am missing something else.
Thanks,
Jef Kazimer
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
The request to view attributes outside of the those
allowed with the standard ADUC display dll's seems to come up a lot. I am
surprised in the newer MMC and tools they did not come up with an SDK that is
more obtainable for the admins who are not programmers. I have never liked
the idea of
and external from a DNS routing perspective, so we want to remove any possibly
assumption that they are the same thing.
Thanks,
Jef
- Original Message -
From:
[EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Friday, July 21, 2006 4:19 AM
Subject: RE: [ActiveDir
in the Suffix Search List.
So if you want to still search the parent
suffix, be sure to include it in the SSL.
Jef
- Original Message -
From:
Matheesha Weerasinghe
To: ActiveDir@mail.activedir.org
Sent: Monday, July 31, 2006 4:13 AM
Subject: Re: [ActiveDir] DNS suffix
Joe,
Yup, escaping the character worked like a charm.
Joe mentioned that the query appears to be trimmed, so that seems to be what
is happening.
Thanks,
Jef
- Original Message -
From: Joe Kaplan [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Friday, August 18, 2006 8:33
It's .NET - Get it right! ;)
- Original Message -
From: joe [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Friday, August 18, 2006 10:15 PM
Subject: RE: [ActiveDir] Single Space in LDAP query dropped: Why?
You NET programmers ;o)
--
O'Reilly Active Directory Third
to an issue in the internal PAC
script, which was not directing the client correctly.
Jef
- Original Message -
From:
steve patrick
To: ActiveDir@mail.activedir.org
Sent: Tuesday, August 22, 2006 11:53
AM
Subject: Re: [ActiveDir] Secure LDAP
queries from the outside
I've worked at, have had more than a
single domain, so I am surprised that so many enterprise apps assume a
single NC for authentication.
I can't solve the problems at the app level, but I try to solve it at the
centralized directory level.
Thanks,
Jef
- Original Message -
From: Tony
Joe,
FCB works with simple binds, and BR ONLY works with simple binds, so I
suppose it's possible.
I've never coded to try however, but I could check it out.
Jef
- Original Message -
From: Joe Kaplan [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, September 28
will be, that it will require a 3rd party middleware to
make work, which I am not sure they will be thrilled about.
Thanks for the thoughts on this. Glad to know I'm not the only one
struggling with bad apps! ;)
Jef
- Original Message -
From: Tony Murray [EMAIL PROTECTED
will not be flagged that their password is about to
expire, and will end up being locked out.
We had the same issue, and have solved it.
Jef
-Original Message-From: Molloy, Gene S.
[mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 17, 2002 10:37
PMTo: [EMAIL PROTECTED]Subject
website for more info before you do the same.
:)
Jef
- Original Message -
From:
Celone, Mike
To: '[EMAIL PROTECTED]'
Sent: Thursday, February 13, 2003 1:20
PM
Subject: RE: [ActiveDir] Active Directory
Mapping tool
I think you can do this with Visio. I know
-- that's the NT4 domain is company.com. I'm concerned about doing an AD
upgrade with a period in the netbios name.
-Original Message-
From: Jef Kazimer
[mailto:[EMAIL PROTECTED]
Sent: Thursday, June 26, 2003 3:35 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD
Upgrade with bad
to avoid
some of the issues which worked fine until we were able to consider 2003.
Here, I'd rather push forward with the 2003 deployment instead of going manual.
Jef
No likey da Evil!
Original Message:
Return-Path: [EMAIL PROTECTED] Thu Sep 04 17:25:29 2003
Received: from mail.activedir.org
were fixed. Policy applies correct as per the winlogon.log after it is fixed, but the problem returns.
any help would be appreciated.
Jef Kazimer
hat it can't be open, and
GPO never gets applied unless I fix the DB on that database.
I am wondering if there is a central
corruption in the template file somewhere..but I don't know how to "verify" a
GPO for integrity.
Thanks!
Jef
- Original Message -
From:
Darren Ma
want to make sure I have the latest.
Thank you,
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
)
What kind of replication problems are you experiencing?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Monday, November 03, 2003 10:12 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] FRS 2k - What is the Latest version?
Hi all,
I'm
Rich,
I just create a file object, and output Text with HTML code to it to format the HTM
file for making web based report. Since HTML is just text anyway you can
programatically format it.
Here is just a snippet for example:
'[Create ASP log file]
Set WshShell =
older versions still floating around.
I know that's not really going to help you, but with a little scripting experience,
you might be able to create a front end utilizing replmon for the same thing.
Jef
Original Message:
From: FDiskThePC [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [ActiveDir
would not be able to the refreshed until
after they are scavenged
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
group before, but never went
into great detail trying to figure out someone elses design choices, so I'm learning
more about it as I go.
This is 2k, and not 2k3 yet, as I would like to use the service account for DHCP
when we can for these reasons.
Jef
Original Message:
From: GRILLENMEIER,GUIDO
- DnsUpdateProxy Group
Date: Wed, 5 Nov 2003 22:15:07 +0100
look at the ACL with ADSIedit - it should not be empty. Is there an
Everyone ACL?
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 5. November 2003 22:07
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir
don't have anything to test around here right now so I can't compare what
the ACL should be.
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Mittwoch, 5. November 2003 22:29
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DHCP - DNS - DnsUpdateProxy
migrating stations, we have pre-test which verifies their on the network, wakes
any machines or laptops out of sleep mode, and does a Force Logoff and Reboot of the
boxes we want. Since doing that, our migration % haave increased greatly.
jef
Original Message:
From: Coleman, Hunter [EMAIL
and the script. RPCping came from the Win2k3 resource kit.
Jef
Original Message:
From: Strand, Ted [EMAIL PROTECTED]
To: '[EMAIL PROTECTED]' [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Bindview and ADMT
Date: Fri, 7 Nov 2003 14:11:31 -0500
Jef,
Can you share the pre-test code?
-Ted
It's that Mysterious error they talk about in the ADMT 2.0 docs, that they say is
unknown cause of it.
Do a shutdown and reboot of your workstations before you migrate them, and it solves
this problem. I meant to send out verification and reboot scripts this week since
someone asked this
timestamp will be that of when you ran the command, and if it is not
refreshed between then and scavenging date, it will be cleaned up.
Make sure you remove the Age this record check box thingy (I forgot the syntax) on
the record for any static records you don't want to disapear.
Jef
Original
)
Jef,
Thank you very much for your reply. Your thought is really
)
Jef,
Thank you very much for your reply. Your thought is really pointing me to
a closer track now.
Nope, I have
, it wll need a
connection to the other site BTw.
Jef
Original Message:
From: Rittenhouse, Cindy [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [ActiveDir] cleanup AD connections after move server to different site
Date: Thu, 13 Nov 2003 15:50:01 -0500
A computer consultant in a remote dept
to see if that
option was added to it. It was on the main menu, and I believe it was reset DSRM
password was the command.
just a thought...
Jef
Original Message:
From: Rocky Habeeb [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Directory Services Restore Password
Date: Fri, 14 Nov
in W2k3.
Jef
Original Message:
From: Rocky Habeeb [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Directory Services Restore Password
Date: Fri, 14 Nov 2003 12:46:43 -0500
Yikes.
I forgot to mention, I'm talking W2K not W2K3.
Do you know if that will work in W2K?
Thanks
I'm currently using the DNSresource.vbs to dump zones to a text file, then I use
another VBS I wrote to parse the text file, and re-import the Reverse zones.
The syntax I am using is:
DnsResource /LIST PTR %2.%1.10.in-addr.arpa /S SERVER /O zone\%2-%1-10.dns
%1 and %2 are the B and C octets
know how to manually
correct this, as de-installing and re-installing the provider fails with the same
error.
Any thoughts?
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir
to
an already existing one, that would help out alot!
Thanks,
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Hunter,
Awesome! I was just looking at the syntax for LDIFDE too, but this was easy! :)
Jef
Original Message:
From: Coleman, Hunter [EMAIL PROTECTED]
To: '[EMAIL PROTECTED]' [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Mirror OU structure to Test
Date: Fri, 21 Nov 2003 14:00:43 -0700
http
. It's just spread out amongst many zones.
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
a list of static entries out of
AD. Any experience with that?
I'm wondering if and when we get these zones clean, if it would be better
to ClassB the DHCP zones, and create classC's for the Static zones and turn
scavenging off.
Jef
-Original Message-
From: [EMAIL PROTECTED]
[mailto
Michael,
Sheez...The Zone Transfers alone must be mind boggling :)
Do you see any performance hits with so many zones? I'm not seeing any so
far, but I am curious if I will. I do notice the startup time of DNS is
wretched, but that I expected on bootup.
Jef
-Original Message-
From
: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Wednesday, November 26, 2003 8:53 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DNS, Reverse and Limit, and
Searching for Static Records
Roger,
Thanks for the Reply!
Well I can say it can handle well over a 100. :) I'm just
second
Actually I just used the ADmap 1.6.2 utility last night. I believe it came out of MS
consulting services from Germany. (it says so in the about)
It reads your Sites structure and builds it into a rather unwieldly VISIO map. You
will need a Plotter to print it out, and it's not perfect. Not
of winlogon.log and you should find the KB article
with the registry keylocation. Sorry I don't remember it off hand. :)
Jef
Original Message:
From: ActiveDirList-PPC [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Userenv.log error
Date: Fri, 12 Dec 2003 16:18:33 -0500
Anybody
to it have been copied from others
(defining constants in VBScripts).
Do you have Windows Server 2003 clusters there? Could it be related to
them?
Anyway, happy hunting :)
Rich
-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED]
Sent: Friday, January 09, 2004 4:28 PM
To: [EMAIL
to solve most of our issues.
Jef
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn
Sent: Monday, January 19, 2004 7:41 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] MNS user flag - fixed
Nice to hear that they did look at the source code though
I've been looking at ways for tracking static DNS record changes. So far
I've been focusing on the dnsTombestone property which has 3 values of
NULL, TRUE, and FALSE.
Perhaps you can see if that object has a similar property? I'm not at an AD
terminal now, so I can't check, but it might be
We have some servers with slow connections due to some political site link
connections times. What I believe is happening is that the replication window is not
sufficient to propagate all the changes, and when the changes reach to the box, the
files it's expecting to change are no longer
- Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
From: Jef
Sent: Mon 6/7/2004 6:44 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Identify STATIC records in AD DNS
Hi there,
Does anyone
I was brought this little problem today, which doesn't make alot of sense to me so far.It appears that ADUC displays the User Expiration date differently than a VBS script does. An in house coded application is being questioned because these values do not match.ADUC says 8/8/2004VBS says
end of. That is, the Active Directory Users and Computers MMC snap-in will display the account expiration date as one day earlier than the date contained in the accountExpires attribute." Hunter From: Jef Kazimer [mailto:[EMAIL PROTECTED] Sent: Friday, August 06, 2004 9:19 AMTo:
[EMAIL PROTE
Does the SCHTASKS.EXE do what you want?
perhaps with the /V switch
SCHTASKS /Query [/S system [/U username [/P password]]] [/FO format] [/NH] [/V] [/?]
Description: Enables an administrator to display the scheduled tasks on the local or remote system.
Parameter List: /S system Specifies the
It seems like an obvious idea to implement. Sad we never thought about it. :)
Has anyone done any tests to reveal what performance gains this yields on queries?
Thanks,
Jef
Subject: RE: [ActiveDir] stupid ldap queriesDate: Tue, 18 Apr 2006 17:03:35 -0400From: [EMAIL PROTECTED]To: ActiveDir
or a quick .NET exe for if you wanted.
Jef
Date: Wed, 19 Apr 2006 11:38:58 -0300 From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: [ActiveDir] automatic account disable higuys, it'spossibletomakeaautomaticlockoutinuseraccountsby inactivity,orIneedathirdpartytool? thanks Myke
they get prompted to relogon periodically but too bad for them :)
So far from what I hear, the response has been excellent since all the people have to do is walk into a conference room and they get access to the WLAN if their radio is on.
Jef
Subject: RE: [ActiveDir] Setting Wireless Config via
inactivity if not by lastlogon or lastlogontimestamp?
Thanks,
Jef
Subject: RE: [ActiveDir] automatic account disable Date: Wed, 19 Apr 2006 14:25:24 -0700 From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Still,thereisnothing"automatic"nativelyintheOStolethimdothis. Policy
Ahhh...I thought you were aluding to some magical attribute in the 3rd dimension I did not know about in the Directory. :)
Yes, I agree, Process and policy needs to govern activity not just what the directory reports. :)
Thanks,
Jef
Subject: RE: [ActiveDir] automatic account disable Date
does have a GINA addition, which allows a pre-logon WLAN authentication. Some people like this so their logon script runs, etc. So while not needed, it's a 3rd party tool some people like. It also allows us to do EAP-PEAP on WIndows 2k boxes which do not support it natively.
Jef
Subject: RE: [ActiveDi
pplication could complete. :)
I'll let you guess what did not happen in that situation. :)
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] stupid ldap queriesDate: Thu, 20 Apr 2006 09:07:09 -0400
Oh I love those! The app dev folks (or vendor) tell you
he management of these is horrible due to the lack of good replication of configurations.
Jef
Dave,
Hoping some of this makes sense,**This email and any files transmitted with it are confidential andintended solely for the use of
offerings. :) I admit I was wrong :)
Jef
Subject: RE: [ActiveDir] Root Place Holder justification Date: Wed, 26 Apr 2006 08:03:19 -0600 From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Mark, I'minthesameplaceyouare:singleforest,singledomain
.
Of course this can all be done using different ACL's and task groups and what not, but is there a a simpler way that I am missing?
Jef
Subject: RE: [ActiveDir] Root Place Holder justification Date: Wed, 26 Apr 2006 16:03:13 +0200 From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org
On Behalf Of Jef KazimerSent: Mittwoch, 26. April 2006 17:48To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Root Place Holder justification
I would tend to agree that a single domain is optimal with the current AD and infrastructure that is available. Other than security, legacy
My brother I welcome you into RDA :)
Root Domain Anonymous :)
Though, if the business requires the separation it still has it's place today in certain environments. I would just be more adamant at evaluating those business requirements as it relates to the directory.
Jef
Subject: RE
it into an aggregation directory?
If we had a single domain, this would not be an issue.
I suppose I am going to give you more gripes than hard facts as to why I think it causes problems right now though. :(
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Root
Gil,
I think he was looking for other reasons besides the obvious ones (More hardware, license, etc.).
It would be interesting to quantify the hidden costs related to administration, data consistency, application integration, security, etc..
But that is a task for a better man than I...
Jef
designed such a scenario.
Thanks,
Jef
Upgrade for free to Windows Live Mail beta and you could win an African Safari Learn more
I have noticed it is not always in the system tray, except when it had a message for me.
I found the icon (looks like a little castle) on my main Programs Menu on the Start menu.
Jef
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Windows Vista
suggestions of good vendors to look at.
I am old that BMC's MIIS iDM suite is a good fit, but have only just begun reading up on it. I was hoping for other recommended apps to compare it against.
Thanks,
Jef
Join the next generation of Hotmail and you could win a trip to Africa Upgrade today
was curious.
Thanks,
Jef
Date: Thu, 27 Apr 2006 15:31:33 -0400 From: [EMAIL PROTECTED] To:
ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Internet
Authentication Concepts: Pointers? That's not a lot to go on, Jef. Can
you give some more information? For example, these public internet
AD utilize this password policy, as a few LDAP applications do query the policies defined in the domain for setting passwords in their apps which is a nice thing I think. :)Jef
Date: Thu, 27 Apr 2006 15:31:46 -0400From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Exclude one ac
some info ahead of before it was needed. :)
Thanks again!
Jef
Date: Fri, 28 Apr 2006 01:40:09 +0200 From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Internet Authentication Concepts: Pointers? Jef, AsAlpointedout,therearenumerousproductsfromvendorssuchas IBM
etwork Systems
USAID/DoS IT Infrastructure Collaboration Program
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
703-866-7473
703-626-5741 (cell)
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, April 28, 2006
of such things, but how the environment will be managed and the pitfalls should be thought of.
Jef
Subject: RE: [ActiveDir] Root Place Holder justificationDate: Fri, 28 Apr 2006 15:20:45 +0100From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
I doubt a root domain would represent 'harm
works nice...but still no Xbox 360 support :(
I want to test that piece :)
Subject: RE: [ActiveDir] OT: Windows Vista - Windows DefenderDate: Fri, 28 Apr 2006 12:15:52 -0400From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Have you tested MCE on it? 5342 MCE on a beefy box is
lot of fun with new stuff in te winFX gui programming :)
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: Re: [ActiveDir] ADAM Management Tool REQs and Desires.. WAS: Internet Authentication Concepts: Pointers?Date: Fri, 28 Apr 2006 15:46:16 -0400
I have some
We use "employeeType" with values of
EMPLOYEE
CONTRACTOR
VENDOR
SERVICE
OTHER
ADMIN
Jef
Subject: RE: [ActiveDir] Cleanup of AD accountsDate: Fri, 28 Apr 2006 16:04:42 -0500From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Is there an attribute that's generallysafe to use,
to connect? If you do you can nominate yourself to test said functionality.
Thanks,Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, April 28, 2006 1:17 PMTo: ActiveDir@mail.activedir.orgSubject: RE
down.
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, April 28, 2006 1:17 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: Windows Vista - Windows
This has been making the rounds as of late, so I am not sure if it has been
posted here:
Security Myths and Passwords by Prof. Spafford
and something from 2002:
Ten Windows Password Myths
Now...where I am, Smart Card integration into physical building access is
becoming a reality, so
HmmmI think my links got stripped there :
SecurityMythsandPasswordsbyProf.Spafford
http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/
TenWindowsPasswordMyths
http://www.securityfocus.com/infocus/1554
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE: Re:
Mike,
Can you use ADfind and ADmod for this?
ADfind -h DC -Default -f "(TSpath=Blah)" -dsq | ADMOD tspath::NewPath
Now I don't remember f TS path (I know it's not the attribute name so you will need to look at it) is a string value or if t's contained in that blob value with the other TS
Mike,
Scratch that. It is not the string I was thinking about.
I'm sure Joe will know though :)
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd helpDate: Wed, 3 May 2006 16:38:42 -0500
Mike,
Can you use ADfind and ADmod for this?
ADfind -h DC
hunk to send into admod to do it.
joe
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Wednesday, May 03, 2006 5:50 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd help
M
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Wednesday, May 03, 2006 10:51 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd help
My first travesty with said blos, was when an admin could not reset a users password via the MMC. After some PSS
ww.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Thursday, May 04, 2006 10:28 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd help
I meant that was the advice we were given from PSS on how to solve the problem. :)
Thoug
.
Sort of like a all in one package?
Jef
Date: Mon, 8 May 2006 21:35:13 +0200 From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] AD Snapshot Tool (ADST) - how useful is it? FreddyHARTONOwrote: Isitusefulatall?Wearedoingtheadriskassessmentfrommicrosoft (adrap
John,
Just curious, was these option *ONLY* availiable in XP SP2? Any hope it exists in Windows Server 2003 SP1? :)
Thanks,
Jef
From: [EMAIL PROTECTED] Subject: RE: [ActiveDir] GPO To: ActiveDir@mail.activedir.org Date: Wed, 10 May 2006 08:49:21 -0500 HiPeter... IftheclientsareSP2
We have it on all of our DCs as well worldwide and have not seen an issue.
But a question about integrated zones. I had an issue recently where a system owner wanted to know if people were resolving an old CNAME for one of their systems. They wanted to remove it from the zone, but wanted to
primary zone, so it was not a viable option anyway. :(
I forget that auditiing applies to integrated zones, so I never think of utilizing it anyway.
thanks,
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: Re: [ActiveDir] DNS on a DC or NOTDate: Wed, 17 May 2006 12:13:49
I think my company users Lotus Notes just because it doesn't integrate with anything so less headaches. :(
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [OT] DNS on a DC or NOT Date: Wed, 17 May 2006 15:32:15 -0400
http://dictionary.reference.com/search?q=mucker
mucker
\Muck"er\, n. A term of reproach for a low or vulgar labor person. [Slang]
Let the Ragin' begin!
(Thought I could have sworn it was a lazy way to say "mofo" :) )
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE:
hmmm
How about -onlyenabled? :)
Ya know...just because...
From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OldCmp question Date: Fri, 19 May 2006 11:41:21 -0400 Disabledaccountsaremarkedbyhavingbit1listonuserAccountControl (value2)
they think. ;o)
TGIF.
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, May 19, 2006 2:36 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OldCmp question
hmmmHow
know, and how it will affect my AD environment. I'm afraid the timelines are quite aggressive so I need to get moving.
Jef
-
http://www.jeftek.com
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] [OT] RAID 5 Best PracticeDate: Mon, 22 May 2006 23:33:09 -0400
ryoffset=1
There also seems to be a http://www.unityserver.com
Thanks,
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgDate: Thu, 25 May 2006 22:14:02 -0500Subject: [ActiveDir] UNITY SERVERS
Hi All,
Can any one tell me what is a unity server.I want to every detail of that.
Thanks
Hiten
ent suffix of primary DNS suffix.
So if you just specify:
domain2.domain1.com
domain3.domain1.com
and not
domain1.com
it will not search domain1.com since it is not specified in the Suffix Search List.
So if you want to still search the parent suffix, be sure to include it in the SSL.
Jef
- Origin
a curiousity.
Thanks,
Jef
http://jeftek.spaces.live.com/blog/cns!F2042DC08607EF2!642.entry
LDAP queries are spaced out...
I was looking at a metaverse object in MIIS today noticed some admin had
setthe mail attribute to a single SPACE ( )character.The
Metaverse is stored in a SQL server, so
.
If you are dealing with MCS, I can get you the case # for a company
who attempted this, and had a disaster of a time resulting in 10 days of
downtime. In the end, they were left with a limping AD, so it would
have to be rebuilt because it was not sure the true state of this.
Jef
-
down this possibility could be put in
control of the directory Admin, instead of relying on the developers.
Thanks,
Jef Kazimer
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
forced to solve by this method, which means it cane wait.
I could go into how it would be nice to have enterprise application minimum
standards, and application owners involve infrastructure staff BEFORE an app
is purchased, instead of after when it doesn't work, but I won't :)
Jef
1 - 100 of 108 matches
Mail list logo