GP is unnecessary, simply add the extended right at a suitable OU (as you
inferred) ... you'll need the advanced ACL editor dialog to do so ... look
carefully, it's there.
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL
root domain, re-read the same ACL when focused
on a DC in a peer-root or child-domain ... note the claimed affiliation of
the Administrators ACE.
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir
.
--
Dean Wells
MSEtechnology
Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Tony Murray
Sent: Monday, August 14, 2006 8:24 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir
I'll assume for the moment that you were able to get it from the web site,
let me know if otherwise.
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of WATSON
)
... uhhh, okey dokes :0/
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Tuesday, August 15, 2006 9:12 AM
To: ActiveDir@mail.activedir.org
Inline ...
--
Dean Wells
MSEtechnology
Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Tuesday, August 15, 2006 11:31 AM
To: ActiveDir@mail.activedir.org
Cc: Send
Most welcome, glad it's working out for you.
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of WATSON, BEN
Sent: Tuesday, August 15, 2006 12:48 PM
was deleted, it may assist in
understanding what's going on here?
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Han Valk
Sent: Monday, August 14, 2006 3:45 AM
Why thank you … but who said otherwise? ;0)
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Matheesha Weerasinghe
Sent: Monday, August 14, 2006 2:35 PM
Cheeky git my head, your stomach at least well
have the plane to ourselves! :0)
Best start working on that pilots license!
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED
If not, though less efficient, dump them all and pipe it through
find
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of joe
Sent: Monday, August 14, 2006 5:53 PM
Ok, finally managed to download the version on the site, it's up-to-date ...
use that if interested.
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: Dean Wells [mailto:[EMAIL PROTECTED]
Sent: Monday, August 14, 2006 8:12 PM
Can you elaborate as to the NC-repl-locations update issue?
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Paul Williams
Sent: Friday, August 04, 2006 3:29
Resolved offline, a policy issue ... not a technical one.
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Dean Wells
Sent: Friday, August 04, 2006 8:10 AM
response
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA
Sent: Friday, August 04, 2006 8:54 AM
To: ActiveDir
it out). The
result should be
msDs-Behavior-Version=2
; msDs-Behavior-Version=$REGISTRY=InstallForestBehaviorVersion
HTH
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED
wise, (i.e. when a new domain is created within an existing
forest), we simply need to tell the forest func. level to seed itself with a
value of 2 see my previous post for instructions on how to do that.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
I’m gonna read between the lines a little and ask if you previously
trusted these domains?
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of HBooGz
Sent: Wednesday
here would have likely stumbled across it before now).
Re: your 2nd comment hahahaha, LAMO :0)
PS for those not English or confused, sorry the
explanation wouldnt work anyway!
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
Title: Setting FFL=2 automatically when building first DC in forest
Nod, but sfkds sdkfk skdwpoe cdof slkap d dkds y dlsdk lspw dod sfd
qwpw slla dsk ccdpow yours too.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From
system (in this case, system-purposed attributes in AD) is beyond
an unattend file's scope.
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent
a feature suggestion ...
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Thursday, August 03, 2006 8:34 PM
To: ActiveDir@mail.activedir.org
forest
3. Copy that entry into the [DEFAULTADDLMACHINE] section
4. Run DCpromo
Regards.
Dean
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Tomasz Onyszko
Sent
I'm not following, if you're creating an answer file to feed DCpromo when
building new DCs ... why can you not also supply a modified schema.ini that
contains the changes per my earlier post?
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message
)
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Matheesha Weerasinghe
Sent: Monday, July 31, 2006 7:10 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] DNS oddities
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Matheesha Weerasinghe
Sent: Sunday, July 30, 2006 3:07 PM
To: ActiveDir
Windows or 3rd party firewall related??
--
Dean Wells
MSEtechnology
t Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Sakari Kouti
Sent: Saturday, July 22, 2006 11:39 AM
To: ActiveDir
This thread appears to have been answered but I've enclosed the script for
those interested, let me know if you experience issues receiving it ... (it
may be too large per Tony's throttles).
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original
Title: OT: Self grown AD webtool sample output - any takers in joint dev?
I'd be
happy to take a look Freddy, I'm permanently on-site now so my joint dev.
efforts would be sporadic at best but I would hope I'll have something of value
to contribute.
Nice
work!
--Dean WellsMSEtechnology*
Dump
the msDs-masteredBy attribute of the forestDNSzones NC head to determine the DCs
running 2K3 upon which MS' DNS is installed and is (or at least was)
running. You can further qualify that list using WMI or SC.EXE or any
means of remotely querying the installed services. This is quite
That
was actually my original post ... but it was harder to identify the DN of the
crossRef than that of the NC head (which is kinda easy ;0) and keeping the
"query efficiency" mantra in mind,I preferred not to query period and thus
changed my thinking and subsequently my post. In
hmmm
...interesting idea but since it must be scoped to a onelevel query at
best, a subtree query at worst ... it consumes more resources than merely
dumping a single property from the NC head (using a base scope). It may
provide a more up-to-date state though ... I don't recollect if the
It's
not the thread's topic per se... you inferred a criticism directed toward
his "@work" children ;0) ... haha
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent:
on
that one I'm afraid ... but suffice it to say that for me; I prefer app. NCs
where possible.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Wednesday, May 17
LOL!
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Wednesday, May 17, 2006 3:32 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OT] DNS
Try again -
http://www.peevish.co.uk/slang/m.htm-
"Noun. Friend. E.g."Alright my old
mucker." [1940s]"
... Neil or Mark or any of the other English
folk will no doubt attest to its usage.
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From:
That would imply I had a reason to ya
pillock ... believe me, you'll know when I insult you ;0)
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Wednesday, May 17, 2006
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Friday, May 12, 2006 5:33 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Image a
DC?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL
First
and foremost --that's "Dean" and joe -- ya young whipper-snapper
;0)
Secondly, fear not -- the content was merely
"ground-breaking"
:0)
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Heh, made me laugh too ... and no, not remotely ... I only think you're
being an ass when you actually are ;0)
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett
Per my
original repsonse and having just tested it, modifying the default does indeed
have the desired effect. I'm uncertain as to why it's not working for
you.
Which
displaySpecifier are you modifying?
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
Inline ...
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf
B. Simon-Weidner
Sent: Wednesday, April 19, 2006 2:40 AM
To: ActiveDir@mail.activedir.org
Subject
Try
editing the extraColumns attribute on the default-Display object, adding the
property of your choosing as follows-
LDAP name,display name,default
visibility,pixel width,0 - IIRC,
this is reserved and must be 0 for now.
...
highlighting the Saved Query in question and selecting
OK, so
the 1st trailing 0 says "don't show by default" ... which I assume is what you
want on the default displaySpecifier. You may also find it useful to know
that when these columns do appear, they have a habit of initially being 0 pixels
wide so you have to go dragging columns widths
.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Tuesday, April 18, 2006 5:11 PM
To: ActiveDir@mail.activedir.org
Cc: Send - AD mailing list
Subject
).
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Sunday, April 16, 2006 8:47 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] User Accounts
Title: User Accounts
That
number isn't accurate I'm afraid. The underlying store used by AD supports
a theoretical maximum of 4.2 billion rows (limited by the 32 bit DNT or
distinguished name tag) within its lifetime, deleted objects (garbage collected
or otherwise) do not return row
Title: User Accounts
A long
and unbelievably off-topic IM with Eric (and joe towards the end) re: this
thread touched on some of ESE'slesser-known artifacts or behaviors ... thanks for the
input Eric.
Inline ...
--Dean WellsMSEtechnology* Email:
Title: AD replication compression algorithms
I've
never thoroughly tested it having not encountered perf. issues with the now
legacy MSZIP algorithm nor have I seen any published stats. from MS outlining
tangible differences on shrink-wrapped hardware. I'd suggest running
through a few
Title: AD replication compression algorithms
Thanks
for the URL ...
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]Sent: Wednesday, April 12, 2006 9:49
AMTo:
No, IIRC it defaults to the site of the DC from which the directory was
sourced.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Daniel Gilbert
Sent: Wednesday
The OU
structure and depth does not directly influence logon time (AD hierarchy is in
fact something of a simulation). Hierarchy can influence login performance
only when nested sufficiently deeply and with a large number of linked GPOs at
each or most of the superior OUs, a choice made by
Title: RE: [ActiveDir] Deleting "default-first-site-name" site
I
think you must have missed the answer in the follow-up reply ... that response
contained -
paste
No, IIRC it defaults to the site of the DC from which the
directory was sourced.
/paste
...
let me know if that doesn't cover
Title: Disable site link bridging and DFS site costing
Thisswitch
is used topermit automatic
site link bridgingto be disabled
without affectingDFS's ability to usethe legacy ISM
to calculate the cost matrix.
The change ismaintained on the NTDS Site Settings object and is effective only
Title: Disable site link bridging and DFS site costing
...
sorry, got carried away and forgot to address your more direct questions
-
Is this a forest wide or site wide
change?
I believe it prevents the affected ISTGfrom creating connection
objects on its bridgeheads sourced from DCs in
You assume too much :o)
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, April 06, 2006 10:37 PM
To: ActiveDir@mail.activedir.org
Subject: RE
A
logical question, but happily no!
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Amy
HunterSent: Tuesday, March 14, 2006 8:08 AMTo:
ActiveDir@mail.activedir.orgSubject:
}}. The query below exploits that feature permitting repadmin's GUID
format to be supplied directly.
C:\adfind -config -binenc -f
(retiredReplDSASignatures=*{{GUID:6cc4a8e0-2019-4e4f-81cd-f35926de38a3}}*)
-dn
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original
there.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Scott Klassen
Sent: Wednesday, February 22, 2006 9:55 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir
Inline ...
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Wednesday, February 22, 2006 2:35 AM
To: ActiveDir@mail.activedir.org
Cc: Send - AD
words, not mine) and
professes his innocence :0).
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Tuesday, February 21, 2006 7:44 AM
To: ActiveDir
retiredReplDSASignatures=*\E0\A8\C4\6C\19\20\4F\4E\81\CD\F3\59\26\DE\38\A3*
retiredReplDSASignatures
Fingers crossed that Joe will have a hidden switch to do the decoding for
you, until then, this is it I'm afraid.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message
whose invocation ID has changed due to a restore operation or the
removal and
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of SCOTT KLASSEN
Sent: Monday, February 20, 2006 9
(wherever the
heck that is).
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of David Adner
Sent: Monday, February 20, 2006 10:43 PM
To: ActiveDir@mail.activedir.org
Subject: RE
whose invocation ID has changed due to a restore operation or the
removal and subsequent re-addition of a NDNC (again, a normal occurrence),
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
If memory serves, it was a choice ... not a technical reason -
Locate the schema definition for the structural class in question within the
schema NC using ADSIEDIT.MSC or equiv. (in this case, a Container), bring up
its properties and set DefaultHidingValue to FALSE.
--
Dean Wells
MSEtechnology
Title: [ActiveDir] Deleted OU issue
... but couldn't he loose
data (new objects or attribute changes) that did not also replicate to the other
DC, by "overwriting the database?
Other
unrelated changes? Certainly ... assuming (as Guido says) replication
hasn't occurred
yet.
--Dean
Inline ...
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
Sent: Tuesday, February 14, 2006 7:57 PM
To: ActiveDir@mail.activedir.org
Cc: Send - AD mailing list
Subject: RE: [ActiveDir] Script to transfer FSMO
In hindsight, the same is true of the PDC regardless of whether it is seized
or transferred so that's somewhat moot ... my scotch = my bad :O)
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Title: [ActiveDir] Script to transfer FSMO roles.
A few
thoughts --
I'm
not entirely adverse to the idea of throwing commands at NTDSUTIL and seizing
roles (and relying upon the mandatory pre-emptive transfer attempt) but I prefer
not to perform such actions when the capability to trap
.
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: Dean Wells
[mailto:[EMAIL PROTECTED] Sent: Monday, February 13, 2006
9:06 AMTo: Send - AD mailing list
([EMAIL PROTECTED])Subject: RE: [ActiveDir] Script to transfer
FSMO roles.
A few
thoughts
Title: [ActiveDir] Script to transfer FSMO roles.
Can
you elaborate on what you mean by "replication threshold" (or fresh hold if you
prefer ... gotta love spell checkers :o)?
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
Title: [ActiveDir] Script to transfer FSMO roles.
Not
that's springing to mind. Some related thoughts -
*
inbound replication is single threaded (i.e. no concurrency limitation is
required)
* in
2k, 15 mins. represented the anticipated end-to-end replication within a
site
* the
KCC in
Title: [ActiveDir] Script to transfer FSMO roles.
Great,
sounds like you're good to go!
Re:
W2K3 Standard vs. Enterprise: there's a mass of information concerning the
feature differences and supported hardware, the following is as good a place as
any to start -
I
haven't directly investigated the issues you're having so a solution may well be
available as opposed to the workaround outlined below -
for /f
"tokens=*" %m in ('dsget group "CN=domain admins,cn=users,dc=mset,dc=local"
-members') do @dsget group "cn=other admins,dc=mset,dc=local"
Interesting
that'user' is not a valid objectcategory. When I had ADUC create the
query for me,
it
automatically generated the filter that included objectCategory=user. New Query / Custom
Search /
then Display Name Is Exactly (space
character).
The attribute "objectCategory" is of
] On Behalf Of Brian
DesmondSent: Wednesday, February 08, 2006 2:23 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: Any
Programming courses for Systems Administrators?
Dean
Wells @ www.msetechnology.com does
AD training and from what I hear on this list its top notch.
Thanks,Brian
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Brian
DesmondSent: Wednesday,
February 08, 2006 2:23 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: Any
Programming courses for Systems Administrators?
Dean
Wells @ www.msetechnology.com does
AD training
I really don't agree in the confined scenario Ulf described. Can you
explain your point further or is it merely an issue of Microsoft supporting
it?
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
IIRC,
the query processor barks at the use of values comprised entirely of
spaces. As such, use the following -
dsquery * dc=mset,dc=local -scope subtree -filter
"((objectcategory=user)(displayname=\20))
... or
for a more creative approach -
dsquery * dc=mset,dc=local -scope subtree
Directory Sites and Services).
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of V Lakshmi
Sent: Monday, February 06, 2006 2:47 AM
To: 'Send - AD mailing list'; [EMAIL PROTECTED
...
since we're getting silly -
net
stop dns net start dns || echo Well bugger, it didn't work
:-[
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-WeidnerSent: Monday,
Title: Delegating attribute in property Set (Personal Information set)
Probably a DSSEC.DAT related issue ... google the filename for
instructions.
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
not
seen IPsec implemented to secure initial address leases though I can
envisage ways in which that could be achieved.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian Puhl
Is replication functioning?
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of V Lakshmi
Sent: Friday, February 03, 2006 12:44 AM
To: [EMAIL PROTECTED]; ActiveDir
Title: Script to determine a machine's site
Does
this suffice -
nltest
/dsgetsite /server:domain FQDN
Haven't tried anything of this kind myself under Wimpy
so I'm uncertain of its suitability.
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From:
(based on minor
sanitizing-edits only). If you're interested, let me know and I'll provide
you with availability and rates ... they're cost effective at a minimum of
~4+ students.
Kindest regards.
Deano
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original
Title: Script to determine a machine's site
Indeed
it does, that's what I ran it on ...
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier,
GuidoSent: Friday, February 03, 2006 4:32
Title: Script to determine a machine's site
... to
be clear, it does require that some level of credential first be established
but, nonetheless, it functions.
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Title: Script to determine a machine's site
Per my
previous post, I'd forced some creds. down the target DCs throat prior to
executing NLTEST ... and, no, my local creds. do not match those of the
virtual domain in question ... 'cause that would be all kinds ofjust plain
wrong :o)
--Dean
Title: Script to determine a machine's site
Nod,
have since learned that ... my apologies.
I'm
guessing there's a mean of achieving that with nltest (or perhaps a few
iterations and some output parsing).
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
Microsoft uses 802.1x auth. I believe ... as do many.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA
aka Ebitz - SBS Rocks [MVP]
Sent: Friday, February
Title: RE: [ActiveDir] ADUC updates - Was Expired Accounts
Note
that the available columns can be extended via Display Specifiers (i.e. a
distributed configuration).
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL
No, expired accounts are calculated on-the-fly based on their expiry date
and the DC's date. AD UC doesn't treat that as disabled ... 'cause it is
isn't ;o).
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED
Please
note that a handful of objectClasses are not moved to the Deleted Objects
container. Although supplying the Deleted Objects dn as the base is a
general rule of thumb worth following, be aware that there will be instances
where it will fail to identify every deleted object.
--Dean
Title: FSMO Role Transfer GUI
I used
to use LDIFDE (I imagine that still works)
...
oops, typo'd it again ... what I meant to say was "I use toADmod.exe"
(he's sensitive you know ;o)
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL
not alone
and that someone else gets to feel his pain in an org. of similar size and in
the same industry ;o)
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Wednesday
To
clarify, note the syntax of dsHeuristics(Unicode string) ... it requires
that you enter a sequence of characters (bytes not bits ... nor the decimal
representation of those bits), e.g. - 01000.
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
How so?
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]Sent: Wednesday, December 14, 2005 8:15
AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir]
Reducing number of
Great
topic and, IMO, great answer ... I've only a few comments in addition to Joe's
reply (inline).
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Tuesday, December 06, 2005 8:56
1 - 100 of 454 matches
Mail list logo
