[ActiveDir] Account Name Change
I recently had someone in my office get married and thus change their name. Last time this happened, I just created a new account in AD and moved the files and other important stuff from the old accountto the new account. I was just wondering, is there an easier way to do this? Am I reinventing the wheel here? What do other people do in this situation? Thanks -Chris
RE: [ActiveDir] Account Name Change
Ok what about the new e-mail address that they would need? Suggestions on that? From: Myrick, Todd (NIH/CC/DNA) [mailto:[EMAIL PROTECTED] Sent: Thursday, March 03, 2005 6:24 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Account Name Change You could just update the AD Display Name and rename the UserID. AD uses SIDs and GUIDs to secure access to resources. Todd Myrick From: Stelley, Douglas [mailto:[EMAIL PROTECTED] Sent: Thursday, March 03, 2005 7:58 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Account Name Change We discourage name changes, too much work. If you can produce 3 picture IDs, 2 credit cards and a reconstructed birth certificate, Ill maybe change your name Regards, Doug Stelley RIDDLE TIME: A man filled an empty barrel. It was lighter than when he had started. What did he fill it with? _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Thursday, March 03, 2005 3:00 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Account Name Change I recently had someone in my office get married and thus change their name. Last time this happened, I just created a new account in AD and moved the files and other important stuff from the old accountto the new account. I was just wondering, is there an easier way to do this? Am I reinventing the wheel here? What do other people do in this situation? Thanks -Chris Confidentiality Notice: The information contained in this message may be legally privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any release, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error please notify the author immediately by replying to this message and deleting the original message. Thank you.
RE: [ActiveDir] OT:spyware
Yeadownload CWShredder from here: http://www.spywareinfo.com/~merijn/downloads.html The site runs a little slow and you'll need the VB6 runtimes to run it, but it will take care of it. From: Dipowarga Wirawan [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 29, 2004 1:40 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OT:spyware I use McAfee antispyware. It works ok. I got Cool Web Search, it doesn t detect it. Anyone experience CWS and remove them successfully? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, TomSent: Wednesday, September 29, 2004 3:33 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OT:spyware Symantec Anti- Virus Enterprise 9.0. It has some spyware protection but not that great as my users are still getting a ton. From: Mulnick, Al [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 29, 2004 4:26 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] OT:spyware What are you using for anti-virus protection? Some of the newer AV products are coming with this built in vs. having to push out additional software. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, TomSent: Wednesday, September 29, 2004 4:14 PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] OT:spyware Lately I my users have been plagued with spyware and adware. What do you guys do to fight this? Can Spybot be pushed out as an msi via a gpo? Or ad-aware? Should I set the killbit on all the local active x controls? Should I prevent active x and _javascript_ing in IE thru a gpo? Im running win2k/xp clients, but mostly win2k. Finally, when you get a worm or a virus that writes to the hklm\software\microsoft\windows\currentversion\run key, does the worm/virus run under the users security context? Meaning, if the user is just a local user and thus has no privileges to write to those keys, shouldnt the worm or virus not be able to as well? Thanks and sorry for the deluge of questions, OT as they are.
RE: [ActiveDir] SpyWare
Title: Message In addition to setting up Spybot to run nightly, I recommend installing Spywareblaster (freeware): http://www.javacoolsoftware.com/spywareblaster.html It's not a scanner, it's more of a vaccine tool. It will help to harden IE against spyware exploits, but like everything else it's not 100% effective. In addition to that I also prevent users from installing any software at all. I used to have a loose policy on that, but after installations of AIM, Webshots and WeatherBug (all programs that do "drive-by" installs of spyware) locking the systems down like that was the only way to be sure. And if you haven't upgraded to version 1.3 of Spybot, then do so right away. You'll be able to download the latest spyware definitions and you have the ability to run spybot in resident mode. In addition to that they included TeaTimer in the install, which notifies you of programs trying to change information in the registry. -Chris From: Caple, Andrew [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 28, 2004 5:21 PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] SpyWare Good morning everyone!!! We have a couple of terminal servers running Windows 2000 SP4 within a Citrix Metaframe XP FR3 enviro. over the past few days and number of spyware pop-ups have been appearing within users sessions. Does anyone know of any good spyware software that would be safe to install on a server? I've download SpyBot and XoftSpy 3.44 but I wanted to check to see if anyone knows of anything else or if it's "safe" to install this programs. Thanks for your help, Andrew
RE: [ActiveDir] spyware(OT)
We use spybot along with the resident program that came out in the 1.3 release. So far it's been pretty good. I was wondering, what did you do to get it to run with the scheduler and bat files? I haven't been able to get it to cooperate yet. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dale, Rick Sent: Friday, June 11, 2004 7:59 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] spyware(OT) I have SpyBot (http://www.safer-networking.org/) installed on all PC's and it runs as part of the local machine's Friday night routine (A/V, SpyBot etc.) using the AT / scheduler some .bat files. If you don't have SpyBot installed already then I would just push out what ever program you choose. Just my 10 BITs. Rick -Original Message- From: Kern, Tom [mailto:[EMAIL PROTECTED] Sent: Friday, June 11, 2004 9:16 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] spyware(OT) My users are inundated with spyware and adware, what are the ways you guys deal with this? do you change the zone settings in I.E via gpo? can you turn spybot/spyblaster into an msi and push it out? Its hard for me to block access to web sites via an application firewall as we're a liquor ditribution company and our sales staff has to go to liqour sites that may have links to gambling or porn. i'd love to hear any ideas. thanks alot List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] SUS 2.0 Beta
Yea I did too and I was never able to register. I'm kind of disappointed. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Wassell Sent: Thursday, April 15, 2004 7:24 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Did anyone else receive an Unknown Error when registering for WUS open beta (during Step 4) or was it just me? :-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Creamer, Mark Sent: Thursday, April 15, 2004 9:00 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Glad Rod passed on the pointer to susserver.com. Some of the new name suggestions are hilarious mc List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] SUS 2.0 Beta
Waitisn't the next version called WUS now or am I mistaken? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Wednesday, April 14, 2004 10:57 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Does anyone know what the upgrade process is going to be from SUS to SUS 2.0? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Wednesday, April 14, 2004 1:41 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Same way all other products are announced. My information has it that you've got a few months still before it goes public. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Philadelphia, Lynden - Revios Toronto [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 14, 2004 1:10 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] SUS 2.0 Beta How will we be notified when it is ready for public use Lynden -Original Message- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 14, 2004 12:57 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta I believe its currently considered a closed beta, by invitation only. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Robbie Foust [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 14, 2004 12:24 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] SUS 2.0 Beta Looks like you can sign up for the open evaluation version here: http://www.microsoft.com/windowsserversystem/sus/wusbeta.mspx But I haven't been able to locate the beta version yet. Haven't found a Guest ID yet either. - Robbie Robbie Foust, IT Analyst Systems and Core Services Duke University England, Christopher M wrote: Greetings, I guess SUS 2.0 Beta has been released: _http://www.nwc.com/showitem.jhtml?articleID=18400592_ Does anyone have a Guest ID to get in on the Beta? Or is there just a download somewhere? Thanks all, Chris Christopher England Systems Administrator MCSA, Server+, Network+, A+ College Information Technology Office Indiana University List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] SUS 2.0 Beta
Oh man this is a wonderful site. Thanks for passing along the link. Hopefully I'll be able to find the answers to some of the SUS questions I have. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rod Trent Sent: Wednesday, April 14, 2004 1:52 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta SUSServer.com is hosting a contest for a better name: http://forums.susserver.com/index.php?showtopic=2032 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Wednesday, April 14, 2004 4:37 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta At the MVP summit, even the WUS product team was appologizing for the name. I was kinda hoping they're rename MIIS to the Windows Identity Integration Server. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Darren Mar-Elia [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 14, 2004 2:44 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Yes, painfully, that is true. MS Marketing strikes again. I can just see the advertising: Trust your network to a WUS -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christopher Hummert Sent: Wednesday, April 14, 2004 11:09 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Waitisn't the next version called WUS now or am I mistaken? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Wednesday, April 14, 2004 10:57 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Does anyone know what the upgrade process is going to be from SUS to SUS 2.0? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad Sent: Wednesday, April 14, 2004 1:41 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta Same way all other products are announced. My information has it that you've got a few months still before it goes public. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Philadelphia, Lynden - Revios Toronto [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 14, 2004 1:10 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] SUS 2.0 Beta How will we be notified when it is ready for public use Lynden -Original Message- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 14, 2004 12:57 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] SUS 2.0 Beta I believe its currently considered a closed beta, by invitation only. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -Original Message- From: Robbie Foust [mailto:[EMAIL PROTECTED] Sent: Wednesday, April 14, 2004 12:24 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] SUS 2.0 Beta Looks like you can sign up for the open evaluation version here: http://www.microsoft.com/windowsserversystem/sus/wusbeta.mspx But I haven't been able to locate the beta version yet. Haven't found a Guest ID yet either. - Robbie Robbie Foust, IT Analyst Systems and Core Services Duke University England, Christopher M wrote: Greetings, I guess SUS 2.0 Beta has been released: _http://www.nwc.com/showitem.jhtml?articleID=18400592_ Does anyone have a Guest ID to get in on the Beta? Or is there just a download somewhere? Thanks all, Chris Christopher England Systems Administrator MCSA, Server+, Network+, A+ College Information Technology Office Indiana University List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm
RE: [ActiveDir] Upgrade to W3K
We had a similar problem. We turned down the security level on IE to low and then it worked fine after that. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of George Arezina Sent: Monday, January 26, 2004 2:43 PM To: ActiveDir Subject: [ActiveDir] Upgrade to W3K Dear all, We had a W2K AD setup. Last month we upgraded all our servers to Windows 2003. Since the upgrade we have not been able to properly perform a Windows update task. We hook up to the Windows update site, it starts to scan our db, and suddenly half way through, it starts spitting out errors. We fall under a government program as far as the licensing is concerned and for all our servers we have only one license key. So my question is: Is there anyone else out there who had a similar error such as the one I mention above? Thanks List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: PST files
From an exchange list that some of us here are on: Why PSTs are bad, by Ed Crowley. Reprinted by permission of the author (Ed Crowley). Items 11, 12 and 13 courtesy of Stephen Gutknecht. Based on input from the many PST=BAD proselytizers in the Exchange Discussion List and personal experience. PST=BAD #1. They're fragile, especially as they get big. They get corrupted too easily. Users aren't the best at ensuring that their systems are properly shut down. PST=BAD #2. You have to run the Inbox Repair Tool on them way too often. PST=BAD #3. Your users don't back them up. Presumably you do back up the server. PST=BAD #4. Your users don't compact them. They just get bigger and bigger. PST=BAD #5. Your users forget their PST passwords. Even though there are unsupported tools to crack them, it can take a significant amount of time to do so. PST=BAD #6. You lose single instance store (SIS). PST=BAD #7. Messages take up more space in a PST than in an Exchange store. PST=BAD #8. It's simply nuts to store PSTs on a network drive. They just end up taking up more space. Is disk space on your file server cheaper than disk space on your Exchange server? PST=BAD #9. One might think that it will be easier to restore a single mailbox by using server-based PSTs. However, with proper implementation of the Ed Crowley Never Lose a Mailbox Procedure, it should never ever be necessary to restore a mailbox. PST=BAD #10. For road warriors, OSTs are a much superior storage technique, especially with the improvements made with Outlook 98. They allow untethered computing at a higher level than with PSTs, plus with the added security of a backed-up information store on the server. PST=BAD #11: A PST can be opened by only one machine at a time. This precludes a manager and assistant from working from the same PST simultaneously, and precludes team access. PST=BAD #12: You cannot use Outlook Web Access to read your downloaded messages. PST=BAD #13: Future applications, such as unified messaging, will be poorly implemented when using PSTs. Groupware applications that work with the mailbox probably won't work at all. PST=BAD #14: PST files are not secure. Anyone with access to the PST file can open it using the right tools. PST=BAD #15: You cannot clean up PST files after virus infestations. Why PSTs are good. PST=GOOD #1. They're just about all you have when using a POP3 mail source. (We maintain that use of POP3 in an enterprise, unless that's the only client available, is a reflection of administrative sloth.) PST=GOOD #2. They're useful as an archive for those who simply can't ever delete a message, as long as the user understands that they could lose all their data, and as long as they keep it on their local hard drive. The entire thing is located here: http://www.swinc.com/resource/exch_faq_appxf.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pelle, JoeSent: Thursday, January 22, 2004 12:47 PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] OT: PST files Im sorry for the off topic post, however Id like some input from the field on a subject weve been throwing around for a while now. That is: what do we do with PST files in Outlook? Were replacing EVERY desktop or laptop in the company and have the opportunity to GET RID OF PST files. Our users abuse the HE11 out of them. The PST files get so big that they end up corrupt or- take a half an hour to open b/c the file size is 800 1 GB Its tough to manage!!! What are your thoughts on this? How do others manage this? Your comments, thoughts, etc are greatly appreciated! Joe Pelle Infrastructure Architect Information Technology Valassis / IT 19975 Victor Parkway Livonia, MI 48152 Tel 734.591.7324 Fax 734.632.6151 [EMAIL PROTECTED] http://www.valassis.com/ This message may have included proprietary or protected information. This message and the information contained herein are not to be further communicated without my express written consent.
RE: [ActiveDir] Happy Thanksgiving...
You wacky Canadians :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of William Lefkovics Sent: Wednesday, November 26, 2003 11:16 AM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Happy Thanksgiving... That was like 5 weeks ago. - Original Message - From: Myrick, Todd (NIH/CIT) [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, November 26, 2003 11:02 AM Subject: [ActiveDir] Happy Thanksgiving... Just wanted to wish everyone on the list a Happy Thanksgiving... Todd Myrick List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Small Business Server as Domain Controller and trust issues?
This may be considered a tad risky. But how about an inplace upgrade from SBS to regular W2K server? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jennifer Fountain Sent: Wednesday, October 22, 2003 4:53 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Small Business Server as Domain Controller and trust issues? I am doing that now and it is quite annoying. We just bought our sweden company so we weren't in on the decision for SBS. Migrating to our domain (if we want to do that) is going to such a pain :( Thanks for the input. I just don't want to go to sweden until summer :) cold and dark :) haha. Jenn -Original Message- From: Rick Reynolds [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2003 7:24 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Small Business Server as Domain Controller and trust issues? You can set the password and users id's on both sides to match, and the users can authenticate, It will require managing user id's and password on both sides. - Original Message - From: Christopher Hummert [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, October 22, 2003 11:21 AM Subject: RE: [ActiveDir] Small Business Server as Domain Controller and trust issues? Nope it's not possible to create a trust with SBS -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jennifer Fountain Sent: Wednesday, October 22, 2003 10:58 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Small Business Server as Domain Controller and trust issues? My Sweden office currently has a SBS server running as their DC and we would like to create a trust but cannot with SBS. Is it possible to create another DC and transfer all the roles to it and then decommission the SBS server? Thank you for any info Jennifer Fountain List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT: Spyware/Adware
I was wondering what programs everyone was using to combat spyware/adware. I noticed that Ad-Aware now has a professional version out (http://www.lavasoftusa.com/software/adawareprofessional/) and I was wondering if anyone has been using this, and how you like it? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] test
I don't think it's working -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Wednesday, September 24, 2003 6:51 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] test testing List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] I sent a virus on accident...
Title: Message No problem here, you probably want to update your virus scanner on your SMTP gateway though. Oh and next time you send a message this big, about something like this, you might want to consider adding the e-mail address you wish to send to, to the BCC portion of your mail client. That way people can't see how manypeople you sent this too, and it protects those peoples e-mail address from any e-mail address harvester we may have on this mailing list. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris J. PoppSent: Friday, August 01, 2003 2:21 PMTo: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL
RE: [ActiveDir] dynamic disks
Title: Message You can use server magic. Make sure to have a backup. Use it at your own risk though. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pelle, JoeSent: Monday, March 31, 2003 2:50 PMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir] dynamic disks Anyone know of some secret voodoo that will allow me to dynamically change the partition size of my system partition without rebuilding the server? I need to make the drive bigger... Joe Pelle Systems Administrator Information Technology Valassis / Targeted Print Media Solutions 35955 Schoolcraft Rd. Livonia, MI 48150 Tel 734.632.3753 Fax 734.632.6240 [EMAIL PROTECTED] http://www.valassis.com/ This message may have included proprietary or protected information. This message and the information contained herein are not to be further communicated without my express written consent.
RE: [ActiveDir] Account Lockout after password reset
Are they using Windows 98 or 95? If so do they have any drives mapped? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chuck Sent: Monday, March 24, 2003 9:37 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Account Lockout after password reset Hello, I have had a few users where I work reset their password and they didn't reboot the computer and it locks them out after a while. I look at their account and see 5 bad passwords (our GPO is set for 5) The strange thing is I can unlock their account and they can get in to their mail, network drive and other network resources and not show any bad passwords, but after a few hours and sometimes not until the next day it will lock them out with again. I watch their authenticating domain controller for bad passwords after I unlock them and I don't see any bad passwords, sometimes a few bad passwords will show up after a few hours but I talk to the user and they haven't done anything on the computer. And when they come in the next day, they will be locked out with 5 bad passwords. It's not specific with the company because I've had it happen to me on my home Win2K domain. I finally solved my problem by resetting the password on the Computer, not through the MMC and rebooting. The problem at work is if the user resets their password they can't reset it for 5 days. Any ideas or has anyone else encountered this, I've searched Microsoft high and low and can't find anything specific. Regards, Chuck List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Active Directory Authentication via ras
Easiets if you're using Red Hat. Which distro are you using? Anyways here's the info: http://online.securityfocus.com/infocus/1563 -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Weston Rogers Sent: Tuesday, January 28, 2003 8:46 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Active Directory Authentication via ras Is it possible, or anyone know of any tips on how to get a linux box with an 8 port modem card (dialin server) to auth via an AD DC to get permissions, etc? I wanted to try to mess around with this.. Thanks. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] RAS Auth, Linux and AD?
KNOCK IT OFF WITH THE GOD DAMN FUCKING READ RECEIPTS..HOW MANY TIMES DO PEOPLE HAVE TO TELL YOU THIS! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of King, Arron S. Sent: Tuesday, January 28, 2003 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] RAS Auth, Linux and AD? You could try to do Radius or perhaps LDAP authentication if your dialin server software would support it. We do Radius with a wholesale ISP and it works quite nicely. === Arron S. King Network Systems Administrator Ohio Dominican University [EMAIL PROTECTED] v: 614.251.4515 f: 614.252.2650 -Original Message- From: Weston Rogers [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:42 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] RAS Auth, Linux and AD? Is it possible, or anyone know of any tips on how to get a linux box with an 8 port modem card (dialin server) to auth via an AD DC to get permissions, etc? I wanted to try to mess around with this.. Thanks. -Original Message- From: Mayet, Yusuf Y [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 9:26 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 We have been testing the .NET Server in our environment. There are many enhancements that have made our life easier. Our company is a large Bank in South Africa and we operate in many African countries and with this we have the issue of bad telecommunications to our foreign branches. We are using the feature called Replicate from Media. All you need to do now is perform a System State Backup and then restore to the new server. Run DCPromo with an ADV switch and point to the Restore location. Hey presto you will have your entire directory replicated to the local DC and with the replication schedule set up it will receive the updates which will be minimal. Other features include: DNS Stub Zones Conditional Forwarding Application Partition: Replication to set to replicate to all domains or certain domains. (Very cool feature) GC-Less Logon: Logon requests can be accepted without the need of a GC in the site. (Must have logged on previously but will continue with a cache profile) DC Rename: Very cool but you need .NET Native mode. Domain Rename: also need .NET Native (Be very sure that you want to perform this as you need to reboot your servers twice with other configuration changes) Forest Trust: Transitive trusts will be the name of the game for this which is pretty cool considering previously you had to set up external trust from the one domain to the required one. One last thing IIS 6.0 is much better stable, secure than the previous versions. Hope this info helps you. These are from the top of my head. Need anything else let me know. Yusuf -Original Message- From: Hutchins, Mike [mailto:[EMAIL PROTECTED]] Sent: 27 January, 2003 21:15 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 yes -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 11:58 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 Is windows 2003 Windows .NET?? -Original Message- From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 12:05 PM To: '[EMAIL PROTECTED]' Subject:RE: [ActiveDir] Active Directory - Windows Server 2003 I've been running it in a lab environment for several months. The AD in WS2K3 is fundamentally as it was in W2K, with some notable improvements in the KCC (reduced computation needed for topology calculation), replication (value replication instead of attribute replication for certain attributes), and multi-forest support (cross forest trust). A nice security improvement is that anonymous users by default have no access and therefore can't mount DOS attacks on AD. Supposedly the overall performance of AD has been improved, but I haven't assessed that. There are improvements in some of the AD-related admin tools as well. Summary: notable but not revolutionary improvements. The upgrade path is fairly low friction, so I'd feel pretty comfortable starting deployment of WS2K3 when it ships. -gil -Original Message- From: Clifford Airhart [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 9:43 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Active Directory - Windows Server 2003 Hello Everyone! With the new version of Windows Server 2003 there's a new version of Active Directory. It seems to have some more features than the Windows2000 Active Directory. Windows Server 2003 is due to be released in April. Has anyone tested, implemented, or researched this version and found it much better than Windows2000 version? Thanks in advance your advice and input! Cliff Airhart Answer Financial Inc. Senior Systems Administrator - Server
RE: [ActiveDir] RAS Auth, Linux and AD?
I didn't mean to direct it to Arron, just everyone that's requesting read recipts -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Tuesday, January 28, 2003 10:53 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] RAS Auth, Linux and AD? KNOCK IT OFF WITH THE GOD DAMN FUCKING READ RECEIPTS..HOW MANY TIMES DO PEOPLE HAVE TO TELL YOU THIS! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of King, Arron S. Sent: Tuesday, January 28, 2003 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] RAS Auth, Linux and AD? You could try to do Radius or perhaps LDAP authentication if your dialin server software would support it. We do Radius with a wholesale ISP and it works quite nicely. === Arron S. King Network Systems Administrator Ohio Dominican University [EMAIL PROTECTED] v: 614.251.4515 f: 614.252.2650 -Original Message- From: Weston Rogers [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 11:42 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] RAS Auth, Linux and AD? Is it possible, or anyone know of any tips on how to get a linux box with an 8 port modem card (dialin server) to auth via an AD DC to get permissions, etc? I wanted to try to mess around with this.. Thanks. -Original Message- From: Mayet, Yusuf Y [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 9:26 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 We have been testing the .NET Server in our environment. There are many enhancements that have made our life easier. Our company is a large Bank in South Africa and we operate in many African countries and with this we have the issue of bad telecommunications to our foreign branches. We are using the feature called Replicate from Media. All you need to do now is perform a System State Backup and then restore to the new server. Run DCPromo with an ADV switch and point to the Restore location. Hey presto you will have your entire directory replicated to the local DC and with the replication schedule set up it will receive the updates which will be minimal. Other features include: DNS Stub Zones Conditional Forwarding Application Partition: Replication to set to replicate to all domains or certain domains. (Very cool feature) GC-Less Logon: Logon requests can be accepted without the need of a GC in the site. (Must have logged on previously but will continue with a cache profile) DC Rename: Very cool but you need .NET Native mode. Domain Rename: also need .NET Native (Be very sure that you want to perform this as you need to reboot your servers twice with other configuration changes) Forest Trust: Transitive trusts will be the name of the game for this which is pretty cool considering previously you had to set up external trust from the one domain to the required one. One last thing IIS 6.0 is much better stable, secure than the previous versions. Hope this info helps you. These are from the top of my head. Need anything else let me know. Yusuf -Original Message- From: Hutchins, Mike [mailto:[EMAIL PROTECTED]] Sent: 27 January, 2003 21:15 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 yes -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 11:58 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Active Directory - Windows Server 2003 Is windows 2003 Windows .NET?? -Original Message- From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 12:05 PM To: '[EMAIL PROTECTED]' Subject:RE: [ActiveDir] Active Directory - Windows Server 2003 I've been running it in a lab environment for several months. The AD in WS2K3 is fundamentally as it was in W2K, with some notable improvements in the KCC (reduced computation needed for topology calculation), replication (value replication instead of attribute replication for certain attributes), and multi-forest support (cross forest trust). A nice security improvement is that anonymous users by default have no access and therefore can't mount DOS attacks on AD. Supposedly the overall performance of AD has been improved, but I haven't assessed that. There are improvements in some of the AD-related admin tools as well. Summary: notable but not revolutionary improvements. The upgrade path is fairly low friction, so I'd feel pretty comfortable starting deployment of WS2K3 when it ships. -gil -Original Message- From: Clifford Airhart [mailto:[EMAIL PROTECTED]] Sent: Monday, January 27, 2003 9:43 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Active Directory - Windows Server 2003 Hello Everyone! With the new version of Windows Server 2003 there's a new version of Active Directory. It seems to have some more features than
RE: [ActiveDir] RAS Auth, Linux and AD?
Writing with the caps lock key on and not using proper punctuation, tends to get the attention of those that haven't read the multiple turn off request read receipt replies that have been sent out over the past few months. Second off, I don't need anger management classes, people just need to pay attention and follow instructions. People have politely asked for others to make sure that read receipts to be turned off. Not once, not twice, not even three times but multiple times. How many more times do we have to ask? Appropriate language? When did you become the grammar police? Get off your high horse -Original Message- From: Missy Koslosky [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 28, 2003 1:16 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] RAS Auth, Linux and AD? You seriously need some anger management classes. And lessons on using appropriate language. And you may want to see about getting that caps lock key unstuck. Original Message From: [EMAIL PROTECTED] To: [EMAIL PROTECTED], Subject: RE: [ActiveDir] RAS Auth, Linux and AD? Date: Tue, 28 Jan 2003 10:53:25 -0800 KNOCK IT OFF WITH THE GOD DAMN FUCKING READ RECEIPTS..HOW MANY TIMES DO PEOPLE HAVE TO TELL YOU THIS! List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Setting up a VPN
Title: Message Thanks the oxford link was great. -Chris -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of O'Malley, Tim J.Sent: Wednesday, January 22, 2003 7:30 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Setting up a VPN If this is for Active Directory Replication through a firewall check this out: http://www.microsoft.com/technet/treeview/default.asp?url=""> For a VPNon a Windows 2000 DC or member server, check this out: http://www.oucs.ox.ac.uk/windows/winnt/vpn/win2k.html There is also some good documentation on Cisco's site. Good Luck, Tim O'Malley, MCSE,MCNE Systems Engineer Science Applications International Corporation LOC/461 MS/E2 Rm/2642 4161 Campus Point Court San Diego, CA 92121 Work: 858.826.5170 Fax: 858.826.5617 Mobile: 858.829.3151 timothy.j.o'[EMAIL PROTECTED] -Original Message-From: Christopher Hummert [mailto:[EMAIL PROTECTED]]Sent: Tuesday, January 21, 2003 7:37 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Setting up a VPN Anyone have any good info on how to set up a VPN. I've never had to do so and I was trying to find some howto article and perhaps another explaining the security risks. Also dose anyone know what ports I need to forward from the firewall for it? Or should this be in the DMZ? -Chris
RE: [ActiveDir] Setting up a VPN
Title: Message Anyone have any good info on how to set up a VPN. I've never had to do so and I was trying to find some howto article and perhaps another explaining the security risks. Also dose anyone know what ports I need to forward from the firewall for it? Or should this be in the DMZ? -Chris
RE: [ActiveDir] User's Account Locked out Every morning
Title: Message Is this a windows 98 machine? -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Kevin FelkerSent: Wednesday, January 15, 2003 7:01 AMTo: [EMAIL PROTECTED]Subject: [ActiveDir] User's Account Locked out Every morning Every morning I have to unlock one of my users accounts because it is locked out every morning. Does anyone know what could be causing this? Thanks Kevin
RE: [ActiveDir] Windows 2003 and application support
Ditto here. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Crenshaw, Jason Sent: Tuesday, January 14, 2003 7:24 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Windows 2003 and application support I am running the latest version of Norton 8.X on RC2 without any issues as a managed client. Jason Crenshaw Sandia National Labs -Original Message- From: Mike Baudino [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 14, 2003 7:38 AM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Windows 2003 and application support We're having no problems with McAfee NetShield for Windows NT and Windows 2000 v4.5. We ran it on Beta2, RC1, and are now running it on RC2. I don't believe it's supported yet though. Amit Zinman [EMAIL PROTECTED]@mail.activedir.org on 01/14/2003 08:07:17 AM Please respond to [EMAIL PROTECTED] Sent by:[EMAIL PROTECTED] To:ActiveDir Mailing List [EMAIL PROTECTED] cc: Subject:[ActiveDir] Windows 2003 and application support Hi, Is any of you running Antivirus software on Windows 2003? Is any software supported yet? Amit Zinman Systems Consultant IntegritySystems [EMAIL PROTECTED] 03-7522424 058-326753 *** PLEASE NOTE *** This E-Mail/telefax message and any documents accompanying this transmission may contain privileged and/or confidential information and is intended solely for the addressee(s) named above. If you are not the intended addressee/recipient, you are hereby notified that any use of, disclosure, copying, distribution, or reliance on the contents of this E-Mail/telefax information is strictly prohibited and may result in legal action against you. Please reply to the sender advising of the error in transmission and immediately delete/destroy the message and any accompanying documents. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] file jdbgmgr.exe
Title: Message snopes.com is your friend when dealing with internet rumors and hoaxes -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of boboSent: Wednesday, January 08, 2003 4:22 AMTo: [EMAIL PROTECTED]Subject: [ActiveDir] file jdbgmgr.exe I see file jdbgmgr.exe on my \\winnt\system32. I don't what this is. do somebody knows it. It should be a java file but what it does. Pls help. Thks - Original Message - From: Van Donk, Fred To: [EMAIL PROTECTED] Sent: Tuesday, January 07, 2003 3:24 PM Subject: RE: [ActiveDir] AD Lab Agreed -Original Message-From: Craig Cerino [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 07, 2003 10:21 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] AD Lab Right - - but if you have more than one DC I recommend making one of the ones without FSMO roles the GC -Original Message-From: Van Donk, Fred [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 07, 2003 9:22 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] AD Lab When you have one domain there is not really a need for multiple GC's. Every DC already has a full copy of the AD. GC's play a more important role when you have a forest with multiple domains in it. But there needs to be at least one GC in the forest. Even with one domain. Fred -Original Message-From: Craig Cerino [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 07, 2003 8:35 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] AD Lab If you only have one DC in each site - -- yer pretty much tied to doing that. If you have the resources Id through a second DC in each site - - make that your GC. Jus my 2 cents -Original Message-From: Pelle, Joe [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 07, 2003 8:17 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] AD Lab If we have one domain - but multiple sites - would it be a best practice to put a global catalog on the domain controller(s) at each site? KB: http://support.microsoft.com/default.aspx?scid=kb;en-us;313994 Thanks! Joe Pelle Systems Administrator Information Technology Valassis / Targeted Print Media Solutions 35955 Schoolcraft Rd. Livonia, MI 48150 Tel 734.632.3753 Fax 734.632.6240 [EMAIL PROTECTED] http://www.valassis.com/ This message may have included proprietary or protected information. This message and the information contained herein are not to be further communicated without my express written consent. -Original Message-From: Rene Chakraborty [mailto:[EMAIL PROTECTED]] Sent: Monday, January 06, 2003 8:41 PMTo: [EMAIL PROTECTED]Subject: Re: [ActiveDir] AD Lab Got to make that BDC a Global Catalog Server before you more it over. Sites and Services Rene - Original Message - From: Don Murawski (Lenox) To: [EMAIL PROTECTED] Sent: Monday, January 06, 2003 3:08 PM Subject: [ActiveDir] AD Lab Has anyone setup a AD Lab and had Global Catalog problems? I installed aBDCon the productionnetwork, disconnectit from the production and connected it to the lab network. Seize the FSMO roles. I'm able to join the domain but,I'm receiving"Unable toestablishconnection with a GC. Any suggestion would be great.
RE: [ActiveDir] ADMT 2.0
Title: Message Save yourself a call to PSS and spend the 10 bucks to get the preview of .Net Server -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Linton Smith (WBTQ)Sent: Monday, December 23, 2002 8:05 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] ADMT 2.0 I gotit from a .NET Server RC3 CD. A call to PSS might get you a copy. Linton -Original Message-From: Brad Martin [mailto:[EMAIL PROTECTED]]Sent: Monday, December 23, 2002 10:55 AMTo: Active Directory Mailing ListSubject: [ActiveDir] ADMT 2.0 Any know where I can find a beta version of Microsoft Active Directory Migration Tool 2.0? Im doing an upgrade/migration at the end of this week (nothing like a last minute deployment) and it would be really useful to have it. Thanks. Brad Martin Go Daddy Software [EMAIL PROTECTED] 480.505.8800 ext. 250
RE: [ActiveDir] Windows 2000 TCP problem!
Title: Message Your best bet is to wipe out and reinstall the entire system. Don't come crying to us when you get hacked because the Trojan put a backdoor on your machine -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chris J. PoppSent: Friday, December 20, 2002 11:27 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] Windows 2000 TCP problem! Can I somehow generate those without editing by hand, to make sure that it's done right? -Original Message-From: Al Garrett [mailto:[EMAIL PROTECTED]] Sent: Friday, December 20, 2002 1:04 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Windows 2000 TCP problem! One more thing to add If you are putting entries into an LMHOSTS file, there are spacing and case sensitivities to watch for (MS KnowledgeBase article 180094 refers). As the sample shows below, a domain controller is identified by it's NetBIOS name in the second line, and the DOMAIN name it serves is ID'd in the third line. The comment line has the spacing and numbers to use as a guide. The quotes are necessary as are the capital letters. # IP Address "123456789012345*7890" 10.0.0.1 MYSERVER #PRE #DOM:MYSCHOOL.EDU 10.0.0.1 "FACULTY \0x1b" #PRE Al Garrett -Original Message- From: Craig Cerino [mailto:[EMAIL PROTECTED]] Sent: Friday, December 20, 2002 9:39 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Windows 2000 TCP problem! Well - here's the thing. If you did in fact have some sort of TROJAN on that box - - I would recommend scrubbing the disk and building the disk back from scratch. I KNOW it's a pain, especially if you have a lot of things loaded on that box. But if you don't I guarantee you (maybe not tomorrow - maybe not until 6 months from now) you will have problems again. The rebuild will also replace your HOSTS/LMHOSTS to the original state. That being said - - - -if you don't want to do it - - you host file simply correlates an IP address to the UNC of a box on your network The entries would look like this: 201.124.152.24 boxname 201.124.152.27 boxname 201.124.152.124 boxname Of course the IPs and names would be specific to YOUR IP range and names -- - and if you don't know - you must include the TAB SPACE between the IP and the name -Original Message- From: Chris J. Popp [mailto:[EMAIL PROTECTED]] Sent: Friday, December 20, 2002 12:28 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Windows 2000 TCP problem! Sorry, my typo on ETC So, how do I recreate those? And should I have that there so I can FTP and get rid of these errors? Thanks, Chris -Original Message- From: Craig Cerino [mailto:[EMAIL PROTECTED]] Sent: Friday, December 20, 2002 10:33 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Windows 2000 TCP problem! The ETC ( not ECT dir inside the DRIVERS folder holds your HOSTS HOSTS.SAM LMHOST LMHOSTS.SAM YES you need the directory and contents if you utilize HOSTS and LMHOSTS at all -Original Message- From: Chris J. Popp [mailto:[EMAIL PROTECTED]] Sent: Friday, December 20, 2002 11:27 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Windows 2000 TCP problem! I'm getting an error in a FTP program on a Windows 2000 Pro machine. Request 5 Done. StatusCode = 500 LastResponse was : '500 ESocketException: connect: WSocketResolveProto: Cannot convert protocol 'tcp'' Error = 500 (500 ESocketException: connect: WSocketResolveProto: Cannot convert protocol 'tcp') All I could find on this was that there should be a dir at winnt\system32\drivers\ect The ect dir is gone. Had a trojan horse on that system that when I removed it, removed the dir. The question is, what can be done to repair the damage? Do I just create a dir? Are there files that should be there? Do I need to remove and reinstall software? I have uninstalled and reinstalled TCP/IP to no avail. Thanks, Chris List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] the ADC (yeah, baby!) - Oh Behave!
I just signed him up for spam instead. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Kevin Gent Sent: Thursday, December 19, 2002 10:02 AM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] the ADC (yeah, baby!) - Oh Behave! it would be real nice if someone would block this guy's rr - Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, December 19, 2002 9:58 AM Subject: RE: [ActiveDir] the ADC (yeah, baby!) - Oh Behave! Return Receipt Your RE: [ActiveDir] the ADC (yeah, baby!) - Oh Behave! document : was Jim Katoe/MindShare/NewYork/Media received by: at: 12/19/2002 09:58:11 AM List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Outlook XP makes me want to throw it out the window!
Delete her outlook profile and create a new one -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Chris J. Popp Sent: Tuesday, December 10, 2002 8:01 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Outlook XP makes me want to throw it out the window! Yeah... She's been a user of her pc for months and months. And her email was working ok until early last week. -Original Message- From: Jochen Andries [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 9:58 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Outlook XP makes me want to throw it out the window! Did you made her a user of the PC ? (Start -- Control Panel -- User Accounts) -Original Message- From: Chris J. Popp [mailto:[EMAIL PROTECTED]] Sent: dinsdag 10 december 2002 16:30 To: [EMAIL PROTECTED] Subject: [ActiveDir] Outlook XP makes me want to throw it out the window! Get your attention with the subject? :) I have been battling a problem with one of my user's machines for the past week. She is running Windows XP Pro, Office XP Pro SP1. Whenever she starts up her Outlook, she gets prompter for the username, password and server. I put the information in exactly as it should be (and have verified with my AD on the server) and I get the following message: Your login information was incorrect. Check your username and domain, then type in your password again. If your account is new or if your administrator requested a password change you need to click Change Password then logon with your new password. I re-check the info in the AD on the server via VNC so I am right there at her terminal doing double checks. I re-enter the password, and get the message again. I change the password on the AD, then enter the new password on her Outlook (usually use 1 as the password so I know I type it correct) and still get the above error. I need to get this resolved for her as she is in charge of accounting and has made my life hell in the past because since I am the IT Manager I should be all knowing, all powerful (a common misconception by those users that know no better) So, please if anyone knows what I can do to resolve this, please let me know. I'm at my wits end! Thanks, Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Manual Refresh of GPO on local computer
I've changed the folder redirection on our group policy but I have a local computer that seems like it doesn't want to accept the changes. Is there a way to make it manually refresh the changes? -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Manual Refresh of GPO on local computer
Yep already tried that. Doesn't seem to be taking it -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dave Kinnamon Sent: Friday, December 06, 2002 1:51 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Manual Refresh of GPO on local computer http://support.microsoft.com/default.aspx?scid=kb;en-us;Q227302 Using SECEDIT to Force a GP Refresh Immediately -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Friday, December 06, 2002 3:47 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Manual Refresh of GPO on local computer I've changed the folder redirection on our group policy but I have a local computer that seems like it doesn't want to accept the changes. Is there a way to make it manually refresh the changes? -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Manual Refresh of GPO on local computer
Is there a registry setting I can change to make the update myself? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Friday, December 06, 2002 1:56 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Manual Refresh of GPO on local computer Yep already tried that. Doesn't seem to be taking it -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dave Kinnamon Sent: Friday, December 06, 2002 1:51 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Manual Refresh of GPO on local computer http://support.microsoft.com/default.aspx?scid=kb;en-us;Q227302 Using SECEDIT to Force a GP Refresh Immediately -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Friday, December 06, 2002 3:47 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Manual Refresh of GPO on local computer I've changed the folder redirection on our group policy but I have a local computer that seems like it doesn't want to accept the changes. Is there a way to make it manually refresh the changes? -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Manual Refresh of GPO on local computer
I know that there's a registry key or something that can be done to fix it...anyone know? I've asked this list once before but I've lost the e-mail that contained the info. _Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Todd Povilaitis Sent: Friday, December 06, 2002 2:04 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Manual Refresh of GPO on local computer SECEDIT does not apply to Folder Redirecton CSEs. We have delayed our rollout of folder redirection policy here do to situations like yours in our test environment and no clearly defined tools for rectifying these kinds of issues. -Original Message- From: Dave Kinnamon [mailto:[EMAIL PROTECTED]] Sent: Friday, December 06, 2002 13:51 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Manual Refresh of GPO on local computer http://support.microsoft.com/default.aspx?scid=kb;en-us;Q227302 Using SECEDIT to Force a GP Refresh Immediately -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Friday, December 06, 2002 3:47 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Manual Refresh of GPO on local computer I've changed the folder redirection on our group policy but I have a local computer that seems like it doesn't want to accept the changes. Is there a way to make it manually refresh the changes? -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Manual Refresh of GPO on local computer
Ok what do I need to do? I logged off and logged back on but the folder redirection didn't change..but another setting I made to the gpo did. So I know that the GPO updated but not the FR. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Joe.Baird Sent: Friday, December 06, 2002 1:59 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Manual Refresh of GPO on local computer Folder redirection and software installation are the two GPOs that won't dynamically update. Make sure your AD is in synch and ensure your sysvol is replicating and then logoff and then back on again. Should work. - Original Message - From: Christopher Hummert [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, December 06, 2002 3:46 PM Subject: [ActiveDir] Manual Refresh of GPO on local computer I've changed the folder redirection on our group policy but I have a local computer that seems like it doesn't want to accept the changes. Is there a way to make it manually refresh the changes? -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange install
Title: Message No -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Sheri BrownSent: Wednesday, November 13, 2002 9:26 AMTo: [EMAIL PROTECTED]Subject: [ActiveDir] OT: Exchange install Do you have to have Windows 2000 Advanced Server to install Exchange? Sheri L. Brown, Systems Administrator CSD Headquarters -- Technology Department 102 North Krohn Place Sioux Falls, SD 57103 (605) 367-5760 ext 3202 [EMAIL PROTECTED]
RE: [ActiveDir] OT: Exchange install
Title: Message WRONG!!! Exchange Enterprise Server will run on Win2k Server -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Parker, EdwardSent: Wednesday, November 13, 2002 9:30 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT: Exchange install Not to install Exchange Server Exchange Enterprise Server requires Adv Server -Original Message-From: Sheri Brown [mailto:[EMAIL PROTECTED]] Sent: Wednesday, November 13, 2002 11:26 AMTo: [EMAIL PROTECTED]Subject: [ActiveDir] OT: Exchange install Do you have to have Windows 2000 Advanced Server to install Exchange? Sheri L. Brown, Systems Administrator CSD Headquarters -- Technology Department 102 North Krohn Place Sioux Falls, SD 57103 (605) 367-5760 ext 3202 [EMAIL PROTECTED]
RE: [ActiveDir] stupid stupid question
NO -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Jennifer Fountain Sent: Tuesday, November 05, 2002 2:04 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] stupid stupid question Ok - Is there a way to install windows 2000 and run dcpromo or another utility to install AD from a NT PDC and then demote the NT PDC to NT BDC without installing NT4 and upgrading? Someone told me you can and I am having problems believing it's doable??? thanks! -- Thank you Jenn Fountain 215.712.5156 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Disable IE via GPO
You mean like through the post office right :) -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of David N. Precht Sent: Thursday, October 17, 2002 4:18 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Disable IE via GPO Reply to Rick, offline -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Rittenhouse, Cindy Sent: Thursday, October 17, 2002 16:39 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Disable IE via GPO Rick, A copy would be very helpful, thank you. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Wednesday, October 16, 2002 13:17 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Disable IE via GPO John, Interesting that you even mention this. I have a reg file that sets the zones on IE via directly modding the registry in just this manner. We've got about 25k seats of Inbound/Outbound 'Out-sourced marketers' (yeah, I can even put lipstick on a pig like Telemarketing!) and we have to lock them down to ONLY what we want them to do. If anyone wants a copy o it, let me know. I'll shoot it off to you... Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 Any sufficiently advanced technology is indistinguishable from magic. --- Arthur C. Clarke -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Bjelke John A Contr AFRL/VSIO Sent: Wednesday, October 16, 2002 12:12 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Disable IE via GPO Well, you *could* write code into his login script that sets the IE security preferences for the Restricted Zones, and then undoes it in the standard login script so that others are not affected... That would probably be a good script to hang onto for future offenders as well. Add his web-mail site to the restricted zones on a test pc, then export HKEY_CURRENT_USER\Software\ Microsoft\Windows\Current Version\Internet Settings\ZoneMap\Domains to a REG file. In his logon script, copy this reg file to a temp on the system and run it. For the clean up in the normal script, find the specific entry and delete it, maybe? I would also suggest drafting an acceptable use policy to run by the powers that be, maybe through your IT boss... the worst they can do is say We're not concerned. At best, you might gain some leverage on stopping things like this. Good luck! -JB -Original Message- From: James Liddil [mailto:jliddil;phytoceutica.com] Sent: Wednesday, October 16, 2002 9:28 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Disable IE via GPO We don't have a policy in place the prevents folks from reading yahoo, hotmail etc. So if I have our firewall configured to block this I'm sure I'd immediately be blacklisted by end users. I could just as easily use McAffee EPO and add these various webmail URLs and block them. Until management decides this is a business critical issue I won't go there. But I certainly have considered the idea along with blocking IM traffic. Jim Liddil -Original Message- From: Bjelke John A Contr AFRL/VSIO [mailto:John.Bjelke;kirtland.af.mil] Sent: Tuesday, October 15, 2002 4:22 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Disable IE via GPO Why not block his web-mail site @ the firewall? He might have legitimate project related need for web access, but if you can point to virus infections from his web-based email you should be able to justify blocking the site for everyone. John A. Bjelke Unisys 505.853.6774 [EMAIL PROTECTED] Man will occasionally stumble over the truth, but most times he will pick himself up and carry on... - Winston Churchill -Original Message- From: James Liddil [mailto:jliddil;phytoceutica.com] Sent: Tuesday, October 15, 2002 1:54 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Disable IE via GPO W2K/Exchange2K Environment. We have a visiting scientist who I was asked to give an account to. Turns out he has been reading his web mail and it is highly infected based on the number of alerts I got. The one machine he uses I have pulled of the internet. But I now find he went to another machine and did some web mail (virus alert again). So at this point my hands are tied by the managements lack of policies. So I need a way to prevent him from using IE regardless of the machine. It seems in GPO I can lock it down but not totally disable it. Or is there a way? Jim Liddil List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info :
RE: [ActiveDir] Group Policy Folder Redirection Question
Yea but it's the administrator account -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Charles Carerros Sent: Tuesday, June 25, 2002 9:15 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Before you do that registry wipe, it might be easier to just wipe out the user profile and then login again. I haven't tried it but it should work correctly. And it is easier then messing with the registry. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, June 24, 2002 4:13 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Know where I can fix that in the registry? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Narkinsky, Brian Sent: Monday, June 24, 2002 1:53 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question I believe in this case it tattoos the registry. That is it makes the changes permanent to the local registry. Once it is done the only way to undo is manually edit the registry. Brian -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, June 24, 2002 3:35 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Ok so I did the secdedit /refreshpolicy user_policy and for machine_policy but whenever I log in with the Admin account or the test account their still pointed to the old location. Is there something else I need to do? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Darren Sykes Sent: Saturday, June 22, 2002 12:22 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Chris, It should work pretty much instantly. To refresh the policy you can use secedit /refreshpolicy or more recently gpupdate (XP). Darren. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: 21 June 2002 23:20 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Anyone? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Friday, June 21, 2002 11:12 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Group Policy Folder Redirection Question Ok so I have a new server and a new domain that I'm setting up. I was editing the default domain policy and I was setting up folder redirection. I set up the applictaion data to redirect to \\server\share\%username%\ and the same place with the My Documents and the Desktop folder. I realised my mistake of not adding the \My Documents\, \Application Data\ and \Desktop\ after the string when I loged out and logged back in. I current have 2 users on this machine one is the administrator and one is the test account. I've corrected the mistake in the default domain policy but the users on the machine don't seem to have had the change effect them yet. Is there anyways to get these changes to update to the current users? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] File Archiving
Explorer? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Morgan, Joshua Sent: Tuesday, June 25, 2002 12:15 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] File Archiving I'm trying to help My Company save some money and Archive off old Files... Does anyone know of a good tool that I could use that will only show files that have not been accessed or modified in over a year? Joshua Morgan PROFITLAB Senior Network Engineer PH: (864) 250-1350 Ext 133 Fax: (413) 581-4936 [EMAIL PROTECTED] http://www.profit-lab.com http://ncontrol.info The greatest glory is not in never failing, but in rising up every time we fall. -- Confucius List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Group Policy Folder Redirection Question
Ok so I did the secdedit /refreshpolicy user_policy and for machine_policy but whenever I log in with the Admin account or the test account their still pointed to the old location. Is there something else I need to do? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Darren Sykes Sent: Saturday, June 22, 2002 12:22 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Chris, It should work pretty much instantly. To refresh the policy you can use secedit /refreshpolicy or more recently gpupdate (XP). Darren. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: 21 June 2002 23:20 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Anyone? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Friday, June 21, 2002 11:12 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Group Policy Folder Redirection Question Ok so I have a new server and a new domain that I'm setting up. I was editing the default domain policy and I was setting up folder redirection. I set up the applictaion data to redirect to \\server\share\%username%\ and the same place with the My Documents and the Desktop folder. I realised my mistake of not adding the \My Documents\, \Application Data\ and \Desktop\ after the string when I loged out and logged back in. I current have 2 users on this machine one is the administrator and one is the test account. I've corrected the mistake in the default domain policy but the users on the machine don't seem to have had the change effect them yet. Is there anyways to get these changes to update to the current users? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Group Policy Folder Redirection Question
Know where I can fix that in the registry? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Narkinsky, Brian Sent: Monday, June 24, 2002 1:53 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question I believe in this case it tattoos the registry. That is it makes the changes permanent to the local registry. Once it is done the only way to undo is manually edit the registry. Brian -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, June 24, 2002 3:35 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Ok so I did the secdedit /refreshpolicy user_policy and for machine_policy but whenever I log in with the Admin account or the test account their still pointed to the old location. Is there something else I need to do? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Darren Sykes Sent: Saturday, June 22, 2002 12:22 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Chris, It should work pretty much instantly. To refresh the policy you can use secedit /refreshpolicy or more recently gpupdate (XP). Darren. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: 21 June 2002 23:20 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Group Policy Folder Redirection Question Anyone? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Friday, June 21, 2002 11:12 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Group Policy Folder Redirection Question Ok so I have a new server and a new domain that I'm setting up. I was editing the default domain policy and I was setting up folder redirection. I set up the applictaion data to redirect to \\server\share\%username%\ and the same place with the My Documents and the Desktop folder. I realised my mistake of not adding the \My Documents\, \Application Data\ and \Desktop\ after the string when I loged out and logged back in. I current have 2 users on this machine one is the administrator and one is the test account. I've corrected the mistake in the default domain policy but the users on the machine don't seem to have had the change effect them yet. Is there anyways to get these changes to update to the current users? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Group Policy Folder Redirection Question
Ok so I have a new server and a new domain that I'm setting up. I was editing the default domain policy and I was setting up folder redirection. I set up the applictaion data to redirect to \\server\share\%username%\ and the same place with the My Documents and the Desktop folder. I realised my mistake of not adding the \My Documents\, \Application Data\ and \Desktop\ after the string when I loged out and logged back in. I current have 2 users on this machine one is the administrator and one is the test account. I've corrected the mistake in the default domain policy but the users on the machine don't seem to have had the change effect them yet. Is there anyways to get these changes to update to the current users? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Automating Defragmentation
Read receipts are evil...that's why I deny all. You don't need to know if I've read something or not -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Tom Meunier Sent: Thursday, May 09, 2002 9:55 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Automating Defragmentation Just out of curiosity, how many read receipts do you receive back when you send them to a list like this? -Original Message- From: Bryon Barkley [mailto:[EMAIL PROTECTED]] Sent: Thursday, May 09, 2002 11:09 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Automating Defragmentation Yeah, it sure does. But it is the solution that works. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Log on Interactivly
I might have to do that.arghI don't want to though -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 9:49 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Can anyone reference the Defaults for Logon Locally under the Domain Security Policy? I think this would help Chris's problem out here. I tired this once on my DC http://www.jsifaq.com/subg/tip3300/rh3329.htm and for some reason I lost the ability to get into the local machine on my domain controllers. So I am skeptical to dish out advise on messing with Group Policies, after I failed to restore mine properly. I might have to pick up one of those books mentioned about GPO's in that other thread :( -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 30, 2002 9:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly When I log into his computer and chose to log onto the domain as the admin I get the same error message. When I try to log onto the local computer I can just fine. Is there an import feature for the Local Users and Groups, so I can import his account from the domain? I'm at home right now so I don't have physical access to his computer, but I do have access to the server via Terminal Services -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 6:41 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Go to the computer, Login as admin or yourself if you have domain admin rights. Right click on my computer manage Local Users and Groups Go to groups make sure his NT account is added to at least to the local users group, if not click add, find the account you are trying to logon to. Logoff the machine, he should be able to login now. -b -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 30, 2002 9:35 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly I haven't looked at the local security policy. How do I check that? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Kingslan Sent: Tuesday, April 30, 2002 6:15 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Have you looked at the machine's Local Security Policy? I can't determine why you're getting this error, but unless the Interactive Logon Permissions have been modified, these are typically set at the machine as the effective settings. The Domain policy would probably be undefined, as the Local would take precedence in this case. Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 Any sufficiently advanced technology is indistinguishable from magic. --- Arthur C. Clarke -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Tuesday, April 30, 2002 7:00 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Log on Interactivly I'm having problems with one of my users machines. When he tries to logon to the domain he gets the following message: The local policy of this system does not permit you to log on interactively Now I went to the MS KB and found article Q276590. I used the ntrights program as they said: ntrights -m \\dagobah -u rick -r SetDenyInteractiveLogonRight But I get the following: Revoking SetDenyInteractiveLogonRight from rick on \\dagobah... failed AddUserRightToAccount: ***Error*** AddUserRightToAccount -1073741728 Anyone know what's going on and what I need to do to fix it? This has got my brain cramped. I checked the Domain Security policy and both deny and logon interactively have been changed to not defined. Someone here at the office changed that which is what I think caused the problem in the first place. -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org
RE: [ActiveDir] Log on Interactivly
Anyone? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Wednesday, May 01, 2002 8:20 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Ok so I went to the users computer and I looked at the local group policy. They deny logon locally was applied to the domain users group. I right clicked on it and hit security and then the box came up and the local policy setting box was unchecked but the effective policy setting box was checked but it was grayed out. It wouldn't let me uncheck this box. Any idea on how to change that? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Kingslan Sent: Wednesday, May 01, 2002 6:04 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Sorry I haven't replied - I backed out of the fray on this one. The right to log in locally is usually set at the local machine. It's a Deny Logon Locally or the Log on Locally permission that has been set. It will typically (unless someone has deemed to set it at the domain for ALL users and ALL computers in the domain) be set in the Local Policy on the machine. You can get to this by logging in as the Administrator and looking in the Admin tools on the local machine or load up an MMC and select the Local Security Policy, then set the focus to this machine. Look to the Deny Logon Locally permission. Make sure that the user is not defined here. Nexy look at the Log on Locally make that the user IS defined here. This is most likely not a Group Policy issue. When we deal with the Sec Policies, the closer to the Local machine, the more precedence these settings will take. This is opposite of the way that GPO works, as the farther from the Local settings we get, the less effect local settings can impose. Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 Any sufficiently advanced technology is indistinguishable from magic. --- Arthur C. Clarke -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Wednesday, May 01, 2002 1:44 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly I might have to do that.arghI don't want to though -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 9:49 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Can anyone reference the Defaults for Logon Locally under the Domain Security Policy? I think this would help Chris's problem out here. I tired this once on my DC http://www.jsifaq.com/subg/tip3300/rh3329.htm and for some reason I lost the ability to get into the local machine on my domain controllers. So I am skeptical to dish out advise on messing with Group Policies, after I failed to restore mine properly. I might have to pick up one of those books mentioned about GPO's in that other thread :( -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 30, 2002 9:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly When I log into his computer and chose to log onto the domain as the admin I get the same error message. When I try to log onto the local computer I can just fine. Is there an import feature for the Local Users and Groups, so I can import his account from the domain? I'm at home right now so I don't have physical access to his computer, but I do have access to the server via Terminal Services -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 6:41 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Go to the computer, Login as admin or yourself if you have domain admin rights. Right click on my computer manage Local Users and Groups Go to groups make sure his NT account is added to at least to the local users group, if not click add, find the account you are trying to logon to. Logoff the machine, he should be able to login now. -b -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 30, 2002 9:35 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly I haven't looked at the local security policy. How do I check that? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Kingslan Sent: Tuesday, April 30, 2002 6:15 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Have you looked at the machine's Local Security Policy? I can't determine why you're getting this error, but unless the Interactive Logon Permissions have
RE: [ActiveDir] Log on Interactivly
I already changed the domain GPO -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Facundo Chamut Sent: Wednesday, May 01, 2002 9:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Log on Interactivly local GPOs get overruled by domain GPOs. you need to change, or in your case, ask somebody to change for you, the domain GPOs Facus. -- To err is human. To really screw up, you need a computer. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 12:05 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Anyone? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Wednesday, May 01, 2002 8:20 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Ok so I went to the users computer and I looked at the local group policy. They deny logon locally was applied to the domain users group. I right clicked on it and hit security and then the box came up and the local policy setting box was unchecked but the effective policy setting box was checked but it was grayed out. It wouldn't let me uncheck this box. Any idea on how to change that? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Kingslan Sent: Wednesday, May 01, 2002 6:04 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Sorry I haven't replied - I backed out of the fray on this one. The right to log in locally is usually set at the local machine. It's a Deny Logon Locally or the Log on Locally permission that has been set. It will typically (unless someone has deemed to set it at the domain for ALL users and ALL computers in the domain) be set in the Local Policy on the machine. You can get to this by logging in as the Administrator and looking in the Admin tools on the local machine or load up an MMC and select the Local Security Policy, then set the focus to this machine. Look to the Deny Logon Locally permission. Make sure that the user is not defined here. Nexy look at the Log on Locally make that the user IS defined here. This is most likely not a Group Policy issue. When we deal with the Sec Policies, the closer to the Local machine, the more precedence these settings will take. This is opposite of the way that GPO works, as the farther from the Local settings we get, the less effect local settings can impose. Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 Any sufficiently advanced technology is indistinguishable from magic. --- Arthur C. Clarke -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Wednesday, May 01, 2002 1:44 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly I might have to do that.arghI don't want to though -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 9:49 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Can anyone reference the Defaults for Logon Locally under the Domain Security Policy? I think this would help Chris's problem out here. I tired this once on my DC http://www.jsifaq.com/subg/tip3300/rh3329.htm and for some reason I lost the ability to get into the local machine on my domain controllers. So I am skeptical to dish out advise on messing with Group Policies, after I failed to restore mine properly. I might have to pick up one of those books mentioned about GPO's in that other thread :( -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 30, 2002 9:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly When I log into his computer and chose to log onto the domain as the admin I get the same error message. When I try to log onto the local computer I can just fine. Is there an import feature for the Local Users and Groups, so I can import his account from the domain? I'm at home right now so I don't have physical access to his computer, but I do have access to the server via Terminal Services -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 6:41 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Go to the computer, Login as admin or yourself if you have domain admin rights. Right click on my computer manage Local Users and Groups Go to groups make sure his NT account is added to at least to the local users group, if not click add, find the account you are trying to logon to. Logoff the machine, he should be able to login now. -b -Original Message
RE: [ActiveDir] Log on Interactivly
The problem was caused when someone here in the office changed the Domain GPO. They then got this problem and called me up to fix it. When I asked the guy what changed he made he said that he right clicked on the domain, hit properties, did the edit on the gpo and then changed the deny local logon to domain users. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Facundo Chamut Sent: Wednesday, May 01, 2002 9:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Log on Interactivly local GPOs get overruled by domain GPOs. you need to change, or in your case, ask somebody to change for you, the domain GPOs Facus. -- To err is human. To really screw up, you need a computer. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 01, 2002 12:05 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Anyone? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Wednesday, May 01, 2002 8:20 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Ok so I went to the users computer and I looked at the local group policy. They deny logon locally was applied to the domain users group. I right clicked on it and hit security and then the box came up and the local policy setting box was unchecked but the effective policy setting box was checked but it was grayed out. It wouldn't let me uncheck this box. Any idea on how to change that? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Kingslan Sent: Wednesday, May 01, 2002 6:04 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Sorry I haven't replied - I backed out of the fray on this one. The right to log in locally is usually set at the local machine. It's a Deny Logon Locally or the Log on Locally permission that has been set. It will typically (unless someone has deemed to set it at the domain for ALL users and ALL computers in the domain) be set in the Local Policy on the machine. You can get to this by logging in as the Administrator and looking in the Admin tools on the local machine or load up an MMC and select the Local Security Policy, then set the focus to this machine. Look to the Deny Logon Locally permission. Make sure that the user is not defined here. Nexy look at the Log on Locally make that the user IS defined here. This is most likely not a Group Policy issue. When we deal with the Sec Policies, the closer to the Local machine, the more precedence these settings will take. This is opposite of the way that GPO works, as the farther from the Local settings we get, the less effect local settings can impose. Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 Any sufficiently advanced technology is indistinguishable from magic. --- Arthur C. Clarke -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Wednesday, May 01, 2002 1:44 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly I might have to do that.arghI don't want to though -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 9:49 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Can anyone reference the Defaults for Logon Locally under the Domain Security Policy? I think this would help Chris's problem out here. I tired this once on my DC http://www.jsifaq.com/subg/tip3300/rh3329.htm and for some reason I lost the ability to get into the local machine on my domain controllers. So I am skeptical to dish out advise on messing with Group Policies, after I failed to restore mine properly. I might have to pick up one of those books mentioned about GPO's in that other thread :( -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 30, 2002 9:51 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly When I log into his computer and chose to log onto the domain as the admin I get the same error message. When I try to log onto the local computer I can just fine. Is there an import feature for the Local Users and Groups, so I can import his account from the domain? I'm at home right now so I don't have physical access to his computer, but I do have access to the server via Terminal Services -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Tuesday, April 30, 2002 6:41 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Go to the computer, Login as admin or yourself if you have domain admin rights. Right click
[ActiveDir] Log on Interactivly
I'm having problems with one of my users machines. When he tries to logon to the domain he gets the following message: The local policy of this system does not permit you to log on interactively Now I went to the MS KB and found article Q276590. I used the ntrights program as they said: ntrights -m \\dagobah -u rick -r SetDenyInteractiveLogonRight But I get the following: Revoking SetDenyInteractiveLogonRight from rick on \\dagobah... failed AddUserRightToAccount: ***Error*** AddUserRightToAccount -1073741728 Anyone know what's going on and what I need to do to fix it? This has got my brain cramped. I checked the Domain Security policy and both deny and logon interactively have been changed to not defined. Someone here at the office changed that which is what I think caused the problem in the first place. -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Log on Interactivly
I haven't looked at the local security policy. How do I check that? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Kingslan Sent: Tuesday, April 30, 2002 6:15 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Log on Interactivly Chris, Have you looked at the machine's Local Security Policy? I can't determine why you're getting this error, but unless the Interactive Logon Permissions have been modified, these are typically set at the machine as the effective settings. The Domain policy would probably be undefined, as the Local would take precedence in this case. Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 Any sufficiently advanced technology is indistinguishable from magic. --- Arthur C. Clarke -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Tuesday, April 30, 2002 7:00 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Log on Interactivly I'm having problems with one of my users machines. When he tries to logon to the domain he gets the following message: The local policy of this system does not permit you to log on interactively Now I went to the MS KB and found article Q276590. I used the ntrights program as they said: ntrights -m \\dagobah -u rick -r SetDenyInteractiveLogonRight But I get the following: Revoking SetDenyInteractiveLogonRight from rick on \\dagobah... failed AddUserRightToAccount: ***Error*** AddUserRightToAccount -1073741728 Anyone know what's going on and what I need to do to fix it? This has got my brain cramped. I checked the Domain Security policy and both deny and logon interactively have been changed to not defined. Someone here at the office changed that which is what I think caused the problem in the first place. -Chris List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT - Program for blocking of websites
There I changed the title -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Hayes, Shawn Sent: Monday, April 29, 2002 12:33 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Thread does not belong here -Original Message- From: Bryan Schlegel [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 3:26 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Couldn't you just use add a bad dns entry? -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 2:59 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Actually they want to block one of their children from using the internet. _Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Monday, April 29, 2002 11:54 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Well I just had a user ask if I could do this on their home computer. They have windows XP pro. Any idea on how to do it on there? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Morgan, Joshua Sent: Monday, April 29, 2002 11:51 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Program for blocking of websites Well there are a few ways... Proxy or IAS Or a third party program like WebSense Joshua Morgan PH: (864) 250-1350 Ext 133 [EMAIL PROTECTED] http://www.profit-lab.com http://ncontrol.info -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 2:42 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Program for blocking of websites I need to block certain websites from a few of my users computers. Could someone give me suggestions on how to do this? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Program for blocking of websites
I don't know that they do. But that would be just through gpoedit right? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Morgan, Joshua Sent: Monday, April 29, 2002 12:05 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Program for blocking of websites If they use XP in workgroup mode they can disallow the use of Internet explorer via Group Policies Joshua Morgan PH: (864) 250-1350 Ext 133 [EMAIL PROTECTED] http://www.profit-lab.com http://ncontrol.info -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 2:59 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Actually they want to block one of their children from using the internet. _Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Monday, April 29, 2002 11:54 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Well I just had a user ask if I could do this on their home computer. They have windows XP pro. Any idea on how to do it on there? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Morgan, Joshua Sent: Monday, April 29, 2002 11:51 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Program for blocking of websites Well there are a few ways... Proxy or IAS Or a third party program like WebSense Joshua Morgan PH: (864) 250-1350 Ext 133 [EMAIL PROTECTED] http://www.profit-lab.com http://ncontrol.info -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 2:42 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Program for blocking of websites I need to block certain websites from a few of my users computers. Could someone give me suggestions on how to do this? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Program for blocking of websites
Yea after talking to them they caught their kid looking at porn and they want to block all porn sites from themI think cybersitter will be what I'm going to use for them. Thanks to everyone that helped and if anyone has any other comments I would love to hear them -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ellis, Debbie Sent: Monday, April 29, 2002 12:43 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Program for blocking of websites I would just enable Content Advisor in Internet Explorer. (Tools. Internet Options click on the Content tab) You have to be a local admin to do this. You can't block just one site, but it sounds like they want to block the porn sites and other objectionable sites. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 2:59 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Actually they want to block one of their children from using the internet. _Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher Hummert Sent: Monday, April 29, 2002 11:54 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Program for blocking of websites Well I just had a user ask if I could do this on their home computer. They have windows XP pro. Any idea on how to do it on there? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Morgan, Joshua Sent: Monday, April 29, 2002 11:51 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Program for blocking of websites Well there are a few ways... Proxy or IAS Or a third party program like WebSense Joshua Morgan PH: (864) 250-1350 Ext 133 [EMAIL PROTECTED] http://www.profit-lab.com http://ncontrol.info -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Monday, April 29, 2002 2:42 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Program for blocking of websites I need to block certain websites from a few of my users computers. Could someone give me suggestions on how to do this? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] AD Tool opinions
Ditto. I would love to test it out -Chris Hummert -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of David Abbishaw Sent: Tuesday, April 02, 2002 11:36 AM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] AD Tool opinions Yes, please put me down for a copy, also if you need any testers I wouldn't mind helping you out. regards David Email: [EMAIL PROTECTED] - Original Message - From: Bryan Schlegel [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, April 02, 2002 8:32 PM Subject: RE: [ActiveDir] AD Tool opinions Looks like an awesome project. -Original Message- From: Joe Sargent [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 2:28 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD Tool opinions Anyway you could report which server has the FSMO roles also or if the target server has any of the roles if it is one machine at a time? I would also like a copy Thanks, Joe Sargent -Original Message- From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 2:10 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] AD Tool opinions Looks like you included everything. I would like a copy when you are finished. -Original Message- From: Nah Idee [mailto:[EMAIL PROTECTED]] Sent: Tuesday, April 02, 2002 2:14 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] AD Tool opinions Hi, I recognize that MS Op Mgr (MOM) gives you good info about AD status, but it is not free. So I am writing a little VB freeware utility and was wondering if I could solicit some comments about what you might like to see (or not see) with respect to what I am proposing to include. Thanks Performance reports will look like a spreadsheet in html showing (each): Availability * A/D Server name * Availability (tested by doing a login) % avail Directory Database * A/D Server name * Cache % Hit * Table Open Cache % hit * Cache Size * Log Threads Waiting * Log Record Stalls/sec Client logins * A/D Server name * Time * # of logins NTDS * A/D Server name * DS Reads per second * DS Writes per second * Threads in use * Search Time (seconds) Replication * A/D Server name * DRA Inbound Bytes * DRA Outbound Bytes Authentication * A/D Server name * LDAP bind time * LDAP client sessions * LDAP sessions per second * NTLM Authentications per second List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Question on deploying service packs, updates, etc.
Ditto -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Bryan Schlegel Sent: Monday, April 01, 2002 9:06 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Question on deploying service packs, updates, etc. Such a good question, I am wondering the same. -Original Message- From: Baker, David [mailto:[EMAIL PROTECTED]] Sent: Monday, April 01, 2002 11:55 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Question on deploying service packs, updates, etc. Am just learning about the power of GPO's. Have read that you can push out service packs, updates, apps, etc. by creating .msi files. I have not been able to find out much about that process. Real world scenario - Say we want to deploy the latest service pack on 120 workstations. How is this done? 1) Where do we get the download to convert to .msi 2) How do we convert to .msi 3) What is the best way to push out to the workstations that minimizes user intervention. Thanks, David List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Clusters - Good or Bad idea?
Title: Message Yea it seems that your spending more money then your really need too. Using a raid 1 or 5 configuration, and some type of tape backup would be what I would do. And if the entire server died one day I'm sure you have some type of backup server that you could move stuff over to -Chris -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of England, Christopher MSent: Tuesday, March 05, 2002 9:04 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Clusters - Good or Bad idea? Actually the main reason my organization wants to go clustering is for hardware redundancy (not just hard disks and power and memory, but if a MoBo fails, we are still ok). I think it is overkill for a file server. Ideas? Thoughts? Chris -Original Message-From: Morgan, Joshua [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 11:58 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Clusters - Good or Bad idea? It sort of depends on the apps you want to cluster. Can you give us an idea of what you are looking at, as far as apps go Joshua Morgan PH: (864) 250-1350 Ext 133 Fax: (413) 581-4936 [EMAIL PROTECTED] -Original Message-From: England, Christopher M [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 11:49 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Clusters - Good or Bad idea? I am looking at buying new servers as well and we are looking into Clustering or any other means of hardware and software redundancy. I am pretty sure Advanced Server does clustering as well as load balancing, and I think new servers can be brought in after the cluster is created. One bad thing about Advanced Server and clustering techniques, from what I understand,is that it is a more advanced setup and would require a higher learning curve and more monitoring and maintenance. Not that that is a concern for any of us, but time is a key element we must look at here as well. I am interested in what people have to say about this technology as well, as it will be one of the major factors when we go to buy our new server machines. Thanks, Chris England --- Christopher England, MCPServer Administrator College Information Technology Office Indiana University -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 11:08 AMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir] Clusters - Good or Bad idea?Hi All, I am currently specing out a number of new file and printers servers for our HQ with about 700 users (at the moment). I'm considering using W2K Advanced server to cluster machines. My first questions is, is this a good idea? Can you load balance across servers? Where I am coming from is I want the users at the site, to be able to connect to the machine(s) with one name using the same disk array. There could be 4 or more servers in the cluster, if one of the servers fails, the users get moved over to one of the working machines. Also, can it load balances itself across the machines. For expandability, if we find we need more storage or disk capacity, we can just add another server to the cluster or more disk to the external device? Is this possible in a File and Print only environment, or am I living in a dream world? Thanks for you comments Jamie SimcoxPC Network TechnicianJ C Bamford Excavators Ltd___J. C. Bamford Excavators Ltd.Registered Office: Rocester, Staffordshire, England. ST14 5JPRegistered No. 561597 England___The contents of this Email communication are confidential to the addressee.If you are not the intended recipient you may not disclose or distributethis communication in any form but should immediately contact the Sender.The information, images, documents and views expressed in this Emailare personal to the Sender and do not expressly or implicitly representofficial positions and policies of the J C B group of companies ("JCB")and no authority exists on behalf of JCB to make any agreements,representations or other binding commitment by means of Email.
RE: [ActiveDir] Clusters - Good or Bad idea?
Oh I hate to say this cause I think I'm going to get flamed but oh well. If you want a reliable webserver farm you should look to Linux or bsd running apache. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mike Tonazzi Sent: Tuesday, March 05, 2002 8:58 AM To: [EMAIL PROTECTED] Subject: AW: [ActiveDir] Clusters - Good or Bad idea? I am specially interested in NLB (network load balancing) for a webserver farm. Here is what I found on Microsoft's Website (it's a overview over Clustering and Network Load Balancing) http://www.microsoft.com/windows2000/advancedserver/evaluation/business/ overview/advanced.asp http://www.microsoft.com/windows2000/advancedserver/evaluation/business /overview/advanced.asp But: Is this the right platform to discuss? Aren't there other newsgroups or mailinglists more specifing concernig this issue? Mike -Ursprüngliche Nachricht- Von: England, Christopher M [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 5. März 2002 17:49 An: '[EMAIL PROTECTED]' Betreff: RE: [ActiveDir] Clusters - Good or Bad idea? I am looking at buying new servers as well and we are looking into Clustering or any other means of hardware and software redundancy. I am pretty sure Advanced Server does clustering as well as load balancing, and I think new servers can be brought in after the cluster is created. One bad thing about Advanced Server and clustering techniques, from what I understand, is that it is a more advanced setup and would require a higher learning curve and more monitoring and maintenance. Not that that is a concern for any of us, but time is a key element we must look at here as well. I am interested in what people have to say about this technology as well, as it will be one of the major factors when we go to buy our new server machines. Thanks, Chris England --- Christopher England, MCP Server Administrator College Information Technology Office Indiana University -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 11:08 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Clusters - Good or Bad idea? Hi All, I am currently specing out a number of new file and printers servers for our HQ with about 700 users (at the moment). I'm considering using W2K Advanced server to cluster machines. My first questions is, is this a good idea? Can you load balance across servers? Where I am coming from is I want the users at the site, to be able to connect to the machine(s) with one name using the same disk array. There could be 4 or more servers in the cluster, if one of the servers fails, the users get moved over to one of the working machines. Also, can it load balances itself across the machines. For expandability, if we find we need more storage or disk capacity, we can just add another server to the cluster or more disk to the external device? Is this possible in a File and Print only environment, or am I living in a dream world? Thanks for you comments Jamie Simcox PC Network Technician J C Bamford Excavators Ltd ___ J. C. Bamford Excavators Ltd. Registered Office: Rocester, Staffordshire, England. ST14 5JP Registered No. 561597 England ___ The contents of this Email communication are confidential to the addressee. If you are not the intended recipient you may not disclose or distribute this communication in any form but should immediately contact the Sender. The information, images, documents and views expressed in this Email are personal to the Sender and do not expressly or implicitly represent official positions and policies of the J C B group of companies (JCB) and no authority exists on behalf of JCB to make any agreements, representations or other binding commitment by means of Email. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Clusters - Good or Bad idea?
The only think I'm keeping exchange around for is for our public folders. Right now I set up squirrel mail from http://www.squirrelmail.org It supports IMAP and it has a really nice web interface. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of William Lefkovics Sent: Tuesday, March 05, 2002 1:22 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Clusters - Good or Bad idea? Why would you get flamed for that? It certainly is an option. Slightly more difficult to incorporate applications leveraging AD, but certainly an option. If only I could get Exchange2000 Outlook Web Access on there. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 10:00 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Clusters - Good or Bad idea? Oh I hate to say this cause I think I'm going to get flamed but oh well. If you want a reliable webserver farm you should look to Linux or bsd running apache. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mike Tonazzi Sent: Tuesday, March 05, 2002 8:58 AM To: [EMAIL PROTECTED] Subject: AW: [ActiveDir] Clusters - Good or Bad idea? I am specially interested in NLB (network load balancing) for a webserver farm. Here is what I found on Microsoft's Website (it's a overview over Clustering and Network Load Balancing) http://www.microsoft.com/windows2000/advancedserver/evaluation/business/ overview/advanced.asp http://www.microsoft.com/windows2000/advancedserver/evaluation/business /overview/advanced.asp But: Is this the right platform to discuss? Aren't there other newsgroups or mailinglists more specifing concernig this issue? Mike -Ursprüngliche Nachricht- Von: England, Christopher M [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 5. März 2002 17:49 An: '[EMAIL PROTECTED]' Betreff: RE: [ActiveDir] Clusters - Good or Bad idea? I am looking at buying new servers as well and we are looking into Clustering or any other means of hardware and software redundancy. I am pretty sure Advanced Server does clustering as well as load balancing, and I think new servers can be brought in after the cluster is created. One bad thing about Advanced Server and clustering techniques, from what I understand, is that it is a more advanced setup and would require a higher learning curve and more monitoring and maintenance. Not that that is a concern for any of us, but time is a key element we must look at here as well. I am interested in what people have to say about this technology as well, as it will be one of the major factors when we go to buy our new server machines. Thanks, Chris England --- Christopher England, MCP Server Administrator College Information Technology Office Indiana University -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 11:08 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Clusters - Good or Bad idea? Hi All, I am currently specing out a number of new file and printers servers for our HQ with about 700 users (at the moment). I'm considering using W2K Advanced server to cluster machines. My first questions is, is this a good idea? Can you load balance across servers? Where I am coming from is I want the users at the site, to be able to connect to the machine(s) with one name using the same disk array. There could be 4 or more servers in the cluster, if one of the servers fails, the users get moved over to one of the working machines. Also, can it load balances itself across the machines. For expandability, if we find we need more storage or disk capacity, we can just add another server to the cluster or more disk to the external device? Is this possible in a File and Print only environment, or am I living in a dream world? Thanks for you comments Jamie Simcox PC Network Technician J C Bamford Excavators Ltd ___ J. C. Bamford Excavators Ltd. Registered Office: Rocester, Staffordshire, England. ST14 5JP Registered No. 561597 England ___ The contents of this Email communication are confidential to the addressee. If you are not the intended recipient you may not disclose or distribute this communication in any form but should immediately contact the Sender. The information, images, documents and views expressed in this Email are personal to the Sender and do not expressly or implicitly represent official positions and policies of the J C B group of companies (JCB) and no authority exists on behalf of JCB to make any agreements, representations or other binding commitment by means of Email. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com
RE: [ActiveDir] Clusters - Good or Bad idea?
Yea if your stuck it ASP I would pay for chillisoft, maybe someday a open source alternative will show up. Right now I made the switch to Linux for some of our service mainly due to cost. I have a web server and e-mail running off a old AMD K-6 233mhz and it's surprising how fast it is, and I've restarted it once in the past 4 months and that was only because I couldn't figure out how to restart an daemon. This is my first major step into Linux and it's really changed my mind about it -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of David M Ha Sent: Tuesday, March 05, 2002 1:36 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Clusters - Good or Bad idea? As far as NLB goes, it is very easy to set-up and it works wonderfully in my production web farm set-up. I'm sure Apache works as well on Linux but for people who commits to ASP like me, I'll stick with NLB. -Original Message- From: William Lefkovics [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 3:22 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Clusters - Good or Bad idea? Why would you get flamed for that? It certainly is an option. Slightly more difficult to incorporate applications leveraging AD, but certainly an option. If only I could get Exchange2000 Outlook Web Access on there. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 10:00 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Clusters - Good or Bad idea? Oh I hate to say this cause I think I'm going to get flamed but oh well. If you want a reliable webserver farm you should look to Linux or bsd running apache. -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Mike Tonazzi Sent: Tuesday, March 05, 2002 8:58 AM To: [EMAIL PROTECTED] Subject: AW: [ActiveDir] Clusters - Good or Bad idea? I am specially interested in NLB (network load balancing) for a webserver farm. Here is what I found on Microsoft's Website (it's a overview over Clustering and Network Load Balancing) http://www.microsoft.com/windows2000/advancedserver/evaluation/business/ overview/advanced.asp http://www.microsoft.com/windows2000/advancedserver/evaluation/business /overview/advanced.asp But: Is this the right platform to discuss? Aren't there other newsgroups or mailinglists more specifing concernig this issue? Mike -Ursprüngliche Nachricht- Von: England, Christopher M [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 5. März 2002 17:49 An: '[EMAIL PROTECTED]' Betreff: RE: [ActiveDir] Clusters - Good or Bad idea? I am looking at buying new servers as well and we are looking into Clustering or any other means of hardware and software redundancy. I am pretty sure Advanced Server does clustering as well as load balancing, and I think new servers can be brought in after the cluster is created. One bad thing about Advanced Server and clustering techniques, from what I understand, is that it is a more advanced setup and would require a higher learning curve and more monitoring and maintenance. Not that that is a concern for any of us, but time is a key element we must look at here as well. I am interested in what people have to say about this technology as well, as it will be one of the major factors when we go to buy our new server machines. Thanks, Chris England --- Christopher England, MCP Server Administrator College Information Technology Office Indiana University -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 05, 2002 11:08 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Clusters - Good or Bad idea? Hi All, I am currently specing out a number of new file and printers servers for our HQ with about 700 users (at the moment). I'm considering using W2K Advanced server to cluster machines. My first questions is, is this a good idea? Can you load balance across servers? Where I am coming from is I want the users at the site, to be able to connect to the machine(s) with one name using the same disk array. There could be 4 or more servers in the cluster, if one of the servers fails, the users get moved over to one of the working machines. Also, can it load balances itself across the machines. For expandability, if we find we need more storage or disk capacity, we can just add another server to the cluster or more disk to the external device? Is this possible in a File and Print only environment, or am I living in a dream world? Thanks for you comments Jamie Simcox PC Network Technician J C Bamford Excavators Ltd ___ J. C. Bamford Excavators Ltd. Registered Office: Rocester, Staffordshire, England. ST14 5JP Registered No. 561597 England ___ The contents of this Email
RE: [ActiveDir] Inaccessible_boot_device - not AD but I need help!
Title: Message If the MBR is screwed up you could boot to a floppy and do "fdisk /mbr" to repair it or from the recovery console use "fixmbr" -Chris Hummert -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Joe SargentSent: Friday, February 15, 2002 11:17 AMTo: ActiveDirSubject: [ActiveDir] Inaccessible_boot_device - not AD but I need help! I have a DELL PE2300 server that has a PERC2 Expandable raid controller. I added a drive to the RAID5 array and all went well, but now when I boot up to W2K server I get the following stop code 0x007B (0xF241F848,0xC0034..) INACCESSIBLE_BOOT_DEVICE I have tried a repair and a boot to a bootable floppy but I get the same error. I can actually see the partition and the files while in repair. My guess is the boot sector got screwed up. Any ideas??? I really do not want to do a reinstall. Thanks, Joe Sargent ==NOTICE: WSCC Has Changed Internet Domain Names to WS.EDU Note E-mail and Web address change==Joe SargentDirector of Network and Technical SupportCCEN 312Walters State Community College500 South Davy Crockett ParkwayMorristown, TN 37813Office:(423) 585-6836 Office: [EMAIL PROTECTED]Fax: (423) 585-2630 Pager: [EMAIL PROTECTED]Pager:(888) 724-9041 Web: http://www.ws.edu==
[ActiveDir] Win98 Clients and Printer Problems
I had this problem that just started to happened here in the past few days. I have 2 Windows 98 clients left in the office and all of the sudden when they try to print they get asked for a just a password. They then enter their user password but the print jobs never come out. Anyone know what's going on here or what I should be looking at? I'm thinking it's some active directory permission problem but then again I'm not sure Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] ICQ problems in an AD
I know this is a little off topic but I've been trying to figure this out for awhile. I've been trying to get ICQ working on our network. But it won't run with users who are not Administrators. Basically whenever they run the program all that happens is the splash screen shows up and nothing happens. Now this isn't a problem for anyone with Admin rights, cause the program runs correctly for them. Now I contacted ICQ and they told me this: 1. From the profile you used when you first installed ICQ, run the registry editor (Regedit.exe). 2. Locate the root HKEY_CURRENT_USER\Software\Mirabilis\ICQ 3. Click the ICQ key, and choose Registry - Export Registry File 4. Under Export Range, make sure the option Selected Branch is selected, and in the space under it, the correct path is showing (HKEY_CURRENT_USER\Software\Mirabilis\ICQ) 5. Choose a file name, and save it on your hard disk. Note the location you are saving the file to. It is best not to save the file on your desktop, since the desktop change between profiles. 6. Log out from the computer and log in with the other profile. 7. Locate the registry file your exported and run it. 8. Windows will ask you if you wish to import the registry settings. Choose Yes and confirm. 9. Locate the ICQ.exe file from the installed directory (usually in C:\program files\ICQ\) , then right-click the file and choose Copy. 10. Minimize all windows 11. Right-click your desktop and choose Paste Shortcut. Ok I tried that and it didn't work. Does anyone have a suggestion on what I could do to get these users working with ICQ without having to add them to the Admin Group (which I'm not going to do) Is there some type of GPO setting I can change that would get them working? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Weird Domain Error
Anyone know if maybe there is a hotfix to get around this problem? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Thornley, Dave H Sent: Thursday, January 24, 2002 12:27 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Weird Domain Error Hi, We had a similar problem some time ago, I can't remember the cause (I'm sure it wasn't licensing), but we fixed it by moving the master browser role to another server. The master browser role had been taken by an Exchange server, we moved it to a domain controller and that fixed the problem. You can check what computers are holding browser roles with BROWMON from the resource kit. HTH dave -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: 23 January 2002 22:03 To: ActiveDir Subject: [ActiveDir] Weird Domain Error I'm having a pretty weird error that I can't seem to figure out. Whenever I have a user go to network neighborhood and then view the entire contents of the network and then they click on the domain they get the message AAII is not accessible - No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept I can do a search for the domain controller and connect to it that way but not the other. Now I thought it was a license problem but it appears that I have the required amount of licenses. Anyone know what's wrong? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Weird Domain Error
No I don't have wins configured and it's on the same subnet -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ravenscroft Noah Sent: Thursday, January 24, 2002 11:38 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Weird Domain Error Chris, Do you have WINS configured, and is the Domain Master browser on a different subnet? -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 24, 2002 11:57 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Weird Domain Error Anyone know if maybe there is a hotfix to get around this problem? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Thornley, Dave H Sent: Thursday, January 24, 2002 12:27 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Weird Domain Error Hi, We had a similar problem some time ago, I can't remember the cause (I'm sure it wasn't licensing), but we fixed it by moving the master browser role to another server. The master browser role had been taken by an Exchange server, we moved it to a domain controller and that fixed the problem. You can check what computers are holding browser roles with BROWMON from the resource kit. HTH dave -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: 23 January 2002 22:03 To: ActiveDir Subject: [ActiveDir] Weird Domain Error I'm having a pretty weird error that I can't seem to figure out. Whenever I have a user go to network neighborhood and then view the entire contents of the network and then they click on the domain they get the message AAII is not accessible - No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept I can do a search for the domain controller and connect to it that way but not the other. Now I thought it was a license problem but it appears that I have the required amount of licenses. Anyone know what's wrong? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Weird Domain Error
I'm having a pretty weird error that I can't seem to figure out. Whenever I have a user go to network neighborhood and then view the entire contents of the network and then they click on the domain they get the message AAII is not accessible - No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept I can do a search for the domain controller and connect to it that way but not the other. Now I thought it was a license problem but it appears that I have the required amount of licenses. Anyone know what's wrong? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Weird Domain Error
Win2k -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andy Ward (GCS) Sent: Wednesday, January 23, 2002 3:02 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Weird Domain Error What server OS are you using? Andy MCP -- Andrew Ward Senior Technical Partner Grosvenor Computer Services 1-3 Greys Road Henley on Thames Oxon RG9 1SB T - 01491 414145 F - 01491 414146 E - [EMAIL PROTECTED] W - http://www.grosvenorcs.co.uk - Original Message - From: Christopher Hummert [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 23, 2002 10:03 PM Subject: [ActiveDir] Weird Domain Error I'm having a pretty weird error that I can't seem to figure out. Whenever I have a user go to network neighborhood and then view the entire contents of the network and then they click on the domain they get the message AAII is not accessible - No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept I can do a search for the domain controller and connect to it that way but not the other. Now I thought it was a license problem but it appears that I have the required amount of licenses. Anyone know what's wrong? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Weird Domain Error
I don't see any errors in the event log related to licensing but I did find this error: Event Type: Error Event Source: NetBT Event Category: None Event ID: 4319 Date: 1/23/2002 Time: 2:50:16 PM User: N/A Computer: DELL Description: A duplicate name has been detected on the TCP network. The IP address of the machine that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state. Data: : 00 00 04 00 01 00 54 00 ..T. 0008: 00 00 00 00 df 10 00 c0 ß..À 0010: 05 01 00 00 00 00 00 00 0018: 00 00 00 00 00 00 00 00 0020: 00 00 00 00 00 00 00 00 0028: 6b 01 a8 c0 k.¨À So I ran the command and got this. C:\Documents and Settings\Administrator.DELLnbtstat -n Internal 2: Node IpAddress: [192.168.1.82] Scope Id: [] NetBIOS Local Name Table Name Type Status - DELL 1F UNIQUE Registered DELL 00 UNIQUE Registered DELL 20 UNIQUE Registered AAII 00 GROUP Registered AAII 1C GROUP Registered AAII 1B UNIQUE Registered AAII 1E GROUP Registered DELL 03 UNIQUE Registered AAII 1D UNIQUE Registered ..__MSBROWSE__.01 GROUP Registered INet~Services 1C GROUP Registered IS~DELL00 UNIQUE Registered DELL BE UNIQUE Registered ADMINISTRATOR 03 UNIQUE Registered DELL 01 UNIQUE Registered Internal 1: Node IpAddress: [192.168.1.81] Scope Id: [] NetBIOS Local Name Table Name Type Status - DELL 1F UNIQUE Registered DELL 00 UNIQUE Registered DELL 20 UNIQUE Registered AAII 00 GROUP Registered AAII 1C GROUP Registered AAII 1B UNIQUE Registered AAII 1E GROUP Registered DELL 03 UNIQUE Registered INet~Services 1C GROUP Registered IS~DELL00 UNIQUE Registered DELL BE UNIQUE Registered ADMINISTRATOR 03 UNIQUE Registered DELL 01 UNIQUE Registered External: Node IpAddress: [216.210.178.26] Scope Id: [] NetBIOS Local Name Table Name Type Status - DELL 1F UNIQUE Registered DELL 00 UNIQUE Registered DELL 20 UNIQUE Registered AAII 00 GROUP Registered AAII 1C GROUP Registered AAII 1B UNIQUE Registered AAII 1E GROUP Registered DELL 03 UNIQUE Registered AAII 1D UNIQUE Registered ..__MSBROWSE__.01 GROUP Registered INet~Services 1C GROUP Registered IS~DELL00 UNIQUE Registered DELL BE UNIQUE Registered ADMINISTRATOR 03 UNIQUE Registered DELL 01 UNIQUE Registered Now I don't think I have any clients that are named the same but I'm not quite sure what this is telling me -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andy Ward (GCS) Sent: Wednesday, January 23, 2002 3:17 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Weird Domain Error Hmm. I had a very similar error with a Small Business Server 2000 server. What was happening was that a script we had set up was logging each user onto about 7 mapped drives when they logged on. Due to some complete awfulness in Win2k Pro, each mapped drive counts as a user on the license server, so the licenses run out. But, we did keep having pop-ups on the server telling us that our server was near to the maximum number of licenses, or had exceeded the maximum number. The solution was phoning MS and getting them to e-mail over a hotfix (specific to SBS 2000) which will be released when SP3 comes out. Sorry to go on :) More to the point, are you getting any entries in your event log that tell you that the license server is running out? Or any errors in the event logs of the individual workstations that hint at a userenv problem, or license problem? Just need a bit more info, that's all :) Cheers, Andy - Original Message - From: Christopher Hummert [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 23, 2002 11:09 PM Subject: RE: [ActiveDir] Weird Domain Error Win2k -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andy Ward (GCS) Sent: Wednesday, January 23
RE: [ActiveDir] Weird Domain Error
Yea I've rebooted multiple machines. The server (DC) has been rebooted a couple of different times already -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andy Ward (GCS) Sent: Wednesday, January 23, 2002 3:31 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Weird Domain Error That's weird. Usually in a case like that, you would at least see which names were in conflict - did you reboot the machine at all between the time the error was logged and the time you ran nbtstat? Other than that I think we'll have to wait for Rick Kingslan to help out :) Or Dean Wells (sorry not to mention you first, Dean ;) Andy - Original Message - From: Christopher Hummert [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, January 23, 2002 11:24 PM Subject: RE: [ActiveDir] Weird Domain Error I don't see any errors in the event log related to licensing but I did find this error: Event Type: Error Event Source: NetBT Event Category: None Event ID: 4319 Date: 1/23/2002 Time: 2:50:16 PM User: N/A Computer: DELL Description: A duplicate name has been detected on the TCP network. The IP address of the machine that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state. Data: : 00 00 04 00 01 00 54 00 ..T. 0008: 00 00 00 00 df 10 00 c0 ß..À 0010: 05 01 00 00 00 00 00 00 0018: 00 00 00 00 00 00 00 00 0020: 00 00 00 00 00 00 00 00 0028: 6b 01 a8 c0 k.¨À So I ran the command and got this. C:\Documents and Settings\Administrator.DELLnbtstat -n Internal 2: Node IpAddress: [192.168.1.82] Scope Id: [] NetBIOS Local Name Table Name Type Status - DELL 1F UNIQUE Registered DELL 00 UNIQUE Registered DELL 20 UNIQUE Registered AAII 00 GROUP Registered AAII 1C GROUP Registered AAII 1B UNIQUE Registered AAII 1E GROUP Registered DELL 03 UNIQUE Registered AAII 1D UNIQUE Registered ..__MSBROWSE__.01 GROUP Registered INet~Services 1C GROUP Registered IS~DELL00 UNIQUE Registered DELL BE UNIQUE Registered ADMINISTRATOR 03 UNIQUE Registered DELL 01 UNIQUE Registered Internal 1: Node IpAddress: [192.168.1.81] Scope Id: [] NetBIOS Local Name Table Name Type Status - DELL 1F UNIQUE Registered DELL 00 UNIQUE Registered DELL 20 UNIQUE Registered AAII 00 GROUP Registered AAII 1C GROUP Registered AAII 1B UNIQUE Registered AAII 1E GROUP Registered DELL 03 UNIQUE Registered INet~Services 1C GROUP Registered IS~DELL00 UNIQUE Registered DELL BE UNIQUE Registered ADMINISTRATOR 03 UNIQUE Registered DELL 01 UNIQUE Registered External: Node IpAddress: [216.210.178.26] Scope Id: [] NetBIOS Local Name Table Name Type Status - DELL 1F UNIQUE Registered DELL 00 UNIQUE Registered DELL 20 UNIQUE Registered AAII 00 GROUP Registered AAII 1C GROUP Registered AAII 1B UNIQUE Registered AAII 1E GROUP Registered DELL 03 UNIQUE Registered AAII 1D UNIQUE Registered ..__MSBROWSE__.01 GROUP Registered INet~Services 1C GROUP Registered IS~DELL00 UNIQUE Registered DELL BE UNIQUE Registered ADMINISTRATOR 03 UNIQUE Registered DELL 01 UNIQUE Registered Now I don't think I have any clients that are named the same but I'm not quite sure what this is telling me -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andy Ward (GCS) Sent: Wednesday, January 23, 2002 3:17 PM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Weird Domain Error Hmm. I had a very similar error with a Small Business Server 2000 server. What was happening was that a script we had set up was logging each user onto about 7 mapped drives when they logged on. Due to some complete awfulness in Win2k Pro, each mapped drive counts as a user on the license server, so the licenses run out. But, we did keep having pop-ups on the server telling us that our server was near to the maximum number of licenses, or had exceeded
RE: [ActiveDir] Weird Domain Error
Yes it does have 3 network cards. 2 of them for the internal network and one for outside access(e-mail and IIS (I rather run apache though)) This problem just started occuring though, I can check tomorrow but I don't think it's been happening for more then 2 or 3 weeks. (I tried to figure it out on my own before sending a message to the list) -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jon B. Lewis Sent: Wednesday, January 23, 2002 10:23 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Weird Domain Error Does it have more than one network card? Just a stab in the dark here but I have a number of multi-homed servers and a fair amount of the goofy problem I get have to do with that. -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 23, 2002 4:03 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Weird Domain Error I'm having a pretty weird error that I can't seem to figure out. Whenever I have a user go to network neighborhood and then view the entire contents of the network and then they click on the domain they get the message AAII is not accessible - No more connections can be made to this remote computer at this time because there are already as many connections as the computer can accept I can do a search for the domain controller and connect to it that way but not the other. Now I thought it was a license problem but it appears that I have the required amount of licenses. Anyone know what's wrong? Thanks Chris Hummert Network Administrator - Albany Agency of Insurance Webmaster for Noghri.net http://www.noghri.net MS Beta tester ID #: 388366 Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contacts us. - from Calvin and Hobbes List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] RPC Server weird error
Title: Message I had this exact same problem..make sure that the clients can see and are using the DNS server. -Chris -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Andy Ward (GCS)Sent: Wednesday, January 16, 2002 4:29 PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] RPC Server weird error Hi all, I am experiencing a weird, recurring problem on all 12 of the Windows 2000 Professional (SP2) workstations at one of my client's offices. Approximately every half-hour to hour, each workstation will log the following error in the Application event log: e.g. Source: Userenv Category: None Type: Error Event ID: 1000 User: NT AUTHORITY\SYSTEM Computer: FLUMP Description: Windows cannot determine the user or computer name. Return value (1722). I did the obvious NET HELPMSG 1722 and it tells me that 'The RPC Server is unavailable'. I have also looked all over the web for ways to fix this problem, and can't find any. They all seem to give me really unuseful information, like 'Make sure your DNS is configured properly' and other such useful tidbits. I am really lost here! None of the workstations experience any problems, whatsoever. They all work fine, log on fine, use Exchange fine, register in the DNS fine etc etc, can browse the network and web. They all work fine. BUT I can't get rid of this error message, which just keeps on showing up. The client is convinced something bad will happen, and I just need, for my own peace of mind, to solve this one - and the web has turned out to be useless for tracking down a resolution. BTW, the server is Small Business Server 2000 (SP2) and is experiencing no problems. Thanks all in advance, I would be really grateful if someone could shed some light on this one! Andy Ward MCP (Exchange 2000) GCS PS What the hell IS an RPC server anyway?
RE: [ActiveDir] Win 2k Network Load Balancing
Yea that's what I meant I think there is a reg hack out there to reduce the service probing time. I'll look around -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Lensert, Chad Sent: Thursday, November 01, 2001 3:40 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Win 2k Network Load Balancing The documentation I found said that it shouldn't take over 10 seconds when the machine is offline. Once the IP address is gone it changes automatically, but the time from when the site stops to when it actually doesn't see the IP (i.e. the machine is off) is what I need to minimize. It has to shut everything down, etc. which takes time. The best I've got it so far is about a minute. This isn't that bad, but it just seems weird that it would have downtime at all, if the other machine is up and running and ready to server clients. That's what I'm trying to see if it's inherent in 2000, or if I'm missing something. -Chad -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 01, 2001 5:38 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Win 2k Network Load Balancing How long are you waiting for it to kick in. I remember seeing a reg hack somewhere to bump up the time -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Lensert, Chad Sent: Thursday, November 01, 2001 3:21 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Win 2k Network Load Balancing Yep. It works fine. The Dfs is just to keep the web content the same on both machines. The load balancing does what it's supposed to if you turn the machine off or unplug it from the network. It's when something not so drastic happens like IIS stops responding or something like that. Then the load balancing should kick in, but it still thinks it's fine because it can see it on the network. It thinks that the machine is still good to go becuase it can see it, when in fact it's not serving web content and it should be failing over to the backup. It's an issue of how the NLB software recognizes a machine in a cluster. It does it by the heartbeat of the machine. I guess there's always a hack to write a script that will disable the NIC if something happens and then have it reboot. -Chad -Original Message- From: Christopher Hummert [mailto:[EMAIL PROTECTED]] Sent: Thursday, November 01, 2001 5:18 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Win 2k Network Load Balancing Ok I noticed that you just said that you have set up to serve web content and a DFSnow I know this is kind of a stupid question but did you actually set up NLB? -Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Lensert, Chad Sent: Thursday, November 01, 2001 3:07 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Win 2k Network Load Balancing Kind of off the AD subject, but I'm trying to load balance two web servers, both running Adv. Server. I set them both up to serve web content with a Dfs and am running some tests on them to see what will happen if I take one offline. In theory, when one goes offline, the other one should take over for it and keep serving content. When I stop the web site for the Number 1 Priority server, the content that it was serving is not available to anyone via the web (404 error), and it doesn't roll over to the next machine. The reason is that it still has a heartbeat because it is on the network, and this is how load balancing detects if a machine is available to server content or not. If it can see it on the network, it thinks it can serve content, even though something software based might be screwing up. The only time it works how I want it to is when I either shut the machine down or unplug it from the network. And while it's shutting down the web content isn't available while it's shutting down, since the www service stops before the network connection dies. If I take a server down, or it fails, I'de like to keep downtime as transparent as possible to users. The best I can do right now is about 1 minute during a reboot while it shuts everyhing down. Is this just an inherent flaw in the design of network load balancing for 2000, or am I missing something? Chad Lensert Network Administrator Business Filings Incorporated Phone: (800) 981-7183 x253 Fax: (608) 827-5501 http://www.bizfilings.com List info: http://www.activedir.org/mail_list.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info: http://www.activedir.org/mail_list.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info: http://www.activedir.org/mail_list.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info: http://www.activedir.org/mail_list.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info: http://www.activedir.org/mail_list.htm