Hello,
When the default domain controller policy is changed in respect to
password complexity, length, etc., how long is it before the change
takes affect? We have an automated system that is trying to change
passwords but is getting bounced back that the password doesn't meet
complexity. I
gest issue is not having enough staff to touch all the desktops
in one weekend, and hiring temps is probably out as well. Would it be difficult
to script something to migrate profiles? Has anyone tried to do this
themselves?
Thanks as always.
This list is a real help.
Chris Flesher
The University of Chicag
.
This list is a real help.
Chris Flesher
The University of Chicago
NSIT/DCS
(773)-834-8477
There is an upgrade doc that worked fine for me.
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/W
SUS/WSUStoSUSTC/c86e95dc-381f-47a2-b761-1fe0f13ad3f4.mspx
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Salandra, Justin
Title: Finding User account if know SID
I thought I could do this with just dsquery, but I'm having trouble doing this. Is there a way to find the user account that matches a particular SID if I know the SID?
Chris Flesher
if know SID
There is a utility that Joe created for this at
http://www.joeware.net/win/free/tools/sidtoname.htm
- Original Message -
From:
Chris
Flesher
To: ActiveDir@mail.activedir.org
Sent: Friday, January 21, 2005 11:31
AM
Subject
at times. Thanks for any help!
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
What do you mean by object level restore? Do you mean individual COM objects
or file/folder/user objects?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Wednesday, October 20, 2004 6:58 PM
To: [EMAIL PROTECTED]
Subject:
You need to read into how Directory Services Restore Mode works before
moving further.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Thursday, October 21, 2004 9:31 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir]
gets the following error:
ldap_bind: Invalid credentials
additional info: 80090308: LdapErr: DSID-0C09030F, comment:
AcceptSecurityContext error, data 525, vece
Has anyone ever come across this
issue?
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
: Invalid credentials
additional info: 80090308: LdapErr: DSID-0C09030F, comment:
AcceptSecurityContext error, data 525, vece
Has anyone ever come across this
issue?
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
!!!
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
or
Text: UNKNOWN_SERVERFile: 9Line: ab8Error Data
is in record data.
For more information, see Help and Support Center
at http://go.microsoft.com/fwlink/events.asp.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
erver Name:
krbtgt/UCHICAGO.LOCALTarget Name: krbtgt/[EMAIL PROTECTED]Error
Text: UNKNOWN_SERVERFile: 9Line: ab8Error
Data is in record data.
For more information, see Help and Support
Center at http://go.microsoft.com/fwlink/events.asp.
Chr
.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
before
telling him that.
Thanks in
advance.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
om the account in the child OU, and then
have the child OU account deleted. I'm thinking no, but I wanted to make sure
before telling him that.
Thanks in
advance.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
that explains what priveleges are needed up to giving the person
administrator rights? Does someone know by experience how to do
this?
Thanks in advance.
This group is always extremely helpful.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
Title: Message
We are thinking of
using DFS in order to add redundancy to our NAS offerings. My main question is
does anyone have experience using DFS to replicate/keep in sync large amounts of
info, i.e. 200+GB, between two or more servers?
As always, thank you
for the help.
Chris
the instructions in KB291823.
On Mar 11, 2004, at 11:00 AM, Chris Flesher wrote:
We are thinking of using DFS in order to add redundancy to our NAS
offerings. My main question is does anyone have experience using DFS to
replicate/keep in sync large amounts of info, i.e. 200+GB
We are short on test hardware, and were wondering if the rumors were true
that one is unable to install SQL 2000 or Exchange 2003 on a DC? This isn't
a production idea, but just for test purposes so we don't have to buy a
separate box for the application.
Thank you in advance for the help.
Chris
on such a
system as we speak;-)
If you do require separate boxes but don't have them, then why
don't you explore something like VMware where you can run separate machines on
ONE machine!!
anton
-Original Message- From: Chris
Flesher [mailto:[EMAIL PROTECTED]]
Sent: 07
]Subject:
RE: [ActiveDir] Applications on 2003 DCno worries even :O) Robert Rutherford+44 (0)1305 208232+44 (0)7970
122362
"Chris Flesher"
[EMAIL PROTECTED] Sent by: [EMAIL PROTECTED]
07/01/
not to cluster.
Maybe you could get what you're after with a SQL cluster
(2 machine) and then separate machines or even a 2 node cluster for the other
functions?
From: Chris Flesher
[mailto:[EMAIL PROTECTED] Sent: Wednesday, November 12, 2003
11:27 AMTo: [EMAIL PROTECTED]Subject
Title: Message
If
DCPROMO runs cleanly, you should be fine. Run DCPROMO, remove from the domain,
rebuild, bring back upWe've done this a few times with no problems. You may
want to go into adsi edit and make sure all the stuff is gone, just to be safe.
-Original
, Al
Sent: Friday, November 07, 2003 10:32 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Bare metal restore on other hardware?
What'd you restore? Were there other DC's available to replicate to?
-Original Message-
From: Chris Flesher [mailto:[EMAIL PROTECTED]
Sent
, and only some of the SRV records are being created
within Bind. Any info on the best way to set this scenario up would be greatly
appreciated.
Once again, Thank
you for all of your support.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
right now? Which has better cross-platform support?
We are a dominantly
Windows in this department, with Unix in there as well.
Thank you for any
info you may have.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
.
Thank you for
any info you may have.
Chris Flesher
The University of
Chicago
NSIT/DCS
1-773-834-8477
, 2003 4:56 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] OT:Exchange 2000 and Kerberos
It's not planned for Exchange 2003. It's there.
Go to Exchange 2003 and do not look back.
William
- Original Message -
From: Chris Flesher [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday
Title: Message
I know this is off
topic, but does Exchange 2000 support kerberos authentication? Is it planned for
Exchange 2003? Finally, can OWA authenticate to a backend kerberos server, say
on Unix machine?
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
We've reused machines names here as well. Even with a Dcpromo failure,
you can still use tools to get rid of DC names and properties and bring
it back up. I don't recommend the second way, but in a pinch, you can do
it.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Title: Message
70GB
is more than enough for the size of your organization. We have ~ 800 users, and
our DC's use much less than 1GB for the database. We have 3 sets of mirrored
drives in our DC's for redunancy and performance. Seperate out the Logs,
Database, and Sysvol folders from the
production will be.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
-From: Chris
Flesher [mailto:[EMAIL PROTECTED] Sent: Wednesday, September
10, 2003 7:43 AMTo: [EMAIL PROTECTED]Subject:
[ActiveDir] Windows 2003 DC issue
We started
playing with 2003 in our test environment. We came across a problem with how
dynamic updates are done
Title: Message
Scenario: a user is
a member of two groups. Each group is in a seperate OU. A gpo is applied to each
group. Which gpo will take precedence for that user? In other words, which will
be the last to be applied and get the settings applied to that
user?
Chris Flesher
question but it was posed to me by a higher up and
I can't find anything about this scenario in technet.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of GRILLENMEIER,GUIDO (HP-Germany
two seperate groups with a user being in each
group, with each group in seperate OU's.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Crenshaw, JasonSent: Monday, July 21, 2003
Title: Message
I know
the settings are applied to users and computers.
You
can limit who it ( GPO ) is applied to within the OU through ACL's?
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL
access to
all user accounts and trying to make sure they only touch what they are supposed
to touch, etc. I'm supposed to find all possible reasons why not to do this. So,
I ask questions.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
-Original Message-From
container, go directly into the OU. Maybe I'm making this too
complicated..
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
Title: Message
I saw
that out on Technet. That's great as long as there is a person/group to handle
that. We are understaffed and are looking for the OU admins to take care of this
without giving them Account Operator rights.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
Title: Message
I'm wondering if
anyone uses Microsoft Operations Manager to monitor their AD infrastructure? If
not, what other product(s) are used, and how do you feel about them? What are
the relative costs for the product?
Chris
Flesher
Are there any other products out there similar to MMS? When you say clunky
to set up and configure, are we talking months?
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Glenn Corbett
Sent
Title: Message
This may not be the
forum for this, but is anyone familiar with how to host applications on a
Windows 2000 Terminal Server? Is there any good documentation about this subject
out there?
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
2000 and NT4 clients.
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of [EMAIL PROTECTED]
Sent: Thursday, January 09, 2003 6:17 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Global
Title: Message
This may be
unrelated to this newsgroup, but it's a simple idea. I have a forest root and 1
child domain. Is there a way to hide the forest root name from being listed when
people browse?
Chris Flesher
The University of Chicago
NSIT/DCS
1-773-834-8477
47 matches
Mail list logo
