Coming into this late, but I'm currently hosting a number of dc's on
VMWare so have some other tips you need to be aware of..
I'm assuming you're going to be doing this on ESX and not workstation or
GSX (if you must do GSX, run it on linux and not Windows - as pro-MS as
I typically am (ex-MSFT,
Im faced with a bit of a challenge that hopefully someone
can provide some better ideas than Ive come up with.. my company is
bringing in a fairly complex identity management product that is largely AD-unaware
and I need to make sure it gets adequately tested before it makes it into our
Title: Account lockout
..might check the event logs on the dc too
weve seen a virus or two lately that really tries hard to brute
force any account names it finds, but usually just ends up locking the accounts
out (which I can tell you, is exponentially annoying when youre at home
on the
resources.. even if you migrate
a user later you could always go back and rerun the post processing on
a machine again (at least with quest and netiq, Im not sure if that
functionality made it down to the free admt version..)
-- Rob Ryan -MCSE, MCSA([EMAIL PROTECTED])
-- Network Systems Engineer
profile/permission
migration though? I thought I remembered testing that last year when admt2.0
came out, but it was incredibly resource intensive and not necessarily reliable
or scalable.
neither Quest nor NetIQ are cheap though,
and both bill per user migrated..
-- Rob Ryan
From
to hit the files that
might be causing issues as well..
-- Rob Ryan
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Free, Bob
Sent: Friday, July 29, 2005 3:32 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Urgh... troubleshooting
Michel
Make sure the normal user accounts have the logon locally right - IIS in
basic authentication will essentially log a user onto the machine
because windows doesn't recognize basic auth as a valid authentication
mechanism (and rightfully so), and if you don't want them to have to
enter in
