[ActiveDir] OT: Deploying Visio 2007 via Group Policy
I wanted to post this and see what kind of feed back I get from this group, maybe some of you have tried this already. When modifying the config.xml I was able to enter in the license info, however the .msp that I created and placed in the Updates folder did nothing. When I ran the .msp manually it appeared to do what I wanted, like placing the icon on the desktop. Is there a way to run the msiexec command to update the VisProWW.msi file with the updates from the .msp. Apparently, all the statements from Microsoft that anything in this folder will be installed and applied during initial install is false. Unless this statement is if installing it manually and not via Group Policy. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Friday, January 26, 2007 10:36 AM To: [EMAIL PROTECTED] Subject: [gptalk] Re: Push out Visio 2007 via Group Policy Right. If you go to the archive for this list, Michael Pietrzak had posted some items about this. I don't believe the .msp buys you anything in terms of customization. I hope to test some of this today, however. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, January 26, 2007 7:31 AM To: [EMAIL PROTECTED] Subject: [gptalk] Re: Push out Visio 2007 via Group Policy What about using the setup.exe /admin switch to create the .msp file? I read that if you leave the .msp file in the Updates folder of the folder structure on the network share that it will apply it during installation. I am not sure I believe this works, because an installation of Visio 2007 pushed out but once I opened the product it asked me for the CD Key which I had already put in the .msp file that I created. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Thursday, January 25, 2007 4:50 PM To: [EMAIL PROTECTED] Subject: [gptalk] Re: Push out Visio 2007 via Group Policy Good question Justin. Actually it is possible to deploy Office 2007 through GP but it has completely changed. You no longer create an admin install point. You just copy the CD bits to the share. And, it no longer supports transforms. You have a file called config.xml that support minimal customization that you put in the install directory along with the bits. Really a step back actually. MS used to have a technet article describing this but the pulled it recently. However, thanks to the wonders of Google, you can still find it cached at http://209.85.165.104/search?q=cache:kLaHkfhp8PoJ:technet2.microsoft.com /Office/en-us/library/efd0ee45-9605-42d3-9798-3b698fff3e081033.mspx+conf ig.xml+office+2007+Group+Policyhl=engl=usct=clnkcd=1 http://209.85.165.104/search?q=cache:kLaHkfhp8PoJ:technet2.microsoft.co m/Office/en-us/library/efd0ee45-9605-42d3-9798-3b698fff3e081033.mspx+con fig.xml+office+2007+%22Group+Policy%22hl=engl=usct=clnkcd=1 Darren From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, January 25, 2007 11:26 AM To: [EMAIL PROTECTED] Subject: [gptalk] Push out Visio 2007 via Group Policy Does anyone know who the Office 2007 products can be pushed out via group policy? How do you create an administrative installation point? How to you include customizations? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
RE: [ActiveDir] Remote DC's on Virtual Server
Exchange has about 2700 users on it, and yes I will have a GC in the hotsite. The majority of users are in the forest root. Exchange and the DC/GC's will be the only items in the hotsite. Also, the odds of all 8 domains being down at once are very small due to significant distance between sites. If Exchange fails over then all 2700 would be connecting there. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coleman, Hunter Sent: Thursday, January 18, 2007 4:25 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remote DC's on Virtual Server IMHO, ESX/VM Infrastructure and Virtual Server are like apples and oranges. Yes, they are both virtualization environments, but have vastly different capabilities. VM Infrastructure has a much broader and deeper feature set that does come with added cost and complexity. Regardless, in the context of the original question I'd be concerned about the load Exchange is going to place on the host hardware. How many Exchange users are in the 8 domains, and how many of these would potentially be connecting to the alternate site? Are you going to have GC availability to support Exchange? What other resources at the hotsite might be looking for DC/GC services? I would also be careful about having a configuration at my hotsite that is significantly different from my normal production environment. When things have melted down to the point of failing over to the hotsite, it's not a good time to be pulling out the manuals for your infrastructure because you don't work with it day in and day out. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Akomolafe, Deji Sent: Thursday, January 18, 2007 1:22 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remote DC's on Virtual Server ESX (VMWare) is good - and pricey. And very strict as to hardware specs. And complex to setup and administer. And, I could be wrong on this, NOT (MS)-supported for virtualizing DCs. Virtual Server, on the other hand, is good, not pricey, less picky, more supported (I believe it's actually validated) for DCs virtualization. Plus, the liberal OS licensing scheme is very attractive to me. Yes, I know, VMWare rules the market. Yes, I am biased. Sincerely, _ (, / | /) /) /) /---| (/_ __ ___// _ // _ ) /|_/(__(_) // (_(_)(/_(_(_/(__(/_ (_/ /) (/ Microsoft MVP - Directory Services www.akomolafe.com x-excid://3277/uri:http:/www.akomolafe.com - we know IT -5.75, -3.23 Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon From: Salandra, Justin A. Sent: Thu 1/18/2007 11:57 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Remote DC's on Virtual Server What would you recommend for the following situation. We are thinking of having a hot site where Exchange will be replicated to a remote location. Since Exchange will be remote over the Internet, we will need to have DC's for each domain available in that remote site. (This would all be going across a VPN) I was thinking about placing 8 DC's on a VMWare Infrastructure 3 server Enterprise edition. These DC's would really only be used in the event of a disaster and people started connecting to Exchange up in the remote site. Is VMWare Infrastructure 3 good? What would you use? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
[ActiveDir] OT: Windows Defender
Even though windows defender is not supported on Windows 2000 any more, does it still work on windows 2000 and will the adm file that gets added into Group Policy apply? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
RE: [ActiveDir] push a URL in the trusted zone with GPO...
Internet Explorer Maintenance within User Config Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bruyere, Michel Sent: Friday, January 05, 2007 3:37 PM To: ActiveDir@mail.activedir.org Subject: push a URL in the trusted zone with GPO... Hi, I have a brain cramp actually, I can't remember how I can push a URL in the trusted zone and intranet zone for all the stations using a GPO, anybody can help? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ma/default.aspx
RE: [ActiveDir] Strange Lock Out Issue
Is the lockout on the user's workstation, or on the domain? i.e., how can you tell that there is a lockout (what's the symptom)? Lockout is on the domain, we have a web filter that requires authentication and when the account is locked out, the access denied page pops up on the Internet. Does the user have a mail client open (e.g., Outlook or similar)? Yes, Outlook 2003 Is the user logged in from multiple workstations at the same time? She has in the past, but the past few times no. Did the user call the help desk to change passwords, or use a web-based password reset program, while logged in to Windows? NO Are you sure the user is not logged into the domain when this happens? She is in the domain when this happens Is the user connected to a VPN when this happens? NO Answers to these might help track down your problem.. :-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, December 21, 2006 11:36 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Strange Lock Out Issue Hi Justin, I have a user, who is not logged in anywhere else, and while surfing the web or access a program is getting locked out of her account for no reason. I have checked the logs on all three domain controllers and nothing is showing a failed logon attempt or bad password. It doesn't even show when the account got locked. Any ideas on how to rectify this? Is the lockout on the user's workstation, or on the domain? i.e., how can you tell that there is a lockout (what's the symptom)? Does the user have a mail client open (e.g., Outlook or similar)? Is the user logged in from multiple workstations at the same time? Did the user call the help desk to change passwords, or use a web-based password reset program, while logged in to Windows? Are you sure the user is not logged into the domain when this happens? Is the user connected to a VPN when this happens? Answers to these might help track down your problem.. :-) -- Idan Shoham Chief Technology Officer M-Tech Information Technology, Inc. [EMAIL PROTECTED] http://mtechIT.com Sign-up for M-Tech's winter training sessions: P-Synch: January 8--12, 2007 || ID-Synch: January 15--19, 2007 To register, please visit: http://mtechIT.com/education/ The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. On Tue, 19 Dec 2006, Salandra, Justin A. wrote: That is just the thing, no event IDs exist for the account lockout on any DC even though I have Auditing turned on. This is why it is a strange lockout. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, December 18, 2006 3:39 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Strange Lock Out Issue Eventcombmt the DCs for whatever the lockout ID is also works. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Monday, December 18, 2006 2:50 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Strange Lock Out Issue Download the Account Lockout and Management Tools from Microsoft. More specifically, from the downloaded EXE, extract the LockoutStatus.EXE file and use it to query for the user account that is having issues. It will tell you how many bad password attempts have been made, what time/date the lockout occurred, and on what DC. Furthermore, you can directly manage the Domain Controller from the tool and pull up the event viewer to look for the security entry pointing you to the source of the bad credentials. It's always worked like a charm for me when dealing with issues like these. Good luck, ~Ben From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Monday, December 18, 2006 11:35 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Strange Lock Out Issue I have a user, who is not logged in anywhere else, and while surfing the web or access a program is getting locked out of her account for no reason. I have checked the logs on all three domain controllers and nothing is showing a failed logon attempt or bad password. It doesn't even show when the account got locked. Any ideas on how to rectify this? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager
RE: [ActiveDir] Delegate Password Resets
We use a product called rDirectory and the Reset Password function has suddenly sporatically stopped working throwing what appear to be .net errors. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Friday, December 22, 2006 12:38 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Delegate Password Resets In our case, I simply modified the security permissions on the OU containing our user accounts to provide a granular delegation of rights so the members of this security group can go into ADUC and unlock user accounts or reset/change passwords only. I modified various read/write property rights as well as reset password and change password rights. Besides modifying ACLs, what other methods of delegating password reset functions were you referring to? From: [EMAIL PROTECTED] on behalf of Salandra, Justin A. Sent: Thu 12/21/2006 6:24 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Delegate Password Resets I wanted to find out from all of you what ways you have delegated password reset functions to your helpdesks. We have a product that does this but it is continually having problems and want to know if there are nay other ways. Justin A. Salandra MCSE Windows 2000 and 2003 Network and Technology Services Manager Catholic Health Care System 646.505.3681 cell 917.455.0110 [EMAIL PROTECTED]
RE: [ActiveDir] Delegate Password Resets
This is probably what I can gonna do. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Friday, December 22, 2006 12:55 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Delegate Password Resets I gave a 500K seat org helpdesk a copy of ADUC and the same rights as below and it worked like a charm. Not pretty but cheap and functional. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Friday, December 22, 2006 12:38 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Delegate Password Resets In our case, I simply modified the security permissions on the OU containing our user accounts to provide a granular delegation of rights so the members of this security group can go into ADUC and unlock user accounts or reset/change passwords only. I modified various read/write property rights as well as reset password and change password rights. Besides modifying ACLs, what other methods of delegating password reset functions were you referring to? From: [EMAIL PROTECTED] on behalf of Salandra, Justin A. Sent: Thu 12/21/2006 6:24 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Delegate Password Resets I wanted to find out from all of you what ways you have delegated password reset functions to your helpdesks. We have a product that does this but it is continually having problems and want to know if there are nay other ways. Justin A. Salandra MCSE Windows 2000 and 2003 Network and Technology Services Manager Catholic Health Care System 646.505.3681 cell 917.455.0110 [EMAIL PROTECTED]
RE: [ActiveDir] Delegate Password Resets
That gives them way to much permissions on the directory -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Miller Sent: Friday, December 22, 2006 10:39 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Delegate Password Resets I put the user accounts of the helpdesk personnel in the built in group, Account Operators. This is precisely why I think that group exists. -mjm Salandra, Justin A. wrote: I wanted to find out from all of you what ways you have delegated password reset functions to your helpdesks. We have a product that does this but it is continually having problems and want to know if there are nay other ways. Justin A. Salandra MCSE Windows 2000 and 2003 Network and Technology Services Manager Catholic Health Care System 646.505.3681 cell 917.455.0110 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
[ActiveDir] Delegate Password Resets
I wanted to find out from all of you what ways you have delegated password reset functions to your helpdesks. We have a product that does this but it is continually having problems and want to know if there are nay other ways. Justin A. Salandra MCSE Windows 2000 and 2003 Network and Technology Services Manager Catholic Health Care System 646.505.3681 cell 917.455.0110 [EMAIL PROTECTED]
RE: [ActiveDir] Strange Lock Out Issue
Windows XP SP2 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Brunson Sent: Monday, December 18, 2006 2:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Strange Lock Out Issue What client OS? From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Monday, December 18, 2006 1:35 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Strange Lock Out Issue I have a user, who is not logged in anywhere else, and while surfing the web or access a program is getting locked out of her account for no reason. I have checked the logs on all three domain controllers and nothing is showing a failed logon attempt or bad password. It doesn't even show when the account got locked. Any ideas on how to rectify this? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
RE: [ActiveDir] Strange Lock Out Issue
That is just the thing, no event IDs exist for the account lockout on any DC even though I have Auditing turned on. This is why it is a strange lockout. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Monday, December 18, 2006 3:39 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Strange Lock Out Issue Eventcombmt the DCs for whatever the lockout ID is also works. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Monday, December 18, 2006 2:50 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Strange Lock Out Issue Download the Account Lockout and Management Tools from Microsoft. More specifically, from the downloaded EXE, extract the LockoutStatus.EXE file and use it to query for the user account that is having issues. It will tell you how many bad password attempts have been made, what time/date the lockout occurred, and on what DC. Furthermore, you can directly manage the Domain Controller from the tool and pull up the event viewer to look for the security entry pointing you to the source of the bad credentials. It's always worked like a charm for me when dealing with issues like these. Good luck, ~Ben From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Monday, December 18, 2006 11:35 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Strange Lock Out Issue I have a user, who is not logged in anywhere else, and while surfing the web or access a program is getting locked out of her account for no reason. I have checked the logs on all three domain controllers and nothing is showing a failed logon attempt or bad password. It doesn't even show when the account got locked. Any ideas on how to rectify this? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
[ActiveDir] Strange Lock Out Issue
I have a user, who is not logged in anywhere else, and while surfing the web or access a program is getting locked out of her account for no reason. I have checked the logs on all three domain controllers and nothing is showing a failed logon attempt or bad password. It doesn't even show when the account got locked. Any ideas on how to rectify this? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
RE: [ActiveDir] Creating WMI Filters
The problem is not that the WMI script does not work, it is that I can not even CREATE one from my desktop. When I right click on the WMI Filters section in GPMC and click on NEW or IMPORT I get a Generic Failure message box and that is it Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alain Lissoir Sent: Wednesday, November 08, 2006 2:37 PM To: ActiveDir@mail.activedir.org Cc: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Creating WMI Filters 1/ Can we see the WMI filter? :) That will help ... 2/ Have you run WMIDiag on your XP SP2 machine to asses the WMI state? WMIDiag usage: http://www.microsoft.com/technet/scriptcenter/topics/help/wmidiag.mspx WMIDiag FAQ: http://blogs.msdn.com/wmi/archive/2006/05/12/596266.aspx WMIDiag Download: http://www.microsoft.com/downloads/details.aspx?FamilyID=d7ba3cd6-18d1-4d05-b11e-4c64192ae97dDisplayLang=en WMIDiag webcast: http://msevents.microsoft.com/CUI/EventDetail.aspx?EventID=1032290320Culture=en-US WMI Troubleshooting: http://www.microsoft.com/technet/scriptcenter/topics/help/wmi.mspx From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Wednesday, November 08, 2006 10:35 AM To: ActiveDir@mail.activedir.org Cc: [EMAIL PROTECTED] Subject: [ActiveDir] Creating WMI Filters On my Windows XP SP2 workstation I get a Generic Failure when I try to create or import a WMI Filter. On my Windows 2003 SP1 Domain Controller I am able to create the filter. What could be stopping me from being able to on my XP workstation. I cant find anything on the web about this. Thanks Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] Creating WMI Filters
On my Windows XP SP2 workstation I get a Generic Failure when I try to create or import a WMI Filter. On my Windows 2003 SP1 Domain Controller I am able to create the filter. What could be stopping me from being able to on my XP workstation. I cant find anything on the web about this. Thanks Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] Netlogon and SYSVOL after Restore
We have restored a Domain Controller and on reboot we noticed that the Netlogon, and the SYSVOL folders exists but are not shared. Is this normal, should we share them out ourselves or will it happen automatically? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] DC Restore
I have a server that we had to rebuild and we tried to restore the system state and the computer wont boot saying that there is a disk configuration problem. Can we just rebuild the server and then Just run DCPROMO again using the same name to add it back in or do we have to go into NTDSUTIL and remove the DC First? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] Audit Logs on DC
Is it normal to see a person logging in and out over and over all day long every 90 minutes or so I am getting a bunch of Event ID 540 and 538s over and over for the same user every 90 minutes or so, is this just the Group Policy refreshing? How can I pin point the actual user login and not just a refresh? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] OT: My Docuent not Redirecting
I have a user on a Windows 2000 Pro SP 4 box that used to have his My Documents auto redirected to his user drive, however all of a sudden the computer wont re-direct it. The GPO is fine, he is the owner of his user drive, security is correct on the folder, there are zero errors on the box. Does anyone have any ideas of what else I can try? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] OT: WMA Files
How can I make is to that users are unable to send WMA files to their user drives? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] OT: WMA Files
Thanks, after some more research I came across this as well and decided to implement it Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter Sent: Friday, June 16, 2006 1:54 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: WMA Files R2 gives you the new File Screen templates, which let you allow/deny users saving files of particular file extensions to network drives. You can either create a soft screen that will only log violations, or a hard screen that will actually prevent the user from saving the errant file. It's only based on the .??? file extension, so a savvy user could rename song.wma to song.txt and save it. (But if that behaviour were taking place, I would consider it more of an HR issue than a technical one.) Technet mag did a nice write-up of it in May: http://www.microsoft.com/technet/technetmag/issues/2006/05/GetControl/de fault.aspx On 6/16/06, Salandra, Justin A. [EMAIL PROTECTED] wrote: How can I make is to that users are unable to send WMA files to their user drives? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -- --- Laura E. Hunter Microsoft MVP - Windows Server Networking Author: _Active Directory Consultant's Field Guide_ (http://tinyurl.com/7f8ll) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] Upgrade 2003 to 2003 R2
Can I install R2 without previously installing SP1? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] Windows 2003 R2
Thanks this helps Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Friday, May 26, 2006 1:02 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 R2 is about the Option Packs, the core binaries are Windows Server 2003 SP1. Look over the option packs (ADFS, DFSR, ADAM, UNIX stuff, etc)and if there is something there, then that is why you will want to go in that direction. The coolest thing in R2 in terms of AD, IMO, is the inclusion of ADAM in the base media and the new and improved AD tools in the ADAM installation (you can also get those in the ADAM SP1 installation as well). If you have any up and coming schema mods I would look at incorporating the R2 bits then so if you end up building R2 DCs later you don't need to schedule something special, also some of the option packs need some of that info. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, May 26, 2006 12:04 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows 2003 R2 Did R2 make any changes to Active Directory and its supporting services? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] Windows 2003 R2
I meant active directory itself. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bernard, Aric Sent: Friday, May 26, 2006 12:13 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2003 R2 Eryes? Can you be more specific? A reason behind your question could make for a better answer DFSR PMC FSM SRM MMC3.0 ADAM ADFS Enhanced subsystem for UNIX/NIS/Password sync CLFS Integrated SAN LUN management .NET Framework 2.0 WSS SP2 Some of which do require changes to the schema. Some or all of which could be considered supporting. Some of which are available outside of the R2 release itself. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, May 26, 2006 9:04 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows 2003 R2 Did R2 make any changes to Active Directory and its supporting services? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] Windows 2003 R2
Did R2 make any changes to Active Directory and its supporting services? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] WSUS Question
The SelfUpdate Tree is not working. Clients may not be able to update to the latest WUA client software and communicate with the WSUS Server. Any one have any ideas? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
Increasing the packet size worked. I already had PTR record on my DNS Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Johnston Sent: Saturday, April 29, 2006 5:17 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo Justin, Well, maybe. I've had the edns0 problem in the past with a couple of clients. But, more likely, it's one of the recent problems I've had with clients of mine sending to AOL: 1) As of a couple of months ago, AOL no longer accepts mail from servers that do not have PTR records defined. 2) AOL has its own internal scanning mechanisms to try to identify and block domains and/or subnets attempting to spew spam to AOL subscribers. Even though a particular domain/subnet may not appear on any RBL lists, AOL could still be blocking it. To determine which it is, telnet to port 25 on one of the AOL SMTP servers and try to manually send a message to a valid AOL address. Make sure you do this from the actual Exchange server on which the AOL queues are filling up. The error message you will receive from the AOL server will include a link to a website that will explain the reason why AOL will not accept a connection from you. In my most recent case, my client switched ISP's and, by chance, received a set of IP addresses that had been blocked by AOL for a long time. AOL tech support was TOTALLY unresponsive and it took me about 6 weeks and many, many phone calls to AOL to finally get the subnet removed from their blocking lists. Be prepared for a lot of pain dealing with AOL on this. As soon as you determine the problem, please let us know so I can bill Michael for $0.25. :-) Steve --- Michael B. Smith [EMAIL PROTECTED] wrote: Ah yes, now that I see the original message - I bet a quarter it is the edns0 issue with a PIX firewall running a relatively old version of PIX/os. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 28, 2006 4:37 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] FW: Sending mail to AOL and Yahoo Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] From: Salandra, Justin A. Sent: Friday, April 28, 2006 4:16 PM To: [EMAIL PROTECTED] Subject: Sending mail to AOL and Yahoo Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. All other mail flow is working correctly. I have restarted the SMTP service twice and have turned on logging and nothing is showing. Just the same message in the event logs once logging was turned on, remote server did not respond to the connection attempt. Any ideas Exchange 2003, Windows 2003 no service packs. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
Thanks these are great. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Saturday, April 29, 2006 9:52 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo Actually, it's probably 512 bytes to 1024 bytes. Take a look at edns0, assuming you are running Windows Server 2003. http://support.microsoft.com/kb/832223/en-us And http://support.microsoft.com/kb/828263/en-us And http://support.microsoft.com/kb/828731/en-us (I've asked for these three KBs to be consolidated. Since they aren't Exchange related, my request is probably very low on the list.) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Saturday, April 29, 2006 12:33 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo You are not going to believe this, but the fix to this was to increase the DNS packet size on my pix firewall from 512 K to 1024 K. Once I did that all traffic started to go through for AOL and Yahoo. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Saturday, April 29, 2006 12:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo Thanks it was 4.4.7. If the problem is with AOL and Yahoo then there is nothing that I can do right? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Friday, April 28, 2006 11:39 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Google Groups: microsoft.public.exchange2000.win2000: http://groups.google.com/group/microsoft.public.exchange2000.win2000/tre e/browse_frm/thread/1ee55b2b2fc6934d/ab6d72896b91151f?rnum=1hl=enq=Exc hange+delay+4.7.7_done=%2Fgroup%2Fmicrosoft.public.exchange2000.win2000 %2Fbrowse_frm%2Fthread%2F1ee55b2b2fc6934d%2Fa964274f0614cbe8%3Flnk%3Dst% 26q%3DExchange+delay+4.7.7%26rnum%3D1%26hl%3Den%26#doc_a964274f0614cbe8 4.7.7 or 4.4.7? https://streif.us/shawn/techie/Explanations%20for%20HTTP%20Server%20Stat us%20Messages.htm Salandra, Justin A. wrote: Also I am getting on the delay notifications a Status of 4.7.7 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Friday, April 28, 2006 10:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo What kind of aggregate mail volume are you doing? I've seen some weird throughput bugs in Scanmail in high volume environments. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 28, 2006 10:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo I have Trend Micro Scan Mail and it is configured the same way it has always been for the past 2 years and only yesterday this started. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frederic Woodbridge, III Sent: Friday, April 28, 2006 5:25 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Do you have any sort of anti-virus scanning your outbound email-- specifically Norton 10--on your server? This could be causing problems with sending emails. The same thing happened to us some time ago and that was the issue. On 4/28/06, Salandra, Justin A. [EMAIL PROTECTED] wrote: [edit] Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. FW List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
That was it From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Saturday, April 29, 2006 9:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo Ah yes, now that I see the original message - I bet a quarter it is the edns0 issue with a PIX firewall running a relatively old version of PIX/os. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 28, 2006 4:37 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] FW: Sending mail to AOL and Yahoo Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] From: Salandra, Justin A. Sent: Friday, April 28, 2006 4:16 PM To: [EMAIL PROTECTED] Subject: Sending mail to AOL and Yahoo Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. All other mail flow is working correctly. I have restarted the SMTP service twice and have turned on logging and nothing is showing. Just the same message in the event logs once logging was turned on, remote server did not respond to the connection attempt. Any ideas Exchange 2003, Windows 2003 no service packs. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] Sites and Services
Can someone please tell me where I can find the Default Query Policy that you can place on to NTDS Connections within sites? I wanted to find out what that does. Thanks Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] OT: Windows Vista - Windows Defender
Will Technet Subcribers get this copy like we did with build 5231 and 5308? Does 5308 have it in it? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith Sent: Friday, April 28, 2006 9:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Windows Vista - Windows Defender Yes. I loaded it two nights ago. Pretty cool. First build Ive found comfortable to use (old POS box no aero). From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Friday, April 28, 2006 12:44 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Windows Vista - Windows Defender I heard its techbeta only Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, April 27, 2006 9:25 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Windows Vista - Windows Defender I just (like an hour ago) loaded Vista 5365 and it is in the Windows Security Center with the firewall, auto updates, and AV whiner. 5365 became available on connect a couple of days ago. It isn't up on MSDN yet. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, April 27, 2006 1:08 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Windows Vista - Windows Defender We are evaluating Windows Vista Beta and are trying to locate the Windows Defender which Microsoft claims is installed by default on Vista, however it is not installed on our beta version and downloading it from the web it says that it is not supported on Vista. Any ideas? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] FW: Sending mail to AOL and Yahoo
Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] From: Salandra, Justin A. Sent: Friday, April 28, 2006 4:16 PM To: [EMAIL PROTECTED] Subject: Sending mail to AOL and Yahoo Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. All other mail flow is working correctly. I have restarted the SMTP service twice and have turned on logging and nothing is showing. Just the same message in the event logs once logging was turned on, remote server did not respond to the connection attempt. Any ideas Exchange 2003, Windows 2003 no service packs. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
I have Trend Micro Scan Mail and it is configured the same way it has always been for the past 2 years and only yesterday this started. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frederic Woodbridge, III Sent: Friday, April 28, 2006 5:25 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Do you have any sort of anti-virus scanning your outbound email--specifically Norton 10--on your server? This could be causing problems with sending emails. The same thing happened to us some time ago and that was the issue. On 4/28/06, Salandra, Justin A. [EMAIL PROTECTED] wrote: [edit] Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. FW List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
I don't understand what you mean by my ISP's smart host? I use a static natted address for my mail server. I know how to create a new SMTP Connector, but why should I have to do this just for AOL and Yahoo all of a sudden? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Friday, April 28, 2006 5:55 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Dynamic IP or you are on a IP blocking range perhaps? Set up a special AOL/Yahoo SMTP connector.. bounce the email through your ISP's smarthost.. those two email address ranges are a pain. Salandra, Justin A. wrote: Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] *From:* Salandra, Justin A. *Sent:* Friday, April 28, 2006 4:16 PM *To:* [EMAIL PROTECTED] *Subject:* Sending mail to AOL and Yahoo Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. All other mail flow is working correctly. I have restarted the SMTP service twice and have turned on logging and nothing is showing. Just the same message in the event logs once logging was turned on, remote server did not respond to the connection attempt. Any ideas Exchange 2003, Windows 2003 no service packs. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
We do a lot of e-mail each day, not sure of specific numbers. But Trend Micro is set to scan all messages and to also scan the SMTP traffic -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Friday, April 28, 2006 10:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo What kind of aggregate mail volume are you doing? I've seen some weird throughput bugs in Scanmail in high volume environments. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 28, 2006 10:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo I have Trend Micro Scan Mail and it is configured the same way it has always been for the past 2 years and only yesterday this started. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frederic Woodbridge, III Sent: Friday, April 28, 2006 5:25 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Do you have any sort of anti-virus scanning your outbound email-- specifically Norton 10--on your server? This could be causing problems with sending emails. The same thing happened to us some time ago and that was the issue. On 4/28/06, Salandra, Justin A. [EMAIL PROTECTED] wrote: [edit] Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. FW List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail- archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
Also I am getting on the delay notifications a Status of 4.7.7 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Friday, April 28, 2006 10:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo What kind of aggregate mail volume are you doing? I've seen some weird throughput bugs in Scanmail in high volume environments. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 28, 2006 10:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo I have Trend Micro Scan Mail and it is configured the same way it has always been for the past 2 years and only yesterday this started. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frederic Woodbridge, III Sent: Friday, April 28, 2006 5:25 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Do you have any sort of anti-virus scanning your outbound email-- specifically Norton 10--on your server? This could be causing problems with sending emails. The same thing happened to us some time ago and that was the issue. On 4/28/06, Salandra, Justin A. [EMAIL PROTECTED] wrote: [edit] Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. FW List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail- archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
I am not on any blacklist. I did a search on 147 known RBLs and I am not listed on any -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Friday, April 28, 2006 10:48 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo If they suddenly see you as a bad IP. Have you checked to see if you are on a SORBs list? Salandra, Justin A. wrote: I don't understand what you mean by my ISP's smart host? I use a static natted address for my mail server. I know how to create a new SMTP Connector, but why should I have to do this just for AOL and Yahoo all of a sudden? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Friday, April 28, 2006 5:55 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Dynamic IP or you are on a IP blocking range perhaps? Set up a special AOL/Yahoo SMTP connector.. bounce the email through your ISP's smarthost.. those two email address ranges are a pain. Salandra, Justin A. wrote: Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] --- - *From:* Salandra, Justin A. *Sent:* Friday, April 28, 2006 4:16 PM *To:* [EMAIL PROTECTED] *Subject:* Sending mail to AOL and Yahoo Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. All other mail flow is working correctly. I have restarted the SMTP service twice and have turned on logging and nothing is showing. Just the same message in the event logs once logging was turned on, remote server did not respond to the connection attempt. Any ideas Exchange 2003, Windows 2003 no service packs. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
Thanks it was 4.4.7. If the problem is with AOL and Yahoo then there is nothing that I can do right? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Friday, April 28, 2006 11:39 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Google Groups: microsoft.public.exchange2000.win2000: http://groups.google.com/group/microsoft.public.exchange2000.win2000/tre e/browse_frm/thread/1ee55b2b2fc6934d/ab6d72896b91151f?rnum=1hl=enq=Exc hange+delay+4.7.7_done=%2Fgroup%2Fmicrosoft.public.exchange2000.win2000 %2Fbrowse_frm%2Fthread%2F1ee55b2b2fc6934d%2Fa964274f0614cbe8%3Flnk%3Dst% 26q%3DExchange+delay+4.7.7%26rnum%3D1%26hl%3Den%26#doc_a964274f0614cbe8 4.7.7 or 4.4.7? https://streif.us/shawn/techie/Explanations%20for%20HTTP%20Server%20Stat us%20Messages.htm Salandra, Justin A. wrote: Also I am getting on the delay notifications a Status of 4.7.7 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Friday, April 28, 2006 10:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo What kind of aggregate mail volume are you doing? I've seen some weird throughput bugs in Scanmail in high volume environments. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 28, 2006 10:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo I have Trend Micro Scan Mail and it is configured the same way it has always been for the past 2 years and only yesterday this started. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frederic Woodbridge, III Sent: Friday, April 28, 2006 5:25 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Do you have any sort of anti-virus scanning your outbound email-- specifically Norton 10--on your server? This could be causing problems with sending emails. The same thing happened to us some time ago and that was the issue. On 4/28/06, Salandra, Justin A. [EMAIL PROTECTED] wrote: [edit] Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. FW List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail- archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] FW: Sending mail to AOL and Yahoo
You are not going to believe this, but the fix to this was to increase the DNS packet size on my pix firewall from 512 K to 1024 K. Once I did that all traffic started to go through for AOL and Yahoo. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Saturday, April 29, 2006 12:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo Thanks it was 4.4.7. If the problem is with AOL and Yahoo then there is nothing that I can do right? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Friday, April 28, 2006 11:39 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Google Groups: microsoft.public.exchange2000.win2000: http://groups.google.com/group/microsoft.public.exchange2000.win2000/tre e/browse_frm/thread/1ee55b2b2fc6934d/ab6d72896b91151f?rnum=1hl=enq=Exc hange+delay+4.7.7_done=%2Fgroup%2Fmicrosoft.public.exchange2000.win2000 %2Fbrowse_frm%2Fthread%2F1ee55b2b2fc6934d%2Fa964274f0614cbe8%3Flnk%3Dst% 26q%3DExchange+delay+4.7.7%26rnum%3D1%26hl%3Den%26#doc_a964274f0614cbe8 4.7.7 or 4.4.7? https://streif.us/shawn/techie/Explanations%20for%20HTTP%20Server%20Stat us%20Messages.htm Salandra, Justin A. wrote: Also I am getting on the delay notifications a Status of 4.7.7 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Friday, April 28, 2006 10:41 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo What kind of aggregate mail volume are you doing? I've seen some weird throughput bugs in Scanmail in high volume environments. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 28, 2006 10:37 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] FW: Sending mail to AOL and Yahoo I have Trend Micro Scan Mail and it is configured the same way it has always been for the past 2 years and only yesterday this started. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frederic Woodbridge, III Sent: Friday, April 28, 2006 5:25 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] FW: Sending mail to AOL and Yahoo Do you have any sort of anti-virus scanning your outbound email-- specifically Norton 10--on your server? This could be causing problems with sending emails. The same thing happened to us some time ago and that was the issue. On 4/28/06, Salandra, Justin A. [EMAIL PROTECTED] wrote: [edit] Is any one else having difficulty in sending mail to AOL and YAHOO. DNS is resolving the MX records for these domains, we can receive mail from these domains, but when we send mail it is just sitting in the queue in the server saying that the remote server did not respond to the connection attempt. FW List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail- archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT: Windows Vista - Windows Defender
We are evaluating Windows Vista Beta and are trying to locate the Windows Defender which Microsoft claims is installed by default on Vista, however it is not installed on our beta version and downloading it from the web it says that it is not supported on Vista. Any ideas? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] OT: Windows Vista - Windows Defender
Build 5321, where can I go to get the latest build? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Thursday, April 27, 2006 1:15 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Windows Vista - Windows Defender Which build? It's on mind in the corner. Control panel.. you should see it in there. Salandra, Justin A. wrote: We are evaluating Windows Vista Beta and are trying to locate the Windows Defender which Microsoft claims is installed by default on Vista, however it is not installed on our beta version and downloading it from the web it says that it is not supported on Vista. Any ideas? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Windows Vista - Windows Defender
I found my Technet DVD from April 2006 and that has an ISO file for 5308 so we will have to install that one. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, April 27, 2006 4:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Windows Vista - Windows Defender Build 5321, where can I go to get the latest build? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Thursday, April 27, 2006 1:15 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Windows Vista - Windows Defender Which build? It's on mind in the corner. Control panel.. you should see it in there. Salandra, Justin A. wrote: We are evaluating Windows Vista Beta and are trying to locate the Windows Defender which Microsoft claims is installed by default on Vista, however it is not installed on our beta version and downloading it from the web it says that it is not supported on Vista. Any ideas? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] issue with R2 upgrade; SFU confusion?
What is the SFU Tools? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Friday, February 17, 2006 2:18 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion? Our MS TAM has indicated this is a known bug! I will keep the group posted as I learn more details. Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Friday, February 17, 2006 10:52 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion? As an update to this thread, we transferred the Schema Master role back to other DC that has the SFU tools installed originally thinking this might get the R2 schema update to work. Wrong! It fails with the same error. I can only imagine we do not have that unique an environment in our testbed and expect others to have the same experience. Luckily, we never put SFU 3.5 on our production systems. We are going to open up a trouble ticket with Microsoft regarding this issue. I would like to hear of others' experiences (success or failure) when trying to install R2 in an environment where SFU 3.5 had been installed. Thanks! Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Thursday, February 16, 2006 9:07 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion? Hi Guido, Thanks for the response! This server is Windows 2003/SP1 with all but the current month's patches. It is the current FSMO role holder. I did some checking this morning and find the SFU 3.5 tools on another DC that could have been the FSMO role holder at the time the SFU schema changes were made. I don't see why that would make any difference, do you? -mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Thursday, February 16, 2006 3:00 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion? Mike - I see you're upgrading from Win2000 AD. Are your sure that you've previously installed SFU 3.5 or was it maybe SFU 2.0 ? The reason I'm asking is that there's a known schema incompatibility with SFU 2.0: check out http://support.microsoft.com/?id=293783 Cannot Upgrade Windows 2000 Server to Windows Server 2003 with Windows Services for UNIX 2.0 Installed CAUSE The upgrade may not work because the attributeSchema 'uid' that is used by Windows 2000 Server for the NIS schema is not compatible with the one that is used by Windows Server 2003. As such your error is likely independent from the changes in the R2 schema - it's actually an incompatibility in the Win2003 base schema (not that this really matters for you; I just want to clarify that the error should be unrelated to R2). As such it's different from Aric's case, who was performing an upgrade from a Win2003 schema to Win2003 R2... /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Donnerstag, 16. Februar 2006 02:53 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion? Hi Aric, No, there were a lot more errors - all seem to be related to SFU attributes. I only copied a small portion to my posting to save bandwidth. Painful = time = headaches 8-( I was expecting this upgrade to be a walk in the park. Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bernard, Aric Sent: Wednesday, February 15, 2006 7:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion? Are these the only two errors you received? I encountered similar errors during beta testing when I implemented R2 in an existing forest - but a lot more than just 2. :) I created a secondary forest and validated that it did not recur. Note that I also had SFU installed in the original forest and the new secondary forest. I was able to clean up the schema in the existing forest exhibiting the errors but it was a fairly painful process of what seemed to be a goose chase. The tasks included disabling objects attributes in the schema and renaming them amongst other things. Fortunately I have not heard of this happening in production...yet. So can these errors be ignored? If I remember correctly ADPrep is actually failing and therefore NO you cannot ignore these errors since ADPREP will nto occur until they are resolved. Regards, Aric -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Wednesday, February 15,
RE: [ActiveDir] R2 and W2K3 SP1
So Windows 2003 R2 is nothing more then Windows 2003 SP1??? Then why release R2 at all? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, February 17, 2006 10:45 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] R2 and W2K3 SP1 R2 CD1 == w2k3 SP1. R2 CD2 == addon components. Does that help? neil -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V Contractor NASIC/SCNA Sent: 17 February 2006 15:34 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] R2 and W2K3 SP1 Hey list, Do you guys/gals know whether it is true that R2 disk 1 is the same as Windows 2003 SP1? I loaded the first disk and it loads exactly and looks exactly like Windows 2003 SP1, except when the license agreement screen comes up, it lists the OS as 2003 R2. In the R2 FAQ page on the Microsoft site, it says that you do not need to upgrade your 2003 servers to R2, you need to only upgrade them to SP1 http://www.microsoft.com/windowsserver2003/R2/R2FAQ.mspx. Is there not a distinct difference in the Kernel of R2 and the Kernel of 2003 SP1? If not, then for the 2003 servers that I already have online, they need only SP1 to be up to standards. R2 Disk 2 seems like the NT4 Option Pack, not another OS release or kernel, but another set of features on a separate disk. Correct me if I am wrong. Nathaniel Bahta GD-NS List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Enable Windows Integrated Authentication through GPO
How does someone enable Windows Integrated Authentication through a Group Policy. You will find this on the Advanced tab of Internet Options. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] OT: Helpdesk Software
Does anyone know of a good Helpdesk Software product that integrates with Active Directory? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] Recommendations for a DOD wipe of a RAID Array?
You should be able to use a product from iolo technologies called Drive Scrubber. This does three different types of wipes 1 single pass 7 passes - DOD level compliance 35 passess -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Wednesday, November 16, 2005 11:10 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Recommendations for a DOD wipe of a RAID Array? Is that all the system erase does to the disks? I thought it did more than trash the onboard raid config. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Wednesday, November 16, 2005 4:43 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Recommendations for a DOD wipe of a RAID Array? Even so, it doesn't wipe. It just resets the RAID configuration. A wipe takes a lot longer than system erase. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Wednesday, November 16, 2005 1:26 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Recommendations for a DOD wipe of a RAID Array? Oh DOD = government DOD. I figured it was some ghost switch. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley [MVP] Sent: Wednesday, November 16, 2005 12:49 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Recommendations for a DOD wipe of a RAID Array? I do work for HP, but not in that division, and I'm pretty sure that System Erase does NOT do a DOD-quality wipe. Ed Crowley MCSE+Internet MVP Freelance E-Mail Philosopher Protecting the world from PSTs and Bricked Backups!T -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Tuesday, November 15, 2005 7:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Recommendations for a DOD wipe of a RAID Array? I don't work for HP, but, I usually find the System Erase utility on the SmartStart disk sufficient. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose Sent: Tuesday, November 15, 2005 9:31 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Recommendations for a DOD wipe of a RAID Array? Greetings, I am trying to use Symantecs Gdisk with a /DODWIPE option to do a security wipe of a Compaq 7000's Raid Array, however using a dos boot disk will not allow me to access the disk array. My work around on this was that I created a 32 bit bootable CD-Rom using Bart's PE and I added the server's 32bit Raid controller driver which now allows me to access the disk array. However since it is running a 32bit OS, gdisk will not work as it is only a 16bit program. When I try and use Symantec's Gdisk32 which will run, the /DODWIPE option is not available. Does anyone know if Symantec has an updated version of GDISK32 that supports a DODWIPE? Does any one have any prefered tools other then GDISK that they can recommend that will work with my Raid Array? Since there are some HP employees on this list, does HP have a recommended tool they provide there customers to use on Proliant servers before decommisioning them? Sincerely, Jose Medeiros ADP | National Account Services ProBusiness Division | Information Services 925.737.7967 | 408-449-6621 CELL MCP+I, MCSE, NT4 MCT www.ntea.net www.tvnug.org www.sfntug.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Windows 2000 Server
No, not at 2 pm when the errors are occuring. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Wednesday, November 16, 2005 10:13 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2000 Server Is a remote backup job taking place at that time? I've seen saturated data connections cause this... ** Charlie Kaiser W2K3 MCSA/MCSE/Security, CCNA Systems Engineer Essex Credit / Brickwalk 510 595 5083 ** -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Wednesday, November 16, 2005 5:43 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows 2000 Server I have a server that I just noticed about every 12 days around the same time each time that the NIC reports that its link is down and then back up and then down and then back up within a 2 minute period and then all is calm for 12 days or so and then it happens again for only 2 minutes. Do you think that it could mean that the NIC could be failing? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Strange Error
I am trying to add a User from my root domain to a Universal Group in a Child Domain. Both the Universal Group and the User have existed in the Forest for months if not years. When I try to add him in, when I click OK I get the following message. The specified user was not found. If the user exists on another domain controller in the enterprise, it may take 15 minutes or more for the user to be replicated to the global catalog. Why am I getting this? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] Windows 2000 Server
I have a server that I just noticed about every 12 days around the same time each time that the NIC reports that its link is down and then back up and then down and then back up within a 2 minute period and then all is calm for 12 days or so and then it happens again for only 2 minutes. Do you think that it could mean that the NIC could be failing? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] Corporate Directory
www.namescape.com has a nice product called rDirectory to accomplish this. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Todd Hofert Sent: Tuesday, November 15, 2005 10:05 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Corporate Directory I would like to use the data stored in Active Directory to generate our corporate phone list. I cannot figure out a way to access that data. Maybe that is by design. Can anyone offer assistance on how that data can be accessed to add to a crystal report or a query or something? Thanks Todd Hofert IT Director Spartan Graphics, Inc. This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this e-mail and destroy any copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.
RE: [ActiveDir] Change Auditor tools
Intrust for Active Directory by quest software -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rascher, Raymond Sent: Tuesday, November 08, 2005 8:52 AM To: 'ActiveDir@mail.activedir.org' Subject: [ActiveDir] Change Auditor tools Hello, I am looking for a software product which can monitor, log and alert when changes are made to Active Directory. If the product could also archive security logs that would be a nice addition as well. If you can suggest some products along with you experiences that would be great. Thanks, Ray List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] trash in active directory
Just delete the CNF one -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, November 10, 2005 1:01 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] trash in active directory Hi every body I am new in this group, and I have a problema, I have a domain with 18 subdomains. (may be that´s crazy) one of my domains admins deleted a user in one of those subdomains, created it, but there a trash in the AD Global catalog. It is in portuguese, but I think the picture bellow can show what is happening. How can I clean that user that is lost in ad? Is there a tool to clean AD database? need your help
RE: [ActiveDir] Exchange server 2003
Is nw10 and nw20 your mailservers? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abdul Sent: Tuesday, November 08, 2005 12:30 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Exchange server 2003 Hi, I have setup exchange 2003 servers on ms and dc. Both connected to internet by cable. I can send and receive e.mail locally/internally. I can also send e.mail to external address. But I can not receive e.mail from external address. Any suggestion Check from dnsreport is as under http://dnsreport.com/tools/dnsreport.ch?domain=eitlink.com I am not sure how to correct the problem mentioned at the end of the report. Thanks Ranga
RE: [ActiveDir] Exchange server 2003
Are you sure that is how you want it configured? You are putting yourself at a greater risk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abdul Sent: Tuesday, November 08, 2005 1:07 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Exchange server 2003 Thanks My server is directly connected to internet through consumer cable No firewall. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Tuesday, November 08, 2005 12:53 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Exchange server 2003 Have you opened tcp25 inbound on your firewall to the Exchange server? You need this for other SMTP servers to communicate with you. If this is a consumer class of cable, it's also possible they shutdown inbound smtp globally in which case you'll have to give them a ring to see if they'll open it for you. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Abdul Sent: Tuesday, November 08, 2005 12:30 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Exchange server 2003 Hi, I have setup exchange 2003 servers on ms and dc. Both connected to internet by cable. I can send and receive e.mail locally/internally. I can also send e.mail to external address. But I can not receive e.mail from external address. Any suggestion Check from dnsreport is as under http://dnsreport.com/tools/dnsreport.ch?domain=eitlink.com I am not sure how to correct the problem mentioned at the end of the report. Thanks Ranga
[ActiveDir] OT: Web Servers
Has anyone been able to figure out how to install multiple products to a single web server? I have noticed that if I want to have MS SUS, SharePoint Services and Microsoft eLearning Library all on the same server, they all want to install to the Default Web Site and I cant get them to work. Besides buying a separate server for each program, how can I get them all on the same webserver? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] OT: Web Servers
My problem is not that SUS is not working, it is that I cannot install all three of these products on the same server. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brahim Bouchaiba Sent: Thursday, November 03, 2005 8:43 AM To: ActiveDir@mail.activedir.org Cc: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Web Servers For MS SUS check this article : http://msmvps.com/athif/articles/67954.aspx ActiveDir@mail.activedir.org on Thursday, November 03, 2005 at 8:36 AM -0500 wrote: Has anyone been able to figure out how to install multiple products to a single web server? I have noticed that if I want to have MS SUS, SharePoint Services and Microsoft eLearning Library all on the same server, they all want to install to the Default Web Site and I can't get them to work. Besides buying a separate server for each program, how can I get them all on the same webserver? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [ mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] Brahim Bouchaiba Information Technology Network Administrator [EMAIL PROTECTED] 6177359720 List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Web Servers
Is it the port that makes the difference? What about the permissions that each of these programs make on the Default Website? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Active Directory Sent: Thursday, November 03, 2005 8:58 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Web Servers Justin: I know WSUS allows the use of a different port when installing. I am not sure about the others? Rick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, November 03, 2005 7:52 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Web Servers My problem is not that SUS is not working, it is that I cannot install all three of these products on the same server. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brahim Bouchaiba Sent: Thursday, November 03, 2005 8:43 AM To: ActiveDir@mail.activedir.org Cc: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Web Servers For MS SUS check this article : http://msmvps.com/athif/articles/67954.aspx ActiveDir@mail.activedir.org on Thursday, November 03, 2005 at 8:36 AM -0500 wrote: Has anyone been able to figure out how to install multiple products to a single web server? I have noticed that if I want to have MS SUS, SharePoint Services and Microsoft eLearning Library all on the same server, they all want to install to the Default Web Site and I can't get them to work. Besides buying a separate server for each program, how can I get them all on the same webserver? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [ mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] Brahim Bouchaiba Information Technology Network Administrator [EMAIL PROTECTED] 6177359720 List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Web Servers
I could install WSUS and elearning on the same box though and not have to worry about it? If I change the port for WSUS or SUS will that have a negative affect on my clients? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, November 03, 2005 9:09 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Web Servers Its likely Sharepoint thats messing things up for you. You can do a couple of things: De-extend the default website in the sharepoint site settings Exclude all of the WSUS and elearning paths from the managed paths setting in the WSS site (likely whats happening is WSS is trapping the requests). Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, November 03, 2005 8:37 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Web Servers Has anyone been able to figure out how to install multiple products to a single web server? I have noticed that if I want to have MS SUS, SharePoint Services and Microsoft eLearning Library all on the same server, they all want to install to the Default Web Site and I cant get them to work. Besides buying a separate server for each program, how can I get them all on the same webserver? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] OT: Are MS Sharepoint CAL's good for multiple portals?
If you are using SharePoint Services, do you need to buy SharePoint CALS? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Tuesday, October 25, 2005 6:46 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Are MS Sharepoint CAL's good for multiple portals? Right, but the extranet isn't publicly available. It's only available to a select few clients. We'd rather purchase individual CAL's for the few extranet users at ~$71 each rather than $30K for an unlimited number. The licensing didn't stipulate that the individual CAL's could not be used for external users. The External Connector License option seemed to be geared toward a public sharepoint portal where you don't know how many users might be connecting to it, or would have enough connecting that would make purchasing individual CAL's unrealistic. http://www.microsoft.com/office/sharepoint/howtobuy/default.mspx Regardless, I should clarify.Suppose we have 20 employees, a license for Sharepoint and 30 CAL's. We run an extranet portal for sharepoint, which those employees access, as well as say, 5 clients. Without buying more CAL's, can we run an intranet portal for our employees using that Sharepoint server? Thanks! - Original Message - From: Tim Vander Kooi To: ActiveDir@mail.activedir.org Sent: Tuesday, October 25, 2005 3:27 PM Subject: RE: [ActiveDir] OT: Are MS Sharepoint CAL's good for multiple portals? For your described situation a CAL would not cover both portals. Then again, if you are using it for an Extranet with CALs you are incorrectly licensed as is. An Extranet setup would require an External Connector license, as the people connecting to it are not employees of your company. Using SharePoint Portal Server for an Intranet would require either user or device CALs, justlike Windows Server does. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Tuesday, October 25, 2005 5:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Are MS Sharepoint CAL's good for multiple portals? I tried this question on the Sharepoint Newsgroup with no luck on responses. I'd liketo know if MS Sharepoint CAL's will cover multiple portals on sharepoint. We are thinking of using sharepoint for our company intranet (we already use it for an extranet) andwant to make sure we are covered if we go that route. Does anyone know?
RE: [ActiveDir] Server Monitoring
Whats Up Gold -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of John Parker Sent: Monday, October 17, 2005 9:34 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Server Monitoring Hello all... We are searching for a tool that will monitor server uptime and send out an alert when a server goes down. Anyone have a suggestion? Does not have to be too complicated. Everything is Win2K AD fully spacked. Thank you in advance. John Parker, MCSE IS Admin. Senior Technical Specialist Alpha Display Systems. Alpha Video 7711 Computer Ave. Edina, MN. 55435 952-896-9898 Local 800-388-0008 Watts 952-896-9899 Fax 612-804-8769 Cell 952-841-3327 Direct [EMAIL PROTECTED] Be excellent to each other ---End of Line--- -Original Message- From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [mailto:[EMAIL PROTECTED] Sent: Sunday, October 16, 2005 9:49 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Knowing when users were deleted. I give carte blanche to folks to wack me upside the head if I get too annoying. :-) Rick Kingslan wrote: Susan, Really - I know you too well. You're not going to lurk. Get in the game. It appears most folks want to hear what you have to say from the Small Business arena. And, if it broadens the message of managing and maintaining the systems - it's good for all. Just please - stop convincing yourself you're lurking You're aren't! You're too valuable to do so... :o) Rick [msft] -- Posting is provided AS IS, and confers no rights or warranties ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Sunday, October 16, 2005 9:02 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Knowing when users were deleted. sorry .. I know...I know...lurk..lurk The consultant crowd who can't handle 300 SBS boxes hitting their inbox at 6 a.m have asked for a dashboard. I can handle a daily email they can't. At a NTuser group meeting I was at ...some of the dashboard tools in Linux were discussed. Nagios in particular was one they used for monitoring. Monitoring -- MRTG: The Multi Router Traffic Grapher: http://mrtg.hdl.com/mrtg.html Graphical console for Snort - Analysis Console for Intrusion Databases (ACID): http://acidlab.sourceforge.net/ Intrustion detection - Snort.org: http://www.snort.org/ Monitoring - Nagios: Home: http://www.nagios.org/ Traffic probe - ntop - network top: http://www.ntop.org/head.html Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote: Yup information overload 'is' a problem. And then after the scale its... okay what the heck is the server trying to tell me? I'm still a fan of www.eventid.net over microsoft.com's click here. Rick Kingslan wrote: And, as you know that does work well in SBSland. However, when the scale grows, so do the requirements. IN the Medium to Enterprise space, the idea is more along the lines of a system or series of systems pumping this type of information into paging and making intelligent decisions based on the audit, event, alerts, services, etc. Which, is right where MOM 2005 drops into the picture. If it _IS_ the event aggregator, or if it's pushing up to a bigger overall item such as HP OpenView - that data is available. It's just that instead of getting an e-mail per server (most admins would just begin to create a rule to send these to DEV/NUL after a while...) MOM collects, enforces and reports this same type of information. Scale makes the problem much tougher, as I'm sure you can imagine Rick [msft] -- Posting is provided AS IS, and confers no rights or warranties ... -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Sunday, October 16, 2005 8:33 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Knowing when users were deleted. here she goes again.. I know ... I'm terrible at lurking In SBSland we have a daily monitoring email [well ... I send it daily anyway, but it's configurable] and it looks at the event logs and tells daily health status of my server. Like today my email tells me my server has been running for 6 hours [just rebooted it last night] and it gives me an overview if auto services are not running, critical alerts and critical errors in the event logs. It tells me memory/disk size, cpu use, top processes, if the backup ran, and aggregates the alerts from all the log files. It's a health mon that dumps it's data into a msde database and builds the email to be sent internally or externally. What it does now, is only pulls data from the one box, the SBS box. but I can go into health mon and build my own monitors and grab those event logs from other machines [need to so that just haven't gotten around to it]. Right now if someone [usually me] fat
[ActiveDir] DFS using a Hidden Share
Is it possible to create a DFS Root that is hidden using the $ symbol in the name \\domainname.org\dfsroot$ Thanks Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
[ActiveDir] Adding Helpdesk Group to Local Admin Group
How would I utilize Restriced Groups in a GPO to add in a Helpdesk Group that I have for my helpdesk staff to have administrative rights on a local PC with out having to touch each PC and without screwing up the local admin group? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] Adding Helpdesk Group to Local Admin Group
Title: Message That does not accomplish what I wanted to do. I want to helpdesk group to be a member of the local administrators group on a local PC and I want to do it without having to go to each PC. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of CHIANESE, DAVID Sent: Thursday, October 13, 2005 11:49 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Adding Helpdesk Group to Local Admin Group Open up the GPO properties and in the security tab add the Helpdesk group. Give them read and apply group policy for that policy. remove apply group policy from any other group you do not want to get the policy, I.E. Authenticated Users. Regards, David Chianese -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, October 13, 2005 11:12 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Adding Helpdesk Group to Local Admin Group How would I utilize Restriced Groups in a GPO to add in a Helpdesk Group that I have for my helpdesk staff to have administrative rights on a local PC with out having to touch each PC and without screwing up the local admin group? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] Adding users to local Admin group
Title: Adding users to local Admin group I am concerned about the local PCs not the Servers -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Thursday, October 13, 2005 11:51 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Adding users to local Admin group One of the processes we use for servers is to create a global security group in AD that identifies accounts to be used for administering a particular computer, say ServerName_admins. That group is then added to the local ServerName\administrators group. hth, Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jake Stabl Sent: Thursday, October 13, 2005 9:16 AM To: ActiveDir@mail.activedir.org; [EMAIL PROTECTED]; techcoords@listserv.osn.state.oh.us Subject: [ActiveDir] Adding users to local Admin group I am using Active Directory and I need to know how to add certain people to the local admin group only on certain computers. I know I can do this under restricted groups but that makes thoses users local admin on all machines they log into. Specificly I have a cisco class I need to give admin rights to but only on those computers they use. Any one have a suggestion? -- Jacob Stabl Network Engineer Plain Local School District http://www.plainlocal.org Office: 330.492.3500 Cell : 330.704.1278 IP Phone: 4466
[ActiveDir] Exchange Backup
Can anyone recommend some Disk-Based Backup Hardware that would work well with Backup Exec? Also, this is going to sound dumb, but can iSCSI NICs be used in everyday network communications as well as communicating with a iSCSI Disk-based Backup? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] Group Policy processing aborted
I used to have this problem on XP machines, and I still do on occasion. I tried this fix and it did not work. I found that If I upgraded from XP SP1 to XP SP2 the problem went away. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia Sent: Thursday, September 29, 2005 4:48 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Group Policy processing aborted Could be a network stack timing issue. The KB article below applies to Win2K and XP but doesn't say whether it explicitly is supported in 2K3. However, it might be worth trying since this problem is common and this registry hack can help in some of these cases. http://support.microsoft.com/default.aspx?scid=kb;en-us;840669 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Lilianstrom Sent: Thursday, September 29, 2005 12:45 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Group Policy processing aborted Hi, I've got a interesting problem with a couple of new servers. (3 supermicro X6DHT and 1 Dell PE2850). Windows Server 2003 sp1 (supermicro's from their OEM cd, the dell from our volume license cd). Fresh install off the CD. On the network and added to the domain. Added to the proper computer group so my GPO will apply and rebooted. When it comes up I get errors like the following: Event Type: Error Event Source: Userenv Event Category: None Event ID: 1053 Date: 9/29/2005 Time: 2:12:15 PM User: NT AUTHORITY\SYSTEM Computer: X Description: Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Everything I've read points to DNS issues but the dns entry is ok. Same with SPN and dnshostname attribute in AD. It does appear that all the proper GPOs get applied but this error bothers me. Any ideas? al -- Al Lilianstrom CD/CSS/CSI [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] IE Issue
I have a user on a Windows 2000 machine that was just built that is getting an error message when she opens up IE that she doesnt have authority to run the internet connection wizard. Normally I dont get this as all my IE setting are configured through GPO. What do you think could be happening? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED]
RE: [ActiveDir] IE Issue
Title: Message If it is disabled, then the computer should not try to start the wizard. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Za VueSent: Wednesday, September 28, 2005 3:43 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] IE IssueUsually when the Connection Wizard is disabled in GPO this will occur.-Z.V.Salandra, Justin A. wrote: I have a user on a Windows 2000 machine that was just built that is getting an error message when she opens up IE that she doesnt have authority to run the internet connection wizard. Normally I dont get this as all my IE setting are configured through GPO. What do you think could be happening? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] REPOST DFS Permissions
Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Thursday, September 15, 2005 4:15 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] REPOST DFS Permissions I see you've still not received a reply... yep - the described solution should work fine. I assume you want to use nested groups to grant admins from different domains to add users from their domain. Otherwise you could also use a single UG to reach your goal and manage this group centrally. The reason you can't use DLGs is quite simple: their scope is _local_ to the domain they're hosted in. While you can actually use them to grant rights to the FS (and they'll also be replicated), they are not valid on any of the DFS link-targets outside of the originating domain. Compare this with permissions on AD objects in a multi-domain forest using local groups = they also don't work on GCs in other domains... (there was a recent discussion about this on this list) /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Mittwoch, 14. September 2005 19:01 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] REPOST DFS Permissions Since I did not get any responses, I thought I might repost this message If I am using a DFS share that has copies of that share between child domains am I not able to use Domain Local Groups in conjunction with Global and Universal groups to grant permissions? I noticed that I cannot choose Domain Local groups from the list. Here is what I am trying to do DFSshare Servers participating in share are: serverA.parent ServerB.child1.parent ServerC.child2.parent ServerD.child3.parent Users in Parent, Child1, Child2 and Child3 all need to be able to access and potentially edit files. How would you recommend that I setup the permissions? I was thinking Parent DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent DFS Share Workgroup Universal - Granted rights to files and folders Child 1 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent Child 2 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent Child 3 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent I could use this same methodology to grant permissions to different kinds of users and folders as needed. What do you think Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] REPOST DFS Permissions
Since I did not get any responses, I thought I might repost this message If I am using a DFS share that has copies of that share between child domains am I not able to use Domain Local Groups in conjunction with Global and Universal groups to grant permissions? I noticed that I cannot choose Domain Local groups from the list. Here is what I am trying to do DFSshare Servers participating in share are: serverA.parent ServerB.child1.parent ServerC.child2.parent ServerD.child3.parent Users in Parent, Child1, Child2 and Child3 all need to be able to access and potentially edit files. How would you recommend that I setup the permissions? I was thinking Parent DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent DFS Share Workgroup Universal - Granted rights to files and folders Child 1 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent Child 2 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent Child 3 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent I could use this same methodology to grant permissions to different kinds of users and folders as needed. What do you think Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Printers
I have an HP 2430 and an HP 9050 in my environment. I just got them and installed them on my server and shared them out. When I go to a local workstation and login as a regular user, go to START, RUN and type in the UNC path of the server to install the network printer on the workstation I am unable to print and get the following error message when I go to the properties of that printer. Older printers have worked fine like this in the past. Function address 0x4f56a0bd caused a protection fault. (exception code 0xc005) Some or all property pages may not be displayed. Has any one seen this and fixed it? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Printers
We figured it out, please see http://support.microsoft.com/default.aspx?scid=kb;en-us;873396sd=rssspid=3221 http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=847543 We ended up configuring Group Policy to grant modify rights to the directory listed in this article. We got the hotfix from MS but it did not work. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Jessop Sent: Friday, September 09, 2005 12:34 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Printers Sounds like a driver problem to me as the driver runs in kernel mode and is almost certainly causing this protection fault. I would check the version of the driver on the server and then look for a newer one at HP. If that doesn't fix it substitute a PS driver for the PCL driver (or viceversa). Regards Peter Jessop
RE: [ActiveDir] Printers
yes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of DeStefano, Dan Sent: Friday, September 09, 2005 11:41 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Printers Does it work when logged onto the PC as an admin? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, September 09, 2005 10:03 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Printers I have an HP 2430 and an HP 9050 in my environment. I just got them and installed them on my server and shared them out. When I go to a local workstation and login as a regular user, go to START, RUN and type in the UNC path of the server to install the network printer on the workstation I am unable to print and get the following error message when I go to the properties of that printer. Older printers have worked fine like this in the past. Function address 0x4f56a0bd caused a protection fault. (exception code 0xc005) Some or all property pages may not be displayed. Has any one seen this and fixed it? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ NOTICE: The information contained in this transmission is privileged, confidential, and intended only for the use of the individual or entity named above. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or the taking of any action in reliance on the contents of this transmission is strictly prohibited. If you have received this transmission in error, please notify Eze Castle Integration, Inc. by e-mail and destroy the original message and all copies. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] DFS Permissions
If I am using a DFS share that has copies of that share between child domains am I not able to use Domain Local Groups in conjunction with Global and Universal groups to grant permissions? I noticed that I cannot choose Domain Local groups from the list. Here is what I am trying to do DFSshare Servers participating in share are: serverA.parent ServerB.child1.parent ServerC.child2.parent ServerD.child3.parent Users in Parent, Child1, Child2 and Child3 all need to be able to access and potentially edit files. How would you recommend that I setup the permissions? I was thinking Parent DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent DFS Share Workgroup Universal - Granted rights to files and folders Child 1 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent Child 2 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent Child 3 DFS Share Workgroup Global - Member of DFS Share Workgroup Universal in Parent I could use this same methodology to grant permissions to different kinds of users and folders as needed. What do you think Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Migrate Computers using ADMT
If I was to use the ADMT to migrate a workstation, would the wizard actually change the domain membership of the workstations if I used the ADMT v2 to migrate a workstation from child1.parent.com to parent.com? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Migrate Computers using ADMT
So technically I dont need to have a tech go to that computer and physically change domains? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Phil Renouf Sent: Tuesday, September 06, 2005 1:42 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Migrate Computers using ADMT Short answer: Yes. ADMT needs the PC's to be on the network when this happens so that it can launch a process on the workstation to translate profiles etc. Phil On 9/6/05, Salandra, Justin A. [EMAIL PROTECTED] wrote: If I was to use the ADMT to migrate a workstation, would the wizard actually change the domain membership of the workstations if I used the ADMT v2 to migrate a workstation from child1.parent.com to parent.com? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Rename User Accounts
Windows 2003 no Service Pack but updated security patches is what the member server is. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Tuesday, August 30, 2005 6:12 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Rename User Accounts I don't think that solves Justin's original issue of the member server not updating the name it displays in the ACL list. Not sure I've seen that before. And you can recreate that all the time? What version is the member server? Patch level, third party apps, etc? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Tuesday, August 30, 2005 4:47 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Rename User Accounts When I rename accounts here, I change FirstName, LastName, FullName, EmailAddress, mailNickName, samAccountName, userPrincipalName and clear the values for proxyaddresses and legacyExchangeDN and simply let them be regenerated. joe's[1] stated several times not to change the legacyExchangeDN because it will break the ability for people to reply to old Exchange messages and various other Exchange functions like meeting attendees and delegates. There may be other reasons, but those are the ones I'm aware of. However, my philosophy is when somebody changes their name, replying to an old email of theirs *should* fail since the reply is to the old name. In addition, if LEDN isn't reset, the old name shows up in the To: line in Outlook causing at least one lady here to complain that her maiden name was still in the system. It may be that we're in a small enough environment or that we don't leverage exchange enough [2] to have these issues be a major problem, but for several years now, this has worked well for us. One other thing I do (instead of creating an additional SMTP proxy address) is create a distribution group with the same name as the former username and add the new username to the group. All these groups are in a single OU. This allows me to see all the additional addresses for renamed users in one spot and allows for emails sent from offsite to the old address to temporarily work until the user lets me know that they're not getting anymore mails to the old name. [1] I hope the lowercase 'j' is appreciated since Outlook sure didn't like the beginning of the sentence not being capitalized. [2] I'm sure we're just waiting for them to straighten out the AD/Exchange permissions scheme. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Tuesday, August 30, 2005 3:01 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Rename User Accounts The samaccount name was also changed but it still doesn't work. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Tuesday, August 30, 2005 1:28 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Rename User Accounts You say you renamed the account. Did you also change the samaccount name (Windows 2000 login name?) Can the user now logon with domain\evasquez ? Or does it still require domain\jvasquez? Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Tuesday, August 30, 2005 1:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Rename User Accounts I have a Windows 2000 Active Directory forest, Exchange 2003 and when I try to rename a user account I am able to. I can successfully rename the account and username, but when it comes to the users home directory, I cannot get the name the appears on the ACL of folders to show the correct newly changed name. I have forced replication, I have even removed and added the user account to the ACL of the folder but it will still not say the right name. For Example, Vasquez, Jackie was renamed to Vasquez, Evelyn and the user name was changed from jvasquez to evasquez. When I go to the ACL for a folder, the user is listed as DOMAIN\jvasquez and I cannot get it to change. What could the problem be? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http
[ActiveDir] Rename User Accounts
I have a Windows 2000 Active Directory forest, Exchange 2003 and when I try to rename a user account I am able to. I can successfully rename the account and username, but when it comes to the users home directory, I cannot get the name the appears on the ACL of folders to show the correct newly changed name. I have forced replication, I have even removed and added the user account to the ACL of the folder but it will still not say the right name. For Example, Vasquez, Jackie was renamed to Vasquez, Evelyn and the user name was changed from jvasquez to evasquez. When I go to the ACL for a folder, the user is listed as DOMAIN\jvasquez and I cannot get it to change. What could the problem be? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Rename User Accounts
I could have sworn I did that. I have since deleted the recreated the account. I will look on the next time. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Tuesday, August 30, 2005 1:28 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Rename User Accounts You say you renamed the account. Did you also change the samaccount name (Windows 2000 login name?) Can the user now logon with domain\evasquez ? Or does it still require domain\jvasquez? Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Tuesday, August 30, 2005 1:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Rename User Accounts I have a Windows 2000 Active Directory forest, Exchange 2003 and when I try to rename a user account I am able to. I can successfully rename the account and username, but when it comes to the users home directory, I cannot get the name the appears on the ACL of folders to show the correct newly changed name. I have forced replication, I have even removed and added the user account to the ACL of the folder but it will still not say the right name. For Example, Vasquez, Jackie was renamed to Vasquez, Evelyn and the user name was changed from jvasquez to evasquez. When I go to the ACL for a folder, the user is listed as DOMAIN\jvasquez and I cannot get it to change. What could the problem be? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Rename User Accounts
The samaccount name was also changed but it still doesn't work. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick Sent: Tuesday, August 30, 2005 1:28 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Rename User Accounts You say you renamed the account. Did you also change the samaccount name (Windows 2000 login name?) Can the user now logon with domain\evasquez ? Or does it still require domain\jvasquez? Al -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Tuesday, August 30, 2005 1:14 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Rename User Accounts I have a Windows 2000 Active Directory forest, Exchange 2003 and when I try to rename a user account I am able to. I can successfully rename the account and username, but when it comes to the users home directory, I cannot get the name the appears on the ACL of folders to show the correct newly changed name. I have forced replication, I have even removed and added the user account to the ACL of the folder but it will still not say the right name. For Example, Vasquez, Jackie was renamed to Vasquez, Evelyn and the user name was changed from jvasquez to evasquez. When I go to the ACL for a folder, the user is listed as DOMAIN\jvasquez and I cannot get it to change. What could the problem be? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: List Servers
Is imail easy to deploy? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose Sent: Wednesday, August 17, 2005 2:45 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: List Servers Hmm.. Microsoft now offers a tool to do this, however I have never used it. I installed Imail 5 6 by IPSWITCH for the NT Engineering Association and it was an excellent GUI based list server. Mailman and Majordomo are also very popular but are much more difficult to configure unless your profecient in PERL. I believe that the ActiveDir list aslo uses Imail. Sincerely, Jose Medeiros Former Vice President and Postmaster NTEA MCP+I, MCSE, NT4 MCT www.ntea.net www.tvnug.org www.sfntug.org -- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Salandra, Justin A. Sent: Wednesday, August 17, 2005 11:21 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: List Servers Is it possible to utilize Exchange 2003 to setup a list server that internal and external people can use or is it better to just buy a product to do this? Does any one have any opinions? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: List Servers
Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Phillip Partipilo Sent: Wednesday, August 17, 2005 4:29 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: List Servers Imail is so simple and quick, you really won't think you just set up a mail server. I used to run it at a previous job. Recommended. Phillip Partipilo Parametric Solutions Inc. Jupiter, Florida (561) 747-6107 - Original Message - From: Salandra, Justin A. [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Wednesday, August 17, 2005 3:15 PM Subject: RE: [ActiveDir] OT: List Servers Is imail easy to deploy? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose Sent: Wednesday, August 17, 2005 2:45 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: List Servers Hmm.. Microsoft now offers a tool to do this, however I have never used it. I installed Imail 5 6 by IPSWITCH for the NT Engineering Association and it was an excellent GUI based list server. Mailman and Majordomo are also very popular but are much more difficult to configure unless your profecient in PERL. I believe that the ActiveDir list aslo uses Imail. Sincerely, Jose Medeiros Former Vice President and Postmaster NTEA MCP+I, MCSE, NT4 MCT www.ntea.net www.tvnug.org www.sfntug.org -- -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Salandra, Justin A. Sent: Wednesday, August 17, 2005 11:21 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: List Servers Is it possible to utilize Exchange 2003 to setup a list server that internal and external people can use or is it better to just buy a product to do this? Does any one have any opinions? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Single Sing-On IBM AS400
http://www.itjungle.com/fhg/fhg042705-story03.html Has anyone configured this and gotten it to work. If anyone has any documents or links to articles that could help, I would appreciate it. Thanks. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Windows 2000 VPN Server
I have a user using VPN on a Windows XP Box to VPN into a Windows 2000 Server VPN. The user is unable to access resources beyond the VPN server. I had other people that did not have this problem. Any ideas? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Windows 2000 VPN Server
DNS is working. Now the VPN client all of a sudden can access resources. I haven't changed a thing -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Douglas M. Long Sent: Thursday, August 11, 2005 3:48 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Windows 2000 VPN Server DNS? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, August 11, 2005 3:28 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows 2000 VPN Server I have a user using VPN on a Windows XP Box to VPN into a Windows 2000 Server VPN. The user is unable to access resources beyond the VPN server. I had other people that did not have this problem. Any ideas? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Permissions Denied during Offer Remote Assistance
I have a workstation that we had Offer Remote Assistance working, Windows XP SP1, we upgraded the machine to SP 2 and Remote Assistance stopped working. We now get permission denied. We checked permissions and they are fine, our accounts have access to offer assistance. Firewall is not enabled and simple file sharing is not enabled. What is causing this problem, has anyone else had this issue? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT: VP Programming in Access
I need some programming help How do I get this to work, I have a form and when I click a button I want it to place in the date in a date field if there is no date there, if there is a date there then I don't want it to do anythying If Date_Created is null then Date_Created = Date Else End If Thanks in Advance Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT: VB Programming in Access
I need some programming help How do I get this to work, I have a form and when I click a button I want it to place in the date in a date field if there is no date there, if there is a date there then I don't want it to do anythying If Date_Created is null then Date_Created = Date Else End If Thanks in Advance Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] NT 4 Permissions
It has been a while I have had to deal with this, but I am about to migrate another one of my domains and I have a question about NT 4 Share and NTFS Permissions. Is it the same in NT as it is in 2000/2003 that the scenario below is true Root Folder - NTFS Everyone Full Control, Share Permissions Domain Users Read Sub Folder - NTFS Everyone Full Control If user1 trys to save a file into subfolder, they should be denied access to do so since they have a lower permissions level on the share. Is this right? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] NT 4 Permissions
As well as the folders in the in the folders right? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan Sent: Tuesday, August 09, 2005 2:14 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] NT 4 Permissions Correct. Effective permissions for anyone who is a member of Domains Users is READ on the files in the folder. Rick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Tuesday, August 09, 2005 1:00 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] NT 4 Permissions It has been a while I have had to deal with this, but I am about to migrate another one of my domains and I have a question about NT 4 Share and NTFS Permissions. Is it the same in NT as it is in 2000/2003 that the scenario below is true Root Folder - NTFS Everyone Full Control, Share Permissions Domain Users Read Sub Folder - NTFS Everyone Full Control If user1 trys to save a file into subfolder, they should be denied access to do so since they have a lower permissions level on the share. Is this right? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT:Windows Installer Errors
I have two Windows 2000 Pro SP4 computers that when trying to install CA Etrust through GPO fail with warnings that the Windows Installer cannot access the server and that the Windows Installer cannot find registry stuff and so forth. Has any one else ever experienced this? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT:Windows Installer Errors
The Windows Installer service could not be accessed is the error message I am getting in the application log. I have tried http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q315346 with no luck. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, August 04, 2005 4:19 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT:Windows Installer Errors I have two Windows 2000 Pro SP4 computers that when trying to install CA Etrust through GPO fail with warnings that the Windows Installer cannot access the server and that the Windows Installer cannot find registry stuff and so forth. Has any one else ever experienced this? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 646.505.3681 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT Allow users to edit Excel Spreadsheet at the same time
I have a user that insists that her spreadsheet used to allow up to three people to access it and edit it at the same time. Is this possible and if it is how in the world do you configure it? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT Allow users to edit Excel Spreadsheet at the same time
I figured it out, it was sharing the workbook under the TOOLS | SHARE WORKBOOK option. Thanks -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Tuesday, July 26, 2005 1:12 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT Allow users to edit Excel Spreadsheet at the same time I have a user that insists that her spreadsheet used to allow up to three people to access it and edit it at the same time. Is this possible and if it is how in the world do you configure it? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Default Domain
Has anyone tried this? I got it off of another list I am a part of. The default domain name is stored in the DefaultDomainName registry value, but no built-in Group Policy setting to control its value. You can easily create a custom .adm file that will let you configure the default domain for computers that have the GPO applied. To do so, save this code as defaultdomain.adm in the C:\windows\inf folder. CATEGORY Logon Settings KEYNAME SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon POLICY Default Domain PART Default Domain EDITTEXT VALUENAME DefaultDomainName END PART END POLICY END CATEGORY You can then add this template to an existing or new GPO's Computer Configuration section. To do so, select Add/Remove Templates. Click Add and select the defaultdomain.adm file. Because this registry subkey isn't in a standard, managed portion of the registry, you won't see it until you select Filtering under the View menu and clear the Only show policy settings that can be fully managed check box, as the figure at http://list.windowsitpro.com/t?ctl=EA05:2C262 shows. The new policy will be available under Computer Configuration, Administrative Templates, Logon Settings, Default Domain. The policy sets the specified domain on computers that receive the policy, as the figure at http://list.windowsitpro.com/t?ctl=EA08:2C262 shows. During migrations between domains, this policy saves users from having to select a new domain from the drop-down list Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Default Domain
I am actually thinking of using it since I have 7 domains in one forest, if someone from a different domain uses someones computer, on reboot the domain that is selected in the drop down list is the proper domain for that computer. Similar to when my helpdesk people login to the local machine, the user doesn't try to then login to the local machine using their domain username, hence reducing phone calls to the helpdesk. Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: Tuesday, July 19, 2005 5:51 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Default Domain should work just like setting any other registry key on the client. The question is, if you really need it/want it. Most computer migration tools can set that value during the migration of the PC from source to target. But you might very well not want to change this value at the time of the computer-migration = you'll typically want to change it during migration/activation of the user accounts. This is often not done at the same time, so changing the value via GPO with the computer migration could actually be counter-productive. Further, it's not enough if you're implementing a new naming conventions for user-accounts or simply need to change logon-names due to duplicates during a domain-migration that consolidates multiple source domains to one AD domain. In this case you'll no only want to generically update the DefaulDomainName value to help your users, but at the same time you might want to update the DefaultUserName value with the new accountname for the target domain. Hardly doable with a GPO - I typically do this with custom scripts triggered centrally during account activation (quite independently from the computer migration). But nothing goes over edjucating your users about the changes in the infrastructure and specifically those related to their domain logon - otherwise they potentially stare at another machine and wonder why they can't logon to this one, causing an increase in helpdesk calls... /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Dienstag, 19. Juli 2005 22:03 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Default Domain Has anyone tried this? I got it off of another list I am a part of. The default domain name is stored in the DefaultDomainName registry value, but no built-in Group Policy setting to control its value. You can easily create a custom .adm file that will let you configure the default domain for computers that have the GPO applied. To do so, save this code as defaultdomain.adm in the C:\windows\inf folder. CATEGORY Logon Settings KEYNAME SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon POLICY Default Domain PART Default Domain EDITTEXT VALUENAME DefaultDomainName END PART END POLICY END CATEGORY You can then add this template to an existing or new GPO's Computer Configuration section. To do so, select Add/Remove Templates. Click Add and select the defaultdomain.adm file. Because this registry subkey isn't in a standard, managed portion of the registry, you won't see it until you select Filtering under the View menu and clear the Only show policy settings that can be fully managed check box, as the figure at http://list.windowsitpro.com/t?ctl=EA05:2C262 shows. The new policy will be available under Computer Configuration, Administrative Templates, Logon Settings, Default Domain. The policy sets the specified domain on computers that receive the policy, as the figure at http://list.windowsitpro.com/t?ctl=EA08:2C262 shows. During migrations between domains, this policy saves users from having to select a new domain from the drop-down list Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Cannot Contact Domain over External Trust
889030 worked to find out what that someone messed with the WINS IP addresses on the server, once changed all was good. Thanks for the help. -Original Message- From: Jorge de Almeida Pinto [mailto:[EMAIL PROTECTED] Sent: Thursday, June 23, 2005 6:05 PM To: Salandra, Justin A.; '[EMAIL PROTECTED] '; 'ActiveDir@mail.activedir.org '; 'David Cliffe ' Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust check the documents anyway just to be sure the settings mentioned are not the problem #JORGE# -Original Message- From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org; David Cliffe ; [EMAIL PROTECTED] Sent: 6/23/2005 11:40 PM Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust No, I would and am the only one able to do so and I know that I have not changed it. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Thursday, June 23, 2005 5:38 PM To: 'David Cliffe '; '[EMAIL PROTECTED] '; 'ActiveDir@mail.activedir.org ' Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust First I also thought it was the 1Ch record (the one that contains all DCs from a domain) If he can create the trust that means the record is available. Has someone been changing security things on W2K? like restrictanonynous, etc.. see MS-KBQ889030 (Trust between a Windows NT domain and an Active Directory domain cannot be established or it does not work as expected) AND MS-KBQ823659 (Client, service, and program incompatibilities that may occur when you modify security settings and user rights assignments) Cheers, #JORGE# -Original Message- From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: 6/23/2005 11:15 PM Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust This smells like WINS to me. Sorry I can't offer much more, but I would check and double check 1B/1C name registrations and any applicable NetBIOS configs. (IP stack, LMOHSTS, etc...) -DaveC Reuters -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, June 23, 2005 5:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust Nope, this trust worked for weeks if not months and just poof stopped. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Thursday, June 23, 2005 5:00 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust Justin, Are any of the ports required by trusts (http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ TechRef/108124dd-31b1-4c2c-9421-6adbc1ebceca.mspx) blocked? Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, June 23, 2005 3:50 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust No error, just that it says the domain cannot be contacted but I am able to ping the servers and domain controllers in that domain via DNS, WINS and IP -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Thursday, June 23, 2005 3:35 PM To: Salandra, Justin A.; '[EMAIL PROTECTED] '; 'ActiveDir@mail.activedir.org ' Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust what error do you get? #JORGE# -Original Message- From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: 6/23/2005 8:56 PM Subject: [ActiveDir] Cannot Contact Domain over External Trust I have a trust that has been working and all of a sudden with zero errors it has stopped. I have a NT 4 and a 2000 Domain with an external trust setup so that I can grant permissions to groups from the 2000 domain to resources on the NT 4 domain. When I go to the 2000 domain from the NT 4 domain I am not able to see a listing of groups or users. It cannot find the domain. DNS, WINS and the trust are all working and validated. What could be the problem? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http
RE: [ActiveDir] Cannot Contact Domain over External Trust
What is tcpview? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Friday, June 24, 2005 11:57 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust In my company a separate organization maintains the firewalls routers and sometimes they go through and change port/protocol settings with no warning. Looking at this thread, I'm leaning toward a connectivity issue. tcpview is a great tool. Al Maurer Service Manager, Naming and Authentication Services IT | Information Technology Agilent Technologies (719) 590-2639; Telnet 590-2639 http://activedirectory.it.agilent.com -- A good plan today is better than a perfect plan tomorrow. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Salandra, Justin A. Sent: Thursday, June 23, 2005 3:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust Nope, this trust worked for weeks if not months and just poof stopped. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M. Sent: Thursday, June 23, 2005 5:00 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust Justin, Are any of the ports required by trusts (http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ TechRef/108124dd-31b1-4c2c-9421-6adbc1ebceca.mspx) blocked? Mike Thommes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Thursday, June 23, 2005 3:50 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust No error, just that it says the domain cannot be contacted but I am able to ping the servers and domain controllers in that domain via DNS, WINS and IP -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Thursday, June 23, 2005 3:35 PM To: Salandra, Justin A.; '[EMAIL PROTECTED] '; 'ActiveDir@mail.activedir.org ' Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust what error do you get? #JORGE# -Original Message- From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: 6/23/2005 8:56 PM Subject: [ActiveDir] Cannot Contact Domain over External Trust I have a trust that has been working and all of a sudden with zero errors it has stopped. I have a NT 4 and a 2000 Domain with an external trust setup so that I can grant permissions to groups from the 2000 domain to resources on the NT 4 domain. When I go to the 2000 domain from the NT 4 domain I am not able to see a listing of groups or users. It cannot find the domain. DNS, WINS and the trust are all working and validated. What could be the problem? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Cannot Contact Domain over External Trust
I have a trust that has been working and all of a sudden with zero errors it has stopped. I have a NT 4 and a 2000 Domain with an external trust setup so that I can grant permissions to groups from the 2000 domain to resources on the NT 4 domain. When I go to the 2000 domain from the NT 4 domain I am not able to see a listing of groups or users. It cannot find the domain. DNS, WINS and the trust are all working and validated. What could be the problem? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Cannot Contact Domain over External Trust
No error, just that it says the domain cannot be contacted but I am able to ping the servers and domain controllers in that domain via DNS, WINS and IP -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida Pinto Sent: Thursday, June 23, 2005 3:35 PM To: Salandra, Justin A.; '[EMAIL PROTECTED] '; 'ActiveDir@mail.activedir.org ' Subject: RE: [ActiveDir] Cannot Contact Domain over External Trust what error do you get? #JORGE# -Original Message- From: [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: 6/23/2005 8:56 PM Subject: [ActiveDir] Cannot Contact Domain over External Trust I have a trust that has been working and all of a sudden with zero errors it has stopped. I have a NT 4 and a 2000 Domain with an external trust setup so that I can grant permissions to groups from the 2000 domain to resources on the NT 4 domain. When I go to the 2000 domain from the NT 4 domain I am not able to see a listing of groups or users. It cannot find the domain. DNS, WINS and the trust are all working and validated. What could be the problem? Justin A. Salandra MCSE Windows 2000 2003 Network and Technology Services Manager Catholic Healthcare System 212.752.7300 - office 917.455.0110 - cell [EMAIL PROTECTED] List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/