An AD client will try to associate itself with the site that it is most
specific for its IP.
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian Cline
Sent: Friday, January 26, 2007 3:20 PM
To: ActiveDir@mail.activedir.org
What move/copy tools can be used to copy directories/files to another
location and still retain the creation date value? Robocopy seems to
keep creation date on files but directories are given the current date.
Am I missing a switch in Robocopy to do this? A backup/restore
operation (with
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Donnerstag, 25. Januar 2007 13:10
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: maintaining creation date when copying
directories?
What move/copy tools can be used to copy directories/files
I think you are seeing your Kerberos tickets start to reach their
expiration time. The kerbtray icon will go from green to red. I think
the last 5 or 15 minutes the default configuration will also issue an
audible (and very distinctive) sound. The tickets will renew
automatically (and the icon
/UlfBSimonWeidner
blocked::http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
blocked::http://www.windowsserverfaq.org/
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Donnerstag, 25. Januar 2007 14:18
To: ActiveDir@mail.activedir.org
Is this what you are looking for? http://www.php.net/downloads.phpI
have not used it, however, and can't speak to how well it works but it
seems to come from the right place. ;)
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
(I sure hope this doesn't sound like too dumb a question!) We have a
server where local security groups were created for local file access.
The files on this server are going to be moved to a file server cluster.
Can ADMT v3 migrate these security groups up to the AD structure with
the hopes of
We have an application that is using an Apache server to do LDAP
authentications against our active directory. (Yeah, I know; if only I
were king! LOL!) The application developer tells me that if he tries
doing an auth against our root base (dc=yyy,dc=zzz), the auth fails. If
he uses a search
You might want to test the network connection. We have a public tester
at http://miranda.ctd.anl.gov:7123/ that might detect duplex mismatches
or faulty cables.
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia
Sent: Friday,
Has anyone heard of a release date for Windows Server 2003/SP2? Thanks.
Mike Thommes
Hi Laura,
That's what I thought of first but that would stop all traffic to
the server, not just a particular share.
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A.
Robinson
Sent: Tuesday, January 09, 2007 4:19
If nothing else has been done to the account, I wonder if you could use
the whenChanged attribute.
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Parag Nagwekar
Sent: Wednesday, January 03, 2007 9:28 AM
To:
I am trying to get a list of all of the users in the builtin group
Domain Users. I am using the following commands, but get incomplete
results. Can someone tell me why? Thanks! And Happy New Year to
everyone!
dsquery group -name domain users | dsget group -members
c:\temp\domain_users.txt
We are trying to get a particular account to run a scheduled backup job
on a server. Our results are puzzling. Here are the particulars:
2003 R2 standard server
Domain account, non privileged, doesn't belong to domain users
Added to local backup operators group
Trying to run a system state
where we have ordinary users executing
batch jobs I've setup a local group to grant read and execute.
http://support.microsoft.com/kb/867466
Mike
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Friday, December 15
, sorry. I'm sleep
deprived.
Laura
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, November 30, 2006 10:40 PM
To: ActiveDir@mail.activedir.org
Subject: RE
How about a remote shutdown like shutdown /m \\computername /r /f
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kevin Brunson
Sent: Friday, December 01, 2006 9:51 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Split pagefile
I wonder if someone could explain to me (or point me at some reference)
about what mechanism is used to populate the information in a Windows
event log entry. The reason why I ask is that I see in the Security log
when a new user account is created by an account which is a member of
the Domain
:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, November 30, 2006 7:33 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] dynamic variables within an event log
entry?
I wonder if someone could explain to me (or point me at some
reference) about
adfind -default
-f (objectclass=group)(groupType=-2147483646) -tdc whenChanged
hth,
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frank Abagnale
Sent: Tuesday, October 31, 2006
2:51 AM
To: activedir@mail.activedir.org
Subject: [ActiveDir] AD
Hi Deji,
My version
of whoami shows the usage as: whoami /groups. Thanks for
pointing me at this; I always just used whoami.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Akomolafe, Deji
Sent: Wednesday, October 25, 2006
11:58 AM
To:
, Michael M.
Sent: Tue 10/17/2006 8:33 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] The remote computer has ended the connection.
I have also seen where a second reboot is necessary for RDP to work. I have
not determined the cause of this yet. It does not happen on all
I have also
seen where a second reboot is necessary for RDP to work. I have not determined
the cause of this yet. It does not happen on all servers.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vinnie Cardona
Sent: Tuesday, October 17, 2006
Hi Susan,
I didn't mean to imply that this was just with the last set of
patches. I think your note says that you have been seeing this for a
while. We have too. One of the guys in my group uses Update Expert to
patch and he sees it more often than I do. Of course, he patches a lot
more
Check out oldcmp at http://www.joeware.net/win/free/tools/oldcmp.htm
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Condra, Jerry W
Mr HP
Sent: Monday, October 16, 2006 12:50 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir]
In this context, would it make sense to write/use a servicePrincipalName
value? (maybe even using admod/adfind 8-) )
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Wednesday, October 11, 2006 9:42 AM
To:
For an AD user account, we normally populate
the attribute employeeID with a value. Circumstances surrounding
some accounts requires me to unpopulate this value. In ADSIEdit,
however, when I go to this Unicode String valued attribute with the Edit
function, I can delete the value but when
: [ActiveDir] problem
changing employeeID attribute value
Try clicking the 'Clear' button instead of
deleting the value.
-Andrew
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Tuesday, October 10, 2006
11:29 AM
To: ActiveDir
Try FileNotify
freeware at http://www.xtware.com/
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Kurt Falde
Sent: Thursday, October 05, 2006
1:19 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Who keeps
creating this folder files?!
Hi Rezuma,
I suspect
you might run into the same issue I had when I did the R2 forestprep with SFU
3.5 (although you have the earlier SFU 3.0). If so, see the fixup from Steve
Linehan posted to this newsgroup on 8/7/06 (and my comment from 8/12/06).
Mike Thommes
From:
Thanks for all
of the replies! I actually was able to get a hold of the Standard and Enterprise versions of R2
(aka Disk 2) to do a compare (windiff.exe) and there are differences.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M
My officemate and I were discussing whether
there are different versions of the R2 CD depending on whether youre
running Server 2003 Standard or Server 2003 Enterprise. Or is there only one version of
R2? TIA!
Mike Thommes
Touche
8-)
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, September 14, 2006
5:04 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT:
Protecting against Spyware/Adware
I run as local admin and have zero issues
Hi,
I have moved a job that employs uptime.exe (in
a loop using the FOR command) from a Windows 2000/SP4 server to a Windows
2003/SP1 server. Now part way through the job, I get:
Event Type: Information
Event Source: Application Popup
Event Category: None
Event ID: 26
Date:
We are still testing PassFiltPro software
(http://www.altusnet.com/products/) which supposedly has the ability with one
of its versions (MPE) to enforce different password policies based on global
groups. This is mentioned only for information, not endorsement, at this
time.
Mike
Can anyone else get to the archives? Specifically, I was
looking for a thread from, I think, a couple of years ago where there was
discussion about storing (not storing?) employee pictures in AD. I am concerned
about how that attribute will grow our DIT. I seem to recall that maybe just a
I am guessing, based on the port number,
you have a DNS A record for this computer in gc._msdcs.domain.com .
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan
Sent: Tuesday, August 29, 2006
10:06 AM
To: ActiveDir@mail.activedir.org
You should get back your domain
controllers IP addresses. Is it possible that your users
computer has gotten the IP of an old DC?
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan
Sent: Monday, August 28, 2006 3:03
PM
To:
PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Tuesday, August 22, 2006
9:36 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Secure
LDAP queries from the outside
Hi Robert,
Yes, the command is *exactly* the same. We are thinking
that our CRL location is not available outside
in that regard.
joe
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael
M.
Sent: Wednesday, August 23, 2006 8:06 AM
To: ActiveDir
Hi,
We are trying to set up secure LDAP queries
from the outside to AD for pulling email addresses but are running into an
issue. Port 636 has been opened up to our DCs but we get a 0x51 error
like the one shown below in this example of using adfind:
adfind -h dc1.abc.com:636 -u
returned?
I tried using adfind to connect to my test
DC using port 636 and got the exact same errorbut I dont have a
cert installed on my DC so Id expect mine not to work.
Robert
Williams
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Tuesday
Maybe the CRL (Certificate Revocation List) location is not available?
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Za Vue
Sent: Wednesday, August 16, 2006 8:17 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] User AutoEnrollment
I fixed this issue with ldp and Steve
Linehans instructions to the list about two weeks ago. Microsoft
supposedly has an unofficial patch to fix this issue. Talk to
your TAM.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Tuesday, August
So here I went to take a look at Deans
article, and I find this: http://blog.joeware.net/cat/recipes/
, expecting to find more of joes great adfind codes. At first, I
thought it got misfiled and should have been filed under humor
but I suspect this is hardly funny. Joe, are you pulling our
Of Thommes, Michael M.
Sent: Monday, August 14, 2006 3:28
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] joe -
please say it isn't so!
So here I went to take a look at
Deans article, and I find this: http://blog.joeware.net/cat/recipes/
, expecting to find more of joes great adfind codes
Of Thommes, Michael M.
Sent: Saturday, August 05, 2006
5:04 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT:
Enterprise Terminal Server Licensing Server question
Hi,
This is not causing any issues that I am aware of, but something does not seem
right. We set up two Enterprise Terminal
Title: OT: Enterprise Terminal Server Licensing Server question
Hi,
This is not causing any issues that I am aware of, but something does not seem right. We set up two Enterprise Terminal Server Licensing Servers, both DCs. They are both identified in
MVP Windows
Server- Directory Services
LogicaCMG
Nederland B.V. (BU RTINC Eindhoven)
( Tel : +31-(0)40-29.57.777
( Mobile : +31-(0)6-26.26.62.80
* E-mail : see sender address
From:
[EMAIL PROTECTED] on behalf of Thommes, Michael M.
Sent: Tue 2006-07-18
Title: OT: Microsoft Acquires Winternals Software
You may find this of interest (from todays WServerNews):
Mike Thommes
=
Microsoft Acquires Winternals Software
Mark Russinovich and Bryce Cogswell have been snagged up by Redmond. And
Title: root admin account able to be locked out?
Hi AD Gurus!
We have penetration testing going on and I saw a security event log entry that showed our root admin account getting locked out. I was surprised because I thought this account could never get locked out. In addition, we had a
joe's tools again ( 8-) ):
adfind -b ou=Employees,dc=xyz,dc=com -bit -f
((objectcategory=person)(useraccountcontrol:AND:=65536))
samaccountname c:\temp\pw_never_expires.txt
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alex Alborzfard
Title: importance of gc._msdcs.mycompany.com A records?
What is the importance of the gc._msdcs.mycompany.com A records?
Environment:
1) Split DNS Unix Bind and AD integrated DNS
2) DCs use:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
Hi Larry,
You might want to check this reference which was posted to this
group a few days ago:
http://iase.disa.mil/stigs/checklist/AD_Checklist_V1R11_20060607.pdf
It discusses physical security and not running other services on DCs,
among other things.
Mike Thommes
-Original
I know, I know...how about the AD Party? We're ethical, right? joe's
probably the most ethical guy around. And he gives stuff away for free.
When was the last time you saw a politician do that? I nominate him for
President! ;-)
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
Title: can I exclude a particular user account from authenticated users?
This may sound like an off the wall question, but I would like to exclude a particular user account from the built-in security principal Authenticated Users. Is there any way to do this?
TIA!
Mike Thommes
PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, June 01, 2006 8:55 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: srvinfo output incomplete
Situation: running srvinfo \\computer_name file://\\computer_name
with domain admin credentials from a remote computer. One w2k3/sp1
This is the same issue I posted to this
group on 5/25/06. We never did figure out the cause. The local admins were
rebuilding the workstation in question yesterday since that seemed to be the
most expedient thing to do. I will be interested in future postings to this
thread.
Mike
Title: OT: srvinfo output incomplete
Situation: running srvinfo \\computer_name with domain admin credentials from a remote computer. One w2k3/sp1 server target returns the full complement of information, including CPU, BIOS info, hotfixes, network card info, uptime. Another w2k3sp1 server
How about:
Runas /netonly /user:target_computer\username eventvwr.exe
/auxsource=target_computer
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AdamT
Sent: Wednesday, May 31, 2006 11:39 AM
To: ActiveDir@mail.activedir.org
Subject:
Sorry for the last incorrect answer. Try this:
runas /netonly /user:domain_or_target_computer\username mmc.exe
eventvwr.msc /computer=target_computer
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AdamT
Sent: Wednesday, May 31, 2006 11:39
related to authentication, etc.
Darren
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Thursday, May 25, 2006 2:12
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: stuck
processing policy
Hi Darren!
Here you go.
Thanks!
Mike
to this point could easily be related to network issues (especially
at the NIC/Router) as well.
Al
On 5/26/06, Thommes,
Michael M. [EMAIL PROTECTED]
wrote:
Hi Shariff (and Darren too!),
Yeah, I saw some entries
in WINS that I didn't like. I believe it is some issue where
.
Could just be a personal preference I suppose...
Aric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Wednesday, May 24, 2006 12:47 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD DNS along with Bind
Hi Freddy
Title: OT: stuck processing policy
I have a user on a computer that takes forever to log in. She can go to any other computer and log in quickly. Anyone else can go to the computer in question and log in quickly. It is only THIS user on the THIS computer. We have renamed her local profile to
, 2006 4:07
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: stuck
processing policy
Hi Mike. Can you post the lines of userenv
right around that GetUserNameEx error?
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Thursday, May 25
The Microsoft link at the bottom of an event
log entry has gotten much better.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd (NIH/CC/DNA) [E]
Sent: Wednesday, May 24, 2006
10:21 AM
To: ActiveDir@mail.activedir.org
Subject: RE:
Engineer
InternationalSOS Pte Ltd
mail: [EMAIL PROTECTED]
phone: (+65) 6330-9785
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Wednesday, May 24, 2006 4:38 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD DNS along
Title: Naming conventions (quasi-OT)
Following this thread, I want to comment
that we name workstations with their local serial numbers. In addition,
we have a process to look through the local security log to see who is the most
common user of the workstation and put their name in the
Adeel,
Here is a response from our DNS guy. I hope it helps you.
Mike Thommes
=
Here are the steps I took for delegating the AD zones for example.com:
1) In the example.com zone on the BIND server I added these NS records
to delegate the zone
Hi Deji,
I was thinking about the following but the results are wrong (and I
don't understand why!):
For /F %a IN ('dsquery server -o rdn -forest') do srvinfo \\%a |find /i
DNS Server
Can anyone tell me what I am doing wrong? Thanks!
Mike Thommes
-Original Message-
From: [EMAIL
telnet or portqry?
telnet [-a][-e escape char][-f log file][-l user][-t term][host [port]]
-a Attempt automatic logon. Same as -l option except uses
the currently logged on user's name.
-e Escape character to enter telnet client prompt.
-f File name for client side
DefaultHidingValue?
defaultHidingValue
A Boolean value that
specifies the default setting of the showInAdvancedViewOnly
property of new instances of this class. Many directory objects are not
interesting to end users. To keep these objects from cluttering the UI,
Hi Jorge,
I dont mean to hijack this
thread but I have also been having an issue with lingeringobjects. I ran your
repadmin command shown below on one of the lingering objects I have. For the
lingering object I specified, the output lists a GUID (Originating DC) that doesnt exist
In a child domain I have what I believe is the remnants of an old NT4
DC. Using ADUC, it shows up in the child domain's Domain Controllers
OU. When I try to delete it, I get The DSA object cannot be deleted.
When I use ADSIEdit and go to the domain, it only shows me the two
functioning DCs and
] On Behalf Of Hutchins, Mike
Sent: Tuesday, May 02, 2006 3:06 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] how to get rid of an obsolete DC?
ntdsutil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Tuesday, May 02
H.so *is* ADSIEdit a valid tool to use? I can see the object I
want to delete in ADSIEdit. (Would I be talking to myself if I reply to my own
post?)
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent
How do other admins deal with the copious authentication errors a user
will generate after the user resets his password with a CNTL+ALT+DEL and
stays logged into the session with his old credentials?
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ:
Hi,
In trying to determine why my TS Licensing Server (located on a
W2K3/SP1 DC) is only handing out temporary licenses, although we have
successfully entered the license data, I find the registry key for the
type of license is spelled differently (an extra space) than what I find
in KB834651.
Has anyone tried IPV6 yet? Production? Or just testbed? Any gotchas?
What kind of infrastructure (eg, switches) is needed to support it? How
does AD play in this sandbox?
I am probably out of my league pretty quickly with subject. I've done a
little googling but it seems like a pretty big
(I didn't get any response to my first query. I thought I would try it
again). This software (http://www.altusnet.com/products/pfp/)
supposedly enhances the default passflt.dll, allowing an admin to
enforce/control password complexity and, at the same time, does a
dictionary check. The price
Maybe this will help. From eventid.net:
Matthew
C. Miller (Last update 11/24/2005):
The error in our server (domain controller) System Event Log was: The
Security System detected an authentication error for the server server.
The failure code from authentication protocol Kerberos was
Anybody out there have any experience with the PassFilt Pro software by
Altus Networks Solutions, Inc.?
TIA,
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Is there a script to output scheduled job information? Maybe something
I could call in a for loop driven by a list of servers. Ideally, I
would like to see the job and who's credentials it is running under,
with maybe the schedule.
Mike Thommes
List info : http://www.activedir.org/List.aspx
Excellent! Just what I was looking for! Thanks,
Jef!
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Monday, April 17, 2006 3:15
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] how to
report on scheduled jobs?
]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Friday, February 17, 2006 2:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion?
Our MS TAM has indicated this is a known bug! I will keep the group
posted as I learn more
Brain freeze active There is a command that shows on a single line
what services are running on a DC. The output is something like
DS::GC::Time::LDAP:: Can someone help this poor, tired
brain out? Thanks!
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ:
Hi,
I've noticed in our Active Directory environment default settings on
Windows XP and Server 2003 computers for net time /querysntp to be one
of two values:
net time /querysntp
The current SNTP value is: time.windows.com,0x1
net time /querysntp
This computer is not currently configured to
The default DNS Admins group has permission to use the DNS GUI
(dnsmgmt.msc) and to make changes in it but does not have permission to
view the DNS event log (DnsEvent.Evt). Would this just be an oversight
on Microsoft's part?
TIA,
Mike Thommes
List info : http://www.activedir.org/List.aspx
From:
[EMAIL PROTECTED] on behalf of Thommes, Michael M.
Sent: Wed 4/5/2006 7:25 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] 2003 DFS/open
files
Can
someone tell me what happens with DFS/replication when a file is
updated on one DFS server and a client has that same file open
-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of
|Thommes, Michael M.
|Sent: Thursday, April 06, 2006 5:54 PM
|To: ActiveDir@mail.activedir.org
|Subject: [ActiveDir] Server 2003 DNS Admins group permissions
|
|The default DNS Admins group has permission to use the DNS GUI
Can someone tell me what happens with DFS/replication when a file is
updated on one DFS server and a client has that same file open on
another DFS server?
TIA!
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
How about:
dsquery computer -samid computer_name_here
| dsget computer sid
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of matheesha weerasinghe
Sent: Tuesday, April 04, 2006
10:56 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Empty
These may be of interest to you:
http://support.microsoft.com/kb/277717/en-us
http://support.microsoft.com/?kbid=300427
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Danny
Sent: Wednesday, March 01, 2006 1:42 PM
To:
Adfind (http://www.joeware.net/win/free/tools/adfind.htm) to the rescue!
I recently had to do this and got it accomplished with the following
syntax (with a little help from joe :) ):
adfind -default -binenc -f
objectGUID={{GUID:0B3F5BC4-5713-4611-8F6A-752A3B0DE664}} dn
(adfind /??? For lots of
where SFU 3.5 had been
installed. Thanks!
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, February 16, 2006 9:07 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion
Our MS TAM has indicated this is a known bug! I will keep the group
posted as I learn more details.
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Friday, February 17, 2006 10:52 AM
To: ActiveDir
from a Win2003 schema to Win2003
R2...
/Guido
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Donnerstag, 16. Februar 2006 02:53
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion?
Hi
Is there a technical reason why the ability to create a new container is
not available in the Active Directory Users and Computers (ADUC) mmc?
(Sorry if this is a dumb question.)
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List
Hi,
We did a adprep /forestprep from the W2K3/SP1 R2 Disk 2 CD today on
our testbed FSMO DC. It gave the following errors (only a portion shown
below) because, I am guessing, that we had already installed SFU 3.5 on
this forest some time ago. Should I assume these errors can be ignored?
Has
1 - 100 of 329 matches
Mail list logo
