First of all, good luck in the new job.
I've experienced a similar environment to that (at least on the AD front).
You can find out quite a few things about the AD infrastructure with a
standard domain account. For example, you can load the adminpak and support
tools on an XP workstation. Fire
No there's a mechanism to remote deploy the policies from sec wizard. I
never used it, though.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Wednesday, July 27, 2005
Title: DCPromo Answer fileno DNS.
You have DNS installed? You need to use the sysoc stuff (look it up in
the ref.chm in deploy.cab) to install DNS first
Thanks,
Brian
Desmond
[EMAIL PROTECTED]
c -
312.731.3132
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Hello ActiveDir,
--
Best regards,
Dmitriy mailto:[EMAIL PROTECTED]
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Destructive migration is not
sounding real good at the moment. Restoring all of the user and objects back the
way they were probably isn't an easy proposition either, I'm
guessing.
As for the profiles, would the profiles be
"migrated" as well with admt version2, meaning when the user
ADMT v2 will do what you're looking for. Play with it in the lab so
you can see how it works and get the procedure down.
Phil
On 7/30/05, Chris Flesher [EMAIL PROTECTED] wrote:
Destructive migration is not sounding real good at the moment. Restoring all
of the user and objects back the way
You can get a lot of information as a normal user unless they have locked it
down. I expect they haven't as that is something usually only done in better
installations and I doubt the company would be kicking out the outsource
partner if they were doing things well.
On top of that, try to get
Where is this going to be located? Extranet or
Intranet?
If you are going to be doing some very simple syncing, I
would look at writing something myself or maybe implementing one of the lighter
syncing tools like SimpleSync or HP's LDSU. If you need to do a lot of
transforms or complex
Title: Search User Accounts for Password Reset Date
This might work for you
http://www.joeware.net/win/free/tools/findexpacc.htm
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]Sent: Friday, July 29,
2005 3:57 PMTo: ActiveDir@mail.activedir.orgSubject:
Jorge answered this pretty well.
Yes the name/cn can be the same if the groups are in different containers.
The sAMAccountNames need to be different if in the same domain.
The displayName should be different or you could get some serious confusion
if you mailenable both.
The Distribution
Does fast user switching work on domain
PCs?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darren
Mar-EliaSent: Friday, July 29, 2005 1:06 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] GPO to enable a
service at restart
A startup script is probably your
I have seen this with many different OSes or applications (Samba and other
CIFS implementations) that do things to pretend to be Windows machines.
Generally there is some configuration change you have to make in the config
to force them to change their password on some frequency. This isn't
Ok so the request is to have unique output capability built into adfind?
I.E. The ability to say, give me all unique values for the xxx attribute
listed on all objects that match this specific ldap filter?
Hmmm interesting, I will add it to the list of things to look at but I am
not promising
I absolutely agree with this. Unless the policy files have been locked down
to only allow computer access and the users can't get localsystem context
windows open this is easily viewable in the share. Even if that is the case,
a simple network sniff on the client will see the files coming down.
U
not in my experience.. shrug
Rick
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Saturday, July 30, 2005 2:12
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] GPO to
enable a service at restart
Does fast user switching
work on
Great post Brett Makes me miss dstalk even more.
Now get to your blog.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Friday, July 29, 2005 7:39 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] turn off
I haven't started there yet.
What the head AD guy told me was that they had no DA/EA, Exchange Full Admin
access.
He was just hired a month ago.
Until then, they completely outsourced the whole AD/Exchange
infrastructure(whatever that means, exactly.).
What he's been doing for a month, I have no
Your issues with home dirs and such could and in my opinion probably are
related to something other than the computer SIDs.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Hanumara, Rao
Sent: Friday, July 22, 2005 9:27 AM
To:
I seriously dislike multi-tree forests. They tend to
confuse support admins and some programs just aren't written properly for them
and break. For instance I have the domain joe.com, what is the DN for my
configuration container? Well you would like to assume
cn=configuration,dc=joe,dc=com,
Ok let me give you some great free advice right up front. :o)
It is almost certain you will NOT be telling us all about it in the next few
weeks, at least it is fairly certain that if you do, you may be asking our
opinions on some other new job shortly. Financial companies, especially big
NY
Hi Brett/Joe,
Great information and from your perspective this probably seems like an out
of the normal request which goes against best practices. In most cases
things like this sooner or later causes issues and the I told you so
applies. I definitely don't have the exposure to AD
I don't agree with your overall plan, but regardless, do you know you can
define a single IP address to a Site of its own? Just define it as, for
example, 10.10.1.1/255.255.255.255 (ie: a 32bit mask).
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steve
That is fine, I'm glad people speak up about different ideas, I don't claim
to be an expert just was given the direction to come up with a solution.
I'm not a Cisco expert and we currently do not have a private network all
machines are publish IP based. This also has to be pretty hands off
No, it doesn't. There is only one service that I know of
associated with Fast User Switching, and that is the Fast User Switching
Compatibility service, which doesn't enable FUS in and of itself. I'm not sure
what enabling this service buys you because its used to help apps that weren't
Yes I merely wanted the compatibility.
There are programs out there that allow
you to use FUS in a domain; its just a shame that they dramatically
alter the logon experience. (Its actually for a Media Center Extender
(where the PC is in a domain) for the board room).
Thank you for
25 matches
Mail list logo