There are white papers regarding the peformance boosts you get on 64
especially in AD that I saw somewhere linked off a blog but I can't find
it now [probably on Brett's blog is where I spotted them]
in the meantime..
Benefits of 64-Bit Computing:
http://www.microsoft.com/windowsservers
Title: Domain Controller Consolidation utilizing Dual Core CPUs
In my opinion the biggest bang for the
buck is consolidation of servers to the 64bit platform assuming of course that
you have a large enough database, greater than 3 GB, and put enough memory in
the servers to cache the entir
Title: Domain Controller Consolidation utilizing Dual Core CPUs
Gentleman,
Does anyone has any information regarding Domain Controller consolidation utilizing Dual Core CPUs?
I have not seen anything reports from microsoft indicating the performance boost gained by utilizing Dual Core tec
We are all "Grasshoppers" compared to the Masters
Joe, Dean, Rick, Deji, Tony, Brett, etc on and on and on ... If I
couldn't lurk I'd be forced to learn some other form of knowledge
retrieval..
- Original Message -
From:
Derek Harris
To: Act
Think of the list software as a cow that chews randomly on the
space/time continuum cud.
Tony
PS. I only opened the original thread because LegalNoticeText looked
like an attribute I'd never heard of. :-(
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of L
Ah, that's the one. The link I found wasn't the KB itself, though,
but another site that had partially quoted it (without the
ever-critical "Applies to the following operating systems" part.)
Thanks for clearing up some momentary confusion, Tony.
(And what's up with the list-serv, man? I'm seei
This one perhaps?
http://support.microsoft.com/default.aspx?kbid=225087
It's more NT-ish.
Tony
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter
Sent: Friday, 14 October 2005 3:32 p.m.
To: ActiveDir@mail.activedir.org
Subject: Re: [Active
Thanks all...I did find that KB, but thought I'd seen another
reference that quoted "255". I can't find it now, though, so will
assume that I was hallucinating. :-)
- L
On 10/13/05, Webster <[EMAIL PROTECTED]> wrote:
> > -Original Message-
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray
> Subject: RE: [ActiveDir] LegalNoticeText maximum value
>
> Laura, you probably found this anyway, but here is specifies 512.
>
> http://support.microsoft.com/?kbid=310430
And from the b
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Laura E. Hunter
> Subject: [ActiveDir] LegalNoticeText maximum value
>
> Forgive me if this is an obvious thing and my Google-fu is just
> failing me, but can someone remind me of the maximum string
Laura, you probably found this anyway, but here is specifies 512.
http://support.microsoft.com/?kbid=310430
Tony
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter
Sent: Friday, 14 October 2005 2:00 p.m.
To: ActiveDir@mail.activedir.org
Sub
Don't take it personally, and don't stop asking questions:
if you ask some good ones, the resulting discussions could help many of
us. I'm 39, been around computers my whole life, and I don't know 10% what
some of these guys know about AD.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Maybe not a csv... but dsquery * w/ a filter will certainly supply the
information you require. By default, it'll generate the information in a table
format.
:m:dsm:cci:mvp marcusoh.blogspot.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Probably because it tends to grant more than print queue rights. We're kind of
torn on this too, granting this right to admins... because of the ability to
remove printers...
:m:dsm:cci:mvp marcusoh.blogspot.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On B
Forgive me if this is an obvious thing and my Google-fu is just
failing me, but can someone remind me of the maximum string length on
this when running 2003? I'm finding conflicting references between
255 and 512 characters.
Thanks all.
- Laura
--
---
Laura E. Hunter
Microso
...at the same time has the questions asked been of benefit to others on
the list? Yes?
I find that when I turn into the 'teacher role' in my own SBS community
I learn a lot more. It makes me stretch when I have to document 'why' I
do the things I do and recommend. I have to google [oh sorr
Well, if I told you we have around 1500 people subscribed in standard
mode and a couple of hundred subscribed in digest mode, would you be
surprised? :-)
I could post the lurker list, but I don't really want spammers to get
hold of it.
Personally, I have no problem with lurkers. And, hey, it's
I think I need to start proof reading my posts before sending them :)
I completely agree that by using a multi-domain forest example they are passively recommending it's use to some people. I think in the next iteration it might be useful to use another example, or perhaps multiple examples to tr
Don't sweat it, I spelled Laimbeer wrong in one of the
posts and I live in the Detroit metro area. If any of my local friends see that
they may come string me up from a tree.
I agree multiple examples would be good
though.
Agreed on the big companies. In one large deployment there
were 5
Am I capable?
Who knows?
I've only been in IT for less than 4 years and I never owned a computer until 6 years ago.
Everything i learned, i learned from screwing around at home,books,websites, and most of all, lists like this.
I haven't lied or fluffed up my resume or past in anyway to employers,
Oh just a joke, I don't think Tony would do it. Though I wouldn't mind Tony
occasionally posting the lurker list, I am curious as to how many people I
am getting mad at me any given day. :o)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Daniel Gilbert
Not to hijack this thread but, I hope lurking remains free.
Dan
> Original Message
> Subject: RE: [ActiveDir] salary(OT)
> From: "joe" <[EMAIL PROTECTED]>
> Date: Thu, October 13, 2005 2:50 pm
> To:
>
>
> I have found that shooting for your contract salary is as good a t
Just a thought for you – Are you really capable of being the lead
engineer in the situation your client and potential employer is in? This list
has been a major question sink for you, and I think several of us have worked
very hard answering all these questions. One thing you might find fro
Yes you need to use a bitwise filter. You can further filter on the
operatingSystem attribute.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Thursday, October 13, 2005 4:44
Its still cool and appreciated.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Thursday, October 13, 2005 10:55 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Documenting AD
I shot this off w/o much forethought, the /d
Yes I am quite an objectionable person. :o)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Derek Harris
Sent: Wednesday, October 12, 2005 7:08 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Schema Updates
At the risk of getting flamed, I
Jorge, we need to introduce you to objectcategory.
;o)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge de
Sent: Thursday, October 13, 2005 6:16 AM
To: ActiveDir@mail.activedir.org; ActiveDir@mail.activedir.org
Subject: RE: [Active
I have found that shooting for your contract salary is as
good a target as any, but expect to miss unless you didn't get a very good
contract rate. I have only seen one case where a company was willing to pay
contract level fees to a FTE and that was back when I first got back into the
indus
I think the problem is that by showing the multi-domain
forest example it is a tacit recommendation of its use to some people. I don't
necessarily agree that people should read it that way but I can see where people
would. Plus many people don't want to start from scratch, they will take what
This has been discussed a few times on the list. You want
to use the memberof feature of group policy. I think it was about 18-24 months
ago that there was a rather long drawn out discussion of this new capability.
joe
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sa
Whats the best utility to find computer objects of a certain OS type(server as
opposed to workstation) AND are NOT disabled and spit them to a csv file?
Do i have to use a bitwise filter on the userAccountControl attrib or is there
a utlitly with a more user friendly way to find non disabled acco
You have to dig into LDAP specification for CN, RDN, DN, Canonical name and their relevance.
As you know, AD is multipurpose database, so different application put
different requirement on same object. Say you kept only CN (as it is
requirement for LDAP) and nothing else,
so in case of authentica
I don't know about generally available but Steve Lineham of MS made it
temporarily available a few months ago to list members based on a
similar thread here , maybe he will do so again if he sees this.
There was also the following suggestion from David Adner- "If you're a
Premier customer ask your
Hi Devon,
Assuming that the client machine is a 2000/XP
domain member, it should sync time on its own [with a local DC] via the w32time
service. Apologies if not a domain member...will have to defer that one to
the VBers then :-)
-DaveC
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTEC
Quotes work. Now I just need to be able
to sync time with my local DC via .vbs.
In my batch file, I have the standard:
net time /domain:mydomain /set /yes >
nul
How would this work in _vbscript_?
-Devon
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behal
Jesper's Blog : Should you worry about password cracking?:
http://blogs.technet.com/jesper_johansson/archive/2005/10/13/410470.aspx
Frequently Asked Questions About Passwords -- TechNet Column - Security
Management - October 2005:
http://www.microsoft.com/technet/community/columns/secmgmt/sm1
I would migrate the users and desktops. That way the users keep their passwords, the users desktop profiles stay the same etc. Using ADMT isn't all that complex and the helpfile provides you with step by step instructions for how to get things configured to allow for migration. Once that is done th
Just to re-iterate this: the BO Guide does not specifically recommend a multi domain forest even for larger organisations. It uses the multi domain forest as an example and specifically states that configuration is just an example and not a recommendation. There is a section in the document on desi
I think you misunderstand me.
i know the diff between the lDAPDisplayName and the display name that you see
in the gui and that ldap,adsi,and all apps use the former.
i was just wondering what the relationship is between how the display name gets
built, its relationship to the name displayed
We had one last year and it was a rather extraordinary experience IMHO.
We learned a lot and picked up a lot of tips and tools from the MCS guys
(Well they were ROSS guys actually) They also did an Exchange Health
Check.
One of the things they leave behind in the tool set besides all the
other goo
whenever I want to map the GUI of ADUC with actual attribute on user,
I just create a test user, and set the specific property on user to something like X
and open the adsiedit.msc for that user and check the attribute list with value X
voila.. you got the mapping.
you can do reverse also,
Title: 64 Bit clustering with HP RX8620 Hardware clarification needed
I have a failed scenario in using a software mirror clustering a Windows 2003 64 bit (ia64) Enterprise Edition server. The RX8620 hardware is on the HCL for clustering, however I cannot tell in what configuration. Our HP
username and password both are of datatype STRING, so you will have to put doublequotes around them,
try this one,
Set objNet = CreateObject("Wscript.Network")
strUser = "IPCUSER"
strPasswd = "Password"
strMapDrive = "I:"
strNetPath = "\\10.1.0.103\DESKTOP_CFG"
bIsPersistent = False
MsgBox "M
Sorry, username and password need to be in
quotes.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon
Sent: Thursday, October 13, 2005
12:04 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
Authenticated drive mapping via .vbs
I seem
Me neither -- that's why I put it in
quotes.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ed Crowley
[MVP]Sent: Wednesday, October 12, 2005 5:48 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Reverse
DNS
I can't fathom why any organization would "have
to".
Note
that my response was directed to the original post Tom.
...
and I'm confused, if you knew the answer already why didn't you simply provide
it?
In
reference to your questions; have you researched this
yourself? This information is readily available. In the time it
would take me t
Return Receipt
Your document:
[ActiveDir] Different Versions of Internet Explorer
was received by:
Brad W Johnson/CORP/GSK
at:
10/13/2005 01:19:01 PM
Title: Message
Heh,
no references needed ... the Queen's English is sufficiently documented
...
--Dean WellsMSEtechnology* Email: dwells@msetechnology.comhttp://msetechnology.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al
MulnickSent: Thursday, October 13, 2005 9:2
Title: Adding users to local Admin group
I
am concerned about the local PC’s not the Servers
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Thommes, Michael M.
Sent: Thursday, October 13, 2005
11:51 AM
To: ActiveDir@mail.activedir.org
Subject:
Title: Message
That does not accomplish what I wanted to
do. I want to helpdesk group to be a member of the local administrators group
on a local PC and I want to do it without having to go to each PC.
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Beh
I seem to getting a syntax error on the comma
or space after the username.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott
Sent: Thursday, October 13, 2005
11:49 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
Authenticated drive mappi
What's the purpose of doing this? Restricted Group is a computer-side policy.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -an
I posted something about this a week or so ago. Please check the archive. You
want to be sure that you use the new "memberof" option in the new "Restricted
Group" policy. That way, nothing is deleted. See my example in the archive.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP -
And you don't want to add the group to the "Print Operators" group on the
Print Server because ..
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worri
What do the SMTP conversation and network traces look like
from their side?
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom
KernSent: Thursday, October 13, 2005 10:03 AMTo:
ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] exchange
confusion(OT)
I disabled ehlo on t
can you send a manual message?
something really doesn't make sense
here.
i'm not a cisco/ipsec/vpn expert. it's a common issue
to see mismatched mtu's, with "large" packets, causing packet drops. mtu can be
set on either side.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behal
Title: Message
I have
to ask. What Dean shows will change the way that new names will get
created. But I'm curious if the original postor knows that by default
you're looking at the users cn vs. the displayname?
Otherwise, I'm confused about the difference between a property sheet and
A
I know that.
Thanks Dean
Just wondering what affects what.
Does changing that affect the creation of the name displayed(not to be confused
with displayName) in ADUC ?
Or just the GAL?
How 'bout the CN?
The CN is created from given name and surname so i assume it is affected by
changing
Title: Message
That won't work, since the restricted groups setting is
under the Computer Config part of the GPO.
Hunter
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of CHIANESE,
DAVIDSent: Thursday, October 13, 2005 9:49 AMTo:
ActiveDir@mail.activedir.orgSubject: RE: [Act
The tool I spoke about in confidence with Tony (just teasing ;o) is an
offering from MCS known as the ADHC or AD Health Check ... it is a nicely
shrink-wrapped series of powerful interrogation scripts/tools that, when
compiled by someone sufficiently trained, produces a very detailed
configuration
Be very wary of this one, I removed Domain Admin from the local admin group on
every computer (including servers) in my domain, fortunately I had changed the
local admin password on all my servers before I did this and I only lost one PC
that didn't have our default PC admin password. I highly a
The problem is that the company name will remain the same as it is now.
Dan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser
Sent: Thursday, October 13, 2005 11:04 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Migra
I disabled ehlo on the smtp connector and i still get a full unreachable queue- "connection was dropped by remote host"
In ethereal, i get "tcp retransmission" and "tcp zero window" during the conversation between my mail server and theirs.
does this point to the IPsec tunnel and mtu?
My side?
The easiest way I’ve found to
do it is have a GPO that runs a batch file on startup.
net localgroup Administrators /ADD
helpdesk
We’ve also written some _vbscript_s
that adds a local account and makes it a member of the administrators
group. We feed the password as a parameter f
Title: Adding users to local Admin group
One
of the processes we use for servers is to create a global security group in AD
that identifies accounts to be used for administering a particular computer,
say “ServerName_admins”. That group is then added to the
local “ServerName\administrator
Title: Message
Open
up the GPO properties and in the security tab add the Helpdesk group. Give
them read and apply group policy for that
policy. remove apply group policy from any other group
you do not want to get the policy, I.E. Authenticated
Users.
Regards,
David
Chianese
1. Run ADSIEDIT.MSC (or equiv.) from the Support Tools (located on
the Windows CD)
2. Expand the Configuration
container
3. Expand cn=DisplaySpecifiers then
cn=409 (assuming this is for US English ... whatever that is ;o)
4. Locate cn=user-Display and bring
up its properties.
5. Locate and e
mismatched on my side or theirs?
I was wrong, its an IPsec tunnel NOT a gre tunnel.
The mtu size on my side is the default for a cisco 2600 router(i think thats the setting of the media being used in the router- etherenet=1500,etc).
Thanks
On 10/13/05, Michael B. Smith <[EMAIL PROTECTED]> wr
How would I utilize Restriced Groups in a GPO to add in a
Helpdesk Group that I have for my helpdesk staff to have administrative rights
on a local PC with out having to touch each PC and without screwing up the
local admin group?
Justin A. Salandra
MCSE Windows 2000 & 2003
Network an
What would be the correct way to convert this batch file to
a .vbs?
Echo Mapping Drive
letter for IPCC Access
if exist i:\ net
use i: /delete
net use i:
\\10.1.0.103\DESKTOP_CFG password /user:ipccuser /PERSISTENT:NO
Devon Harding
Windows Systems E
What we've done successfully in regards to MX records is as follows...
Let's assume you're creating a new company name, so instead of
[EMAIL PROTECTED], you will now be accepting mail for [EMAIL PROTECTED]
Once the mail server is set up and the MX record created, you will be
receiving mail into the
I shot this off w/o much forethought, the /d is fairly AD replication
oriented, and clearly not a complete picture.
People have pointed out lots of other stuff, schema, trusts, etc ... good
thread.
Cheers,
-BrettSh [msft]
This posting is provided "AS IS" with no warranties, and confers no
rights
Honestly, that looks like a mismatched MTU to me. It's
worth checking.
If you turn off EHLO, as someone else suggested, that
should limit the maximum size of the TCP packet rather
dramatically...
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom
KernSent: Thursday, Oct
Title: Adding users to local Admin group
The restricted groups setting falls under the Computer
Config section of the GPO, so it's not going to apply to all machines they log
into. It's only going to apply to the computers that receive the
GPO.
Put the computers that are going to be used in
Hi Jake,
You could use security groups to filter who the GPO can apply to.
Create a Security Group called restricted admins, and place the computers you
need the special rights on. Then only give that security groups rights to
process the GPO.
Hope that helps,
Tim
There is an undocumented switch "/d" in dcdiag that spills out a bunch of
quasi formated output for the forest. Useful for collecting most of the
forest info at once, I've had PSS send me the output, when diagnosing
customer issues.
This is basically debugging (/d) information off the internal v
Gotcha. Now I follow, can't believe it's taken an explanation of the
obvious too. :)
Sorry for being blonde but I'm still catching up from a week off. Boy
can a lot go wrong in a week if you're not there to watch it!
If you've got standard templates you could make a killing selling them
..
thanks.
i don't think they are running mailguard as when i telnet to the server and issue a ehlo, i get all the esmtp verbs including the MS ones.
when i try to issue an "xexch50", the server replies with a "need to authenticate first".
after which i can still happily issue a data or bdat
Title: Adding users to local Admin group
I am using Active Directory and I need to know how to add certain people to the local admin group only on certain computers. I know I can do this under restricted groups but that makes thoses users local admin on all machines they log into. Specificl
Tim,
By 'schema' I was referring to the AD schema. You will need to document
the schema and how it has been changed (new classes, attributes etc
etc).
By 'database' I refer to the database and changes made to it (garbage
collection, tombstone lifetime etc)
Did you include 'recovery'? [One object
Thanks, I'll try that.
Found an MS article about PIX as well-
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q320027&gssnb=1
Thanks again
On 10/13/05, Coleman, Hunter <[EMAIL PROTECTED]> wrote:
IIRC, you have a dedicated SMTP connector for
servername.journaldomain.com or journald
Thanks for the suggestion. As a matter of fact, while reading the ADMT
help file last night I did think it would be easier to proceed as you
suggest - building the new domain and creating the users, then just
exmerge the mailbox data into their accounts. Maybe we would cut over
the MX record on Fr
Try searching for the SMTP fixup http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_security_notice09186a0080265e37.html
On 10/13/05, Tom Kern <[EMAIL PROTECTED]> wrote:
Thanks.
I know there were issues with Cisco's Mailguard feature on a PIX but i can't seem to find any articles
Thanks for the copy of ADMap, Neil. I'll give it a whirl tomorrow and
see what it spits out.
so far I've I think I'm going to cover following areas:
- AD Overview - diagram showing domain and OU structure possibly
even basic site and link info
- Written details of the domain struc
IIRC, you have a dedicated SMTP connector for
servername.journaldomain.com or journaldomain.com. You can try going to the
Advanced tab of this SMTP connector and checking the box to "Send HELO instead
of EHLO," which should drop the extended verb attempts from your
side.
From: [EMAIL PROTE
Thanks.
I know there were issues with Cisco's Mailguard feature on a PIX but i can't seem to find any articles on their website.
Thanks again
On 10/13/05, Al Mulnick <[EMAIL PROTECTED]> wrote:
Actually, there are some known issues with pix and Exchange. You should check the cisco support and
Title: Message
Actually, there are some known issues with pix and Exchange.
You should check the cisco support and kb articles to see if yours is a match,
although I would have thought your journaling company would have figured it out
by now. Similar symptoms.
The
article I sent you had
What could be interesting is just having the information, not how it is
presented. For the documentation of the site and replication topology (and of
course others like OUs structure, members of powerfll groups, etc.) you could
use something like ADFIND. OK, the presentation of it may not be the
You should be able to pull a list of the
installed queue’s from WMI IIRC. Then plug that data into the script
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Frank Abagnale
Sent: 13 October 2005 11:38
To: Active
Subject: [ActiveDir] Subinacl
print queue
Hi
Hi,
I need to grant a security group permissions to every print queue on a Print Server.
I have looked at SUBINACL and I can use this to grant access to each print queue providing I know the name of the queue. e.g,
subinacl /printer \\printsvr1\USATPR001 /grant="WSADMINS"
The issue I have
Also you IP subnets to Site Mappings need to be documented. I.E. a list
of all IP subnets and what site in Active Directory Sites and services
they belong to.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rocky Habeeb
Sent: 12 October 2005 18:27
To: Act
Other important factors in this scenario must be the
physical and logical security of the server housing the DC
role.
1. Will the server be securely locked away in the branches?
If not, do not deploy a DC.
2. Do you trust the file server admins to have physical
access to the server hosting
I have 2 internal DNS's, one on the DMZ zone which hosts the public IPs of the servers we publish (email, website, systems, etc... around 15 IPs) and the other DNS which resolves only the internal IPs, I wanted to setup the reverse DNS and publish my internal DNS (the one at the DMZ) because am not
93 matches
Mail list logo
