Title: Message
Probaby a bad driver... Download new one and reinstall the printer.
Also, there are some viruses that cause things like this... either macro
viruses that replace the Normal.dot to corrupt your office settings, or ones
that actually corrupt the printer driver. Rename your
Title: Message
Man, I
must be havin a ball.
John A. Bjelke
Unisys 505.853.6774
[EMAIL PROTECTED]
"Many of life's failures are people who did not
realize how close they were to success when they gave
up."
-Thomas Edison
-Original Message-From: Hutchins, Mike
al Message
------ From: Bjelke John A
Contr AFRL/VSIO [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: Tue, 19 Aug 2003 19:34:43 +0100
Gil,
received one screamin rubber chicken... I love it! Great sound.
My fellow sysadmins just might slit a throat today. It
remains
name)
told me that someone in his office had received one and the noise was
driving him crazy. Scratch the chicken off the list of how to win friends
and influence people.
-gil
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003
Title: Message
One
way to go about it would be to turn up the auditing andquery the event log
on the machine for login success/failure events.
John A. Bjelke
Unisys 505.853.6774
[EMAIL PROTECTED]
"Many of life's failures are people who did not
realize how close they were to success
When I spoke at the 2002 AFITC, a general from ACC (I've forgotten his
name) told me that someone in his office had received one and the noise was
driving him crazy. Scratch the chicken off the list of how to win friends
and influence people.
LOL! That's great Gil! Thanks!
John A.
PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bjelke John A Contr
AFRL/VSIO
Sent: Tuesday, August 05, 2003 1:39 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] WOT Unreadable code (was Connection String)
prints a table of primes, formatting it into columns. What's my prize
Dennis,
He's not looking to set this through policy, methinks.
Erick, try this link for how to do this through script:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/netdir/adsi
/winnt_account_expiration.asp
Watch the word wrap, and good luck!
John
specifically 'her' as indicated by
the gender of the pronoun...
:o)
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bjelke John A Contr
AFRL/VSIO
Sent: Friday, August 08, 2003 10:21 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] WOT Unreadable code
prints a table of primes, formatting it into columns. What's my prize :^)
John A. Bjelke
Unisys
505.853.6774
[EMAIL PROTECTED]
If it's as difficult as pulling teeth through an elephants rump, then the
approach needs to be reevaluated.
-Original
.
Are you coming to DEC Ottawa? I can give it to you there, along with your
free beer. Otherwise, send me your shipping info offlist, and no beer for
you.
-gil
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 10:39 AM
To: '[EMAIL
off the list of how to win friends
and influence people.
-gil
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 12:01 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] WOT Unreadable code (was Connection String)
Gil
Title: OT: Tivoli
Thanks Larry! That'll do nicely. As for not furthering the cause, I'm with ya brother. Not my choice, but I can only salute and move on. Eric, thanks as well. I just wish we were using framework 4.1 instead of 3.7. *sigh*
John A. Bjelke
Unisys
505.853.6774
[EMAIL
Title: Message
Another possibility is that manual mappings to shared drives were done
under an old password, and the system stored that in the registry. Disconnect
the network drives and then reconnect. We do our standard mappings in the login
script, and strongly discourage manual mappings
Sounds like you have a ghosted adapter that was setup running a private IP
address at some point and still exists in the registry. Try this:
Click Start, click Run, type cmd.exe, and then press ENTER.
Type set devmgr_show_nonpresent_devices=1, and then press ENTER.
Type Start DEVMGMT.MSC, and then
Mark,
I have seen that happen after making security policy changes,
specifically Prevent users from installing printer drivers. Are you trying
this as yourself, or as the local administrator account?
-Original Message-
From: Abbiss, Mark [mailto:[EMAIL PROTECTED]
Sent:
:[EMAIL PROTECTED]
Sent: Friday, March 07, 2003 8:16 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] OT: Identifying laptops on domain
You can do this with segmentation on a DHCP network.
Martial
-Message d'origine-
De: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]
Date
Title: Anybody see Gil's article?
March issue of Windows .NET magazine has an article by Gil Kirkpatrick on AD Authentication Topology that is definitely worth a read.
http://www.winnetmag.com/Articles/Index.cfm?ArticleID=37935 is the article online. Good stuff Gil!
John A. Bjelke
Title: OT: Identifying laptops on domain
Perhaps someone here might know:
Is there any machine attribute or registry value that can be queried to differentiate workstations and laptops on a domain? We have a circumstance that requires laptops to be addressed differently from workstations,
this with segmentation on a DHCP network.
Martial
-Message d'origine-
De: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]
Date: vendredi 7 mars 2003 16:04
À: '[EMAIL PROTECTED]'
Objet: [ActiveDir] OT: Identifying laptops on domain
Perhaps someone here might know
to break them out.
R/Bill
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]
Sent: Friday, March 07, 2003 10:32 AM
To: '[EMAIL PROTECTED]'
Subject:RE: [ActiveDir] OT: Identifying laptops on domain
Existing IP scheme is static, and that's
definately need to test. Thanks for the suggestion!
Regards,
John A. Bjelke
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]
Sent: Friday, March 07, 2003 8:41 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] OT: Identifying laptops
PROTECTED] On Behalf Of Bjelke John A Contr
AFRL/VSIO
Sent: Wednesday, February 26, 2003 3:40 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Remove the ability to create computer accounts in
the computer container
Greg,
If you restrict it so that no one except the user your web script
Greg,
If you restrict it so that no one except the user your web script
runs as can create accts and are specifying the container in your script,
then they will still be able to create accts, they will just be forced to
use your web script to do so. This would achive your stated goal,
If certain OU's need to not get the domain policies pushed down upon them,
you would want to block inheritance. Perhaps your domain policies aren't as
strict as the Finance folks want their security to be. Put them in their own
OU and block inheritance, then set up a policy on that OU
Rob,
Does this same behavior exhibit if she logs on to another system?
Does it exhibit if you log on to her system as yourself?
-Original Message-
From: Rob Freeman [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 9:07 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir]
on different machines that she logs onto within the domain.
Yes, if I log into her machine, I can run the task manager and the batch
file.
- Original Message -
From: Bjelke John A Contr AFRL/VSIO [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, February 20, 2003 10:20 AM
Subject: RE
Clyde,
Can you parse security logs on the DC's forEvent ID: 629 Type:
Success Audit
Description: User Account Disabled?
-Original Message-
From: Burns, Clyde [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 10:47 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir]
for the
user.
Is GPResults.exe on the Resource kit?
Thanks
Rob
- Original Message -
From: Bjelke John A Contr AFRL/VSIO [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, February 20, 2003 11:12 AM
Subject: RE: [ActiveDir] Single user problem in AD
Rob,
in your GPO, you can specify
: Re: [ActiveDir] Single user problem in AD
Yes, it exists on different machines that she logs onto within the domain.
Yes, if I log into her machine, I can run the task manager and the batch
file.
- Original Message -
From: Bjelke John A Contr AFRL/VSIO [EMAIL PROTECTED]
To: [EMAIL
account was disabled.
Unfortunately the event logs dont go back that far.
And something else is touching the accounts and updating the whenchanged
value.
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 20, 2003 12:57 PM
To: '[EMAIL
Mike,
Now, this peaks my interest. Can you elaborate on how
RestrictAnonymous of 2 would effect changing of passwords?
John A. Bjelke
Unisys
[EMAIL PROTECTED]
-Original Message-
From: Thommes, Michael M. [mailto:[EMAIL PROTECTED]]
Sent: Wednesday,
Title: Message
Can
you use Group.vbs from the Resource Kit? You can use the /S to specify remote
servers, and perhaps you could wrap this in another script to loop through all
of your servers.
-Original Message-From: Brad Martin
[mailto:[EMAIL PROTECTED]] Sent: Monday,
Title: Message
Or
perhaps the "Global Groups" from res kit?
Displays members of global groups on remote servers or
domains.
GLOBAL
group_name domain_name | \\server
group_name The name of the global group to list the members
of. domain_name The name of a network domain. \\server The
One possible solution would be to disconnect the network cable and try
logging on as the user who encrypted them, assuming that their are
credentials cached on the machine.
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 03, 2003 10:14 AM
To:
Jimmy, great link. I hadn't seen this. Thanks!
-Original Message-
From: Jimmy Andersson [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 31, 2003 11:52 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Question
See the License Availability Roadmap at:
Title: Message
John,
FWIW,I have heard froma few "white
hats" that VNC is easy to hack because it stores passwords in known encryption
algorythms in the regsitry. http://online.securityfocus.com/bid/854/discussion
and http://www.kb.cert.org/vuls/id/197477show
some more detail on this. I
Title: Message
Their
Mini-Remote Control program is pretty handy as well.
-Original Message-From: Weston Rogers
[mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 15, 2003
7:40 AMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] ADSI and RAS
woh, dameware is pretty
Title: Message
Manual
drive mappings with old passwords..
-Original Message-From: John F. Hann
[mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 15, 2003 8:05
AMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] User's Account Locked out Every morning
Logged in another PC
Greg is correct... If the mail store that the outlook profile is pointing to
no longer exists or is no longer contactable by the client, outlook will
never get repointed to the new location. In this case, you would have to
manually repoint the outlook profile to the new mail store to resolve the
Title: Message
Java
debug manager/registrar. Little teddy bear icon, right? http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322993
-Original Message-From: bobo
[mailto:[EMAIL PROTECTED]] Sent: Wednesday, January 08, 2003 5:22
AMTo: [EMAIL PROTECTED]Subject:
We have used the Winternals Linux-based pwd recovery disks with much
success. Another alternative, but one of last resort IMHO, is to boot to
either a *nix cd or diskette with NTFS support (there are numerous *nix
distros out there that can be burned to cd and booted to for forensics and
other
Thom, I've never heard of such a tool, but if one does exist it will
probably not save you time in this scenario... you will still have to back
up this large amount of data prior to using any disk editor tool that
purports to do this or risk losing it entirely. I would strongly suggest
going with
Title: Message
Really? Dothey have a ritual for server cleansing and consecration?
Maybe a psalmto ward off PHB's? :^)
-Original Message-From: Leney, Justin
[mailto:[EMAIL PROTECTED]] Sent: Friday, December 27, 2002 9:25
AMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir]
Chris,
you may want to create an ldap query in your vb script to what ever
container you are trying to enumerate and run through each object in that
container, write that to a csv (or text, whatever you need), and then move
on to the next container. Nested for loops would probably be the
I second that. Antigen is very good. I would suggest keeping different
vendor's AV solutions on your SMTP Gateway vs. your Exchange servers... If
one of them doesn't catch it, the heuristics of the other AV engine (or the
newer defs that one vendor releases before the other) might, increasing your
Chris, create a new email profile in Outlook. I have seen this behaviour
when the user profile is corrupted and will not establish a proper
authentication token. Out of curiousity, do the multiple logon failures in
outlook trigger your account lockout policy against her domain account? If
it
Title: Message
UserAdmin.pl from the resource kit... export from one, delete,
createand import to the other?
-Original Message-From:
Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday,
December 10, 2002 2:18 PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Moving users
n the
print server to force publishing of printers in AD:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;234270
HTH
Glenn
- Original Message -
From:
Bjelke John A Contr AFRL/VSIO
To: '[EMAIL PROTECTED]'
Sent: Wednesday, November 20,
--
From: Bjelke John A Contr AFRL/VSIO [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
Date: Tue, 19 Nov 2002 15:26:31 -
Hey folks!
quick question, and one I hope there is a relatively easy answer to:
Print servers migrated to AD via Aelita tools. Need
Last logon is kept in the registry on the local machine, unless your
policies prevent that being kept, as DefaultUserName. Take a look @
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\DefaultUserName.
You could write it to a log as part of the login script, along with current
time and
BTW, you can also pull the last domain name logged into from the
DefaultDomainName under that same reg key. You might need to do this,
judging from your description of what you're trying to do. Otherwise, you
may drive yourself nuts trying to match local account logins with
non-existant DC records
Can one of the resident Aelita gurus please contact me off list? I have some
questions resulting from a few test migrations in our production
environments that we would like to ask before the go-live date, which is
almost upon us. Thanks!
John A. Bjelke
Unisys
on every machine.
If you need of a creator of MSI look at your Win2k CD in support and search
for winstle product.
Is very easier to use.
Good Luke
From: Bjelke John A Contr AFRL/VSIO [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: '[EMAIL PROTECTED]' [EMAIL PROTECTED]
Subject: RE
\HPLASERJ3)
or IP / Netbios resolution
(ES: \\172.16.16.1\HPLASERJ3)
I hope that is useful
From: Bjelke John A Contr AFRL/VSIO [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: '[EMAIL PROTECTED]' [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT: Scripting question
Date: Mon, 28 Oct 2002 23:07:35
Administrator
Inovis - Formerly Harbinger and Extricity
Atlanta, GA
-Original Message-
From: Bjelke John A Contr AFRL/VSIO
[mailto:John.Bjelke;kirtland.af.mil]
Sent: Thursday, October 24, 2002 9:37 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] OT: Scripting question
Hey folks
I believe she is looking to have it appear on their local machines from
the network, but not require them to map a connection to the server. Sounds
to me like just what DFS was made for! Set up the server as a DFS root and
the shared folder on the server can be added as a file system folder on
Title: Message
Chris,
you could
runa script before the migration to read the value of the ProfileImagePath
entry in the registry and export that to a tab dilineated file... then add a few
lines to the logon script in the new AD domain to parse their username against
said tab seperated
Hey folks...
I need to automate repointing print queues on ~2000 clients to a
different print server and retain user settings on each queue... does anyone
know how to RENAME a registry key, either in VB, Perl, C++, or WSH? I can
pull the value and create a new key to the same printer name
.
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis - Formerly Harbinger and Extricity
Atlanta, GA
-Original Message-
From: Bjelke John A Contr AFRL/VSIO
[mailto:John.Bjelke;kirtland.af.mil]
Sent: Thursday, October 24, 2002 9:37 AM
To: '[EMAIL PROTECTED]'
Subject
: RE: [ActiveDir] OT: Scripting question
I don't think there is a rename. You would just read the old, write the new
with that info and then delete the old.
-Original Message-
From: Bjelke John A Contr AFRL/VSIO [mailto:John.Bjelke;kirtland.af.mil]
Sent: Thursday, October 24, 2002 11:09
Michael,
a little more info would be helpful, but let me ask a few things:
1)Have you enabled and print sharing on the 98 box in question? 2)Are the
subnet masks the same on all machines in the workgroup? 3)Is the workgroup
name the same on all boxen? 4)Can you ping and/or tracert to the
Heh. I like it. And of course, thumbcuffs would work wonders to prevent
inapropriate surfing... :^)
-Original Message-
From: Puckett, Richard [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 15, 2002 4:03 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Disable IE via GPO
If you
.
Jim Liddil
-Original Message-
From: Bjelke John A Contr AFRL/VSIO
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 15, 2002 4:22 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Disable IE via GPO
Why not block his web-mail site @ the firewall? He might have
legitimate
What about using hosts files as a fail over for DNS? Seems like less work to
me.
John A. Bjelke
UNISYS
Systems administrator
505.846.5894
[EMAIL PROTECTED]
-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 18,
David,
the way to best reduce total cost of ownership on any network (and
the amount of work you have to put in on it) is to go to a standardized
desktop environment where possible. The fewer hardware and software
configurations an organization has, the easier, theoretically at least, it
Don,
Check for policy changes. The you are not authorized to change your
password error message appears to be the default error message. Our users
see this error all the time if they are not meeting the length and
complexity requirements. Hope this helps!
John A. Bjelke AFRL\VSIO
Do you
use Outlook Web Access on Exchange? There is a password change applet
built-inthere that should workfor what you need.
-John
-Original Message-From: Izzy
[mailto:[EMAIL PROTECTED]]Sent: Friday, May 17, 2002 12:46
PMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir]
Simple Password
can reset another user's password or unlock
their account, assuming they forgot their password.
-Original
Message-From: Bjelke John
A Contr AFRL/VSIO [mailto:[EMAIL PROTECTED]] Sent: Friday, May 17,
2002 1:55
PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Simple Password
reset ut
I always thought UTC in relation to computing was the number of non-leap
seconds that have elapsed since 00:00:00 January 1, 1970. I find the choice
of Jan 01, 1601 to be a little bizarre in this context. Was this a typo? Or
is that how UTC is now measured in AD?
-Original Message-
Scott,
I can only assume you are looking to programatically change this
setting in your environment. Here is a snippet of the vbs code we use to
toggle this off. Best of luck!
John A. Bjelke AFRL\VSIO
Business Support Analyst
UNISYS
Supporting AFRL
Kirtland
Well, the XP version of 2KAdvancedServer is .Net Server, which I don't
believe has been fully released yet. XP workstations should integrate nicely
in a 2K AD environment.
Good luck! -JB
John A. Bjelke AFRL\VSIO
Business Support Analyst
UNISYS
Supporting AFRL
Kirtland
James,
The rough instructions are in Q296723, but the
specific outline is something like this:
1. Copy the Windows 2000 CD-ROM onto
the HD
2. Slipstream SP2 into it (update
-s:path)
3. Extract the SRP1 files somewhere
(sp2srp1 -x:path)
From this point, what you have to do is
remove
DHCP is going to work on a first available basis.. i.e., the first DHCP
server that a system can contact when it looks for a lease will issue an IP
and register the connection in dynamic DNS. This could cause managing
computer domain accounts to get ugly, unless you are willing to keep all
Did you slip-stream the service pack and hot fixes prior to the ris, or
after you have pushed the image to the system? I belive that if you apply
SP2 AFTER the install through ris, the image will NOt match the install.
-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
This is the only things I can find on this issue. Q179483. Hope it helps!
Error Msg: No More Connections Can Be Made At This Time
--
The information in this article applies to:
Microsoft Windows 2000 , Professional
Title: OT: Data Recovery
LostFound is a pretty good recovery tool from
PowerQuest software. The time frame doesn't matter, what matters is subsequent
drive activity since the deleteion. If those sectors have been written to, write
off the data as a loss.
John A. Bjelke AFRL\VSIO Business
You mean made by Execusoft, who also makes Diskeeper :^)
-Original Message-
From: Tom Meunier [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, January 22, 2002 8:27 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT: Data Recovery
sorry, I said Diskeeper; I meant Undelete(tm) which is made
There are a number of internet tracking applications out there that will
track the ammount of time connected to a given URL. I believe some proxies
can be configured to do this as well. Have fun parsing those logs... I
wouldn't want to do it. Sessionwall from SSi will do this and much much
I have seen incorrect path statements in the environment settings cause vbs
login scripts to bomb out. Compare the path statements on the ones that work
to the ones that don't. This would especially be indicative if it is a it
used to work and now it doesn't situation. Software installs often
James,
unfortunately, the bulk of our experince
has been in using SMS to push patches and updates. I really don't think building
a new .msi file is the way you want to go. Slip-streaming the patches into the
original installs has worked very well for us, and has allowed us to keep an
Actually, we have seen similar issues in our mixed mode domain. Sometimes,
it seems that there is a sync problem between pdc and bdc's. Other times, we
have no clue why it is occuring to an individual over and over again. We
have even gone so far as to delete and recreate accounts in AD for users
ntp2.usno.navy.mil at
192.5.41.209
tock.usno.navy.mil at
192.5.41.41
John A. Bjelke AFRL\VSIO Business Support Analyst UNISYS
Supporting AFRL Kirtland AFB, NM
505.853.6087 [EMAIL PROTECTED] === "Oh, you hate your job? Why didn't you say
Here
is a page with a pretty up to date list of public primary NTP servers:
http://www.eecis.udel.edu/~mills/ntp/clock1.htm
-Original Message-From: Joe Baird
[mailto:[EMAIL PROTECTED]]Sent: Wednesday, August 15, 2001
9:05 AMTo: [EMAIL PROTECTED]Subject:
[ActiveDir] Time Clock
Cindy, here's the link to the sizer tool.
http://www.microsoft.com/windows2000/downloads/tools/sizer/default.asp
John A. Bjelke AFRL\VSIO
Business Support Analyst
UNISYS
Supporting AFRL
Kirtland AFB, NM
505.853.6087
[EMAIL PROTECTED]
-Original Message-
From: Rittenhouse,
85 matches
Mail list logo