Build them a web page that is a front-end for resetting a password. http://www.microsoft.com/technet/scriptcenter/scripts/ad/users/pwds/defa ult.mspx
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, February 25, 2005 3:33 PM To: [email protected] Subject: RE: [ActiveDir] Custom MMC How can it be DNS when he can do a NSLOOKUP and find all the SRV Records and is using my DNS Servers??? He can ping the domain name and can resolve every record to IP. Plus, I will not be able to do a Network Monitor since this is not a facility that we can work with, they subscribe to e-mail from us and I wanted to be able to provide them with reset password capabilities. What else can I try? Justin A. Salandra MCSE Windows 2000 & 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, February 25, 2005 4:47 PM To: [email protected] Subject: RE: [ActiveDir] Custom MMC That sounds like DNS issues. Time to get the network monitor out and watch the traffic and see where it fails. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, February 25, 2005 4:35 PM To: [email protected] Subject: RE: [ActiveDir] Custom MMC It did not work, Still getting Naming Information cannot be located error. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, February 25, 2005 12:16 PM To: [email protected] Subject: RE: [ActiveDir] Custom MMC Assuming the ID has permission to read that location, it should work fine. joe -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, February 25, 2005 11:49 AM To: [email protected] Subject: RE: [ActiveDir] Custom MMC I will try this however the msc I want to run is located at \\servername\consoles\filename.msc so should I do Runas /netonly /user:DOMAIN\USER cmd Password Type \\servername\consoles\filename.msc -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, February 25, 2005 11:10 AM To: [email protected] Subject: RE: [ActiveDir] Custom MMC Try this runas /netonly /user:domain\user cmd Then enter password At the command prompt that is opened type dsa.msc FYI. This is how I do all of my admin work. I fire up various command prompts in the various security contexts I need and color code them all. The more power the specific ID has the brighter more obnoxious the color of the window. I want there to be no clue when I am typing a command, what security context it is running under. Note that the DNS has to be right for this to work. If the machine that isn't trusted can't resolve the AD domain, you aren't going to be able to use MMC. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, February 25, 2005 10:55 AM To: Jorge de Almeida Pinto; [EMAIL PROTECTED]; [email protected] Subject: RE: [ActiveDir] Custom MMC When I ran this runas command we get an error called MMC unable to open. -----Original Message----- From: Jorge de Almeida Pinto [mailto:[EMAIL PROTECTED] Sent: Thursday, February 24, 2005 5:06 PM To: Salandra, Justin A.; '[EMAIL PROTECTED] '; '[email protected] ' Subject: RE: [ActiveDir] Custom MMC Hi, You're connecting to share with user account from the domain in location 2, BUT you're logged with the user account from the domain in location 1 (NT4) and thus the MMC is started in the context of the NT4 user account I don't think RUNAS will work as you don't have a trust between the domains. Try RUNAS /NETONLY /USER:<DOMAIN>\<USER> "MMC.EXE DSA.MSC" DSA.MSC is the "Active Directory Users and Computers MMC" replace this with the MMC of your choice Regards, Jorge -----Original Message----- From: [EMAIL PROTECTED] To: [email protected] Sent: 2/24/2005 10:43 PM Subject: [ActiveDir] Custom MMC Environment Windows NT 4 Domain Location 1 Windows 2000 Native Domain/Forest Location 2 No Trust relationship Custom MMC Resides on share on server in location 2 User has account in Location 2 domain User logged into Computer in Location 1 Users Computer is a member of Location 1 I have a user who is in a Windows NT 4 domain, running Windows 2000 Professional that I want to grant access for their Location 2 user account to reset passwords on their specific organizational unit. I setup a Custom MMC and saved it on a server share. The user has accessed the server share and when prompted to provide login credentials entered in his user account from Location 2. Double clicks on the MMC console and gets the following error Naming Information Cannot Be Located: The specified domain either does not exist or could not be contacted. When I login as the user form Location 2 on a computer form location 2 the MMC console works. DNS is working perfectly, he is using my DNS Server to do all resolutions. What could be the problem? Justin A. Salandra MCSE Windows 2000 & 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
