Just checking to see if the list is working as nothing landed overnight.
Mark Parris
Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
SHREK: It's quiet. Too quiet. Where is everybody?
DONKEY: Hey, look at this!
MACHINE SINGS
DONKEY: Wow! Let's do that again!
SHREK: No! No! No, no no. No...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Wednesday, September 27,
That's because the people like to sleep during the night :)
Just Joking
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Thursday, September 28, 2006 2:53 AM
To: ActiveDir.org
Subject: [ActiveDir] Test 123
Just checking to see if the
Or have sometimes better (or other) things to do... ;-)
On 9/28/06, Ramon Linan [EMAIL PROTECTED] wrote:
That's because the people like to sleep during the night :)
Just Joking
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent:
Well I now know where Dr Bunsen and Beaker were, but there is usually something
over night as the USA is behind the UK.
Mark Parris
Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596
-Original Message-
From: Bart Van den Wyngaert [EMAIL PROTECTED]
Date: Thu, 28 Sep 2006
Hi All,
I am facing problems while trying to sync my PPC. I receive error
stating syncronization failed and support code is 80004004.
I was facing some other problems with my active sync and oma which
were rectified by changing authentication methods to not allowing
anonymous and enabling
For our student accounts I remove the default ACE for Authenticated Users
(because of FERPA, which is a federal student privacy act). Then a group
has been delegated rights to reset their passwords and force a password
change at next logon, as well as restoring the read general, public,
personal,
Hi,
Last time i had this, I had to pin point the culprit by removing
all the items and then re add them 1 by 1 synching between each item. It
turned out to be a note that was corrupted I deleted it and then re
added the notes to the sync and all went well after that.
My 0.02$
(also,
The powers that be at my site want to implement IM using Jabber and
would like to leverage our AD for authentication.
We are just starting to think about this. It's not yet decided if the
Jabber server will be running on Linux or Windows.
I would imagine several people in this august body
Assuming it can authenticate against an LDAP source it should work fine
- never done Jabber but they're all about the same when it comes to
this...
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL
support.Jabber.com
Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_(_/ /) (/ Microsoft MVP - Directory Serviceswww.akomolafe.com- we know IT-5.75, -3.23Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
in this case how i can be sure if everything is good with my exchange
configuration and nothing is wrong with OMA/OWA/ Active Sync.
Is it possible to verify is my server configuration is ok or not.
A few days back when users reported me this problem i looked at the
error and that was
Jabber supports the use of SRV records and works beautifully
against AD for authentication. I got a Jabber server up and running for my
company as a test about a year ago, however I was extremely let down by the
quality of the clients. Each client seemed to have its own quirk, bug, or
try this;
http://support.microsoft.com/kb/832481/
User must change password at next logon check box is unavailable
- Original Message -
From: Steve Evans [EMAIL PROTECTED]
To: 'ActiveDir.org' ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 12:44 PM
Subject:
Lenovo Thinkpad battery recall. Please see link..
http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovolndocid=BATT-LENOVO
-Z.V.
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
Ravi,
Was it ever working? What version of ActiveSync are you using, and what
of the devices (what OS)?
The reason I ask is that we have an issue with ActiveSync v4.2 and Trend
OfficeScan where they DO NOT play together with Windows Mobile 5.0
devices. No fix from Trend until later next year!!!
Since there has been talk of LDAP Authentication as of late, I figured I'd
post my issue of poorly developed applications allowing a null password to
an ADAM instance using Bind Redirection.
http://jeftek.spaces.live.com/blog/cns!F2042DC08607EF2!710.entry
I'd be curious if a bit flip to shut
Yes it was working fine till 4 days ago. Suddently it stopped
responding and gave some valid reasons which were rectified.
Now i am not getting any errors. it keeps on looking for sync but
nothing happens. No error, nothing.
Device is a windows Mobile device.
Antivirus is Sophos. But i dont
One solution would be to ACL all objects such that SELF can read them,
then have the app, after it has authenticated as the user, try and read
something on the user itself. This way you know you are in fact that
user (or someone else that has read access, which presumably won't work
as anonymous).
It is a good article with good analysis. I do think it would be a useful
feature to have a bit to flip for simple bind to be forced to fail with
blank password, even though this would go against the RFC spec. I also
think it is interesting that since ADAM is actually doing some sort of
Eric,
The problem stems from lack of ability to modify the application to correct
the behavior. If I had the ability to force this, I would simply require
null/blank not to be passed to the ADAM server from the application.
I've been at odds about the DCR myself, for all the reasons you
Joe,
I forgot to mention on the article (Which I updated):
-
I forgot to mention, I had thought to myself Did I somehow enable anonymous
binds and forget?, since part of the design was to not-allow anonymous. I
did check the config entry as outlined in the ADAM
My impression from reading the on-line documentation is that the use of ADAM
Proxy Objects and bind redirection is frowned upon anyway.
Proxy users are designed for special circumstances and should only be used as
a last resort, when Windows principals cannot be used directly.
and
ADAM bind
The problem is that this happens a lot. There are simply tons of
applications out there that don't use Windows SASL binds. It would be nice
if it wasn't this way, but that's the reality of LDAP auth, especially with
vendors that don't use Microsoft's LDAP libraries. I've got at least 6 of
I agree, the documentation is misleading. They should say that anonymous
searches aren't allowed.
Joe K.
- Original Message -
From: Jef Kazimer [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 9:24 PM
Subject: Re: [ActiveDir] ADAM bind
Yes, I can see that Windows SASL binds might not be universally available ;-)
Thinking about it, another problem with the SASL binds is that presumably the
ADAM instance must be running on a server that is a member of the
authenticating AD domain (or at least one that has a trust back to the
Tony,
I have to wonder what is classified as a special circumstances, since I
suppose they are all sort of special.
I have used Bind Redirection with MIIS/IIFP for quite a few scenarios:
Corportate Spinoff:
We needed to split off a portion of our users into a new company, and an
entirely
Joe,
FCB works with simple binds, and BR ONLY works with simple binds, so I
suppose it's possible.
I've never coded to try however, but I could check it out.
Jef
- Original Message -
From: Joe Kaplan [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28,
Tony,
I have a workshop next week with a vendor to discuss an extranet solution.
Unfortunately, LDAP auth is not going to be possible, since there will be no
communication across the firewall.
I am steering them toward an ADFS solution, which I think will fit the bill
better. The issue
Yep, that's definitely true, although domain membership is also required to
do bind proxy auth as well. In a lot of these scenarios, the firewall is
configured so that only LDAP ports are open to ADAM from the application,
but the ADAM server has the necessary firewall ports open for domain
30 matches
Mail list logo
