I will be out of the office starting 01-08-2005 and will not return until
08-08-2005.
I will respond to your message when I return.
=
LEGAL DISCLAIMER:
This e-mail contains proprietary information some or all of which
may be
Hi Scott,
Thanks for the tip. It's a great tool for documentation rather than writing
long technical papers that can be easily explained by few visuals clicks ..
I test it by capturing sound and video from my desktop and it works fine :)
Now go to make a Karaoke for my colleagues :)
Title: Search User Accounts for Password Reset Date
There is an additional tool you could use.
Take a look at the Additional Account info dll in the Account Lockout tools
download. This will display the account lockout date of a specific account as
well other info such as SID etc. It
Hi,
I want to set the logon hours attribute through a perlscript. Can you guide
me as to how can I do it? Also the format of the logonHours attribute??
Thanks in Advance,
Mayuresh.
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
Title: RE: [ActiveDir] Partial Attribute Set - 2000 DCs and 2003 DCs
The
statement appears inaccurate to me (at least without context), where does it
come from (got a link)?
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
Title: Search User Accounts for Password Reset Date
Thanks Peter Joe! This is exactly what I was looking
for, your assistance is greatly appreciated.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Peter
JohnsonSent: Monday, August 01, 2005 5:39 AMTo:
Agreed,
It would help if the technology was a
little less open ended and required some fail safes to be bypassed in order to
establish a design that is not optimal or has potential for long term
consiquences. If MS would put warnings within the wizards and require
checkboxes to be
Dean,
The link is
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/440e44ab-ea05-4bd8-a68c-12cf8fb1af50.mspx
search for 1575 and you will find it.
I tested this in my virtual environment
environment:
* forest root domain: W2K3DOMAIN.LAN (DFL= Windows 2000
Dean,
The link is
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/440e44ab-ea05-4bd8-a68c-12cf8fb1af50.mspx
search for 1575 and you will find it.
I tested this in my virtual environment
environment:
* forest root domain: W2K3DOMAIN.LAN (DFL= Windows 2000
Hi,
Does anyone know how to turn off the email alerts that I
keep getting from BE? The strange thing is they are not enabled, no recipients
are configured and it is configured not to send any such alerts.
At the moment Im getting 2 every minute which is
clogging up my mailbox. I do
Hello, all
We recently upgraded our Windows 2000 native domain to
Windows 2003 native [keene.edu] and created a child domain [student.keene.edu].
The root domain contains faculty and staff accounts and computer objects. The
default domain policy requires complex passwords with 8 or
I will be out of the office starting 07/28/2005 and will not return until
08/02/2005.
I will be out of the office 7/28 - 8/1, I will respond to your message when
I return.
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
Domain password policies are only set at
the domain level. You cant set them at the forest or site level.
You can over-ride the domain policy for password policy on Workstations and Member
Servers in the Domain, but you will have to house them in a OU.
Todd
From: Piper,
I agree with your definition of the functionality but the link you provided
is incorrect only in that it 1) uses an appalling choice of words and 2)
doesn't _clearly_ define each of the possible scenarios.
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
This is good to know, I will update my calendar.. :)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, August 01, 2005 10:16 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Chris Ryan is out of the office.
I will be out of the office
Todd, just to clarify my thinking ...
I would say that Domain-wide password, account lockout and kerberos policies
can only be set at the domain level. Password policies linked at the OU level
are applied to the users configured on the local machine and are ignored when
the users logs in with
I have
to agree with Guido: I have not seen any reason for separate trees or even
domains that can't be accomodated with multiple OUs instead. Mergers,
acquisitions or divestitures might be one reason for separating structures, but
then it should only be temporary. Several years ago we did
I hate to keep quiet :)
This one struck a chord, Guido:
Better division of _responsibilities_ for Backup/Restore as the different
orgs are responsible for their own data is one of the worst reasons I've heard
recently - not good, not good... - keep it central!
I can think of many times
All of our users passwords have
expired today and are required to change passwords. Most users are offsite
or use mac so they arent part of AD. They visit our iisadmpwd change site
to change password and some users get error -2147023545 with on MS states
"Cannot access Domain Info" But I
Ok heres the problem.
Internet Explorer on the Mac can not use this ASP page but safari or netscape
can. Now I am trying to figure this problem out. Sorry if this topic
was not meant for this list.
Thanks
Jake
From: Jake StablSent: Mon 8/1/2005
12:47 PMTo:
Thanks for clarification
Todd
From: TIROA YANN
[mailto:[EMAIL PROTECTED]
Sent: Monday, August 01, 2005
10:53 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
Password Policy and Child Domain
Todd, just to clarify my thinking ...
I would say that
Ok, I'm trying to install office 2k on a winxp sp2 box and I keep getting the
windows file protection warning to insert the winxp sp 2 cd.
This drives me nuts because
A. I only have a winxp sp1 cd which I installed the os with and later
downloaded sp2.
B. It doesn't let you browse to a share or
Wait until the person who is in charge of the MS Word numbered list
feature is walking beneath your window, please.
Dan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Monday, August 01, 2005 12:29 PM
To: ActiveDir@mail.activedir.org
Actually, as a serious answer, I just created an 'image' for a client
with O2K on an XP machine and I did NOT get this problem.
What you might try is installing from a patched admin share of O2K. I
suggest this only b/c that's what we did and did not encounter the
problem.
I'd be happy to cut
I guess that means I'm screwed...
Thanks.
I really dig your MCSA/MCSE MS press book, btw.
That and the others in the series got me my MCSE for 2003.
Keep up the good work!!
--
Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net)
List info :
LMAO!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan Holme
Sent: Monday, August 01, 2005 1:46 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT and silly
Wait until the person who is in charge of the MS Word numbered list
feature is
OK Dan,
I'm scheduled to take your exam (ie: 70-290) and I have been studying
your book, almost exclusively. Can you please answer me this question?
Some of these questions can take a full page of text and have 8, 10 or 12
possible answers with anywhere from 4, 6, or even 8 possible correct
Generally, the more
domains, the more administrators you require. Not need, just require.
I know Joe would argue
that one admin could do all of this, but I've typically seen that multiple
domains cause a lot more
administrivia than you really want to put on one person if you can help
We are trying to change an AD user Attribute so that new users created
get a default value. How would I start to try to do that?
Thanks
Johnny Figueroa
Enterprise Network Consultant/Integrator
Network Services Banner Health Voice (602)
495-4195 Fax (602) 495-4406
WARNING: This message, and
Let me be more specific. If you look at the Exchange Features tab in
ADUC, there are 3 attributes for Mobile services
Outlook mobile access, User initiated synch and upt-todate-notifications
which are all set to Enabled. I have a script to reset the existing
users to Disabled but also want that
Force all user creations through a provisioning system that applied your
business rules.
There isn't anything you can set in AD natively to say this arbitrary
attribute should have this arbitrary value on creation.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
There's likely an argument that could be made that even joeware.local could use
a second DA; just in case the main DA goes on vacation or something and for
holiday coverage etc.
Multiple domains definitely cause additional overhead, however it shouldn't be
enough to push you into needing
Hello,
I you want a fixed value of an attribute to be copied while duplication of an
account, you *must* extend the schema as a requirement.
By default when you duplicate an account, its memberof attribute and others I
don't not remind ;( , is/are also duplicate, so that the new account
Title: RE: [ActiveDir] Attribute default
Thank you, the problem with the most recent suggestion is
that you have to have a template when creating the userids and I can not
guarantee or dictate that. I think I am going to go with running my script once
a week to look for users with those
Title: RE: [ActiveDir] Attribute default
This requires a template account and a tool that knows to
use the template account or the user has to specify copy in ADUC.
This schema mod does not directly enforce anything
anywhere. It simply tells tools that care to check that these attributes
Hi Joe,
Yes you're right.. Template account works along with ADUC and that is the limit.
I thought first of usng ADUC because it was so easy to have these attributes
copied from a template account.
I did not think for large accounts creation where ADUC will not be accurate. :)
Yann
I know. I've been OTing all over the place.
Sorry.
One last question-
How do you mget a bunch of folders and files via ftp without being prompted all
the time?
I'm using IIS 5.0 and I'm trying to get a folder with a bunch of subfolders
and files and I don't feel like sitting here and hitting Y
Forget it.
Ftp -i ftp.site.tld
Sorry.
I'm getting stupid with the heat here in New York.
--
Sent from my BlackBerry Wireless Handheld (www.BlackBerry.net)
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
Joe, I suspect we agree to just about all of it except the
chinchilla. I think you should give the chinchilla a shot.
To show support, we've started a web page
http://www.givejoeschinchilla_a_shot.com
(Don't tell the pig.)
Oh man, that one's almost as good as www.shutuplaura.com.
I see we have to set a 21 byte value for this. How can I set a 21 byte value
for this?? Any ideas will be of great help.
Thanks,
Mayuresh
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mayuresh Kshirsagar
Sent: Monday, August 01, 2005 12:41 PM
To:
40 matches
Mail list logo