Um. Rick, given Joe's last post about Dean and playing with butter knives,
it would be my humble opinion that you a[1]) shouldn't post as Rick-sey
and b) really should keep the sharp shiny objects locked up next time Joe's
in the area. Not that I'm paranoid, but...
Al
[1] shoot. If Joe's
It get's better. I saw the EXACT same post in the
newsgroups over the weekend. PWI, but figured that I sent the same
message. Be interesting to hear Mark's Experience this week (unless Mark
posts as his alternate self on occasion of course :)
ajm
From: Roger Seielstad
[mailto:[EMAIL
Hey all,
I have a weird issue; all our laptop users have their own
third part dial ups (RRAS and RAS) for their convenience. When the users
dial up to their third party ISPs (all users) they obtain an IP address
from the ISP but their DNS settings are being forced to the networks
Todd -
I haven't tried it via GPO...back when we set up our process for building 'branch
office' DCs, we just did it with a script, using reg add commands. The script came
straight from the BODG.
This KB article - http://support.microsoft.com/default.aspx?scid=kb;en-us;Q306602 -
describes
Trying to remember exactly, but wouldn't they get their DNS
settings from the ISP upon connection either through their software locally or
from their RRAS server?
Al
From: Carlos Magalhaes
[mailto:[EMAIL PROTECTED] Sent: Monday, May 10, 2004 9:41
AMTo: [EMAIL PROTECTED]Subject:
Title: Message
Correct. The DNS settings are set by the ISP. I think the only thing you
could do with RRAS would be to use WINS and I'm sure you can set
this.
-Original Message-From: Mulnick, Al
[mailto:[EMAIL PROTECTED] Sent: 10 May 2004
15:31To: '[EMAIL
I actually do this, and it works out fine on a 100MB backbone. I have three
servers in a DFS hosting all the GP MSIs, and I can do 30 - 45 PCs at a time
for a full Office XP/2003 load.
--Brian Desmond
[EMAIL PROTECTED]
Payton on the Web! Http://www.wpcp.org
v: 773.534.0034 x135
f: 773.534.0035
What's your typical install time look like?
--
Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
-Original Message-
From: Brian Desmond [mailto:[EMAIL PROTECTED]
Sent: Monday, May 10, 2004 11:09
Title: Message
Travans are junk, IMHO.
If
money is tight, buy a DLT7000 drive off Ebay.
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Noah EigerSent: Monday, May 10, 2004 12:29
AMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Branch
Thanks. As I mulled it over a bit more, the
standardization became the issue. Also, the cost of the media was not the issue
but of the hardware. Basically the client does not see the need for this a
branch offices, and I was looking for a way to make it more palatable.
I am going to
Another option, although not cheap by any means, is to
replicate data back to the central office - that's not always easy or practical,
depending on how much the data changes and how often.
DLT7k drives should be pretty cheap, even new, now. They're
2 series old (DLT8000 and SDLT have both
Title: Message
Hey Robert, thanks for the reply , yes I have
thought of IPASS but the user selects which third part ISP they can use, we
supply them with a RRAS and VPN solution into the network and then they can
select a third part solution for personal mail and personal internet, this is
Hey Al,
Yeah all the settings are suppose to be
set via the ISP , most ISPs run DHCP so yes the settings should be set.
The weird thing is that only the DNS settings are being forced to our network,
the user gets a valid third party IP address and default gateway, just not a
DNS
Title: Message
Is there any hard coding of DNS settings on the laptop's network
connection properties? This will override any server-assigned DNS
settings...
**Charlie KaiserMCSE, CCNASystems
EngineerEssex Credit / Brickwalk510 595
5083**
Title: Message
Nope thats what gets me, and its
happening to ALL the laptops, (they are the only machines using third party
dialers)
AGRRR there must be an answer :P
CM
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser
Sent: Monday, May 10,
Im working in a branch office deployment where the AD
is centrally managed, and all offices have a high level of autonomy. In MS
terms: central does the service management, branches do data management.
I would like the branches to manage their own DNS A records.
In order to do that I am
Title: Message
Logging? Network Trace? Any of those options
available?
From: Carlos Magalhaes
[mailto:[EMAIL PROTECTED] Sent: Monday, May 10, 2004 2:38
PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir]
DNS settings
Nope that's what gets
me, and its happening to ALL the laptops, (they
Title: Message
UNSUBSCRIBE ActiveDir "Jim Morrison" e-mail [EMAIL PROTECTED]
NOTICE OF CONFIDENTIALITY
This message, including attachments, is from Family Health Partners.
This message contains information that may be confidential and protected by
HIPAA Privacy Regulations. If you are not
Title: Message
Unsubscribe John Densmore
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jim Morrison
Sent: Monday, May 10, 2004 3:10 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DNS
settings
UNSUBSCRIBE ActiveDir Jim
Morrison e-mail [EMAIL PROTECTED]
I think you are simply asking the disjoint namespace
question and if that is the case, default MS stuff, you will be fine. Simply set
the appropriate permissions on the computer objects (more likely set it on the
highest level OU or container you can) to allow VWRITE to service principal
Title: Message
You might check the registry of some of the laptops.
HKLM\System\CurrentControlSet\Services\TCPIP\Parameters\interfaces
for the nameserver value and see if any of them are set to your DNS
server address. There might be an old setting on a network connection that is
holding on
5 to 10 minutes.
--Brian Desmond
[EMAIL PROTECTED]
Payton on the Web! Http://www.wpcp.org
v: 773.534.0034 x135
f: 773.534.0035
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]
Sent: Monday, May 10, 2004 10:37 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir]
Crap. That's faster than I'd expect.
I've got my deployment guy looking over the stuff that's been posted and I
think we're gonna try it. I still need to lay down a good DFS tree though -
we've got remote offices to worry about...
--
Hi Joe,
I had to digest this a bit
I think
you are simply asking the disjoint namespace question
Thats right.
to allow
VWRITE to service principal name and dns hostname
Ok, I found that permission. But Im
still confused; to who should I assign that permission? Are you
I'd expect the replication over the slow link will be the larger issue. You
can use dfsutil to force clients to talk to their site DFS server. One of
the annoyances with DFS is that you have to use enterprise edition to host
multiple roots on a machine. Standard will only host one root.
I've seen the same kind of install times using SMS. I don't know what MS
did to the Office 2003 setup because I'm pretty certain :) it's impossible
to install O2K3 in 5 minutes when O2K (I think it was) used to take 45
minutes to install from CD... but impossible or not O2K3 seems to work just
Title: Message
What kind of Havoc is is causing? How are the users
connecting to your network over their ISP's? Istherea likea
VPN client of some sortby chance?
I have seen similar behaviour where VPN clients take all
the IP settings except DNS from the ISP and default to the corporate DNS
Hey guys, thanks for the rapid response on GPO defined access to
particular machines, worked like a charm!
My next question revolves around IE GPO security settings. We want to
inhibit the installation of all but allowed ActiveX controls. Most
things are found in User Configuration\Windows
Title: Message
Hmm Its not a VPN connection normal 56k
(and yes you heard right :P) connection to the ISP.
I will check on the other suggestions
thank you very much
Carlos Magalhaes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of [EMAIL PROTECTED]
Sent:
Title: Message
Well the OS is XP on all the laptops.
Its only XP that this is happening, I will
check that reg key and also search the reg, this is highly irritating, thanks a
million for the suggestions! Now I just have to find out how to convert those
GUID type entries for the
Return Receipt
Your RE: [ActiveDir] Very basic question!
document
:
Title: Message
The kind of havoc , is that on the ISP
dial up they can not resolve any DNS quieries as all DNS queries are pointing
to our internal DNS servers, I confirm this with a ipconfig /all and nslookup
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of [EMAIL
I agree with most of that. Though I think it was Jimmy that smelled funny
and that was simply because he never made it back to his room to change.
Of course you still read [1]... That is why I knew I could sucker you into
posting. :o)
Anyway, when I was at the summit, I had no chance with the
OK, OK, I GIVE. ROTLMAO!!! YUO RAELLY AER TOO FUNY JOE.
RIKC
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, May 10, 2004 1:05 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir][OT] LDAP stress tool for AD 2003
I agree with most of
can you add, roughly WHY you want to do
this?
FRS is enabled on ALL DCs in an AD forest, and that's the
way it should be as SYSVOL replication uses FRS.FRS is one of those
special services, that you don't want to screw around with (such as turning off,
make a lot of file-system changes,
Honestly I am not sure why my sys. Admin needs
it I received a development request with the following spec.
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido
Sent: Monday, May 10, 2004 2:41 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL
Its doable with code, I can find you the
DC or GCs, and if you REALLLY want disable the FRS services but you
would really be screwing up some important services that your DC needs.
Do you really want to do this?
Carlos Magalhaes AD programming?
Haha, I'm totally just giving you a hard time Joe. ;)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, May 10, 2004 12:45 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] LDAP stress tool for AD 2003
I'm not making fun of ~Eric. That
Why bother with a trust at all?
Unless there is constant access by a large number of your
internal users (and there shouldn't be), then the only people inconvienenced by
the multiple accounts are administrators, and hell, we've all got 15 accounts
anyway, what's one more?
Roger
Yeah - don't.
Seriously - you're talking about deploying 300-400MB of app, per client. Say
you've got 100 clients in an office, and you assign the app to the machines.
Monday morning, 100 people walk in, boot their machines, and they might as
well all go home, since you're going to bring the
Least wrong way to do it is indeed continue with an upgrade
to have asecond forest in the DMZ, without any trusts.
I'd also suggest a different operations model, one in which
the developers have no elevated permissions to the production environment. Take
it from much personal experience
DLT4 tapes (35/70GB) are around $35 USD each now. That's
not really expensive when you consider that one generally holds about 60-65GB on
average, which is about all you'd need for a full backup.
However, and I can't stress this enough, havinga
STANDARD tape format and STANDARD backup
42 matches
Mail list logo