IIRC this is not the case. You would need to run it on an x64 machine.
From: Erik Goldoff [mailto:egold...@gmail.com]
Sent: Thursday, July 23, 2009 3:43 AM
To: NT System Admin Issues
Subject: RE: adprep when adding first 2008 server
Good point, and although 'compatibility' isn't synonymous with
A DHCP Relay is what you want.
If a user on Subnet A plugs in to Subnet B, they will end up with a DHCPNACK
for their old IP followed by the correct IP.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP
That's pretty normal... 500' isn't much. It's not uncommon for the batteries,
transfer switches, and generator ties to all be in one electrical area in a
basement or something like that. This way you simply deliver protected power to
the computer room and anyplace else that needs it.
What version of Windows?
You can do all sorts of trigger based stuff in WS08. WMI also has event based
things.
I have a better question though. What are you doing wrong that is causing your
scopes to fill up?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory
AuthAnvil - http://www.scorpionsoft.com/ gets a lot of good press from small
org types I know.
SmartCards are another option - simple enough. ActivIdentity has some cool
hybrid token type things too.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed
It's enabled out of the box...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From: John Bowles [mailto:john.bow...@wlkmmas.org]
Sent: Thursday, July 30
No this has existed since WS03.
The ability to turn it off is a new Win7 (WS08 R2) feature.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From: John
Yes. WshShell has a shortcut object. You can iterate through all the *.lnk
files and then load and edit the shortcuts.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Gavin Wilby [mailto:gavin.wi...@gmail.com]
Sent: Friday, July 31, 2009 3:50 AM
To: NT System Admin Issues
Can the firewall/router act as a DHCP relay? If so just configure the scope on
a DHCP server and set it as the DHCP relay.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com
with none of
that. You get what you pay for essentially...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Rob Bonfiglio [mailto:robbonfig...@gmail.com]
Sent: Friday, July 31, 2009 9:03 AM
To: NT System Admin Issues
Subject: Re: Is there a SharePoint Expert that can help me out
If you've got a premier contract you've got a TAM and their job in part is to
be there when you have problems with getting the correct level of support or
the quality of support and to fix it.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Rob Bonfiglio [mailto:robbonfig
on the outside, but, if
your business depends on your IT systems and you lose money when they break,
it's insurance. With a pro case there's no SLA to escalate a Sev A case to CPR
at the four hour mark.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Kurt
I think to a large extent it's luck of the draw. I'm not a fan of the
outsourced PSS stuff at all but I understand why they do it having been there
myself.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Troy Meyer [mailto:tme...@uoregon.edu
. Even if it's
a really amateur script, getting that step done means you can spend your time
on something else.
Three good people is enough to run A LOT of stuff if you're efficient about it.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http
with IT orgs as they need
to do both. I've seen some large ones split into two orgs - one ops one
engineering/projects. Solves the problem but tends to have a lot of political
side effects.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http
incident on the
backend and then you don't blow through all the hours.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Steven Peck [mailto:sep...@gmail.com]
Sent: Friday, July 31, 2009 4:08 PM
To: NT System Admin Issues
Subject: Re
There is an app memtest something that is an ISO
IOMeter is free I/O load gen
There used to be a tool called cpustres or cpustress I the Platform SDK which
could max out CPUs but I don't see it in the version I have.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active
Trust will be fine.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From: Glen Johnson [mailto:gjohn...@vhcc.edu]
Sent: Monday, August 03, 2009 3:33 PM
Could probably test to see if you can get exclusive write access to it. I
imagine IIS has a lock ahead of time.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile
PSS and your account team can both assist in filing a DCR on your behalf...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
-Original Message-
From
Hope nobody's running it because otherwise they'll never get your message. ;)
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Martin Blackstone [mailto:mblackst...@gmail.com]
Sent: Monday, August 03, 2009 5:02 PM
To: NT System Admin Issues
Subject: Windows Defender
Has
Design Change Request.
And no you'd need to pay. I don't know if they'd even let you do it on a pro
case - no clue.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Monday, August 03, 2009 5:42 PM
Did this magically happen when you raised the DFL or when you were
upgrading/replacing DCs to WS2008?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From
OK those are two different activities though.
Likely the issue came as a result of adding the new DCs.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Tuesday, August 04, 2009 9:57 AM
To: NT System Admin Issues
Subject: RE: Domain
Volume licensing portal / MSDN / Technet ...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Bill Lambert [mailto:blamb...@concuity.com]
Sent: Tuesday, August 04, 2009 3:15 PM
To: NT System Admin Issues
Subject: SQL 2000 Media
Hello all...
I've inherited a server with SQL
.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From: John Bowles [mailto:john.bow...@wlkmmas.org]
Sent: Wednesday, August 05, 2009 9:14 AM
To: NT System Admin
If both ends trust the cert then you can use a self signed cert. Just need to
install it in the store on either end, most likely.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https
HP definitely does.
7 years asset lifecycle seems pretty reasonable to me.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: paul chinnery [mailto:pdw1...@hotmail.com]
Sent: Wednesday, August 05, 2009 1:00 PM
To: NT System Admin Issues
Subject: SAN EOL
I found out today
version (BPS
or something) which is missing some useful features, otherwise you're on the
hook for the full BES.
BlackBerry is not a cheap service to offer.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Todd Lemmiksoo [mailto:tlemmik...@all-mode.com]
Sent: Wednesday, August 05
HP has tools to script all this for servers and IIRC Dell has it for clients so
I'd venture to guess HP may have it for clients as well. Look for stuff
centered around deployment scripting/automation/etc on their site.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Okan
Please don't use UGC.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Thursday, August
Well there are very good scenarios for having separate forests. The main ones
are ease for spinning off the business unit and the other one being if you need
to have separate administration groups at each location that can't settle for
delegated rights.
Thanks,
Brian Desmond
br
.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Thursday, August 06, 2009 12:23 PM
To: NT
Yeah - you said you have a couple hundred users total? A full T1 can sustain a
domain with hundreds of thousands of users.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com
The global group part is what is unknown.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Thursday, August 06, 2009 2:02 PM
To: NT System Admin Issues
Subject: RE: domain/forest setup question
Thanks
I know a lot of recruiters who use LinkedIn as a key search tool. I certainly
use it that way too sometimes. It's a professional thing not a social thing. I
usually describe it as LinkedIn is for work and Facebook is for fun.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Why not ask your users what they want?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Monday, August 10, 2009 11:03 AM
To: NT System Admin Issues
Subject: Monitor: regular or widescreen
Folks,
Im about to start purchasing
This general assumption IT folks make that every end user they support is an
idiot is one of those things I can never figure out...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sam Cayze [mailto:sam.ca...@rollouts.com]
Sent: Monday, August 10, 2009 11:40 AM
To: NT System
what is best for
the user community then you're obviously not equipped to decide for them so why
not ask? People generally take to change much better when they're given an
opportunity to participate in it anyway.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sam Cayze
You'd probably want to look at a Virtual Directory product here.
Trusts are going to use legacy RPC type stuff (ala the ports you mentioned)
unless they are forest trusts in which case they are native Kerberos.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Fogarty
Agreed. There is a KB article that has the exclusions you want for MSCS and for
MSSQL (I assume on the latter).
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, August 12, 2009 2:55 PM
To: NT System Admin Issues
Didn't read that close - go figure
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Richard Stovall [mailto:richard.stov...@researchdata.com]
Sent: Wednesday, August 12, 2009 9:04 PM
To: NT System Admin Issues
Subject: RE: Microsoft Cluster and Anti Virus
It's actually
$server = Read-Host Enter server name
I believe that will do what you want.
To get environment variables, the exact syntax is something like
$env:COMPUTERNAME.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Gavin Wilby [mailto:gavin.wi...@gmail.com]
Sent: Friday, August
Not really. I just plug this stuff into Google when I need to- I'm not a big
PowerShell guy at all - do everything in VBS.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Gavin Wilby [mailto:gavin.wi...@gmail.com]
Sent: Sunday, August 16, 2009 9:29 AM
To: NT System Admin
fundamentally
about the same? I may just be missing something though - dunno.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Jon Harris [mailto:jk.har...@gmail.com]
Sent: Sunday, August 16, 2009 8:06 PM
To: NT System Admin Issues
Subject: Windows 7
I have my first Windows 7
Ah ok. Would be curious to hear about user education issues you/others run
into rolling this out. I haven't worked on anything involving desktop OS
refresh since probably 2000XP.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Jon Harris [mailto:jk.har...@gmail.com]
Sent
BPOS is in the $10/mo/user range with just Exchange. $15 for everything. Seems
like something worth exploring here...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Monday, August 17, 2009 11:13 AM
To: NT System Admin Issues
What's the problem with the database engine? There's been a massive amount of
engineering work in that space - I don't expect it's going anywhere.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Monday, August 17
successfully go offshore. If you're sitting at a keyboard all day
just clicking away instead of automating that task, or being a ticket jockey,
or something like that, I'd be worried. Otherwise IMO you'll be fine.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Angus Scott-Fleming
a long time ago and IIRC the
70-649 equivalent was much more of a PITA than the 70-646 equivalent.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From
Not entirely sure I follow the event but if I do you need to register that SPN
on the computer object.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: James Kerr [mailto:cluster...@gmail.com]
Sent: Monday, August 17, 2009 2:34 PM
To: NT System Admin Issues
Subject: Re: DNS
an
issue with managing the server. I've not run into any issues where doing a full
store scan has caused the store to crash recently either, certainly nothing
that hasn't been fixed.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Aldrich [mailto:jaldr
You can applies ACLs to processes so, sure. Without some context though that's
about all I can offer...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
Well you can have a startup script or something set an ACL on the process
object so they can't modify it.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Robert Smith [mailto:exch...@gmail.com]
Sent: Monday, August 17, 2009 6:59 PM
To: NT System Admin Issues
Subject: Re
and label it.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Monday, August 17, 2009 7:46 PM
To: NT System Admin Issues
Subject: Re: Mail server software
I continuously coach users on filing anything
.
There are tools around to go mucking with an ESE database in a graphical
manner. Fortunately they're not public. The APIs are though if you're so
inclined you could do whatever you wanted with an ESE database.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed
and parent LUNs.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
From: Greg Olson [mailto:gol...@markettools.com]
Sent: Tuesday, August 18, 2009 12:59 PM
To: NT
Having spent a bunch of time working on EC2 this sounds like something I would
be hesitant about.
Microsoft supports all this with BPOS. They have BES support although I'm not
exactly sure what the situation with that is. If it were me I'd look at BPOS.
Thanks,
Brian Desmond
br
Random local MSP vs Established host - I'd not put a bet on that one. For every
competent one there are A LOT of not so competent ones.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Benjamin Zachary - Lists [mailto:li...@levelfive.us]
Sent: Tuesday, August 18, 2009 9:11
My HP EliteBook 8530W, there were no Windows Update drivers for the HP 3D
DriveGuard or the Quick Launch Buttons. I had to manually load the Vista x64
packages off hp.com and then it was happy. Everything else worked out of the
box.
Thanks,
Brian Desmond
br...@briandesmond.com
c
There is a technet or KB article (don't have it handy) called something like
How to remove the First Exchange 2000 server in the organization and/or How to
remove the Last Exchange 2000 Server in the Organization. There is a bunch of
stuff you need to do so I'd review those.
Thanks,
Brian
You'd probably need to clean up the old Exchange server with something like
ADSI Edit. Been a while since I did this but that's my recollection.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Erik Goldoff [mailto:egold...@gmail.com]
Sent
You could use ldifde to export an importable version of the offending object
prior to deleting it.
That's what I'd do followed by whacking it in AD and bouncing the NTFRS service.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Ben Scott
Sysinternals has a cmdline tool called sigcheck.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Joseph L. Casale [mailto:jcas...@activenetwerx.com]
Sent: Tuesday, August 25, 2009 9:57 PM
To: NT System Admin Issues
Subject: First ps script
I have a powershell script
snapshots to rollback your new lab as well as you will get
into USN Rollback scenarios if you don't roll them ALL back at once.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: michael.le...@pha.phila.gov [mailto:michael.le...@pha.phila.gov]
Sent
a lot cheaper than paying for IT FTEs to go out and do grunt work for
a day or two.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org]
Sent: Saturday, August 29, 2009 7:32 AM
To: NT System Admin Issues
Subject: RE: APC vs
I just saw a couple of new Dell ones go in in the past couple months - I don't
remember anything odd about the side panels?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Steven M. Caesare [mailto:scaes...@caesare.com]
Sent: Saturday, August 29
. Dumpanalysis.org may also have something
relevant.
รจ I have seen (but can't think of the name) a utility which monitors all ops
against the Clipboard and shows them to you
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org]
Sent
in the thread.
Lately I haven't been opening a lot of threads or am missing the ones I can
contribute to in between a lot of chaff.
I don't really care all that much as it's a folder and I just ignore the
folder, but, that's not the point of being on a DL.
Thanks,
Brian Desmond
br
When is it? I've been in SF almost every week for work lately.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Friday, August 28, 2009 4:04 PM
To: NT System Admin Issues
Subject: RE: OT VMWorld 2009
I'll think about you while I'm
Interesting - I'll try and remember to go look next time I'm in this computer
room
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Steven M. Caesare [mailto:scaes...@caesare.com]
Sent: Saturday, August 29, 2009 8:35 PM
To: NT System Admin Issues
I have patched tens of thousands of boxes with psexec. My current patching
script I use is a VBScript which I launch from psexec. Works great. Logging is
built-in to the scripts...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http
Administrators are Users too.
Not sure offhand how you'd undo this.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Benjamin Zachary - Lists [mailto:li...@levelfive.us]
Sent: Monday, August 31, 2009 8:17 PM
To: NT System Admin Issues
Subject: Calling Security Experts..
I
Rodcprep adds ACLs to NDCs as I recall. Since you are on W2000, you have no
NDNCs (they're not supported). Thus running rodcprep wouldn't do anything.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https
There is a checkbox in the ACL to grant that group the right to Apply this
Policy as well as Read. You want both of those.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com
I believe if you pull the properties of the GPO there is a button Advanced or
Security or something to see the ACL editor for the GPO.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Tuesday, September 01, 2009 2:45 PM
To: NT
OK there is a detail missing here.
Is this a MACHINE policy or a USER policy? If it's a machine policy, the
computer needs to be able to have rights to apply it.
If you're trying to do machine policies on a per user basis you need to get
loopback processing going.
Thanks,
Brian Desmond
br
Chris-
Why not export the EVT files from each server to a big folder and let them read
them on their machines?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile
Hi Terri-
Others have chimed in with tools, but, I'll add the other part. Why are you
using share permissions? They aren't granular and they just add confusion.
Manage all your ACLs on NTFS (where you can do whatever you want more or less),
and just grant Everyone:FC on shares.
Thanks,
Brian
Well it's still required post 2003.
You shouldn't be doing OWA without SSL anyway.
Outlook 2007+ and Exchange 2007+ use SSL connectivity even while on the LAN for
certain things - autodiscover, address book download, web services, etc.
Thanks,
Brian Desmond
br...@briandesmond.com
c
activate the KMS once and then add a couple DNS records and all your
machines will then just talk to your KMS on their own. There are special keys
published on Technet/Internet that you use for setup and they force the machine
to talk to a KMS (or you can leave the key field blank too).
Thanks,
Brian
No you just plug the MAK (or KMS placeholder key) in the sysprep config and
machines will automatically activate.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sam Cayze [mailto:sam.ca...@rollouts.com]
Sent: Tuesday, September 08, 2009 3:07 PM
To: NT System Admin Issues
You just need to install the update for the KMS service and then you can add
and activate the Win7 keys.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Tuesday, September 08, 2009 3:04 PM
To: NT System Admin
Look at imagex in the WAIK. You can make a WIM of a drive and let PSS figure
out how to apply that to a VHD. Or you could do it yourself pretty easily (just
create a virtual PC, mount the VHD localy, and apply the WIM to it).
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
I've only ever seen this set when someone uses repadmin (or something direct
like adsiedit) to set the flag on the connection object.
Time delta wouldn't do this.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Don Guyer [mailto:don.gu...@prufoxroach.com]
Sent: Thursday
That makes sense - I've not personally experienced that situation fortunately.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Thursday, September 10, 2009 2:00 PM
To: NT System Admin Issues
Subject: RE: Inbound
Everyone goes through a reseller regardless. That said I expect your
negotiating power with that volume is somewhere around 0. :)
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Friday, September 11
I don't typically do all that stuff as I'm often doing hundreds of DCs. What I
will do is move FSMO roles to an alternate before bouncing the role owners.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Tuesday, September 15
You need a cert with the Client auth EKU. You're not getting that with a cert
generated with selfssl l'm guessing. You generally use this feature with
smartcards or other 2 factor devices. The logon mapping happens based on the
UPN in the cert and an AD lookup.
Thanks,
Brian Desmond
br
from a public CA, but, you generally need PKI
infrastructure in place to accomplish this.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Tigran K [mailto:tigr...@gmail.com]
Sent: Thursday, September 17, 2009 3:50 PM
To: NT System Admin Issues
Subject
Hi-
You should only be setting the external time source on your root domain PDC
Emulator. Everything else (clients and DCs) should use NT5DS defaults which
means they'll sync with the domain hierarchy.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed
I've never overridden the default behavior in a multi-site scenario and
wouldn't generally recommend it...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile/Brian
I would call HP...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: HELP_PC [mailto:g...@enter.it]
Sent: Monday, September 21, 2009 12:47 AM
To: NT System Admin Issues
Subject: Weird Windows 7 64 bit issue
In a DC 7700 Hp with 2 DDR 2 modules (Kingston Value RAM 2GB each
My recollection is that Enterprise CAs have a mechanism to push certs out into
GPOs. You might check the default domain policy.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Tuesday, September 22, 2009 11:03 AM
Why do you want an end user to be able to request a Computer certificate?
You need to look at the permissions on the certificate templates. IIRC that
list is generated from there based on the user accessing the page.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sean
Tom what version of the GPMC are you using?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Wednesday, September 23, 2009 1:16 PM
To: NT System Admin Issues
Subject: Re: GPO question
Thanks, now I know. If I wanted to be able
Central store was exactly where I was going with that question. Just make sure
that once you deploy the central store (and clean up all your ADM files) that
you no longer use downlevel GP Editors.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Free, Bob [mailto:r
Nope you said exactly what I was going to :)
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, September 23, 2009 4:20 PM
To: NT System Admin Issues
Subject: RE: GPO question
I figured that was the logical reason for your
It does actually work - it's a cute trick that you can have fun with. It's not
remotely scientific though.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Wednesday, September 23, 2009 5:32 PM
To: NT System Admin Issues
No they are totally separate OSes.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, December 16, 2009 12:36 PM
To: NT System Admin Issues
Subject: Windows 2008 R2 Question
1 - 100 of 1370 matches
Mail list logo
