I think it is a thing admins who deal with lots of security contexts ends up falling into.
joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Cliffe Sent: Friday, February 25, 2005 11:33 AM To: [email protected] Subject: RE: [ActiveDir] Custom MMC That's funny...I do the *exact* same thing with my command shell windows :-) -DaveC Reuters Infrastructure -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, February 25, 2005 11:10 AM To: [email protected] Subject: RE: [ActiveDir] Custom MMC Try this runas /netonly /user:domain\user cmd Then enter password At the command prompt that is opened type dsa.msc FYI. This is how I do all of my admin work. I fire up various command prompts in the various security contexts I need and color code them all. The more power the specific ID has the brighter more obnoxious the color of the window. I want there to be no clue when I am typing a command, what security context it is running under. Note that the DNS has to be right for this to work. If the machine that isn't trusted can't resolve the AD domain, you aren't going to be able to use MMC. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, February 25, 2005 10:55 AM To: Jorge de Almeida Pinto; [EMAIL PROTECTED]; [email protected] Subject: RE: [ActiveDir] Custom MMC When I ran this runas command we get an error called MMC unable to open. -----Original Message----- From: Jorge de Almeida Pinto [mailto:[EMAIL PROTECTED] Sent: Thursday, February 24, 2005 5:06 PM To: Salandra, Justin A.; '[EMAIL PROTECTED] '; '[email protected] ' Subject: RE: [ActiveDir] Custom MMC Hi, You're connecting to share with user account from the domain in location 2, BUT you're logged with the user account from the domain in location 1 (NT4) and thus the MMC is started in the context of the NT4 user account I don't think RUNAS will work as you don't have a trust between the domains. Try RUNAS /NETONLY /USER:<DOMAIN>\<USER> "MMC.EXE DSA.MSC" DSA.MSC is the "Active Directory Users and Computers MMC" replace this with the MMC of your choice Regards, Jorge -----Original Message----- From: [EMAIL PROTECTED] To: [email protected] Sent: 2/24/2005 10:43 PM Subject: [ActiveDir] Custom MMC Environment Windows NT 4 Domain Location 1 Windows 2000 Native Domain/Forest Location 2 No Trust relationship Custom MMC Resides on share on server in location 2 User has account in Location 2 domain User logged into Computer in Location 1 Users Computer is a member of Location 1 I have a user who is in a Windows NT 4 domain, running Windows 2000 Professional that I want to grant access for their Location 2 user account to reset passwords on their specific organizational unit. I setup a Custom MMC and saved it on a server share. The user has accessed the server share and when prompted to provide login credentials entered in his user account from Location 2. Double clicks on the MMC console and gets the following error Naming Information Cannot Be Located: The specified domain either does not exist or could not be contacted. When I login as the user form Location 2 on a computer form location 2 the MMC console works. DNS is working perfectly, he is using my DNS Server to do all resolutions. What could be the problem? Justin A. Salandra MCSE Windows 2000 & 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ----------------------------------------------------------------- Visit our Internet site at http://www.reuters.com Get closer to the financial markets with Reuters Messaging - for more information and to register, visit http://www.reuters.com/messaging Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Reuters Ltd. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
