RE: [ActiveDir] Root Place Holder justification

i think he meant. joseph ;-) Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 *

RE: [ActiveDir] How do you add assistant information to an AD user account?

This was a bug in the schema in 2000. The OID is still the same, which is I think what the Outlook Addres Book uses but the LDAP names have changed. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]Sent: 26 April 2006 23:50To:

Re: going waaaayyy OT [ActiveDir] stupid ldap queries

On 4/26/06, joe [EMAIL PROTECTED] wrote: I have an idea, if you are going to say rooter, why not actually try spelling it that way? In the interests of removing confusion and global peace and love and all of that jazz. ;o) English is not phonetic language. If it was, words like 'phonetic'

RE: [ActiveDir] [OT]Root Place Holder justification

Hush coughprincess/cough[1]. [1] http://www.jadonex.com/downloads/dec/dec2006.zip http://www.jadonex.com -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de

RE: going waaaayyy OT [ActiveDir] stupid ldap queries

The English have abandoned gender? Oh those poor women... This explains so much about my visit to London... Especially why women in the pub were so interested in men who spoke English without an English accent. All you nice young women of England You are all welcome in the States... Move

[ActiveDir] copy with permissions

Is there a way to copy all my file server folders to another server with permissions? I need to change the Hard disk, but dont want to graint all permissions again. Thanks Adrião Ramos

RE: [ActiveDir] copy with permissions

ROBOCOPY or backup/restore with NTBACKUP Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile :

Re: [ActiveDir] copy with permissions

The best one i know is... robocopy.exe I have done hundreds of desktop migrations using that.free tool from microsoft resource kit tools http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffdDisplayLang=en-- Kamlesh~Be the

Re: [ActiveDir] Is there a way to clear the Netstat -p tcp -s statistics with out rebooting Windows?

Jose, can you post the details as to why the network team believes it's a bad driver vs. anything else? Al On 4/26/06, Medeiros, Jose [EMAIL PROTECTED] wrote: Yes, however I am not allowed to show it to any one outside the company unless they sign a NDA. I stripped out any thing that might be

[ActiveDir] Auto Archieve Settings

I have enabled autoarchive settings through group policiesand it archived allthe PST filesIN ADDITION TOthe Mailbox. I want the archive process toNOT touch the PST's, only items saved on the Exchange server in the Mailbox. Can that be done? Is there a problem with our Outlook, or is there no

Re: [ActiveDir] copy with permissions

Robocopy and NTBackup work great. On 4/27/06, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [EMAIL PROTECTED] wrote: Robocopy works like a champ... there's a specific flag to copy permissions intact.. Almeida Pinto, Jorge de wrote: ROBOCOPY or backup/restore with NTBACKUP Met

RE: [ActiveDir] Is there a way to clear the Netstat -p tcp -s statistics with out rebooting Windows?

Because Cisco networking people always blame Microsoft servers and drivers, and the routers and switch's are never the problem you should know that by now. :-) Did I forget to mention that I was also told that I should be running Linux since it never has to be rebooted? I also like Unix, but I

[ActiveDir] OT: Windows Vista - Windows Defender

We are evaluating Windows Vista Beta and are trying to locate the Windows Defender which Microsoft claims is installed by default on Vista, however it is not installed on our beta version and downloading it from the web it says that it is not supported on Vista. Any ideas? Justin A.

Re: [ActiveDir] OT: Windows Vista - Windows Defender

Which build? It's on mind in the corner. Control panel.. you should see it in there. Salandra, Justin A. wrote: We are evaluating Windows Vista Beta and are trying to locate the Windows Defender which Microsoft claims is installed by default on Vista, however it is not installed on our beta

Re: [ActiveDir] Is there a way to clear the Netstat -p tcp -s statistics with out rebooting Windows?

it might be me, but I got nothing from that last email. Did you send something? On 4/27/06, Medeiros, Jose [EMAIL PROTECTED] wrote: [EMAIL PROTECTED] ��V�r�y���-�÷Š¾4���i�b��b��

[ActiveDir] Is there a way to clear the Netstat -p tcp -s statistics with out rebooting Windows?

Because Cisco networking people always blame Microsoft servers and drivers, and the routers and switch's are never the problem you should know that by now. :-) Did I forget to mention that I was also told that I should be running Linux since it never has to be rebooted? I also like Unix, but

Re: [ActiveDir] OT: Windows Vista - Windows Defender

should be part of the start menu or control panel according to the TechNet magazine article I read on the plane yesterday - Original Message - From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Thursday, April 27, 2006 1:14 PM

RE: Re: [ActiveDir] OT: Windows Vista - Windows Defender

I have noticed it is not always in the system tray, except when it had a message for me. I found the icon (looks like a little castle) on my main Programs Menu on the Start menu. Jef From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Windows Vista -

Re: [ActiveDir] Internet Authentication Concepts: Pointers?

That's not a lot to go on, Jef. Can you give some more information? For example, these public internet sites? Are they web only? What type of authentication is needed? What were your plans for authorization? Are you planning to use something like SiteMinder or Tivoli or ?? to help you deal with

[ActiveDir] Exclude one account from password policy

I know account policies are domain wide but if you put a user in an OU andblock gpoinheritance, can you make that user have a non-expiring password while everyone esle is subject to the normal AD password policy? I know this is bad security practice but can it be done this way? Thanks

[ActiveDir] MIIS Workflow applications

I was wondering if anyone had any suggestions for workflow applications built on top of MIIS for iDM? We have a rather robust MIIS architecture that utilizes custom coded applications as a front end. We are starting to evaluate off the shelf products, and I was wondering if anyone had any

RE: Re: [ActiveDir] Internet Authentication Concepts: Pointers?

Al, I apologize, as I am going only on what little information I have. I guess I was trying to do some pre-meeting recon work since I had seen it metioned here about 25mil internet users for some people. I had assumed there might be some scenario documentation for such a thing. I will

RE: [ActiveDir] Exclude one account from password policy

The domain password policy is just that; for the entire domain. Your block inheritance scenario won't work because it's not the user account that determines what the domain password policy is. You can, however,set a specific account for 'password never expires', which prevents the max

RE: [ActiveDir] Exclude one account from password policy

Tom, Unfortunately No, this is a domain wide setting. This may help: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/strngpw.mspx look under the "Storing Password Policy Information" section. More than just AD utilize this

[ActiveDir] anyone using IPV6?

Has anyone tried IPV6 yet? Production? Or just testbed? Any gotchas? What kind of infrastructure (eg, switches) is needed to support it? How does AD play in this sandbox? I am probably out of my league pretty quickly with subject. I've done a little googling but it seems like a pretty big

RE: [ActiveDir] OT: Windows Vista - Windows Defender

Build 5321, where can I go to get the latest build? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL

[ActiveDir] unable to modify personal info

I have an admin who is an Account Operator but can't modify his own account info like address or phone number. I know via the adminSDHolder, account ops can't modify other account ops but this user should be able to modifiy his own account. There is no entry for Self in the ACL editor for his

RE: [ActiveDir] OT: Windows Vista - Windows Defender

I found my Technet DVD from April 2006 and that has an ISO file for 5308 so we will have to install that one. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original

Re: [ActiveDir] Internet Authentication Concepts: Pointers?

Jef, As Al pointed out, there are numerous products from vendors such as IBM/BEA/Oracle/RSA/Netegrity/Entrust/Baltimore Labs (RIP) etc providing web-based authentication/authorisation in front of AD. Since from a design point-of-view it's generally not a good idea to stick AD too close to

[ActiveDir] DCQuery + Remote Site

Hi, I have one DC and 2 ADC's. 1. DC 2. 1ADC 3. 2ADC DC and 1ADC exists on my local network. whereas 2ADC is on remote site. My DC has all 5 Roles + DNS + DHCP. Now issue is that when i am running DSQuery for any thing it gives me answere from 2ADC. Which is ofcourse time consuming. All

RE: [ActiveDir] OT: Windows Vista - Windows Defender

I just (like an hour ago) loaded Vista 5365 and it is in the Windows Security Center with the firewall, auto updates, and AV whiner. 5365 became available on connect a couple of days ago. It isn't up on MSDN yet. -- O'Reilly Active Directory Third Edition -

RE: [ActiveDir] unable to modify personal info

I have an admin who is an Account Operator but can't modify his own account info like address or phone number. Yes, that is correct. Does anyone have any ideas? Glad you asked... 1. You really shouldn't use builtin accounts. Your account op could one day decide to become an enterprise

RE: [ActiveDir] Internet Authentication Concepts: Pointers?

I would be looking around at ADAM solutions, this is what I am hearing that most people are looking to use in that space, far easier to deploy and secure. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

RE: [ActiveDir] Exclude one account from password policy

I know account policies are domain wide but if you put a user in an OU andblock gpoinheritance, can you make that user have a non-expiring password while everyone esle is subject to the normal AD password policy? Well no, that is what they mean by domain wide... The password policy

RE: [ActiveDir] Is there a way to clear the Netstat -p tcp -s statistics with out rebooting Windows?

Al, what did you do? All of your posts are no coming in blank. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al MulnickSent: Thursday, April 27, 2006 1:20 PMTo:

RE: [ActiveDir] Forcing Kerberos to use TCP instead of UDP

Been a bit since I played with this but I seem to recall it is the CLIENT that gets the reg change. RE: #3, did you troubleshoot where the packets were being dropped at? Most likely there was a misconfigured or failing network device somewhere along the line. joe -- O'Reilly Active Directory

RE: [ActiveDir] oddness with sites.

Get a network trace of the logon. You will probably see the failures right there in it. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steele, Aaron [BSD] - ADM Sent:

RE: [ActiveDir] [OT][ABUSE] - WAS: Perform gpupdate, start or shut downs through ADUC

Wow Deji, that bug bit you pretty hard! One could argue that the URL in my sig is unsolicited as well as the multiple URLs in your sig. It doesn't appear that Tony has an issue with it as I can't find a message from him on the topic. I expect he would have busted it if he wanted to, he has

RE: [ActiveDir] Weird Ldap issue with redhat 2.1 and AD

You made me smile Jennifer when I read the first line. :o) Cheer for network traces. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jennifer Fountain Sent:

RE: [ActiveDir] logging users out

Review the sysinternals EULA... It has come to my attention it has changed recently and it may make it a little more difficult to use these tools. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED]

RE: [ActiveDir] logging users out

Ack sorry... lost in work and real life. http://www.joeware.net/win/free/tools/qlogoff.htm It actually was up on my site, I just didn't have it linked into the navigation for some reason, that is now corrected. joe -- O'Reilly Active Directory Third Edition -

RE: [ActiveDir] Domain Local Group vs Global Security Group for Delegated Permissions in AD

Goodness gratious Todd, the answer is always 42... Err no, the answer is always It Depends! I personally like LGs and DLGs, always have all the way back to say 1996 or so. Global Groups make me itch, Univeral groups make my eyes water. You will note I wrote a command line tool for managing

RE: [ActiveDir] [OT][ABUSE] - WAS: Perform gpupdate, start or shut downs through ADUC

Yeah, it did :) The siglines are pretty much commonly accepted guerrilla marketing options within the industry. Oldcomp and such have become commonly accepted part of discussions on this forum, and many of us who started recommending it on this list did not learn about it on this list. Even that

RE: [ActiveDir] OT: Windows Vista - Windows Defender

I heard its techbeta only Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, April 27, 2006 9:25 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Windows

RE: [ActiveDir] Forcing Kerberos to use TCP instead of UDP

Yeah there's a reg hack in GP. You set some timeout to 0 to force it to TCP. UDP drives the firewalls crazy Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of joe Sent: Thursday,

RE: [ActiveDir] [OT][ABUSE] - WAS: Perform gpupdate, start or shut downs through ADUC

Would you set your display name to something other than [EMAIL PROTECTED]? I find the fact that I see your company's domain first in Outlook to be a blatantly obvious marketing scheme to Outlook users. ;) Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message-

RE: [ActiveDir] [OT][ABUSE] - WAS: Perform gpupdate, start or shut downs through ADUC

Sure, Brian :) When I want to communicate DIRECTLY with you, or decide to directly pitch my services to you, THAT is what you will see FIRST. Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) /