I have two forests that I need to create a trust relationship between. Do I have to do a zone transfer of their respective zones to gain name resolution to the other domain or do I need to create a lmhost record for the netbios name of the domain?? Also, there is a very tight firewall policy between the two domains... What ports should I open to create the trust and do I have to keep them open after the trust is created? Thx for the help.
----- Original Message ----- From: "Tony Murray" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, April 23, 2002 4:52 AM Subject: RE: [ActiveDir] 1000 row limit > The process described will update the default ldap query policy. In other words this will apply to all domain controllers. It is possible to apply policies to specific DCs or Sites using an optional attribute (queryPolicyObject). This is (briefly) referred to in the following article. > > http://www.microsoft.com/technet/treeview/default.asp?url=/TechNet/prodtechn ol/windows2000serv/reskit/distsys/part5/dsgappc.asp (check wrapping) > > I would have thought it was a best practice to set the page size in your code rather than change the ldap policy settings. A number of other applications (e.g. Exchange 2000) have dependencies on these ldap administration limits and the performance of these may be impacted by making untested changes. > > Tony > www.activedir.org > > ---------- Original Message ---------------------------------- > From: "O'Malley, Tim J." <TIMOTHY.J.O'[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > Date: Mon, 22 Apr 2002 15:54:02 -0700 > > Cliff/Todd > You can change the default settings for LDAP Policies using ntdsutil.exe . > Here's the procedure: > > http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q315071 > <http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q315071> > > Regards, > > Tim O'Malley, MCSE, MCNE > Systems Engineer > SAIC/San Diego > (858) 826-5170 > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > Sent: Monday, April 22, 2002 2:57 PM > To: [EMAIL PROTECTED] > Subject: RE: [ActiveDir] 1000 row limit > > > > You have to set it in the LDAP properties on the Domain Controller, but I > don't know where exactly. I want to know too! > > Cliff Connelly > Email Administrator > 1300 U Street > PO BOX 944246 > Sacramento CA 94244-2460 > (916) 324-0139 > > > -----Original Message----- > From: Fleenor Todd [ mailto:[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> ] > Sent: Monday, April 22, 2002 2:51 PM > To: '[EMAIL PROTECTED]' > Subject: [ActiveDir] 1000 row limit > > Is there a setting on an AD Domain controller that limits the size of LDAP > queries to 1000? > > I have read about using paging, etc. with ADO, but wanted to know if there > was also a setting on the Active Directory Domain Contoller. > > Thanks! > List info : http://www.activedir.org/mail_list.htm > <http://www.activedir.org/mail_list.htm> > List FAQ : http://www.activedir.org/list_faq.htm > <http://www.activedir.org/list_faq.htm> > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > <http://www.mail-archive.com/activedir%40mail.activedir.org/> > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
