Title: Message
I had
very good luck the two times I've used the Fastlane Migration Suite from
Quest.
Roger
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From:
That's a known issue, but I can't remember what's known about it ;)
Seriously, I believe its an issue with the network password hash algorythm
used - something like NTLM v2 is used by default, which 9x client's can't do
without the ADClient.
It also could be related to the setting for
Title: Message
Ive never used Aelita, but after
reading this I suspect that many software vendors try to land the sale and run
until you ask for some functionality when they then say oh, well, you
can sorta get that to work, but if you really want to do you really need
this _
quote from Joe This actually also goes back to something I have been
saying MS needed for a while. Domain Specific DNS entries for GC's as well
as an additional call type from dsgetdc/quote
I was kinda thinking that too... clients are using DNS to find lots of other
SRV info, seems a logical
Title: Message
This is the same one MS sent me on 10/13/03.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Blair
Sent: Friday, November 14, 2003
12:22 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Window 98
Desktops are being locked out
I found
The part about them not seeing the issues is a problem that I think is being
addressed at some levels (see note about Exchange Rangers and what they
should do for you in previous emails).
The hardcoding of servers is the one that is likely going to pay back the
way you want. It gives
Here's the LAN Manager Hash article:
How to Prevent Windows from Storing a LAN Manager Hash of Your Password in
Active Directory and Local SAM Databases
http://support.microsoft.com:80/support/kb/articles/q299/6/56.asp
You didn't say if you have AD2K or AD2003 - but:
Check these settings in the
Title: Message
I've
got a MUCH easier way to do it.
Set
your Windows boxes up to secondary the zones from the existing DNS servers -
that way you'll get a 100% complete, current file, with next to no effort on
either side.
Then,
when you're ready, simply change the Windows boxes to be
Hi,
Are there any security concerns or issues with creating a secondary DNS zone and doing
Zone transfer? If you have a root Windows 2000 domain in a different country and
want to create a secondary zone for the root domain in the US, what are the security
issues associated with the
I would ask them there reasons and then post them here...
I cant think of any real reasons as long as your servers are sat internally
and talk on your private WAN?
Rob
Guido, thanks for the reply.
I don't like "the feature" and would consider it a
takeaway from the Windows 2000 version. We've spent considerable time
teaching our "office workers" how they can locateALL groups they are a
member of. The belly aching I heard before will only be magnified
Joe, thanks for the reply.
Similarly, Intel has developed a command line tool to
enumerate all group memberships, but for mass consumption by the "office worker"
community, you can't beat an out of box, graphical user interfacesolution
from Microsoft. Yes, I did say that.
Alan A Isham
http://eventid.net/display.asp?eventid=9582source=
-Original Message-
From: Steve Shaff [mailto:[EMAIL PROTECTED]
Sent: Monday, November 17, 2003 2:01 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Virtual Memory Fragmented
Greetings,
I appear to have a problem with my virtual memory
Guido,
So, you're saying that Andreas is the one that we need to
'convince' that this isn't such a great change? I've noted this in my
testing, and know that I've got a huge learning curve with some of my admins,
who don't yet grasp the way that Windows 2000 manages viewing group
This may not be of help - but - with Server 2000 and 4G of ram MS told us we had two
choices to avoid this problem. Downgrade to 1G of ram or upgrade to Windows 2000
Advanced server and use the /3g switch...
- Original Message -
From: Steve Shaff [EMAIL PROTECTED]
Date: Monday,
Are you running E2K enterprise or standard? If standard your not going
to be able to fully utilize the 3G of RAM. If using enterprise then are
you using the /3Gig switch in your boot.ini?
-Original Message-
From: Steve Shaff [mailto:[EMAIL PROTECTED]
Sent: Monday, November 17, 2003
Here's an article I found on MS site -
http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b329864
This has been talked about quite a bit on the Swynk Exchange list - not
to any great resolution that I can recall...
HTH
=
Arron King
Network Systems
Yeah, I already had this in place. Good thought though.
S
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, November 17, 2003 11:08 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Virtual Memory Fragmented
This may
Alan - that's how I see it as well - it's the unexpected
change that I don't like. Especially in environments where Exchange is not
centralized, it is not uncommon that almost all DCs are GCs - here this
"feature" is definitely a loss.
No matter what - it will cause confusion, as it
yeap Rick, agreed - as mentioned before, it'll cause
confusion. Yes, I talked to Andreas about it - he'll be aquainted with the
topic, but may have to pass it on to other folks himself.
From: Kingslan, Rick T.
[mailto:[EMAIL PROTECTED] Sent: Montag, 17. November 2003
20:12To: [EMAIL
I just setup a simple login script to map 2 drive, now some people are getting it and some are not, The 2 people that are getting it are XP the others are windows 2000. Any ideas?
Ryan McDonald
Systems Administrator
The Bankers Bank
770-805-2304
Has it replicated to the netlogon share of
each dc? Are you sure the script is assigned to each users account?
mc
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Monday, November 17, 2003
4:06 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] OT:
Have not check to see if it replicated will do that. Also it's a GPO applied at the top level so I was thinking it should go to all the users.
Ryan McDonald
Systems Administrator
The Bankers Bank
770-805-2304
Creamer, Mark [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
11/17/2003 04:11 PM
the paper is released to production - you shouldn't need to hold your breath
much longer. It should be out on http://www.microsoft.com/downloads/ by
11/25.
/Guido
-Original Message-
From: Free, Bob [mailto:[EMAIL PROTECTED]
Sent: Montag, 17. November 2003 07:03
To: [EMAIL PROTECTED]
I already have put into place the /3gb switch before this all happened,
as seen below.
Any other ideas?
Thanks,
S
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS=Windows Server 2003,
Standard /fastdetect
Title: Message
the only way I found is to have them never expire
for the web users.
We require hard password, ie numbers letters
and at least on special character.
and domain users have to change every 42 days,
Remote and web only users never
expire.
Rick
- Original Message -
Create a new pagefile specify same size for min and max
Delete current pagefile
Create new pagefile to replace deleted page file and specify same size
for min and max
This is Windows 2000 Enterprise edition, isn't it?
-Original Message-
From: Steve Shaff [mailto:[EMAIL PROTECTED]
Sent:
Title: Message
That
would be ideal, but due to the security requirements, we have to change the
passwords constantly. I would like to have this domain use their usernames and
passwords from the PDC, however, that isn't allowed either.
-Original Message-From: Rick
Reynolds
Did you notice the first post that was out there that linked to eventid.net?
There were some other suggestions in there that may be of use to you. Also,
in Exchange 2000 this was considered a mostly benign error if you weren't
using clustering which is what the event was put in there mainly to
I will give this a try.
No, this is Windows 2003 Standard running Exchange 2003 Enterprise.
Thanks
Steve
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, November 17, 2003 1:52 PM
To: [EMAIL PROTECTED]
Subject: RE:
If you're using Standard server and it appears you are, you should NOT be using the
/3GB switch.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Mulnick, Al
Sent: Monday, November 17, 2003 5:04 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Virtual
Title: Message
I understand your twos apathy
towards software vendors, but to be fair I think we have to acknowledge that user
profile migration on machines is a tricky operation because of the changes on
the platforms over the years, and that there are probably circumstances that
As long as this is on the intranet and you restrict the IPs that can perform
zone transfers, there should be no security problems. That's not to say
your security team can't invent a problem :-)
Regards,
Robbie Allen
http://www.rallenhome.com/
http://www.rallenhome.com/blog/adcookbook/
Actually, for Windows 2003 you should be able to use the /3gb switch even on
standard version. That limitation applies to Windows 2000 last I checked.
-Al
-Original Message-
From: Dryden, Karen [mailto:[EMAIL PROTECTED]
Sent: Monday, November 17, 2003 5:09 PM
To: [EMAIL PROTECTED]
Title: Message
Hi Jason,
Although I'm aware that there are
security holes etc, I've used IISADMPWD to achieve what you're
after. It allows you to dictate that a user must change the PW upon logging on,
let's them change it whenever they'd like etc.
HTH,
Katherine
-Original
Dump the /3GB switch, it is for Enterprise Edition Only
-Original Message-
From: Steve Shaff [mailto:[EMAIL PROTECTED]
Sent: Monday, November 17, 2003 5:06 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Virtual Memory Fragmented
I will give this a try.
No, this is Windows 2003
Title: RE: Inter-site Urgent replication
We are at SP3. I've gone through
most of those articles already. re-reading 232690 it does refer to my
issue:
"Windows 2000 enables
change notifications to propagate across inter-site connections. This is
administratively configured on each
Title: RE: Inter-site Urgent replication
Never mind. Google to the
rescue... Thanks for your help.
Diane
Change Notification Between Sites
By default, changes are replicated between sites according to a schedule and
not according to when changes occur. For this reason, the greatest
Ok, newbie
here...
We're preparing to
upgrade our SingleForest (Windows 2000 AD Domain) to a Windows 2003
Domain.
We have 3 Domain
controllers all 2k, all running DNS.
My question is, do I
have to Run ADPREP on all domain controllers or can I do a straight upgrade on
all DC's without
Yeah
but unless all of your DC's are GC's, there is a good chance of seeing
inconsistent results. That is even harder to explain to users.
joe
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Isham, Alan
ASent: Monday, November 17, 2003 1:41 PMTo:
[EMAIL PROTECTED]
I'm
sending one too, but it is going to say great job! Thanks for working towards
consistency. :o)
It
should be good weight as well because I usually am complaining about something.
Last time I talked to him I was trying to talk him into giving me AutoGroup - No
I don't mean AutoDL.
Urgent replication really isn't... It is urgent queuing of a replication
request in actuality or at least from what I have observed. Basically you
quickly stick a replication request into the queue of all change
notification partners. They process it in the order and priority received...
i.e. it
Cool in that case I would do the same... Also if it is W2K and your
bandwidth can truly handle it I would turn down the timing for holdback and
pause between dsa's.
joe
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Diane
Joe,
Make no mistake - I think the change *IS* for the better -
consistency is better than inconsistency. But, it really shouldn't be this
way in the first place. There should be no reason for me to have to weigh
the averages or go fromdomain to domain to determine what the REAL
membership
So, you're thinking with ATM between DCs I can crank up the holdback timing
and pause rates? Neat.
;op
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
WebLog - www.msmvps.com/willhack4food
Hello Everyone,
I am a newbee to W2K domain design andI hope to receive some help from you experts out there.
Scenario - We are creating a new domain with w2k as DC/AD. In the same domain, we will have Linux 7.2 server and one more w2k server.In the end, Linux will run as primary DNS and one out
Yep - entirely possible. Me, I prefer running it the
other way around - Windows DNS for hosting the ADand a secondary on the
Linux server running BIND, but to each his own. The key is to use the
later versions of BIND and to config the dynamic update properties to allow the
myriad of zones
47 matches
Mail list logo
