The most simple way is to migate the computers with
the admin of the source domain (should be admin on all
computers). This admin should be admin in the target
domain, or at least you should delegate the
appropriate rights in the target domain (add
computers).
cheers
Hans
--- Danny [EMAIL
Have you actually seen this
behaviour? As it was my understanding that this particular policy is
processed by SCE outside of normal policy application (by the PDCe - I can't
remember how often, 60 minutes comes to mind but I don't know why). I've
tried to document this here:
--
Hey
all,
I have
a little question here, just a sanity check for the most part. We had a DC
that got its registry ripped to shreds by some hardware folks, the end result
was the OS no longer recognized TCP/IP interfaces, even after a system state
restore of the registry component. This
Nate-
You can use the old name again, you just need to clean the broken
DC up in AD rebuild the box. Either search the KB for metadata cleanup or
below is the steps off the top of my head:
Ntdsutil
Metadata cleanup
Connections
Connect to server SomeDC
Exit
Sel op tar
Lis dom
Yeah that was done, everything is clean. Just used a
different name when I rebuilt the server to be on the safe side and to keep
things clean.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian
DesmondSent: Monday, September 11, 2006 9:33 AMTo:
My understanding was that the Password Policies are
applied similarly to any other Group Policy. I do recall doing some testing some
time ago where by using various security filtering on Group PoliciesI was
able to set up two DC's with two different effective policies and so two
different
Ah ok, well, that wasnt necessary.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA
Sent: Monday, September 11, 2006 9:48 AM
To: ActiveDir@mail.activedir.org
Yep, that would be one of the easiest ways. Put the source migration account into the source domain admins (domain admins is in the workstation administrators by default) and into the target domain built-in\administrators group.
If you've modified the group membership of the source domain local
Can you re-enable the source and see if it allows you to logon with the blank password? Based on the description, I doubt it, but it would be interesting to see. Since the user logged on with the old password for a month prior to having this happen, then something else outside the process(?)
Yes Ken, I believe it is a departure to write down the admin password for every single workstation out there. Those defcon envelopes mentioned earlier in thread are usually intended for critical systems vs. your user community desktops. In a company such as the one I'm at now that would be a huge
The only way that I'm aware of where you
can have different lengths (without your own filters, etc.) is if you deny the
domain controllers from reading the necessary attributes on the NC head.
By doing this, and then having multiple policies, I believe you can achieve what
you are talking
I would love some feedback from those that actually use some
of these products. We initially started looking at a Helpdesk solution. It
has now evolved into an asset management, OS deployment, patch management and license
compliance package. I cant tell you whether its evolved to this
I have a lot of experience using Ghost for all of that but
helpdesk. Helpdesk I have worked with Peregrine (will empty your check book
very complex), TrackIt (kind of basic but folks seem to like it), and
customized free open source package called Liberum (so far my favorite).
Anyone know of issues with Citrix Secure Access Manager in a 2 Forest set up(2-way external trust)?
I have the Citrix SAM in a source forest and I'm having issues trying to give access to log to the Presentation Server to a user from the target forest.
Here's my setup-
The user is given access
Alan-
I ran one of these evalutions a while back for a 25,000
desktop environment. I would highly advise putting together a spreadsheet of
your *real* requirements prior to narrowing the vendor list. Don't let the
vendor tell you what you need or the choice will become obvious. Apart from
Title: Message
Tried moving my dying ex 5.5 server to new hardware
this weekendand it failed because the restore did not bring over a log
file and left the dbase in an inconsistent state.
Lucky for me I has a recovery plan and was able to bring the old server back
online. Has any
one had
Title: Message
Hi John,
You can get it to start with eseutil and roll forward to the
last log available. What youre going to need to do with your method is restore
the backup and then copy the logs over (which shouldnt be many).
You can just copy the database and logs over the wire
Title: Message
Hey
Brian, thanks for the response, we in the process of moving to ex 2003 but in
the AD migration part and this server external disk array is dying and sorry Ed,
they don't trust the move server method as we have to move roles so
sinceI've done a restore to a new serverwith
Hi,
What is the best to query the number of windows mobile
messaging enabled user in an exchange 2003 server?
I need to run a remote query for this.
Title: Message
Diane, thanks for the response tried to convince my manages that
this is the way to go but since this is the first server in the site and has all
the roles assigned to it, and I submitted a plan using Ed's move server method
(thanks Ed ) my mangers are reluctant to do this
yes its correct.
No we have mobile users..
On 9/11/06, Al Mulnick [EMAIL PROTECTED] wrote:
Besides the obvious of telling Sophos to adjust their management to deal
with this, here's what I understand of your problem to date.
VPN clients that are also trusted network clients (i.e. mobile users
--- Original Message ---
: From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
: Sent: Tuesday, 12 September 2006 12:47 AM
: To: ActiveDir@mail.activedir.org
: Subject: Re: [ActiveDir] OT: admin account in Vista
:
: Yes Ken, I believe it is a departure to write down the
I use WSUS for patching in some decent size places. My strategy
has been to combine a variety of free products into a single system Ive
gotten good at it and Ive also written glue when I need to. My overall feeling
is that I get more flexibility just gluing things together than with a
Never used/heard of Kace. Looks like a kind of limited use
appliance?
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Patrick Paul
Sent: Monday, September 11, 2006 10:47 PM
To:
24 matches
Mail list logo