manager, Naming and Authentication Services IT | Information Technology Agilent Technologies (719) 590-2639; Telnet 590-2639 http://activedirectory.it.agilent.com -- Cry 'Havoc!' and let slip the dogs of war - Anthony, in Julius Caesar III i. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Danny Sent: Tuesday, January 10, 2006 7:55 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Automagically move AD computers into new/appropriate OU On 1/10/06, Kamlesh Parmar [EMAIL PROTECTED] wrote: If you know the admin password of all new computers, you can use netdom.exe to join machine remotely, and at the same time put it in exact ou where you want to put it. NETDOM JOIN comp1 /DOMAIN:WINDOM /UO:LocalAdmin /PO:LocalAdminPassword /UD:WinDom\DomAdmin /PD:DomAdminPassword /OU:OU=MyComps,dc=dom,dc=com Where comp1 = remote computer to join the domain windom = domain to join localadmin = local administrator of comp1 computer localadminpassword = localadmin 's password windom\domadmin = domain account with rights to join machine to domain DomAdminPassword = windom\domadmin's password Excellent, I will try this! Thanks! ...D -- CPDE - Certified Petroleum Distribution Engineer CCBC - Certified Canadian Beer Consumer List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Changing network password for remote user
Title: Changing network password for remote user Or will Ctrl-Alt-Del work to change the password? Steven Comeau Manager, Corporate IT Systems Main Tape 1 Capital Drive, Suite 101 Cranbury, NJ 08512 800-718-8273 x332 From: Juvonen, Maarit [mailto:[EMAIL PROTECTED] On Behalf Of Juvonen, Maarit Sent: Tuesday, January 10, 2006 12:02 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Changing network password for remote user Once this user has VPNed in have him lock the laptop and then open it back up using the new passy. Sometimes this works... From: [EMAIL PROTECTED] on behalf of Etts, Russell Sent: Tue 1/10/2006 18:10 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Changing network password for remote user Hi all I have a problem that I cant seem to figure out. We have a remote user who is using a laptop w/ Windows XP SP2. The laptop is set to log into the domain. I've changed his network password. How can I get his computer to see that I've changed his network password? Even though his computer is logging into the domain, the computer still wants his old password. Once he's connected via VPN, the connection to his network drives wants his new password. Help? Thanks Russ
Re: [ActiveDir] Windows update out of control??? [signed]
You know... it just might be group policy? :-) ya think? Navroz Shariff wrote: If the auto-update settings are grayed out, there might be a GP in place. Local admin account should not be affected by the Group Policy so you can perform updates via that route...assuming that you have the local admin password. -Nav -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Neves [c] Sent: Tuesday, January 10, 2006 9:59 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows update out of control??? [signed] I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? -- [ SECURITY NOTICE ] To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 10 January 2006 at 14:59:24 UTC. Verify this digital signature at http://www.ciphire.com/verify. --- [ CIPHIRE DIGITAL SIGNATURE ] --- Q2lwaGlyZSBTaWcuAjhhY3RpdmVkaXJAbWFpbC5hY3RpdmVkaXIub3JnAG5ldmVzY0Bta WRyaXZlcnMuY29tAGVtYWlsIGJvZHkA2AEAAHwAfAEAAADMy8ND2AEAAPMDAAIAAg ACACBJR/O7jEgoIzh1c1ppi6Zr3sUTtiV651EXvXV186FI9wEAGENpVjq6ik/aqASATD3 nc5pNbut/CknArrKTYbiF7TOlQg+LkxOxK05F8qXsv2gGjD5Ey4gCnjzFmYRFGeng7eAy mNkGU2lnRW5k - [ END DIGITAL SIGNATURE ] - List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Spoofed emails
If you can setup your firewall to do reverse IP most if not all of this would go away. For example on Cisco your firewall should be configured as: ip verify reverse-path interface outside Where 'outside' is whatever you refer to the outside facing interface. It could called anything that is meaningful to you but the generic setup is usually 'outside' for convienience. Brent Eads Employee Technology Solutions, Inc. Office: (312) 762-9224 Fax: (312) 762-9275 The contents contain privileged and/or confidential information intended for the named recipient of this email. ETSI (Employee Technology Solutions, Inc.) does not warrant that the contents of any electronically transmitted information will remain confidential. If the reader of this email is not the intended recipient you are hereby notified that any use, reproduction, disclosure or distribution of the information contained in the email in error, please reply to us immediately and delete the document. Viruses, Malware, Phishing and other known and unknown electronic threats: It is the recipient/client's duties to perform virus scans and otherwise test the information provided before loading onto any computer system. No warranty is made that this material is free from computer virus or any other defect. Any loss/damage incurred by using this material is not the sender's responsibility. Liability will be limited to resupplying the material. Brian Desmond [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 01/10/2006 11:08 AM Please respond to ActiveDir@mail.activedir.org To ActiveDir@mail.activedir.org cc Subject RE: [ActiveDir] Spoofed emails You could get a spam filter that does something as simple as reverse dns checks... It's spam - welcome to email. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] on behalf of Navroz Shariff Sent: Tue 1/10/2006 7:54 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Spoofed emails Dear list, For the past couple of weeks, a few staff members were receiving emails with the 'Subject', 'From', and 'To' fields being blank. It was not taken too seriously until I received such an email. In the advent the zero-day exploits such as the WMF, I realize what a big security problem this can be. Imagine if this email was sent last week with an image attached and upon viewing it, would run code taking advantage of the aforementioned exploit. Below is the actual email header with server names just with type of server: Microsoft Mail Internet Headers Version 2.0 Received: corporate webmail server by Exchange server with Microsoft SMTPSVC(6.0.3790.1830); Sun, 8 Jan 2006 05:59:05 -0500 Received: from p101m059.symantecmail.net by webmail server with Microsoft SMTPSVC(6.0.3790.211); Sun, 8 Jan 2006 05:59:06 -0500 Received: from unknown [65.33.35.111] (HELO 111.35.33.65.cfl.res.rr.com) by p101m059.symantecmail.net (mxl_mta-2.9.0-24p5) with SMTP id 970f0c34.2568223664.41029.p101m059.symantecmail.net (envelope-from ); Sun, 08 Jan 2006 03:59:05 -0700 (MST) X-Spam: [F=0.50; BMI=0.500(none); SC=none] X-MAIL-FROM: X-SOURCE-IP: [65.33.35.111] From: Bcc: Return-Path: Message-ID: [EMAIL PROTECTED] webmail server X-OriginalArrivalTime: 08 Jan 2006 10:59:07.0229 (UTC) FILETIME=[8BC9C0D0:01C61442] Date: 8 Jan 2006 05:59:07 -0500 I was going to call the ISP to whom this address is registered to and notify them of email abuse generating from within their network but, I received another email from a different address (213.226.189.173) so I am thinking that the addresses are spoofed. Any help in shedding light into this situation would greatly be appreciated. -Nav Message scanned by TrendMicro Message scanned by TrendMicro winmail.dat Description: Binary data
RE: [ActiveDir] Changing network password for remote user
I tried that but he gets an error saying that his computer cannot find the domain. He can connect to all of his shared drives, however. I checked his LMHOST file and everything seems to be correct. Uugghh Thanks Russ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Tuesday, January 10, 2006 11:54 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Changing network password for remote user What we do is find out what the user has set the pw to on the laptop, then set the pw on the domain to match (checking user must change pw at next login), force replication on the DCs, and have the user log into the laptop and VPN with the now-matched credentials. We then educate the user that the only way to correctly change the pw is to be logged into the VPN and the use ctrl+alt+del and change pw. ** Charlie Kaiser W2K3 MCSA/MCSE/Security, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Etts, Russell Sent: Tuesday, January 10, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Changing network password for remote user Hi all I have a problem that I can't seem to figure out. We have a remote user who is using a laptop w/ Windows XP SP2. The laptop is set to log into the domain. I've changed his network password. How can I get his computer to see that I've changed his network password? Even though his computer is logging into the domain, the computer still wants his old password. Once he's connected via VPN, the connection to his network drives wants his new password. Help? Thanks Russ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Strange deleted object issue
I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] Windows update out of control??? [signed]
I meant DEFINITELY there is a GP :-) (lol) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Tuesday, January 10, 2006 12:26 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Windows update out of control??? [signed] You know... it just might be group policy? :-) ya think? Navroz Shariff wrote: If the auto-update settings are grayed out, there might be a GP in place. Local admin account should not be affected by the Group Policy so you can perform updates via that route...assuming that you have the local admin password. -Nav -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Neves [c] Sent: Tuesday, January 10, 2006 9:59 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows update out of control??? [signed] I was wondering if anyone else has lost control of the auto-updating feature of windows xp? When I go into the control panel of almost all of my window xp pro computer the auto-update settings are grayed out and unable to change them. Did this feature come down in a windows update or is it some dormant setting that was for some reason activated? Any help on this? It's driving me bonkers! Chris Neves Assistant Technology Coordinator Glendive Public Schools (406) 377-5265 ext 198 What is so wrong with reinventing the wheel? What about inventing fire over and over? -- [ SECURITY NOTICE ] To: [EMAIL PROTECTED] For your security, [EMAIL PROTECTED] digitally signed this message on 10 January 2006 at 14:59:24 UTC. Verify this digital signature at http://www.ciphire.com/verify. --- [ CIPHIRE DIGITAL SIGNATURE ] --- Q2lwaGlyZSBTaWcuAjhhY3RpdmVkaXJAbWFpbC5hY3RpdmVkaXIub3JnAG5ldmVzY0Bta WRyaXZlcnMuY29tAGVtYWlsIGJvZHkA2AEAAHwAfAEAAADMy8ND2AEAAPMDAAIAAg ACACBJR/O7jEgoIzh1c1ppi6Zr3sUTtiV651EXvXV186FI9wEAGENpVjq6ik/aqASATD3 nc5pNbut/CknArrKTYbiF7TOlQg+LkxOxK05F8qXsv2gGjD5Ey4gCnjzFmYRFGeng7eAy mNkGU2lnRW5k - [ END DIGITAL SIGNATURE ] - List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT: WSUS
Title: OT: WSUS Is there a way to push out patches immediately in WSUS? I have this installed on a Windows2003 server in a non-active directory environment. Thanks for any help!! Chris Pohlschneider Network Administrator Cenveo-Sidney 937-497-2136 [EMAIL PROTECTED] Cenveo is your visual communications connection for a broad portfolio of services and products including eServices, envelopes, offset and digital printing, labels and business documents
RE: [ActiveDir] OT: WSUS
Title: OT: WSUS Yes, simply set a deadline when you approve the patch. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pohlschneider, ChrisSent: Tuesday, January 10, 2006 1:54 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: WSUS Is there a way to push out patches immediately in WSUS? I have thisinstalled on a Windows2003 server in a non-active directory environment.Thanks for any help!!Chris PohlschneiderNetwork AdministratorCenveo-Sidney937-497-2136[EMAIL PROTECTED]Cenveo is your visual communications connection for a broad portfolio ofservices and products including eServices, envelopes, offset and digitalprinting, labels and business documents This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.
Re: [ActiveDir] Strange deleted object issue
I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
Blank from (IE7 + 1 hotfix) on (XP + SP2 + 487 hotfixes) But then again, I seem to be having other web issues today. Connect.microsoft.com had the same issue earlier. Rich --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Tuesday, January 10, 2006 11:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7.In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem?Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the
RE: [ActiveDir] Looking for group policy setting
Hunting arount a bit with RegMon, I was also able to find [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\tips] Show=dword: and [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\tips] Show=dword:0001. The HKCU is the one which is toggled when a user checks or unchecks the show on next startup box. Setting the HK_User to 0 has no effect when a new user logs in. What I might try next is to create a custom adm for the HKCU and try deploying through group policy that way, since it doesnt look like there is a policy existent. Ill let the group know. Scott Klassen From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, January 10, 2006 10:38 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Looking for group policy setting Theres a widely publicized reg entry but I have had no success in making it work. I havent found a corresponding GPO entry. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Tour] RunCount=dword: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\Tour] RunCount=dword: --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of klas9574 Sent: Tuesday, January 10, 2006 10:07 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Looking for group policy setting Does anyone here happen to know where the setting is to turn off new users on a computer getting the Getting Started popup on windows 2000? Scott Klassen ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system.
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
Thanks Darren. Are you running any IE7 hotfixes? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, 11 January 2006 6:22 a.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7.In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem?Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002.
RE: [ActiveDir] OT: WSUS
Title: OT: WSUS I approved the patch in the updates section and set a deadline for 1-10-06 at 3PM EST and I have not seen anything happen yet on the test computer. Any idea why this is not pushing out? It looked like that the server deadline settings would override the client setting. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]Sent: Tuesday, January 10, 2006 2:25 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: WSUS Yes, simply set a deadline when you approve the patch. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pohlschneider, ChrisSent: Tuesday, January 10, 2006 1:54 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: WSUS Is there a way to push out patches immediately in WSUS? I have thisinstalled on a Windows2003 server in a non-active directory environment.Thanks for any help!!Chris PohlschneiderNetwork AdministratorCenveo-Sidney937-497-2136[EMAIL PROTECTED]Cenveo is your visual communications connection for a broad portfolio ofservices and products including eServices, envelopes, offset and digitalprinting, labels and business documents This e-mail and any attachments may contain confidential and privilegedinformation. If you are not the intended recipient, please notify thesender immediately by return e-mail, delete this e-mail and destroy anycopies. Any dissemination or use of this information by a person otherthan the intended recipient is unauthorized and may be illegal.
Re: [ActiveDir] Strange deleted object issue
Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like audit directory service access as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
Re: [ActiveDir] OT: DEC 2006
Because you knew full well that if you'd scheduled the conference on the strip, you would've had 500 geeks walk into the casino that stood between them and the conference rooms...and maybe 3 of us would've come out the other side. :-) - L On 1/10/06, Gil Kirkpatrick [EMAIL PROTECTED] wrote: Its not Vegas the Green Valley Resort is in Henderson, NV. :) Nope, nothing to see here. No gambling, no shows, no fast women. Just boring technical sessions. Move along. -gil From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, January 10, 2006 7:55 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 Ditto for me… My title doesn't start with a C _ _ so I'm afraid to even ask for a paid trip to Vegas J --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose Medeiros Sent: Monday, January 09, 2006 1:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 I would love to go, unfortunately as most people on the list unless our employeers pay for it, we just can not afford to attend. Jose - Original Message - From: McLeod, Scotty To: ActiveDir@mail.activedir.org Sent: Monday, January 09, 2006 7:45 AM Subject: RE: [ActiveDir] OT: DEC 2006 Am attending again, looking forward to it. Scotty From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: 05 January 2006 22:17 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: DEC 2006 Of the list how many people are going to DEC this year? www.directoryexpertsconference.com Tomorrow is the last day for the early bird registrations if anyone wants to day some $£€'s. Mark This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. -- --- Laura E. Hunter Microsoft MVP - Windows Server Networking Author: _Active Directory Consultant's Field Guide_ (http://tinyurl.com/7f8ll)
RE: [ActiveDir] Strange deleted object issue
Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 1:23 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issue Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had "audit account management" enabled for sucess and failure on my domain controllers ou and auditing enabled for "everyone" for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like "audit directory service access" as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] Looking for group policy setting
Thanks Laura. I actually had looked in the spreadsheet, but must have missed it. Just tried it and works great. Scott Klassen -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Tuesday, January 10, 2006 10:36 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Looking for group policy setting Computer Settings\Administrative Templates\System\Logon A good resource here is the Policy Settings.xls spreadsheet downloadable from http://www.microsoft.com/downloads/details.aspx?FamilyID=7821C32F-DA15-438D- 8E48-45915CD2BC14displaylang=en (watch wrapping on that URL). Gives you a list of all the GPO settings that are available, where they're located in the tree, and what OSs they are supported by. - Laura On 1/10/06, klas9574 [EMAIL PROTECTED] wrote: Does anyone here happen to know where the setting is to turn off new users on a computer getting the Getting Started popup on windows 2000? Scott Klassen -- --- Laura E. Hunter Microsoft MVP - Windows Server Networking Author: _Active Directory Consultant's Field Guide_ (http://tinyurl.com/7f8ll) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: DEC 2006
I think you are going to find the same at Green Valley - http://www.greenvalleyranchresort.com/gaming/index.html Leave your car and house titles at home! Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Tuesday, January 10, 2006 2:26 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 Because you knew full well that if you'd scheduled the conference on the strip, you would've had 500 geeks walk into the casino that stood between them and the conference rooms...and maybe 3 of us would've come out the other side. :-) - L On 1/10/06, Gil Kirkpatrick [EMAIL PROTECTED] wrote: Its not Vegas the Green Valley Resort is in Henderson, NV. :) Nope, nothing to see here. No gambling, no shows, no fast women. Just boring technical sessions. Move along. -gil From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, January 10, 2006 7:55 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 Ditto for me… My title doesn't start with a C _ _ so I'm afraid to even ask for a paid trip to Vegas J --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose Medeiros Sent: Monday, January 09, 2006 1:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 I would love to go, unfortunately as most people on the list unless our employeers pay for it, we just can not afford to attend. Jose - Original Message - From: McLeod, Scotty To: ActiveDir@mail.activedir.org Sent: Monday, January 09, 2006 7:45 AM Subject: RE: [ActiveDir] OT: DEC 2006 Am attending again, looking forward to it. Scotty From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: 05 January 2006 22:17 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: DEC 2006 Of the list how many people are going to DEC this year? www.directoryexpertsconference.com Tomorrow is the last day for the early bird registrations if anyone wants to day some $£€'s. Mark This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail
[ActiveDir] Site link connection not created
What would cause a site link connection from two sites not to automatically create? If I manually create the connection, the KCC updates with the correct info about other sites, but for some reason its not automatically creating the connection. What ports are required for automatic creation? Devon Harding Windows Systems Engineer Southern Wine Spirits - BSG 954-602-2469 __ This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use or distribution of the information included in the message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank You.
Re: [ActiveDir] Strange deleted object issue
It logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days. still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives? Thanks On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 1:23 PM To: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issue Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like audit directory service access as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
Nope. The About dialog shows the version as 7.0.5270.9 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony MurraySent: Tuesday, January 10, 2006 12:03 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Thanks Darren. Are you running any IE7 hotfixes? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-EliaSent: Wednesday, 11 January 2006 6:22 a.m.To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of SteveSent: Tuesday, January 10, 2006 8:53 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time.RichOh and it was blank.---Rich MilburnMCSE, Microsoft MVP - Directory ServicesSr Network Analyst, Field Platform DevelopmentApplebee's International, Inc.4551 W. 107th St Overland Park, KS 66207913-967-2819--"I love the smell of red herrings in the morning" - anonymous-Original Message- From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] [List Owner] IE7 and ActiveDirTony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content.David RollingPresidentwww.infovue.netOn the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died=-Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tony MurraySent: Monday, January 09, 2006 9:10 PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] [List Owner] IE7 and ActiveDirI've had a report that ActiveDir.org appearswellempty whenviewedwith IE7.In other words, the pages load without errors but no content isvisible.Has anyone else experienced this problem?Just trying to gather somemoredetail.Tonywww.activedir.orgList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive:http://www.mail-archive.com/activedir%40mail.activedir.org/List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive:http://www.mail-archive.com/activedir%40mail.activedir.org/---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments.This information is strictly confidential and may be subject to attorney-clientprivilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding,printing, copying, distribution, or using such information is strictlyprohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message.Unauthorized interception of this e-mail is a violation of federal criminal law.Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent toor from this e-mail address may be stored on the Applebee's International, Inc.e-mail system.List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002.
Re: [ActiveDir] Site link connection not created
Are site connection links not manual as you map these to your desired configuration? The replication is then automatic between servers. -Original Message- From: Harding, Devon [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:50:10 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] Site link connection not created What would cause a site link connection from two sites not to automatically create? If I manually create the connection, the KCC updates with the correct info about other sites, but for some reason its not automatically creating the connection. What ports are required for automatic creation? Devon Harding Windows Systems Engineer Southern Wine Spirits - BSG 954-602-2469 List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: DEC 2006
My experience is just the opposite. I attended DECUS (The other DEC, Digital Equipment Computer Users Society Symposia) a few times back in the 90's and the casinos complained that the attendees were not losing enough money. This was attributed to 1) most of the attendees knew the odds were against them so they kept their money in their pockets where it belonged and 2) the ones that did play were pretty good at it and were winning too much. I'll not be attending but I'm sending someone that works for me instead. Have a good conference. John McGlinchey -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Tuesday, January 10, 2006 3:38 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 I think you are going to find the same at Green Valley - http://www.greenvalleyranchresort.com/gaming/index.html Leave your car and house titles at home! List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Site link connection not created
Devon, Trying to understand what you are saying... Not succeeding though... If you created a CO manually the KCC will never touch that CO. Is that what you want to know? Jorge From: [EMAIL PROTECTED] on behalf of Harding, Devon Sent: Tue 2006-01-10 21:50 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Site link connection not created What would cause a site link connection from two sites not to automatically create? If I manually create the connection, the KCC updates with the correct info about other sites, but for some reason it's not automatically creating the connection. What ports are required for automatic creation? Devon Harding Windows Systems Engineer Southern Wine Spirits - BSG 954-602-2469 __ This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use or distribution of the information included in the message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank You. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. winmail.dat
Re: [ActiveDir] Strange deleted object issue
Sounds like the tree fell in the forest and nobody heard it :) Actually, now that you know the event id, you need to ensure that all DC's are logging it correctly and that the logs didn't wrap and overwrite that entry. Usually, that's the case, but you'll want to check. Al On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: It logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days. still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives? Thanks On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 1:23 PM To: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issue Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like audit directory service access as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
Re: [ActiveDir] OT: DEC 2006
As a dedicated beer scout I have investigated the best plan of action and return of investment and I have decided to stay on the strip for five nights (monte carlo), which is the same price as two in the jolly green valley. Which means more beer vouchers even with the expence of cab fare. -Original Message- From: Thommes, Michael M. [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 14:38:23 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 I think you are going to find the same at Green Valley - http://www.greenvalleyranchresort.com/gaming/index.html Leave your car and house titles at home! Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Tuesday, January 10, 2006 2:26 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 Because you knew full well that if you'd scheduled the conference on the strip, you would've had 500 geeks walk into the casino that stood between them and the conference rooms...and maybe 3 of us would've come out the other side. :-) - L On 1/10/06, Gil Kirkpatrick [EMAIL PROTECTED] wrote:  Its not Vegas the Green Valley Resort is in Henderson, NV. :) Nope, nothing to see here. No gambling, no shows, no fast women. Just boring technical sessions. Move along. -gil From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Tuesday, January 10, 2006 7:55 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: DEC 2006 Ditto for me… My title doesn't start with a C _ _ so I'm afraid to even ask for a paid trip to Vegas J --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jose Medeiros Sent: Monday, January 09, 2006 1:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: DEC 2006 I would love to go, unfortunately as most people on the list unless our employeers pay for it, we just can not afford to attend. Jose - Original Message - From: McLeod, Scotty To: ActiveDir@mail.activedir.org Sent: Monday, January 09, 2006 7:45 AM Subject: RE: [ActiveDir] OT: DEC 2006 Am attending again, looking forward to it. Scotty From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: 05 January 2006 22:17 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: DEC 2006 Of the list how many people are going to DEC this year? www.directoryexpertsconference.com Tomorrow is the last day for the early bird registrations if anyone wants to day some $£€'s. Mark This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and
Re: [ActiveDir] Strange deleted object issue
Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit. -Original Message- From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18 To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue It logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days. still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives? Thanks On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like audit directory service access as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Strange deleted object issue
logs are set to overwrite after 7 days. There are tons of security events going back days and many on the day in question. Just no event id 630. I ran eventcombMT on every DC and i rdp'ed to every dc just to make sure. no dice. Also, i followed Hunter's advice and created and deleted an account and that was logged. Is there anything else i can look for? is auditing flaky in ways I'm not aware of? Could someone have just disabled the gpo for auditing and deleted the account and then enabled it? no one knows how this account was deleted yet here it is in Deleted Objects... I'm a little nervous. Thanks for all your help On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: Sounds like the tree fell in the forest and nobody heard it :) Actually, now that you know the event id, you need to ensure that all DC's are logging it correctly and that the logs didn't wrap and overwrite that entry. Usually, that's the case, but you'll want to check. Al On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: It logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days. still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives? Thanks On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 1:23 PM To: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issue Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like audit directory service access as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
Tony I have 905915 Dec IE7 update loaded. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Tuesday, January 10, 2006 3:02 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Nope. The About dialog shows the version as 7.0.5270.9 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 12:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Thanks Darren. Are you running any IE7 hotfixes? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, 11 January 2006 6:22 a.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7.In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem?Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the
Re: [ActiveDir] Strange deleted object issue
I thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID. The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it. thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alot On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit.-Original Message-From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18To:ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueIt logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it.the security logs have not been cleared and are set to stay for 7 days.still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC.what gives?ThanksOn 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote:Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueYes.Thanks. I just have 2 issues.1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no?do i have to set some other security policy like audit directory service access as well?I figured account management should cover deleting a user object. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him?On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote:I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects.How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed.he's been witht the corp for 5 years and i was assured he always had an account. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:how do you know he's missing exactly?I mean, are you sure the account wasn't changed for example?Maybe renamed somehow? When you search, how are you searching exactly?On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote:I have this weird issue-A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD.I've checked the deleted objects container in AD with ldp and he is not in there as well.He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM.Sometime last nite this user was deleted but i have no way of finding him.we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that?where else can i look?Any help would be great because this is just plain bizzare.ThanksList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
I can confirm this behavior. Sincerely, Dèjì Akómöláfé, MCSE+M MCSA+M MCT Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of Tony Murray Sent: Mon 1/9/2006 6:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7. In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem? Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Scripting Issue.
You are welcome, Erik :) Sincerely, Dèjì Akómöláfé, MCSE+M MCSA+M MCT Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of Erik Brown Sent: Tue 1/10/2006 7:12 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Scripting Issue. Here is the solution that I found that works for me now. Thanks for all of your help. On Error Resume Next Const ADS_SCOPE_SUBTREE = 2 Set objConnection = CreateObject(ADODB.Connection) Set objCommand = CreateObject(ADODB.Command) objConnection.Provider = ADsDSOObject objConnection.Open Active Directory Provider Set objCommand.ActiveConnection = objConnection objCommand.Properties(Page Size) = 1000 objCommand.Properties(Searchscope) = ADS_SCOPE_SUBTREE objCommand.CommandText = _ SELECT Name FROM 'LDAP://dc=corp,dc=fcfs,dc=int' WHERE objectCategory='user' _ AND msNPAllowDialin = TRUE Set objRecordSet = objCommand.Execute objRecordSet.MoveFirst Do Until objRecordSet.EOF Wscript.Echo objRecordSet.Fields(Name).Value objRecordSet.MoveNext Loop Erik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Brown Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Scripting Issue. Excellent! Thanks for all of the responses. Not sure how I missed all of that in my search... Erik -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Monday, January 09, 2006 7:35 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Scripting Issue. Didn't like my answer in the Sunbelt group, eh? Server Data Objects are your portable way to do this, regardless of your domain mode (at least through Windows Server 2003). It wraps the MprAdminUserSetInfo and MprAdminUserGetInfo functions on both Windows 2000 and Windows 2003. For example, http://msdn.microsoft.com/library/en-us/sdo/sdo/changing_dial_in_setting s.asp I use SDO all over the place (unfortunately). Sub RasInfo (ByVal objWinNT, ByVal strServer, ByVal strName) Dim objWinUser Dim element, v, msg, str Dim objSDOMachine, objU Set objSDOMachine = CreateObject (IAS.SDOMachine) objSDOMachine.Attach (strServer) Set objWinUser = GetObject (WinNT:// strServer / strName ,user) Set objU = objSDOMachine.GetUserSDO (0, strName) msg = vbCrLf _ Name: objU.GetProperty (PROPERTY_SDO_NAME) vbCrLf _ Full name: objWinUser.Get (fullname) vbCrLf _ Description: objWinUser.Get (description) vbCrLf _ vbCrLf v = objU.getproperty (PROPERTY_USER_ALLOW_DIALIN) If IsEmpty (v) Then str = Control access through Remote Access Policy Else If v = True Then str = Allow access Else str = Deny access End If End If msg = msg Remote access permission: str vbcrlf Set v = Nothing ... ... ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erik Brown Sent: Monday, January 09, 2006 5:06 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Scripting Issue. I have a script that I run in an ASP page to list all RAS Users as a check to make sure that we don't have anyone with permissions that shouldn't have them. However, I'm finding now that we are migrating to W2k3 that this script doesn't work on 2k3. I read in a newsgroup that the RasPermissions in ADSI was removed due to security concerns. Is this correct? Is there another way to access this information via ADSI? Script is below Thanks, Erik Function ReportRasUsers() If DOM = Then DOM = corp strRasUsers=Table id= table1 cellspacing= 1 cellPadding= 1 width= 500 border= 1 strRasUsers=strRasUsers THUser Name/THTHFull Name/THTHRAS Type/TH Dim AccountObj,MachObj,PassAge,fs,fsOut,strRasUsers,strFN Set AccountObj = GetObject(WinNT://DOM) AccountObj.Filter = Array(User) For Each User In AccountObj Set UserObj = GetObject(WinNT:// DOM/ User.Name) Ras=UserObj.get(RasPermissions) strFN=UserObj.get(FullName) If Ras=9 Then strRasUsers=strRasUsers TRTD User.Name /TDTD strFN /TDTDNo Dial Back/TD/TR ElseIf Ras=10 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD bgcolor= Red strFN /TDTD bgcolor= Red Dial Back Enabled/TD/TR ElseIf Ras=12 Then strRasUsers=strRasUsers TRTD bgcolor= Red User.Name /TDTD
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
LOL! From what I can determine the problem only occurs with IE7 browsers running on XP. IE7 on Vista seems to be ok. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, 11 January 2006 11:03 a.m. To: ActiveDir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Just a notion. Perhaps IE7 does not like the american date format of the website that the rest of the world is unsure about until the 13th of the month. -Original Message- From: Darren Mar-Elia [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 13:01:59 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Nope. The About dialog shows the version as 7.0.5270.9 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 12:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Thanks Darren. Are you running any IE7 hotfixes? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, 11 January 2006 6:22 a.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7. In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem? Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not
Re: [ActiveDir] Strange deleted object issue
I am sure he showed me in a seminar how to do this and it was pre w2k. -Original Message- From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 17:03:11 To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue I thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID. The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it. thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alot On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit. -Original Message- From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18 To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue It logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days. still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives? Thanks On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like audit directory service access as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive:
Re: [ActiveDir] Strange deleted object issue
If I recall, he reset the permissions on the ou/container which holds the deleted objects then you could query it with out reanimating anything. -Original Message- From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 17:03:11 To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue I thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID. The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it. thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alot On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit. -Original Message- From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18 To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue It logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days. still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives? Thanks On 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote: Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue Yes. Thanks. I just have 2 issues. 1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no? do i have to set some other security policy like audit directory service access as well? I figured account management should cover deleting a user object. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed. he's been witht the corp for 5 years and i was assured he always had an account. Thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: how do you know he's missing exactly? I mean, are you sure the account wasn't changed for example? Maybe renamed somehow? When you search, how are you searching exactly? On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I have this weird issue- A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects container in AD with ldp and he is not in there as well. He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM. Sometime last nite this user was deleted but i have no way of finding him. we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that? where else can i look? Any help would be great because this is just plain bizzare. Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ:
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
Well I can verify that IE7 for XP IE7 on Vista. Not only are the product versions different, but also the functionality is different. Like RSS feeds, etc. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 4:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir LOL! From what I can determine the problem only occurs with IE7 browsers running on XP. IE7 on Vista seems to be ok. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, 11 January 2006 11:03 a.m. To: ActiveDir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Just a notion. Perhaps IE7 does not like the american date format of the website that the rest of the world is unsure about until the 13th of the month. -Original Message- From: Darren Mar-Elia [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 13:01:59 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Nope. The About dialog shows the version as 7.0.5270.9 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 12:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Thanks Darren. Are you running any IE7 hotfixes? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, 11 January 2006 6:22 a.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7. In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem? Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
Also in InstallShield 10.5 and 11.0 IDE, the property tables are blank. IS says this is due to IE7. So if you figure out what the issue is, then it's for more than just ActiveDir.org :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 4:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir LOL! From what I can determine the problem only occurs with IE7 browsers running on XP. IE7 on Vista seems to be ok. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, 11 January 2006 11:03 a.m. To: ActiveDir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Just a notion. Perhaps IE7 does not like the american date format of the website that the rest of the world is unsure about until the 13th of the month. -Original Message- From: Darren Mar-Elia [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 13:01:59 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Nope. The About dialog shows the version as 7.0.5270.9 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 12:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Thanks Darren. Are you running any IE7 hotfixes? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, 11 January 2006 6:22 a.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7. In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem? Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ:
RE: [ActiveDir] [List Owner] IE7 and ActiveDir
Thanks Rich. Yeah, I'm pretty sure it's a IE7 bug, rather than anything on ActiveDir. I'd just be interested to find out what it is about the pages on ActiveDir that cause this behaviour. Other sites don't appear to be affected in the same way. Perhaps someone on the IE team has something against ActiveDir :-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Wednesday, 11 January 2006 12:24 p.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Also in InstallShield 10.5 and 11.0 IDE, the property tables are blank. IS says this is due to IE7. So if you figure out what the issue is, then it's for more than just ActiveDir.org :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 4:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir LOL! From what I can determine the problem only occurs with IE7 browsers running on XP. IE7 on Vista seems to be ok. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, 11 January 2006 11:03 a.m. To: ActiveDir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Just a notion. Perhaps IE7 does not like the american date format of the website that the rest of the world is unsure about until the 13th of the month. -Original Message- From: Darren Mar-Elia [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 13:01:59 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Nope. The About dialog shows the version as 7.0.5270.9 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Tuesday, January 10, 2006 12:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Thanks Darren. Are you running any IE7 hotfixes? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Wednesday, 11 January 2006 6:22 a.m. To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir I'm running IE7 from Vista build 5270 and activedir.org looks fine. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Sent: Tuesday, January 10, 2006 8:53 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] [List Owner] IE7 and ActiveDir Still looks blank using IE7 Cheers On 1/10/06, Rich Milburn [EMAIL PROTECTED] wrote: I just checked it, at 8:38 AM and at 8:35 AM, Central time. Rich Oh and it was blank. --- Rich Milburn MCSE, Microsoft MVP - Directory Services Sr Network Analyst, Field Platform Development Applebee's International, Inc. 4551 W. 107th St Overland Park, KS 66207 913-967-2819 -- I love the smell of red herrings in the morning - anonymous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Rolling Sent: Monday, January 09, 2006 8:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [List Owner] IE7 and ActiveDir Tony, Do you have a date when this person using IE7. I want to check the logs on the server to see if your site was sending the content. David Rolling President www.infovue.net On the Plains of Hesitation, Bleach the Bones of Countless Millions Who, at the Dawn of Victory, Sat Down to Wait and Waiting Died = -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Monday, January 09, 2006 9:10 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] [List Owner] IE7 and ActiveDir I've had a report that ActiveDir.org appearswellempty when viewed with IE7. In other words, the pages load without errors but no content is visible. Has anyone else experienced this problem? Just trying to gather some more detail. Tony www.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and
Re: [ActiveDir] Site link connection not created
All sites are bridged by default The Bridge all site links box is checked by default on the IP Inter-site transport object, so those site are getting replication transitively. Is that your concern? On 1/10/06, Harding, Devon [EMAIL PROTECTED] wrote: Yes, I know that. What I'm saying, is that if I manually create a CO from Site A to Site B, the KCC then knows about Site C, Site D Site E. But, even though there is a physical connection (FR), and all ports are open from Site A Site B, the CO doesn't get created automatically. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Almeida Pinto, Jorge deSent: Tuesday, January 10, 2006 4:12 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Site link connection not created Devon , Trying to understand what you are saying... Not succeeding though... If you created a CO manually the KCC will never touch that CO. Is that what you want to know? Jorge From: [EMAIL PROTECTED] on behalf of Harding, Devon Sent: Tue 2006-01-10 21:50To: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Site link connection not created What would cause a site link connection from two sites not to automatically create? If I manually create the connection, the KCC updates with the correct info about other sites, but for some reason it's not automatically creating the connection. What ports are required for automatic creation? Devon Harding Windows Systems Engineer Southern Wine Spirits - BSG 954-602-2469 __This message and any attachments are solely for the intendedrecipient and may contain confidential or privileged information.If you are not the intended recipient, any disclosure, copying, use or distribution of the information included in the message and anyattachments is prohibited. If you have received this communicationin error, please notify us by reply e-mail and immediately andpermanently delete this message and any attachments. Thank You.
Re: [ActiveDir] Site link connection not created
Have you seen this already? It's a nice explanation of the process. http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/adsrv.mspx#EEAA On 1/10/06, Harding, Devon [EMAIL PROTECTED] wrote: Yes, I know that. What I'm saying, is that if I manually create a CO from Site A to Site B, the KCC then knows about Site C, Site D Site E. But, even though there is a physical connection (FR), and all ports are open from Site A Site B, the CO doesn't get created automatically. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Almeida Pinto, Jorge deSent: Tuesday, January 10, 2006 4:12 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Site link connection not created Devon , Trying to understand what you are saying... Not succeeding though... If you created a CO manually the KCC will never touch that CO. Is that what you want to know? Jorge From: [EMAIL PROTECTED] on behalf of Harding, Devon Sent: Tue 2006-01-10 21:50To: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Site link connection not created What would cause a site link connection from two sites not to automatically create? If I manually create the connection, the KCC updates with the correct info about other sites, but for some reason it's not automatically creating the connection. What ports are required for automatic creation? Devon Harding Windows Systems Engineer Southern Wine Spirits - BSG 954-602-2469 __This message and any attachments are solely for the intendedrecipient and may contain confidential or privileged information.If you are not the intended recipient, any disclosure, copying, use or distribution of the information included in the message and anyattachments is prohibited. If you have received this communicationin error, please notify us by reply e-mail and immediately andpermanently delete this message and any attachments. Thank You.
Re: [ActiveDir] Strange deleted object issue
Stopped logging the events? How so? You mention that each DC has a log of similar events going back daysand that it handles the events now when you test it. How did it selectively not log one account being deleted? Is it possible it was done prior to the dates you're looking at? Is it possible the event logs were cleared during the time that it occurred? Is it possible you have to go to tape backup to see the event? I'm having a hard time believing it would selectively not log the event. Also, if you're logging for everything (I can't tell what you're auditing for from here of course) then are you logging for GPO changes? You would see a change in the log at that time if somebody messed with the audit policy. I'm having a hard time believing something occured without a security context at that point in time. If you have not already, save off all logs before they get overwritten. You may need them later. :) Also, since you have a time stamp of the time it was changed (you do don't you?) then you shouold be able to focus on those times across all DC's to see exactly what was going on at that time. Al On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID. The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it. thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alot On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit.-Original Message-From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issueIt logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days.still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives?ThanksOn 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote:Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueYes.Thanks. I just have 2 issues.1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no?do i have to set some other security policy like audit directory service access as well?I figured account management should cover deleting a user object. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him?On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote:I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects. How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed.he's been witht the corp for 5 years and i was assured he always had an account. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:how do you know he's missing exactly?I mean, are you sure the account wasn't changed for example?Maybe renamed somehow? When you search, how are you searching exactly?On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote:I have this weird issue-A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD. I've checked the deleted objects
Re: [ActiveDir] Strange deleted object issue
I'm saying all dc's are logging security events for days but none have a log of object deletion or creation. EVER, except- just a few hrs ago when i created/deleted a test user was the first time i saw such a log(eventid 630). before that time, there were only logon security events even though Audit account management had been set months ago. and auditing for Everyone for acoount creation/deletion had also been set up. the timestamp of the object deletion was last nite(1/9 at 8:42pm). However this has not been recorded on any dc in the domain. i never set up auditing for policy changes so i would never know if someone changed the gpo and deleted the account and then turned it back on. I find it strange and unreasonable that you would have auditing set up for account management and not see a log when an account had been deleted or created either. thats why i'm thinking something more troublesome is going on(like someone changing the policy). I don't know what else to think thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: Stopped logging the events? How so? You mention that each DC has a log of similar events going back daysand that it handles the events now when you test it. How did it selectively not log one account being deleted? Is it possible it was done prior to the dates you're looking at? Is it possible the event logs were cleared during the time that it occurred? Is it possible you have to go to tape backup to see the event? I'm having a hard time believing it would selectively not log the event. Also, if you're logging for everything (I can't tell what you're auditing for from here of course) then are you logging for GPO changes? You would see a change in the log at that time if somebody messed with the audit policy. I'm having a hard time believing something occured without a security context at that point in time. If you have not already, save off all logs before they get overwritten. You may need them later. :) Also, since you have a time stamp of the time it was changed (you do don't you?) then you shouold be able to focus on those times across all DC's to see exactly what was going on at that time. Al On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID. The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it. thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alot On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit.-Original Message-From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issueIt logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days.still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC. what gives?ThanksOn 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote:Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueYes.Thanks. I just have 2 issues.1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects 2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no?do i have to set some other security policy like audit directory service access as well?I figured account management should cover deleting a user object. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I
Re: [ActiveDir] Strange deleted object issue
that wont work. You have to restore(reanimate) the object from the Deleted Objects container back into AD to run repadmin /showmeta GUID. otherwise it won't work. i could be wrong.. Besides this won't help me figure out who deleted it or why the audit wasn't logged. p.s.- i have the Forestry book and think its great and well worth the hefty price. On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: If I recall, he reset the permissions on the ou/container which holds the deleted objects then you could query it with out reanimating anything. -Original Message-From: Tom Kern [EMAIL PROTECTED]Date: Tue, 10 Jan 2006 17:03:11To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issueI thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID.The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it.thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alotOn 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit.-Original Message-From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18To:ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueIt logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it.the security logs have not been cleared and are set to stay for 7 days.still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC.what gives?ThanksOn 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote:Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueYes.Thanks. I just have 2 issues.1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no?do i have to set some other security policy like audit directory service access as well?I figured account management should cover deleting a user object. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him?On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote:I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects.How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed.he's been witht the corp for 5 years and i was assured he always had an account. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:how do you know he's missing exactly?I mean, are you sure the account wasn't changed for example?Maybe renamed somehow? When you search, how are you searching exactly?On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote:I have this weird issue-A user object is missing from my win2k native mode domain. I know because this user has complained that he can't log in and i can't find the object anywhere in AD.I've checked the deleted objects container in AD with ldp and he is not in there as well.He's not in the Lost and Found container either. His exchange mailbox is oprhaned in ESM.Sometime last nite this user was deleted but i have no way of finding him.we don't have auditing turned on for that but i figured if an object was deleted it would definetely be in the deleted objects container. is there anyway to bypass that?where else can i look?Any help would be great because this is just plain
[ActiveDir] ADAM SP1
This was posted in the AD newsgroup earlier today. The Directory Services team is glad to announce the release of Service Pack 1 (SP1) for Active Directory Application Mode (ADAM) for the English language, to Microsoft Download Center. The download section of ADAM Technology center (www.microsoft.com/adam) now points to this download. The package listed here is the integrated package which directly installs ADAM Service Pack 1 for new installations and upgrades existing ADAM installations to Service Pack 1. ADAM SP1 packages in other localized languages will be available shortly and will be released to the web, whenever it becomes available. Note that ADAM Service Pack 1 is not available for Itanium-based systems. In ADAM SP1, we have added significant number of new features, based on customer feedback: Ø Active Directory to ADAM Synchronizer tool. Ø ADAM users can bind to an ADAM instance by using Digest authentication. Ø Active Directory Schema Analyzer tool. Ø Newer version of LDP tool with ACL editor Ø Password chaining to AD users through ADAM proxy objects. Ø Users can be created in the configuration partition so that ADAM users can be ADAM administrators. We invite you to download ADAM SP1 and forward us any feedback on the product. Your ongoing feedback has been invaluable to Microsoft and has made significant improvements in the product. Thank you. Directory Services Team This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank you. Please note that this communication does not designate an information system for the purposes of the Electronic Transactions Act 2002.
RE: [ActiveDir] Strange deleted object issue
I'm not sure about W2K, but in 2003 I look at the metadata of objects in the deleted objects container all the time to see which DC performed the last write. If you could get that info, wouldn'tit help you to focus on one DC? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tom KernSent: Tuesday, January 10, 2006 7:24 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issue that wont work. You have to restore(reanimate) the object from the Deleted Objects container back into AD to run repadmin /showmeta GUID. otherwise it won't work. i could be wrong.. Besides this won't help me figure out who deleted it or why the audit wasn't logged. p.s.- i have the Forestry book and think its great and well worth the hefty price. On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: If I recall, he reset the permissions on the ou/container which holds the deleted objects then you could query it with out reanimating anything. -Original Message-From: Tom Kern [EMAIL PROTECTED]Date: Tue, 10 Jan 2006 17:03:11To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issueI thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID.The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it.thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alotOn 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit.-Original Message-From: Tom Kern [EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18To:ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueIt logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it.the security logs have not been cleared and are set to stay for 7 days.still i know a user account ended up in the deleted objects container with a whenChanged date of 20060109202458. someone/thing must have deleted it and there is no entry in the event logs of any DC.what gives?ThanksOn 1/10/06, Coleman, Hunter [EMAIL PROTECTED] wrote:Create a user account, then delete it. Note which DC you're connected to for the delete, then check the security log on that DC. Look at all of the events around the time you deleted the account so that you'll know what is actually getting logged. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tom Kern Sent: Tuesday, January 10, 2006 1:23 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Strange deleted object issueYes.Thanks. I just have 2 issues.1. I don't understand why i get that error in ldp when i enter the oid control for deleted objects2. Most importantly, i had audit account management enabled for sucess and failure on my domain controllers ou and auditing enabled for everyone for everything on the entire domain object, yet when i use evencombMT to scan for an event id 630 in the security log, i get nothing. this account was deleted last nite so something should show up with this auditing enabled, no?do i have to set some other security policy like audit directory service access as well?I figured account management should cover deleting a user object. ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:I've deleted the rest of the thread already, but did you not already say you found him in the deleted items using ADFIND -showdel? Or did I misread that and you're still looking for him?On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote:I'm just using ADUC and searching by sAMAccountName. With LDP, i'm looking in Deleted Objects container but this company never deletes users accounts, just disables them indefinetly so all i see in that container are linkTrackOMTEntry objects.How can i see if the user was renamed? I got a call from help desk that this user couldn't log in and they couldn't find him in AD using ADUC which i confirmed.he's been witht the corp for 5 years and i was assured he always had an account.ThanksOn 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote:how do you know he's missing exactly?I mean, are you sure the account wasn't changed for example?Maybe renamed somehow?
RE: [ActiveDir] Strange deleted object issue
Tom- Account Management auditing is on or off. What are yout talking about that it's on for Everyone. You know it would help if you woked on the simple things like capitalization, spelling, and sentence structure. I find I have to read your messages two or three times and really while I enjoy reading and replying to everythign on this list, I tend to feel like my time is being wasted if I have to read a message multiple times to understand it. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] on behalf of Tom Kern Sent: Tue 1/10/2006 9:39 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue I'm saying all dc's are logging security events for days but none have a log of object deletion or creation. EVER, except- just a few hrs ago when i created/deleted a test user was the first time i saw such a log(eventid 630). before that time, there were only logon security events even though Audit account management had been set months ago. and auditing for Everyone for acoount creation/deletion had also been set up. the timestamp of the object deletion was last nite(1/9 at 8:42pm). However this has not been recorded on any dc in the domain. i never set up auditing for policy changes so i would never know if someone changed the gpo and deleted the account and then turned it back on. I find it strange and unreasonable that you would have auditing set up for account management and not see a log when an account had been deleted or created either. thats why i'm thinking something more troublesome is going on(like someone changing the policy). I don't know what else to think thanks On 1/10/06, Al Mulnick [EMAIL PROTECTED] wrote: Stopped logging the events? How so? You mention that each DC has a log of similar events going back days and that it handles the events now when you test it. How did it selectively not log one account being deleted? Is it possible it was done prior to the dates you're looking at? Is it possible the event logs were cleared during the time that it occurred? Is it possible you have to go to tape backup to see the event? I'm having a hard time believing it would selectively not log the event. Also, if you're logging for everything (I can't tell what you're auditing for from here of course) then are you logging for GPO changes? You would see a change in the log at that time if somebody messed with the audit policy. I'm having a hard time believing something occured without a security context at that point in time. If you have not already, save off all logs before they get overwritten. You may need them later. :) Also, since you have a time stamp of the time it was changed (you do don't you?) then you shouold be able to focus on those times across all DC's to see exactly what was going on at that time. Al On 1/10/06, Tom Kern [EMAIL PROTECTED] wrote: I thought to do that you first have to reanimate the object from the Deleted Objects container before you can search on the GUID. The deletion occured in a Win2k forest. I think what you are talking about you can only do in a WIn2k3 DFL forest. Besides, that will only tell me the DC and time the isDeleted attrib was set. It wont tell me the user or process that deleted it. thats what i really need and as my DC's seem to mysteriously stopped logging event id 630 or 565, i'm screwed. thanks alot On 1/10/06, Mark Parris [EMAIL PROTECTED] wrote: Use repadmin to check the objects metadata, can usually find the DC where the deletion occured and also who did it. The Active Directory forestry book by john craddock is an excellent resource for this type of AD audit. -Original Message- From: Tom Kern [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Date: Tue, 10 Jan 2006 15:53:18 To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Strange deleted object issue It logged the creation/deletion. My question is- i've always had this policy set and yet an account got deleted last nite and i can't find any record of it. the security logs have not been cleared and are set to stay for 7 days. still i know a user
[ActiveDir] Refreshing Client's cached DNS entries via script or something
We are in the process of Re-IPing our whole network and we are facing the following issue. When we re-ip a server, the clients have problems connecting to the server unless we do an IPCONFIG /FLUSHDNS on the client. The question is: Is there a way to create a script or something to put on the log on script to automatically do this at log on? Thanks, Juan
RE: [ActiveDir] Refreshing Client's cached DNS entries via script or something
Is there a reason why you cant just put an ipconfig/flushdns into the login script? :) You can also disable the DNS cache altogether by stopping the DNS CLIENT service. Be aware that doing so also causes your clients to generate more DNS resolver traffic. Stopping and restarting the service also clears the cache but why bother doing in two steps what can be done in one? You can also run into problems with caches on the DNS servers themselves, at least the ones that arent authoritative for the server name, so its not always fixable at the client. Anything you put in the login script (short of turning off the cache) isnt going to help if a servers address changes during someones session. Only by turning off the cache completely can you avoid that problem. Wook From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ibarra, Juan Sent: Tuesday, January 10, 2006 8:37 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Refreshing Client's cached DNS entries via script or something We are in the process of Re-IPing our whole network and we are facing the following issue. When we re-ip a server, the clients have problems connecting to the server unless we do an IPCONFIG /FLUSHDNS on the client. The question is: Is there a way to create a script or something to put on the log on script to automatically do this at log on? Thanks, Juan
[ActiveDir] OT: Prob not relevant here ...but -implement system policies in non AD
How to implement system policies for Windows XP-based, Windows 2000-based, and Windows Server 2003-based client computers in non-Active Directory environments: http://support.microsoft.com/?kbid=910203 List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Site link connection not created
Still not clear... Explain what you mean with is that if I manually create a CO from Site A to Site B, the KCC then knows about Site C, Site D Site E Explain what you mean with even though there is a physical connection (FR), and all ports are open from Site A Site B, the CO doesn't get created automatically And if a CO already exists (manually created) there would be no need to create an auto generated one Jorge From: [EMAIL PROTECTED] on behalf of Harding, Devon Sent: Tue 2006-01-10 23:28 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Site link connection not created Yes, I know that. What I'm saying, is that if I manually create a CO from Site A to Site B, the KCC then knows about Site C, Site D Site E. But, even though there is a physical connection (FR), and all ports are open from Site A Site B, the CO doesn't get created automatically. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Tuesday, January 10, 2006 4:12 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Site link connection not created Devon, Trying to understand what you are saying... Not succeeding though... If you created a CO manually the KCC will never touch that CO. Is that what you want to know? Jorge From: [EMAIL PROTECTED] on behalf of Harding, Devon Sent: Tue 2006-01-10 21:50 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Site link connection not created What would cause a site link connection from two sites not to automatically create? If I manually create the connection, the KCC updates with the correct info about other sites, but for some reason it's not automatically creating the connection. What ports are required for automatic creation? Devon Harding Windows Systems Engineer Southern Wine Spirits - BSG 954-602-2469 __ This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use or distribution of the information included in the message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank You. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. winmail.dat