Russ,
For grins can you use your admin credentials for both sides to verify?
If this still fails, a /reset will get the trust stable again.
If this problem continue to happen, you can you trustmon if you are
pre-W2k3.
There is a WMI provider built into W2k3.
Let me know the results.
i would exclude AV, i tried with antivirus
disabled/uninstalled.
thanks
It would more likely be DNS if this were
happening on boot-up. But he says this happens on resumption from a locked
state. More likely to be AV or powersaving issue.
Sincerely,Dèjì Akómöláfé,
Title: LDAP Query Question
1. I would tend to agree that the poerf difference should
be small on this one, that is why I said may or may not get a performance gain,
it really depends on how AD optimizes the query. I would hope it was smart
enough to process the indexed pieces first and then
Hello Brent,
this is very easy to accomblish: you just need to add the inetOrgPerson
class to the objectClass attribute of the user using adsiedit or a script.
Ulf
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brent Westmoreland
Sent: Dienstag, 20.
When attempting the /reset, I got Cannot reset the trust passwords; both
domains must be Windows 2000 domains. Which is correct - the trust is
NT4-Win2k.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of E Brown
Sent: Wednesday, April 21, 2004 1:48 AM
To:
Using pure ldap logic, One would assume that is the case. I guess I
was hoping someone had stumbled across a kb article so that once this
is done in production, I have an endorsed Microsoft methodology to take
to management.
On Apr 21, 2004, at 8:12 AM, Ulf B. Simon-Weidner wrote:
Hello
I have chased Ms on this for an official KB article without success. I
have done this in production without any hassles though on exactly the
same scenario you described: third party kit that like inetorgPerson
better than the user class.
-Original Message-
From: [EMAIL PROTECTED]
My gpo roaming profiles question is- i set up roaming profiles via desktop and
application data folder redirection( i also set the profile in the profile path part
of dsa.msc. i have some downlevel clients as well). I assume this will redirect
Outlook mapi profiles as well so when a user moves
Very well,
I'm off to perl...
Thanks Guys
On Apr 21, 2004, at 9:09 AM, Nicolas Blank wrote:
I have chased Ms on this for an official KB article without success. I
have done this in production without any hassles though on exactly the
same scenario you described: third party kit that like
I have a child domain at SP 4 and everything else is at SP 3, will this
cause a problem with computers not being able to find the domain. I
verified that WINS, DNS and DHCP are all functioning correctly. Other
computers are working, but it appears that some 98, 2000 and XP clients
are starting
This thread has gotten my interest. We had IBM in here a couple of years ago talking
about their LDAP and that Active Directory was inferior because of it's implementation
of the InetOrgUser class instead of InetOrgPerson. We stopped them when we mentioned
our intention of going with .NET
just for kicks
you may want to check in an rsop.there is a setting under computer
configuration/windows settings/security settings/local policies/security
options --- Interactive logon: Require Domain Controller authentication to
unlock workstation.
could be turned on, and for some
First off, just for the sake of terminology, roaming profiles are
different than folder redirection, and you can of course, have both in
action. Folder Redirection means that parts of the profile (e.g. My
Documents) is stored on the server, meaning that you have less of the
profile that needs to
Hi Mike,
Here is an MS blurb from one of their workshops on the InetOrgPerson Class...
What Is the InetOrgPerson Object?
Most non-Microsoft LDAP and X.500 directory services such as Novell eDirectory and
Netscape Directory Server use the InetOrgPerson object class to represent people
within
I have been
asked to evaluate a monitoring solution for AD. The only product I have tested
so far is NetPro's suite, Diagnostics for Active Directory (DAD), which I like. Does anyone have experience using the other solutions
available such as MOM, NetiQs APP Manager for AD, or Quests
ofcourse I'm
biased, but I'd also compare OpenView for Windows with the AD SPI to the rest -
it's pretty powerful and has some awsome features (such as the 3D-View of the AD
topology etc.)
You'll like
this whitepaper, which is generally rather useful to understandwhat you
need to monitor
you can only change the groups on those machines, to which
the GPOs apply. If you apply a restricted groups GPO to an OU and try to
add members to the Ent.Admin. group, you'll fail, as this group is maintained by
the root DCs only. And I would never advise you to use the restricted
groups
OK, thanks
Guido. That helps a lot. Back to the lab!
mc
-Original Message-
From: Grillenmeier, Guido
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, April 21, 2004
2:50 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir]
enterprise-wide accounts
you can only change the
groups
Russ,
Missed the fact that it was a nt4 trust.
Only option is to recreate the trust to reset trust.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ
Sent: Wednesday, April 21, 2004 5:18 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir]
19 matches
Mail list logo