So you have a Gig of ram on a DC, what do you all set the pagefile size to?
Memory +11 MB?
Like to hear your feedback.
Toddler
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.acti
Title: Message
Schema
Extensions aren't bad, if they are documented correctly and properly replicated
throughout the forest. Rob, didn't you say that you found a way to clean
up old schema extensions that Microsoft "fixed" in SP3.
Dean,
Why is it necessary for you to extend the native to
Title: Message
Does anyone know how to disable account
lockout restrictions on a account Like a service account, but leave the rest of
the accounts with the ability to be locked out?
Thanks,
Toddler
and promising work on AD over/through/around
> firewalls using
> IPSec and other advanced technologies.
>
> Rick Kingslan MCSE, MCSA, MCT
> Microsoft MVP - Active Directory
> Associate Expert
> Expert Zone - www.microsoft.com/windowsxp/expertzone
>
>
> -Origina
OU's
What are the reasons
for delegating the AD Root Identifier? Why delegate
read?
From: Myrick,
Todd (NIH/CIT) [mailto:[EMAIL PROTECTED] Sent: Friday, August 08, 2003
6:25 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Groups and
OU's
Glenn is that what they make documentation and comments for?
Toddler
-Original Message-
From: Glenn Corbett [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 9:38 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Connection String
HAHAHAPerl
I like to be able to read my cod
You can use NETDOM.EXE to do the trust and NLTEST to do the Windows 2000
trust and site views, we like to use batch files when possible to gather
information quickly. Then we use a command line utility to send email to
our inboxes. I am not sure if it fits into the inprocess method you were
look
I would go into the Network Connections and select the network adapter on
the server. On the Microsoft File and Print item, select properties. And
make sure the settings are optimizes for file and print sharing. Next you
could pull up perfmon and see what the network usage is for the box, and
nu
You can use PORTQRY to tickle the RPC port 135 and see what is listening. I
would also try 137 and 138 UDP respectively. Then check the router
configuration to see what it's settings are.
Toddler
-Original Message-
From: Ian Moran [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 14, 20
DR is such an open ended topic.
First what constitutes a disaster to your organization?
What systems can your organization do without?
How much overhead to the capital cost are you willing to assume in your
Operations to have a DR system and strategy?
Can you solve DR problems with technolog
is me guessing).
-Original
Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd (NIH/CIT)
Sent: Thursday, August 07, 2003
10:14 PM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Turn off
account lockout feature on a account.
Does any
Title: Message
Per
delegation I do the following
AD
<---Root Identifier
+Delegation Give FC to the Directory Administrators, Enterprise Admins,
and System; Read to the Data Administrators & Authenticated
Users.
+OU or CN = Users Give R/C/M to Full Data Admins, Jr D
ature on a account.
system account
- Original Message -
From: Myrick, Todd
(NIH/CIT)
To: '[EMAIL PROTECTED]'
Sent: Thursday,
August 07, 2003 9:54 PM
Subject: RE:
[ActiveDir] Turn off account lockout feature on a account.
Thanks Joe,
Just wan
t deal about
people getting in the wrong places and doing the wrong things. Finger
fumbles are a natural part of using any system, and an automated tool will
only solve some of these.
G.
- Original Message -
From:
Myrick,
Todd (NIH/C
eDir] WOT Unreadable code (was Connection String)
What's up Todd? You have a hankerin' for some chicken?
And I probably should stop wasting everyone's inbox capacity with this
silliness... Doesn't someone have some AD problems that need fixing?
-gil
-----Original Message
uld be a specific value. Its also good or your 3rd
level guys (like me) who dont have 1st and 2nd level banging on the door to do
tasks for them if the custom tool is down.
My $0.02
Glenn
- Original Message -----
From: Myrick, Todd
(NIH/CIT)
Don't make me use my Jedi Mind Trick on your butts!
Toddler
-+SMT+-
-Original Message-
From: Robbie Allen [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 9:14 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Connection String
> Come over to the 'Dark Side' with VB.NET.i
I went to www.eventid.net and searched and found the following
Event ID: 1168
Source NTDS General
Type Error
Description Error () has occurred (Internal ID
). Please contact Microsoft Product Support Services for
assistance.
Error 1032 - See Q280364 & Q265089.
Error -1811 - See Q28036
The Answer to the Universal Question is 42
Toddler
Hitchhiking my way to Ottawa!
-Original Message-
From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 11:56 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] WOT Unreadable code (was Connection String)
Have
That is a pretty nice Picture for a phone.
Toddler
-Original Message-
From: Fugleberg, David A [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 05, 2003 4:58 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] WOT Unreadable code (was Connection String)
I, for one, am proud of my SRC [1] f
ou what. Anyone who has posted to this list in the past month and
shows up in Ottawa gets a round on the house. Just mention this special
offer...
-g
Gil Kirkpatrick
CTO, NetPro
-Original Message-
From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]
Sent: Sunday, August 03, 2
gt;
> Getting' kinda loose and happy with *my* tab aren't you Todd?
>
> Tell you what. Anyone who has posted to this list in the past
> month and
> shows up in Ottawa gets a round on the house. Just mention
> this special
> offer...
>
> -g
>
>
s up in Ottawa gets a round on the house. Just mention this special
offer...
-g
Gil Kirkpatrick
CTO, NetPro
-----Original Message-----
From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]
Sent: Sunday, August 03, 2003 7:02 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] ADAM
;ll get together one day, I'm sure. And, I'll take you up on that offer.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CIT)
Sent: Sunday, August 03, 2003 9:02 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir
I remember seeing a script that you could run to do one of two things, if
someone was logged in on one workstation, it would enforce not allowing that
person to have multiple network sessions. It would log off someone or not
allow them to log onto the workstation if they were logged into other
wor
Idan,
If any bullets fly your way, I promise to put myself in front of their path,
because I am "The One"... "The Toddler" I have mad powers yo... (At least in
this Matrix).
I think your post was not problematic in the least, and offered good
information without blatant self promotion.
There a
e Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kevin Gent
Sent: Saturday, August 02, 2003 3:28 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] ADAM Doc
Thanks from most of us
BLOGS and RSS!!!
Best way to keep up with what everyone is doing who has time to post to it.
Maybe companies like AELITA, or NETPRO (Bindview, Quest, and all the little
guys too) might want to start integrating support for RSS in their products.
www.userland.com owns the protocols and RFC drafts.
- www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CIT)
Sent: Friday, August 01, 2003 7:39 PM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] ADAM Doc
http://www.microsoft.com/downloads/details.asp
Title: Message
Antigen is a god send!
We learned from the Love BUG.
No worries mate.
Toddler
-Original Message-
From: Christopher Hummert
[mailto:[EMAIL PROTECTED]
Sent: Friday, August 01, 2003 5:54
PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] I sent a virus
o
http://www.microsoft.com/downloads/details.aspx?FamilyID=9688f8b9-1034-4ef6-
a3e5-2a2a57b5c8e4&DisplayLang=en
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
I personally use Radio and FM for my Blog (Weblog) that is hosting on
Userland.
I plan to move to my own hosted URL soon. Radio is a personal content
management client tool, that has themes that can be used to construct a
weblog. It is the one most pro's like because the content can be FTPed to
http://www.idefense.com
Figured that I would share the information.
Todd
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Is there a way to turn off Object Instantiation in AD Users
and Computers MMC or Any utility that creates objects for that matter using
definitions from the AD Schema?
If so, how would you do it?
Thanks,
Todd Myrick
Title: Message
Overview
Identity Integration Feature Pack for Microsoft®
Windows Server(tm) Active Directory® manages identities and coordinates user
details across Microsoft Active Directory, Active Directory Application Mode
(ADAM), Microsoft Exchange 2000 Server, and Exchange Server 2003
] Identity Management using AD
We're going
to make the MV writeable...
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Myrick, Todd
(NIH/CIT)Sent: Tuesday,
July 08, 2003
7:12 AMTo:
'[EMAIL PROTECTED]'Subject: RE: [Acti
Murphy was the first one out with a book
:P
Glenn
- Original Message -
From:
Myrick,
Todd (NIH/CIT)
To: '[EMAIL PROTECTED]'
Sent: Wednesday, July 09, 2003 12:11
AM
Subject: RE: [ActiveDir] Identity
Management using
Title: Message
My
spell checker broke my joke...
I ment
to say Marchitecture. As in Marketing Architecture.
I
think the who IIS part is just a bad thing..
Todd
-Original Message-From: Myrick, Todd
(NIH/CIT) Sent: Tuesday, July 08, 2003 1:02 PMTo:
'[EMAIL PROT
:
[ActiveDir] Identity Management using AD
I've
been told that MIIS is really just MMS 3.0 renamed. The description of
the software would seem to indicate so. Is this
true?
Mike
Thommes
Argonne National Laboratory
-Original Message-From: Myrick, Todd (NI
Title: Message
Why
not use a tool like Aelita's In-trust http://www.aelita.com/products/InTrust.htm to
run the scans against the production environment, I would also mention
BV-Control, but I am mad at bindview right now and don't want to promote their
products. (Long story). It would be le
Title: Message
I
ordered 10 StIcK's (tm) and they work great. I name my StIck's for the
special purposes they serve. The best thing is one size fits
all!
Toddler
-Original Message-From: Roger Seielstad
[mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003
8:56 AMTo: '
ve an issue, post back here or in the
> newsgroups so
> others can learn of the experience. Even if you call MS and
> they say, nope,
> no one is having that issue. I have found that they know of
> things but won't
> come fully forward with them until some minimum number of
Title: Message
We are
in the process of evaluating MIIS here, and AD is currently our source for
authentication information, for Enterprise application, we are using a custom
database running on Critical Path to sync with other application directories,
and get a metaview of the information f
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/ad/Windows2000/maintain/BPguide/Part1/ADSECP1.asp
Lets start an interesting review of the content shall we...
Todd
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.h
Thanks Everyone for the great information. We have already begun patching
the systems as a result of the information from the list.
Todd Myrick
-Original Message-
From: Robert Moir [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 03, 2003 8:53 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveD
posting is
provided "AS IS" with no warranties, and confers no
rights.]
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Myrick, Todd
(NIH/CIT)Sent: Tuesday, June
17, 2003 12:40 PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveD
erver as the database for user information.
"
-doug
-----Original Message-----From: Myrick, Todd
(NIH/CIT) [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 01,
2003 12:47 PMTo: '[EMAIL PROTECTED]'Subject:
[ActiveDir] Microsoft Announces Identity Managment
Title: Message
http://www.eweek.com/article2/0,3959,1163269,00.asp
So who
knows more about his.
Todd
Title: Message
Which
tool from Aelita were you using? DMW, EMM, or EMW? If you have ER
Disk or AD 6.5, you can do attribute level restores of
objects.
Todd
-Original Message-From: Don Murawski
(Lenox) [mailto:[EMAIL PROTECTED] Sent: Tuesday, July
01, 2003 9:53 AMTo:
Title: Message
I
personally like Hyena Pretty cheap too. $100.00 Multi-select and one click
will do you. Can do by ou or entire domain.
Todd
-Original Message-From: Gil Kirkpatrick
[mailto:[EMAIL PROTECTED] Sent: Monday, June 30, 2003 1:11
PMTo: '[EMAIL PROTECTED]'Subje
software without hassling us every couple of days, and saves on the
hardware costs of multiple AD forests (minimum 2 DCs for each
instance).
For real corporate applications, we only
provide a single directory, AD.
Glenn
- Origi
nd saves on the hardware costs of
multiple AD forests (minimum 2 DCs for each instance).
For real corporate applications, we only
provide a single directory, AD.
Glenn
- Original Message -----
From:
Myrick,
Todd (NIH/CIT)
To
[EMAIL PROTECTED] On
Behalf Of Myrick, Todd (NIH/CIT)
Sent: Friday, June
27, 2003 7:24 AM
To:
'[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: [ActiveDir] MMS 2003 and
ADAM 2003
I just got word that MMS
2003 and ADAM 2003 are shipping the week of July 3rd.
Now to afford the
the Server 2003 AD schema
extensions for Exchange 2003. You lose some minor functionality, nothing
major. We are currently in production with Exchange 2003 w/o Server 2003
AD.
Benton Chase Wink
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
Title: Message
We
just learned that Exchange 2003 will be RTM next week. And the Exchange
lead is chomping at the bit to extend the schema for it. We have two
problems, we have not extended the schema for Windows 2003, and we have a site
design that has some replication issues due to firew
rom simple services to
security uses.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CIT)Sent: Friday, June
Title: Message
I just got word that
MMS 2003 and ADAM 2003 are shipping the week of July 3rd.
Now to afford the
server requirements to run MMS 2003.
Requirements for MMS
2003
Windows 2003
EE
SQL 2000
EE
Visual Studio .NET
2003
Hardware
Makes Simple Sync
look very attractive, but
me of those millions I saved.
Toddler
-Original Message-
From: Myrick, Todd (NIH/CIT)
Sent: Monday, June 16, 2003 11:55 AM
To: 'Pye, David'
Subject: RE: Follow up article questions.
"The NIH Windows 2000 Focus group determined that the best way to
deploy Windows Server 2000 a
My preferred method is as follows.
Keep OU Names simple and linked to object type or organization delegation
type. Use the description attribute on each OU to describe the OU instead
of making the RDN and DN describe the OU. Also Look at third party products
if you have to do multiple delegation
Behalf Of Myrick, Todd
(NIH/CIT)Sent: Tuesday, June
17, 2003 12:40 PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Object level
restore
Stuart & Guido
thanks for the reply,
I feel this thread
has caused some confusion to all involved (possibly f
d "AS IS" with no warranties, and confers no
rights.]
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Myrick, Todd
(NIH/CIT)Sent: Monday, June
16, 2003 12:25 PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Aelita's ER Disk
Title: Message
Stuart,
What
changed in the article? All I see is a reference to the fact
that Microsoft has provided an API for vendors to use in 2003, and
that it is still potentially bad to do object level restores in Windows 2000
directories. In addition, responding to this thread tit
Here is one for the books.
I run repadmin /showvector "dc=,dc="
The results are this.
CN=NTDS
Settings,CN=server1,CN=Servers,CN=Site-1,CN=Sites,CN=Configuration,DC=domain
,DC=LOCAL 7317912
CN=NTDS
Settings,CN=server2,CN=Servers,CN=Site-1,CN=Sites,CN=Configuration,DC=domain
,DC=LOCAL 2959567
CN=N
ekend.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CIT)Sent: Thursday, June 12, 2003 1:19 PMTo:
'[EMAIL
Title: Message
There
is an article in the latest Windows 2003 magazine about how to integrate IAS and
Cisco AAA.
Todd
-Original Message-From: Martin Tuip
[mailto:[EMAIL PROTECTED] Sent: Friday, June 13, 2003 6:07
AMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] A plea t
Title: Message
There
is now a 5.0 version of Hyena out. See if it fixes the
problem.
Todd
-Original Message-From: Raymond
McClinnis [mailto:[EMAIL PROTECTED] Sent: Thursday, June
12, 2003 9:49 AMTo: [EMAIL PROTECTED]Subject:
RE: [ActiveDir] Active Directory Tools on X
Title: Message
Well
there is two schools of thought. Tell me what it looks like and how to
respond or Tell me when something is wrong and automatically respond. I
prefer a more focused view of my Active Directory, that I can delegate out to
other Domain Administrators and give them a view
Title: Message
Aelita
just announced a utility that can do brick level recoveries of Exchange
mailboxes with out the need for an Exchange recovery Site or Forest. Works
with 5.5 and 2000. It does require a machine with enough storage to
restore the volume though.
http://www.aelita.com/ne
Title: Message
I am
not sure if anyone is currently taking advantage of this feature yet, because it
is only for Windows 2003, and there is still a lot of people deploying
2000. I do know that some vendors are in talks with Microsoft on how to
implement it, and there are some concerns on th
ver and a member of a new
domain.This should
answer most of your
questions:http://support.microsoft.com/default.aspx?scid=kb;EN-US;216498-----Original
Message-From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 29, 2003 9:59 AMTo:
'[EMAIL PROTECTED]'
I tried to DCPROMO a domain controller down to member server status and it
said that it was unable to complete the process. Might be insufficient
permissions, I can't remember exactly. If you all need the log, I will dig
it up.
Anyway, what I want to do is forcible remove the domain controller o
Figured many of you might be interested in it.
http://www.microsoft.com/downloads/details.aspx?FamilyID=674a4834-023d-4aa0-
be6b-0ed7c3ebec3d&DisplayLang=en
Todd Myrick
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://ww
http://www.microsoft.com/downloads/details.aspx?FamilyID=5098c84a-8a9b-4e0f-
bb27-254f5bfdaaa1&DisplayLang=en#filelist
Pretty good synthesis of how to plan and modify network deployments of
Windows 2003 network services. Needs a section on PKI though.
Todd Myrick
List info : http://www.actived
I had a beef fillet marinade in Guinness this weekend, it was actually kind
of sweet tasting. So I recommend that or a nice piece of buffalo filet
marinade in Guinness for you AD Native Mode celebration.
We converted to Native Mode last year on many of our AD Domains. Now is the
pain of ADCing a
Check and see if they have any mapped drives using their old credentials.
Todd
-Original Message-
From: Chuck [mailto:[EMAIL PROTECTED]
Sent: Monday, March 24, 2003 12:37 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Account Lockout after password reset
Hello,
I have had a few users
connection - other than name
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd
(NIH/CIT)
Sent: Tuesday, March
d in Kerberos v4, while AD
is built on Kerberos v5. Very different beast.
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.
> -----Original Message-
> From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]
>
http://www.eweek.com/article2/0,3959,937385,00.asp
Just saw this and wondered if anyone on the list has a comment about it. I
sent a request to our MS TAM for comment on the article and will post
anything I get to the list.
Todd Myrick
List info : http://www.activedir.org/mail_list.htm
List FA
System State Backups..
Greetings all, I have a question about system state backups.
It seems several of the products we use to backup our Domain controllers
require that the account used to backup the AD and system state be a member
of the administrators built-in group. I am wondering if this se
Title: Message
http://www.microsoft.com/technet/treeview/default.asp?url="">
Has
the getting started guide, checklist, etc.
http://www.maiciao.com.tw/Documents/windows%202k/ms%20win2k%20terminal%20services/dgw2kts_book.pdf
Definitive Guide to Windows 2000 Terminal
Services
You
might
Todd,
I wrote an article in the March 2003 Windows & .NET mag that discusses how
to control authentication traffic in this kind of scenario... it may help as
well.
-gil
-Original Message-
From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 05, 2003 8:24 AM
To
t MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
>
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Myrick, Todd (NIH/CIT)
> Sent: Wednesday, March 05, 2003 7:56 AM
> To:
I have a question about peoples experience disabling Site Link Transitivity.
I am trying to achieve a hub and spoke design where the spoke sites only
replicate with the Hub's. This is to reduce the complexities of configuring
firewalls in our enterprise but also to optimize replication so it is ea
Title: Message
I am,
and if I get my homework done for Gil this week I will be presenting on
Integrating AD into an Enterprise Directory Architecture and leading a round
table on PKI in the Enterprise.
Todd
Myrick
-Original Message-From: Sullivan, Kevin
[mailto:[EMAIL PR
Title: Message
I
second what Marc says...
I
would seriously look at the consulting services of the tools vendors who make
the migration tools. I would also make sure that your stress to the vendor
to make the solution fit the organizational requirements not their best
practice.
Todd
Greetings All,
I am looking for a tool that would be able to query an AD forest and map out
domain constructs, site constructs, DC's and DNS servers. Do any of you
know of such a utility.
Thanks in advanced
Todd Myrick
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://w
We started to do some testing in our LAB to confirm a behavior we witnessed
on Workstations and Servers in a AD domain. What we wanted to confirm is
that if you set a domain wide account policy, that the policy will affect
not only the AD database for password and account standards, but
workstatio
I work for the National Institutes of Health, and I was responsible for
developing Architectural Standards for deploying Active Directory to
encompass 27 NIH IC's and 4 HHS OPDIV's. Does that count?
If so, send me an e-mail and we can begin discussing what you are trying to
do.
Thanks,
Todd Myr
Just a FYI, this conference was one of the best I have attended in a while.
The resort was relaxing and materials were pretty good. The reason why I
send a blatant advertisement to this list is to get as many of you all to
attend and maybe have a meet and greet at the conference. Lots of great
in
Title: Message
I have
a question about specifiying AD Replication to a specific port. If you do
what the KB article says to do, do you have to set the port on all AD DC's to
get it to work correctly, or only on the servers you want to control replication
to? I have several servers who are
again.
Allan Garrett
A
small SOCAL college
-----Original Message-From: Myrick, Todd (NIH/CIT)
[mailto:[EMAIL PROTECTED]]Sent: Thursday, November 14, 2002
12:54 PMTo: '[EMAIL PROTECTED]'Subject:
[ActiveDir] AD and Network Core Services &
Title: AD and Network Core Services & Anti-Virus
I have a quick question, Our operating procedures for Core Network Service (AD DCs, WINS, DDNS, CA, Exchange (Antigen), DHCP) servers has been not to run with Anti-Virus protection on them. We feel that the potential for scanner code to conflict
Title: Message
Greetings all,
Quick
question, has anyone seen a KB or White paper that outlines the guideline of how
many DC's you need per number of users. The old rule for NT4 was 1 BDC for
every 2000 active users. I have read all the AD sizing papers etc, but
just wanted to know if an
for proper DNS SRV records in DirectoryAnalyzer, but not
sure about publication of SPNs. I'll look into it.
DirectoryTroubleshooter does have a test that checks SPN publication and it
has a pretty complete KB entry as well.
-gil
-Original Message-----
From: Myrick, Todd (NIH/CIT)
for a secondary zone the AD Integrated one's won't work.
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis - Formerly Harbinger and Extricity
Atlanta, GA
> -Original Message-
> From: Myrick, Todd (NIH/CIT) [mailto:myrickt@;
Aelita EDM ADSI provider automatically does described process.
Vladimir Turin
-Original Message-
From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 09, 2002 1:33 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Issue enumerating more than 1000 me
I am using some LDAP tools to enumerate the members of a group and it will
only list the first 1000 members. I have tried several tools, all with the
same result. Is their a query policy that limits the number of results
returned MaxResultSetSize is the only one that comes to mind. Any help is
ons, but I don't know
where they are on it. Mike Barnard from MSFT did a great job on the AD
piece.
-gil
-Original Message-----
From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 01, 2002 12:21 PM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Active D
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn
ol/ad/windows2000/maintain/opsguide/default.asp
I have been searching for a document like this to go along with my
Architecture Document, and Implementation Document. Figured I would share
my find with you fine folks.
Title: Message
We
have some groups with more than 1000 members in them and when we go to list them
in AD tools, we get a message saying that we reached the limit. Where can
we change the default limit? I know about the default LDAP query policy
and have already changed that information. I
201 - 300 of 305 matches
Mail list logo