-b3da-9b56de3d187c.mspx
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.com/profile=35E388DE
Hi Rick,
Stop whining ;-)
You've been asked on 7/17 by Robbie.
Ulf
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
|Sent: Sunday, October 16, 2005 2:14 PM
|To: ActiveDir@mail.activedir.org
|Subject: RE: [ActiveDir] salary(OT)
|
|Oh, a
I'd be interested as well.
BTW for the original request (don't have it here separatelly to reply) I've
been told that there are some 3rd party tools which allow that kind of
Audit. E.g. inTrust from Quest claims to plug in front of the LSASS and
control which actions to log, which ones to apply an
otherwise we are still at 60 days. My box at home 'and'
|at the office are 60 days.
|My slip installed one is the only one with the new 180 value.
|
|I'm barely planting desktops let alone deploying forests. :-)
|
|Ulf B. Simon-Weidner wrote:
|
|>Hi Susan,
|>
|>
Hmm.
Do we really want to excuse prior failure of proper auditing by putting more
data into AD? Wouldn't that lead into every request of non-configured
auditing to requests for extending the AD? Do it right the first way.
I completely agree that we should make the people more auditing aware, and
Hmm - I wouldn't 100% call the domain the authentication "boundary".
Authentication in a W2k+ Network without any mods not to rely on the GC is
done - as you said - via DC of the same domain the account resides plus any
GC of the forest - not necessarily that a GC which resides in the same
domain
BTW - let us know when we can start the ad-campaign in our blogs / websites
;-)
Ulf
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of
|[EMAIL PROTECTED]
|Sent: Monday, October 17, 2005 2:40 PM
|To: ActiveDir@mail.activedir.org
|Subject: RE: [ActiveDir
ve deeper pockets, and larger needs. For
|the small to
|>medium businesses, it should not be so difficult nor should
|it *require* SQL
|>licensing or expertise.
|>
|>
|>
|>[1] I'm not saying that the quality has kept up, only that
|the hardware is
|>bigger, faster, stron
lity has kept up, only that the
|hardware is bigger, faster, stronger and cheaper.
|[2] I'm making that up, but it sounds reasonable
|
|
|
|
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
|Simon-Weidner
|Sent: Sunday, October 16, 2005 4:42 PM
|T
|
|So why don't you agree with the "general - forest is the
|security boundary - statement"?
|Jorge
|
|________
|
|From: [EMAIL PROTECTED] on behalf of Ulf B.
|Simon-Weidner
|Sent: Mon 10/17/2005 11:24 PM
|To: ActiveDir@mail.activedir.org
|Subject: RE: [Act
uld be and should
|meet those criteria above.
|
|We may just need to knock a few more edges off before
|submitting this FMR ;)
|
|
|>From: "Ulf B. Simon-Weidner" <[EMAIL PROTECTED]>
|>Reply-To: ActiveDir@mail.activedir.org
|>To:
|>Subject: RE: [ActiveDir] Knowing when use
y don't you agree with the "general - forest is the security
||boundary - statement"?
||Jorge
||
||
||
||From: [EMAIL PROTECTED] on behalf of Ulf B.
||Simon-Weidner
||Sent: Mon 10/17/2005 11:24 PM
||To: ActiveDir@mail.activedir.org
||Subject: RE: [Ac
t info", _is_ AD
|replication. Implying the data is in AD.
|
|Cheers,
|-Brett
|
|
|On Tue, 18 Oct 2005, Ulf B. Simon-Weidner wrote:
|
|> | Wherever the information gets put, it should be a) done as the
|> |default yet configurable b) centrally viewable (I should
|NOT have to
|
Subinacls has issues with spaces and is used in Rich's script. When doing
files I didn't find a fast way around and had to use the 8.1 name. Sucks -
doesn't it?
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Frank
AbagnaleSent: Tuesday, October 18, 2005 3:4
mere typo -
|
|
|"Hi Bratt"
|
|
|... still laughing at the irony ;o)
|
|ah hahahahaha
|
|--
|Dean Wells
|MSEtechnology
|* Email: [EMAIL PROTECTED]
|http://msetechnology.com
|
|
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
|Simon-Wei
increase costs but provide more isolation. Do
|the costs outweigh the benefits? It all depends on the
|particular organization.
|
|BTW, ich bin halb-deutsch. Mein mutter ist aus Berlin.
|
|-g
|
|
|-Original Message-----
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
IIRC
Repadmin /syncall /Aje
Ulf
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Free, Bob
|Sent: Wednesday, October 19, 2005 10:48 PM
|To: ActiveDir@mail.activedir.org
|Subject: RE: [ActiveDir] Force a Domain Sync
|
|Look into repadmin /syncall
|
|h
Title: Message
Hi Al,
you don't need IIS running on the machine where Virtual Server is
running. IIS supports the admin website, and you can put this on any other
server, and have couple servers managed from one machine. Since we are talking
about VS in BOs I'd recommend putting the virtual
I have to second that - I don't see much performance issues when
admininterface and the vs-host are seperated. The mgmt traffic should be
pretty low, the higher traffic is when connecting onto a machine via RDP,
VSRC or the webbased VSRC. Either or they will cause the traffic between the
VS-host an
I've done it during the day at a customer, but without much experience I
would strongly recommend doing it after hours! There are always minor things
which might happen, and without experience you don't know how to respond to
them right away, so give yourself the rest and peace of after hours.
Ulf
I did those too, and some other things to consider
were:
* Putting them inside a virtual machine with faked Subnetting in AD: Take
a class C Network and split it in AD Sites and Services, not TCP/IP, then you
can spare the router
* Assign the site membership for the host via GPO if it is in o
Hallo Michel,
Look a the VB-Script in KB 817433 ( http://support.microsoft.com/?id=817433
), especially the SetInheritanceFlag-Function.
Ulf
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of
|Bruyere, Michel
|Sent: Wednesday, October 26, 2005 12:48 AM
uot;? Is it a site that you don't replicate for a
|specific period of time in so if there is a disaster, you can
|get the data from the lag site??
|
|Thanks
|
|Russ
|
|
|
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Ulf
|B. Sim
//support.microsoft.com/default.aspx?scid=kb;en-us;840001>
http://support.microsoft.com/default.aspx?scid=kb;en-us;840001) in order to
repopulate the group memberships information (member and memberof
attributes).
Yann
_
De: [EMAIL PROTECTED] de la part de Ulf B. Simon-Weidner
D
3. IIRC W2k and XP has a password age of 30 days, NT4 of 15 days. The
Clients usually start to attempt to renew the password after half of the
password age, so 7,5-15 on NT and 15-30 on W2k+.
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom
KernSent: Tues
Hello Nathaniel,
What about the last known good bootoption (might work if you experience the
bsod before logon)?
Any other possibilities like save boot?
If one of these work you can try to find the failing device, and get rid of
the driver / whatever it needs to get it working again.
What about ch
That was working with W2k, doesn't work anymore since the screensaver has
lower priviledges in XP, WS2k3.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken
CornetetSent: Friday, November 04, 2005 6:41 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir]
Hello Devan,
The book Ken references is pretty good, the author, Brian Komar, did a lot
of PKI-Deployment at major companies across the US and the world, is a
visiting speaker at a lot of conferences like TechEds and is MVP for Windows
Security. His company is specialized in PKI-Deployments.
He a
> [mailto:[EMAIL PROTECTED] On Behalf Of Susan
> Bradley, CPA aka Ebitz - SBS Rocks [MVP]
>
> Windows 2003 r2 Enterprise [not standard] [and not a free upgrade]
>
Excepting for customers with Software Assurance, and you only need the
enterprise version on the Federation Servers and Federation
ere this might
come from and if anyone has seen it before.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
DCs were W2k SP4.
Anyone seen this before? OK - I've already fixed it by renaming
netlogon.dns and restarting netlogon, but I'm curious if anyone has ideas
where this might come from and if anyone has seen it before.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book &
nyone has ideas where this might come
from and if anyone has seen it before.
Gruesse -
Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Hi Danny,
I also agree that using not state-of-the-art hardware is better than missing
redundancy.
I've done multiple lag-site dcs virtualized on one physical hardware, used
clients or virtual machines for domain migrations as the update server, and
would also recommend to use better older har
Title: Export Users in a group
You can do this easily with dsget group cn=groupdn..
-members
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark
OrlandoSent: Monday, November 14, 2005 4:27 PMTo: Active
Directory Mailing ListSubject: [ActiveDir] Export Use
dsquery group domainroot -name mygroup | dsget group -members
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Pro
ards,
|
|Martin
|
|-Original Message-
|From: [EMAIL PROTECTED] [mailto:ActiveDir-
|[EMAIL PROTECTED] On Behalf Of Tomasz Onyszko
|Sent: Friday, November 25, 2005 1:06 PM
|To: ActiveDir@mail.activedir.org
|Subject: Re: [ActiveDir] Query out all user members in nested groups
|
|Ulf B. Simon-Weidn
to the system folder I’d be very careful
and test it prior to implementation. Also be aware that you need to disable the
file screening policy every time you are deploying an update or servicepack or
when you are installing new components.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP
Hi Susan,
I've seen issues with tombstones sitting around, such as bad written
software who still sees them. The main other reason for finally getting rid
of the tombstones is to free Active Directory space, but that shouldn't be
an issue in a SBS-Domain.
On the other hand I do not see the need in
So they don't age out if you disable the DLT-S-S, only if you stop the
DLT-C-S and let the DLT-S-S run for another 90 days.
Hmm - thinking if it wouldn't be neat to use dynamic objects for DLT (and
DNS?)
Ulf
|-Original Message-
|From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
If you want somehow prevent admins from rebooting the system remove
them from the local security setting which enables them to shutdown the system.
Note: the other group joe mentioned is created so you can controll
who’s able to shutdown the system (such as domain admins)
Note 2: the a
Hi
Dan,
as
joe said you can also modify the search base, so when creating the saved query
select the seach base (it’s on the first screen of the dialog which let’s
you add a saved query, not in the definition of the query itself). Sorry –
don’t have the interface in front of me so I’m n
Hello Shane,
look at psloggedon from www.sysinternals.com, this might help you.
Ulf
|-Original Message-
|From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Shane De Jager
|Sent: Thursday, December 01, 2005 10:50 AM
|To: ActiveDir@mail.activedir.org
|Subject: [ActiveDir] Getti
,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": <http://tinyurl.com/44zcz>
http://tinyurl.com/44zcz
Weblog: <http://msmvps.org/UlfBSimonWeidner>
http://msmvps.org/UlfBSimonWeidner
Website: <http://www.windowsserverfaq.org>
http://www.windowss
nobody knows or would be willing to support this. Theoretically
changing the name to lowercase shouldn’t influence anything, but is
anyone really sure that there’s no application or process who relies on
the same domain name and does not a unsensitive case compare?
Gruesse - Sincerely,
Ulf B
need to run
one command in your startup and logon-scripts to make the clients aware of that
policy.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP -
Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Web
32time using
net stop w32time && net start w32time
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": <http://tinyurl.com/44zcz>
http://tinyurl.com/44zcz
Weblog: <http://msmvps.org/UlfBSimonWeidner>
http://msmvps.org/UlfBSim
William.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile: http://mvp.support.microsoft.com/profile="">
Cool – Darren is blogging.
And already in OPML-o-Matter:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/12/30/80015.aspx
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://
enabling it for “Trusted
Sites” or other Zones which are outside your DMZ.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
d a OU-Structure out of these), and if you need more you can also
take the list of firstnames and lastnames and create more sample users.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/Ul
?q=%22automatic+site+coverage%22+%2Bsite%3Amicrosoft.com&FORM=QBRE
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
P
that users don’t have the rights to change them again.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profi
I’ll be there. I’m looking forward to meet everyone (again) – I love
those Conferences with a lot of community interaction!
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSi
ption")!!
Kat Collins
On 1/5/06, Ulf B. Simon-Weidner
<[EMAIL PROTECTED]>
wrote:
I'll be there. I'm
looking forward to meet everyone (again) – I love those Conferences with a lot
of community interaction!
Gruesse - Sincerely,
Ulf B. Simon-Weidner
– bummer.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": <http://tinyurl.com/44zcz>
http://tinyurl.com/44zcz
Weblog: <http://msmvps.org/UlfBSimonWeidner>
http://msmvps.org/UlfBSimonWeidner
Website: <http://www.w
areas of the
hotels.
Hope that Vegas is a more fun place – in Orlando they were shutting
everything down at 1am, in Barcelona at least the Hilton did the same.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
We
27;USBSTOR'",,48)
Background: USBStor is the device which takes care that USB-Memory-Devices
such as a thubdrive are working.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonW
roperty of the next user (Or
Enter / Arrow-right for the next attribute of the same user).
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq
didn’t take care of the
issues mentioned above since I don’t know that for sure, however those are
the things I’d check before implementing them into a production environment
I’m responsible for.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
"Windows XP - Die Expertentipps&q
Don't search for the book - search for yourself:
"Joe Richards" "Active Directory"
... gets you straight to your book.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.o
Agreed – multi mon rocks – I’d never go without
again!
Other than that I stripped everything down – I’m mainly
using my favorite laptop (Tablet) but got another one sitting around, one desktop
which I’m rarely using (mainly for larger downloads or processing I don’t
want to bother my ma
AFAIK the clients will first contact the last DC which is stored in the
registry, this DC will verify their IP with the site-informations stored in
AD. He will reply the sites DCs to the client in the NetlogonEx-Packet, and
the client will try to contact one of these.
Note that the client may retri
See
http://msmvps.com/blogs/ulfbsimonweidner/archive/2005/05/29/49659.aspx
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Aguilar, Louis
Sent: Wednesday, February 01, 2006 11:06 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Permissions are res
wOwner
objAD.Put "ntSecurityDescriptor", Array(objSD)objAD.SetInfo
There might be some settings or commands missing (for example you
can set how/what should be updated by using objAD.SetOption ), but it should
work as a starting point for you.
Gruesse - Sincerely,
Ulf B. Simon-We
Hi Frank,
with those large roaming profiles you need
to
1. educate your users
2. question the use of roaming
profiles
In fact I've seen a lot of companies who tend to stick
to local only profiles in the recent past. Roaming profiles are great - however
I see them in infrastructures where
would be a good
start.
thanks
Frank
Ulf - you are not the first to mention Carl Hanratty, you won't be
the last!"Ulf B. Simon-Weidner"
<[EMAIL PROTECTED]> wrote:
Hi Frank,
with those large roaming profiles you need
to
1.
or a meeting or presentation can have
network access and VPN into his own company if needed, and your employees
are also able to gain access and VPN into their company.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
P.S.: Not directed to you Brian, but to the others. This post just fits here
after
ted attributes like MapiIDs or LinkIDs?
You are able to change them, but not supported. However PSS will tell you how to
do it if you need it.
[1]
want to see your custom attributes in the GAL? Welcome to the world of MapiIds
;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Win
If you want a single command line which only starts if it
stopped correctly ...
net stop dns && net start dns
;-)
(sorry - couldn't resist)
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Tuesday, February 07, 2006 12:57 AMTo:
ActiveDir@mail.act
Go for it
Redundant Disks for the OS + AD:
First suggestion with 1-6, but instead of backup pull and
resync disks.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWe
hema
extension".
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Profile: http://mvp.support.microsoft.com/profile="&quo
Hm - you're right - don't write tired and exhausted.
Seize it and clean the old one out of AD.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWei
s.
However I'm always curious for other suggestions ;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.sup
esult will always be
a non-updated schema.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.
on x64 will perform better than on 32-bit,
since it’s very likely you already have some of the newer servers with
x64 I’d just give it a try for one DC yourself.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile &
Publications: http://mvp.support.microsoft.com/profile=""
different domain
or even forest to manage them, or want to know very closely what the
requirements are and keep an extra eye on those machines. Don’t put lives
at jeopardy b/c of a misconfigured GPO.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile &
Publications:
Hi Dmitri,
And DSAcls still does not display a computer accounts ACL if someone was
being delegated permission to join a computer to this account using ADUC:
http://www.windowsserverfaq.org/faq/CompACLs.asp
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
Just stepped across this - thanks for fixing it!
Ulf
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Freitag, 4. August 2006 09:26
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] ldp in ADAM-SP1
Hi Dmitri,
And
nTab.asp
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D>
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: http://msmvps.org/UlfBSimo
user you can use ldp\script etc.. to set the
msNPAllowDialin == true.
It should reflect properly in ADUC when you next view that user..
spat
- Original Message -
From: Ulf B. Simon-Weidner <mailto:[EMAIL PROTECTED]>
To: ActiveDir@mail.activedir.org
Sent: Thursday,
ge from MS that
this is respected.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D>
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog:
: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: 10 December 2006 12:06
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Quest Recovery Manager
I do disagree since we might have other withes, issues, possibilities with
Longhorn, so I'd wait when sp
I can't remember exactly, but I think I've heard a Q1 at one of the
conferences last year. IIRC.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D>
http://mvp.support.micr
he inheritance flag would be
complicated, but it's complicated to generalize that it should be reset in
any case.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile &
Publications: http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-
B489-F2F1214C811D
Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Monday, 22 January 2007 11:32 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AdminSDHolder orphans
Hi Tony,
late response as well - sorry.
I guess why this isn't cleane
DC A in Site B,
however make sure that you are only deleting the SRV-Records underneath the
DNS-Subdomains of the Site-specific Records in the Site B-DNS-Domains
(looks like folders in the DNS Managementconsole).
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
in controller policy). So it seems that DCa is
still advertising himself as DC in site B. I will look why the process does
not work in our case... :(
We did not configured automatic aging/scavenging, i will look also into this
option.
Thanks again,
Yann
"Ulf B. Simon-Weidner"
approaching ;-) ).
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D>
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: http://msmvps.org/UlfBSimon
created manually, you might just
recreate it without a .1 at the end (test this and verify the printers
name), if it was registered automatically you need to change the name of the
printer.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.supp
No Zone – no properties ;-)
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Mittwoch, 24. Januar 2007 20:24
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] [OT] Odd Folder under Forward Lookup Zone
What are properties of the 1 zone?
On 1/24/07, EI
urity Options
And is named
Interactive logon: Prompt user to change password before expiration
Just a guess.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D>
http://mvp.support.m
things? See you in March?
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D>
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D
Weblog: http://msm
sure it was someone
(probably me!) just typed a .1 in some setting on the printer and allowed it
to register in DNS.
Many thanks.
-- nme
Noah Eiger
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Wednesday, January 24, 2007 12:29
Robocopy with the /B-Switch should work.
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Donnerstag, 25. Januar 2007 13:10
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: maintaining "creation date" when copying
directories?
What "m
Many thanks.
-- nme
Noah Eiger
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Wednesday, January 24, 2007 12:29 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OT] Odd Folder under Forward Lookup Zone
Just 9:30
Weird.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D>
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: http://msmvps.org/UlfBSimonWeidner>
ht
Hi Stu,
I don't think there's a way to expose mulitvalued attributes with CSVDE -
you'd either have to use LDIFDE or VBScript or anything else to view all
values of those attributes.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.su
the trick.
Thanks for bringing this up so I had to look into it - I'll blog this since
it's a very interesting change.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile & Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D>
http://mvp.su
OU, site) where you
linked the GPO.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile &
Publications: http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-
B489-F2F1214C811D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
-Original M
icy which allows logon only if
homedir is available, however doing it in the logon-script works pretty well.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps": http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: h
1 - 100 of 251 matches
Mail list logo
