ADMT (even in V3) doesn't support this directly, however, you can still use it
to do the re-ACLing if you want, since you can feed it with a list of SID
mappings. You would still have to perform the bulk of the work yourself, which
would be to re-create matching groups in AD and to add the
What other things did you change in the same or other GPOs that apply to the
machine you're logging on as admin? If you've applied some lockdown GPOs for
file-system permissions, those will also apply for your admins
/Guido
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bart
No NTFS or other restrictions set in that GPO or the PC GPO.
Only some other restrictions like no access to control panel, no messenger,
... stuff.
These apply to the specific Users OU + Computer OU, making a User PC
configuration for those PC's + Users (certain department).
My admin account
So what is the NTFS security on C:\WINNT\System32\rundll32.exe? The error
message could naturally be a false hint, but might as well check it out.
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bart Van den
Wyngaert
Sent: Donnerstag, 25. Januar 2007 12:00
To:
What move/copy tools can be used to copy directories/files to another
location and still retain the creation date value? Robocopy seems to
keep creation date on files but directories are given the current date.
Am I missing a switch in Robocopy to do this? A backup/restore
operation (with
I did, but the local administrators group has full control on the file. And
ofcourse, my AD admin account is part of the local administrators group on
the workstations (naturally).
That's the reason I absolutely don't have a clue, I don't see the relation
in restrictions put in place and the
Robocopy with the /B-Switch should work.
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Donnerstag, 25. Januar 2007 13:10
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: maintaining creation date when copying
directories?
What
Hi Ulf,
Thanks for the response! I tried Robocopy (version XP010) with the
/E /B /COPYALL switches. It does not seem to have the desired effect
(ie, both the modified date and the creation date are still the
current date). Any other thoughts?
Mike Thommes
You can register records like this by messing up a reverse lookup record
addition using DNSCMD.
--Paul
- Original Message -
From: EIS Lists
To: ActiveDir@mail.activedir.org
Sent: Wednesday, January 24, 2007 9:28 PM
Subject: RE: [ActiveDir] [OT] Odd Folder under Forward
You would not get a permissions problem from that admin. templates policy.
They just don't work that way. So my guess is its something else. What
happens, as administrator, when you run appwiz.cpl from a command prompt?
Darren
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Just curious -
I have the resource kit tool Kerbtray running on my taskbar - When I
double click it; it list my tickets, etc...
Twice during the day yesterday it turned red and said there was no
tickets available. It's already done this once today -
When it was showing information it
It could also mean you have a problem with the tool, right?
Are you seeing some other symptoms that caused you to look at this tool?
Time? you can check that pretty easily by checking the time on your machine
and comparing to a DC in your environment.
What do you see in your system event log?
The Time is the same on the PDC emulator as my PC – no event logs I could find
– I guess it might be a problem with the tool – I don’t have any firewalls
between my PC and the DC. The loss of the ticket information is what raised the
flag for me.
From: [EMAIL PROTECTED] [mailto:[EMAIL
I think you are seeing your Kerberos tickets start to reach their
expiration time. The kerbtray icon will go from green to red. I think
the last 5 or 15 minutes the default configuration will also issue an
audible (and very distinctive) sound. The tickets will renew
automatically (and the icon
Cool - sounds good to me!
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, January 25, 2007 11:39 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Kerberos Question
I think you are seeing your Kerberos tickets start to reach
If you suspect it's the KerbTray tool, you may wish to use KList (part of the
Reskit) to verify that both are showing the same output.
Ryan
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Hogenauer
Sent: Thursday, January 25, 2007 1:34 PM
To: ActiveDir@mail.activedir.org
A Hostname underneath a folder 1? I'd agree if just the number would be
there, but not with a name ( other number) underneath.
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul Williams
Sent: Donnerstag, 25. Januar 2007 15:14
To: ActiveDir@mail.activedir.org
Subject:
Hi Thommes,
I've just tried this here, and both commands
Robocopy /B .\ ..\ wins.dll
Robocopy /B .\ c:\ wins.dll
(first one on the same drive, second one on another drive)
Maintain the Create and Modified date. My Robocopy-Version is the same
(XP010, 5.1.1.1010)
Weird.
AdFind.exe -sddc++ -b DC=example,DC=com -resolvesids -f
|(objectcategory=container)(objectcategory=organizationalUnit)
OU_ACL.txt
Thanks,
Andrew Fidel
Casey Robertson [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
01/23/2007 05:41 PM
Please respond to
ActiveDir@mail.activedir.org
To
Hi,
We already had 3 Dcs in out network. Suddenly one Dc gone down permanently.
That wont come live back. Right now we want to remove that orphan dc
completely. I have seen Microsoft article
1.
Click Start, point to Programs, point to Accessories, and then click Command
Prompt.
2.
At
It should be removed. We have the same situation on our site in the past
and used the same article. We did a search on the AD later and found the
odd piece of data hanging around in AD which we tidied up.
Which domain controllers held which FSMO roles? Were any on the DC that you
have lost? Have
the AD metadata cleanup is nothing more then removal/deletion of objects that
belong to a DC that is not live anymore. Just other like other object deletions
(user, group, etc) the deletions will replicate to other DCs (assuming
replication is working fine) that host the same partitions from
How does one go about getting the non-primary SMTP addresses for every
Exchange user? I can't seem to find a way via csvde, but maybe I'm doing
something wrong. Thanks again.
Hi Stu,
I don't think there's a way to expose mulitvalued attributes with CSVDE -
you'd either have to use LDIFDE or VBScript or anything else to view all
values of those attributes.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
Thanks for your logic. I hope so in the remaining Dc it will do
automatically.
Regards,
Senthil
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge de
Sent: Friday, January 26, 2007 5:10 AM
To: ActiveDir@mail.activedir.org
Subject: RE:
In addition to what Ulf said, there also isn't any practical way to query
for users that have secondary addresses vs. only having a primary and there
isn't any practical way to just get the secondary addresses out of the
proxyAddresses attribute. You essentially need to get all the data and
I'm guessing you didn't like the answers you got on the exchange list?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Stu Packett
Sent: Thursday, January 25, 2007 6:53 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] How to find
Hi Ulf,
I don't have any problems with the creation date on files. It's
the creation date on the directory folders that is not right. Could
you try robocopy again, this time trying to copy some tree structure
that has branches (subdirectories) and see what creation date is on
the
LMAO...I thought my Outlook rule was broken for a second...
On 1/25/07 5:12 PM, Michael B. Smith [EMAIL PROTECTED] wrote:
I'm guessing you didn't like the answers you got on the exchange list?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Stu Packett
Sent: Thursday,
Were the answers along the lines of it can't be done?
http://www.akomolafe.com/Portals/1/Write%20out%20the%20SMTP%20Addresses%20of%20users%20OR%20Groups.txt
YMWV
Sincerely,
_
(, / | /) /) /)
/---| (/_ __ ___// _ //
Yeah JoeK is right on, nothing in LDAP will help you with this. The
proxyAddresses attribute is case insensitive so there is no way to query to
just get addresses that are secondary.
AdFind can help with this in a small perl script. You use the CSV capability
of AdFind combined with its
I forgot to mention:
* If the DC that died had FSMO roles, you need to seize them (check which DC
had FSMO roles with -- NETDOM QUERY FSMO)
* DNS records are NOT removed by the NTDSUTIL. Must be done manually or wait if
you have aging/scavenging enabled
Also make sure the GC role and DNS
Sorry - I've missed that point.
Yes - you're right, I got the same results.
However, if you use robocopy which is now included in Vista in System32
(XP027, 5.1.10.1027) you can use a new switch to accomplish this:
robocopy /dcopy:t /E /B /copyall . .
The /dcopy:t does the trick.
33 matches
Mail list logo