Morning all,
Does the logon script run with the user rights of the user logging on??
Ie Can we install an MSI from the logon script with out running installer with
elevated privileges if the user has user rights to the local machine??
Cheers
Charlie
ImCr :ý-Âpmamtsi1.mtl.bceemergis.comsmtp1.emergis.com[EMAIL PROTECTED]c=ca;a=immedia;p=mpact;l=MTL-GW-020207180547P1RP9909L669-a-logs@e[EMAIL PROTECTED]o.cEwLsReceived:
from pmamtsi1.mtl.bceemergis.com (smtp1.emergis.com [192.139.197.95]) by
MTL-GW-02.bceemergis.com with SMTP (Microsoft
Dear All,
I am planning to use GPO's to control a number of XP clients in a W2K AD
setup. Currently we have no GPO's, other than the default domain policy. I
have imported the .ADM files from XP into a W2K DC and want to use the
Computer Configuration\Administrative Templates\System Restore
Mark
You must have either Administrator or Backup Operator permissions on the computer to
perform a restore.
I could be wrong, but I believe the GPO setting makes the restore option available,
but it does not confer the necessary rights.
Tony
-- Original Message
Yes, I beleive that you would have to run it with Elevated priveleges.
Charlie Hope-Lang [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
07/18/2002 04:16 AM
Please respond to ActiveDir
To:[EMAIL PROTECTED]
cc:(bcc: John Hicks/MIS/HQ/KEMET/US)
Subject:[ActiveDir]
Can you stop OOOs and autoreplies from hitting the ActiveDir List ?
Thanks.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED]
Sent: Thursday, July 18, 2002 00:19
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Autoreply: [ActiveDir Digest]
Are there any issues with renaming the Default-First-Site-Name?
Also can I set up a site and not have a DC in it?
Joshua Morgan
PROFITLAB
Senior Network Engineer
PH: (864) 250-1350 Ext 133
Fax: (413) 581-4936
[EMAIL PROTECTED]
http://www.profit-lab.com
http://ncontrol.info
The greatest
Could you stop posting these to the list as well? Email him offline if they
bug you.
-Original Message-
From: David N. Precht [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18, 2002 8:39 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Autoreply: [ActiveDir
David, my mistake. I thought I replaced the list with person in
question. I didn't. It was then too late.
My apologies.
Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Andy David
Sent: Thursday, July 18, 2002 08:47
To: '[EMAIL PROTECTED]'
Title: Message
There
are a couple options although neither may be ideal.
First,
you can go to Start - Search - For Files or
Folders
At the
bottom of the left pane is "Search for other items:" and underneath that is a
link for "Computers"
Second
is after you browse to the domain as
Keep in mind.this does not append.it replaces the current access
with whatever you specify in that list.
Robert Wicklund, MCP/MCSE
Global Crossing Ltd., Manager Network Computing
95 N. Fitzhugh Street Rochester, NY 14614
ph. 585.255.8936cell 716.721.1825
-Original
Title: Message
Gene,
Take a look at your VPN connection. Are you logging into the
workstation, opening a tunnel, and doing their work.
OR
Are you logging into the workstation, opening the tunnel,
logging out, and logging back into the now connected
workstation?
If notthe user will
Title: Message
Jef,
They
are logging into W2K Pro with cached password information. Connection to
local Internet POP then launching VPN connection.
That
is how our typical user works.
Gene
-Original Message-From: Kazimer Jef
[mailto:[EMAIL PROTECTED]] Sent: Thursday, July
I have an Isolated environment that runs SQL 2000 and Windows 2000 Servers.
This environment experienced problems the other day because of a lack of
name resolution between the Servers.
I was asked by management to look at netbeui as a backup incase standard
TCPIP name Resolution failed...
Here
Robert,
When you say, this does not append, what are you referring to?
a) net localgroup method. I disagree, this does an append.
b) GPO method. I agree, this does a replace. This was the point I was trying (albeit
not very clearly) to make.
BTW, as Byron pointed out earlier, if using the
What about using hosts files as a fail over for DNS? Seems like less work to
me.
John A. Bjelke
UNISYS
Systems administrator
505.846.5894
[EMAIL PROTECTED]
-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18,
The quote from our CIO was that if caught any developer using IP addresses
in their code he would fire them on the spot.
Joshua Morgan
PH: (864) 250-1350 Ext 133
[EMAIL PROTECTED]
http://www.profit-lab.com
http://ncontrol.info
-Original Message-
From: Andy Grafton
I have since added that
Joshua Morgan
PH: (864) 250-1350 Ext 133
[EMAIL PROTECTED]
http://www.profit-lab.com
http://ncontrol.info
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18, 2002 11:02 AM
To: '[EMAIL PROTECTED]'
The quote from our CIO was that if caught any developer using IP addresses
in their code he would fire them on the spot.
And using NetBEUI as a backup protocol on a production system is better?
Andy
List info : http://www.activedir.org/mail_list.htm
List FAQ:
We have some J2EE application servers which we have configured to authenticate via
LDAP against our Active Directory. The configuration of the app server allows only
one LDAP server to be specified. If that one DC were to fail, the app servers would
be unable to find the directory even
We are in the process of migrating our NT 4 domain to AD. We currently use NDS as our primary directory service. We are using Account Manager to migrate our users and computer accounts into the AD domain form the NT 4 domain. We experienced problems getting IDs created in Novell Console 1 and MMC
Tony,
Option b. Of courseas alwaysi didn't read the last line. We are
using a VB script so we execute this in Logon script. Thanks
Robert Wicklund, MCP/MCSE
Global Crossing Ltd., Manager Network Computing
95 N. Fitzhugh Street Rochester, NY 14614
ph. 585.255.8936cell
Title: Message
Can
you describe the problems?
-gil
-Original Message-From: John
Hicks/MIS/HQ/KEMET/US [mailto:[EMAIL PROTECTED]] Sent: Thursday,
July 18, 2002 10:25 AMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] AD and
NDSWe are in the process
of migrating our NT 4
Stuart Kwan had mentioned this was coming at the Directory Experts
Conference in May. Ultimately I think it could be a good thing if Microsoft
starts to treat AD as a separate product instead of just an add-on to
Windows 2000/.NET. I don't see the benefit to what they are saying about
needing
The big issue using AD as a standalone LDAP server (as Stuart explained at
the DEC) has to do with AD's ties to the Win32 security system...
authentication through Kerberos, generation of Win32 security tokens, SIDs
appearing in ACLs, etc. ADAM removes these ties as I understand it.
-gil
So this would allow you to use a different security solution like say
Netegrity or Oblix for SSO type applications. In addition with MMS X you
could create public views of your PKI enabled users and make them LDAP
accessible without exposing a DC or GC.
For us, the more operations we can
Is there any attribute in active directory that would
enable me to determine if a particular user has domain
admin rights?
__
Do You Yahoo!?
Yahoo! Autos - Get free new car price quotes
http://autos.yahoo.com
List info :
Why is that an issue for running just a generic LDAP directory? You can
still do standard LDAP binds against it and each directory has its own way
for securing resources.
Robbie Allen
-Original Message-
From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18, 2002
iNetOrgPerson is supported fully in .NET ;-) Have you seen studies where AD
is much slower than iPlanet/ONE, eDirectory or OpenLDAP in terms of bind
time? I've heard varying reports.
In my experience, I believe the bigger issues are when you try to
consolidate your NOS and enterprise app
I'm just recalling what Stuart described as the drivers for ADAM at the DEC.
IIRC, Novell's comparison between AD indicated that eDir was much faster at
binds than AD, but I wouldn't want to put a lot of credence in that
evaluation :)
I also think that you will be able to partition ADAM
30 matches
Mail list logo