Not really related to the problem at hand, but OP weirdness the same.
If you have a disjointed namespace in your forest, and the domain names are the
same except for the extensions, the OP doesn't indicate which one you are
pointing at.
IE
MyCompany.net is the forest name
MyCompany.com is a
This is a little more off topic but..
Has anyone been able to decode LDAP on ports other than port 389 view MS
Network Monitor? I have never gotten in to work correctly, even with the
SMS 2003 version.
I have been using ethereal more, because of this restriction.
Though I am also curious
Brian,
Ouch! We don't know why he went with a Tyan system over an HP or Dell.
With the current pricing of Dell servers, they are far below even the Tyan
barebones server chassis.
I used to work for a large international company, and certain international
divisions were only approved to
Joe,
I have a large Websphere community, which suffers from the single NC for
LDAP binds scenario. Have you had any experience with WS and ADFS? The
WS guys seem very tight lipped on knowing how to setup WS to work with it.
I have been looking at Quests and Netegrity for their ADFS
the recommended
alternative,
i.e. where ADAM receives a SASL bind request and forwards the request
to
Active Directory?
Tony
-- Original Message --
From: Jef Kazimer [EMAIL PROTECTED]
Reply-To: ActiveDir@mail.activedir.org
Date: Thu, 28 Sep 2006 21:17:39 -0500
PROTECTED] On Behalf Of Jef Kazimer
Sent: 29 September 2006 01:53
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] ADAM bind Redirection with a NULL password
Since there has been talk of LDAP Authentication as of
late, I figured I'd post my issue of poorly developed
applications allowing
the request to Active
Directory? Tony ------ Original Message
-- From: "Jef Kazimer" [EMAIL PROTECTED] Reply-To: ActiveDir@mail.activedir.org
Date:Thu, 28 Sep 2006 21:17:39 -0500
Eric, The problem stems from lack of ability to modify the
appl
down this possibility could be put in
control of the directory Admin, instead of relying on the developers.
Thanks,
Jef Kazimer
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
]
[mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Thursday, September 28, 2006 5:53 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] ADAM bind Redirection with a NULL password
Since there has been talk of LDAP Authentication as of late, I figured
I'd
post my issue of poorly developed
of the
spec.
Besides the DCR, I think all you can do is validate on the application
side (but you already knew that).
Joe K.
- Original Message -
From: Jef Kazimer [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28, 2006 7:53 PM
Subject: [ActiveDir] ADAM bind
Just to add some info here..
I am currently in the middle of an "integration" where one IT group
suggested a split the network to clone the AD environment on both sides.
Thankfully this has been abandoned after being evaluated.
I believe Microsoft Consulting Services called this solution
I had posted this today, and I was curious if
anyone knew why an LDAP filter drops the query when searching for a single space
value? Though I was using Joe's ADfind, I did have the same results in
ADSIedit, and thought someone better than I, may know why. It's not really
a problem, just a
Another FYI - Suffix Search List GPO is only available on Windows XP and up OS's.
It was not in Win2000 versions. We had to use scripts/reg keys to man age these back in the day.JefKazimer---http://www.jeftek.com
Date: Mon, 31 Jul 2006 10:46:38 -0400From: [EMAIL PROTECTED]To:
I'm not sure how you mean "Unity Server"?
Can you give more details in what context?
I did a quick Live Search on Unity Server and Active Directory and I thought it could possibly be a Cisco product?
http://www.live.com/?q=Unity+Server#q=Unity%20Server%20Active%20Directoryoffset=1
There
Speaking of Exchange...
Any good resources for Exchange info?(IE real world lessons, etc) I just got told today that we are going to be leaving a company we just bought on Exchange instead of migrating them to lotus notes (Talk about dodging a bullet). Sadly I have not done Exchange work since
hmmm
How about -onlyenabled? :)
Ya know...just because...
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OldCmp question Date: Fri, 19 May 2006 11:41:21 -0400 Disabledaccountsaremarkedbyhavingbit1listonuserAccountControl (value2)
Hmm...then you could add -notonlynotdisabled to return disabled users just to keep with the flow...
Subject: RE: [ActiveDir] OldCmp questionDate: Fri, 19 May 2006 17:08:03 -0400From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
+1 for –onlynotdisabled g
Thanks,Brian Desmond
[EMAIL
We have it on all of our DCs as well worldwide and have not seen an issue.
But a question about integrated zones. I had an issue recently where a system owner wanted to know if people were resolving an old CNAME for one of their systems. They wanted to remove it from the zone, but wanted to
joe,
I had considered the cache issue, but I figured that since it would be an integrated zone, it would exist on multiple DNS servers. So if eachDNS serverread the record once, it would generate enough audit flags to let us know it is still being used globally. :)
As I said, it was a standard
I think my company users Lotus Notes just because it doesn't integrate with anything so less headaches. :(
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [OT] DNS on a DC or NOT Date: Wed, 17 May 2006 15:32:15 -0400
http://dictionary.reference.com/search?q=mucker
mucker
\Muck"er\, n. A term of reproach for a low or vulgar labor person. [Slang]
Let the Ragin' begin!
(Thought I could have sworn it was a lazy way to say "mofo" :) )
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE:
John,
Just curious, was these option *ONLY* availiable in XP SP2? Any hope it exists in Windows Server 2003 SP1? :)
Thanks,
Jef
From: [EMAIL PROTECTED] Subject: RE: [ActiveDir] GPO To: ActiveDir@mail.activedir.org Date: Wed, 10 May 2006 08:49:21 -0500 HiPeter...
Hmm.reading the PDF at : http://download.microsoft.com/download/5/8/e/58ededaf-4de0-4fd3-b500-8a8f6bbfe1f4/ADRAP_Datasheet_v1.0t_English.pdf
Is this something to have running where MOM is not running? It seems alot of his can be done via MOM, thought not as slick of a consolidated interface.
Joe,
I don't remember if they told us to check if they are TS users or not to be honest as this was almost 2 years ago. I do remember that he symptoms were quite odd in that the error message dialog box would throw out an obscure error that could not be found in any online resource. They said
I meant that was the advice we were given from PSS on how to solve the problem. :)
Though...we did end up clearing it after finding out they were not TS users.
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd helpDate: Thu, 4 May 2006 21:17:34 -0400
Mike,
Can you use ADfind and ADmod for this?
ADfind -h DC -Default -f "(TSpath=Blah)" -dsq | ADMOD tspath::NewPath
Now I don't remember f TS path (I know it's not the attribute name so you will need to look at it) is a string value or if t's contained in that blob value with the other TS
Mike,
Scratch that. It is not the string I was thinking about.
I'm sure Joe will know though :)
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd helpDate: Wed, 3 May 2006 16:38:42 -0500
Mike,
Can you use ADfind and ADmod for this?
ADfind -h DC
My first travesty with said blos, was when an admin could not reset a users password via the MMC. After some PSS support, it turns out it was the NWCLIENT attributes stored in the userParameters field. As it turns out these users in the NT4 days had the Netware client piece, and when they were
This has been making the rounds as of late, so I am not sure if it has been
posted here:
Security Myths and Passwords by Prof. Spafford
and something from 2002:
Ten Windows Password Myths
Now...where I am, Smart Card integration into physical building access is
becoming a reality, so
HmmmI think my links got stripped there :
SecurityMythsandPasswordsbyProf.Spafford
http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/
TenWindowsPasswordMyths
http://www.securityfocus.com/infocus/1554
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE: Re:
Mylo,
Thanks for the information!
I have setup ADAM utilizing a custom web UI utilizing AZman for a small project before, but I have concerns about scalabilty. The issues are not with the ADAM instance at all, but the UI that is needed to manage ADAM. ADSIedit is great for someone who
Since it is "LDAP" I did look at some "friendlier" admin tools, but none really hit the mark for me. I believed that group looked at Softerra's tool, and there is the web based PHP LDAP manager, and also the C# LDAP manager tool. You can Live search the names or I can post the links here if you
Neil,
In some ways they may be even more harmful. Network outages have their own fixes, hardware failures have replacements, deleted data (should) have backups.
Solutions for bad process and policy due to architecture decisions? Not as cut and dry, and could be most costly in the long run as
works nice...but still no Xbox 360 support :(
I want to test that piece :)
Subject: RE: [ActiveDir] OT: Windows Vista - Windows DefenderDate: Fri, 28 Apr 2006 12:15:52 -0400From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Have you tested MCE on it? 5342 MCE on a beefy box is
Joe,
Good question. I would assume something similar to ADUC (dsa.msc) where you can use a standardized interface to manage users and the associated attributes.
The problem I suppose is that ADAM can be utilized for many custom scenarios, that it would be hard to have a "standard" interface.
We use "employeeType" with values of
EMPLOYEE
CONTRACTOR
VENDOR
SERVICE
OTHER
ADMIN
Jef
Subject: RE: [ActiveDir] Cleanup of AD accountsDate: Fri, 28 Apr 2006 16:04:42 -0500From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Is there an attribute that's generallysafe to use, or are you
You have me salivating
What is the program name? I do not see it under the availiable programs listing.
Subject: RE: [ActiveDir] OT: Windows Vista - Windows DefenderDate: Fri, 28 Apr 2006 19:00:32 -0400From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Do you have access to
Just curious
Does the Vista MCE allow Divx playback for the extender?
The MCE Transcoder is a life saver to play Divx and Xvid on the Xbox 360 MCE-E.
Subject: RE: [ActiveDir] OT: Windows Vista - Windows DefenderDate: Fri, 28 Apr 2006 19:03:07 -0400From: [EMAIL PROTECTED]To:
I have noticed it is not always in the system tray, except when it had a message for me.
I found the icon (looks like a little castle) on my main Programs Menu on the Start menu.
Jef
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Windows Vista -
I was wondering if anyone had any suggestions for workflow applications built on top of MIIS for iDM? We have a rather robust MIIS architecture that utilizes custom coded applications as a front end. We are starting to evaluate off the shelf products, and I was wondering if anyone had any
sites?
Are they web only? What type of authentication is needed? What were your
plans for authorization? Are you planning to use something like SiteMinder
or Tivoli or ?? to help you deal with authorization if using web sites?
Al On 4/26/06, Jef Kazimer [EMAIL PROTECTED] wrote:Ok, here
Tom,
Unfortunately No, this is a domain wide setting.
This may help: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/stepbystep/strngpw.mspx
look under the "Storing Password Policy Information" section.
More than just AD utilize this
Al,
If you had asked me in the year 2000, I could see issues that would drive a root domain to anchor multiple domains. I would caution against it now. I believe MS had the same stance, and now thinks it may not make as much sense as it once did.
Maybe they should re-evaluate their service
The problem I always had with the idea of a tighter security for a root domain for admins is that it doesn't always flow down correctly for all tasks in the child domains.
IE
You have your Admins in the ROOT domain which has a tighter security policy than your child domain. Yet you can't place
Guido,
My thoughts exactly. I always start my complaining with "It was designed with what we knew at the time.butif I could it again today, blah, blah".
I think the decisions that would use this model today will most likely stem from political and administrative decisions, where as
My brother I welcome you into RDA :)
Root Domain Anonymous :)
Though, if the business requires the separation it still has it's place today in certain environments. I would just be more adamant at evaluating those business requirements as it relates to the directory.
Jef
Subject: RE:
RH,
It comes in the management issues. I currently deal with people creating a secondary account in the peer domain because they do not want to bother (or understand that they can) to use the existing account. I think alot of this stems from lack of centralized policy and process that was not
Gil,
I think he was looking for other reasons besides the obvious ones (More hardware, license, etc.).
It would be interesting to quantify the hidden costs related to administration, data consistency, application integration, security, etc..
But that is a task for a better man than I...
Jef
Ok, here is something I'm just starting to research, and I thought maybe someone here has some pointers or a direction they can steer me in.
We are looking at a potential consolidated directory/database to contain user registrations (Self registration and possible bulk load)for multiple public
Dave,
The certs can be used in fifferent ways. If you are using EAP-TLS which uses the Certs to authenticate the user and the server, you will need a CA to issue this. This would require a PKI solution to be in place. While not hard or impossible in 2003, just something you want to be cautious
My recent favorite was a rather "popular" software vendor told me I needed to increase my maxIdleConnectionTime for the Directory higher than 900s (15 mins)because their connection was timing out while processing the first page of 1000 users, and having the connection dropped before they went
The thought of a complete PKI has put us off this
--- Many people tend to be in the same boat. We are looking at integrating our Badge IDs and Smart Cards so I see a a full blown PKI initiative in the works.
This seems O.K.We generateda cert internally, andthis is how we intend to
Myke,
You could write a script to do such a thing I suppose. Something to the effect of if lastLogonTimeStamp value is greater than 180 days, disable account kind of thing.
We utilize MIIS in house for this and for SOX deactivations, but it is certainly something you could write a script or a
We are using IAS, with PEAP authentication to AD. This allows them to use their logged on user credentials to the workstations to authenticate to the WLAN. The whole authentication is behind the scenes if they are in the Domain. I still have some network folks who fear being a domain, so they
I'm curious, how would you show activitity other than the last time the user authenticated? Since disabling the account would only affect the ability to authenticate (not including any external logic or process built on account status), I'm curious what other ways you would show account
Ahhh...I thought you were aluding to some magical attribute in the 3rd dimension I did not know about in the Directory. :)
Yes, I agree, Process and policy needs to govern activity not just what the directory reports. :)
Thanks,
Jef
Subject: RE: [ActiveDir] automatic account disable Date:
It seems like an obvious idea to implement. Sad we never thought about it. :)
Has anyone done any tests to reveal what performance gains this yields on queries?
Thanks,
Jef
Subject: RE: [ActiveDir] stupid ldap queriesDate: Tue, 18 Apr 2006 17:03:35 -0400From: [EMAIL PROTECTED]To:
Does the SCHTASKS.EXE do what you want?
perhaps with the /V switch
SCHTASKS /Query [/S system [/U username [/P password]]] [/FO format] [/NH] [/V] [/?]
Description: Enables an administrator to display the scheduled tasks on the local or remote system.
Parameter List: /S system Specifies the
I was brought this little problem today, which doesn't make alot of sense to me so far.It appears that ADUC displays the User Expiration date differently than a VBS script does. An in house coded application is being questioned because these values do not match.ADUC says 8/8/2004VBS says
end of. That is, the Active Directory Users and Computers MMC snap-in will display the account expiration date as one day earlier than the date contained in the accountExpires attribute." Hunter From: Jef Kazimer [mailto:[EMAIL PROTECTED] Sent: Friday, August 06, 2004 9:19 AMTo:
[EMAIL PROTE
.
Thanks,
Jef Kazimer
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/mail_list.htm
List FAQ: http
We have some servers with slow connections due to some political site link
connections times. What I believe is happening is that the replication window is not
sufficient to propagate all the changes, and when the changes reach to the box, the
files it's expecting to change are no longer
publicly and internally.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Friday, January 16, 2004 11:54 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [ActiveDir] MNS user flag - fixed
Last week I posted here questioning
I've been looking at ways for tracking static DNS record changes. So far
I've been focusing on the dnsTombestone property which has 3 values of
NULL, TRUE, and FALSE.
Perhaps you can see if that object has a similar property? I'm not at an AD
terminal now, so I can't check, but it might be
to it have been copied from others
(defining constants in VBScripts).
Do you have Windows Server 2003 clusters there? Could it be related to
them?
Anyway, happy hunting :)
Rich
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Friday, January 09, 2004 4:28 PM
To: [EMAIL
Usually a Failure of 5 is Access Denied
turn on Winlogon Logging, and then use secedit to reapply security policies. It will
create the winlogon.log in the C:\winntt\security\logs directory.
Read through the log and you should see where the error is happening.
Search Technet for the keywords
Actually I just used the ADmap 1.6.2 utility last night. I believe it came out of MS
consulting services from Germany. (it says so in the about)
It reads your Sites structure and builds it into a rather unwieldly VISIO map. You
will need a Plotter to print it out, and it's not perfect. Not
-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 25, 2003 4:17 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [ActiveDir] DNS, Reverse and Limit
okTry to stick with me, as I explain this mess.
Having inherited DNS, it appears that scavenging was never
put
Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 25, 2003 4:17 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [ActiveDir] DNS, Reverse and Limit
okTry to stick with me, as I explain this mess.
Having inherited DNS, it appears that scavenging
: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 26, 2003 8:53 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DNS, Reverse and Limit, and
Searching for Static Records
Roger,
Thanks for the Reply!
Well I can say it can handle well over a 100. :) I'm just
second
okTry to stick with me, as I explain this mess.
Having inherited DNS, it appears that scavenging was never put on for the DHCP
scopes, and there are over 60k of dead PTR records to clean up. Unfortunately it
was never turned on, since the fear of static records being wiped in the process
Hi all,
I have an urgent need to mirror our production OU structure to our Test Platform. Is
anyone aware of a script or tool where I can export and import the structure?
If sowould they share? :)
I think I can write something, but if anyone has a pointer in the right direction to
an
://support.microsoft.com/?kbid=237677 has an example of how to do this
with LDIFDE. Very easy and fast
Hunter
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Friday, November 21, 2003 1:32 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: [ActiveDir] Mirror OU
Sooo...
I've finally deployed the latest FRS version (june 2003) and already I am seeing
things clean up nicely!
Only problem has been with Ultrasound (I LOVE free tools like these!) that once the
provider is deployed, I can't get data and the provider gives these errors:
Recording NtFrs
HmmI think the setpwd was a hack they threw together to address the issue
quickly. You'll now found this ability to reset the password in the ntdsutil command
on win2003. the setpwd doesn't exist in 2003 either.
I am not running SP4, but if you are, you might want to check ntdsutil to
for responding.
RH
_
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Jef Kazimer
Sent: Friday, November 14, 2003 12:11 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: re: [ActiveDir] Directory Services Restore Password
HmmI think
I'm currently using the DNSresource.vbs to dump zones to a text file, then I use
another VBS I wrote to parse the text file, and re-import the Reverse zones.
The syntax I am using is:
DnsResource /LIST PTR %2.%1.10.in-addr.arpa /S SERVER /O zone\%2-%1-10.dns
%1 and %2 are the B and C octets
+-+
Jef Kazimer
[EMAIL PROTECTED]
Sent
+-+
Jef Kazimer
[EMAIL PROTECTED]
Sent by: To
[EMAIL PROTECTED
Cindy,
Verify the Subnet data is replicated, and then trigger the KCC (repadmin /kcc
server or in Replmon)
you can just delete the connection that was created by the KCC, and whe nti rusn again
it will add them if needed.
If you moved it to a new site, and you created the proper site-link,
It's that Mysterious error they talk about in the ADMT 2.0 docs, that they say is
unknown cause of it.
Do a shutdown and reboot of your workstations before you migrate them, and it solves
this problem. I meant to send out verification and reboot scripts this week since
someone asked this
Have you done the Age All Records (DNSCMD /AgeAllrecords command)
Records with TS before Scavenging was turned on at the server/domain level will not be
scavenged, so you need to AgeAllRecords after enabling scavenging.
It will inherit the scavengeing attributes from the zone itself.
your new
I would second that about making sure the users are logged off. The earlier betas of
2.0 really flaked out on that, so make sure you did use the 2.0 release.
We've had issues with RPC timeouts and not finding PCs on the net, but we think it's
related to a global networking layout.
When
-
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Friday, November 07, 2003 1:50 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Bindview and ADMT
I would second that about making sure the users are logged off. The
earlier betas of 2.0 really flaked out
When specifying DHCP servers in the DnsUpdateProxy, should the ACL For the record
show the machine account (DHCPSERV1$) or should it show (DNSUPDATEPROXY)?
I'm looking at some Zones, and I see that the DHCP server as having FullControl, and
the owner as SYSTEM.
Would a 2nd DHCP server in the
in the
details.
/Guido
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 5. November 2003 17:29
To: [EMAIL PROTECTED]
Subject: [ActiveDir] DHCP - DNS - DnsUpdateProxy Group
When specifying DHCP servers in the DnsUpdateProxy, should the ACL For the
record show the machine
- DnsUpdateProxy Group
Date: Wed, 5 Nov 2003 22:15:07 +0100
look at the ACL with ADSIedit - it should not be empty. Is there an
Everyone ACL?
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 5. November 2003 22:07
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir
don't have anything to test around here right now so I can't compare what
the ACL should be.
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 5. November 2003 22:29
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DHCP - DNS - DnsUpdateProxy
Well, this is more of a blanket suggestion, than a solution to your problem.
After coming to find many tasks that remote admins should be able to do, but that I
don't want to give them rights to do, I tend to try and centralize tools. I've
created ASP driven admin portal which is nothing
Hi all,
I'm using Ultrasound to diagnose some Replication problems. One thing I am trying to
do is bring FRS up to date on all the DCs.
What is the msot current release version of FRS?
The latest I am reporting is May-07-2003, but I know where is newer. If I am going to
upgrade them, I
)
What kind of replication problems are you experiencing?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Monday, November 03, 2003 10:12 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] FRS 2k - What is the Latest version?
Hi all,
I'm
Rich,
I just create a file object, and output Text with HTML code to it to format the HTM
file for making web based report. Since HTML is just text anyway you can
programatically format it.
Here is just a snippet for example:
'[Create ASP log file]
Set WshShell =
extension Security was passed flags (145) and
returned a failure status code of (1208). There were originally some group policy errors, which were
fixed. Policy applies correct as per the winlogon.log after it is
fixed, but the problem returns. any help would be appreciated. Jef Kazimer
were fixed. Policy applies correct as per the winlogon.log after it is fixed, but the problem returns.
any help would be appreciated.
Jef Kazimer
in PSS - JD. Then of course you have the folks like
Stuart Kwan and Dave Trulli.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Thursday, September 04, 2003 10:51 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Manual Replication
-- that's the NT4 domain is company.com. I'm concerned about doing an AD
upgrade with a period in the netbios name.
-Original Message-
From: Jef Kazimer
[mailto:[EMAIL PROTECTED]
Sent: Thursday, June 26, 2003 3:35 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD
Upgrade with bad
96 matches
Mail list logo
