Title: Message
That
information is stored in the information and not the Active Directory. To get
that information, you'll want to probably use CDOEX or other type of
script. I *think* there are some samples out there on the internet, but I
don't have any handy.
Al
-Original
Sounds like an issue with the setup, but have you seen this?
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/windowsserver2003/proddocs/standard/sag_DNSchecklist.asp
-Original Message-
From: Clifford Airhart [mailto:[EMAIL PROTECTED]
Sent: Wednesday,
Title: Message
Would
additionally be a good idea to check the workstation event logs. Been
seeing some weirdness with mixed topology Win2K SP4 workstations and login
script/GPO's. I agree with Joe that a lot of problems come to name
resolution as a whole, but this is a little different.
Title: Message
While
you're checking that, you might also want to check that your new server is not
prevented from creating new records by ACLs on the BIND server. Should
show in the logs, but it would be good to check.
Al
-Original Message-From: Chris Flesher
[ActiveDir] Windows 2003 DC issue
Does BIND provide for ACLs on RRs? I didn't know
that...
-g
Gil KirkpatrickCTO, NetPro
-Original Message-From: Mulnick,
Al [mailto:[EMAIL PROTECTED] Sent: Wednesday, September
10, 2003
Title: Message
Can
you inspect the traffic if you secure the transmission? Some of the newer
layer-7 firewalls allow you to bridge SSL, but many do not.
I
agree that just changing to a transport that is implicitly trusted is a bad
security move. It's tantamount to security by obscurity
Title: Message
Best
bet is to create an OU that has no GPO's to clear that out of the
troubleshooting process. Move the server into that OU and test
again.
Be
sure to refresh the GPO's so you can be sure that all have been
removed.
Al
-Original Message-From: Ninet Segar
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Monday, September 15, 2003 8:58 AM
To: '[EMAIL PROTECTED]'
Why would you not want to script it?
CSV is not going to be an option for you. CSV in Win2x Active Directory is
for create/delete only. LDIFDE
Title: Message
Which
LUN is it targeting? Sounds like your controller settings have
changed.
-Original Message-From: Juan Ibarra
[mailto:[EMAIL PROTECTED] Sent: Monday, September 22, 2003 9:22
AMTo: [EMAIL PROTECTED]Subject: [ActiveDir]
NTLDR Not Found
Good morning to
-Original Message-From: Mulnick, Al
[mailto:[EMAIL PROTECTED] Sent: Monday, September 22, 2003
7:12 AMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir] NTLDR Not Found
Which LUN is it targeting? Sounds like your controller settings
have changed
Probably the follow-up question to ask is when will the MUA (Outlook)
support Kerberos? That would help in a multi-domain impelementation :)
Al
-Original Message-
From: William Lefkovics [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 24, 2003 4:56 PM
To: [EMAIL PROTECTED]
Barring a better way someone may suggest, typically you would grant the
permission granularly at the attribute level. I prefer to create a group
and grant the perms at the OU level for what they are going to update.
Al
-Original Message-
From: Shadow Roldan [mailto:[EMAIL PROTECTED]
Probably a good conversation for an Exchange group as well, but any GC's
over 10 are not going to provide much in the way of value. Exchange 2K
discovery keeps track of 10 of them for it's use and for giving information
out to the clients.
Depending on what you want the clients to be able to do
I think some clarification is fair here. I've already posted one about the
processor and won't bore you with a repeat. I'd take that a bit further and
say the same network segment which isn't necessarily the same thing as same
site. Reason? Because you know that Exchange will use the heck out
Um... Interesting. I think that depends on what you consider reasonable
scale up vs. reasonable scale out doesn't it? I've seen many shops that
scale up to consolidate server hardware (funny little thing going on in IT
shops these days unless you work for DELL) and I've also seen some that
Title: Message
Debbie, if you use a non-contiguous name space, you can make the name
whatever you want it to be. Why you wouldn't want it contiguous is
separate matter altogether I suppose.
Al
-Original Message-From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] Sent: Monday,
Guido, are you saying that even if the member workstation is another domain
than the DG they can write to it?
Interesting. Have to try that...
-Original Message-
From: GRILLENMEIER,GUIDO (HP-Germany,ex1) [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 05, 2003 4:40 PM
To: [EMAIL
Just so we have it straight, once you set the deny permission, they're still
able to delete an account but not create one? Is that about it?
Is that the last of what you need to accomplish as well?
-Original Message-
From: Thommes, Michael M. [mailto:[EMAIL PROTECTED]
Sent: Tuesday,
Title: Message
Chris,
I can say from experience that either would probably do well for you. Some
pros and cons:
Pros
for MOM:
New
products (past NT4/Exchange 5.5) come with the agents; this means you get the
monitoring parameters and thresholds the vendor considers important out of the
Title: Message
Can't
think of any reason why you couldn't pull this off. I can think of a
thousand different things that could go wrong.
As a
suggestion, have you considered modifying the users DNS server usage? Say
with a script? DHCP settings?
Not
sure that it really must be done that
Title: Message
http://www.susserver.com/
-Original Message-From: Abbiss, Mark
[mailto:[EMAIL PROTECTED] Sent: Wednesday, October 15, 2003
11:01 AMTo: '[EMAIL PROTECTED]'Subject:
[ActiveDir] OT: SUS on a W2K DC
Can
anyone tell me where i might find a good maillist
Probably move from that if it checks out well to name resolution. While on
the desktop, have a look in the event logs for anything wrong there as well
as the DC logs to see what's being recorded if anything.
Al
-Original Message-
From: Craig Cerino [mailto:[EMAIL PROTECTED]
Sent:
Title: Message
Plenty, but I have a question first. Why are you wanting to change
it? What benefit is there if you change it?
-Original Message-From: Brown, Bill
[contractor] [mailto:[EMAIL PROTECTED] Sent: Thursday,
October 16, 2003 10:01 AMTo: ActiveDirListSubject:
Title: Message
http://www.microsoft.com/technet/treeview/default.asp?url="">
Is a
good start. What you also want to do is add some capability for the script
to determine the path to the domain. You do this by starting with rootDSE
and building the domain path from there. After that, you just
to
addresses! Short of that - I am
sure there are other issues.
Lastly, if MS put the attribute into AD - I think the attribute should
represent the user exactly and this is not the
case.
R/Bill
-Original
Message-From: Mulnick,
Al [mailto:[EMAIL PROTECTED]Sent: Thursday
in the DS attribute
OBJ-DIST-NAME...
R/Bill
-Original
Message-----From: Mulnick,
Al [mailto:[EMAIL PROTECTED]Sent: Thursday, October 16, 2003 1:32
PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT? - LEGACY
EXCHANGE DN
http://support.microsoft.com/defaul
ed. Created new user in domain B and it
displayed correctly.
R/Bill
-Original
Message-----From: Mulnick,
Al [mailto:[EMAIL PROTECTED]Sent: Thursday, October 16, 2003 2:30
PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT? - LEGACY
EXCHANGE DN
When you
Title: Message
depends on what you're searching for in the app. What's the app and
what's it searching for.
Remember GC's are going to hold some of the information these apps are
looking for.
Al
-Original Message-From: Creamer, Mark
[mailto:[EMAIL PROTECTED] Sent:
Why not use the native tools then? ADMTv2 is pretty good.
As for the same netbios names. Yuck. Hopefully the clients will be using
new WINS servers then? :)
As for the apps, I think you're skirting the issue to deal with it another
day. I also think some of those apps are likely to fail
Ecora was a good way to do this (haven't seen the
latest). There are others, but names escape me at the
moment.
http://www.ecora.com/ecora/products/enterprise_auditor.asp
Al
From: Creamer, Mark [mailto:[EMAIL PROTECTED]
Sent: Monday, October 20, 2003 1:36 PMTo:
[EMAIL PROTECTED]Subject:
Title: Message
Hopefully I can learn somethinge new here. What
feature documents the host that erdisk also does for 2000 platform? You're
not referring to ASR are you?
From: Myrick, Todd (NIH/CIT)
[mailto:[EMAIL PROTECTED] Sent: Tuesday, October 21, 2003 7:01
AMTo: '[EMAIL
Title: RE: [ActiveDir] OT: enterprise Spam blocking products
That sounds like a great product!
What really amazes me is how much depth of knowledge an
Active Directory mailing list has around messaging products. I'm in awe of
the depth of knowledge :)
I think it's valuable to ask a
.
Anyone else here of this? Anyone else know of some scripts that skint,
cash strapped IT monkeys like me could use to do something similar ?
Olly
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: 21 October 2003 18:28
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir
: RE: [ActiveDir] documenting servers
This is the thing. Im not sure. I was hoping that someone who has a
state-of-the-art package that does it would be able to let me know :)
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: 22 October 2003 16:19
To: '[EMAIL PROTECTED
Title: Message
Personally, I think a deligated zone would be the smoothest
approach. The issues with Bind can be endless as you traverse the many
nuances of difference in implementation and patch versions.
Al
From: Chris Flesher
[mailto:[EMAIL PROTECTED] Sent: Thursday, October 23, 2003
Title: Message
More
information on the setup? Forwarders etc are configured how? Event
log is saying what?
60%
doesn't seem so bad from a process standpoint, but it should still be
answering. Are these large zones?
Assuming the latest software on the 2000 DNS servers.
-Original
Title: Message
Not
responding to what? Client requests right?
Can
you post that event entry?
Any AV
on these servers? They are up to date as well right?
-Original Message-From: Santhosh
Sivarajan [mailto:[EMAIL PROTECTED] Sent: Friday, October
24, 2003 12:35 PMTo:
Title: Message
Anti
Virus programs
-Original Message-From: Santhosh
Sivarajan [mailto:[EMAIL PROTECTED] Sent: Friday, October
24, 2003 1:04 PMTo: [EMAIL PROTECTED]Subject:
RE: [ActiveDir] DNS and CPU Usage
Yes. DNS servers are not responding to
client quires.
Title: Message
What's
in the exclude list? I don't doubt it's up to date or even think you have
a virus (not that it's impossible, but I'm wondering if something else is going
on).
-Original Message-From: Santhosh
Sivarajan [mailto:[EMAIL PROTECTED] Sent: Friday, October
For that very reason, I have no inhibitions about using a new name and ip
address. Unless you have a process that is hardcoded to use that IP
address, then I can think of no reason to wait for replication just to get
back to operational stability.
Al
-Original Message-
From: FDiskThePC
Recursive lookups are doing what for you? Are they handling the lookup for
you and returning the answer to the client for MX records or are they
referring your client?
My guess is that your web browsing works because of a proxy server or
firewall that has the ability to chase the records or is
Anything domain related won't happen with cached
credentials. By definition, you only need to use cached credentials when
you are not able to contact a domain controller. If you can't contact a domain
controller, you won't be able to authenticate to other machines because most
likely they
Ah. Then like I said about network resources:
assuming the DC is unavailable to more than just your workstation, network
resources that rely on AD authentication would be unavailable, you wouldn't get
GPO's andlogin scripts, and possibly an ip address if you have to
authenticate the
canonical name = www.gwww.aol.com
I am REALLY confused now. It seems to be hit or miss, but misses the largest
sites and jambs up email as a result.
Miles
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 29, 2003 2:37 PM
To: '[EMAIL PROTECTED
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 29, 2003 3:29 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] AD Self-service User Managment
Mulnick, Al wrote:
That's not really self-service though is it? I would consider self
service something that allows a request (anonymous web
I'm thinking along the lines of authentication to get on
the network, yes. It's not a Windows function that I'm thinking of
necessarily.
Al
From: Marcus Oh [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 29, 2003 8:44 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Cached
You still need to extend the schema regardless of
functionality level if you introduce a 2003 DC to the forest. You can
still keep 2000 functionality level however, so no it's not a problem as long as
you update the schema.
From: Santhosh Sivarajan
[mailto:[EMAIL PROTECTED] Sent:
Check for memory errors.
Also, when you search, you have a type-o in your exception
in that you more chars than you should. Delete a 0 and try your search
again in the newsgroups and you may have more information to choose
from.
Either way, it's likely a hardware issue or that recent
No, by default as an Exchange admin you should NOT be able
to access mailboxes of other people. That's an Exchange 2000
feature.
Additionally, you can be an Exchange admin for one AG and
not for another which may result in your errors.
there's a kb that talks about how to grant the service
as a result.
Miles
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 29, 2003 2:37 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DNS Lookup Problem - Windows 2003
Recursive lookups are doing what for you? Are they handling the lookup for
you
Title: Message
What
you want to do is use ADO to search for it in the Active Directory. There
are some sample scripts in http://www.microsoft.com/technet/treeview/default.asp?url="">that
should illustrate what this looks like. If not, let me know off-line and I
may have one lurking around
Title: Message
And
that's what's confusing. W2K DNS is told to use TCP for large packets, and
you can force that as I recall. So in your case, the firewall was the issue,
right? Slight change in the way that the DNS packets were travelling
across?
Al
-Original
Title: Message
I want
to say this is possible at the attrib level, but the display name (text caption
in the UI) is set at the UI.
What
has me more curious is why you want to change that field? Why not use
another field somewhere that will never ever be used?
Al
-Original
Title: Message
Additional information. You could create your own class and field
and a custom app to display it in the MMC.
http://msdn.microsoft.com/library/default.asp?url="">
-Original Message-From: Weeks, Travis
(COX-Atlanta) [mailto:[EMAIL PROTECTED] Sent: Tuesday,
While it is possible to some extent to manage a 5.5 server
with up-level tools (Exchange 200x ESM) it is considered best practice to use
the 5.5/NT tools for 5.5/NT and to use the MMC for Exchange 200x/Active
Directory. There are limitations and quirks you'll run into
otherwise.
As was
Yikes! Wanting to roll-back an Active Directory
native mode change...
I can tell you from past experience, the older samba SMB
stuff does tend to break in a native mode domain. That gives cause for
concern if you're going to go native mode and start to wonder if any other
applications are
Title: RE: [ActiveDir] Background
Besides the obvious, "don't put SSN in the directory for
privacy reasons" I'd have to ask what requirements you have. For example,
why create a new attribute? Why not use an existing that you won't use
anyway?
Al
From: Burns, Clyde
[mailto:[EMAIL
Yes, but there are limitations. You want to look at the ASR capabilities
for this purpose.
Al
-Original Message-
From: Orin Rehorst [mailto:[EMAIL PROTECTED]
Sent: Friday, November 07, 2003 11:15 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Bare metal restore on other hardware?
I'm
That's got to be the first time I've ever heard anything complimentary said
about a Tivoli product :)
-Original Message-
From: Chris Flesher [mailto:[EMAIL PROTECTED]
Sent: Friday, November 07, 2003 11:25 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Bare metal restore on other
What'd you restore? Were there other DC's available to replicate to?
-Original Message-
From: Chris Flesher [mailto:[EMAIL PROTECTED]
Sent: Friday, November 07, 2003 11:25 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Bare metal restore on other hardware?
We managed to do a
In addition to the tools mentioned, you could also write
your own script that dumps the information into the format you want.
CSVDE is utility designed for creating new objects.
So if you just want to create a new contact based on the 5.5 data, you could do
this with a little massaging of
Title: RE: [ActiveDir] Background
There are certainly some really good reasons to use a
product such as waveset in your situation. Keeping data in one location
(centralization) is one way to get a cohesive directory strategy rolling.
Keeping data in the locations where it belongs and using a
PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Friday, November 07, 2003 5:21 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Bare metal restore on other hardware?
Identical hardware then?
-Original Message-
From: Chris Flesher [mailto:[EMAIL PROTECTED]
Sent: Friday
of an
additional OS license, would be to run the actual DC in a virtual
machine on top of a member server. Restoring the VM to dissimilar
hardware is trivial.
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 9:34 AM
To: [EMAIL PROTECTED]
Subject: RE
-wise,
standard controls/security applies...
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 1:08 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Bare metal restore on other hardware?
Right. With the exception of some of the drivers
this yet in production, but I do
intend to) indicates that the host OS does not do very much. The client OS
does pretty much all the work. So, my plan is just to build a server with an
extra GB of memory for the host OS.
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent
Title: Message
Can and should may be two different things here.
Can you do what you say? Yes. Each node runs
independently of the others in terms of applications. The degree of
difficulty is way up because you have to design with the idea that a node can
run all or any mixture of apps
Tony's on to something that has worked for many other Exchange deployments
that ran into the read-only copy issue of the GC. What you're referring to
as an Exchange problem could really be looked at as an Outlook/MAPI problem
if you want to split hairs. Exchange runs fine, but the Outlook
Title: Message
Does DSREVOKE work for the registry as
well??
Al
From: Myrick, Todd (NIH/CIT)
[mailto:[EMAIL PROTECTED] Sent: Thursday, November 13, 2003 10:26
AMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir]
New Tool... DSREVOKE.
Dsrevoke is a command-line tool that can be used on domain
Title: Message
Wouldn't it be easier to create a test zone, export it and then compare
it to what you have from the SUN dump?
-Original Message-From: Jordan, Jason
[EPM/AUS] [mailto:[EMAIL PROTECTED] Sent: Friday,
November 14, 2003 12:50 PMTo:
'[EMAIL PROTECTED]'Subject:
The part about them not seeing the issues is a problem that I think is being
addressed at some levels (see note about Exchange Rangers and what they
should do for you in previous emails).
The hardcoding of servers is the one that is likely going to pay back the
way you want. It gives
Did you notice the first post that was out there that linked to eventid.net?
There were some other suggestions in there that may be of use to you. Also,
in Exchange 2000 this was considered a mostly benign error if you weren't
using clustering which is what the event was put in there mainly to
]
Subject: RE: [ActiveDir] Virtual Memory Fragmented
If you're using Standard server and it appears you are, you should NOT be
using the /3GB switch.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Mulnick, Al
Sent: Monday, November 17, 2003 5:04 PM
To: '[EMAIL
Somebody should tell Microsoft then ;-)
Truth is, you should configure the 3/gb for any version of Windows 2003
running Exchange 200x configured with more than 1gb of RAM. On Windows 2003
you should additionally throw the /userva switch on the same machines you
throw the /3gb.
It would be nice
As a start, you want to use sites to define router
topology. In other words, you want to be able to define to the clients,
the shortest/fastest path to the domain controller vs. the old NT3/4 days where
it would just broadcast for the closest dc.
Al
From: Creamer, Mark [mailto:[EMAIL
Permissions on the local machine would be a first guess since it's likely
machine specific. Checked the event log?
Al
-Original Message-
From: Graham Turner [mailto:[EMAIL PROTECTED]
Sent: Monday, November 24, 2003 10:49 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] how do we explain
The only part I see that may be a good reason to have a separate domain is
the policy requirement. If you have to have different policies that can't
be applied to the whole domain (such as password policies) then you'll want
a separate domain. The rest is a good candidate for an OU in my
Article? Where's the article you have so far?
-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Monday, November 24, 2003 10:30 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Quick poll for an article
Hi all,
Im trying to finish this %^$£ article off, and I was
Is it? What are the details that surround this flaw ? The press release
says that he disabled Kerberos. What are they talking about there in his
case? He disabled it for IIS? He disabled it for..?
How do the casual observers recreate the problem to verify if it's even an
issue to the rest
Probably that DN=OU= bit as well as you need the -d flag.
Something like: csvde -f filename.csv -r (ObjectClass=Group) -d
OU=groups,DC=ECCAD,DC=COM
-r is the filter
-d is the root of the LDAP search
What you want is to start in groups and search for all objects that are of
the objectclass
, except for the samname...
Should be able to say, we are now out of sam compatability mode. Have a nice
day.
you've got other issues that will start to surface
Hints please?
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent
Title: Netdiag warning Cannot find a primary authoritative DNS
You have two NICs? Looks like a different one may
have registered.
The Record is different on DNS server '10.3.1.8'. DNS server has more than one entries for this name,
usually this means there are multiple
DCs for this domain.
warning?
Thanks
Hostname:
dc0.company.com. [WARNING] Cannot
find a primary authoritative DNS
server for the name
'dc0.company.com.'. [ERROR_TIMEOUT] The
name 'dc0.company.com.' may not be registered in DNS.
-Original Message-From: Mulnick, Al
[mailto
newsgroup messages I read
looking for this.
Greg
-Original Message-From: Mulnick, Al
[mailto:[EMAIL PROTECTED] Sent: Tuesday, December 02, 2003
2:02 PMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir] Netdiag warning Cannot find a primary authoritati ve
DNS
I'm
sure it's part
at the expense of the admins?)
Visio 2000 has the ability to do AD diagramming, though I've personally
never used it for discovery, just diagramming. I liked the 2002 look and
feel but stuck with my copy of 2000 Enterprise Edition.
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent
Shouldn't that be changed to 8389120 instead (512 +
8388608)?
From: Creamer, Mark [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 04, 2003 4:22 PMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] UserAccountControl
Bitwise question
I thought flagging an account to
require password change
'Cause they suck? :)
Really, they don't HAVE to create it. It's an
option. Even if they do, you can remove it later. Either way, it's a
setup thing and not a requirement. You can find the information describing
how to change the behavior during setup in the supporting docs (there's a lot,
You may want to have a look at what netdom can do for you and those seventy
workstations. Just in case you need it for the future :)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Saturday, December 06, 2003 1:12 AM
To: [EMAIL PROTECTED]
Subject: RE:
to surface
Hints please?
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Monday, November 17, 2003 10:11 AM
To: '[EMAIL PROTECTED]'
The part about them not seeing the issues is a problem that I think is being
addressed at some
IIRC You're looking for the isGlobalCatalogReady
attribute. If set to true, then it's a global catalog. If not, then
it's just a DC.
Al
From: Creamer, Mark [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 12:41 PMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] finding
GCs
Our
That totally depends on the code and what it's expected to do. Generally
it's not terribly difficult.
Al
-Original Message-
From: Mike Baudino [mailto:[EMAIL PROTECTED]
Sent: Friday, December 12, 2003 9:34 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] a bit OT: vbscript to vb.net
Did you check DCDIAG to see what errors get thrown?
Al
-Original Message-
From: Bruce Clingaman [mailto:[EMAIL PROTECTED]
Sent: Monday, December 15, 2003 5:17 PM
To: ActiveDir (E-mail)
Subject: [ActiveDir] AD replication, RPC server unavailable
I just added a third DC to my domain.
PROTECTED] Behalf Of Mulnick, Al
Sent: Monday, December 15, 2003 4:23 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] AD replication, RPC server unavailable
Did you check DCDIAG to see what errors get thrown?
Al
-Original Message-
From: Bruce Clingaman [mailto:[EMAIL PROTECTED]
Sent: Monday
Gil's post should provide the information they need to do
this. Did you catch that one the other day?
From: Creamer, Mark [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 16, 2003 2:46 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] finding
GCs
According to the
developers, the app is
I've heard of it. IMHO, this is one component in a
total strategy/architecture. There's a company that makes some of
thesoftware components and calls it Securebots or something like that and
they intend it to run on switches, hubs, routers, etc.so that
allnodesare aware of each other from a
You didn't say why you have NLB loaded. What's it's purpose?
-Original Message-
From: Irwan Hadi [mailto:[EMAIL PROTECTED]
Sent: Monday, December 22, 2003 2:38 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] After upgrading to Windows 2003
I just upgraded my active directory
: [ActiveDir] After upgrading to Windows 2003
NLB is loaded by default in Windows 2003.
Have you ensured NLB is not checked under network properties?
Dennis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Monday, December 22, 2003 9:54
He mentions in that article turning off NBT/TCP and then says that the SMB
connection is over the CIFS port (TCP 445).
In his article he turned off NetBT/TCP so that would make sense. Be aware
that downlevel clients will make this different in that they will use TCP
137-139. Also, the number of
spiked to 81%, we have a Gig
of RAM in the box. So I am trying to normalize the DC.
Todd
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 23, 2003 9:36 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] SMB Connections to a DC; How many is normal?
He
-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 23, 2003 10:42 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] SMB Connections to a DC; How many is normal?
80? I wonder what the sampling is on that? Does it tell?
-Original Message-
From: Myrick, Todd (NIH
1 - 100 of 854 matches
Mail list logo