Title: [ActiveDir] Removing old computer accounts from AD
*GASP* Joeware isn't multi lingual?
*chuckle*
-Dave
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Thursday, January 12, 2006 8:36 AMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Removing old
Brian,
Could you send a copy off list to me as well. [EMAIL PROTECTED] I take it
is a _vbscript_.
Thanks,
Dave
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Harding,
DevonSent: Thursday, January 12, 2006 11:30 AMTo:
ActiveDir@mail.activedir.orgSubject: RE:
Frank,
We currently have a similar topology to yours. All of my
DC's are GC's. There is no disadvantage to this regarding replication
traffic as you are a single domain. I would continue using your current
model of every DC being a GC.
Regards,
Dave Chianese
From: [EMAIL PROTECTED]
should work - put your own surname in place of mine and you should see
that it edits your own details successfully. Then remove the comment from the
second sSQL= line and it should process all mailboxes.
The "proper" function is a kludge; will
take CHIANESE, DAVID and give you Chian
Title: csv to ldf converter
Would anybody have a handy csv to ldif macro for excel 2003? The one I have no longer functions. Even a .csv file to .ldf file conversion tool would help. TIA!
Regards,
Dave
Title: csv to ldf converter
Unfortunately I need to do a modify and you cannot do that with
csvde. I was also looking into ADmodify.net, but cannot seem to get the
download for that either.
Thanks,
Dave
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian
DesmondSent:
Title: csv to ldf converter
I just found that admodify.net cannot do what I want either.
Basically if you look at my display name in e-mail here, it is all caps..
so... In a csvde directory export of all users and using a well known
excel function (=proper(A1)) I am able to give proper case
They are all caps and I want them proper case. Or actually
management wants them that way. :)
We have this:
On 12/13/05, CHIANESE, DAVID
[EMAIL PROTECTED]
wrote:
We want this:
On 12/13/05, Chianese, David
[EMAIL PROTECTED]
wrote:
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
In the Microsoft book it is dead too.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley,
CPA aka Ebitz - SBS Rocks [MVP]
Sent: Tuesday, December 06, 2005 12:28 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Ntds.dit file
Replace the hardware and see if the same behavior occurs. If it is dual
Nic'd then switch to the other Nic and disable the one reporting the
condition. That will show if it is hardware or not at least and then
troubleshoot from there.
The other conditions where I've seen this happen is that if
Do the query on a GC.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin
A.Sent: Thursday, November 17, 2005 1:23 PMTo:
ActiveDir@mail.activedir.orgSubject: [ActiveDir] Strange
Error
I am trying to add a User from my
root domain to a Universal Group in a
http://www.microsoft.com/windows2000/techinfo/reskit/tools/new/dhcpexim-o.asp
Try the above link. We just migrated 2 DHCP servers
with this micosoft utility.
Regards,
Dave Chianese
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sudhir
KaushalSent: Tuesday, November 08,
.
"CHIANESE, DAVID"
DCHIANESE@phlyins.com Sent by: ActiveDir-owner
11/08/2005 06:22 PM Please respond to ActiveDir
To:
ActiveDir@mail.activedir.org cc:
Subject:RE:
Reservations are a DHCP server function. There is no way to tell if it
is a reserved IP from the client side.
Regards,
Dave Chianese
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Figueroa,
Johnny
Sent: Friday, November 04, 2005 1:15 PM
To:
More so for deletion of objects so you wouldn't have to do
an authoritative restore from a backup.
David
Chianese
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Etts,
RussellSent: Wednesday, October 26, 2005 9:23 AMTo:
ActiveDir@mail.activedir.orgSubject: RE:
Title: Message
run
dcdiag /s:servername and netdiag on that server and see what they report.
You
can then run a netdiag /fix to fix trivial errors.
You
can pipe these to a file as such:
netdiag netdiag_servername.txt
dcdiag
/s:servername dcdiag_servername.txt
Make
sure your VPN is
Title: Message
Open
up the GPO properties and in the security tab add the Helpdesk group. Give
them read and apply group policy for that
policy. remove apply group policy from any other group
you do not want to get the policy, I.E. Authenticated
Users.
Regards,
David
Chianese
Title: 64 Bit clustering with HP RX8620 Hardware clarification needed
I have a failed scenario in using a software mirror clustering a Windows 2003 64 bit (ia64) Enterprise Edition server. The RX8620 hardware is on the HCL for clustering, however I cannot tell in what configuration. Our HP
Title: Message
Right
click on the user object and rename.
Regards,
David
Chianese
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Ellis, DebbieSent: Wednesday, October 12, 2005
8:37 AMTo: ActiveDir@mail.activedir.orgSubject:
[ActiveDir] Display
Title: Message
I
would tend to agree with the single domain model. If required later you
can always add sub domains to add security boundaries. I would definitely
follow the K.I.S.S. rule.
David
Chianese
-Original
Message-From: [EMAIL PROTECTED]
[mailto:[EMAIL
the same misunderstanding that
you're presuming to correct me on.
-Original Message-
From: [EMAIL PROTECTED] on behalf of CHIANESE, DAVID
Sent: Thu 06/10/2005 21:27
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD Restore Problem
Now your comparing apples to oranges... Virtual
Title: Message
A good
cheap solution we had in place before the purchase of our SAN was the Dellnas
appliance server. It is a 1U SATA drive array of varying size. We
actually still have the NAS appliances in production and use them for temporary
storage / backup to magnetic media as it is
Now your comparing apples to oranges... Virtual PC is not the same as
Virtual Server. The beginning of the thread refers to Virtual Server
and VmWare, both let you create virtual machines.
Virtual server from Microsoft DOES support running servers in
production:
Title: Message
One
thing I noticed in trusted sites GPO is that you should almost always uncheck
https sites only, otherwise any non https site added in there invalidates the
policy and it never applies, even though gpresult says it does apply. I
hope this helps. It does work fine for us.
Title: Message
What
does gpresult say? Is it applying the policy?
David
Chianese
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Cothern Jeff D. Team EITCSent: Wednesday,
September 28, 2005 1:37 PMTo:
ActiveDir@mail.activedir.orgSubject: RE:
Title: AD Sites and Services Question regarding share point servers
This question is regarding objects in AD sites and services. I see 2 objects in a site that are not domain controllers. The objects are share point servers and each has an object in the built in computers container. The only
Title: Message
Typically I have always seen MSMQServices under the
services tab (View / Show services node) and it does reside there, as well as
Microsoft Exchange. I do not recall ever seeing the server object under
the Site / Servers / servername though. Although I do not view this as a
Title: Message
I just
found an article:
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/2744bec1-cb37-4d89-b90e-8140f0f7d7de.mspx
snip
To set permissions for MSMQ Settings objects
1.
Open Active Directory Sites and Services.
At a previous job of mine we used Exchange bifurcated messaging to copy all
messages received. inbound from out gateway to a connector that would queue
mail all day. At EOD the connector would turn on (Scheduled). This connector
then dumped all the mail to a 3rd party archive (Zantaz) via
Possible NAT problem? Whereas the VPN network and the users network cause
conflict. Most VPN clients and firewalls have a feature where you can hide
the NAT address.
DNS is a good call too, maybe have the user try putting in an internal DNS
server as their secondary or tertiary resolver.
There are many but the main tools I use are. There are also many 3rd party support
tools available on the internet.
Replmon.exe (Res Kit)
Dcdiag.exe (Support Tools)
netdiag.exe (Support Tools)
Regards,
Dave
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
You would use SMTP if you had an unreliable connection or a slow connection where RPC
traffic would drop. Also, if replication wasn't required to be timely.
RPC traffic is highly effected by latency. SMTP replication would work better on
slower or unstable link since SMTP doesn't care about
Title: Ldap - linux slowdown in searching
Jennifer,
I
would take a network trace at some interval during the day when you do not see
the slow down and then again when it starts to occur. If it is in fact the
Linux box causing the slowdown (either due to increased queries or network
I know this is reaching far for an answer from this list but since our ISA array is
integrated into AD it's worth a shot for a solution from this group.
Anyone have experience with ISA arrays in a domain array and how to make the SSL
connections maintain persistence when both nodes of the ISA
testing. Please do not reply.
This e-mail and any accompanying attachments are confidential. The information is
intended solely for the use of the individual to whom it is addressed. Any review,
disclosure, copying, distribution, or use of this e-mail communication by others is
strictly
]
Subject: RE: [ActiveDir] test, no reply
Oh sre like I'm the only wise arse on this list.
I just happen to be the first one to lie down the whoopee cushion today
is all. :)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chianese, David
P.
Sent
As Al
mentioned, why not convert the zone to Std. Primary and take a copy of the zone
files that are written to disk. Then revert it back to ADI. I have
done this before without incident to supply ourBIND unixservers
copies (or pieces) of our zone files. I have done this in the past for
If
your DNS zone is Active Dir Integrated then a copy will be retained on another
DC running DNS. If you only have one DC running DNS, simply add the
service to another Domain controller and let it replicate all of the DNS zone
information from active directory integrated zones before
I am looking for a plan for a 2000 to 2003 AD upgrade:
1) Best Practices Approach (articles, url's or documented installs)
2) Personal Scenario's (Tell me the pitfalls you have encountered and how you overcame
them)
3) Outcome of your migration
Thanks in advance,
David Chianese
IT - Server
Title: 2k Active Directory Metaturd from NT4 domain upgrade
This is a screenshot of a pop-up that is displayed while using the ADUC to view user account properties. There is an associated fix for this pop-up, but I am reluctant to apply it as Microsoft cannot tell me what the removal of the
Title: Message
Exchange 5.5 or 2000? I will assume (I know, a$$-outta-u-me)
2000.
Try
this article for 2000: http://www.msexchange.org/tutorials/Creating_a_list_of_Users_and_their_email_addresses_in_Exchange_2000_2.html
unfortunately I do not think csvde is going to get you all of them, but
Title: RE: [ActiveDir] net time
net
time \\DC1 /setsntp:DC2
NET
TIME [\\computername | /DOMAIN[:domainname] | /RTSDOMAIN[:domainname]]
[/SET] [\\computername]
/QUERYSNTP [\\computername]
/SETSNTP[:ntp server list]
-Original Message-From:
[EMAIL PROTECTED]
PROTECTED]'Subject: RE: [ActiveDir] net
time
But
you shouldnt have to do that, shouldnt they find the PDCE on their
own?
-Original
Message-From: Chianese,
David P. [mailto:[EMAIL PROTECTED]Sent: Friday, December 19, 2003 1:08
PMTo:
[EMAIL PROTECTED]Subject: RE
I've had good luck with this free CLI tool:
Log Analyzer
This tool is written for quick analysis of log files from any source - Windows,
Unix, CISCO, etc. This is done by searching the log files for desired patterns.
By Network Intelligence India Pvt. Ltd.
I wish I could
Hello all,
I hate re-inventing the wheel and know someone out there already has a script to do
these tasks:
1. import users via a bulk import from a csv and/or have an optional (switch) to
create one user at a time
2. change password to
3. set the password to
://cwashington.netreach.net
mc
-Original Message-
From: Chianese, David P. [mailto:[EMAIL PROTECTED]
Sent: Monday, December 08, 2003 12:28 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Scripting Help
Hello all,
I hate re-inventing the wheel and know someone out there already has a script to do
Title: Message
Yes, I
would be interested in that script.
Thanks,
Dave
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Ken
CornetetSent: Friday, December 05, 2003 12:19 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] AD Telephone
In the
View / Filter, Max number of items per container. Default is
1, increase to your desire.
Regards,
Dave
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Creamer,
MarkSent: Thursday, December 04, 2003 3:36 PMTo:
[EMAIL
I
cannot recall ever seeing it remove the object in Sites Services after a
dcpromo down to a member server.
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Simpsen, Paul
A. (HSC)Sent: Wednesday, December 03, 2003 3:31 PMTo:
[EMAIL
Title: Message
FEATS
OF STRENGTH!...FEATS OF STRENGTH!..AHH!
For
those who don't know, it's from the Seinfeld Festivus episode. Festivus is
for the restivus.
-Dave
(I should really have a string of letters here for effect but my filter keeps
taking them out *chuckle*)
the child
domain added to the GCs are nothing more than pointers. So, I don't see a
problem in making all DCs in the child domain GCs.
I hope this eases your decision making process...
Cheers!
John
-Original Message-
From: Chianese, David P. [mailto:[EMAIL PROTECTED]
Sent: Thursday
We are having a debate on whether or not to make all of our DC's gc's in our
new e2k environment. I would like to hear feedback from current e2k
administrators. It is my contention that we have sufficient DC resources to
NOT make all of our DC's gc's for exchange. Is there any drawback to doing
Title: NTLDR Not Found
RAID
array degraded perhaps? OS drive not spinning / amber? I would power
down, reseat all drives and then look in your RAID config on the controller
(Usually Ctrl-M or Ctrl-A) to make sure all disks are present and
spinning.
-Original Message-From: Juan
Title: RE: [ActiveDir] SUS does SPs now
We
abandoned our SUS project until this functionality is added. It was
proposed for the next version so I am surprised to see that functionality
now. Does it also support Office SP's now as well?
Regards,
Dave
-Original Message-From:
Title: Message
RPC
over http is an absolute dream come true. Exchange 2003 boasts this
feature extensively. I plan on implementation early 1st Qtr. next
year. (Right after our E2k upgrade is completed).
Regards,
Dave
-Original Message-From: Michael B. Smith
[mailto:[EMAIL
Title: Message
Answer
to question #1.) type "set" at the command prompt, look for LOGONSERVER=server
name.
Answer
to question #2.) \\HKEY_CURRENT_USER\Volatile
Environment\LOGONSERVER
I'm
not sure about changing the reg key or if it defaults back as the environment
variable is loaded.
Check the Maximum users at the share level perhaps. That is the only place
I can think of to limit it. The other option is to look in perfmon and see
if it is an actual I/O issue. Also, make sure the NIC(s) are set to
100/Full duplex.
Hope this helps,
Dave
-Original Message-
From:
NTDSUTIL.EXE, follow the prompts to seize the roll. NOTE: Once you seize
this roll make sure the dead RID is offline and fdisk'd as you never want
that server to come back and start servicing DC's with its old RID pool.
The new RID master will artificially inflate the RID pool to a higher number
this is about the most flexible and safe DR solution you
can have. I am not one for restoring AD from system state dumps.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chianese, David P.
Sent: Friday, August 08, 2003 7:04 PM
To: '[EMAIL PROTECTED
I use
the old NT 4.0 server manager to determine what shares are in use. That
give's you some visibility.
Dave
-Original Message-From: Agung Kuswanto NCS
[mailto:[EMAIL PROTECTED]Sent: Thursday, August 07, 2003 6:40
AMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir]
Who's online
shop
here.
Don Guyer
IS Dept
Citadel FCU
Ph: 610.380.7072
Fax: 610.380.7008
[EMAIL PROTECTED]
-Original Message-
From: Chianese, David P. [mailto:[EMAIL PROTECTED]
Sent: Friday, August 08, 2003 1:17 PM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Disaster recovery scenario comments
Title: Message
you
can always use the Command Line tool repadmin /syncall However, if
replication is failing for another reason this will fail as well.
-Dave
-Original Message-From: Dipowarga Wirawan
[mailto:[EMAIL PROTECTED]Sent: Wednesday, August 06, 2003
2:52 PMTo:
Argh! Turn off your read receipt please.
Thanks,
Dave
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 9:45 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir]
Return Receipt
Title: Is this a bug or part of the design
Simply
hiding the screensaver tab should do it. This way the users cannot even
get to the tab and see it to change it. If your using a custom .scr,
define that as well.
Regards,
Dave
-Original Message-From: Jennifer Fountain
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] dcdiag error when joining a new child domain
Well - since I am from Philly and come home quite often - I hope my
email helps :)
-Original Message-
From: Chianese, David P. [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 29, 2003 1:48 PM
To: '[EMAIL
Do you have a GC (Global Catalog) in each domain? It is probably an issue
of being on a different DC than the GC whilst doing lookups in AD. Doing
queries from GC is recommended. I would actually have a GC in each resource
domain as well.
Regards,
Dave
-Original Message-
From:
66 matches
Mail list logo