Heh - Roger's in rare form once again! Actually, I was told that everyone
else is getting it free - however, Inovis is getting charged double.
Hold onGads! That's still nothing! Damn!
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone
the preferred method. But, before GPMC (6 years
before, in fact) we have survived quite well with Auth Restore, Systems
State resore, and Data backup restores.
What part of the picture am I missing that would indicate Microsoft missed
the boat on restoring GPOs in your case?
Rick Kingslan MCSE, MCSA
. But, then - you're dealing with
something that, as I remember - is about 7 times as large as mine.
But, then, I am the guy who forgot that DC Administrators group and a member
server local Administrators group weren't actually the same thing. So, what
do I know ;-)
Rick Kingslan MCSE, MCSA, MCT
that I've seen, users are accessing resources in other domains.
And, please - don't tell me that you're explicitly adding users from DomainA
to DLGs or resources in DomainB. I've got that problem I'm dealing with as
a legacy, and UPN resolution is painful.
Rick Kingslan MCSE, MCSA, MCT
Controllers administrators
group. I have tens of thousands of local groups on my domains. We don't use
Global/Universal except builting, everything else is DLG.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Saturday, August 16
that ended up being a
McAfee issue, etc.
I'm glad that you've never needed a dump, Roger.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
thoughts here Flail away
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CIT)
Sent: Wednesday
:o)
My security logs are 180MB.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rittenhouse, Cindy
Sent: Wednesday
mind.
You get what I mean, right? You don't have SMS, as I remember, so that not
an option either. You really don't have much else left to ensure
installation. How's your weekend looking? ;-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone
Heh Telemarketing company that I worked for in the early 80's did their
coding in MUMPS. Interesting use for a language that was developed to
target the medical industry, as I recall - Massachusetts General Hospital
Utility Multi Programming System.
Rick Kingslan MCSE, MCSA, MCT
Microsoft
need to have WMI
installed/activated for the above to work.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcen
ter/compmgmt/ScrCM26.asp
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
Jan,
Do you know if they have published a paper or some detail on this process?
Naturally, I'm interested in what they are proposing.
Currently, their full-fledged technical document is slated for March 2004,
which, IMHO, is way too late.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active
it looks like in the unconfigured state, then configure and look for
the changes. For me, that works most of the time.
Good luck!
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From
Shaking head still hawking this old tired solution, eh? ;o)
You've been busy tonight - you're weighing in on everything in one night. I
just want to see the time when Joe answers questions 12 hours in advance.
Now THAT would be a time saver
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP
collects all of the server's audit events at
one place but also allows you to get rid of the events that play no part in
true auditing of the server.
Do a Google search on Windows Syslog and you'll find a number of options -
one of which should suit.
Hope this helps!
Rick Kingslan MCSE, MCSA
and
not to the /policies subkey section reserved for GP and flushed when the
user logs off or the machine is shut down.
As long as you're aware of these limitations, you should be able to do
anything as long as you can identify the reg key and the associated
necessary values.
Rick Kingslan MCSE, MCSA, MCT
that it is possible to
run multiple servers on one physical machine.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joe
Sent: Friday
Title: Message
'system account' what? Not following you here,
Rick.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of rick
reynoldsSent
players, just a bit more adaptable.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rittenhouse, Cindy
Sent: Wednesday
state
where. He is in Redmond now (last I knew), and has published some very
interesting and promising work on AD over/through/around firewalls using
IPSec and other advanced technologies.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com
-908b8f2b980ddisplaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=77b6d819-c7b3-42d1-
8fbb-fe6339ffa1eddisplaylang=en
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
List info : http://www.activedir.org
prefixed with a CNF: that
needed to be removed.
Caveat - this IN NOT an operation to be taken lightly! AND! In my case it
was NOT the Default Domain Policy.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
What - you have a problem with the walking dead? ;P
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Joe
Sent
://download.microsoft.com/download/5/2/f/52f23d76-7d56-44d6-ad25-a95bf0
b
e5516/11_CHAPTER_8_Upgrading_Windows_NT_4.0_Domains_to_Windows_Server_2003_
A
ctive_Directory.doc {link may wrap} has a nicely documented procedure on
this. I plan to follow it.
Excellent guide.
Shshank
Rick Kingslan MCSE, MCSA, MCT
Title: Message
By default, the Domain Administrator is a recovery agent,
not the local admin. However, even the Domain Administrator can be removed
as a recovery agent.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp
Title: Message
Means anyone who gets their hands on the machine is pretty
much golden.
Yeah, I think I'd
subscribe a HEAVY dose of EFS for that company critical data because it's a
minute away from being 'not yours anymore'.
:-/
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
the classless stuff.
Good job on figuring it out, too!
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard Sumilang
Sent
://support.microsoft.com/default.aspx?scid=kb;en-us;275278
It's an interesting problem that is fairly easy to model with VMWare and 3
copies of Win2k.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original
Administration
will create it.
To accomplish this, I remove the ability of anyone else to be able to join
machines and reduce the value to 0(zero) so that the average Joe (no
offense, Joe) cannot add a machine as by default, they can add up to 10.
Not on my network, they can't ;P
Rick Kingslan
to the network.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith
Sent: Saturday, July 26, 2003 12:29 AM
To: [EMAIL
Title: Message
when they want a file
restored, we cannot even write to the folder
But, the Backup Operator can
;-)
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto
computers to it. Finally, I can't, nor does the company
want to, be respoinsible for our worker's personal systems. They can use
them at home - I don't want the liability of them at work. Period.
That's the long and short of it. :-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active
, I am glad to hear that the VPN is working and that the PPTP config
helped. I hope that I was of some assistance on getting that done, and hope
I can continue to be of assistance on this.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone
Too cool. I like this A LOT!
And, *I'd* get fired in a heartbeat for doing it! :-D
But, I still LIKE IT!
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED
is effective.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thomas
Sent: Sunday, July 20, 2003 1:37 PM
To: [EMAIL
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad
Sent: Monday, July 21, 2003 6:01 AM
To: '[EMAIL PROTECTED
And, yep - that's what my research today showed as well. Netlogon, LSASS -
not much difference when you can't block the process from writing when you
need to
Ah, well
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com
Richard -
TCP 3389 would be the port that you would use.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard
Title: Message
Ken,
I can say that in all of the testing and in all of the
systems that we have moved - I haven't seen this behavior. But, there is a
first for almost everything.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com
to the network through the VPN server, it
should be like 'you're there'.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard
, then denied in this
case.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Richard Sumilang
Sent: Monday, July 21, 2003 5:42 PM
, and here, and here, and (ad infinitum), oh ! And then
there's Exchange. You thought the OS was really screwed? Hehe - you ain't
seen nuthin' yet!
;-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original
a thing of the past, and all good things
But, then, so does expandability, but that's such a small negative given the
overall secure nature of the mod. Reliability and security - what more
could one want? ;-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
possible) the deny should override other permissions.
(Now, Joe - what am I missing...?? ;0) )
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Yes - the best way is to programatically collect the name of all of the DCs,
and then loop through them, collecting the specific information for the
users. Then, parse back through the user information to find the REALLY
last logged on time.
Hope this helps
Rick Kingslan MCSE, MCSA, MCT
eried then the
user (for all you know) has never logged on. :-/
Good luck!
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Wright, T. MR
NS
a
grasp of what happens in this delegation, then the rest of your permissions
tasks will be much easier.
Good luck!
Rick
Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate
ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
to assign this
explicitly to each and every user. Denys, as always are very nasty and a
misplaced one can be very hard to track down. Apply this on to an OU for
your users, leaving the Administrative accounts
unscathed.
Rick Kingslan MCSE, MCSA,
MCTMicrosoft MVP - Active DirectoryAssociate
Title: Message
It has to have a kerberos ticket in Secured Updates,
IIRC.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin
-direct.
Rick
Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate
ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of John
McGlincheySent: Wednesday, July 16, 2003 9:20 PMTo:
[EMAIL PROTECTED]Subject: RE
Maybe someone can indicate how to restrict the field to
numeric only (it's not already??? Huh - never tried, I guess.), I
suspect it's a schema mod - but I thought that I answered the rest of the
question, did I not?
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
- 4 years, we can get
some traction on that one.. Yeah, right. :-/
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
JoeSent: Wednesday, July
Title: Service pack 4 and DCs
In our test environment and my lab here at home, I have a
mixture of DCs and a mixture of SP levels. No problems noted with SPs
fighting each other - at least from SP 2 up.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert
Title: Message
No - we have a completely separate forest for the
Extranet. Pardon for any confusion.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
.
Rick
Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate
ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roger
SeielstadSent: Monday, July 14, 2003 10:28 AMTo:
'[EMAIL PROTECTED]'Subject: RE
handle DNS - and do. The DomainDNS and ForestDNS are just that, for all
intents and purposes. They are AD Application parts handling DNS for just
DNS servers - and no DNS data need be on the DCs, unless it too, is a DNS server
once the full DNS app partition is configured.
Rick Kingslan MCSE
the wrong nerve'.
And, he was asking ME to Woa, so if anyone should be offended, it should
be me (and, I wasn't).
Personally, I think that this is about enough of this thread. Not
constructive. Let's move on. 'Nuff said.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate
Bingo! ;-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bryan Schlegel
Sent: Monday, July 14, 2003 8:21 PM
- then this
could be an issue.
With that being said - this agent (ADMT), in my experience, runs at the
LocalSystem context, and therefore should not be subject to the rules of a
ruleset applied by system policy, AFAIK.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate
at the moment if this is pay
or free (suspect pay - it usually is when you really need it...) but I just
can't imagine what would posses someone to believe that what they are proposing
is even remotely acceptable in any environment in today's computing
world.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP
communication nuances FUN?!?!
;-)
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roger
SeielstadSent: Friday, July 11, 2003 5:59 AMTo:
'[EMAIL
the Agent. Then, it really doesn't matter under what
context it runs - it's not there.
I would try and map to the admin$ share, copy an executable to the
directory, then execute the program. Just so that you can prove that map,
copy and execute.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active
. Had to do this numerous
times as workstations took too long and we needed to determine the real
status of the process.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL
a not perfectly 'optimal'
implementation (but very workable and viable)is better than waiting until
you have the best solution, only to find that the window was missed or
confidence is in question.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com
Honestly, no. The risk, IMHO, is just too
great. Extranets with a separate forest with some (read: controlled)
synched or replicated data between the forests (internal, DMZ)- or as
someone mentioned already, ADAM strikes me as a much better and safer
option.
Rick Kingslan MCSE, MCSA
Management, given the discussions that we had.
Obviously, this has been in the works for some time for MMS to
morph.
I can't say that I remember - were you there for that
meeting (about 12 Server MVP's and about 10 MS folks packed into a conference
room)?
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP
and difficult (OK - without turning your firewall into a cheese grater)
the rules will be to deal with replication, etc to accommodate a domain in a
DMZ?
Say your prayers now
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp
? Can be on WinXP, Server 2003 - create multiple instances
of an AD structure, but more like an AD-lite?
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
and whistle.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Roger
SeielstadSent: Wednesday, July 09, 2003 9:48 AMTo:
'[EMAIL PROTECTED]'Subject: RE
Title: Message
Mark,
If you go to the properties of the object and then use the
'Object' tab, it will display the path to the object.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED
.
Silly, quite actually.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CIT)Sent: Wednesday, July 09, 2003 10:39 AMTo
it - but what IS the Agent?)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Graham Turner
Sent: Wednesday, July 09, 2003 4
Title: Message
Dave,
Thanks for the catch - I completely forgot the Advanced
Features. It's become ubiquitous on my systems
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED
-lite, not Security-lite.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]Sent: Wednesday, July 09, 2003 7:25
PMTo
once you get to 2003 Forest Functional mode. That's a big
move.
i) Because it's there. Oh, wait! That's for
mountains. never mind.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL
Darren,
Thanks for providing the clarity. No intent to be 'stealthy' about the
vulnerability, but - frankly, I couldn't think of the proper words at the
moment.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
Title: Message
Lab testing at present is proceeding slowly, but no issues
as of yet.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Don
.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Graham Turner
Sent: Sunday, July 06, 2003 11:39 AM
To: [EMAIL
for you, you know the deal. Im still hoping my boss will see the
light and just say no! J
Thanks for all the
responses, there might be some other options.
Paul
-Original
Message-From: Rick
Kingslan [mailto:[EMAIL PROTECTED]] Sent: Friday, July 04,
2003 4:51
PMTo:
[EMAIL PROTECTED]Subject
reward.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of GRILLENMEIER,GUIDO
(HP-Germany,ex1)
Sent: Friday, July 04, 2003 2:15
Joe,
Unfortunately, one of the biggest issues with AD can't be addressed with an
upgrade, and that's the Security vulnerability from cross-domain admins.
Looking to NetPro's monitoring tool to aid in this as a 'burglar alarm'.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
y not be enough" in #2, that simply copying will restore
these two properly. An Authoritative restore in DS Restore mode would be a
better route. These two are not easily 'copied'
Sorry I don't have more time
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssocia
Jan,
Key point is that you must be in Windows Server 2003 Forest Functional Mode
- only W2k3 DCs in the forest. It's not anywhere near as bad as it looks.
Not anywhere as daunting as the road to Windows 2000 Native
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate
You're quite correct. If you have an E2K/E2k3 ORG, you still have a bit of
a problem. You can rename the domain, the ORG however - another issue
altogether.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
Title: Message
H. and that's what I though VMWare was for!
VBG
BTW, I agree wholeheartedly about your use of ADAM.
As I said, this is a very cool product.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp
to the time
expense and trouble of integrating AD or directory sevices (e.g. LDAP) into the
app natively, ADAM could be your answer.
Other solutions abound -from simple services to
security uses.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone
Title: RE: [ActiveDir] OT: Link to Windows 2000 Service Pack 4
Martin,
Thanks for the link to the final bits, and closing out this
thread appropriately.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
Title: Message
Shawn,
Thank you for originally posting the link. It is
appreciated by all when others want to share thier findings.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED
Title: Message
Doug,
Thanks for bringing this to our attention. Todd,
congratulations. Well deserved!
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
is in place, the switch gets thrown and the announcement is made
to co-incide with what (should be at least) is the availabilty of the
SP.
Is it really released? Next 24 hrs. will
tell.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com
Rick,
The RC1 that we got the other day had NO warnings - standard EULA. So, I
wouldn't base the reality of release or beta on 'big warnings'. That's not
always the case.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp
can read where you're reading this, I might be able to
clear up what it's REALLY saying, if you know what I mean.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED
), so what? Me, I'm mystified by the attitude. shrug
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED
this helps
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Duncan,
LarrySent: Wednesday, June 25, 2003 2:43 PMTo:
'[EMAIL PROTECTED]'Subject: RE
. The mail distro is slow at MS, too, on these types of
things.
Rick
Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate
ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick
KingslanSent: Wednesday, June 25
If they only could have had a few chapters on Exchange 2K integration and
how to make it less painful... :oP
Oh, you are NOT EVEN gonna get this started again! Huh-uh!
;-D
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com
Title: Message
Well,
now that's cool. That's the first time that I remember them doing
that. Thanks for the pointer.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto
and
told me that I had more important things to work on.
I have to admit, though, it pissed me off a bit. But - I'm primarily
Security now and backup on AD architecture. So, if something goes horribly
bad - not my problem. ;-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
at
Microsoft's Group Policy Management Console to copy (migrate, what have you)
from one forest to another. GPMC is the single best tool to come out of
Microsoft since AD.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp
Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jeffrey
DubynSent: Thursday, June 12, 2003 5:27 AMTo:
[EMAIL PROTECTED]Cc: 'Rick Kingslan'
Rick -
Thanks
601 - 700 of 1005 matches
Mail list logo
