RE: [ActiveDir] Exchange Log files --Disk Full--
Are you running full (AKA normal) backups every night? It seems not. Use NTBackup to backup to disk (obviously, you'll need a disk with over 120GB of available space) and then use whatever normal program you use to back that backup onto tape. This will keep you running until you sort out why your normal backup software isn't flushing the logs when the backup completes. How are you currently running backups? What software is in use? Are you sure it's Exchange aware? Are you doing brick level backups or copy backups instead of a full backup? Neither will flush the logs. I'd resolve this as quickly as possible, because if you are in a situation where you have to replay the logs, you're NOT going to be a happy camper. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Technical SupportSent: Thursday, October 26, 2006 11:09 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Exchange Log files --Disk Full-- Hi All, Kindly suggest, what i can do about my Exchange Log files? I have about 120 GB Log files for past 4 months. I havea few doubts:- Do i really need all those log files? If yes, Then how is it possible to manage with this as i have a very limited space left. Can i delete these log files? Backup doesnt remove these log files? i am really running out of space on my Exchange log storage drive. Thanks!!! Ravi
RE: [ActiveDir] OT: TechED 2007
retch I'm SOOO sick of conferences in Florida. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Thursday, October 19, 2006 4:29 AM To: ActiveDir.org Subject: [ActiveDir] OT: TechED 2007 It's Florida ! Regards, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
Re: [ActiveDir] OT: e-mail archiving systems
Absolutely. :) - Original Message - From: Rick Kingslan [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Sunday, May 08, 2005 12:41 PM Subject: RE: [ActiveDir] OT: e-mail archiving systems :o) Good to hear from you, Missy. Even if it was meant to be a private message to Deji. Keep in touch, would you? Rick Kingslan MCSE, MCSA, MCT, CISSP Microsoft MVP: Windows Server / Directory Services Windows Server / Rights Management Windows Security (Affiliate) Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone WebLog - www.msmvps.com/willhack4food -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Missy Koslosky Sent: Friday, May 06, 2005 11:31 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: e-mail archiving systems Whoops. - Original Message - From: Missy Koslosky [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, May 06, 2005 11:03 PM Subject: Re: [ActiveDir] OT: e-mail archiving systems Hey Deji, Read your post with interest. Don't know if you've heard or not, but I joined Quest Software as a product manager in their Exchange Solutions group earlier this year. Archive Manager, our archiving product, is my responsibility. This naturally means I'm always interested in competitive information, and on what people want to see that they're not seeing - what you love and hate. If you'd ever like to spill your guts (and I shan't quote you), I'd love to hear what you have to say. Hope all is well and that we'll get to see each other at the Summit -- or maybe even TechEd -- are you going to either? both? Best, Missy - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, May 06, 2005 2:40 PM Subject: RE: [ActiveDir] OT: e-mail archiving systems I can only speak to KVS, and I can not say what I think of them in such a decorous forum. If you do get to speak with them in the course of your evaluation (you are going to do a thorough eval, right?), be sure to ask them what happens if you run out of room on a vault and you want your users to clean out their items to make more room. Remember to ask what happens when you are doing hardware refresh and you need your users to move stuff from their offline vault on their old computers to their offline vault on their new computer. Remember to ask them about the unique behavior of the online vault when you need to replace the vault itself or when you want to add additional vaults and split your users across multiple vaults. I'm out of here. Sincerely, Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of Carerros, Charles Sent: Fri 5/6/2005 12:03 PM To: 'ActiveDir@mail.activedir.org' Subject: [ActiveDir] OT: e-mail archiving systems My company is currently review some archiving apps and I was wondering if anyone has any news to share (good or bad on them) excusing my spelling if I get them wrong. KVS (from Veritas) Convault Legato Mail Extender\File Extender Thanks, Charlie List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] OT: e-mail archiving systems
Whoops. - Original Message - From: Missy Koslosky [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, May 06, 2005 11:03 PM Subject: Re: [ActiveDir] OT: e-mail archiving systems Hey Deji, Read your post with interest. Don't know if you've heard or not, but I joined Quest Software as a product manager in their Exchange Solutions group earlier this year. Archive Manager, our archiving product, is my responsibility. This naturally means I'm always interested in competitive information, and on what people want to see that they're not seeing - what you love and hate. If you'd ever like to spill your guts (and I shan't quote you), I'd love to hear what you have to say. Hope all is well and that we'll get to see each other at the Summit -- or maybe even TechEd -- are you going to either? both? Best, Missy - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, May 06, 2005 2:40 PM Subject: RE: [ActiveDir] OT: e-mail archiving systems I can only speak to KVS, and I can not say what I think of them in such a decorous forum. If you do get to speak with them in the course of your evaluation (you are going to do a thorough eval, right?), be sure to ask them what happens if you run out of room on a vault and you want your users to clean out their items to make more room. Remember to ask what happens when you are doing hardware refresh and you need your users to move stuff from their offline vault on their old computers to their offline vault on their new computer. Remember to ask them about the unique behavior of the online vault when you need to replace the vault itself or when you want to add additional vaults and split your users across multiple vaults. I'm out of here. Sincerely, Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I Microsoft MVP - Directory Services www.readymaids.com - we know IT www.akomolafe.com Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: [EMAIL PROTECTED] on behalf of Carerros, Charles Sent: Fri 5/6/2005 12:03 PM To: 'ActiveDir@mail.activedir.org' Subject: [ActiveDir] OT: e-mail archiving systems My company is currently review some archiving apps and I was wondering if anyone has any news to share (good or bad on them) excusing my spelling if I get them wrong. KVS (from Veritas) Convault Legato Mail Extender\File Extender Thanks, Charlie List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Excahnge suggestion
I joined, so I imagine I'll see soon. :) - Original Message - From: Lara, Greg [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, November 15, 2004 10:44 AM Subject: RE: [ActiveDir] Excahnge suggestion The msexchange.org list is quite active, I assure you. Greg Lara --- This e-mail message may contain privileged, confidential and/or proprietary information intended only for the person(s) named. If you are not the intended recipient, please destroy this message, and any attachments, and notify the sender by return e-mail. If you are not the intended recipient(s), or the employee or agent responsible for delivering the message to the intended recipient(s), you are hereby notified that any dissemination, disclosure or copying of this communication is strictly prohibited. --- -Original Message- From: Missy Koslosky [mailto:[EMAIL PROTECTED] Sent: Sunday, November 14, 2004 10:53 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Excahnge suggestion The old msexchange.org list is dead, kinda. It moved to swynk.com, then to internet.com, and can be subbed to at http://e-newsletters.internet.com/discussionlists.html/. I haven't checked to see if msexchange.org (new owners) have a list or not, but if they do, I'll sub there too. The best Exchange 2000/Exchange 2003 lists I'm on are run through yahoogroups, and hosted by Martin Tuip, an Exchange MVP. http://groups.yahoo.com/group/Exchange2000/ and http://groups.yahoo.com/group/exchange-2003/. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Excahnge suggestion
The old msexchange.org list is dead, kinda. It moved to swynk.com, then to internet.com, and can be subbed to at http://e-newsletters.internet.com/discussionlists.html/. I haven't checked to see if msexchange.org (new owners) have a list or not, but if they do, I'll sub there too. The best Exchange 2000/Exchange 2003 lists I'm on are run through yahoogroups, and hosted by Martin Tuip, an Exchange MVP. http://groups.yahoo.com/group/Exchange2000/ and http://groups.yahoo.com/group/exchange-2003/. Missy - Original Message - From: Oluwaseyi Owoeye [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, November 12, 2004 12:22 PM Subject: RE: [ActiveDir] Excahnge suggestion The best exchange list on the web till date http://www.MSExchange.org/ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Gilbert Sent: Friday, November 12, 2004 6:55 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Excahnge suggestion Can this list suggest a good Exchange 2000/2003 list? I am now being tasked with providing Exchange 2003 support and hope to find an Exchange list that can provide the same high quality support, suggestions, and advise as this list. Daniel List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Exchange OT:
Title: [ActiveDir] Trusting Domain SIDs There are so many dependencies here that it's tough to guess. If you're looking at using PowerControls (or something similar), I'd ask the vendor if they'd done any benchmarking. Otherwise, double the length of time your backups take for a WAG. - Original Message - From: Blair, James To: [EMAIL PROTECTED] Sent: Sunday, October 24, 2004 4:59 PM Subject: RE: [ActiveDir] Exchange OT: Sorry I should have been more specific: Lets say there is no way that the database will fire up again and that you have to utilize a recovery tool such as Ontrack PowerControls to recover every mailbox independently from a restored database to an alternate mail server. This is of course a worst case scenario. James From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert BobelSent: Monday, 25 October 2004 2:36 AMTo: [EMAIL PROTECTED]; [EMAIL PROTECTED]Subject: RE: [ActiveDir] Exchange OT: Using what method? Bob From: [EMAIL PROTECTED] on behalf of Blair, JamesSent: Sun 10/24/2004 9:11 AMTo: [EMAIL PROTECTED]Subject: Exchange OT: Toto the amazinly diverse audience out there: I am putting together a disaster recovery procedure and was wondering how long it would take to restore mailboxes directly from the database to an aleternate e-mail server. Is there any baselines out there or does anyone have any personal experience? Lets say database is 40GB... James
Re: [ActiveDir] OT: Exchange archiving
http://www.microsoft.com/exchange/evaluation/compliance.aspincludes infromation about several archiving products that integrate with Exchange. - Original Message - From: Passo, Larry To: [EMAIL PROTECTED] Sent: Thursday, June 24, 2004 11:42 AM Subject: [ActiveDir] OT: Exchange archiving Since there have been several Exchange topics here recently, I wanted to ask another question. Im looking for an add-on for Microsoft Exchange 2000 that can automatically archive emails based on a list of keywords. Archiving should be automatic for all in-bound or out-bound traffic. TIA
Re: [ActiveDir] OT: Exchange 2003 SP1 documentation
It's my understanding that this information will be released ASAP. I know that it was definitely in the works last night. Missy Koslosky Exchange MVP - Original Message - From: Michael Wassell To: [EMAIL PROTECTED] Sent: Thursday, May 27, 2004 4:14 PM Subject: [ActiveDir] OT: Exchange 2003 SP1 documentation Has anyone managed to find complete documentation of all of the changes made with Exchange 2003 SP1? The release notes fall short of mentioning exactly what updates/changes were made although I have looked briefly and there seems to be more control available to the user through OWA (Options category) and the icons shown in System Manager seem to have been sharpened (:-P). The issue with Exchange services hanging during a shutdown without being stopped beforehand still seems to be a problem so I guess the hopes for a resolve are still "pending". As far as interface changes I can't imagine much more has been changed, but possibly a list of hot fixes which were previously unpublished except maybe to MVP's? Any idea? Although, the package is 100mb~ and it did take a few minutes to complete the update procedures which required stopping all Exchange, IISand related services (including third-party components), all went well. TIA!
Re: [ActiveDir] Ad forest migration
Don't know of any gotchas offhand, but I haven't used it in production. Google is your friend. Aleta/Quest costs more, but there's definite value in their tools. Have you read the documentation? - Original Message - From: Kern, Tom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 25, 2004 11:23 AM Subject: RE: [ActiveDir] Ad forest migration any known gotchas(i know everything has gotchas) with admtv2,miis,and exchange migration wizard that i should be aware of from the get go? also, i assume going this route over Aleita/quest is the support and nice gui. and finally, how would i re-acl everyting on the servers in the new forest? any tool or script for that? thanks(lot of questions, i know. but i'll let you know how it went and if i crashed and burned my enterprise!!). -Original Message- From: Missy Koslosky [mailto:[EMAIL PROTECTED] Sent: Monday, May 24, 2004 10:58 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Ad forest migration The Exchange Migration Wizard. http://support.microsoft.com/default.aspx?scid=kb;en-us;328871 - Original Message - From: Kern, Tom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, May 24, 2004 7:13 PM Subject: RE: [ActiveDir] Ad forest migration i'm sorry if this is obvious but, whats a good exchange migration tool that comes with exchange2k/2k3? and how does it differ from using exmerge to migrate mailboxes to pst's and then import them into the new server/forest? thanks -Original Message- From: Mulnick, Al [mailto:[EMAIL PROTECTED] Sent: Mon 5/24/2004 5:07 PM To: '[EMAIL PROTECTED]' Cc: Subject: RE: [ActiveDir] Ad forest migration Probably wouldn't use exmerge in favor of Exchange migration tools included with Exchange. And it would be worth it to use Exchange 2003 (tools at least), but otherwise it can be done. Aelita is just nicer and easier to work with. Both work. al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Monday, May 24, 2004 4:24 PM To: ActiveDir (E-mail) Subject: [ActiveDir] Ad forest migration I'm on a serious budget and my IT dept doesn't have/want the money to spend on Alieta migration tools. we are looking to migrate our child domain into our own forest with exchange 2k and still synch our gals. how much hubris would it be to do most of this with free tools like ADMTv2,MIIS, and exmerge? am I insane? thanks List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ .+-w i 0g-+Yb mPi 0 -+b f.+-j! 0j! or yIV+v* List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Ad forest migration
Right. I was wondering why you'd asked about them - that'd been my impression. - Original Message - From: Kern, Tom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 25, 2004 2:48 PM Subject: RE: [ActiveDir] Ad forest migration For Quest? yes, they sound great and i'd love to use them but its just not in the budget. thanks -Original Message- From: Missy Koslosky [mailto:[EMAIL PROTECTED] Sent: Tuesday, May 25, 2004 1:11 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Ad forest migration Don't know of any gotchas offhand, but I haven't used it in production. Google is your friend. Aleta/Quest costs more, but there's definite value in their tools. Have you read the documentation? - Original Message - From: Kern, Tom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, May 25, 2004 11:23 AM Subject: RE: [ActiveDir] Ad forest migration any known gotchas(i know everything has gotchas) with admtv2,miis,and exchange migration wizard that i should be aware of from the get go? also, i assume going this route over Aleita/quest is the support and nice gui. and finally, how would i re-acl everyting on the servers in the new forest? any tool or script for that? thanks(lot of questions, i know. but i'll let you know how it went and if i crashed and burned my enterprise!!). -Original Message- From: Missy Koslosky [mailto:[EMAIL PROTECTED] Sent: Monday, May 24, 2004 10:58 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Ad forest migration The Exchange Migration Wizard. http://support.microsoft.com/default.aspx?scid=kb;en-us;328871 - Original Message - From: Kern, Tom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, May 24, 2004 7:13 PM Subject: RE: [ActiveDir] Ad forest migration i'm sorry if this is obvious but, whats a good exchange migration tool that comes with exchange2k/2k3? and how does it differ from using exmerge to migrate mailboxes to pst's and then import them into the new server/forest? thanks -Original Message- From: Mulnick, Al [mailto:[EMAIL PROTECTED] Sent: Mon 5/24/2004 5:07 PM To: '[EMAIL PROTECTED]' Cc: Subject: RE: [ActiveDir] Ad forest migration Probably wouldn't use exmerge in favor of Exchange migration tools included with Exchange. And it would be worth it to use Exchange 2003 (tools at least), but otherwise it can be done. Aelita is just nicer and easier to work with. Both work. al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Monday, May 24, 2004 4:24 PM To: ActiveDir (E-mail) Subject: [ActiveDir] Ad forest migration I'm on a serious budget and my IT dept doesn't have/want the money to spend on Alieta migration tools. we are looking to migrate our child domain into our own forest with exchange 2k and still synch our gals. how much hubris would it be to do most of this with free tools like ADMTv2,MIIS, and exmerge? am I insane? thanks List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ .+-w i 0g-+Yb mPi 0 -+b f.+-j! 0j! or yIV+v* List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ . .+-j! 0j! or yIV+v* List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Ad forest migration
The Exchange Migration Wizard. http://support.microsoft.com/default.aspx?scid=kb;en-us;328871 - Original Message - From: Kern, Tom [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, May 24, 2004 7:13 PM Subject: RE: [ActiveDir] Ad forest migration i'm sorry if this is obvious but, whats a good exchange migration tool that comes with exchange2k/2k3? and how does it differ from using exmerge to migrate mailboxes to pst's and then import them into the new server/forest? thanks -Original Message- From: Mulnick, Al [mailto:[EMAIL PROTECTED] Sent: Mon 5/24/2004 5:07 PM To: '[EMAIL PROTECTED]' Cc: Subject: RE: [ActiveDir] Ad forest migration Probably wouldn't use exmerge in favor of Exchange migration tools included with Exchange. And it would be worth it to use Exchange 2003 (tools at least), but otherwise it can be done. Aelita is just nicer and easier to work with. Both work. al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom Sent: Monday, May 24, 2004 4:24 PM To: ActiveDir (E-mail) Subject: [ActiveDir] Ad forest migration I'm on a serious budget and my IT dept doesn't have/want the money to spend on Alieta migration tools. we are looking to migrate our child domain into our own forest with exchange 2k and still synch our gals. how much hubris would it be to do most of this with free tools like ADMTv2,MIIS, and exmerge? am I insane? thanks List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] how many domain controllers ?
For Exchange, it's one GC processor to every 4 Exchange processors. - Original Message - From: joe [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, May 21, 2004 9:33 AM Subject: RE: [ActiveDir] how many domain controllers ? For production, never less than two. The max depends on your usage and your WAN configuration and network stability. If you have heavy usage due to apps like Exchange, you *may* need a couple of more. I think the calculation is one GC CPU per 2 Exchange CPUs or something like that? Though I am never a huge fan of just paper guessing, it may work for 80% of the places and you have one that doesn't fit that model. They don't know what else you are doing. If you have a WAN configuration with network connectivity that can drop (i.e. isn't guaranteed 100%) and you care about whether they work in a dropped state then you will need at least one per isolated location. If you have a single domain, make all DCs GCs. joe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Maple Sent: Friday, May 21, 2004 6:28 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] how many domain controllers ? Does anyone have a view about how many servers in a domain should be domain controllers. Should it be all of them - or only a few on each site ? Mike. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Why doesn't Rick post much anymore?
I don't monitor this list for a couple days, and *this* is what I come back to see? Interesting way to put things. :) - Original Message - From: joe [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, May 02, 2004 11:26 AM Subject: RE: [ActiveDir] Why doesn't Rick post much anymore? Actually I was wearing 7 stiletto's the whole time but in reality, Rick is considerably taller than I am. As you found, I am a just a small quiet coy simple white boy from the midwest. My issue is the company that I keep. :o) I spent over an hour in a bedroom on the top floor of the Westin with Missy... I will never be the same. :o) joe (who will be wearing a disguise next year...) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Monday, April 26, 2004 9:11 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Why doesn't Rick post much anymore? Actually, the real trick is that at 4'7, he's ths shortest of the four of us, and he knows he doesn't want to be on our bad side at next year's summit! -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Rick Kingslan [mailto:[EMAIL PROTECTED] Sent: Sunday, April 25, 2004 10:53 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Why doesn't Rick post much anymore? Some of you long timers on this list know that I've been a long time poster here. And, some might ask the question, Gee... Why doesn't Rick post anymore?. Interesting question, simple answer. Joe, Al, Roger You guys are big mouths and no one can get a word in edge-wise. Now, you all know the truth. Oh, and for those of you that know me, I'm totally kidding these three. Finally meeting all three at the MVP Summit this year was great. I am honored to know you guys, and learn much from you daily. Now, SHUT UP ALREADY!!! ;op Rick Kingslan MCSE, MCSA, MCT, CISSP Microsoft MVP: Windows Server / Directory Services Windows Server / Rights Management Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone WebLog - www.msmvps.com/willhack4food List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] OUs by server function?
Title: Message Hey! You're gonna get me in trouble, and Roger's a little bigger than I am! Missy - Original Message - From: Rick Kingslan To: [EMAIL PROTECTED] Sent: Sunday, November 02, 2003 4:13 PM Subject: RE: [ActiveDir] OUs by server function? And, Mr. Seielstad, who do you think I was speaking of? ;o) Missy and I submitted your name. It was a coordinated effort to corrupt you further. -rtk From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger SeielstadSent: Sunday, November 02, 2003 2:28 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OUs by server function? Um, yeah. Like me for instance. I've rarely posted to the Microsoft news groups, but I've been here for quite a while and some other public email lists for 6-7 years. Roger -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message-From: Rick Kingslan [mailto:[EMAIL PROTECTED] Sent: Saturday, November 01, 2003 4:33 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OUs by server function? Michael, Not necessarily where there is a Microsoft presence. There are some folks on this list who have been nominated and are now MVPs because of involvement here - not necessarily on the Public NGs. Participationon th public NGs is but one way. Community, and contributing to it is a many faceted thing. Remember, this ispeer recognition of excellence and professionalism - and not necessarily by a Microsoft peer. Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. SmithSent: Friday, October 31, 2003 1:50 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OUs by server function? Interesting. So people that are active on mailing lists where MS isn't present don't stand a chance? I need to resign from all these mailing lists and spend the time on newsgroups! :-) From: Tony Murray [mailto:[EMAIL PROTECTED] Sent: Friday, October 31, 2003 2:34 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OUs by server function? Michael Any tricks involving wine are welcomed, but Microsoft does have other criteria too: http://mvp.support.microsoft.com/default.aspx?scid=fh;EN-GB;mvpfaqs Tony From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]Sent: Freitag, 31. Oktober 2003 18:27To: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OUs by server function? What does one have to do to become an MVP? Does it involve parting bodies of water or turning them into wine? :-) Michael Parent MCSE MCTAnalyst I - Web Services ITOS - Systems EnablementMaritime Life Assurance Company(902) 453-7300 x3456 Rich Milburn [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 10/31/2003 12:16 PM Please respond to ActiveDir To:[EMAIL PROTECTED] cc: Subject: RE: [ActiveDir] OUs by server function?You're right, I was referring to WMI filtering. Thanks for the welcome, I've never seen so many MVPs in one place!! J I looked on winnetmag.com and didn't find it, I'll have a look for the hardcopy I read it in at home... Rich From: Tony Murray [mailto:[EMAIL PROTECTED] Sent: Friday, October 31, 2003 9:01 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OUs by server function? Rich Welcome to the list! If you have a link to the article, please post it. I'm sure others would be interested. Scope filtering using security groups is not new to 2003. You might be thinking of WMI filtering, which is new with XP/2003. The problem with scope filtering is (as you rightly point out) the reporting side of things. I'm not sure whether the GPMC includes anything for this or not, but if it does I haven't used it. The new scripting functions probably offer the ability to display the appropriate reports. My friend Matty Holland is something of a Group Policy guru and might be able to offer insight into this. Matty? Tony From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich MilburnSent: Freitag, 31. Oktober 2003 14:31To: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OUs by server function? I think Windows Mag (or .Net mag or I forget what it's called now!) had an article about using filters - they're new with 2003 right?
Re: [ActiveDir] DNS and Active Directory
So your private namespace wouldn't match your public namespace, right? I prefer this solution, so long as you take the time to carefully consider what namespace you'd use internally. Take the time to register the namespace you choose (so you'll need to use a registerable address, of course). This is simply so that if, in the future, you want to establish a trust with another entity, you can do so across the Internet. Missy - Original Message - From: Ellis, Debbie To: [EMAIL PROTECTED] Sent: Tuesday, July 22, 2003 10:46 AM Subject: [ActiveDir] DNS and Active Directory I am considering setting up an Active Directory namespace that does not mirror my DNS namespace and I would like to make sure it can be done and the downside to doing it this way.
Re: [ActiveDir] Windows 2000 Server as VPN
Check out http://www.microsoft.com/windows2000/techinfo/planning/incremental/vpndeploy .asp (http://tinyurl.com/exjm if that wraps) for information on setting up RRAS for VPN services. I'd use L2TP over PPTP. Missy - Original Message - From: Richard Sumilang [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, June 19, 2003 12:46 PM Subject: [ActiveDir] Windows 2000 Server as VPN Can Windows 2000 Server be used as a VPN? I briefly tried looking it up but most things I found where very vague. So basically what I want to do is open up a port on my router to forward to a VPN Server (Windows 2000 computer) that will give the user access to the network. Thanks Richard S. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Mixed to Native and Exchange 2000
I'd go with option 1 - the moving train (or whatever it's called these days). Tony Redmond write an article about this a few years ago that should be available in the archies of www.winnetmag.com somewhere. I do a lot of migrations, and this is the method we choose most of the time. Missy Koslosky - Original Message - From: Myrick, Todd (NIH/CIT) [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 31, 2003 2:55 PM Subject: [ActiveDir] Mixed to Native and Exchange 2000 I had a beef fillet marinade in Guinness this weekend, it was actually kind of sweet tasting. So I recommend that or a nice piece of buffalo filet marinade in Guinness for you AD Native Mode celebration. We converted to Native Mode last year on many of our AD Domains. Now is the pain of ADCing and In-place upgrading to Exchange 2000. Just for the record, how many of you all in-place upgraded your Exchange 5.5 Servers and org to Exchange 2000. I am really concerned about us doing this because we have Exchange 5.5 Servers with IS's in the 60 to 100 Gig range, and I feel if we have a problem doing an in-place upgrade on a server, we would have to do a disaster recovery of the server in a limited time window. In addition it will take us some time to get all the servers upgraded to 2000, and we will have some server consolidations to contend with. What has everyone elses experiences been doing this? Has in-place upgrading Exchange 5.5 servers with large IS been pretty non-eventful? I have heard from some people are doing the following when moving from Exchange 5.5 to 2000. 1. Setting up the RUS first, then standing up pure Windows 2000 Exchange 2000 servers in the site, and moving the mailboxes from the Exchange 5.5 servers to the Exchange 2000 servers. Tedious, but is easier to roll back a failed move. Takes forever to get to pure front-end/back-end solution. 2. doing Inter-org migrations by creating a New Exchange 2000 org, and migrating the accounts out of the Exchange 5.5 org into the new 2000 ORG. Allows the New Org to start out in Native Mode, and allows for refresh of Exchange Hardware. Problem seems to be third-party add-ins for Exchange like FAX Services, Blackberry, and Secure E-mail. There are workarounds for this though. Todd Myrick -Original Message- From: Sullivan, Kevin [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:26 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Mixed to Native Always a good Guinness! Easy! -Original Message- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:06 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Mixed to Native The worst part of the mixed to native mode conversion is picking which refreshing beverage you're going to enjoy when its done. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 5:49 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Mixed to Native Hi All, I've finally migrated my last remote office into my 2000 domain. All of my NT BDCs are gone and I'm 100% 2000 on the DCs I still have a couple offices on NT workstations. It's been some time since I've focussed on 2000 and can't remember if there are any gotchas with the move from mixed to native? I've read back through all my documentation/notes, but that no substitute to real worl experience... Can anyone offer some guidance? Thanks and BR, Rob Robert Rutherford MIS Department - DEK +44 (0)1305 208232 +44 (0)7970 122362 This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List
Re: [ActiveDir] Nt4 domain controller upgrade to Windows 2000
Sounds like you're making something fairly simple into something rather convoluted. I'd simply rebuild the boxes and join them to the new domain. Missy Koslosky - Original Message - From: Graham Turner To: [EMAIL PROTECTED] Sent: Friday, March 28, 2003 8:57 AM Subject: [ActiveDir] Nt4 domain controller upgrade to Windows 2000 Apologies if this one has been around before but ..as subject i am looking to acheive the upgrade of a whole load of NT4 backupdomain controllers to Windows 2000.it is preferable to use an upgrade method (as opposed to new install) -based on a number of installed applications / services (dhcp, wins, lprserver).it is also intended to change the domain membership of these DC's in thesame process. the observed behaviour is that the Windows 2000 setup routinedetects its configuration as a DC and generates a "red" warning in a systemcompatibility report stating that the PDC should be upgraded first.presumably the setup routine must do some sort of query against the PDC todetermine its OS version ??the domain from which these DC's are intended to be migrated is in fact aNT4 domain, and this seems to be critical to the continuance of the setuproutine.is it correct that there is no option for the existing domain membership tobe modified in this setup routine ??it seemed to me that the dcpromo routine that initiates at first logon whenWindows 2000 starts would be flexible enough that if the administrator sodecided to remove any exsiting security information from the original NT4domain and replace it with the information from an administrator specifieddomain ??if this is the case then the available options (given that the upgrade ofthe PDC to a production domain is by far the least preferable) need to beevaluated;is it a "supported" operation to take the BDC offline from the network,promote it to PDC (merely to allow the setup routine to proceed) whichpresumably would complete given that the system would not detect any - thisbegs the question as to the checks that a BDC promotion goes through tocomplete - is it merely the non-detection of an exsiting PDC or is there abit more sophistication ??from here then once the system is running Windows 2000, the dcpromo processcan be stopped, and reinitiated once the computer is joined to the networkonce again as a Windows 2000 member server, and joined to a new domain ?otheriwse it seems to me that the only way of proceeding is to use the"clean installation" method and reinstall all applications / services.on this tack, it seems to me potential issues with the restore of a DHCPserver configuration (backed up by taking a copy of the relevant NT4registry key) to a Windows 2000 DHCP server - is this a supported operation.I will be very appreciative of input from the newsgroup on this oneGT
Re: [ActiveDir] Synchronization with Unix and Oracle
Or Compaq/HP's LDSU, which is more flexible and less costly when you consider the ease of use! Missy - Original Message - From: John Hicks/MIS/HQ/KEMET/US To: [EMAIL PROTECTED] Sent: Thursday, March 27, 2003 10:19 AM Subject: RE: [ActiveDir] Synchronization with Unix and Oracle I believe Microsoft MetaDirectory should handle this Amit Zinman [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 03/27/2003 10:02 AM Please respond to[EMAIL PROTECTED] To [EMAIL PROTECTED] cc Subject RE: [ActiveDir] Synchronization with Unix and Oracle Biztalk is cool, but more for data Exchange. We are more interested in synchronizing passwords or providing some sort of smart logon or unified administration or even single-sign on (one can just dream). Amit Zinman Systems Consultant Integrity Systems [EMAIL PROTECTED] 03-7522424 058-326753 From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 4:14 PMTo: '[EMAIL PROTECTED]' Services for Unix would help with the Unix side - if you're trying to integrate AD and NIS for instance. Oracle and AD would probably have to be custom done - depending on what you're trying to do. The MS Biztalk server site has a link to a third party Biztalk module that will interface with AD, and then just interface your Oracle stuff to Biztalk. Roger -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. -Original Message-From: Amit Zinman [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 8:49 AMTo: ActiveDir Mailing ListSubject: [ActiveDir] Synchronization with Unix and Oracle Hi, If any of you ever did synchronize your AD with Oracle or Unix I would love to hear your input on this matter. Thanks, Amit Zinman Systems Consultant Integrity Systems [EMAIL PROTECTED] 03-7522424 058-326753
Re: [ActiveDir] Different password policy
If you need to make it super-secure, they really should have their own forest. There aren't a lot of details on this available, but the domain isn't a complete security boundary. - Original Message - From: Rick Kingslan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 24, 2003 2:08 PM Subject: RE: [ActiveDir] Different password policy snip Nope - a child domain DOES have a separate security policy. snip BUT! The really sensitive stuff (the intellectual property) of the company is managed and created by the researchers. We need to make sure that the research information is very secure. snip List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] What Services/Server's can be combined with Active Directory.
Glenn, I'd want to keep DHCP off my DC's to avoid name hijacking. See http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q255134 Hope all is well with you! Missy Koslosky - Original Message - From: Glenn Corbett [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, March 22, 2003 5:33 PM Subject: Re: [ActiveDir] What Services/Server's can be combined with Active Directory. John, The reason why you havent really been able to find a source, is that the answer is it depends. Depending on the size of your sites, the amount of data, number of clients, other applications using DC services etc, you can really have a single server that does DC, GC, DNS, WINS, DHCP, FP. I really wouldn't worry about putting DHCP on a server by itself, the load is so small. Out of all of the infrastructure services, DCHP is probably the smallest load. Client machines get a dhcp address when they start, and IIRC there are two requests during the lifetime of the IP address (one halfway though, and one at the end of the lease). So for a 2 week lease timeout, you have essentially 3 requests to a DHCP server which is nothing to really worry about. I recently did some AD design work where small sites (up to about 30 uers) had a single server (Dual PIII 2+Ghz) ran all the functions listed previously, plus Exchange with no real trouble. For larger sites, my suggestion would be one infrastructure server (DC, GC, WINS, DHCP, DNS), and application server(s) (File Print, Exchange etc). As long as you design your AD site topology correctly (so that replication is optimised, and GC placement is relevant for your clients), AD can pretty much co-exist with most things, its a question of network bandwidth and load on the server. Other Databases (like Exchange, SQL, Oracle) are really the main applications you need to be careful with when putting on the same server as AD, because they can cramp each others style (Exchange and SQL on the same box for example is very touchy). If you are thinking or layering other applications onto an AD DC, just have a read of the requirements. In a lot of cases MS force you down a particular path. For example, SUS (System Update Services), and MOM (Microsoft Ops Manager) wont run on DC's, so you are forced to put in an additional server to run these. so, as for your original question *grin*, I would have one server that does the infrastructure stuff, and another server for FP. Glenn - Original Message - From: John Strongosky [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, March 22, 2003 11:27 AM Subject: [ActiveDir] What Services/Server's can be combined with Active Directory. In our planning group we are having a discussion on what server's/services do we need to combine or can combine for our AD deployment. I have looked thru allot of Technote's there is not one definitive answer. Can anyone point me to a source or answer this for me. We are thinking of combing: DC,dns and gc's on a server, file and print and dhcp on another in our sites or DC, dns, gc on a server, file and print on a server and dhcp by itself. john List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Different password policy
There's always a risk, indeed. I've yet to design an AD infrastructure where there wasn't some sort of compromise involved! M - Original Message - From: Rick Kingslan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 24, 2003 10:28 PM Subject: RE: [ActiveDir] Different password policy Missy, Well said - and quite true. But, given the difficulty of implementing the compromise, the obvious decision point is going to be based on a risk analysis. Given that we're talking about password policy, I'm not sure how this is germane. But, nonetheless - you're right. If you want to guarantee true security autonomy, the forest is the model to use. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Missy Koslosky Sent: Monday, March 24, 2003 9:08 PM To: [EMAIL PROTECTED] If you need to make it super-secure, they really should have their own forest. There aren't a lot of details on this available, but the domain isn't a complete security boundary. - Original Message - From: Rick Kingslan [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 24, 2003 2:08 PM Subject: RE: [ActiveDir] Different password policy snip Nope - a child domain DOES have a separate security policy. snip BUT! The really sensitive stuff (the intellectual property) of the company is managed and created by the researchers. We need to make sure that the research information is very secure. snip List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] RAS Auth, Linux and AD?
You seriously need some anger management classes. And lessons on using appropriate language. And you may want to see about getting that caps lock key unstuck. Original Message From: [EMAIL PROTECTED] To: [EMAIL PROTECTED], Subject: RE: [ActiveDir] RAS Auth, Linux and AD? Date: Tue, 28 Jan 2003 10:53:25 -0800 KNOCK IT OFF WITH THE GOD DAMN FUCKING READ RECEIPTS..HOW MANY TIMES DO PEOPLE HAVE TO TELL YOU THIS! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of King, Arron S. Sent: Tuesday, January 28, 2003 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] RAS Auth, Linux and AD? You could try to do Radius or perhaps LDAP authentication if your dialin server software would support it. We do Radius with a wholesale ISP and it works quite nicely. === Arron S. King Network Systems Administrator Ohio Dominican University [EMAIL PROTECTED] v: 614.251.4515 f: 614.252.2650 -Original Message- From: Weston Rogers [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:42 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] RAS Auth, Linux and AD? Is it possible, or anyone know of any tips on how to get a linux box with an 8 port modem card (dialin server) to auth via an AD DC to get permissions, etc? I wanted to try to mess around with this.. Thanks. -Original Message- From: Mayet, Yusuf Y [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 9:26 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 We have been testing the .NET Server in our environment. There are many enhancements that have made our life easier. Our company is a large Bank in South Africa and we operate in many African countries and with this we have the issue of bad telecommunications to our foreign branches. We are using the feature called Replicate from Media. All you need to do now is perform a System State Backup and then restore to the new server. Run DCPromo with an ADV switch and point to the Restore location. Hey presto you will have your entire directory replicated to the local DC and with the replication schedule set up it will receive the updates which will be minimal. Other features include: DNS Stub Zones Conditional Forwarding Application Partition: Replication to set to replicate to all domains or certain domains. (Very cool feature) GC-Less Logon: Logon requests can be accepted without the need of a GC in the site. (Must have logged on previously but will continue with a cache profile) DC Rename: Very cool but you need .NET Native mode. Domain Rename: also need .NET Native (Be very sure that you want to perform this as you need to reboot your servers twice with other configuration changes) Forest Trust: Transitive trusts will be the name of the game for this which is pretty cool considering previously you had to set up external trust from the one domain to the required one. One last thing IIS 6.0 is much better stable, secure than the previous versions. Hope this info helps you. These are from the top of my head. Need anything else let me know. Yusuf -Original Message- From: Hutchins, Mike [mailto:[EMAIL PROTECTED]] Sent: 27 January, 2003 21:15 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 yes -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 11:58 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 Is windows 2003 Windows .NET?? -Original Message- From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 12:05 PM To:'[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 I've been running it in a lab environment for several months. The AD in WS2K3 is fundamentally as it was in W2K, with some notable improvements in the KCC (reduced computation needed for topology calculation), replication (value replication instead of attribute replication for certain attributes), and multi-forest support (cross forest trust). A nice security improvement is that anonymous users by default have no access and therefore can't mount DOS attacks on AD. Supposedly the overall performance of AD has been improved, but I haven't assessed that. There are improvements in some of the AD-related admin tools as well. Summary: notable but not revolutionary improvements. The upgrade path is fairly low friction, so I'd feel pretty comfortable starting deployment of WS2K3 when it ships. -gil -Original Message- From: Clifford Airhart [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 9:43 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Active Directory - Windows Server 2003 Hello Everyone! With the new version of Windows Server 2003 there's a new version of Active Directory. It seems to have