RE: [ActiveDir] OT: M$
You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert DuroSent: Sunday, November 12, 2006 10:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Laura A. RobinsonSent: Thursday, November 09, 2006 6:14 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as "M$" on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positiveview of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra KalyankarSent: Thursday, November 09, 2006 10:16 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or _vbscript_? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url=""> -- Sincerely,J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts on this mailing list, I realize I could make my job easier if I knew how to script. I have no experience in scripting, but would like to know what books do you recommend as a beginner's book on scripting? Also, I don't really know the difference between WSH and _vbscript_, so if anyone could explain that, I'd appreciate that. After browsing through Amazon, I saw several books on WSH and _vbscript_, but don't know where I should focus on. I'm also open to computer based training (CBT) videos of any exist. Thanks in advance. PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies.
RE: [ActiveDir] OT: M$
Clearly there are differing opinions about whether it's merely "slang" or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the "useless air farce" and expect its members to think that's funny. I don't take offense when people refer to Microsoft as "borg" or talk about "drinking the Kool-Aid"; in fact, I have been known to reference both myself. However, I remember the origin of "M$" (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 5:48 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert DuroSent: Sunday, November 12, 2006 10:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Laura A. RobinsonSent: Thursday, November 09, 2006 6:14 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as "M$" on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positiveview of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra KalyankarSent: Thursday, November 09, 2006 10:16 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or _vbscript_? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url=""> -- Sincerely,J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts on this mailing list, I realize I could make my job easier if I knew how to script. I have no experience in scripting, but would like to know what books do you recommend as a beginner's book on scripting? Also, I don't really know the difference between WSH and _vbscript_, so if anyone could explain that, I'd appreciate that. After browsing through Amazon, I saw several books on WSH and _vbscript_, but don't know where I should focus on. I'm also open to computer based training (CBT) videos of any exist. Thanks in advance. PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are
RE: [ActiveDir] OT: M$
Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: 13 November 2006 11:31 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Clearly there are differing opinions about whether it's merely slang or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the useless air farce and expect its members to think that's funny. I don't take offense when people refer to Microsoft as borg or talk about drinking the Kool-Aid; in fact, I have been known to reference both myself. However, I remember the origin of M$ (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Monday, November 13, 2006 5:48 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert Duro Sent: Sunday, November 12, 2006 10:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Laura A. Robinson Sent: Thursday, November 09, 2006 6:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as M$ on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positiveview of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra Kalyankar Sent: Thursday, November 09, 2006 10:16 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or _vbscript_? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url=""> -- Sincerely, J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts on this mailing list, I realize I could make my job easier if I knew how to script. I have no experience in scripting, but would like to know what books do you recommend as a beginner's book on scripting? Also, I don't really know the difference between WSH and _vbscript_, so if anyone could explain that, I'd appreciate that. After browsing through Amazon, I saw several books on WSH and _vbscript_, but don't know where I should focus on. I'm also open to computer based training (CBT) videos of any exist. Thanks in advance. PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that
Re: [ActiveDir] OT: M$
First thing my reference to Microsoft as M$, never thought it would offend someone. I have many friends in Microsoft and even during our personal e-mails I do reference Microsoft as M$ and none ever complained to me and I forwarded Laura's e-mail to them but then again everyone is not the same...anyways I never meant it in a negative way...and e-mail being an impersonal medium all I can do is type... and if I offended someone I do apologise especially to Laura and other Microsoft employees who are offened by this symbol! :-) -- Sincerely,J On 11/13/06, Laura A. Robinson [EMAIL PROTECTED] wrote: Clearly there are differing opinions about whether it's merely slang or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the useless air farce and expect its members to think that's funny. I don't take offense when people refer to Microsoft as borg or talk about drinking the Kool-Aid; in fact, I have been known to reference both myself. However, I remember the origin of M$ (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 5:48 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Albert DuroSent: Sunday, November 12, 2006 10:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Laura A. RobinsonSent: Thursday, November 09, 2006 6:14 PMTo: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as M$ on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positiveview of Microsoft? Laura From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Jitendra KalyankarSent: Thursday, November 09, 2006 10:16 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or _vbscript_? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url="" -- Sincerely,J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts on this mailing list, I realize I could make my job easier if I knew how to script. I have no experience in scripting, but would like to know what books do you recommend as a beginner's book on scripting? Also, I don't really know the difference between WSH and _vbscript_, so if anyone could explain that, I'd appreciate that. After browsing through Amazon, I saw several books on WSH and _vbscript_, but don't know where I should focus on. I'm also open to computer based training (CBT) videos of any exist. Thanks in advance. PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the
Re: [ActiveDir] OT: M$
I agree about the origin but I think that the usage/meaning of M$ has changed the last years. I think that is evolution or something. Today I see people using it all around, even those that only work on Microsoft platforms for many years. I also agree on the relativation approach. A lot of people laugh with misery and other things, why not sometimes smile with little things like that. OK in the past it was used in a totally different way, but I think that we have evolved now... Let's move on! Personally I use MS as it is commonly known and types really fast :-) On 11/13/06, Laura A. Robinson [EMAIL PROTECTED] wrote: Clearly there are differing opinions about whether it's merely slang or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the useless air farce and expect its members to think that's funny. I don't take offense when people refer to Microsoft as borg or talk about drinking the Kool-Aid; in fact, I have been known to reference both myself. However, I remember the origin of M$ (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Monday, November 13, 2006 5:48 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek expression and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why we nickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert Duro Sent: Sunday, November 12, 2006 10:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek expression. Let's not get _too_ PC please :/ neil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Laura A. Robinson Sent: Thursday, November 09, 2006 6:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: M$ Just out of curiosity, what makes people think it's appropriate to refer to Microsoft as M$ on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positive view of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra Kalyankar Sent: Thursday, November 09, 2006 10:16 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or VBScript? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnanchor/html/scriptinga.asp -- Sincerely, J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts on this mailing list, I realize I could make my job easier if I knew how to script. I have no experience in scripting, but would like to know what books do you recommend as a beginner's book on scripting? Also, I don't really know the difference between WSH and VBScript, so if anyone could explain that, I'd appreciate that. After browsing through Amazon, I saw several books on WSH and VBScript, but don't know where I should focus on. I'm also open to computer based training (CBT) videos of any exist. Thanks in advance. PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1)
[ActiveDir] Matt Duguid/DIA is out of the office.
I will be out of the office starting 13/11/2006 and will not return until 17/11/2006. Hi there, I am away from the office this week on training and will be back on Monday 20/05/2006. In my absence please contact either Sean White/Michael Chen or the Helpdesk on x8081. Thanks, Matt D List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: M$
There's a reason for the "OT" portion of the subject line, you know. ;-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 6:42 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 11:31To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Clearly there are differing opinions about whether it's merely "slang" or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the "useless air farce" and expect its members to think that's funny. I don't take offense when people refer to Microsoft as "borg" or talk about "drinking the Kool-Aid"; in fact, I have been known to reference both myself. However, I remember the origin of "M$" (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 5:48 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert DuroSent: Sunday, November 12, 2006 10:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Laura A. RobinsonSent: Thursday, November 09, 2006 6:14 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as "M$" on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positiveview of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra KalyankarSent: Thursday, November 09, 2006 10:16 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or _vbscript_? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url=""> -- Sincerely,J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts on this mailing list, I realize I could make my job easier if I knew how to script. I have no experience in scripting, but would like to know what books do you recommend as a beginner's book on scripting? Also, I don't really know the difference between WSH and _vbscript_, so if anyone could explain that, I'd appreciate that. After browsing through Amazon, I saw
RE: [ActiveDir] OT: M$
;oP Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: 13 November 2006 12:16 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ There's a reason for the OT portion of the subject line, you know. ;-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Rutherford Sent: Monday, November 13, 2006 6:42 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: 13 November 2006 11:31 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Clearly there are differing opinions about whether it's merely slang or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the useless air farce and expect its members to think that's funny. I don't take offense when people refer to Microsoft as borg or talk about drinking the Kool-Aid; in fact, I have been known to reference both myself. However, I remember the origin of M$ (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Monday, November 13, 2006 5:48 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert Duro Sent: Sunday, November 12, 2006 10:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Laura A. Robinson Sent: Thursday, November 09, 2006 6:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as M$ on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positiveview of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra Kalyankar Sent: Thursday, November 09, 2006 10:16 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or _vbscript_? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url=""> -- Sincerely, J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts on this mailing list, I realize I could make my job easier if I knew how to script. I have no experience in scripting, but would like to know what books do you recommend as a beginner's book on scripting? Also, I don't really know the difference between WSH and _vbscript_, so if anyone could explain that, I'd appreciate that. After browsing through Amazon, I saw several books on WSH and _vbscript_, but don't know where I should focus on. I'm also open to computer based training (CBT) videos of any exist. Thanks in advance. PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must
RE: [ActiveDir] OT: M$
Useless Air Farce would not be found funny because its just that, not funny. Funnier is US Chair Force. Thats funny, and people here laugh at it all the time. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 7:32 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ ;oP Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 12:16To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ There's a reason for the "OT" portion of the subject line, you know. ;-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 6:42 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 11:31To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Clearly there are differing opinions about whether it's merely "slang" or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the "useless air farce" and expect its members to think that's funny. I don't take offense when people refer to Microsoft as "borg" or talk about "drinking the Kool-Aid"; in fact, I have been known to reference both myself. However, I remember the origin of "M$" (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 5:48 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert DuroSent: Sunday, November 12, 2006 10:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Laura A. RobinsonSent: Thursday, November 09, 2006 6:14 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as "M$" on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positiveview of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra KalyankarSent: Thursday, November 09, 2006 10:16 AMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or _vbscript_? This is the link to M$ to start with...very good info
Re: [ActiveDir] OT: M$
Humz... This is going into a direction like who will define what's funny or what isn't? Nobody can, it's personal! And there are a lot of examples concerning the subject humour, remind for example the issue of a comic published in Denmark this year? On 11/13/06, Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] wrote: Useless Air Farce would not be found funny because its just that, not funny. Funnier is US Chair Force. Thats funny, and people here laugh at it all the time. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Rutherford Sent: Monday, November 13, 2006 7:32 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ ;oP Rob Robert Rutherford QuoStar Solutions Limited T:+44 (0) 8456 440 331 F:+44 (0) 8456 440 332 M:+44 (0) 7974 249 494 E:[EMAIL PROTECTED] W:www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: 13 November 2006 12:16 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ There's a reason for the OT portion of the subject line, you know. ;-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Rutherford Sent: Monday, November 13, 2006 6:42 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T:+44 (0) 8456 440 331 F:+44 (0) 8456 440 332 M:+44 (0) 7974 249 494 E:[EMAIL PROTECTED] W:www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: 13 November 2006 11:31 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Clearly there are differing opinions about whether it's merely slang or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the useless air farce and expect its members to think that's funny. I don't take offense when people refer to Microsoft as borg or talk about drinking the Kool-Aid; in fact, I have been known to reference both myself. However, I remember the origin of M$ (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Monday, November 13, 2006 5:48 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek expression and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why we nickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert Duro Sent: Sunday, November 12, 2006 10:27 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek expression. Let's not get _too_ PC please :/ neil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Laura A. Robinson Sent: Thursday, November 09, 2006 6:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: M$ Just out of curiosity, what makes people think it's appropriate to refer to Microsoft as M$ on an MS-focused mailing list whose participants include Microsoft employees, Microsoft contractors, Microsoft MVPs and various other people who may have a relatively positive view of Microsoft? Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jitendra Kalyankar Sent: Thursday, November 09, 2006 10:16 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Beginner's Book on Scripting - WSH or VBScript? This is the link to M$ to start with...very good info http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnanchor/html/scriptinga.asp -- Sincerely, J On 11/9/06, Stu Packett [EMAIL PROTECTED] wrote: Hello everyone. After reading through a lot of the posts
[ActiveDir] how to access blocked site.
Hi all, It could be wrong question but I want to know about how toacess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi
RE: [ActiveDir] OT: M$
Exactly. M$ just isn't funny. Borg, kool-aid, those are funny. M$ isn't. Go figure. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 7:46 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Useless Air Farce would not be found funny because its just that, not funny. Funnier is US Chair Force. Thats funny, and people here laugh at it all the time. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 7:32 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ ;oP Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 12:16To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ There's a reason for the "OT" portion of the subject line, you know. ;-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 6:42 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 11:31To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Clearly there are differing opinions about whether it's merely "slang" or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the "useless air farce" and expect its members to think that's funny. I don't take offense when people refer to Microsoft as "borg" or talk about "drinking the Kool-Aid"; in fact, I have been known to reference both myself. However, I remember the origin of "M$" (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 5:48 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert DuroSent: Sunday, November 12, 2006 10:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Laura A. RobinsonSent: Thursday, November 09, 2006 6:14 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: M$ Just out of curiosity, whatmakes people think it's appropriate to refer toMicrosoft as "M$" on an MS-focused mailing list whose
RE: [ActiveDir] OT: M$
Exactly, is exactly right. You cant impose your own humor preferences on someone because you consider it unfunny. You just dont laugh. You can't stop bad jokes, because someone, somewhere is laughing at them. Just not you. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: Monday, November 13, 2006 8:20 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Exactly. M$ just isn't funny. Borg, kool-aid, those are funny. M$ isn't. Go figure. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 7:46 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Useless Air Farce would not be found funny because its just that, not funny. Funnier is US Chair Force. Thats funny, and people here laugh at it all the time. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 7:32 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ ;oP Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 12:16To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ There's a reason for the "OT" portion of the subject line, you know. ;-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 6:42 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 11:31To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Clearly there are differing opinions about whether it's merely "slang" or whether it's an inappropriate slur. Simpler just not to use it, don't you think? I mean, I don't refer to the USAF as the "useless air farce" and expect its members to think that's funny. I don't take offense when people refer to Microsoft as "borg" or talk about "drinking the Kool-Aid"; in fact, I have been known to reference both myself. However, I remember the origin of "M$" (unlike, I suspect, some of those who use the phrase and think it's funny), and I think it's ignorant and inappropriate for people to use it on a Microsoft-centric list. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 5:48 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ You have to be able to laugh at yourself. M$ is a tounge in cheek _expression_ and certainly a corporation like Microsoft can laugh at itself when M$ is used as slang in its reference. Thats why wenickname really big guys tiny. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Albert DuroSent: Sunday, November 12, 2006 10:27 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] OT: M$ being conciliatory is laudable, but I think you're missing the point. It's not wether anybody is offended or not -- the question is why does someone come into a peaceful gathering casting offense. Especially when it's not necessary. If someone deliberately spits on the dinner table, do you say 'oh, well, he didn't hit any plate, let's just forget it' ? or even worse, 'he hit someone else's plate -- no worries.' - Original Message - From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Friday, November 10, 2006 9:08 AM Subject: RE: [ActiveDir] OT: M$ I highly doubt that any MS employee takes offence at what is surely as tongue in cheek _expression_. Let's not get _too_ PC please :/ neil -Original
RE: [ActiveDir] how to access blocked site.
Hi Ajay, This isnt the right forum for such a request, I suggest you go onto google and type proxy avoidance Cheers, Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ajay Kumar Sent: 13 November 2006 13:18 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] how to access blocked site. Hi all, It could be wrong question but I want to know about how toacess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi
[ActiveDir]AD SECURITY.Run As command used - to impersonate Administrators
Hi, So I decided to try out GFI event monitor, I am loving it so far, but I am not a security expert so I am easy to impress. Anyway, I got a bunch of emails like the one below. Have you guys seen something similar in your logs? Is this someone trying to hack ora service trying to run something? Thanks Subject: 11/12/2006 12:28:38 PM "Run As" command used - to impersonate Administrators - outside work hours - Critical - servername - 552 Logon attempt using explicit credentials: Logged on user: User Name: administrator Domain: domain Logon ID: (0x2,0x9D018B17) Logon GUID: {ec9c7758-8375-8064-3e03-8e860a568322} User whose credentials were used: Target User Name: administrator Target Domain: domain.com Target Logon GUID: {13d439ef-0597-c23e-aa24-8ca92f9e7730} Target Server Name: server.domain.com Target Server Info: cifs/server.domain.com Caller Process ID: 1620 Source Network Address: - Source Port: -.org/
RE: [ActiveDir] OT: M$
It's my music drive. What I'm trying to figure out is how did everyone know about it? :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Friday, November 10, 2006 1:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Ah - now I see - that must be their back-door to access every system Windows is running on ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Lefkovics Sent: Friday, November 10, 2006 9:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ What does all this have to do with the hidden administrative share on the M: drive? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Thursday, November 09, 2006 6:17 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ You're not a fake employee, I've seen you. :-) BrettSh, too. It's that Stuart Kwan guy whose existence I'm doubting. (Come on, was that enough to inspire the rarity that is a Stuart Kwan ActiveDir post? Please? PLEASE?!?!?!?!?!?!?!?!?!?!? ;-)) On 11/9/06, Eric Fleischman [EMAIL PROTECTED] wrote: Not that I really care if people say M$ or not, but I thought I'd comment on one thing, in the name of full disclosure.. My participation on this list has __nothing__ to do with money. I don't get compensated on any level for this. Heck, I don't even work on AD anymore, so this is like 2 degrees of separation away from anything that MS compensates me for. So, is MS out to make $? Sure. Is AD part of that money-making strategy? Sure. Does that have anything to do with MS employee participation on this list? I don't think so. Others (at least those that I can recall posting here as I type this mail) on this list fall in to the same boat. A couple of them don't work on AD anymore either. Why do I hang out here? I do it because I care about customers and about AD/ADAM. It has nothing to do with my salary. It's also why I still blog about AD, answer newsgroup questions, answer internal questions (DLs, PSS, MCS, other PGs, etc.), handle direct emails from a myriad of non-MS people (some I know, some are totally out of the blue), fix code for people that ask for help, etc. I don't get paid for any of this. ~Eric Borg #145719302 Insert conspiracy theory here about how this whole mail is a lie and the man actually wrote it on behalf of the fake employee that goes by Eric Fleischman List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
Re: [ActiveDir] how to access blocked site.
As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir]AD SECURITY.Run As command used - to impersonate Administrators
Could be a backup system or something like that kicking off a run as looks like it. I dont know the product though. Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan Sent: 13 November 2006 14:39 To: ActiveDir@mail.activedir.org Subject: [ActiveDir]AD SECURITY.Run As command used - to impersonate Administrators Hi, So I decided to try out GFI event monitor, I am loving it so far, but I am not a security expert so I am easy to impress. Anyway, I got a bunch of emails like the one below. Have you guys seen something similar in your logs? Is this someone trying to hack ora service trying to run something? Thanks Subject: 11/12/2006 12:28:38 PM Run As command used - to impersonate Administrators - outside work hours - Critical - servername - 552 Logon attempt using explicit credentials: Logged on user: User Name: administrator Domain: domain Logon ID: (0x2,0x9D018B17) Logon GUID: {ec9c7758-8375-8064-3e03-8e860a568322} User whose credentials were used: Target User Name: administrator Target Domain: domain.com Target Logon GUID: {13d439ef-0597-c23e-aa24-8ca92f9e7730} Target Server Name: server.domain.com Target Server Info: cifs/server.domain.com Caller Process ID: 1620 Source Network Address: - Source Port: - .org/
[ActiveDir] Password Police Question on Forest-ChildDomain relationship
Dear List readers, I have a Forest (W2K3 FFL) with an empty root domain and a single child domain (W2K3 FFL). Today I changed the password on all my servers in the child domain including the domain controllers. I meant to exclude them but did not. Now they have the same password as my member servers. I went to change the password again on the DCs in the child domain, but they will not let me. "Your password must be at least 8 characters, cannot repeat any of your previous 0 passwords and must be at least 1 days old" is the error I get. I have a domain policy set for the computers in the domain, whichhas the complexity specified above as far as characters, but the group policy (default Domain Controllers) for my DCs in the child domain is "Not Defined" in all of the password policy options. Nor is there anything defined in the Forest Root Default Domain Controllers policy, which I thought might be flowing down to my Child Domain DCs. I cannot find where the policy might be set keeping me from changing the password in my Child Domain DCs. Would anyone know where to find that setting? I would like to reset my Child DCs so their password is different. Rocky Habeeb Microsoft Systems Administrator James W. Sewall Company Old Town, Maine
RE: [ActiveDir] how to access blocked site.
LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] Password Police Question on Forest-ChildDomain relationship
What passwords are you talking about? For which accounts? It will not let you change the password as the policy mentions: at least 1 day old Password policies are not defined in the default domain controllers policy, but in the default domain policy Cheers, jorge From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rocky Habeeb Sent: maandag 13 november 2006 15:56 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Password Police Question on Forest-ChildDomain relationship Dear List readers, I have a Forest (W2K3 FFL) with an empty root domain and a single child domain (W2K3 FFL). Today I changed the password on all my servers in the child domain including the domain controllers. I meant to exclude them but did not. Now they have the same password as my member servers. I went to change the password again on the DCs in the child domain, but they will not let me. Your password must be at least 8 characters, cannot repeat any of your previous 0 passwords and must be at least 1 days old is the error I get. I have a domain policy set for the computers in the domain, whichhas the complexity specified above as far as characters, but the group policy (default Domain Controllers) for my DCs in the child domain is Not Defined in all of the password policy options. Nor is there anything defined in the Forest Root Default Domain Controllers policy, which I thought might be flowing down to my Child Domain DCs. I cannot find where the policy might be set keeping me from changing the password in my Child Domain DCs. Would anyone know where to find that setting? I would like to reset my Child DCs so their password is different. Rocky Habeeb Microsoft Systems Administrator James W. Sewall Company Old Town, Maine This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
Re: [ActiveDir] how to access blocked site.
You could go home? There must be a reason why it is blocked - usually put up with it - or if it's an error get the admin to unblock it - errors often occur around places - such and sussex, middlesex or phrases that are badly punctuated. I will not give any such example here though as I am bound to cause offence no matter what I write. Regards, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Ajay Kumar [EMAIL PROTECTED] Date: Mon, 13 Nov 2006 18:48:17 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] how to access blocked site. Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi [EMAIL PROTECTED] šŠV«r¯yÊý§-Š÷�Š¹šŠVœ¶+Þv*è®
RE: [ActiveDir] Password Police Question on Forest-ChildDomain relationship
Thanks Jorge, I just figured that out by virtue of the fact that nothing was defined in the Default Domain Controllers Policy. Can you answer these questions please? [1] Why does the Default Domain Controllers Security Policy have a password section? [2] What happens if you change a setting in it? (ie: who does it apply to?) [3] If you set a password policy at the empty forest root level, does it flow down to children and set things sans conflict at the child domain? As always, I appreciate you helpful insight. RH -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Almeida Pinto, Jorge deSent: 13 November, 2006 10:43 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Password Police Question on Forest-ChildDomain relationship What passwords are you talking about? For which accounts? It will not let you change the password as the policy mentions: at least 1 day old Password policies are not defined in the default domain controllers policy, but in the default domain policy Cheers, jorge From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rocky HabeebSent: maandag 13 november 2006 15:56To: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Password Police Question on Forest-ChildDomain relationship Dear List readers, I have a Forest (W2K3 FFL) with an empty root domain and a single child domain (W2K3 FFL). Today I changed the password on all my servers in the child domain including the domain controllers. I meant to exclude them but did not. Now they have the same password as my member servers. I went to change the password again on the DCs in the child domain, but they will not let me. "Your password must be at least 8 characters, cannot repeat any of your previous 0 passwords and must be at least 1 days old" is the error I get. I have a domain policy set for the computers in the domain, whichhas the complexity specified above as far as characters, but the group policy (default Domain Controllers) for my DCs in the child domain is "Not Defined" in all of the password policy options. Nor is there anything defined in the Forest Root Default Domain Controllers policy, which I thought might be flowing down to my Child Domain DCs. I cannot find where the policy might be set keeping me from changing the password in my Child Domain DCs. Would anyone know where to find that setting? I would like to reset my Child DCs so their password is different. Rocky Habeeb Microsoft Systems Administrator James W. Sewall Company Old Town, Maine This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
Re: [ActiveDir] how to access blocked site.
He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] how to access blocked site.
I'm with Sue on this one. Attempting to By-Pass the proxy is attempting to subvert the security systems. In out Policy this is a dismissible offence, regardless of having accessed any restricted sites. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: 13 November 2006 16:29 To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. As a public body, the Council may be required to disclose this email, or any response to it, under the Freedom of Information Act 2000, unless the information in it is covered by one of the exemptions in the Act. If you receive this email in error please notify Stockport e-Services via [EMAIL PROTECTED] and then permanently remove it from your system. Thank you. http://www.stockport.gov.uk ** List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] how to access blocked site.
Hmm. That's a dubious stretch. Does that mean all those folks in China that find ways to bypass their government-controlled proxy are endangering us all and should be stopped? There may be lots of legitimate reasons why someone needs to do this. I don't think it should be assumed that suddenly we are all at risk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 8:29 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: M$
People are boring talking about the exchange problems and start educate each other :) Keep going Let's start again: M$ its funny or injurious ? Anyone else ? A bored list reader -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Monday, November 13, 2006 4:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ It's my music drive. What I'm trying to figure out is how did everyone know about it? :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Friday, November 10, 2006 1:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Ah - now I see - that must be their back-door to access every system Windows is running on ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Lefkovics Sent: Friday, November 10, 2006 9:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ What does all this have to do with the hidden administrative share on the M: drive? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Thursday, November 09, 2006 6:17 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ You're not a fake employee, I've seen you. :-) BrettSh, too. It's that Stuart Kwan guy whose existence I'm doubting. (Come on, was that enough to inspire the rarity that is a Stuart Kwan ActiveDir post? Please? PLEASE?!?!?!?!?!?!?!?!?!?!? ;-)) On 11/9/06, Eric Fleischman [EMAIL PROTECTED] wrote: Not that I really care if people say M$ or not, but I thought I'd comment on one thing, in the name of full disclosure.. My participation on this list has __nothing__ to do with money. I don't get compensated on any level for this. Heck, I don't even work on AD anymore, so this is like 2 degrees of separation away from anything that MS compensates me for. So, is MS out to make $? Sure. Is AD part of that money-making strategy? Sure. Does that have anything to do with MS employee participation on this list? I don't think so. Others (at least those that I can recall posting here as I type this mail) on this list fall in to the same boat. A couple of them don't work on AD anymore either. Why do I hang out here? I do it because I care about customers and about AD/ADAM. It has nothing to do with my salary. It's also why I still blog about AD, answer newsgroup questions, answer internal questions (DLs, PSS, MCS, other PGs, etc.), handle direct emails from a myriad of non-MS people (some I know, some are totally out of the blue), fix code for people that ask for help, etc. I don't get paid for any of this. ~Eric Borg #145719302 Insert conspiracy theory here about how this whole mail is a lie and the man actually wrote it on behalf of the fake employee that goes by Eric Fleischman List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
[ActiveDir] Timeout period on object moves?
All- I'm trying to track down some interesting behavior in GP processing. I am wondering how AD deals with object moves. Specifically, I am moving a computer object around between OUs and it appears that the computer itself is not picking up every move during GP processing as I would expect. I don't see where the behavior could be coming from on the client side (I even deleted the value in the registry where GP stores the DN of the object) and so I'm wondering if AD is doing something here when it returns the results of theLDAP query that the client does during GP processing to determine its location in AD. Its almost as if AD is caching the previous location of the object to dampen excessive object moves. Sounds weird but I'm wondering if anyone has an explanation to this? Darren Darren Mar-Elia For comprehensive Windows Group Policy Information, check out www.gpoguy.com-- the best source for GPO FAQs, video training, tools and whitepapers. Also check out the Windows Group Policy Guide,the definitiveresource for Group Policy information.
RE: [ActiveDir] how to access blocked site.
Oh, I keep forgetting that those places are not just in New Jersey Steve Comeau IT Manager Rutgers Athletics 83 Rockefeller Road Piscataway, NJ 08854 732-445-7802 732-445-4623 (fax) www.scarletknights.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Monday, November 13, 2006 11:00 AM To: ActiveDir.org Subject: Re: [ActiveDir] how to access blocked site. You could go home? There must be a reason why it is blocked - usually put up with it - or if it's an error get the admin to unblock it - errors often occur around places - such and sussex, middlesex or phrases that are badly punctuated. I will not give any such example here though as I am bound to cause offence no matter what I write. Regards, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Ajay Kumar [EMAIL PROTECTED] Date: Mon, 13 Nov 2006 18:48:17 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] how to access blocked site. Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi [EMAIL PROTECTED] šŠV«r¯yÊý§-Š÷Š¹šŠVœ¶+Þv*è *** This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses. The sender therefore does not accept liability for any errors or omissions in the contents of this message, which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Rutgers University - DIA, 83 Rockafeller Road, Piscataway, NJ www.scarletknights.com *** List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] how to access blocked site.
No more dubious than the person who asked how to get around his/her companies firewall proxy in the first place. As admins we can only block what we first are told from management then of course those areas that fall under our base of knowledge (security, et. al.). Hopefully with some sort of checks and balances to ensure fairness. As for China's policies? That is an argument either for foriegn state policy or one of personal conciense. As an outsider, its a tough call to make on either side. As a private corporation these rules should be listed in some sort of fair use policy including penalties, if any, if broken. I have seen these policies to be either non-existant or simply arbitrary in nature. Since we have no real idea what the site we are discussing really is, we have to err on the side of caution and assume its disallowed for a reason. Of course the poster could always plead the case for the need to access the site with the powers that be as well. I didn't see that in original posting, either. Brent Eads Employee Technology Solutions, Inc. Office: (312) 762-9224 Fax: (312) 762-9275 The contents contain privileged and/or confidential information intended for the named recipient of this email. ETSI (Employee Technology Solutions, Inc.) does not warrant that the contents of any electronically transmitted information will remain confidential. If the reader of this email is not the intended recipient you are hereby notified that any use, reproduction, disclosure or distribution of the information contained in the email in error, please reply to us immediately and delete the document. Viruses, Malware, Phishing and other known and unknown electronic threats: It is the recipient/client's duties to perform virus scans and otherwise test the information provided before loading onto any computer system. No warranty is made that this material is free from computer virus or any other defect. Any loss/damage incurred by using this material is not the sender's responsibility. Liability will be limited to resupplying the material. Message scanned by TrendMicro
[ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: M$
M$ its funny or injurious ? Neither. Just unfunny and beaten to death. But I did laugh out loud at US Chair Force when I went through this thread earlier. That's pretty funny. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adrian Teodorescu Sent: Monday 13 November 2006 12:16 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ People are boring talking about the exchange problems and start educate each other :) Keep going Let's start again: M$ its funny or injurious ? Anyone else ? A bored list reader -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Monday, November 13, 2006 4:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ It's my music drive. What I'm trying to figure out is how did everyone know about it? :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Friday, November 10, 2006 1:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Ah - now I see - that must be their back-door to access every system Windows is running on ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Lefkovics Sent: Friday, November 10, 2006 9:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ What does all this have to do with the hidden administrative share on the M: drive? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Thursday, November 09, 2006 6:17 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ You're not a fake employee, I've seen you. :-) BrettSh, too. It's that Stuart Kwan guy whose existence I'm doubting. (Come on, was that enough to inspire the rarity that is a Stuart Kwan ActiveDir post? Please? PLEASE?!?!?!?!?!?!?!?!?!?!? ;-)) On 11/9/06, Eric Fleischman [EMAIL PROTECTED] wrote: Not that I really care if people say M$ or not, but I thought I'd comment on one thing, in the name of full disclosure.. My participation on this list has __nothing__ to do with money. I don't get compensated on any level for this. Heck, I don't even work on AD anymore, so this is like 2 degrees of separation away from anything that MS compensates me for. So, is MS out to make $? Sure. Is AD part of that money-making strategy? Sure. Does that have anything to do with MS employee participation on this list? I don't think so. Others (at least those that I can recall posting here as I type this mail) on this list fall in to the same boat. A couple of them don't work on AD anymore either. Why do I hang out here? I do it because I care about customers and about AD/ADAM. It has nothing to do with my salary. It's also why I still blog about AD, answer newsgroup questions, answer internal questions (DLs, PSS, MCS, other PGs, etc.), handle direct emails from a myriad of non-MS people (some I know, some are totally out of the blue), fix code for people that ask for help, etc. I don't get paid for any of this. ~Eric Borg #145719302 Insert conspiracy theory here about how this whole mail is a lie and the man actually wrote it on behalf of the fake employee that goes by Eric Fleischman List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ:
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
I think MS may have signed them all. Dunno if that increases size. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: M$
When I was working for Uncle Sam's Flying Air Circus, *that's* what I called it - even though I was working in a hole in the ground at Minot AFB, ND. Anybody above the rank of E-5 didn't appreciate the name, but that's how it was referred to amongst the troops... Three years ago, when I was working for Space Command (as a civilian) at Diego Garcia, we called it Spacey Command. Same situation, different locale. It's all in your perspective. Anybody that objects to M$ is WAY too sensitive, in my book. But I was beaten into submission by the Military, so I'm *definitely* warped. Tempest in a Teapot, I say. Steve Egan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Cline Sent: Monday, November 13, 2006 9:52 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ M$ its funny or injurious ? Neither. Just unfunny and beaten to death. But I did laugh out loud at US Chair Force when I went through this thread earlier. That's pretty funny. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adrian Teodorescu Sent: Monday 13 November 2006 12:16 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ People are boring talking about the exchange problems and start educate each other :) Keep going Let's start again: M$ its funny or injurious ? Anyone else ? A bored list reader -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Monday, November 13, 2006 4:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ It's my music drive. What I'm trying to figure out is how did everyone know about it? :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Friday, November 10, 2006 1:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Ah - now I see - that must be their back-door to access every system Windows is running on ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Lefkovics Sent: Friday, November 10, 2006 9:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ What does all this have to do with the hidden administrative share on the M: drive? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Thursday, November 09, 2006 6:17 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ You're not a fake employee, I've seen you. :-) BrettSh, too. It's that Stuart Kwan guy whose existence I'm doubting. (Come on, was that enough to inspire the rarity that is a Stuart Kwan ActiveDir post? Please? PLEASE?!?!?!?!?!?!?!?!?!?!? ;-)) On 11/9/06, Eric Fleischman [EMAIL PROTECTED] wrote: Not that I really care if people say M$ or not, but I thought I'd comment on one thing, in the name of full disclosure.. My participation on this list has __nothing__ to do with money. I don't get compensated on any level for this. Heck, I don't even work on AD anymore, so this is like 2 degrees of separation away from anything that MS compensates me for. So, is MS out to make $? Sure. Is AD part of that money-making strategy? Sure. Does that have anything to do with MS employee participation on this list? I don't think so. Others (at least those that I can recall posting here as I type this mail) on this list fall in to the same boat. A couple of them don't work on AD anymore either. Why do I hang out here? I do it because I care about customers and about AD/ADAM. It has nothing to do with my salary. It's also why I still blog about AD, answer newsgroup questions, answer internal questions (DLs, PSS, MCS, other PGs, etc.), handle direct emails from a myriad of non-MS people (some I know, some are totally out of the blue), fix code for people that ask for help, etc. I don't get paid for any of this. ~Eric Borg #145719302 Insert conspiracy theory here about how this whole mail is a lie and the man actually wrote it on behalf of the fake employee that goes by Eric Fleischman List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ ---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE--- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding,
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
Back in my days of programming in C, if we used the C-Worthy Interface Library (CWIL), a simple three-line program would be a MINIMUM of 170K. Maybe it's because a GUI is now included, or somesuch?? Steve Egan Purcell Systems System/Network Administrator desk 509 755-0341 x110 cell 509 475-7682 fax 509 755-0345 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, November 13, 2006 10:33 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! I think MS may have signed them all. Dunno if that increases size. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: M$
Steve, I am with you there. Back in the service I served on the USS Forrestal which referred to as either the USS Zippo or USS ForestFire due to ships track record with fires on board. I was something that we did and never worried about it was a fact of life. Bob IT Guy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Egan (Temp) Sent: Monday, November 13, 2006 2:08 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ When I was working for Uncle Sam's Flying Air Circus, *that's* what I called it - even though I was working in a hole in the ground at Minot AFB, ND. Anybody above the rank of E-5 didn't appreciate the name, but that's how it was referred to amongst the troops... Three years ago, when I was working for Space Command (as a civilian) at Diego Garcia, we called it Spacey Command. Same situation, different locale. It's all in your perspective. Anybody that objects to M$ is WAY too sensitive, in my book. But I was beaten into submission by the Military, so I'm *definitely* warped. Tempest in a Teapot, I say. Steve Egan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Cline Sent: Monday, November 13, 2006 9:52 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ M$ its funny or injurious ? Neither. Just unfunny and beaten to death. But I did laugh out loud at US Chair Force when I went through this thread earlier. That's pretty funny. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adrian Teodorescu Sent: Monday 13 November 2006 12:16 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ People are boring talking about the exchange problems and start educate each other :) Keep going Let's start again: M$ its funny or injurious ? Anyone else ? A bored list reader -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Monday, November 13, 2006 4:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ It's my music drive. What I'm trying to figure out is how did everyone know about it? :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Friday, November 10, 2006 1:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Ah - now I see - that must be their back-door to access every system Windows is running on ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Lefkovics Sent: Friday, November 10, 2006 9:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ What does all this have to do with the hidden administrative share on the M: drive? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Thursday, November 09, 2006 6:17 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ You're not a fake employee, I've seen you. :-) BrettSh, too. It's that Stuart Kwan guy whose existence I'm doubting. (Come on, was that enough to inspire the rarity that is a Stuart Kwan ActiveDir post? Please? PLEASE?!?!?!?!?!?!?!?!?!?!? ;-)) On 11/9/06, Eric Fleischman [EMAIL PROTECTED] wrote: Not that I really care if people say M$ or not, but I thought I'd comment on one thing, in the name of full disclosure.. My participation on this list has __nothing__ to do with money. I don't get compensated on any level for this. Heck, I don't even work on AD anymore, so this is like 2 degrees of separation away from anything that MS compensates me for. So, is MS out to make $? Sure. Is AD part of that money-making strategy? Sure. Does that have anything to do with MS employee participation on this list? I don't think so. Others (at least those that I can recall posting here as I type this mail) on this list fall in to the same boat. A couple of them don't work on AD anymore either. Why do I hang out here? I do it because I care about customers and about AD/ADAM. It has nothing to do with my salary. It's also why I still blog about AD, answer newsgroup questions, answer internal questions (DLs, PSS, MCS, other PGs, etc.), handle direct emails from a myriad of non-MS people (some I know, some are totally out of the blue), fix code for people that ask for help, etc. I don't get paid for any of this. ~Eric Borg #145719302 Insert conspiracy theory here about how this whole mail is a lie and the man actually wrote it on behalf of the fake employee that goes by Eric Fleischman List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ:
RE: [ActiveDir] OT: M$
I know a lot of Softies and my take on it is that none of the Softies I know would get mad about it, none of them especially like it either. Sort of like if somebody you didn't know called you Stevie (unless you like that I guess). It seems a little childish but it mostly demeans the person saying it, in my opinion. I think most of the Softies just roll their eyes and ignore it. My $.02, keep the change. Ben M. Schorr Chief Executive Officer __ Roland Schorr Tower www.rolandschorr.com [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Egan (Temp) Sent: Monday, November 13, 2006 9:08 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ When I was working for Uncle Sam's Flying Air Circus, *that's* what I called it - even though I was working in a hole in the ground at Minot AFB, ND. Anybody above the rank of E-5 didn't appreciate the name, but that's how it was referred to amongst the troops... Three years ago, when I was working for Space Command (as a civilian) at Diego Garcia, we called it Spacey Command. Same situation, different locale. It's all in your perspective. Anybody that objects to M$ is WAY too sensitive, in my book. But I was beaten into submission by the Military, so I'm *definitely* warped. Tempest in a Teapot, I say. Steve Egan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Cline Sent: Monday, November 13, 2006 9:52 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ M$ its funny or injurious ? Neither. Just unfunny and beaten to death. But I did laugh out loud at US Chair Force when I went through this thread earlier. That's pretty funny. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Adrian Teodorescu Sent: Monday 13 November 2006 12:16 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ People are boring talking about the exchange problems and start educate each other :) Keep going Let's start again: M$ its funny or injurious ? Anyone else ? A bored list reader -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn Sent: Monday, November 13, 2006 4:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ It's my music drive. What I'm trying to figure out is how did everyone know about it? :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Friday, November 10, 2006 1:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ Ah - now I see - that must be their back-door to access every system Windows is running on ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Lefkovics Sent: Friday, November 10, 2006 9:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: M$ What does all this have to do with the hidden administrative share on the M: drive? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Thursday, November 09, 2006 6:17 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: M$ You're not a fake employee, I've seen you. :-) BrettSh, too. It's that Stuart Kwan guy whose existence I'm doubting. (Come on, was that enough to inspire the rarity that is a Stuart Kwan ActiveDir post? Please? PLEASE?!?!?!?!?!?!?!?!?!?!? ;-)) On 11/9/06, Eric Fleischman [EMAIL PROTECTED] wrote: Not that I really care if people say M$ or not, but I thought I'd comment on one thing, in the name of full disclosure.. My participation on this list has __nothing__ to do with money. I don't get compensated on any level for this. Heck, I don't even work on AD anymore, so this is like 2 degrees of separation away from anything that MS compensates me for. So, is MS out to make $? Sure. Is AD part of that money-making strategy? Sure. Does that have anything to do with MS employee participation on this list? I don't think so. Others (at least those that I can recall posting here as I type this mail) on this list fall in to the same boat. A couple of them don't work on AD anymore either. Why do I hang out here? I do it because I care about customers and about AD/ADAM. It has nothing to do with my salary. It's also why I still blog about AD, answer newsgroup questions, answer internal questions (DLs, PSS, MCS, other PGs, etc.), handle direct emails from a myriad of non-MS people (some I know, some are totally out of the blue), fix code for people that ask for help, etc. I don't get paid for any of this. ~Eric Borg #145719302 Insert conspiracy theory here about how this whole mail is a lie and the man actually wrote it on behalf of the fake employee that goes by Eric Fleischman
RE: [ActiveDir] Help with Replication Mess
Thanks to all for the tips. All the demotions and promotions seem to have worked. AD replication is a bit like the weather in Wyoming: if you dont like it, wait 15 minutes. Sure enough after a while, things cleared up. I simply deleted the phantoms in the GUI and they have stayed away. Thanks again. -- nme From: Almeida Pinto, Jorge de [mailto:[EMAIL PROTECTED] Sent: Sunday, November 12, 2006 4:45 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Help with Replication Mess point DCB1 to another DNS server and see what happens cheers, jorge From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah Eiger Sent: Friday, November 10, 2006 21:40 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Help with Replication Mess Hi - I am trying to sort out a long-standing replication mess. The configuration is three sites (W2k3 FL as per earlier email) connected over T1 lines in series (A-B-C). The layout is: Site A: - DCA1 (bridgehead) - DCA2 Site B: - DCB1 (self for DNS) - DCB2 (bridgehead; DCA1 for DNS) - DCB3 (DCA1 DCA2 for DNS) Site C: - DCC1 (bridgehead) There are two IP site links with equal cost: A-B and A-C. Site B is the problem. The event logs of DCB1 are filled with KCC and FRS errors. Also, depending on where you point your Sites and Services tool, you get different information about what DC is in what Site as well as phantom objects (such as the same DC in two sites, long demoted DCs lingering, dead sites still present). The goal for the weekend is to remove DCB1 and DCB2, leaving only DCB3. But, I am concerned that replication is not working correctly and that demoting them improperly will lead to bigger problems. What is the best way to go about cleaning this up? The DCs in Site A and C are fine. Can I just pull replication data from there? Thanks. -- nme -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.13.32/523 - Release Date: 11/7/2006 This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.13.32/523 - Release Date: 11/7/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.409 / Virus Database: 268.13.32/523 - Release Date: 11/7/2006
RE: [ActiveDir] Timeout period on object moves?
Can you explain the steps you've taken? Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address From: [EMAIL PROTECTED] on behalf of Darren Mar-Elia Sent: Mon 2006-11-13 18:23 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Timeout period on object moves? All- I'm trying to track down some interesting behavior in GP processing. I am wondering how AD deals with object moves. Specifically, I am moving a computer object around between OUs and it appears that the computer itself is not picking up every move during GP processing as I would expect. I don't see where the behavior could be coming from on the client side (I even deleted the value in the registry where GP stores the DN of the object) and so I'm wondering if AD is doing something here when it returns the results of the LDAP query that the client does during GP processing to determine its location in AD. Its almost as if AD is caching the previous location of the object to dampen excessive object moves. Sounds weird but I'm wondering if anyone has an explanation to this? Darren Darren Mar-Elia For comprehensive Windows Group Policy Information, check out www.gpoguy.com http://www.gpoguy.com/ -- the best source for GPO FAQs, video training, tools and whitepapers. Also check out the Windows Group Policy Guide http://www.amazon.com/gp/product/0735622175/qid=1122367169/sr=8-1/ref=pd_bbs_1/104-1133146-9411929?v=glancen=283155 , the definitive resource for Group Policy information. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. winmail.dat
Re: [ActiveDir] how to access blocked site.
He didn't ask from behind the Government controlled firewall in China he said from an Office. :-) I'm assuming there's a reasonable tinfoily admin there. And you know.. you can always ask if you want a site unblocked that you think has a reasonable 'business' need? Most of the time we're reasonable people that if you tell us a business need for something, we'll enable it. I was more referring to the statement of does he work on my network. In a bizarre way.. all of us work on each others networks. Your patch policy of your servers, if they are Internet web facing servers, affects little ol' me. My XP workstations are my front line... and where they surf and what happens when they do impacts me. The Future of Secure Access : The perimeter isn't what it used to be: http://blogs.technet.com/futuresecurity/archive/2006/11/12/the-perimeter-isn-t-what-it-used-to-be.aspx (true story... I set up firewall blocking with a error page that would indicate that the person in the office was busted and to test it out I put Victoria's Secret.com on there then added the additional 'banned' pages and then forgot that I left that banned site on... around Valentine's of the following year I was asked why I considered that page inappropriate. Oops. :-) So I re-enabled it. We're an open org here.. the sites I ban are those I've had issues with... myspace.com for example... when a Secretary abused her Internet access inside a firm if there are sites being bannedtypically there's a reason. If you think you have a business justification for a web site, ask. If you are in China or insert Country of your choice, that's a tougher call but if he was I'd strongly recommend that he not ask about it on a public listserve that could be easily found later. Darren Mar-Elia wrote: Hmm. That's a dubious stretch. Does that mean all those folks in China that find ways to bypass their government-controlled proxy are endangering us all and should be stopped? There may be lots of legitimate reasons why someone needs to do this. I don't think it should be assumed that suddenly we are all at risk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 8:29 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ:
RE: [ActiveDir] [OT] how to access blocked site.
I have to agree with Darren. I am not too worried what this person can do to me... However from the standpoint of the user and his company he is trying to assume risk that he doesn't have authority to assume (or else he wouldn't have to post...). Its not wrong to ask, but certainly it would be wrong to use anything in his office or on his PC or any corporate resource that he found. He is directly risking the corporate PC he is using as well as the internal corporate network. It is almost certainly against any employment agreement he has and likely grounds for immediate termination. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Monday, November 13, 2006 11:59 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] how to access blocked site. Hmm. That's a dubious stretch. Does that mean all those folks in China that find ways to bypass their government-controlled proxy are endangering us all and should be stopped? There may be lots of legitimate reasons why someone needs to do this. I don't think it should be assumed that suddenly we are all at risk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 8:29 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked site. which can work well. Thanks Regards, Ajay pardeshi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
We had to compile in bbisw.lib (Big Brother Is Watching). You might think that's against your rights, but you signged them away when you accepted the 5k larger eula.txt below (which you didn't read). Cheers, BrettSh [EMAIL PROTECTED] -- I've decided its funny when I use it. Just b/c I know this kind of thing can go rabbidly out of control, _YES, I WAS KIDDING._ On Mon, 13 Nov 2006, Steve Egan (Temp) wrote: Back in my days of programming in C, if we used the C-Worthy Interface Library (CWIL), a simple three-line program would be a MINIMUM of 170K. Maybe it's because a GUI is now included, or somesuch?? Steve Egan Purcell Systems System/Network Administrator desk 509 755-0341 x110 cell 509 475-7682 fax 509 755-0345 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, November 13, 2006 10:33 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! I think MS may have signed them all. Dunno if that increases size. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
I would think in part it has to be the new GUI EULA that pops up and the code they use to update the registry of acceptance of said EULA. From: [EMAIL PROTECTED] on behalf of Javier Jarava Sent: Mon 11/13/2006 9:46 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ winmail.dat
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
Could be various things of which most would probably be a little difficult to ascertain. Compiler versions can certainly cause deltas, as well as individual switches in a compiler. For instance, if I use Borland Builder 6.0 to compile something and then use Borland Developer Studio (Basiclaly Borland Builder 7.0) I will see a reduction usually of about 10-40% in binary size. However, if I select certain switches (primarily things like inline function expansion while using STL code), the BDS compile can grow from 50-300% and probably more, 300% is about the most I have seen. It is likely that MSFT would compile the tools with something different than Mark would have and use. From the times I have looked at Mark's source, I am pretty sure he just used the standard Visual Studio product that was current for the time. I won't speak for MSFT on what they definitively use, but they are not sitting there using VS to build release code. Other possibilities are additional PE options like manifests, code signing, x64 compiles, as mentioned above a variety of compiler/linker options (set through switches or different interpretations of pragmas), using different libraries for standard functions (i.e. not everyone implements cout or printf identically), and of course there are things like changes to the code to reflect internal MSFT programming guidelines like changing how strings are handled, etc. There obviously tin foil hat things that it could be as well but there are so many non-devious things it could be it would be quite a while before I started thinking something devious was occurring. I wouldn't be surprised if no one there even knows the bloat occurred or why. I am sure someone there could figure it out if they wanted to though. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] Timeout period on object moves?
I moved a computer account from OU A to OU B, then fired up gpupdate on that computer. Sure enough, it found the new OU and calculated GP accordingly. Then I moved it back to OU A. On this final move, after issuing both a gpupdate and gpupdate /force, the workstation failed to find its new OU. I could see in userenv.log that it was still referring to its DN at the OU B location. Strangely, sometime after that, on a background refresh of GP, the new OU (A) was seen. _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Monday, November 13, 2006 12:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Timeout period on object moves? Can you explain the steps you've taken? Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address _ From: [EMAIL PROTECTED] on behalf of Darren Mar-Elia Sent: Mon 2006-11-13 18:23 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Timeout period on object moves? All- I'm trying to track down some interesting behavior in GP processing. I am wondering how AD deals with object moves. Specifically, I am moving a computer object around between OUs and it appears that the computer itself is not picking up every move during GP processing as I would expect. I don't see where the behavior could be coming from on the client side (I even deleted the value in the registry where GP stores the DN of the object) and so I'm wondering if AD is doing something here when it returns the results of the LDAP query that the client does during GP processing to determine its location in AD. Its almost as if AD is caching the previous location of the object to dampen excessive object moves. Sounds weird but I'm wondering if anyone has an explanation to this? Darren Darren Mar-Elia For comprehensive Windows Group Policy Information, check out www.gpoguy.com http://www.gpoguy.com/ -- the best source for GPO FAQs, video training, tools and whitepapers. Also check out the Windows http://www.amazon.com/gp/product/0735622175/qid=1122367169/sr=8-1/ref=pd_bb s_1/104-1133146-9411929?v=glancen=283155 Group Policy Guide, the definitive resource for Group Policy information. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. attachment: winmail.dat
RE: [ActiveDir] [OT] how to access blocked site.
We don't know that. He could be an admin that is trying to figure out how his users are getting past his blocking system. There did seem to be a language issue in his original post. -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of joe However from the standpoint of the user and his company he is trying to assume risk that he doesn't have authority to assume (or else he wouldn't have to post List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
Re: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
You're right. It is funnier when you use it. On 11/13/06, Brett Shirley [EMAIL PROTECTED] wrote:We had to compile in bbisw.lib (Big Brother Is Watching).You might think that's against your rights, but you signged them away when you acceptedthe 5k larger eula.txt below (which you didn't read).Cheers,BrettSh [EMAIL PROTECTED] -- I've decided its funny when I use it.Just b/c I know this kind of thing can go rabbidly out of control, _YES, I WAS KIDDING._On Mon, 13 Nov 2006, Steve Egan (Temp) wrote: Back in my days of programming in C, if we used the C-Worthy Interface Library (CWIL), a simple three-line program would be a MINIMUM of 170K. Maybe it's because a GUI is now included, or somesuch?? Steve Egan Purcell Systems System/Network Administrator desk 509 755-0341 x110 cell 509 475-7682 fax 509 755-0345 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ] On Behalf Of Brian Desmond Sent: Monday, November 13, 2006 10:33 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! I think MS may have signed them all. Dunno if that increases size. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto: ActiveDir- [EMAIL PROTECTED]] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive:SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 12288020/03/06 16:19 psshutdown.exe 9420802/08/05 11:14 pskill.exe 6553630/03/06 10:05 psloglist.exe 4915227/03/06 13:07 psloggedon.exe 10649621/07/05 10:22 psgetsid.exe 14670426/07/00 12:00 pdh.dll 5734406/04/06 14:52 psservice.exe 5324830/12/05 03:15 psfile.exe 13516811/07/06 09:00 psexec.exe 6378608/07/06 11:10 Pstools.chm 13516813/12/05 09:51 Psinfo.exe 10649607/11/03 14:42 pssuspend.exe 8601601/12/04 17:27 pslist.exe 5734416/05/04 08:36 pspasswd.exe 196911/02/06 09:22 Eula.txt 3910/07/06 13:58 version.txt --- 1281554 16 files Archive:SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 41247201/11/06 13:07 psexec.exe 16671201/11/06 13:06 psfile.exe 32236001/11/06 13:07 psgetsid.exe 42885601/11/06 13:07 Psinfo.exe 31826401/11/06 13:07 pskill.exe 19128801/11/06 13:06 pslist.exe 16261601/11/06 13:06 psloggedon.exe 18719201/11/06 13:06 psloglist.exe 17080801/11/06 13:06 pspasswd.exe 1791/11/06 13:06 psservice.exe 40428001/11/06 13:07 psshutdown.exe 37560801/11/06 13:07 pssuspend.exe 6378608/07/06 11:10 Pstools.chm 3815/10/06 16:32 psversion.txt 15367201/11/06 13:05 pdh.dll 700528/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] how to access blocked site.
Hey, it *could* be an office in China :) In any case, I think you're fighting a losing battle protecting yourself by attempting to control or expecting good behavior from others-- others being defined as people who don't work for/with you. They will always find the information or the means elsewhere if you don't help them. I'm familiar with the notion that the traditional DMZ firewall is going the way of the dodo, but reality is that it is still the main way we protect ourselves from *external* behavior. There's no doubt that internal behavior has become more risky, hence the need for islands of isolation internally, but I still think the reality of someone else's *external* behavior somehow affecting all of us (in the absence of our own stupid behavior, that is) is the exception rather than the rule. In any case, I approach security based on the fact that I can only control what I have control of, and everyone else is implicitly evil (strictly from a security perspective, of course :-)). Darren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 12:29 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He didn't ask from behind the Government controlled firewall in China he said from an Office. :-) I'm assuming there's a reasonable tinfoily admin there. And you know.. you can always ask if you want a site unblocked that you think has a reasonable 'business' need? Most of the time we're reasonable people that if you tell us a business need for something, we'll enable it. I was more referring to the statement of does he work on my network. In a bizarre way.. all of us work on each others networks. Your patch policy of your servers, if they are Internet web facing servers, affects little ol' me. My XP workstations are my front line... and where they surf and what happens when they do impacts me. The Future of Secure Access : The perimeter isn't what it used to be: http://blogs.technet.com/futuresecurity/archive/2006/11/12/the-perimeter-isn -t-what-it-used-to-be.aspx (true story... I set up firewall blocking with a error page that would indicate that the person in the office was busted and to test it out I put Victoria's Secret.com on there then added the additional 'banned' pages and then forgot that I left that banned site on... around Valentine's of the following year I was asked why I considered that page inappropriate. Oops. :-) So I re-enabled it. We're an open org here.. the sites I ban are those I've had issues with... myspace.com for example... when a Secretary abused her Internet access inside a firm if there are sites being bannedtypically there's a reason. If you think you have a business justification for a web site, ask. If you are in China or insert Country of your choice, that's a tougher call but if he was I'd strongly recommend that he not ask about it on a public listserve that could be easily found later. Darren Mar-Elia wrote: Hmm. That's a dubious stretch. Does that mean all those folks in China that find ways to bypass their government-controlled proxy are endangering us all and should be stopped? There may be lots of legitimate reasons why someone needs to do this. I don't think it should be assumed that suddenly we are all at risk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 8:29 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a firm. There's a reason us annoying admins block this stuff. Introduce risks at home please, and not on my watch, okay? Ajay Kumar wrote: Hi all, It could be wrong question but I want to know about how to acess the restricted or blocked site, which is access denied from office. I know some tools work like K-PROXY, but it woks on some internet site. So please suggest me how to access blocked
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
Better question ... is there an accept switch to use? If you try a tool in a loop against a set of servers, it prompts for every one of them... :m:dsm:cci:mvp | marcusoh.blogspot.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley Sent: Monday, November 13, 2006 4:05 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! We had to compile in bbisw.lib (Big Brother Is Watching). You might think that's against your rights, but you signged them away when you accepted the 5k larger eula.txt below (which you didn't read). Cheers, BrettSh [EMAIL PROTECTED] -- I've decided its funny when I use it. Just b/c I know this kind of thing can go rabbidly out of control, _YES, I WAS KIDDING._ On Mon, 13 Nov 2006, Steve Egan (Temp) wrote: Back in my days of programming in C, if we used the C-Worthy Interface Library (CWIL), a simple three-line program would be a MINIMUM of 170K. Maybe it's because a GUI is now included, or somesuch?? Steve Egan Purcell Systems System/Network Administrator desk 509 755-0341 x110 cell 509 475-7682 fax 509 755-0345 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, November 13, 2006 10:33 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! I think MS may have signed them all. Dunno if that increases size. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ:
RE: [ActiveDir] Timeout period on object moves?
Hey Darren, I have looked at some of the source for GPO processing and while I don't recall any client side caching, I wouldn't be surprised to hear it had it. Certainly there is nothing on the AD side that I have seen that could ever make me think a specially formed query for GPOs was responded to in a special way and the code I did see didn't build a special query, it just sent a simple query. I would validate by using wireshark or some other sniffer type tool or Insight for AD to watch the actual LDAP queries generated. I expect you will see that when it is not updating, the client isn't even querying AD. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Monday, November 13, 2006 4:23 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Timeout period on object moves? I moved a computer account from OU A to OU B, then fired up gpupdate on that computer. Sure enough, it found the new OU and calculated GP accordingly. Then I moved it back to OU A. On this final move, after issuing both a gpupdate and gpupdate /force, the workstation failed to find its new OU. I could see in userenv.log that it was still referring to its DN at the OU B location. Strangely, sometime after that, on a background refresh of GP, the new OU (A) was seen. _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Monday, November 13, 2006 12:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Timeout period on object moves? Can you explain the steps you've taken? Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address _ From: [EMAIL PROTECTED] on behalf of Darren Mar-Elia Sent: Mon 2006-11-13 18:23 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Timeout period on object moves? All- I'm trying to track down some interesting behavior in GP processing. I am wondering how AD deals with object moves. Specifically, I am moving a computer object around between OUs and it appears that the computer itself is not picking up every move during GP processing as I would expect. I don't see where the behavior could be coming from on the client side (I even deleted the value in the registry where GP stores the DN of the object) and so I'm wondering if AD is doing something here when it returns the results of the LDAP query that the client does during GP processing to determine its location in AD. Its almost as if AD is caching the previous location of the object to dampen excessive object moves. Sounds weird but I'm wondering if anyone has an explanation to this? Darren Darren Mar-Elia For comprehensive Windows Group Policy Information, check out www.gpoguy.com http://www.gpoguy.com/ -- the best source for GPO FAQs, video training, tools and whitepapers. Also check out the Windows http://www.amazon.com/gp/product/0735622175/qid=1122367169/sr=8-1/ref=pd_bb s_1/104-1133146-9411929?v=glancen=283155 Group Policy Guide, the definitive resource for Group Policy information. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. attachment: winmail.dat
RE: [ActiveDir] [OT] how to access blocked site.
Definitely a possibility I considered when I saw the post though I would have expected different phrasing like My *%^#% users are getting past my proxy rules, how are they doing it ;o) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kennedy, Jim Sent: Monday, November 13, 2006 4:30 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] [OT] how to access blocked site. We don't know that. He could be an admin that is trying to figure out how his users are getting past his blocking system. There did seem to be a language issue in his original post. -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of joe However from the standpoint of the user and his company he is trying to assume risk that he doesn't have authority to assume (or else he wouldn't have to post List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
Re: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
Brett Shirley wrote: Just b/c I know this kind of thing can go rabbidly out of control, _YES, I WAS KIDDING._ You're kidding :) -- Tomasz Onyszko http://www.w2k.pl/ - (PL) http://blogs.dirteam.com/blogs/tomek/ - (EN) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
Which tool and what is the prompt? One thing I've done in the past, when asked for 'y' or 'n', is simply do this: Command | echo y -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, November 13, 2006 2:04 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Better question ... is there an accept switch to use? If you try a tool in a loop against a set of servers, it prompts for every one of them... :m:dsm:cci:mvp | marcusoh.blogspot.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley Sent: Monday, November 13, 2006 4:05 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! We had to compile in bbisw.lib (Big Brother Is Watching). You might think that's against your rights, but you signged them away when you accepted the 5k larger eula.txt below (which you didn't read). Cheers, BrettSh [EMAIL PROTECTED] -- I've decided its funny when I use it. Just b/c I know this kind of thing can go rabbidly out of control, _YES, I WAS KIDDING._ On Mon, 13 Nov 2006, Steve Egan (Temp) wrote: Back in my days of programming in C, if we used the C-Worthy Interface Library (CWIL), a simple three-line program would be a MINIMUM of 170K. Maybe it's because a GUI is now included, or somesuch?? Steve Egan Purcell Systems System/Network Administrator desk 509 755-0341 x110 cell 509 475-7682 fax 509 755-0345 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, November 13, 2006 10:33 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! I think MS may have signed them all. Dunno if that increases size. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe 1969 11/02/06 09:22 Eula.txt 39 10/07/06 13:58 version.txt --- 1281554 16 files Archive: SYSINTERNALS PsTools v2.4 -20061101- PsTools.zip Length Date TimeName 412472 01/11/06 13:07 psexec.exe 166712 01/11/06 13:06 psfile.exe 322360 01/11/06 13:07 psgetsid.exe 428856 01/11/06 13:07 Psinfo.exe 318264 01/11/06 13:07 pskill.exe 191288 01/11/06 13:06 pslist.exe 162616 01/11/06 13:06 psloggedon.exe 187192 01/11/06 13:06 psloglist.exe 170808 01/11/06 13:06 pspasswd.exe 179000 01/11/06 13:06 psservice.exe 404280 01/11/06 13:07 psshutdown.exe 375608 01/11/06 13:07 pssuspend.exe 63786 08/07/06 11:10 Pstools.chm 38 15/10/06 16:32 psversion.txt 153672 01/11/06 13:05 pdh.dll 7005 28/07/06 08:32 Eula.txt --- 3543957 16 files Just wondering outloud what is the reason for the size change. Different compiler, maybe? Thanks a lot for your time in reading thus far. Javier Jarava List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info
Re: [ActiveDir] [OT] how to access blocked site.
Contradicting my earlier post - One of the most interesting ways I have seen to access websites is via google and it's cache - its amazing what is holds and all on a google URL! Regards, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Darren Mar-Elia [EMAIL PROTECTED] Date: Mon, 13 Nov 2006 13:48:05 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] how to access blocked site. Hey, it *could* be an office in China :) In any case, I think you're fighting a losing battle protecting yourself by attempting to control or expecting good behavior from others-- others being defined as people who don't work for/with you. They will always find the information or the means elsewhere if you don't help them. I'm familiar with the notion that the traditional DMZ firewall is going the way of the dodo, but reality is that it is still the main way we protect ourselves from *external* behavior. There's no doubt that internal behavior has become more risky, hence the need for islands of isolation internally, but I still think the reality of someone else's *external* behavior somehow affecting all of us (in the absence of our own stupid behavior, that is) is the exception rather than the rule. In any case, I approach security based on the fact that I can only control what I have control of, and everyone else is implicitly evil (strictly from a security perspective, of course :-)). Darren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 12:29 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He didn't ask from behind the Government controlled firewall in China he said from an Office. :-) I'm assuming there's a reasonable tinfoily admin there. And you know.. you can always ask if you want a site unblocked that you think has a reasonable 'business' need? Most of the time we're reasonable people that if you tell us a business need for something, we'll enable it. I was more referring to the statement of does he work on my network. In a bizarre way.. all of us work on each others networks. Your patch policy of your servers, if they are Internet web facing servers, affects little ol' me. My XP workstations are my front line... and where they surf and what happens when they do impacts me. The Future of Secure Access : The perimeter isn't what it used to be: http://blogs.technet.com/futuresecurity/archive/2006/11/12/the-perimeter-isn -t-what-it-used-to-be.aspx (true story... I set up firewall blocking with a error page that would indicate that the person in the office was busted and to test it out I put Victoria's Secret.com on there then added the additional 'banned' pages and then forgot that I left that banned site on... around Valentine's of the following year I was asked why I considered that page inappropriate. Oops. :-) So I re-enabled it. We're an open org here.. the sites I ban are those I've had issues with... myspace.com for example... when a Secretary abused her Internet access inside a firm if there are sites being bannedtypically there's a reason. If you think you have a business justification for a web site, ask. If you are in China or insert Country of your choice, that's a tougher call but if he was I'd strongly recommend that he not ask about it on a public listserve that could be easily found later. Darren Mar-Elia wrote: Hmm. That's a dubious stretch. Does that mean all those folks in China that find ways to bypass their government-controlled proxy are endangering us all and should be stopped? There may be lots of legitimate reasons why someone needs to do this. I don't think it should be assumed that suddenly we are all at risk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 8:29 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a
Re: [ActiveDir] [OT] how to access blocked site.
Contradicting my earlier post - One of the most interesting ways I have seen to access websites is via google and it's cache - its amazing what is holds and all on a google URL! Regards, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Darren Mar-Elia [EMAIL PROTECTED] Date: Mon, 13 Nov 2006 13:48:05 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] how to access blocked site. Hey, it *could* be an office in China :) In any case, I think you're fighting a losing battle protecting yourself by attempting to control or expecting good behavior from others-- others being defined as people who don't work for/with you. They will always find the information or the means elsewhere if you don't help them. I'm familiar with the notion that the traditional DMZ firewall is going the way of the dodo, but reality is that it is still the main way we protect ourselves from *external* behavior. There's no doubt that internal behavior has become more risky, hence the need for islands of isolation internally, but I still think the reality of someone else's *external* behavior somehow affecting all of us (in the absence of our own stupid behavior, that is) is the exception rather than the rule. In any case, I approach security based on the fact that I can only control what I have control of, and everyone else is implicitly evil (strictly from a security perspective, of course :-)). Darren -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 12:29 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He didn't ask from behind the Government controlled firewall in China he said from an Office. :-) I'm assuming there's a reasonable tinfoily admin there. And you know.. you can always ask if you want a site unblocked that you think has a reasonable 'business' need? Most of the time we're reasonable people that if you tell us a business need for something, we'll enable it. I was more referring to the statement of does he work on my network. In a bizarre way.. all of us work on each others networks. Your patch policy of your servers, if they are Internet web facing servers, affects little ol' me. My XP workstations are my front line... and where they surf and what happens when they do impacts me. The Future of Secure Access : The perimeter isn't what it used to be: http://blogs.technet.com/futuresecurity/archive/2006/11/12/the-perimeter-isn -t-what-it-used-to-be.aspx (true story... I set up firewall blocking with a error page that would indicate that the person in the office was busted and to test it out I put Victoria's Secret.com on there then added the additional 'banned' pages and then forgot that I left that banned site on... around Valentine's of the following year I was asked why I considered that page inappropriate. Oops. :-) So I re-enabled it. We're an open org here.. the sites I ban are those I've had issues with... myspace.com for example... when a Secretary abused her Internet access inside a firm if there are sites being bannedtypically there's a reason. If you think you have a business justification for a web site, ask. If you are in China or insert Country of your choice, that's a tougher call but if he was I'd strongly recommend that he not ask about it on a public listserve that could be easily found later. Darren Mar-Elia wrote: Hmm. That's a dubious stretch. Does that mean all those folks in China that find ways to bypass their government-controlled proxy are endangering us all and should be stopped? There may be lots of legitimate reasons why someone needs to do this. I don't think it should be assumed that suddenly we are all at risk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 8:29 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. He's on the Internet isn't he? If he infects/nails his firm, his firm in turn could be a bot that attacks us all, right? We're truly all on the same 'party line' here. We all share the Internet, so yeah... we all have the responsibility of doing what we can to keep the bad guys from turning us into bad guys. Ramon Linan wrote: LOL, Susan does he really work in your office? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Monday, November 13, 2006 9:50 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] how to access blocked site. As an admin here You do know I could fire your assets if you do this at my office? You are introducing risks that as an employee, you don't have the right to do at a
RE: [ActiveDir] Timeout period on object moves?
Thanks Joe. I suspect you're right, though I'm not sure where/why it would be cached. I did fire up Insight for AD and didn't specifically see the query I would have expected, so I guess it is being cached--strange part is that it seemed to pick up the change right away the first time I moved the object. Maybe just dumb luck. In any case, thanks for confirming that it is not something server-side. Didn't make sense. _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, November 13, 2006 2:23 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Timeout period on object moves? Hey Darren, I have looked at some of the source for GPO processing and while I don't recall any client side caching, I wouldn't be surprised to hear it had it. Certainly there is nothing on the AD side that I have seen that could ever make me think a specially formed query for GPOs was responded to in a special way and the code I did see didn't build a special query, it just sent a simple query. I would validate by using wireshark or some other sniffer type tool or Insight for AD to watch the actual LDAP queries generated. I expect you will see that when it is not updating, the client isn't even querying AD. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Monday, November 13, 2006 4:23 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Timeout period on object moves? I moved a computer account from OU A to OU B, then fired up gpupdate on that computer. Sure enough, it found the new OU and calculated GP accordingly. Then I moved it back to OU A. On this final move, after issuing both a gpupdate and gpupdate /force, the workstation failed to find its new OU. I could see in userenv.log that it was still referring to its DN at the OU B location. Strangely, sometime after that, on a background refresh of GP, the new OU (A) was seen. _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Monday, November 13, 2006 12:27 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Timeout period on object moves? Can you explain the steps you've taken? Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address _ From: [EMAIL PROTECTED] on behalf of Darren Mar-Elia Sent: Mon 2006-11-13 18:23 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Timeout period on object moves? All- I'm trying to track down some interesting behavior in GP processing. I am wondering how AD deals with object moves. Specifically, I am moving a computer object around between OUs and it appears that the computer itself is not picking up every move during GP processing as I would expect. I don't see where the behavior could be coming from on the client side (I even deleted the value in the registry where GP stores the DN of the object) and so I'm wondering if AD is doing something here when it returns the results of the LDAP query that the client does during GP processing to determine its location in AD. Its almost as if AD is caching the previous location of the object to dampen excessive object moves. Sounds weird but I'm wondering if anyone has an explanation to this? Darren Darren Mar-Elia For comprehensive Windows Group Policy Information, check out www.gpoguy.com http://www.gpoguy.com/ -- the best source for GPO FAQs, video training, tools and whitepapers. Also check out the Windows http://www.amazon.com/gp/product/0735622175/qid=1122367169/sr=8-1/ref=pd_bb s_1/104-1133146-9411929?v=glancen=283155 Group Policy Guide, the definitive resource for Group Policy information. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. attachment: winmail.dat
RE: [ActiveDir] OT: M$
Disclaimer #1: "You" in the below refers to a generic "you", not a specific person. Disclaimer #2: My opinions are in no way intended to represent those of my employer. They're my own, and they were my opinions long before I became a Microsoft employee. That said... You know what I find amazing here? It has been clearly expressed that there *are* people who find the term irritating (and I assure you, I'm not the only one; I'm just the only one who states it publicly), yet you're still arguing that because *you* think it's funny, it's therefore okay to use it. Please explain this logic to me. Ifyou meet somebody who asks you not to call him "Tiny" because he hates the nickname, do you make a point to call him "Tiny"? If you do, then you have some serious personal issues. If you don't do that, then why do you think it's okay to continue to justify using a name on a Microsoft-centric list that is populated by Microsoft-centric people that you've been told *is* offensive to some of those people? This isn't about political correctness and it isn't about different senses of humor. It's about somebody having stated flat-out that the "M$" term is offensive to her (and, again, to a lot more people than you realize) and you continuing to assert that it's just fine for you to use it. Some people might consider that incredibly childish and ignorant. Did it never occur to you simply to not use or defend the use ofthe term, regardless of whether you think I'm oversensitive about it? It certainly occurred to the person who originally posted it to stop using the term, and he didn't have to have an argument that boils down to "I think it's funny, so you need to just get over it" before stating that he wouldn't continue to use the term. I found that very adult of him. I don't, however, find it particularly adult to continue to defend the use of a tasteless, inaccurate, slighting moniker because *you* think it's "funny". Most Microsoft employees are not nearly as well-paid as the public seems to think, and yet, the VAST majority of them contribute their own time and money to charitable organizations. I can give you statistics if you like; Microsoft is actually first in terms of per-capita employee philanthropy. The insistence upon referring to the company as "M$" displays a tremendous amount of ignorance and rudeness to those employees, IMO. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 8:44 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Exactly, is exactly right. You cant impose your own humor preferences on someone because you consider it unfunny. You just dont laugh. You can't stop bad jokes, because someone, somewhere is laughing at them. Just not you. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: Monday, November 13, 2006 8:20 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Exactly. M$ just isn't funny. Borg, kool-aid, those are funny. M$ isn't. Go figure. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 7:46 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Useless Air Farce would not be found funny because its just that, not funny. Funnier is US Chair Force. Thats funny, and people here laugh at it all the time. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 7:32 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ ;oP Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: 13 November 2006 12:16To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ There's a reason for the "OT" portion of the subject line, you know. ;-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 6:42 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Can we kill this thread now, please? Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440 331 F: +44 (0) 8456 440 332 M: +44 (0) 7974 249 494 E: [EMAIL PROTECTED] W: www.quostar.com
RE: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy!
I started a mail thread on this internally, and BOY was I wrong, apparently bbisw.lib is only like 3k, so couldn't possibly explain the bloat! They pretty much know what bloated the binaries, and said they'll blog something about it in the next few days or so on the sysinternals blog ... though someone's guess below was pretty close according to initial analysis ... But you don't have to wait for it, feel free to propogate your favorite conspiracy theories in the meantime ... Cheers, BrettSh This posting is provided AS IS with no warranties, and confers no rights. On Mon, 13 Nov 2006, Brian Desmond wrote: I think MS may have signed them all. Dunno if that increases size. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 On Mon, 13 Nov 2006, Steve Egan (Temp) wrote: Back in my days of programming in C, if we used the C-Worthy Interface Library (CWIL), a simple three-line program would be a MINIMUM of 170K. Maybe it's because a GUI is now included, or somesuch?? Steve Egan Purcell Systems System/Network Administrator desk 509 755-0341 x110 cell 509 475-7682 fax 509 755-0345 On Mon, 13 Nov 2006, Brett Shirley wrote: We had to compile in bbisw.lib (Big Brother Is Watching). You might think that's against your rights, but you signged them away when you accepted the 5k larger eula.txt below (which you didn't read). Cheers, BrettSh [EMAIL PROTECTED] -- I've decided its funny when I use it. Just b/c I know this kind of thing can go rabbidly out of control, _YES, I WAS KIDDING._ On Mon, 13 Nov 2006, Free, Bob wrote: I would think in part it has to be the new GUI EULA that pops up and the code they use to update the registry of acceptance of said EULA. On Mon, 13 Nov 2006, joe wrote: Could be various things of which most would probably be a little difficult to ascertain. Compiler versions can certainly cause deltas, as well as individual switches in a compiler. For instance, if I use Borland Builder 6.0 to compile something and then use Borland Developer Studio (Basiclaly Borland Builder 7.0) I will see a reduction usually of about 10-40% in binary size. However, if I select certain switches (primarily things like inline function expansion while using STL code), the BDS compile can grow from 50-300% and probably more, 300% is about the most I have seen. It is likely that MSFT would compile the tools with something different than Mark would have and use. From the times I have looked at Mark's source, I am pretty sure he just used the standard Visual Studio product that was current for the time. I won't speak for MSFT on what they definitively use, but they are not sitting there using VS to build release code. Other possibilities are additional PE options like manifests, code signing, x64 compiles, as mentioned above a variety of compiler/linker options (set through switches or different interpretations of pragmas), using different libraries for standard functions (i.e. not everyone implements cout or printf identically), and of course there are things like changes to the code to reflect internal MSFT programming guidelines like changing how strings are handled, etc. There obviously tin foil hat things that it could be as well but there are so many non-devious things it could be it would be quite a while before I started thinking something devious was occurring. I wouldn't be surprised if no one there even knows the bloat occurred or why. I am sure someone there could figure it out if they wanted to though. joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Javier Jarava Sent: Monday, November 13, 2006 12:47 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: new ms-Sysinternals utils: .exe size gone up like crazy! Hi! Just a quick question to the list, to see what the honrable members (tm) think. I have just d/l some of the the updated sysinternals tools from MS (filemon, regmon, autoruns and pstools to be precise), and I have noticed that most if not all the utils have grown in size A LOT. As an example, this is the change I see from pstools v2.34 and v2.4: Archive: SYSINTERNALS PsTools v2.34 -20060710- PsTools.zip Length Date TimeName 122880 20/03/06 16:19 psshutdown.exe 94208 02/08/05 11:14 pskill.exe 65536 30/03/06 10:05 psloglist.exe 49152 27/03/06 13:07 psloggedon.exe 106496 21/07/05 10:22 psgetsid.exe 146704 26/07/00 12:00 pdh.dll 57344 06/04/06 14:52 psservice.exe 53248 30/12/05 03:15 psfile.exe 135168 11/07/06 09:00 psexec.exe 63786 08/07/06 11:10 Pstools.chm 135168 13/12/05 09:51 Psinfo.exe 106496 07/11/03 14:42 pssuspend.exe 86016 01/12/04 17:27 pslist.exe 57344 16/05/04 08:36 pspasswd.exe
Re: [ActiveDir] OT: M$
(I would just like to go on record as saying that I thought Brett's post was funny) In the MVP survey this year the final question was give three words that best describe Microsoft? Boy howdy was that the hardest part of the survey to fill out. Three words to describe the company? Youch. Think about that one for a moment will ya? Ask me to say three words about the people of Microsoft and I'd have that survey done in a nanosecond. Ask me three words about the Company ...this financial entity that files 10Ks and like what do you want me to say? Microsoft (or M$ or MF$T whatever you'd like to call it) is a company registered with the SEC to do business. It is a software company. It is an entity. It has a Tax ID number. It has to make sucky decisions due to Judges and Lawyers and Patents and EU attorneys and stupid EOLA lawsuits and . The Employees of Microsoft (no abbreviations)... as was best put by a Security MVP he went looking for the employees of Microsoft that eat babiesyou know...the ones he's heard about in those Department of Justice/SlashDot postings and all that well he can't find them. Every one of them he (and I) have ever met are sincere, hardworking, trustworthy people. In fact that's one of the wonderful things about the blogs... they do a total 'end run' around WagEd/PR stuff and show the people for the people. Even when Brett didn't blog we knew about him via his blog. Just honest people talking to people. And that's when Microsoft truly rocks. I also know that in the newsgroups when I have someone who challenges my views I find that ends up happening is not that I'll change them, but I'll solidify my views. To those that use M$ knowing full well that it annoys you (the generic you, not you, you), if their goal is to annoythey won't change. The following items are bound to start arguments/flames etc. in my home base community (most of these are specific to SBS, so my apologies) 1. One nic versus two 2. Antivirus choice (with the exception of Norton Yellow Box consumer which is nearly universally hated by all in IT) 3. Sonicwall versus ISA server 4. .local/.lan versus .com 5. the lack of inclusion of DFSv2 in SBS 2003 R2 So I guess if you are doing a list of Arguments/Flamewars in this community I guess I will say 1. The use or non use of M$ :-) Sometimes you just have to let it roll off your back. :-) How about a lighter less argumentative topic change: So how about those USA elections, 'eh? What's your thoughts about Stem Cell Research? Laura A. Robinson wrote: Disclaimer #1: You in the below refers to a generic you, not a specific person. Disclaimer #2: My opinions are in no way intended to represent those of my employer. They're my own, and they were my opinions long before I became a Microsoft employee. That said... You know what I find amazing here? It has been clearly expressed that there *are* people who find the term irritating (and I assure you, I'm not the only one; I'm just the only one who states it publicly), yet you're still arguing that because *you* think it's funny, it's therefore okay to use it. Please explain this logic to me. If you meet somebody who asks you not to call him Tiny because he hates the nickname, do you make a point to call him Tiny? If you do, then you have some serious personal issues. If you don't do that, then why do you think it's okay to continue to justify using a name on a Microsoft-centric list that is populated by Microsoft-centric people that you've been told *is* offensive to some of those people? This isn't about political correctness and it isn't about different senses of humor. It's about somebody having stated flat-out that the M$ term is offensive to her (and, again, to a lot more people than you realize) and you continuing to assert that it's just fine for you to use it. Some people might consider that incredibly childish and ignorant. Did it never occur to you simply to not use or defend the use of the term, regardless of whether you think I'm oversensitive about it? It certainly occurred to the person who originally posted it to stop using the term, and he didn't have to have an argument that boils down to I think it's funny, so you need to just get over it before stating that he wouldn't continue to use the term. I found that very adult of him. I don't, however, find it particularly adult to continue to defend the use of a tasteless, inaccurate, slighting moniker because *you* think it's funny. Most Microsoft employees are not nearly as well-paid as the public seems to think, and yet, the VAST majority of them contribute their own time and money to charitable organizations. I can give you statistics if you like; Microsoft is actually first in terms of per-capita employee philanthropy. The insistence upon referring to the company as M$ displays a tremendous amount of ignorance and rudeness to those
RE: [ActiveDir] OT: M$
You know what I find amazing here? That you felt compelled to lend more visibility to this topic, when it, truly, does not deserve an iota of your time. I see people use "M$" in conversations, I note their names and learn to avoid them. It's the same thing I do with people who use "1337" and similar "elite-speak" in conversation. I put them all in the same column of idiotic wannabes and move on. The only reason I feel impelled to write what I'm writing is because you are still lending your professional credence to a nonentity who should have been duly ignored from the start. I'm surprised that you are expending so much energy in that exercise, seeing as I know that you have been in numerous environments where people do things like thesein attempts to garner attention. Giving them the undeserved attention is, IMNSHO, injurious to your reputation. So, Laura . shut up already. Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_(_/ /) (/ Microsoft MVP - Directory Serviceswww.akomolafe.com- we know IT-5.75, -3.23Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Laura A. RobinsonSent: Mon 11/13/2006 4:31 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Disclaimer #1: "You" in the below refers to a generic "you", not a specific person. Disclaimer #2: My opinions are in no way intended to represent those of my employer. They're my own, and they were my opinions long before I became a Microsoft employee. That said... You know what I find amazing here? It has been clearly expressed that there *are* people who find the term irritating (and I assure you, I'm not the only one; I'm just the only one who states it publicly), yet you're still arguing that because *you* think it's funny, it's therefore okay to use it. Please explain this logic to me. Ifyou meet somebody who asks you not to call him "Tiny" because he hates the nickname, do you make a point to call him "Tiny"? If you do, then you have some serious personal issues. If you don't do that, then why do you think it's okay to continue to justify using a name on a Microsoft-centric list that is populated by Microsoft-centric people that you've been told *is* offensive to some of those people? This isn't about political correctness and it isn't about different senses of humor. It's about somebody having stated flat-out that the "M$" term is offensive to her (and, again, to a lot more people than you realize) and you continuing to assert that it's just fine for you to use it. Some people might consider that incredibly childish and ignorant. Did it never occur to you simply to not use or defend the use ofthe term, regardless of whether you think I'm oversensitive about it? It certainly occurred to the person who originally posted it to stop using the term, and he didn't have to have an argument that boils down to "I think it's funny, so you need to just get over it" before stating that he wouldn't continue to use the term. I found that very adult of him. I don't, however, find it particularly adult to continue to defend the use of a tasteless, inaccurate, slighting moniker because *you* think it's "funny". Most Microsoft employees are not nearly as well-paid as the public seems to think, and yet, the VAST majority of them contribute their own time and money to charitable organizations. I can give you statistics if you like; Microsoft is actually first in terms of per-capita employee philanthropy. The insistence upon referring to the company as "M$" displays a tremendous amount of ignorance and rudeness to those employees, IMO. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 8:44 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Exactly, is exactly right. You cant impose your own humor preferences on someone because you consider it unfunny. You just dont laugh. You can't stop bad jokes, because someone, somewhere is laughing at them. Just not you. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. RobinsonSent: Monday, November 13, 2006 8:20 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Exactly. M$ just isn't funny. Borg, kool-aid, those are funny. M$ isn't. Go figure. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNASent: Monday, November 13, 2006 7:46 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ Useless Air Farce would not be found funny because its just that, not funny. Funnier is US Chair Force. Thats funny, and people here laugh at it all the time. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert RutherfordSent: Monday, November 13, 2006 7:32 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: M$ ;oP Rob Robert Rutherford QuoStar Solutions Limited T: +44 (0) 8456 440
[ActiveDir] Help with topology
I have a client that Im having trouble setting up Active Directory topology for. The layout: 1 Central office with two domain controllers, 1 Global Catalog, T1 connection 5 Branch offices with 1 domain controller and DSL or Cable connections. 1 Branch office with 1 domain controller that is also an Exchange Server, on a T1. All the offices are connected to the central office through a VPN maintained by a Cisco PIX at each location. They are not directly connected to each other. When I originally set this up, I pointed all the machines to the main DNS server at the central office. However, if the VPN or the T1 went down, they were not able to access the internet and since they use a third-party application host, this is critical for business. To alleviate this problem, I installed DNS on each of the branch office computers. This worked fine until Exchange 2003 was introduced into the picture. Since all of the sites now register and replicate their DNS information, the slowest sites always end up at the top of the list of name servers. In addition, the KCC is always attempting to create links between the Exchange server and all the other sites besides the central office. Thus, whenever I have to restart the Exchange server, it takes several hours for it to properly start up. I assume that this is because it is attempting to retrieve DNS information and AD information from the slowest links rather than the CO, with which it can readily communicate. What I would like to do is set up a topology so that all the branch offices are replicating ONLY with the CO and the Exchange server will ALWAYS get its information from the CO and nowhere else. However, first, I dont know how to accomplish this, and second, I dont know if this will actually solve the problem or not. Any thoughts or suggestions on how to make this better? Drew Burchett United Systems Software Ph: (270)527-3293 Fax: (270)527-3132 -- CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
[ActiveDir] Restrict VPN Access By Computer Name
I was wondering if there is a way to restrict client VPN connections via computer name. The reason for this is that we only want clients connecting from approved devices for which they do not have administrative privileges. In other words, we do not want people VPNing into our network from their possibly virus and spyware-infested home PCs. I know that a clever user could rename his/her home PC, but this is probably not too likely and that type of user is probably likely to be conscious of updated antivirus/spyware software. I saw a setting in Remote Access Policies called Client Friendly Name (IAS). Is this the setting I am looking for? If so, do I have to set up an IAS server? If not, is there another way I can accomplish my goal. I know that WS2k3 R2 has a quarantine feature, but I am not familiar with it, though it looks like a bit of a PITA to set up and I am looking for a quick way to fix this problem. We will probably eventually use the new quarantine feature after our techs have had a chance to learn and test it a bit. I think another problem with this feature is for small business networks that have just a single SBS server. Any help would be greatly appreciated. Thanks, Dan DeStefanoInfo-lution Corporation[EMAIL PROTECTED]http://www.info-lution.comOffice: 727 546-9143FAX: 727 541-5888 If you have received this message in error please notify the sender, disregard any content and remove it from your possession.
RE: [ActiveDir] Restrict VPN Access By Computer Name
Call-Station-Identifier is a much more stable and reliable filter - it is the Client's MAC address. "Client Friendly Name" is optional and may not be sent in many VPN negotiation. The identifier will very likely be sent (I don't want to say ALWAYS since I don't have any relevant doc that say that, but I am yet to see a negotiation that does not include the identifier. Unfortunately, in order to use the identifier as a filter, you will have to create a policy for each device. I don't see how you can wildcard it. So, depending on how many clients you are talking here, well Yes, if I were you, I'd bring in RADIUS. Better, I'll bring in something like ISA 2006. With ISA, you should be able to create a Computer Set that includes the names or IPs of the Clients in question, and you can use that to filter your inbound VPN connection requests. I don't have such configuration, but it makes sense in my head. Also, if you haven't started messing withthat2K3 quarantine thingamabob yet, thank your stars. You don't want to. Not now the NAP in Longhorn is so close at hand. I'd recommend that you encourage your techs to concentrate on learning NAP instead. I just took a quick look around in NAP, and I can see where what you are trying to do here can be easily accomplished. Hope I haven't thoroughly confused you yet. Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_(_/ /) (/ Microsoft MVP - Directory Serviceswww.akomolafe.com- we know IT-5.75, -3.23Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dan DeStefanoSent: Mon 11/13/2006 9:54 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Restrict VPN Access By Computer Name I was wondering if there is a way to restrict client VPN connections via computer name. The reason for this is that we only want clients connecting from approved devices for which they do not have administrative privileges. In other words, we do not want people VPNing into our network from their possibly virus and spyware-infested home PCs. I know that a clever user could rename his/her home PC, but this is probably not too likely and that type of user is probably likely to be conscious of updated antivirus/spyware software. I saw a setting in Remote Access Policies called Client Friendly Name (IAS). Is this the setting I am looking for? If so, do I have to set up an IAS server? If not, is there another way I can accomplish my goal. I know that WS2k3 R2 has a quarantine feature, but I am not familiar with it, though it looks like a bit of a PITA to set up and I am looking for a quick way to fix this problem. We will probably eventually use the new quarantine feature after our techs have had a chance to learn and test it a bit. I think another problem with this feature is for small business networks that have just a single SBS server. Any help would be greatly appreciated. Thanks, Dan DeStefanoInfo-lution Corporation[EMAIL PROTECTED]http://www.info-lution.comOffice: 727 546-9143FAX: 727 541-5888 If you have received this message in error please notify the sender, disregard any content and remove it from your possession.
Re: [ActiveDir] Restrict VPN Access By Computer Name
(Say SBS and it's like waving a red flag in front of me) For SBS networks we don't use VPN, in fact the only time I use VPN is for patching, otherwise we use RWW (Remote Web Workplace) which does not introduce the risks that VPN does. RWW is a web based remote access and can typically be more secure (and thus not introduce the risks) from home PCs. And if you want two factor auth for RWW, Dana Epp is introducing RWW-Guard. But honestly I have a policy in my office that if they want remote access, they are to have up to date a/v, antispyware and I have the right to inspect their systems. (Logmein.com is great for this) Akomolafe, Deji wrote: Call-Station-Identifier is a much more stable and reliable filter - it is the Client's MAC address. "Client Friendly Name" is optional and may not be sent in many VPN negotiation. The identifier will very likely be sent (I don't want to say ALWAYS since I don't have any relevant doc that say that, but I am yet to see a negotiation that does not include the identifier. Unfortunately, in order to use the identifier as a filter, you will have to create a policy for each device. I don't see how you can wildcard it. So, depending on how many clients you are talking here, well Yes, if I were you, I'd bring in RADIUS. Better, I'll bring in something like ISA 2006. With ISA, you should be able to create a Computer Set that includes the names or IPs of the Clients in question, and you can use that to filter your inbound VPN connection requests. I don't have such configuration, but it makes sense in my head. Also, if you haven't started messing withthat2K3 quarantine thingamabob yet, thank your stars. You don't want to. Not now the NAP in Longhorn is so close at hand. I'd recommend that you encourage your techs to concentrate on learning NAP instead. I just took a quick look around in NAP, and I can see where what you are trying to do here can be easily accomplished. Hope I haven't thoroughly confused you yet. Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) / |_/(__(_) // (_(_)(/_(_(_/(__(/_ (_/ /) (/ Microsoft MVP - Directory Services www.akomolafe.com- we know IT -5.75, -3.23 Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Dan DeStefano Sent: Mon 11/13/2006 9:54 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Restrict VPN Access By Computer Name I was wondering if there is a way to restrict client VPN connections via computer name. The reason for this is that we only want clients connecting from approved devices for which they do not have administrative privileges. In other words, we do not want people VPNing into our network from their possibly virus and spyware-infested home PCs. I know that a clever user could rename his/her home PC, but this is probably not too likely and that type of user is probably likely to be conscious of updated antivirus/spyware software. I saw a setting in Remote Access Policies called Client Friendly Name (IAS). Is this the setting I am looking for? If so, do I have to set up an IAS server? If not, is there another way I can accomplish my goal. I know that WS2k3 R2 has a quarantine feature, but I am not familiar with it, though it looks like a bit of a PITA to set up and I am looking for a quick way to fix this problem. We will probably eventually use the new quarantine feature after our techs have had a chance to learn and test it a bit. I think another problem with this feature is for small business networks that have just a single SBS server. Any help would be greatly appreciated. Thanks, Dan DeStefano Info-lution Corporation [EMAIL PROTECTED] http://www.info-lution.com Office: 727 546-9143 FAX: 727 541-5888 If you have received this message in error please notify the sender, disregard any content and remove it from your possession. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/