RE: [ActiveDir] ADAM on XP Pro

2006-10-05 Thread Lee Flight 


I had an exchange with a vendor who was planning on a similar approach:

http://groups.google.co.uk/group/microsoft.public.windows.server.active_
directory/browse_frm/thread/83248bf50f9f76ec/2aac67203f612e2a

my summary, see the end of the archived thread, was that they
should talk to Microsoft about this use of the replication model
as it did not seem appropriate use of a multimaster replication
model to me. Even if we had RO ADAM instances I still think it
would be a pain to manage... let us know how you get on

Thanks
Lee Flight

On Wed, 4 Oct 2006, Tony Murray wrote:


Thanks Dmitri

Yes, my security concern was with regard to laptop theft.  As you say, these 
are ADAM and not AD accounts, so the risk of compromise is localised to the 
application.  Good tip about EFS (even if I'm not a big fan of it generally).  
There may be other options (e.g. hardware encryption).

I will give some further thought to the potential replication issues you 
mention when I know more about the application - I haven't managed to get my 
hands on it yet :-)

Tony
-- Original Message --
From: Dmitri Gavrilov [EMAIL PROTECTED]
Reply-To: ActiveDir@mail.activedir.org
Date:  Wed, 4 Oct 2006 20:18:28 -0700

ADAM on XP is no different from ADAM on w2k3 security-wise. The big
differences are that it is throttled somewhat perf-wise, and also
there's no auditing.

I do not see any serious security problems with this approach. Unless
you are thinking that somebody steals the laptop, cracks the DIT open
and brute-forces the pwd hashes? Store the DIT on an EFS volume then. In
any case, these are ADAM users, not windows...

The only problem will be replication -- instances will complain that
they are unable to replicate when in offline mode. Perhaps this can be
resolved by creating a separate site for every instance and setting up
manual links to the hub instance. Hmm. Not sure. I guess it depends on
how long they'll stay offline. KCC is not really optimized to work well
in such scenarios.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray
Sent: Wednesday, October 04, 2006 7:34 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] ADAM on XP Pro

I've been talking to a vendor about an application they are developing.
It involves running ADAM instances on XP Pro machines (laptops) that
replicate with a centralised ADAM instance running on W2K3.  I don't
have further details at this stage, but I believe the they are planning
to use the local ADAM instance to authenticate laptop users to an
application when they are off-line.

In addition to security concerns with this approach, I'm not really
comfortable with the idea of ADAM instances on laptops being part of a
configuration set.  I had always understool ADAM on XP to be used for a
personal data store
(http://technet2.microsoft.com/WindowsServer/en/library/29fb059e-544c-45
77-bf7c-ba4b08df48431033.mspx?mfr=true).

Any thoughts on this?

Tony

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

[ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Bahta, Nathaniel V CTR USAF NASIC/SCNA 
List,

I have been looking at several options to restore a failed DC from the ground 
up.  ADS seems to look promising, but its hard to get one SYSPREP image for all 
of my DCs even though they are all flavors of Dell PowerEdge, it has proven 
difficult.  Does anyone know of a good solution to restore a DC from the ground 
up utilizing a network connection, without inserting disk and going through the 
steps.

Thanks,
Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Wednesday, October 04, 2006 3:24 AM
To: ActiveDir.org
Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
Troubleshooter.

SOAD has a lovely GUI and lots of flashing lights


Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Yann [EMAIL PROTECTED]
Date: Tue, 3 Oct 2006 20:11:12
To:ActiveDir@mail.activedir.org
Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter.

Hello all, 
  
I don't know if it is the right place 
I'm about to test 2 AD Troubleshooters products and I have to choose one them 
to monitor,tshoot our AD infrastructure: 
Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
Troubleshooter. 
Does someone have any experiences with the 2 products and could tell me what 
are the pros and cons of each of them ? 
  
Thank you, 
  
Yann 
  
  
 


 Découvrez un nouveau moyen de poser toutes vos questions quel que soit le 
sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions 
et vos expériences. Cliquez ici: 
http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . 
.+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Brian Desmond 
PXE Boot into an unattended install?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:11 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Domain Controller Bare Metal restore
 
 List,
 
 I have been looking at several options to restore a failed DC from the
 ground up.  ADS seems to look promising, but its hard to get one
 SYSPREP image for all of my DCs even though they are all flavors of
 Dell PowerEdge, it has proven difficult.  Does anyone know of a good
 solution to restore a DC from the ground up utilizing a network
 connection, without inserting disk and going through the steps.
 
 Thanks,
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Wednesday, October 04, 2006 3:24 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] choose between SOAD and Netpro directory
 Troubleshooter.
 
 SOAD has a lovely GUI and lots of flashing lights
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Yann [EMAIL PROTECTED]
 Date: Tue, 3 Oct 2006 20:11:12
 To:ActiveDir@mail.activedir.org
 Subject: [ActiveDir] choose between SOAD and Netpro directory
 Troubleshooter.
 
 Hello all,
 
 I don't know if it is the right place
 I'm about to test 2 AD Troubleshooters products and I have to choose
 one them to monitor,tshoot our AD infrastructure:
 Spoltligh on Active Directory (SOAD) and Netpro Active Directory
 Troubleshooter.
 Does someone have any experiences with the 2 products and could tell me
 what are the pros and cons of each of them ?
 
 Thank you,
 
 Yann
 
 
 
 
 
  Découvrez un nouveau moyen de poser toutes vos questions quel que soit
 le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances,
 vos opinions et vos expériences. Cliquez ici:
 http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
 .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
 .+w֧B+v*rz+v*汫

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Bahta, Nathaniel V CTR USAF NASIC/SCNA 
That’s what I have been trying to do, but using one image for all of my 
different hardware types has not worked.  Specifically I can get the image to 
apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the 
splash screen appears and it reboots, it just keeps doing that.  The same image 
works fine on another version of the PowerEdge, but on the other model it just 
continuously reboots. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 05, 2006 8:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

PXE Boot into an unattended install?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:11 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Domain Controller Bare Metal restore
 
 List,
 
 I have been looking at several options to restore a failed DC from the 
 ground up.  ADS seems to look promising, but its hard to get one 
 SYSPREP image for all of my DCs even though they are all flavors of 
 Dell PowerEdge, it has proven difficult.  Does anyone know of a good 
 solution to restore a DC from the ground up utilizing a network 
 connection, without inserting disk and going through the steps.
 
 Thanks,
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Wednesday, October 04, 2006 3:24 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 SOAD has a lovely GUI and lots of flashing lights
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Yann [EMAIL PROTECTED]
 Date: Tue, 3 Oct 2006 20:11:12
 To:ActiveDir@mail.activedir.org
 Subject: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 Hello all,
 
 I don't know if it is the right place
 I'm about to test 2 AD Troubleshooters products and I have to choose 
 one them to monitor,tshoot our AD infrastructure:
 Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
 Troubleshooter.
 Does someone have any experiences with the 2 products and could tell 
 me what are the pros and cons of each of them ?
 
 Thank you,
 
 Yann
 
 
 
 
 
  Découvrez un nouveau moyen de poser toutes vos questions quel que 
 soit le sujet ! Yahoo! Questions/Réponses pour partager vos 
 connaissances, vos opinions et vos expériences. Cliquez ici:
 http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
 .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
 .+w֧B+v*rz+v*汫
.+w֧B+v*rz+v*汫

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Ken Schaefer 
Why do you need one sysprep image of all you DCs? Can't you just make one
sysprep image in total (and just add all the necessary drivers for each
model?). Alternatively there is an ADS image mounting tool you can use if you
need to make slight modifications to a captured image to cater for different
devices.

Cheers
Ken

: -Original Message-
: From: [EMAIL PROTECTED] [mailto:ActiveDir-
: [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF
: NASIC/SCNA
: Sent: Thursday, 5 October 2006 10:11 PM
: To: ActiveDir@mail.activedir.org
: Subject: [ActiveDir] Domain Controller Bare Metal restore
: 
: List,
: 
: I have been looking at several options to restore a failed DC from the
: ground up.  ADS seems to look promising, but its hard to get one
: SYSPREP image for all of my DCs even though they are all flavors of
: Dell PowerEdge, it has proven difficult.  Does anyone know of a good
: solution to restore a DC from the ground up utilizing a network
: connection, without inserting disk and going through the steps.
: 
: Thanks,
: Nathaniel V Bahta
: Sr. Systems Administrator
: General Dynamics Information Technology
: (937)257-4757
: 
: 
: 
: -Original Message-
: From: [EMAIL PROTECTED] [mailto:ActiveDir-
: [EMAIL PROTECTED] On Behalf Of Mark Parris
: Sent: Wednesday, October 04, 2006 3:24 AM
: To: ActiveDir.org
: Subject: Re: [ActiveDir] choose between SOAD and Netpro directory
: Troubleshooter.
: 
: SOAD has a lovely GUI and lots of flashing lights
: 
: 
: Mark Parris
: 
: Base IT Ltd
: Active Directory Consultancy
: Tel +44(0)7801 690596
: 
: 
: -Original Message-
: From: Yann [EMAIL PROTECTED]
: Date: Tue, 3 Oct 2006 20:11:12
: To:ActiveDir@mail.activedir.org
: Subject: [ActiveDir] choose between SOAD and Netpro directory
: Troubleshooter.
: 
: Hello all,
: 
: I don't know if it is the right place
: I'm about to test 2 AD Troubleshooters products and I have to choose
: one them to monitor,tshoot our AD infrastructure:
: Spoltligh on Active Directory (SOAD) and Netpro Active Directory
: Troubleshooter.
: Does someone have any experiences with the 2 products and could tell me
: what are the pros and cons of each of them ?
: 
: Thank you,
: 
: Yann
: 
: 
: 
: 
: 
:  Découvrez un nouveau moyen de poser toutes vos questions quel que soit
: le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances,
: vos opinions et vos expériences. Cliquez ici:
: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
: .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
: .+w֧B+v*rz+v*汫

Re: [ActiveDir] Folder Redirection Problem

2006-10-05 Thread AFidel 

Have you tried giving a test user traverse
folder or other benign rights at the level where Outlook gets stuck?

Andrew Fidel





Dan DeStefano
[EMAIL PROTECTED] 
Sent by: [EMAIL PROTECTED]
10/04/2006 09:01 PM



Please respond to
ActiveDir@mail.activedir.org





To
ActiveDir@mail.activedir.org


cc



Subject
[ActiveDir] Folder Redirection
Problem








I am sorry if this is a repost, but I inadvertently
deleted any responses:

I am having a weird problem with folder redirection.
I have set the My Documents redirection to the subfolder of the root drive
option and set the path to the homefolders directory (\\servername\homefolders$).
This is supposed to redirect users my documents to \\servername\homefolders$\%username%\my
documents and it does. The users log onto their PCs and open their My Documents
folder fine  and looking at the properties of their my documents folder
confirms that the redirection is working properly. The problem is that
in certain applications, namely Outlook 2003 (all latest patches and SPs
applied). When a user goes to save an attachment, for example, and clicks
on my documents in the save dialog, they receive the error cannot access
\\servername\homefolders$, which makes sense since the users do not have
access to the homefolders$ share, just to their subfolder. So Outlook,
for some reason, is not drilling down into the users my documents in the
home folder, but instead is trying to access the root of the homefolders$
share. In other Office apps, the my documents works fine. There are also
no event log entries that reference this issue.

I am stuck here as I am unable to find any
KB articles that discuss this. Does anyone have any suggestions? I have
not yet reinstalled Outlook because all other Office apps work fine. Office
was deployed to the workstations via group policy using an AIP and MST
transform.


Any help would be greatly appreciated.


Dan DeStefano
Info-lution Corporation
[EMAIL PROTECTED]
http://www.info-lution.com
Office: 727 546-9143
FAX: 727 541-5888
If you have received this message
in error please notify the sender, disregard any content and remove
it from your possession.

RE: [ActiveDir] OT: ExMerge works for some, not others

2006-10-05 Thread Ramon Linan 



Can you post the error?

Make sure those users are not hidden in the GAL, if you 
hide them it will not work.

Rezuma


From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Noah 
EigerSent: Wednesday, October 04, 2006 8:20 PMTo: 
ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: ExMerge works 
for some, not others


Hello:

Sorry for the OT. ExMerge is giving 
me heartburn.

I have a small Exchange install 
where all the tools (and everything else) is on the DC. (Yes, if they had 
thought about it earlier, it would be SBS -- but it is not.) 


I am trying to run ExMerge to pull 
out PST files. The user running ExMerge is Domain Admin, Enterprise Admin, and 
Domian User. I believe all of those groups are denied SEnd As and Receive As. At 
least, Receive As is required to run ExMerge. Yet, despite that, I am able to 
run ExMerge against about half of the users. The other half cough up permission 
errors in the log. 

One additional factor: all of the 
problem users were disabled within AD. I re-enabled the accounts for this 
purpose.

Any thoughts about what is going on 
here? Why some work and some don't?

Thanks.

- nme

--No virus found in this outgoing message.Checked by AVG 
Free Edition.Version: 7.1.394 / Virus Database: 268.12.10/459 - Release 
Date: 9/29/2006

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Bahta, Nathaniel V CTR USAF NASIC/SCNA 
I don’t need one sysprep image OF all my DCs, it’s one sysprep image in total, 
just as you said.  I added the necessary drivers for each model and used 
imgmount /mount to modify the sysprep.inf [SysprepMassStorage] section and to 
add the drivers for the different RAID controllers. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer
Sent: Thursday, October 05, 2006 8:32 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

Why do you need one sysprep image of all you DCs? Can't you just make one 
sysprep image in total (and just add all the necessary drivers for each 
model?). Alternatively there is an ADS image mounting tool you can use if you 
need to make slight modifications to a captured image to cater for different 
devices.

Cheers
Ken

: -Original Message-
: From: [EMAIL PROTECTED] [mailto:ActiveDir-
: [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF
: NASIC/SCNA
: Sent: Thursday, 5 October 2006 10:11 PM
: To: ActiveDir@mail.activedir.org
: Subject: [ActiveDir] Domain Controller Bare Metal restore
: 
: List,
: 
: I have been looking at several options to restore a failed DC from the
: ground up.  ADS seems to look promising, but its hard to get one
: SYSPREP image for all of my DCs even though they are all flavors of
: Dell PowerEdge, it has proven difficult.  Does anyone know of a good
: solution to restore a DC from the ground up utilizing a network
: connection, without inserting disk and going through the steps.
: 
: Thanks,
: Nathaniel V Bahta
: Sr. Systems Administrator
: General Dynamics Information Technology
: (937)257-4757
: 
: 
: 
: -Original Message-
: From: [EMAIL PROTECTED] [mailto:ActiveDir-
: [EMAIL PROTECTED] On Behalf Of Mark Parris
: Sent: Wednesday, October 04, 2006 3:24 AM
: To: ActiveDir.org
: Subject: Re: [ActiveDir] choose between SOAD and Netpro directory
: Troubleshooter.
: 
: SOAD has a lovely GUI and lots of flashing lights
: 
: 
: Mark Parris
: 
: Base IT Ltd
: Active Directory Consultancy
: Tel +44(0)7801 690596
: 
: 
: -Original Message-
: From: Yann [EMAIL PROTECTED]
: Date: Tue, 3 Oct 2006 20:11:12
: To:ActiveDir@mail.activedir.org
: Subject: [ActiveDir] choose between SOAD and Netpro directory
: Troubleshooter.
: 
: Hello all,
: 
: I don't know if it is the right place
: I'm about to test 2 AD Troubleshooters products and I have to choose
: one them to monitor,tshoot our AD infrastructure:
: Spoltligh on Active Directory (SOAD) and Netpro Active Directory
: Troubleshooter.
: Does someone have any experiences with the 2 products and could tell me
: what are the pros and cons of each of them ?
: 
: Thank you,
: 
: Yann
: 
: 
: 
: 
: 
:  Découvrez un nouveau moyen de poser toutes vos questions quel que soit
: le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances,
: vos opinions et vos expériences. Cliquez ici:
: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
: .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
: .+w֧B+v*rz+v*汫
.+w֧B+v*rz+v*汫

Re: [ActiveDir] Folder Redirection Issue

2006-10-05 Thread Matt Hargraves 
If you're using a transform file to deploy, you should be able to define the default file location, either as a variable (%homedrive%) or alternatively, you can install the GPO extensions for MS Office and set the item via GPO and stop worrying, as long as you test it a little bit before deploying it out to everyone.
On 10/4/06, Kennedy, Jim [EMAIL PROTECTED] wrote:













"Office
was deployed to the workstations via group policy using an AIP and MST
transform."



Bet
you will find something in that MST that is pointing to the wrong location.
Blow out an Outlook profile on one as a test.









From: [EMAIL PROTECTED]

[mailto:[EMAIL PROTECTED]] On Behalf Of Dan DeStefano
Sent: Wednesday, October 04, 2006 11:02 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Folder Redirection Issue







I
am having a weird problem with folder redirection. I have set the My Documents
redirection to the subfolder of the root drive option and set the path to the
homefolders directory (\\servername\homefolders$). This is supposed to redirect
users my documents to \\servername\homefolders$\%username%\my documents and it
does. The users log onto their PCs and open their My Documents folder fine
– and looking at the properties of their my documents folder confirms
that the redirection is working properly. The problem is that in certain
applications, namely Outlook 2003 (all latest patches and SPs applied). When a
user goes to save an attachment, for example, and clicks on my documents in the
save dialog, they receive the error "cannot access
\\servername\homefolders$, which makes sense since the users do not have access
to the homefolders$ share, just to their subfolder. So Outlook, for some
reason, is not drilling down into the users my documents in the home folder,
but instead is trying to access the root of the homefolders$ share. In other
Office apps, the my documents works fine. There are also no event log entries
that reference this issue.



I
am stuck here as I am unable to find any KB articles that discuss this. Does
anyone have any suggestions? I have not yet reinstalled Outlook because all
other Office apps work fine. Office was deployed to the workstations via group
policy using an AIP and MST transform.





Any
help would be greatly appreciated.



Dan
DeStefano
Info-lution Corporation
[EMAIL PROTECTED]
http://www.info-lution.com
Office: 727 546-9143
FAX: 727 541-5888

If
you have received this message in error please notify the sender, disregard any
content and remove it from your possession.

Re: [ActiveDir] Folder Redirection Issue

2006-10-05 Thread Matt Hargraves 
Sorry, didn't read thoroughly first (oops). Yeah, it sounds like a perms issue, I usually set the root of my user shares directory to have Read/Traverse perms for users in case of an emergency and/or troubleshooting. It's an administrative share anyway, I can understand the paranoia of also setting it to basically be unbrowsable, but it sounds like you're going 1/2 a step too far (at least for the purposes of the applications in your environment).
On 10/5/06, Matt Hargraves [EMAIL PROTECTED] wrote:
If you're using a transform file to deploy, you should be able to define the default file location, either as a variable (%homedrive%) or alternatively, you can install the GPO extensions for MS Office and set the item via GPO and stop worrying, as long as you test it a little bit before deploying it out to everyone.
On 10/4/06, Kennedy, Jim 
[EMAIL PROTECTED] wrote:













Office
was deployed to the workstations via group policy using an AIP and MST
transform.



Bet
you will find something in that MST that is pointing to the wrong location.
Blow out an Outlook profile on one as a test.









From: [EMAIL PROTECTED]

[mailto:[EMAIL PROTECTED]] On Behalf Of Dan DeStefano
Sent: Wednesday, October 04, 2006 11:02 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Folder Redirection Issue







I
am having a weird problem with folder redirection. I have set the My Documents
redirection to the subfolder of the root drive option and set the path to the
homefolders directory (\\servername\homefolders$). This is supposed to redirect
users my documents to \\servername\homefolders$\%username%\my documents and it
does. The users log onto their PCs and open their My Documents folder fine
– and looking at the properties of their my documents folder confirms
that the redirection is working properly. The problem is that in certain
applications, namely Outlook 2003 (all latest patches and SPs applied). When a
user goes to save an attachment, for example, and clicks on my documents in the
save dialog, they receive the error cannot access
\\servername\homefolders$, which makes sense since the users do not have access
to the homefolders$ share, just to their subfolder. So Outlook, for some
reason, is not drilling down into the users my documents in the home folder,
but instead is trying to access the root of the homefolders$ share. In other
Office apps, the my documents works fine. There are also no event log entries
that reference this issue.



I
am stuck here as I am unable to find any KB articles that discuss this. Does
anyone have any suggestions? I have not yet reinstalled Outlook because all
other Office apps work fine. Office was deployed to the workstations via group
policy using an AIP and MST transform.





Any
help would be greatly appreciated.



Dan
DeStefano
Info-lution Corporation
[EMAIL PROTECTED]
http://www.info-lution.com
Office: 727 546-9143
FAX: 727 541-5888

If
you have received this message in error please notify the sender, disregard any
content and remove it from your possession.

RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Ramon Linan 
Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Brian Desmond 
Unattended install doesn't require an image ... it automates windows setup.

You're probably missing something in your MassStorageControllers section.

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:36 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Domain Controller Bare Metal restore
 
 That’s what I have been trying to do, but using one image for all of my
 different hardware types has not worked.  Specifically I can get the
 image to apply via PXE, but once it boots up to go through the SYSPREP
 mini-setup, the splash screen appears and it reboots, it just keeps
 doing that.  The same image works fine on another version of the
 PowerEdge, but on the other model it just continuously reboots.
 
 
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Brian Desmond
 Sent: Thursday, October 05, 2006 8:22 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Domain Controller Bare Metal restore
 
 PXE Boot into an unattended install?
 
 Thanks,
 Brian Desmond
 [EMAIL PROTECTED]
 
 c - 312.731.3132
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:ActiveDir-
  [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF
  NASIC/SCNA
  Sent: Thursday, October 05, 2006 8:11 AM
  To: ActiveDir@mail.activedir.org
  Subject: [ActiveDir] Domain Controller Bare Metal restore
 
  List,
 
  I have been looking at several options to restore a failed DC from
 the
  ground up.  ADS seems to look promising, but its hard to get one
  SYSPREP image for all of my DCs even though they are all flavors of
  Dell PowerEdge, it has proven difficult.  Does anyone know of a good
  solution to restore a DC from the ground up utilizing a network
  connection, without inserting disk and going through the steps.
 
  Thanks,
  Nathaniel V Bahta
  Sr. Systems Administrator
  General Dynamics Information Technology
  (937)257-4757
 
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:ActiveDir-
  [EMAIL PROTECTED] On Behalf Of Mark Parris
  Sent: Wednesday, October 04, 2006 3:24 AM
  To: ActiveDir.org
  Subject: Re: [ActiveDir] choose between SOAD and Netpro directory
  Troubleshooter.
 
  SOAD has a lovely GUI and lots of flashing lights
 
 
  Mark Parris
 
  Base IT Ltd
  Active Directory Consultancy
  Tel +44(0)7801 690596
 
 
  -Original Message-
  From: Yann [EMAIL PROTECTED]
  Date: Tue, 3 Oct 2006 20:11:12
  To:ActiveDir@mail.activedir.org
  Subject: [ActiveDir] choose between SOAD and Netpro directory
  Troubleshooter.
 
  Hello all,
 
  I don't know if it is the right place
  I'm about to test 2 AD Troubleshooters products and I have to choose
  one them to monitor,tshoot our AD infrastructure:
  Spoltligh on Active Directory (SOAD) and Netpro Active Directory
  Troubleshooter.
  Does someone have any experiences with the 2 products and could tell
  me what are the pros and cons of each of them ?
 
  Thank you,
 
  Yann
 
 
 
 
  
   Découvrez un nouveau moyen de poser toutes vos questions quel que
  soit le sujet ! Yahoo! Questions/Réponses pour partager vos
  connaissances, vos opinions et vos expériences. Cliquez ici:
  http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
  .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
  .+w֧B+v*rz+v*汫
 .+w֧B+v*rz+v*汫
 .+w֧B+v*rz+v*汫
[EMAIL PROTECTED])

Re: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Za Vue 

Off Topic?

Ramon Linan wrote:

Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
  

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Almeida Pinto, Jorge de 
OT = Off Topic

http://en.wikipedia.org/wiki/Off-topic

;-) 

-Original Message-
From: [EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan
Sent: Thursday, October 05, 2006 15:40
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front 
of the subject

Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx



This e-mail and any attachment is for authorised use by the intended 
recipient(s) only. It may contain proprietary material, confidential 
information and/or be subject to legal privilege. It should not be copied, 
disclosed to, retained or used by, any other party. If you are not an intended 
recipient then please promptly delete this e-mail and any attachment and all 
copies and inform the sender. Thank you.
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread neil.ruston 
Off topic. You should have used it for this thread :-^

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan
Sent: 05 October 2006 14:40
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front of the
subject

Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx



PLEASE READ: The information contained in this email is confidential and
intended for the named recipient(s) only. If you are not an intended
recipient of this email please notify the sender immediately and delete your
copy from your system. You must not copy, distribute or take any further
action in reliance on it. Email is not a secure method of communication and
Nomura International plc ('NIplc') will not, to the extent permitted by law,
accept responsibility or liability for (a) the accuracy or completeness of,
or (b) the presence of any virus, worm or similar malicious or disabling
code in, this message or any attachment(s) to it. If verification of this
email is sought then please request a hard copy. Unless otherwise stated
this email: (1) is not, and should not be treated or relied upon as,
investment research; (2) contains views or opinions that are solely those of
the author and do not necessarily represent those of NIplc; (3) is intended
for informational purposes only and is not a recommendation, solicitation or
offer to buy or sell securities or related financial instruments.  NIplc
does not provide investment services to private customers.  Authorised and
regulated by the Financial Services Authority.  Registered in England
no. 1550505 VAT No. 447 2492 35.  Registered Office: 1 St Martin's-le-Grand,
London, EC1A 4NP.  A member of the Nomura group of companies.

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Bahta, Nathaniel V CTR USAF NASIC/SCNA 
See I thought that as well, but if I were missing something in my 
MassStorageControllers section, then it would not even boot up to the splash 
screen, it would just BSOD with inaccessible boot device. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 05, 2006 9:45 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

Unattended install doesn't require an image ... it automates windows setup.

You're probably missing something in your MassStorageControllers section.

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:36 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Domain Controller Bare Metal restore
 
 That’s what I have been trying to do, but using one image for all of 
 my different hardware types has not worked.  Specifically I can get 
 the image to apply via PXE, but once it boots up to go through the 
 SYSPREP mini-setup, the splash screen appears and it reboots, it just 
 keeps doing that.  The same image works fine on another version of the 
 PowerEdge, but on the other model it just continuously reboots.
 
 
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Brian Desmond
 Sent: Thursday, October 05, 2006 8:22 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Domain Controller Bare Metal restore
 
 PXE Boot into an unattended install?
 
 Thanks,
 Brian Desmond
 [EMAIL PROTECTED]
 
 c - 312.731.3132
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:ActiveDir- 
  [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
  NASIC/SCNA
  Sent: Thursday, October 05, 2006 8:11 AM
  To: ActiveDir@mail.activedir.org
  Subject: [ActiveDir] Domain Controller Bare Metal restore
 
  List,
 
  I have been looking at several options to restore a failed DC from
 the
  ground up.  ADS seems to look promising, but its hard to get one 
  SYSPREP image for all of my DCs even though they are all flavors of 
  Dell PowerEdge, it has proven difficult.  Does anyone know of a good 
  solution to restore a DC from the ground up utilizing a network 
  connection, without inserting disk and going through the steps.
 
  Thanks,
  Nathaniel V Bahta
  Sr. Systems Administrator
  General Dynamics Information Technology
  (937)257-4757
 
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:ActiveDir- 
  [EMAIL PROTECTED] On Behalf Of Mark Parris
  Sent: Wednesday, October 04, 2006 3:24 AM
  To: ActiveDir.org
  Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
  Troubleshooter.
 
  SOAD has a lovely GUI and lots of flashing lights
 
 
  Mark Parris
 
  Base IT Ltd
  Active Directory Consultancy
  Tel +44(0)7801 690596
 
 
  -Original Message-
  From: Yann [EMAIL PROTECTED]
  Date: Tue, 3 Oct 2006 20:11:12
  To:ActiveDir@mail.activedir.org
  Subject: [ActiveDir] choose between SOAD and Netpro directory 
  Troubleshooter.
 
  Hello all,
 
  I don't know if it is the right place
  I'm about to test 2 AD Troubleshooters products and I have to choose 
  one them to monitor,tshoot our AD infrastructure:
  Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
  Troubleshooter.
  Does someone have any experiences with the 2 products and could tell 
  me what are the pros and cons of each of them ?
 
  Thank you,
 
  Yann
 
 
 
 
  
   Découvrez un nouveau moyen de poser toutes vos questions quel que 
  soit le sujet ! Yahoo! Questions/Réponses pour partager vos 
  connaissances, vos opinions et vos expériences. Cliquez ici:
  http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
  .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
  .+w֧B+v*rz+v*汫
 .+w֧B+v*rz+v*汫
 .+w֧B+v*rz+v*汫
[EMAIL PROTECTED])

RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Daniel Gilbert 
Off Track?

  Original Message 
 Subject: RE: [ActiveDir] what is the meaning of OT in front of the
 subject
 From: Ramon Linan [EMAIL PROTECTED]
 Date: Thu, October 05, 2006 6:39 am
 To: ActiveDir@mail.activedir.org
 
 Some of the subjects have that OT preceding the subject, what's that?
 
 Thanks
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Mark Parris 
Off Topic i.e. the people on the list might know the answer but it's nothing to 
do with Active Directory.

e.g. What are the recommended Anti-Virus exclusions for a Domain Controller?

Mark

Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Ramon Linan [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 09:39:38 
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject

Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Mark Parris 
Look on the Altiris website for Hardware idependent installs v2 - you can 
disect all the info out of this document.



Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 08:35:57 
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

That’s what I have been trying to do, but using one image for all of my 
different hardware types has not worked.  Specifically I can get the image to 
apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the 
splash screen appears and it reboots, it just keeps doing that.  The same image 
works fine on another version of the PowerEdge, but on the other model it just 
continuously reboots. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 05, 2006 8:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

PXE Boot into an unattended install?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:11 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Domain Controller Bare Metal restore
 
 List,
 
 I have been looking at several options to restore a failed DC from the 
 ground up.  ADS seems to look promising, but its hard to get one 
 SYSPREP image for all of my DCs even though they are all flavors of 
 Dell PowerEdge, it has proven difficult.  Does anyone know of a good 
 solution to restore a DC from the ground up utilizing a network 
 connection, without inserting disk and going through the steps.
 
 Thanks,
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Wednesday, October 04, 2006 3:24 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 SOAD has a lovely GUI and lots of flashing lights
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Yann [EMAIL PROTECTED]
 Date: Tue, 3 Oct 2006 20:11:12
 To:ActiveDir@mail.activedir.org
 Subject: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 Hello all,
 
 I don't know if it is the right place
 I'm about to test 2 AD Troubleshooters products and I have to choose 
 one them to monitor,tshoot our AD infrastructure:
 Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
 Troubleshooter.
 Does someone have any experiences with the 2 products and could tell 
 me what are the pros and cons of each of them ?
 
 Thank you,
 
 Yann
 
 
 
 
 
  Découvrez un nouveau moyen de poser toutes vos questions quel que 
 soit le sujet ! Yahoo! Questions/Réponses pour partager vos 
 connaissances, vos opinions et vos expériences. Cliquez ici:
 http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
 .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
 .+w֧B+v*rz+v*汫
.+w֧B+v*rz+v*汫
[EMAIL PROTECTED])[EMAIL PROTECTED])

RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Laura A. Robinson 
Off-topic. 

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of 
 Daniel Gilbert
 Sent: Thursday, October 05, 2006 10:14 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] what is the meaning of OT in front 
 of the subject
 
 Off Track?
 
   Original Message 
  Subject: RE: [ActiveDir] what is the meaning of OT in front of the 
  subject
  From: Ramon Linan [EMAIL PROTECTED]
  Date: Thu, October 05, 2006 6:39 am
  To: ActiveDir@mail.activedir.org
  
  Some of the subjects have that OT preceding the subject, 
 what's that?
  
  Thanks
  List info   : http://www.activedir.org/List.aspx
  List FAQ: http://www.activedir.org/ListFAQ.aspx
  List archive: http://www.activedir.org/ml/threads.aspx
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Goiong further OT :) RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread neil.ruston 
It's funny how we quote wikis as definitive sources of information, when
they can be edited by anyone and everyone :) 

Who vets the edits and how much does that person know about the subject
matter??
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge de
Sent: 05 October 2006 14:57
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front of the
subject

OT = Off Topic

http://en.wikipedia.org/wiki/Off-topic

;-) 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan
Sent: Thursday, October 05, 2006 15:40
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front of the 
subject

Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx



This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be
copied, disclosed to, retained or used by, any other party. If you are
not an intended recipient then please promptly delete this e-mail and
any attachment and all copies and inform the sender. Thank you.
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx



PLEASE READ: The information contained in this email is confidential and
intended for the named recipient(s) only. If you are not an intended
recipient of this email please notify the sender immediately and delete your
copy from your system. You must not copy, distribute or take any further
action in reliance on it. Email is not a secure method of communication and
Nomura International plc ('NIplc') will not, to the extent permitted by law,
accept responsibility or liability for (a) the accuracy or completeness of,
or (b) the presence of any virus, worm or similar malicious or disabling
code in, this message or any attachment(s) to it. If verification of this
email is sought then please request a hard copy. Unless otherwise stated
this email: (1) is not, and should not be treated or relied upon as,
investment research; (2) contains views or opinions that are solely those of
the author and do not necessarily represent those of NIplc; (3) is intended
for informational purposes only and is not a recommendation, solicitation or
offer to buy or sell securities or related financial instruments.  NIplc
does not provide investment services to private customers.  Authorised and
regulated by the Financial Services Authority.  Registered in England
no. 1550505 VAT No. 447 2492 35.  Registered Office: 1 St Martin's-le-Grand,
London, EC1A 4NP.  A member of the Nomura group of companies.

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] OT: Exchange in environment - reboot necessary after a DC has been made a GC

2006-10-05 Thread victor-w 
I have been spending a little more time on this.
RPC Dump wouldnt run before and gave me an error (see earlier post).
I now managed to get it working.

To summarize it all:

Exchange 2003 SP2 throws an error in the Eventlog (Event ID 9176) which 
seems to indicate that
the GC it is contacting doesnt support the NSPI service. According to 
the information in that same Event ID
this would be due to the fact that the DC had not been rebooted after 
it having been made a GC.

I ran RPC Dump on the GC in question and have enclosed the output (I 
took everything but NSP).
By the way, this GC is a root DC which is on W2K.

Is NSP listed the way it should be?

Cheers and thanks,


Victor  


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: zaterdag 23 september 2006 2:52
To: ActiveDir@mail.activedir.org
Subject: RE: RE: [ActiveDir] OT: Exchange in environment - reboot 
necessary
after a DC has been made a GC

What is the rev of the DC? Using RPC Dump do you see MS NT Directory 
NSP
Interface interfaces listed?

  joe


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm 
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of victor-
[EMAIL PROTECTED]
Sent: Friday, September 22, 2006 11:07 AM
To: ActiveDir@mail.activedir.org
Subject: Re: RE: [ActiveDir] OT: Exchange in environment - reboot 
necessary
after a DC has been made a GC

Yeah, I thought so, thanks for the info.

The damn thing is that Exchange still throws event 9176:

Event ID 9176 from MSExchangeSA occurred 1 times (NSPI Proxy can contact
Global Catalog servername but it does not support the NSPI service. 
After
a Domain Controller is promoted to a Global Catalog, the  Global Catalog
must be rebooted to support MAPI Clients.  
Reboot servernamerio as  soon as possible.





- Oorspronkelijk bericht -
Van: joe [EMAIL PROTECTED]
Datum: vrijdag, september 22, 2006 4:38 pm
Onderwerp: RE: [ActiveDir] OT: Exchange in environment - reboot 
necessary
after a DC has been made a GC

 This is no longer necessary with current revs of AD. It was necessary 
 previously to get the NSPI functionality to fire up. Now it does that 
 automagically.
 
 
 --
 O'Reilly Active Directory Third Edition - 
 http://www.joeware.net/win/ad3e.htm
 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of victor-
 [EMAIL PROTECTED]: Friday, September 22, 2006 10:31 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: Exchange in environment - reboot necessary 
 after a DC has been made a GC
 
 A question came up wether or not a reboot is really necessary after a 
 DC has been made GC and Exchange would need to use this GC.
 
 I have worked in a pretty large environment (at least to my standards 
 :- )). Where DC's did not get rebooted afther having been made GC's.
 The
 AD admins simply waited until event 1119 appeared.
 
 I have read the following article which indicates a reboot is 
 necessary if you have Exchange in the environment.
 
 http://support.microsoft.com/kb/304403/
 
 But is this really still necessary with Exchange 2003 SP2 and Windows
 2003 SP1?
 
 Cheers,
 
 
 Victor
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx


 
 


Querying Endpoint Mapper Database... 
62 registered endpoints found. 

 
ProtSeq:ncacn_http 
Endpoint:1029 
NetOpt: 
Annotation:MS NT Directory NSP Interface 
IsListening:NOT_PINGED 
StringBinding:ncacn_http:10.34.0.4[1029] 
UUID:f5cc5a18-4264-101a-8c59-08002b2f8426 
ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT 
VersMajor 56  VersMinor 0 
 

ProtSeq:ncadg_ip_udp 
Endpoint:1028 
NetOpt: 
Annotation:MS NT Directory NSP Interface 
IsListening:NOT_PINGED 
StringBinding:ncadg_ip_udp:10.34.0.4[1028] 
UUID:f5cc5a18-4264-101a-8c59-08002b2f8426 
ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT 
VersMajor 56  VersMinor 0 

 
ProtSeq:ncalrpc 
Endpoint:NTDS_LPC 
NetOpt: 
Annotation:MS NT Directory NSP Interface 
IsListening:NOT_PINGED 
StringBinding:ncalrpc:[NTDS_LPC] 
UUID:f5cc5a18-4264-101a-8c59-08002b2f8426 
ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT 
VersMajor 56  VersMinor 0 

 
ProtSeq:ncalrpc 
Endpoint:LRPC0190.0001 
NetOpt: 
Annotation:MS NT Directory NSP Interface 
IsListening:NOT_PINGED 
StringBinding:ncalrpc:[LRPC0190.0001] 
UUID:f5cc5a18-4264-101a-8c59-08002b2f8426

[ActiveDir] Not receiving email from this list

2006-10-05 Thread Alex Alborzfard 
I'm not getting emails from this list at my work email, starting last
Thursday. Has anyone else experienced the same thing?

Alex

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Mark Parris 
The constant reboot is often a different HAL, multiproc, singleproc, damn 
hyperthreading, or APCI non APCI,


Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Mark Parris [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 14:30:35 
To:ActiveDir.org ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Domain Controller Bare Metal restore

Look on the Altiris website for Hardware idependent installs v2 - you can 
disect all the info out of this document.



Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 08:35:57 
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

That’s what I have been trying to do, but using one image for all of my 
different hardware types has not worked.  Specifically I can get the image to 
apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the 
splash screen appears and it reboots, it just keeps doing that.  The same image 
works fine on another version of the PowerEdge, but on the other model it just 
continuously reboots. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 05, 2006 8:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

PXE Boot into an unattended install?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:11 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Domain Controller Bare Metal restore
 
 List,
 
 I have been looking at several options to restore a failed DC from the 
 ground up.  ADS seems to look promising, but its hard to get one 
 SYSPREP image for all of my DCs even though they are all flavors of 
 Dell PowerEdge, it has proven difficult.  Does anyone know of a good 
 solution to restore a DC from the ground up utilizing a network 
 connection, without inserting disk and going through the steps.
 
 Thanks,
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Wednesday, October 04, 2006 3:24 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 SOAD has a lovely GUI and lots of flashing lights
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Yann [EMAIL PROTECTED]
 Date: Tue, 3 Oct 2006 20:11:12
 To:ActiveDir@mail.activedir.org
 Subject: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 Hello all,
 
 I don't know if it is the right place
 I'm about to test 2 AD Troubleshooters products and I have to choose 
 one them to monitor,tshoot our AD infrastructure:
 Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
 Troubleshooter.
 Does someone have any experiences with the 2 products and could tell 
 me what are the pros and cons of each of them ?
 
 Thank you,
 
 Yann
 
 
 
 
 
  Découvrez un nouveau moyen de poser toutes vos questions quel que 
 soit le sujet ! Yahoo! Questions/Réponses pour partager vos 
 connaissances, vos opinions et vos expériences. Cliquez ici:
 http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
 .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
 .+w֧B+v*rz+v*汫
.+w֧B+v*rz+v*汫
[EMAIL PROTECTED])[EMAIL PROTECTED])[EMAIL PROTECTED])

RE: Goiong further OT :) RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Laura A. Robinson 
Funnily enough, there's a wiki entry about this... :-)

http://en.wikipedia.org/wiki/Wikipedia:Introduction 

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of 
 [EMAIL PROTECTED]
 Sent: Thursday, October 05, 2006 11:08 AM
 To: ActiveDir@mail.activedir.org
 Subject: Goiong further OT :) RE: [ActiveDir] what is the 
 meaning of OT in front of the subject
 
 It's funny how we quote wikis as definitive sources of 
 information, when they can be edited by anyone and everyone :) 
 
 Who vets the edits and how much does that person know about 
 the subject matter??
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of 
 Almeida Pinto, Jorge de
 Sent: 05 October 2006 14:57
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] what is the meaning of OT in front 
 of the subject
 
 OT = Off Topic
 
 http://en.wikipedia.org/wiki/Off-topic
 
 ;-) 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of 
 Ramon Linan
 Sent: Thursday, October 05, 2006 15:40
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] what is the meaning of OT in front of the 
 subject
 
 Some of the subjects have that OT preceding the subject, 
 what's that?
 
 Thanks
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 
 
 
 This e-mail and any attachment is for authorised use by the intended
 recipient(s) only. It may contain proprietary material, 
 confidential information and/or be subject to legal 
 privilege. It should not be copied, disclosed to, retained or 
 used by, any other party. If you are not an intended 
 recipient then please promptly delete this e-mail and any 
 attachment and all copies and inform the sender. Thank you.
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 
 
 
 PLEASE READ: The information contained in this email is 
 confidential and intended for the named recipient(s) only. If 
 you are not an intended recipient of this email please notify 
 the sender immediately and delete your copy from your system. 
 You must not copy, distribute or take any further action in 
 reliance on it. Email is not a secure method of communication 
 and Nomura International plc ('NIplc') will not, to the 
 extent permitted by law, accept responsibility or liability 
 for (a) the accuracy or completeness of, or (b) the presence 
 of any virus, worm or similar malicious or disabling code in, 
 this message or any attachment(s) to it. If verification of 
 this email is sought then please request a hard copy. Unless 
 otherwise stated this email: (1) is not, and should not be 
 treated or relied upon as, investment research; (2) contains 
 views or opinions that are solely those of the author and do 
 not necessarily represent those of NIplc; (3) is intended for 
 informational purposes only and is not a recommendation, 
 solicitation or offer to buy or sell securities or related 
 financial instruments.  NIplc does not provide investment 
 services to private customers.  Authorised and regulated by 
 the Financial Services Authority.  Registered in England no. 
 1550505 VAT No. 447 2492 35.  Registered Office: 1 St 
 Martin's-le-Grand, London, EC1A 4NP.  A member of the Nomura 
 group of companies.
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Bahta, Nathaniel V CTR USAF NASIC/SCNA 
Yeah that’s what I used to make my sysprep.inf file.  It is very informative, 
better than MS's stuff by all means.   


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Thursday, October 05, 2006 10:31 AM
To: ActiveDir.org
Subject: Re: [ActiveDir] Domain Controller Bare Metal restore

Look on the Altiris website for Hardware idependent installs v2 - you can 
disect all the info out of this document.



Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 08:35:57
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

That’s what I have been trying to do, but using one image for all of my 
different hardware types has not worked.  Specifically I can get the image to 
apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the 
splash screen appears and it reboots, it just keeps doing that.  The same image 
works fine on another version of the PowerEdge, but on the other model it just 
continuously reboots. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 05, 2006 8:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

PXE Boot into an unattended install?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:11 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Domain Controller Bare Metal restore
 
 List,
 
 I have been looking at several options to restore a failed DC from the 
 ground up.  ADS seems to look promising, but its hard to get one 
 SYSPREP image for all of my DCs even though they are all flavors of 
 Dell PowerEdge, it has proven difficult.  Does anyone know of a good 
 solution to restore a DC from the ground up utilizing a network 
 connection, without inserting disk and going through the steps.
 
 Thanks,
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Wednesday, October 04, 2006 3:24 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 SOAD has a lovely GUI and lots of flashing lights
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Yann [EMAIL PROTECTED]
 Date: Tue, 3 Oct 2006 20:11:12
 To:ActiveDir@mail.activedir.org
 Subject: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 Hello all,
 
 I don't know if it is the right place
 I'm about to test 2 AD Troubleshooters products and I have to choose 
 one them to monitor,tshoot our AD infrastructure:
 Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
 Troubleshooter.
 Does someone have any experiences with the 2 products and could tell 
 me what are the pros and cons of each of them ?
 
 Thank you,
 
 Yann
 
 
 
 
 
  Découvrez un nouveau moyen de poser toutes vos questions quel que 
 soit le sujet ! Yahoo! Questions/Réponses pour partager vos 
 connaissances, vos opinions et vos expériences. Cliquez ici:
 http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
 .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
 .+w֧B+v*rz+v*汫
.+w֧B+v*rz+v*汫
[EMAIL PROTECTED])[EMAIL PROTECTED])
[EMAIL PROTECTED])

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Bahta, Nathaniel V CTR USAF NASIC/SCNA 
Youre exactly right Mark, hyperthreading is enabled on the hardware that 
reboots and not enabled on the hardware that does not.  Is there a best 
practice for a situation like this? 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Thursday, October 05, 2006 11:33 AM
To: ActiveDir.org
Subject: Re: [ActiveDir] Domain Controller Bare Metal restore

The constant reboot is often a different HAL, multiproc, singleproc, damn 
hyperthreading, or APCI non APCI,


Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Mark Parris [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 14:30:35
To:ActiveDir.org ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Domain Controller Bare Metal restore

Look on the Altiris website for Hardware idependent installs v2 - you can 
disect all the info out of this document.



Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 08:35:57
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

That’s what I have been trying to do, but using one image for all of my 
different hardware types has not worked.  Specifically I can get the image to 
apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the 
splash screen appears and it reboots, it just keeps doing that.  The same image 
works fine on another version of the PowerEdge, but on the other model it just 
continuously reboots. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 05, 2006 8:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

PXE Boot into an unattended install?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:11 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Domain Controller Bare Metal restore
 
 List,
 
 I have been looking at several options to restore a failed DC from the 
 ground up.  ADS seems to look promising, but its hard to get one 
 SYSPREP image for all of my DCs even though they are all flavors of 
 Dell PowerEdge, it has proven difficult.  Does anyone know of a good 
 solution to restore a DC from the ground up utilizing a network 
 connection, without inserting disk and going through the steps.
 
 Thanks,
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Wednesday, October 04, 2006 3:24 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 SOAD has a lovely GUI and lots of flashing lights
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Yann [EMAIL PROTECTED]
 Date: Tue, 3 Oct 2006 20:11:12
 To:ActiveDir@mail.activedir.org
 Subject: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 Hello all,
 
 I don't know if it is the right place
 I'm about to test 2 AD Troubleshooters products and I have to choose 
 one them to monitor,tshoot our AD infrastructure:
 Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
 Troubleshooter.
 Does someone have any experiences with the 2 products and could tell 
 me what are the pros and cons of each of them ?
 
 Thank you,
 
 Yann
 
 
 
 
 
  Découvrez un nouveau moyen de poser toutes vos questions quel que 
 soit le sujet ! Yahoo! Questions/Réponses pour partager vos 
 connaissances, vos opinions et vos expériences. Cliquez ici:
 http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
 .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
 .+w֧B+v*rz+v*汫
.+w֧B+v*rz+v*汫
[EMAIL PROTECTED])[EMAIL PROTECTED])[EMAIL PROTECTED])

Re: [ActiveDir] Not receiving email from this list

2006-10-05 Thread Tim Foster 
I get some; but many are blank (sometimes blank from Brian Desmond, always from Mark Parris).
On 10/5/06, Alex Alborzfard [EMAIL PROTECTED] wrote:
I'm not getting emails from this list at my work email, starting lastThursday. Has anyone else experienced the same thing?
AlexList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Brett Shirley 
Huh, I would've considered that on-topic ... esp. when threads start How
do I configure a Exchange mailbox blah blah ... right like we know about
Exchange?

Cheers,
-BrettSh

no warranties, yada, yada ...


On Thu, 5 Oct 2006, Mark Parris wrote:

 Off Topic i.e. the people on the list might know the answer but it's nothing 
 to do with Active Directory.
 
 e.g. What are the recommended Anti-Virus exclusions for a Domain Controller?
 
 Mark
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Ramon Linan [EMAIL PROTECTED]
 Date: Thu, 5 Oct 2006 09:39:38 
 To:ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject
 
 Some of the subjects have that OT preceding the subject, what's that?
 
 Thanks
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Not receiving email from this list

2006-10-05 Thread Ramon Linan 
I was not receiving them until I realized that it was our sonicwall
antispam...I have had no problem since then.

Rezuma 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alex Alborzfard
Sent: Thursday, October 05, 2006 11:34 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Not receiving email from this list

I'm not getting emails from this list at my work email, starting last
Thursday. Has anyone else experienced the same thing?

Alex

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] OT: wikis

2006-10-05 Thread Ramon Linan 
Right, and remember there is not absolute truth!! :) 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
Sent: Thursday, October 05, 2006 11:49 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: wikis


 It's funny how we quote wikis as definitive sources of information, 
 when they can be edited by anyone and everyone :)

 Who vets the edits and how much does that person know about the 
 subject matter??

Anyone can edit, which is why they are generally correct.  When 100,000
people view a record, and 2 people want to change it to be incorrect,
999,998 will want to correct it.

I wouldn't use a wiki as a great historical or technical source.  But
for encyclopedia entries, which give a good summation of a subject, they
are great.


List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] OT: wikis

2006-10-05 Thread Laura A. Robinson 
999,998 + 2 = 1,000,000, not 100,000. ;-) 

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: wikis
 
 
  It's funny how we quote wikis as definitive sources of information, 
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the 
  subject matter??
 
 Anyone can edit, which is why they are generally correct.  
 When 100,000 people view a record, and 2 people want to 
 change it to be incorrect,
 999,998 will want to correct it.
 
 I wouldn't use a wiki as a great historical or technical 
 source.  But for encyclopedia entries, which give a good 
 summation of a subject, they are great.
 
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

[ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread J B 



Argh! On one of our file servers, there is a 
"public" directory that allows any authenticated user to do anything within it 
(minus changing permissions). MP3 files and folders appear there every so 
often and are removed soon thereafter. Is there some way for me to tell 
who has created these folders and MP3 files?

Every time I check, no one is currently accessing 
the files - which would be an easy way for me to 
know...

RE: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Grillenmeier, Guido 
While this thread is OT, I'd actually consider your example to be right 
on-topic ;-)

/Guido

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Thursday, October 05, 2006 4:28 PM
To: ActiveDir.org
Subject: Re: [ActiveDir] what is the meaning of OT in front of the subject

Off Topic i.e. the people on the list might know the answer but it's nothing to 
do with Active Directory.

e.g. What are the recommended Anti-Virus exclusions for a Domain Controller?

Mark

Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Ramon Linan [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 09:39:38
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject

Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: wikis

2006-10-05 Thread Brett Shirley 
Except when 99% of the common wisdom about something is wrong, like in the
case of ESE / JET Blue ... ;-)

Cheers,
-BrettSh

On Thu, 5 Oct 2006, Greg Nims wrote:

 
  It's funny how we quote wikis as definitive sources of information, when
  they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the subject
  matter??
 
 Anyone can edit, which is why they are generally correct.  When 100,000 
 people view a record, and 2 people want to change it to be incorrect, 
 999,998 will want to correct it.
 
 I wouldn't use a wiki as a great historical or technical source.  But for 
 encyclopedia entries, which give a good summation of a subject, they are 
 great.
 
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Single forest with two domain trees to splut up.

2006-10-05 Thread Grillenmeier, Guido 
The DomainB that you want to split off still needs the root domain (DomainA) to 
work.

So you can't just say screw DomainA and cut it off. You'll need at least 1 (2 
for redundancy) DCs of DomainA to remain in the site you wish to split off. No 
problems to get rid of DomainB in the site that keeps DomainA.

There are still multiple risks with this approach as you don't need direct 
connectivity for the folks in Site2 (DomainB) to do harm to your folks in Site1 
(DomainA) - they still have the same Enterprise Admins and local Admins SID in 
the root domain and you can do a lot of things with a notebook that travels 
between these sites...

So ideally (and really the only way to do it safely from a security standpoint) 
you're talking about a migration of your DomainB objects to a new forest.

/Guido



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of knighTslayer
Sent: Wednesday, October 04, 2006 11:10 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Single forest with two domain trees to splut up.

Hello,

This is my first post, so please forgive me if this question has already
been asked...

I have a mixed AD forest with two domain trees.  Each domain tree is located
at a different geographical site, and sites and services is configured to
reflect this.  DomainA has the namespace of 'logistics.ads' and DomainB has
a namespace of 'finance.dom' The very first domain tree (DomainA) is a
Windows 2000 domain and the second domain tree (DomainB) is a Windows 2003
domain.

Finance.dom has been bought by a third party and I must split the forest in
two and resolve any issues that arises from doing this.  As logistics.ads
was the first domain in the forest, it holds the Schema Master role and
Domain naming master role.

Exchange 2000 is installed at DomainA and Exchange 2003 is installed in
DomainB.  Administrative groups are used to reflect the geographical
topology of my set-up.  Each domain has its own SMTP namespace and SMTP
routing will not be a problem as I can comfortably overcome this.  The GAL
being split and replaced with contacts is acceptable and I have no issues at
this level.

The WAN connection between the domains will be removed and the only means of
communication between the two organisations will be through SMTP routing
through the internet and nothing else.  No other application between the
domains are in use, besides Exchange.

My current plan is to simply cut the link between the sites and seize the
roles that are missing from the newly split domains - so in effect bringing
up two forests.  Issues with Exchange, ghosted servers in AD, and so on will
be removed using ADSI edit and NTDSutil.

My main question is this: is there better technique I should follow for
splitting up a forest or am I on the right track?

Thanks in advance
René

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Forest trusts

2006-10-05 Thread Grillenmeier, Guido 
It will, but it is a solvable problem.  You'll also have some headaches for the 
trust itself, but that's where the nifty Win2003 features such as Name Suffix 
Routing and Top Level Name Restrictions come into play.

/Guido

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Gilbert
Sent: Tuesday, October 03, 2006 4:32 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Forest trusts

Don't you have to do some DNS delegations to ensure clients in one
forest can find clients in the other forest?

I would think that having domain.com as the tier two for both forests
will cause some unique DNS headaches.

Dan

  Original Message 
 Subject: RE: [ActiveDir] Forest trusts
 From: Almeida Pinto, Jorge de [EMAIL PROTECTED]
 Date: Tue, October 03, 2006 6:47 am
 To: ActiveDir@mail.activedir.org

 Both forests can be connected to each other as long as within the
 connected environment each domain name is unique (NetBIOS and DNS)...

 So if you have a forest called DOMAIN.COM (NetBIOS = DOMAIN) and another
 forest called SUB.DOMAIN.COM (NetBIOS = SUB) you can connect them to
 each and setup trusts between the forests.

 jorge

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Lev Zdenek
 Sent: Tuesday, October 03, 2006 15:35
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Forest trusts
 
 Hello evr.
 I have two independent forests.
 Is it possible to trust forests which share a same name
 space. For example. I have domain in first forest domain.com
 and a domain in second forest my.domain.com. If not is it
 possible to migrate with some tools a domain my.domain.com
 to domain domain.com ?
 Thx
 Zdenek Lev
 
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 


 This e-mail and any attachment is for authorised use by the intended 
 recipient(s) only. It may contain proprietary material, confidential 
 information and/or be subject to legal privilege. It should not be copied, 
 disclosed to, retained or used by, any other party. If you are not an 
 intended recipient then please promptly delete this e-mail and any attachment 
 and all copies and inform the sender. Thank you.
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

[ActiveDir] Trusts and policy issues

2006-10-05 Thread Cothern, Jeffrey D Mr CTR USSOCOM HQ 
Scenario:

Two domains.  

Domain A is a child of Forest A.  
Domain B is the Root of Forest B.

Domain B trusts Domain A
Domain A selectively Trusts Domain B.

Trying to setup so that Group policies for the users from Domain
B will apply on a workstation from Domain A.  

   Actions:

I set a GPO with Allow Cross-Forest User Policy and
Roaming User Profiles.
Set within Domain A AD to Allow Authenticate on a
specific workstation.

   RSOP:

When I check on the machine I do not get the option to
check for the user from Domain B on that workstation.  I only see Domain
A or local users.

Am I missing something or is this possible when your using Selective
Authentication?

Jeff

 
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Mark Parris 
What is do here is usually enable hyperthreading or disable it if applicable or 
swap the hal out, a KB article is available on microsoft to do this.




Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 12:22:41 
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

Youre exactly right Mark, hyperthreading is enabled on the hardware that 
reboots and not enabled on the hardware that does not.  Is there a best 
practice for a situation like this? 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology 
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Thursday, October 05, 2006 11:33 AM
To: ActiveDir.org
Subject: Re: [ActiveDir] Domain Controller Bare Metal restore

The constant reboot is often a different HAL, multiproc, singleproc, damn 
hyperthreading, or APCI non APCI,


Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Mark Parris [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 14:30:35
To:ActiveDir.org ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Domain Controller Bare Metal restore

Look on the Altiris website for Hardware idependent installs v2 - you can 
disect all the info out of this document.



Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 08:35:57
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

That’s what I have been trying to do, but using one image for all of my 
different hardware types has not worked.  Specifically I can get the image to 
apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the 
splash screen appears and it reboots, it just keeps doing that.  The same image 
works fine on another version of the PowerEdge, but on the other model it just 
continuously reboots. 


Nathaniel V Bahta
Sr. Systems Administrator
General Dynamics Information Technology
(937)257-4757 

 

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Thursday, October 05, 2006 8:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Domain Controller Bare Metal restore

PXE Boot into an unattended install?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF 
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 8:11 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Domain Controller Bare Metal restore
 
 List,
 
 I have been looking at several options to restore a failed DC from the 
 ground up.  ADS seems to look promising, but its hard to get one 
 SYSPREP image for all of my DCs even though they are all flavors of 
 Dell PowerEdge, it has proven difficult.  Does anyone know of a good 
 solution to restore a DC from the ground up utilizing a network 
 connection, without inserting disk and going through the steps.
 
 Thanks,
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir- 
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Wednesday, October 04, 2006 3:24 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 SOAD has a lovely GUI and lots of flashing lights
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Yann [EMAIL PROTECTED]
 Date: Tue, 3 Oct 2006 20:11:12
 To:ActiveDir@mail.activedir.org
 Subject: [ActiveDir] choose between SOAD and Netpro directory 
 Troubleshooter.
 
 Hello all,
 
 I don't know if it is the right place
 I'm about to test 2 AD Troubleshooters products and I have to choose 
 one them to monitor,tshoot our AD infrastructure:
 Spoltligh on Active Directory (SOAD) and Netpro Active Directory 
 Troubleshooter.
 Does someone have any experiences with the 2 products and could tell 
 me what are the pros and cons of each of them ?
 
 Thank you,
 
 Yann
 
 
 
 
 
  Découvrez un nouveau moyen de poser toutes vos questions quel que 
 soit le sujet ! Yahoo! Questions/Réponses pour partager vos 
 connaissances, vos opinions et vos expériences. Cliquez ici:
 http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
 .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
 .+w֧B+v*rz+v*汫
.+w֧B+v*rz+v*汫
[EMAIL PROTECTED])[EMAIL PROTECTED])[EMAIL PROTECTED])
[EMAIL PROTECTED])

RE: [ActiveDir] Domain Controller Bare Metal restore

2006-10-05 Thread Brian Desmond 
What brand of hardware is it? Maybe disable it as part of your imaging process 
and enable it when complete?

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF
 NASIC/SCNA
 Sent: Thursday, October 05, 2006 12:23 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Domain Controller Bare Metal restore
 
 Youre exactly right Mark, hyperthreading is enabled on the hardware
 that reboots and not enabled on the hardware that does not.  Is there a
 best practice for a situation like this?
 
 
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Mark Parris
 Sent: Thursday, October 05, 2006 11:33 AM
 To: ActiveDir.org
 Subject: Re: [ActiveDir] Domain Controller Bare Metal restore
 
 The constant reboot is often a different HAL, multiproc, singleproc,
 damn hyperthreading, or APCI non APCI,
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Mark Parris [EMAIL PROTECTED]
 Date: Thu, 5 Oct 2006 14:30:35
 To:ActiveDir.org ActiveDir@mail.activedir.org
 Subject: Re: [ActiveDir] Domain Controller Bare Metal restore
 
 Look on the Altiris website for Hardware idependent installs v2 - you
 can disect all the info out of this document.
 
 
 
 Mark Parris
 
 Base IT Ltd
 Active Directory Consultancy
 Tel +44(0)7801 690596
 
 
 -Original Message-
 From: Bahta, Nathaniel V CTR USAF NASIC/SCNA
 [EMAIL PROTECTED]
 Date: Thu, 5 Oct 2006 08:35:57
 To:ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Domain Controller Bare Metal restore
 
 That’s what I have been trying to do, but using one image for all of my
 different hardware types has not worked.  Specifically I can get the
 image to apply via PXE, but once it boots up to go through the SYSPREP
 mini-setup, the splash screen appears and it reboots, it just keeps
 doing that.  The same image works fine on another version of the
 PowerEdge, but on the other model it just continuously reboots.
 
 
 Nathaniel V Bahta
 Sr. Systems Administrator
 General Dynamics Information Technology
 (937)257-4757
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Brian Desmond
 Sent: Thursday, October 05, 2006 8:22 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Domain Controller Bare Metal restore
 
 PXE Boot into an unattended install?
 
 Thanks,
 Brian Desmond
 [EMAIL PROTECTED]
 
 c - 312.731.3132
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:ActiveDir-
  [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF
  NASIC/SCNA
  Sent: Thursday, October 05, 2006 8:11 AM
  To: ActiveDir@mail.activedir.org
  Subject: [ActiveDir] Domain Controller Bare Metal restore
 
  List,
 
  I have been looking at several options to restore a failed DC from
 the
  ground up.  ADS seems to look promising, but its hard to get one
  SYSPREP image for all of my DCs even though they are all flavors of
  Dell PowerEdge, it has proven difficult.  Does anyone know of a good
  solution to restore a DC from the ground up utilizing a network
  connection, without inserting disk and going through the steps.
 
  Thanks,
  Nathaniel V Bahta
  Sr. Systems Administrator
  General Dynamics Information Technology
  (937)257-4757
 
 
 
  -Original Message-
  From: [EMAIL PROTECTED] [mailto:ActiveDir-
  [EMAIL PROTECTED] On Behalf Of Mark Parris
  Sent: Wednesday, October 04, 2006 3:24 AM
  To: ActiveDir.org
  Subject: Re: [ActiveDir] choose between SOAD and Netpro directory
  Troubleshooter.
 
  SOAD has a lovely GUI and lots of flashing lights
 
 
  Mark Parris
 
  Base IT Ltd
  Active Directory Consultancy
  Tel +44(0)7801 690596
 
 
  -Original Message-
  From: Yann [EMAIL PROTECTED]
  Date: Tue, 3 Oct 2006 20:11:12
  To:ActiveDir@mail.activedir.org
  Subject: [ActiveDir] choose between SOAD and Netpro directory
  Troubleshooter.
 
  Hello all,
 
  I don't know if it is the right place
  I'm about to test 2 AD Troubleshooters products and I have to choose
  one them to monitor,tshoot our AD infrastructure:
  Spoltligh on Active Directory (SOAD) and Netpro Active Directory
  Troubleshooter.
  Does someone have any experiences with the 2 products and could tell
  me what are the pros and cons of each of them ?
 
  Thank you,
 
  Yann
 
 
 
 
  
   Découvrez un nouveau moyen de poser toutes vos questions quel que
  soit le sujet ! Yahoo! Questions/Réponses pour partager vos
  connaissances, vos opinions et vos expériences. Cliquez ici:
  http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com .
  .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û­æ±«
  .+w֧B+v*rz+v*汫

Re: [ActiveDir] ADAM on XP Pro

2006-10-05 Thread Al Mulnick 
A hybrid approach to storing it on EFS would be to use a laptop specific protection program. Something that encrypts the harddrive and prevents the laptop from being hacked via off-line means. This may or may not mitigate the legal concerns, but it would help to protect the data on a laptop that's gone missing. 
Saying that, I'm trying to see the benefit of using ADAM for, in essence a single user application. Seems overkill in my mind. If they want to have centralized control over the identities in an off-line fashion, then I suggest that ADAM might not be the right technology for their needs. As the others have alluded to, the replication would be difficult to manage as it's not really intended to be managed that way in my opinion. And relying on the client to sync up with the mothership is no way to enforce security. That's similar to asking a child to make sure he guards the cookie jar from himself. :)
AlOn 10/5/06, Lee Flight [EMAIL PROTECTED] wrote:
I had an exchange with a vendor who was planning on a similar approach:http://groups.google.co.uk/group/microsoft.public.windows.server.active_
directory/browse_frm/thread/83248bf50f9f76ec/2aac67203f612e2amy summary, see the end of the archived thread, was that theyshould talk to Microsoft about this use of the replication modelas it did not seem appropriate use of a multimaster replication
model to me. Even if we had RO ADAM instances I still think itwould be a pain to manage... let us know how you get onThanksLee FlightOn Wed, 4 Oct 2006, Tony Murray wrote: Thanks Dmitri
 Yes, my security concern was with regard to laptop theft.As you say, these are ADAM and not AD accounts, so the risk of compromise is localised to the application.Good tip about EFS (even if I'm not a big fan of it generally).There may be other options (
e.g. hardware encryption). I will give some further thought to the potential replication issues you mention when I know more about the application - I haven't managed to get my hands on it yet :-)
 Tony -- Original Message -- From: Dmitri Gavrilov [EMAIL PROTECTED] Reply-To: 
ActiveDir@mail.activedir.org Date:Wed, 4 Oct 2006 20:18:28 -0700 ADAM on XP is no different from ADAM on w2k3 security-wise. The big differences are that it is throttled somewhat perf-wise, and also
 there's no auditing. I do not see any serious security problems with this approach. Unless you are thinking that somebody steals the laptop, cracks the DIT open and brute-forces the pwd hashes? Store the DIT on an EFS volume then. In
 any case, these are ADAM users, not windows... The only problem will be replication -- instances will complain that they are unable to replicate when in offline mode. Perhaps this can be
 resolved by creating a separate site for every instance and setting up manual links to the hub instance. Hmm. Not sure. I guess it depends on how long they'll stay offline. KCC is not really optimized to work well
 in such scenarios. -Original Message- From: [EMAIL PROTECTED] [mailto:
[EMAIL PROTECTED]] On Behalf Of Tony Murray Sent: Wednesday, October 04, 2006 7:34 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] ADAM on XP Pro
 I've been talking to a vendor about an application they are developing. It involves running ADAM instances on XP Pro machines (laptops) that replicate with a centralised ADAM instance running on W2K3.I don't
 have further details at this stage, but I believe the they are planning to use the local ADAM instance to authenticate laptop users to an application when they are off-line. In addition to security concerns with this approach, I'm not really
 comfortable with the idea of ADAM instances on laptops being part of a configuration set.I had always understool ADAM on XP to be used for a personal data store (
http://technet2.microsoft.com/WindowsServer/en/library/29fb059e-544c-45 77-bf7c-ba4b08df48431033.mspx?mfr=true). Any thoughts on this? TonyList info : 
http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: wikis

2006-10-05 Thread Matt Hargraves 
What's funny is that actual encyclopedias have almost the same level of accuracy as Wikipedia on any particular subject. Part of that is the fact that they're always 1-3+ years out of date when they are published and the other part is that many 'facts' are actually just theories and there are commonly conflicting theories or theories that have been around for 10+ years are assumed correct because the research that proved it wrong hadn't been made widely available to those who were part of the writing of the encyclopedia (or they don't trust the new evidence).
Either way, you should try and find multiple sources of information for any subject that you're not familiar with.On 10/5/06, Ramon Linan 
[EMAIL PROTECTED] wrote:Right, and remember there is not absolute truth!! :)
-Original Message-From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED]
] On Behalf Of Greg NimsSent: Thursday, October 05, 2006 11:49 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information,
 when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter??Anyone can edit, which is why they are generally correct.When 100,000
people view a record, and 2 people want to change it to be incorrect,999,998 will want to correct it.I wouldn't use a wiki as a great historical or technical source.Butfor encyclopedia entries, which give a good summation of a subject, they
are great.List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspxList info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Brian Desmond 








Set some auditing on the folder that this is happening in and
watch the security log for the relevant audits





Thanks,

Brian Desmond

[EMAIL PROTECTED]



c - 312.731.3132











From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of J B
Sent: Thursday, October 05, 2006 12:57 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Who keeps creating this folder  files?!









Argh!
On one of our file servers, there is a public directory that allows
any authenticated user to do anything within it (minus changing
permissions). MP3 files and folders appear there every so often and are
removed soon thereafter. Is there some way for me to tell who has created
these folders and MP3 files?











Every
time I check, no one is currently accessing the files - which would be an easy
way for me to know...

RE: [ActiveDir] OT: wikis

2006-10-05 Thread Greg Nims 



999,998 + 2 = 1,000,000, not 100,000. ;-)


good thing there are 998 on the list to correct me.  :)

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Kurt Falde 




Drop filemon on the box with a filter for mp3 and just let it stay running in a disconnected ts window would probably be one method.



Kurt Falde





From:
 [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
On Behalf Of J B
Sent: Thursday, October 05, 2006 12:57 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Who keeps creating this folder  files?!



Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions).
 MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files?





Every time I check, no one is currently accessing the files - which would be an easy way for me to know...

Re: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Za Vue 




Audit the folder. 

J B wrote:

  
  
  

  Argh! On one of our file servers,
there is a "public" directory that allows any authenticated user to do
anything within it (minus changing permissions). MP3 files and folders
appear there every so often and are removed soon thereafter. Is there
some way for me to tell who has created these folders and MP3 files?
  
  Every time I check, no one is
currently accessing the files - which would be an easy way for me to
know...

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Zvonimir Bilic 








Try this

http://www.watchdirectory.net/wdhelp/plugins/wdopAuditInfo.html













From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of J B
Sent: Thursday, October 05, 2006
12:57 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Who keeps
creating this folder  files?!







Argh! On one of our file servers, there is a
public directory that allows any authenticated user to do anything
within it (minus changing permissions). MP3 files and folders appear
there every so often and are removed soon thereafter. Is there some way
for me to tell who has created these folders and MP3 files?











Every time I check, no one is currently accessing the
files - which would be an easy way for me to know...

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Al Garrett 
Won't the ownership show up under the Security tab?



From: [EMAIL PROTECTED] on behalf of J B
Sent: Thu 10/5/2006 9:57 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Who keeps creating this folder  files?!


Argh!  On one of our file servers, there is a public directory that allows 
any authenticated user to do anything within it (minus changing permissions).  
MP3 files and folders appear there every so often and are removed soon 
thereafter.  Is there some way for me to tell who has created these folders and 
MP3 files?
 
Every time I check, no one is currently accessing the files - which would be an 
easy way for me to know...
winmail.dat

Re: [ActiveDir] what is the meaning of OT in front of the subject

2006-10-05 Thread Mark Parris 
I like to introduce debate ;-) whilst also highlighting the correct usage of 
i.e. and e.g.
Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Grillenmeier, Guido [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 13:03:23 
To:ActiveDir@mail.activedir.org ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject

While this thread is OT, I'd actually consider your example to be right 
on-topic ;-)

/Guido

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Thursday, October 05, 2006 4:28 PM
To: ActiveDir.org
Subject: Re: [ActiveDir] what is the meaning of OT in front of the subject

Off Topic i.e. the people on the list might know the answer but it's nothing to 
do with Active Directory.

e.g. What are the recommended Anti-Virus exclusions for a Domain Controller?

Mark

Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Ramon Linan [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 09:39:38
To:ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject

Some of the subjects have that OT preceding the subject, what's that?

Thanks
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] OT: wikis

2006-10-05 Thread Darren Mar-Elia 
You mean Jet Blue doesn't have TV on their flights??? 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Thursday, October 05, 2006 10:12 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] OT: wikis

Except when 99% of the common wisdom about something is wrong, like in the
case of ESE / JET Blue ... ;-)

Cheers,
-BrettSh

On Thu, 5 Oct 2006, Greg Nims wrote:

 
  It's funny how we quote wikis as definitive sources of information, 
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the 
  subject matter??
 
 Anyone can edit, which is why they are generally correct.  When 
 100,000 people view a record, and 2 people want to change it to be 
 incorrect,
 999,998 will want to correct it.
 
 I wouldn't use a wiki as a great historical or technical source.  But 
 for encyclopedia entries, which give a good summation of a subject, 
 they are great.
 
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

[ActiveDir] OT: LDAP and AD? Learn more from Gil Kirkpatrick - plus three bonus tracks!

2006-10-05 Thread Mark Parris 
 http://list.windowsitpro.com/t?ctl=3B222:40CB7 

Calling all Linux Gurus; UNIX Ninjas; Windows Masters and rubber chicken lovers


Just got this in my SPAM inbox.
Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: wikis

2006-10-05 Thread Al Mulnick 
Sure, but is that because the common wisdom is wrong or is it because there is not a definitive source of truthful information (such as decent documentation?) Could it be that a wiki is as good as it gets? Or could there be blog
entries that would give better information? Or perhaps accurate
documentation on some vendor website waiting to be read and understood?
Philosophical questions such as these can keep you up late at night you know. (-;On 10/5/06, Brett Shirley 
[EMAIL PROTECTED] wrote:Except when 99% of the common wisdom about something is wrong, like in the
case of ESE / JET Blue ... ;-)Cheers,-BrettShOn Thu, 5 Oct 2006, Greg Nims wrote:  It's funny how we quote wikis as definitive sources of information, when  they can be edited by anyone and everyone :)
   Who vets the edits and how much does that person know about the subject  matter?? Anyone can edit, which is why they are generally correct.When 100,000 people view a record, and 2 people want to change it to be incorrect,
 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source.But for encyclopedia entries, which give a good summation of a subject, they are great.
 List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspxList info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: wikis

2006-10-05 Thread Matt Hargraves 
I thought it was 9A:DOn 10/5/06, Laura A. Robinson [EMAIL PROTECTED] wrote:
999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: 
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis  It's funny how we quote wikis as definitive sources of information,
  when they can be edited by anyone and everyone :)   Who vets the edits and how much does that person know about the  subject matter?? Anyone can edit, which is why they are generally correct.
 When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source.But for encyclopedia entries, which give a good
 summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: 
http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspxList info : 
http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] OT: wikis

2006-10-05 Thread joe 
Well here it is Correct away. :)

http://en.wikipedia.org/wiki/Extensible_Storage_Engine
 


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm 
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Thursday, October 05, 2006 1:12 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] OT: wikis

Except when 99% of the common wisdom about something is wrong, like in the
case of ESE / JET Blue ... ;-)

Cheers,
-BrettSh

On Thu, 5 Oct 2006, Greg Nims wrote:

 
  It's funny how we quote wikis as definitive sources of information, when
  they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the subject
  matter??
 
 Anyone can edit, which is why they are generally correct.  When 100,000 
 people view a record, and 2 people want to change it to be incorrect, 
 999,998 will want to correct it.
 
 I wouldn't use a wiki as a great historical or technical source.  But for 
 encyclopedia entries, which give a good summation of a subject, they are 
 great.
 
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Laura A. Robinson 



1. 
Check the owner of the files
2. You 
may want to look at FSRMin Win2K3 R2; it allows you to restrict creation 
of files based on type, among other things.

http://www.microsoft.com/windowsserver2003/R2/storage/default.mspx

Laura

  
  
  From: [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED] On Behalf Of J 
  BSent: Thursday, October 05, 2006 12:57 PMTo: 
  ActiveDir@mail.activedir.orgSubject: [ActiveDir] Who keeps creating 
  this folder  files?!
  
  Argh! On one of our file servers, there is 
  a "public" directory that allows any authenticated user to do anything within 
  it (minus changing permissions). MP3 files and folders appear there 
  every so often and are removed soon thereafter. Is there some way for me 
  to tell who has created these folders and MP3 files?
  
  Every time I check, no one is currently accessing 
  the files - which would be an easy way for me to 
know...

[ActiveDir] Discovering LDAPS availability

2006-10-05 Thread David Loder 
Other than directly testing the 636 port on each DC,
can anyone suggest a method for an unprivledged client
to discover whether or not LDAPS should be available
on a specific DC?

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] OT: wikis

2006-10-05 Thread Ramon Linan 
OT
As I said before there is not universal truth , that is only truth if
you are using decimal system ;)

999,998 + 2 = 9b

;-)

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A.
Robinson
Sent: Thursday, October 05, 2006 12:55 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis

999,998 + 2 = 1,000,000, not 100,000. ;-) 

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: wikis
 
 
  It's funny how we quote wikis as definitive sources of information, 
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the 
  subject matter??
 
 Anyone can edit, which is why they are generally correct.  
 When 100,000 people view a record, and 2 people want to change it to 
 be incorrect,
 999,998 will want to correct it.
 
 I wouldn't use a wiki as a great historical or technical source.  But 
 for encyclopedia entries, which give a good summation of a subject, 
 they are great.
 
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Single forest with two domain trees to split up.

2006-10-05 Thread knighTslayer 
Thanks for your reply.  I understand what you say and I accept that
migrating DomainB is the only correct way forward.

After I have migrated DomainB to a new forest, I will collapse DomainB so
that only DomainA is left standing and therefore leave my original forest in
good shape.

Thanks and Regards
René

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of 
 Grillenmeier, Guido
 Sent: 05 October 2006 18:14
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Single forest with two domain trees 
 to splut up.
 
 The DomainB that you want to split off still needs the root 
 domain (DomainA) to work.
 
 So you can't just say screw DomainA and cut it off. You'll 
 need at least 1 (2 for redundancy) DCs of DomainA to remain 
 in the site you wish to split off. No problems to get rid of 
 DomainB in the site that keeps DomainA.
 
 There are still multiple risks with this approach as you 
 don't need direct connectivity for the folks in Site2 
 (DomainB) to do harm to your folks in Site1 (DomainA) - they 
 still have the same Enterprise Admins and local Admins SID in 
 the root domain and you can do a lot of things with a 
 notebook that travels between these sites...
 
 So ideally (and really the only way to do it safely from a 
 security standpoint) you're talking about a migration of your 
 DomainB objects to a new forest.
 
 /Guido
 
 
 
 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of knighTslayer
 Sent: Wednesday, October 04, 2006 11:10 PM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Single forest with two domain trees to splut up.
 
 Hello,
 
 This is my first post, so please forgive me if this question 
 has already been asked...
 
 I have a mixed AD forest with two domain trees.  Each domain 
 tree is located at a different geographical site, and sites 
 and services is configured to reflect this.  DomainA has the 
 namespace of 'logistics.ads' and DomainB has a namespace of 
 'finance.dom' The very first domain tree (DomainA) is a 
 Windows 2000 domain and the second domain tree (DomainB) is a 
 Windows 2003 domain.
 
 Finance.dom has been bought by a third party and I must split 
 the forest in two and resolve any issues that arises from 
 doing this.  As logistics.ads was the first domain in the 
 forest, it holds the Schema Master role and Domain naming master role.
 
 Exchange 2000 is installed at DomainA and Exchange 2003 is 
 installed in DomainB.  Administrative groups are used to 
 reflect the geographical topology of my set-up.  Each domain 
 has its own SMTP namespace and SMTP routing will not be a 
 problem as I can comfortably overcome this.  The GAL being 
 split and replaced with contacts is acceptable and I have no 
 issues at this level.
 
 The WAN connection between the domains will be removed and 
 the only means of communication between the two organisations 
 will be through SMTP routing through the internet and nothing 
 else.  No other application between the domains are in use, 
 besides Exchange.
 
 My current plan is to simply cut the link between the sites 
 and seize the roles that are missing from the newly split 
 domains - so in effect bringing up two forests.  Issues with 
 Exchange, ghosted servers in AD, and so on will be removed 
 using ADSI edit and NTDSutil.
 
 My main question is this: is there better technique I should 
 follow for splitting up a forest or am I on the right track?
 
 Thanks in advance
 René
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread J B 



I forgot tomention that we run an "rsync" on 
this directory that overwrites the file owner's name with the user under which 
this process runs...

  - Original Message - 
  From: 
  J 
  B 
  To: ActiveDir@mail.activedir.org 
  
  Sent: Thursday, October 05, 2006 9:57 
  AM
  Subject: [ActiveDir] Who keeps creating 
  this folder  files?!
  
  Argh! On one of our file servers, there is 
  a "public" directory that allows any authenticated user to do anything within 
  it (minus changing permissions). MP3 files and folders appear there 
  every so often and are removed soon thereafter. Is there some way for me 
  to tell who has created these folders and MP3 files?
  
  Every time I check, no one is currently accessing 
  the files - which would be an easy way for me to 
know...

Re: [ActiveDir] Who keeps creating this folder files?

2006-10-05 Thread Matt Hargraves 
Turn on security auditing.On 10/5/06, J B [EMAIL PROTECTED] wrote:







Argh! On one of our file servers, there is a 
public directory that allows any authenticated user to do anything within it 
(minus changing permissions). MP3 files and folders appear there every so 
often and are removed soon thereafter. Is there some way for me to tell 
who has created these folders and MP3 files?

Every time I check, no one is currently accessing 
the files - which would be an easy way for me to 
know...

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Scott, Anthony 








Install R2 and filter MP3s. ;)







Thanks,

Anthony Scott











From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kurt Falde
Sent: Thursday, October 05, 2006 2:19 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Who keeps creating this folder  files?!







Drop filemon on the box with a filter for mp3 and just let it stay
running in a disconnected ts window would probably be one method. 





Kurt Falde











From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of J B
Sent: Thursday, October 05, 2006 12:57 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Who keeps creating this folder  files?!







Argh!
On one of our file servers, there is a public directory that allows
any authenticated user to do anything within it (minus changing
permissions). MP3 files and folders appear there every so often and are
removed soon thereafter. Is there some way for me to tell who has created
these folders and MP3 files?











Every
time I check, no one is currently accessing the files - which would be an easy
way for me to know...

Re: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread J B 



I was hoping that there was some way to see who 
created it rather than wait until it happened again, or wait until someone 
accessed it...

I'll have to settle for the auditing 
though.

Thanks!

  - Original Message - 
  From: 
  Brian 
  Desmond 
  To: ActiveDir@mail.activedir.org 
  
  Sent: Thursday, October 05, 2006 11:14 
  AM
  Subject: RE: [ActiveDir] Who keeps 
  creating this folder  files?!
  
  
  Set 
  some auditing on the folder that this is happening in and watch the security 
  log for the relevant audits…
  
  
  Thanks,
  Brian 
  Desmond
  [EMAIL PROTECTED]
  
  c 
  - 312.731.3132
  
  
  
  
  From: 
  [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED] On Behalf Of J 
  BSent: Thursday, October 05, 2006 12:57 PMTo: ActiveDir@mail.activedir.orgSubject: 
  [ActiveDir] Who keeps creating this folder  
  files?!
  
  
  Argh! On one 
  of our file servers, there is a "public" directory that allows any 
  authenticated user to do anything within it (minus changing 
  permissions). MP3 files and folders appear there every so often and are 
  removed soon thereafter. Is there some way for me to tell who has 
  created these folders and MP3 files?
  
  
  
  Every time I check, 
  no one is currently accessing the files - which would be an easy way for me to 
  know...

Re: [ActiveDir] Not receiving email from this list

2006-10-05 Thread Mark Parris 

Mark Parris

Base IT Ltd
Active Directory Consultancy
Tel +44(0)7801 690596


-Original Message-
From: Tim Foster [EMAIL PROTECTED]
Date: Thu, 5 Oct 2006 09:24:25 
To:ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Not receiving email from this list

I get some; but many are blank (sometimes blank from Brian Desmond, always from 
Mark Parris).

 
On 10/5/06, Alex Alborzfard [EMAIL PROTECTED]: mailto:[EMAIL PROTECTED]  
wrote: I'm not getting emails from this list at my work email, starting last
Thursday. Has anyone else experienced the same thing? 

Alex

List info   : http://www.activedir.org/List.aspx: 
http://www.activedir.org/List.aspx 
List FAQ: http://www.activedir.org/ListFAQ.aspx: 
http://www.activedir.org/ListFAQ.aspx 
List archive: http://www.activedir.org/ml/threads.aspx: 
http://www.activedir.org/ml/threads.aspx 

 [EMAIL PROTECTED])

RE: [ActiveDir] MORE OT OT: wikis

2006-10-05 Thread Almeida Pinto, Jorge de 
only 10 types of people understand binary...
one type does understand and the other type does not understand
 
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
 
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : see sender address



From: [EMAIL PROTECTED] on behalf of joe
Sent: Thu 2006-10-05 20:22
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis



Careful, I recall a math professor in my differential equations class or
maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2
and it wasn't a numberical base trick

I didn't follow through it, I just closed my eyes and shook my head and
thought forward to my communications class as the sights were easier on the
eyes...

I still wonder why I went into a field with such a high ratio of men to
women... :)


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson
Sent: Thursday, October 05, 2006 12:55 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis

999,998 + 2 = 1,000,000, not 100,000. ;-)

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: wikis


  It's funny how we quote wikis as definitive sources of information,
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the
  subject matter??

 Anyone can edit, which is why they are generally correct. 
 When 100,000 people view a record, and 2 people want to
 change it to be incorrect,
 999,998 will want to correct it.

 I wouldn't use a wiki as a great historical or technical
 source.  But for encyclopedia entries, which give a good
 summation of a subject, they are great.


 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx




This e-mail and any attachment is for authorised use by the intended 
recipient(s) only. It may contain proprietary material, confidential 
information and/or be subject to legal privilege. It should not be copied, 
disclosed to, retained or used by, any other party. If you are not an intended 
recipient then please promptly delete this e-mail and any attachment and all 
copies and inform the sender. Thank you.
winmail.dat

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Thommes, Michael M. 








Try FileNotify 
freeware at http://www.xtware.com/



Mike Thommes











From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Kurt Falde
Sent: Thursday, October 05, 2006
1:19 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Who keeps
creating this folder  files?!





Drop filemon on the box with a filter for
mp3 and just let it stay running in a disconnected ts window would probably be
one method. 





Kurt Falde











From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of J B
Sent: Thursday, October 05, 2006
12:57 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Who keeps
creating this folder  files?!







Argh! On one of our file servers, there is a
public directory that allows any authenticated user to do anything
within it (minus changing permissions). MP3 files and folders appear
there every so often and are removed soon thereafter. Is there some way
for me to tell who has created these folders and MP3 files?











Every time I check, no one is currently accessing the
files - which would be an easy way for me to know...

Re: [ActiveDir] OT: wikis

2006-10-05 Thread Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] 

OT still

The next version of Sharepoint includes wikis and blogs

.. how many are internalizing all this good AD/ESE/Jetblue stuff in your 
own internal orgs and wiki/blogging/podcasting this stuff internally?


Al Mulnick wrote:
Sure, but is that because the common wisdom is wrong or is it because 
there is not a definitive source of truthful information (such as 
decent documentation?)


Could it be that a wiki is as good as it gets? Or could there be blog 
entries that would give better information?  Or perhaps accurate 
documentation on some vendor website waiting to be read and understood?


Philosophical questions such as these can keep you up late at night 
you know. (-;




On 10/5/06, *Brett Shirley*  [EMAIL PROTECTED] 
mailto:[EMAIL PROTECTED] wrote:


Except when 99% of the common wisdom about something is wrong,
like in the
case of ESE / JET Blue ... ;-)

Cheers,
-BrettSh

On Thu, 5 Oct 2006, Greg Nims wrote:


  It's funny how we quote wikis as definitive sources of
information, when
  they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about
the subject
  matter??

 Anyone can edit, which is why they are generally correct.  When
100,000
 people view a record, and 2 people want to change it to be
incorrect,
 999,998 will want to correct it.

 I wouldn't use a wiki as a great historical or technical
source.  But for
 encyclopedia entries, which give a good summation of a subject,
they are
 great.


 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx


List info   : http://www.activedir.org/List.aspx
http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx




--
Letting your vendors set your risk analysis these days?  
http://www.threatcode.com


If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will 
hunt you down...
http://blogs.technet.com/sbs

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir]OT:OT: OT

2006-10-05 Thread Laura A. Robinson 
Diffie-qs ptooey ptooey

How come everybody's so loopy today, anyway?

Laura

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of joe
 Sent: Thursday, October 05, 2006 2:22 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] OT: wikis
 
 Careful, I recall a math professor in my differential 
 equations class or maybe it was higher throwing a proof up on 
 the board showing that 1 + 1 != 2 and it wasn't a numberical 
 base trick 
 
 I didn't follow through it, I just closed my eyes and shook 
 my head and thought forward to my communications class as the 
 sights were easier on the eyes... 
 
 I still wonder why I went into a field with such a high ratio 
 of men to women... :)
 
 
 --
 O'Reilly Active Directory Third Edition - 
 http://www.joeware.net/win/ad3e.htm 
  
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of 
 Laura A. Robinson
 Sent: Thursday, October 05, 2006 12:55 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] OT: wikis
 
 999,998 + 2 = 1,000,000, not 100,000. ;-) 
 
  -Original Message-
  From: [EMAIL PROTECTED]
  [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
  Sent: Thursday, October 05, 2006 11:49 AM
  To: ActiveDir@mail.activedir.org
  Subject: [ActiveDir] OT: wikis
  
  
   It's funny how we quote wikis as definitive sources of 
 information, 
   when they can be edited by anyone and everyone :)
  
   Who vets the edits and how much does that person know about the 
   subject matter??
  
  Anyone can edit, which is why they are generally correct.  
  When 100,000 people view a record, and 2 people want to 
 change it to 
  be incorrect,
  999,998 will want to correct it.
  
  I wouldn't use a wiki as a great historical or technical 
 source.  But 
  for encyclopedia entries, which give a good summation of a subject, 
  they are great.
  
  
  List info   : http://www.activedir.org/List.aspx
  List FAQ: http://www.activedir.org/ListFAQ.aspx
  List archive: http://www.activedir.org/ml/threads.aspx
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] OT: wikis

2006-10-05 Thread Crawford, Scott 
From: http://www.jimloy.com/algebra/two.htm

 a = x[true for some a's and x's]
   a+a = a+x  [add a to both sides]
2a = a+x  [a+a = 2a]
 2a-2x = a+x-2x   [subtract 2x from both sides]
2(a-x) = a+x-2x   [2a-2x = 2(a-x)]
2(a-x) = a-x  [x-2x = -x]
 2 = 1[divide both sides by a-x]


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, October 05, 2006 1:22 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis

Careful, I recall a math professor in my differential equations class or
maybe it was higher throwing a proof up on the board showing that 1 + 1
!= 2
and it wasn't a numberical base trick 

I didn't follow through it, I just closed my eyes and shook my head and
thought forward to my communications class as the sights were easier on
the
eyes... 

I still wonder why I went into a field with such a high ratio of men to
women... :)


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm 
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A.
Robinson
Sent: Thursday, October 05, 2006 12:55 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis

999,998 + 2 = 1,000,000, not 100,000. ;-) 

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: wikis
 
 
  It's funny how we quote wikis as definitive sources of information, 
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the 
  subject matter??
 
 Anyone can edit, which is why they are generally correct.  
 When 100,000 people view a record, and 2 people want to 
 change it to be incorrect,
 999,998 will want to correct it.
 
 I wouldn't use a wiki as a great historical or technical 
 source.  But for encyclopedia entries, which give a good 
 summation of a subject, they are great.
 
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Laura A. Robinson 



Okay, 
then I'd recommend item #2 in my last response- rather than spending a bunch of 
time trying to figure out who's doing it (which could be multiple people), why 
not just prevent it in the first place? :-)

Laura

  
  
  From: [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED] On Behalf Of J 
  BSent: Thursday, October 05, 2006 4:13 PMTo: 
  ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Who keeps 
  creating this folder  files?!
  
  I forgot tomention that we run an "rsync" 
  on this directory that overwrites the file owner's name with the user under 
  which this process runs...
  
- Original Message - 
From: 
J B 
To: ActiveDir@mail.activedir.org 

Sent: Thursday, October 05, 2006 9:57 
AM
Subject: [ActiveDir] Who keeps creating 
this folder  files?!

Argh! On one of our file servers, there 
is a "public" directory that allows any authenticated user to do anything 
within it (minus changing permissions). MP3 files and folders appear 
there every so often and are removed soon thereafter. Is there some 
way for me to tell who has created these folders and MP3 files?

Every time I check, no one is currently 
accessing the files - which would be an easy way for me to 
know...

[ActiveDir] OT: recent MS updates changed Exchange SMTP servers?

2006-10-05 Thread Michael Miller 
We use Exchange 2003 running on Win2k3 server Standard Edition strictly 
for distribution groups where all user objects have external SMTP 
addresses - no Exchange mailboxes, etc.  We have a simple single forest, 
single site AD Win2k R2 domain.


A message addressed to one of our AD distribution groups 
([EMAIL PROTECTED])  results in an out bound message with multiple 
RCPT TO entries.


With very few exceptions,  the external email addresses are for the main 
campus domain ([EMAIL PROTECTED]).


This worked well since implementation in February 2006. Lately, there 
have been considerable delays in the UIUC campus domain servers 
accepting these messages in a timely manner. There have been no 
intentional changes to our Exchange server other than the application of 
patch Tuesday updates and, after becoming aware of these delays, 
changing the SMTP connection timeout from the default 10 minutes, to 30, 
then to 45 and now to 120 minutes.


Do any of you Exchange gurus know of any recent MS updates that would 
have changed anything regarding outbound connections with the Exchange 
SMTP server?


I suspect the problem is not on our end but don't want to start pointing 
fingers without some assurance that nothing has changed here.


TIA,

-mjm


--
Michael J. Miller
Computing Services
College of Veterinary Medicine
University of Illinois at Urbana-Champaign

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Not receiving email from this list

2006-10-05 Thread Tim Foster 
Sorry, Mark - but that was blank!
On 10/5/06, Mark Parris [EMAIL PROTECTED] wrote:

RE: [ActiveDir] Who keeps creating this folder files?!

2006-10-05 Thread Laura A. Robinson 



Okay, 
this is now my third time recommending FSRM in response to this query; are my 
replies not getting through to the list? *Seriously*, just address the 
issueby using FSRM and not allowing .mp3 files to be saved on the server 
in the first place. If anybody complains, you'll have your culprit, to boot. 
:-)

If the 
link is needed again, please let me know.

Laura

  
  
  From: [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED] On Behalf Of J 
  BSent: Thursday, October 05, 2006 4:58 PMTo: 
  ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Who keeps 
  creating this folder  files?!
  
  I was hoping that there was some way to see who 
  created it rather than wait until it happened again, or wait until someone 
  accessed it...
  
  I'll have to settle for the auditing 
  though.
  
  Thanks!
  
- Original Message - 
From: 
Brian 
Desmond 
To: ActiveDir@mail.activedir.org 

Sent: Thursday, October 05, 2006 11:14 
AM
Subject: RE: [ActiveDir] Who keeps 
creating this folder  files?!


Set 
some auditing on the folder that this is happening in and watch the security 
log for the relevant audits


Thanks,
Brian 
Desmond
[EMAIL PROTECTED]

c 
- 312.731.3132




From: 
[EMAIL PROTECTED] 
[mailto:[EMAIL PROTECTED] On Behalf Of J 
BSent: Thursday, October 05, 2006 12:57 PMTo: ActiveDir@mail.activedir.orgSubject: 
[ActiveDir] Who keeps creating this folder  
files?!


Argh! On 
one of our file servers, there is a "public" directory that allows any 
authenticated user to do anything within it (minus changing 
permissions). MP3 files and folders appear there every so often and 
are removed soon thereafter. Is there some way for me to tell who has 
created these folders and MP3 files?



Every time I 
check, no one is currently accessing the files - which would be an easy way 
for me to 
know...

Re: [ActiveDir] Discovering LDAPS availability

2006-10-05 Thread Joe Kaplan 
There isn't really a way to do it without attempting to connect.  Also, 
remember that SSL has to be negotiated between the client and server.  The 
server may be perfectly capable of doing SSL, but if the client doesn't 
trust the server's certificate or attempts to contact the server with a name 
that does not match the name of the server in the certificate, the client 
may choose to reject the attempt to connect via SSL, whereas another client 
might not have the same objections.


You have to try it.

Also, the DC doesn't publish anything that you can query, say via RootDSE, 
to state whether it supports LDAPS or not (at least nothing that I've every 
heard of...).


Joe K.

- Original Message - 
From: David Loder [EMAIL PROTECTED]

To: ActiveDir@mail.activedir.org
Sent: Thursday, October 05, 2006 2:56 PM
Subject: [ActiveDir] Discovering LDAPS availability



Other than directly testing the 636 port on each DC,
can anyone suggest a method for an unprivledged client
to discover whether or not LDAPS should be available
on a specific DC?

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx 


List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: wikis

2006-10-05 Thread Al Mulnick 
Which do you want to know about - the internalizing it or sharing it? And of course, since we don't have it (as noted earlier by Mr Shirley (aka former garage door operator of building 7), anything internalized is suspect anyway right? 


A perfectionist would say that the information should be purged, although I shudder at the thought of what that would mean if it's in my head :)

I have no problem sharing that type of information with anyone that would listen and could stay awake long enough to get into the second sentence. Others can go read about it. 


On 10/5/06, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [EMAIL PROTECTED] wrote:
OT stillThe next version of Sharepoint includes wikis and blogs.. how many are internalizing all this good AD/ESE/Jetblue stuff in your
own internal orgs and wiki/blogging/podcasting this stuff internally?Al Mulnick wrote: Sure, but is that because the common wisdom is wrong or is it because there is not a definitive source of truthful information (such as
 decent documentation?) Could it be that a wiki is as good as it gets? Or could there be blog entries that would give better information?Or perhaps accurate documentation on some vendor website waiting to be read and understood?
 Philosophical questions such as these can keep you up late at night you know. (-; On 10/5/06, *Brett Shirley*  
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Except when 99% of the common wisdom about something is wrong,
 like in the case of ESE / JET Blue ... ;-) Cheers, -BrettSh On Thu, 5 Oct 2006, Greg Nims wrote:It's funny how we quote wikis as definitive sources of
 information, when   they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject
   matter??   Anyone can edit, which is why they are generally correct.When 100,000  people view a record, and 2 people want to change it to be
 incorrect,  999,998 will want to correct it.   I wouldn't use a wiki as a great historical or technical source.But for  encyclopedia entries, which give a good summation of a subject,
 they are  great.List info : http://www.activedir.org/List.aspx  List FAQ: 
http://www.activedir.org/ListFAQ.aspx http://www.activedir.org/ListFAQ.aspx  List archive: 
http://www.activedir.org/ml/threads.aspx  List info : http://www.activedir.org/List.aspx
 http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx--Letting your vendors set your risk analysis these days?
http://www.threatcode.comIf you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down...http://blogs.technet.com/sbsList info : 
http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: 
http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Major screwup on AD for my company - Can't install AD on remote server now

2006-10-05 Thread Al Mulnick 
My first instinct is to say please step away from the keyboard but that's just to make me chuckle. :)

It looks like the old server, FTP1 was configured as a time server? Or was it an AD domain controller? 

The answer to that guides the rest of the conversation, but the best thing to do regardless is to flatten the Sweden server. Rebuild it completely with a new name and everything. Because you're not sure of the state, be sure to get a backup should you need it. 


If everything else is fine, then you'll want to rebuild that server, rejoin it to the appropriate domain and let it settle. Before you continue, you'll want to ensure that everything else is in good shape including dns, replication and authentication at a minimum. 


DNS would be my primary concern at this point. Don't mess with the forest, domain or any of the other pieces if you can help it. Upgrading the forest functional level or the domain functional level is not something you want to just walk out and pull the trigger on without understanding what it means and what the implications are. 


Al
On 10/5/06, Steve Egan (Temp) [EMAIL PROTECTED] wrote:
I'm the System/Network Engineer for Purcell Systems, and I'm afraid I'vescrewed the pooch on my network. Here's how:
Shut down an antiquated FTP server after transferring files to the newFTP server.The old one's OS was Win2K, the new one is Win2003.I *did not* do anything to AD at the time this occurred.
A day before I started working here (8/8/06) the server in Sweden wasrebuilt by a local consultant.Hardware failure.He rebuilt from baremetal, and set up the DNS and AD incorrectly.The end result was a
server sitting in its own domain.DNS was somehow told to replicate tothe server, and was working fine.I next tried to put/rename/move the Sweden server into the Purcell.com
domain.Oops, have to upgrade out of Win2000 mixed mode.No problem,I'll just transfer the AD, DNS, and PDC to a master machine runningWin2003 and have lotsa machines (okay, one or two) running as PDCs and
alternate DNS and AD, right?Here's where the pooch got this way - I'm a n00b when it comes to AD,and somehow in the transfer of functions I've messed up the domainsomething fierce.AD and DNS work just fine (replicate) on the USA and
Poland servers, but I tried upgrading the Sweden server to the forestand things got cranky - it wouldn't upgrade because it swore up and downthat the domain was still in pre-Win2003 mode.In frustration, I tore
down DNS and AD on the Sweden server, and rebuilt them - not an easytask by remote control...The DNS rebuilt just peachy on the Sweden server, but when I go toinstall AD on it, it tells me that the domain ain't ready for prime time
- I have to run adprep on the domain.I ran adprep the first time, andeverything appeared to work just fine.Subsequent attempts are rebuffed- I've already prepared the domain, it tells me.The Sweden server just
refuses to accept that the AD in the domain is Win2003 mode.I'vechecked - it's mode 2 on all the AD machines.The necessary containersfor a Win2003 AD have been built!SOMEthing is preventing the ADPREP
from executing properly.Here's a partial log entry from the Swedenserver (adprep.log?):10/05 01:34:26 [INFO] Searching for a domain controller for the domain
PURCELLSYSTEMS.COM that contains the account PURCELLABSWE$10/05 01:34:27[INFO] Located domain controller FTP1.PURCELLSYSTEMS.COM
 for domainPURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Using site PURCELLSYSTEMS forserver \\FTP1.PURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Forcing time sync10/05 01:34:27 [INFO] Forcing a time synch with\\FTP1.PURCELLSYSTEMS.COM10/05 01:34:29 [ERROR] Failed to get the
current time on \\FTP1.PURCELLSYSTEMS.COM: 510/05 01:34:29 [ERROR] NON-FATAL error forcing a time sync (5).Ignoring10/05 01:34:32 [INFO] Stopping service NETLOGON10/05 01:34:32 [INFO]Stopping service NETLOGON10/05 01:35:32 [INFO] Configuring service
NETLOGON to 1 returned 010/05 01:35:32 [INFO] Stopped NETLOGON10/05 01:35:32 [INFO] Deleting current sysvol path C:\WINDOWS\SYSVOL10/05 01:35:36 [INFO] Created system volume path10/05 01:35:36 [INFO] Copying initial Directory Service database file
C:\WINDOWS\system32\ntds.dit to C:\WINDOWS\NTDS\ntds.dit10/05 01:35:36[INFO] Installing the Directory Service10/05 01:35:36 [INFO] CallingNtdsInstall for PURCELLSYSTEMS.COM
10/05 01:35:36 [INFO] Starting Active Directory installation10/05 01:35:36 [INFO] Validating user supplied options10/05 01:35:36 [INFO] Determining a site in which to install10/05 01:35:36 [INFO] Examining an existing Active Directory forest
10/05 01:35:40 [INFO] Error - The Active Directory Installation Wizardcannot continue because the forest is not prepared for installingWindows Server 2003. Use the Adprep command-line tool to prepare boththe forest and the domain. For more information about using the Adprep,
see Active Directory Help. (8467)10/05 01:35:40 [INFO] NtdsInstall for

RE: [ActiveDir] Major screwup on AD for my company - Can't install AD on remote server now

2006-10-05 Thread Almeida Pinto, Jorge de 
are you by any chance trying to promote a R2 DC? If yes, use ADPREP from the 
SECOND CD from the R2 distribution set
 
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
 
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : see sender address



From: [EMAIL PROTECTED] on behalf of Steve Egan (Temp)
Sent: Thu 2006-10-05 22:25
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Major screwup on AD for my company - Can't install AD on 
remote server now



I'm the System/Network Engineer for Purcell Systems, and I'm afraid I've
screwed the pooch on my network. Here's how:

Shut down an antiquated FTP server after transferring files to the new
FTP server.  The old one's OS was Win2K, the new one is Win2003.

I *did not* do anything to AD at the time this occurred.

A day before I started working here (8/8/06) the server in Sweden was
rebuilt by a local consultant.  Hardware failure.  He rebuilt from bare
metal, and set up the DNS and AD incorrectly.  The end result was a
server sitting in its own domain.  DNS was somehow told to replicate to
the server, and was working fine.

I next tried to put/rename/move the Sweden server into the Purcell.com
domain.  Oops, have to upgrade out of Win2000 mixed mode.  No problem,
I'll just transfer the AD, DNS, and PDC to a master machine running
Win2003 and have lotsa machines (okay, one or two) running as PDCs and
alternate DNS and AD, right?

Here's where the pooch got this way - I'm a n00b when it comes to AD,
and somehow in the transfer of functions I've messed up the domain
something fierce.  AD and DNS work just fine (replicate) on the USA and
Poland servers, but I tried upgrading the Sweden server to the forest
and things got cranky - it wouldn't upgrade because it swore up and down
that the domain was still in pre-Win2003 mode.  In frustration, I tore
down DNS and AD on the Sweden server, and rebuilt them - not an easy
task by remote control...

The DNS rebuilt just peachy on the Sweden server, but when I go to
install AD on it, it tells me that the domain ain't ready for prime time
- I have to run adprep on the domain.  I ran adprep the first time, and
everything appeared to work just fine.  Subsequent attempts are rebuffed
- I've already prepared the domain, it tells me.  The Sweden server just
refuses to accept that the AD in the domain is Win2003 mode.  I've
checked - it's mode 2 on all the AD machines.  The necessary containers
for a Win2003 AD have been built!  SOMEthing is preventing the ADPREP
from executing properly.  Here's a partial log entry from the Sweden
server (adprep.log?):

10/05 01:34:26 [INFO] Searching for a domain controller for the domain
PURCELLSYSTEMS.COM that contains the account PURCELLABSWE$10/05 01:34:27
[INFO] Located domain controller FTP1.PURCELLSYSTEMS.COM for domain
PURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Using site PURCELLSYSTEMS for
server \\FTP1.PURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Forcing time sync
10/05 01:34:27 [INFO] Forcing a time synch with
\\FTP1.PURCELLSYSTEMS.COM10/05 01:34:29 [ERROR] Failed to get the
current time on \\FTP1.PURCELLSYSTEMS.COM: 5
10/05 01:34:29 [ERROR] NON-FATAL error forcing a time sync (5).
Ignoring
10/05 01:34:32 [INFO] Stopping service NETLOGON10/05 01:34:32 [INFO]
Stopping service NETLOGON10/05 01:35:32 [INFO] Configuring service
NETLOGON to 1 returned 0
10/05 01:35:32 [INFO] Stopped NETLOGON
10/05 01:35:32 [INFO] Deleting current sysvol path C:\WINDOWS\SYSVOL
10/05 01:35:36 [INFO] Created system volume path
10/05 01:35:36 [INFO] Copying initial Directory Service database file
C:\WINDOWS\system32\ntds.dit to C:\WINDOWS\NTDS\ntds.dit10/05 01:35:36
[INFO] Installing the Directory Service10/05 01:35:36 [INFO] Calling
NtdsInstall for PURCELLSYSTEMS.COM
10/05 01:35:36 [INFO] Starting Active Directory installation
10/05 01:35:36 [INFO] Validating user supplied options
10/05 01:35:36 [INFO] Determining a site in which to install
10/05 01:35:36 [INFO] Examining an existing Active Directory forest
10/05 01:35:40 [INFO] Error - The Active Directory Installation Wizard
cannot continue because the forest is not prepared for installing
Windows Server 2003. Use the Adprep command-line tool to prepare both
the forest and the domain. For more information about using the Adprep,
see Active Directory Help. (8467)
10/05 01:35:40 [INFO] NtdsInstall for PURCELLSYSTEMS.COM returned 8467
10/05 01:35:40 [INFO] DsRolepInstallDs returned 8467
10/05 01:35:40 [ERROR] Failed to install to Directory Service (8467)
10/05 01:35:49 [INFO] Starting service NETLOGON10/05 01:35:49 [INFO]
Configuring service NETLOGON to 2 returned 0
10/05 01:35:49 [INFO] The attempted domain controller operation has
completed10/05 01:35:49 [INFO] DsRolepSetOperationDone returned 0

RE: [ActiveDir] MORE OT OT: wikis

2006-10-05 Thread Laura A. Robinson 
There are two types of people in the world- those who understand binary and
those who don't.
 
That's what the t-shirt I got for my birthday says, anyway. :-)
 
Laura


  _  

From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge de
Sent: Thursday, October 05, 2006 5:03 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] MORE OT OT: wikis


only 10 types of people understand binary...
one type does understand and the other type does not understand
 

Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
 
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : see sender address

  _  

From: [EMAIL PROTECTED] on behalf of joe
Sent: Thu 2006-10-05 20:22
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis



Careful, I recall a math professor in my differential equations class or
maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2
and it wasn't a numberical base trick

I didn't follow through it, I just closed my eyes and shook my head and
thought forward to my communications class as the sights were easier on the
eyes...

I still wonder why I went into a field with such a high ratio of men to
women... :)


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson
Sent: Thursday, October 05, 2006 12:55 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis

999,998 + 2 = 1,000,000, not 100,000. ;-)

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: wikis


  It's funny how we quote wikis as definitive sources of information,
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the
  subject matter??

 Anyone can edit, which is why they are generally correct. 
 When 100,000 people view a record, and 2 people want to
 change it to be incorrect,
 999,998 will want to correct it.

 I wouldn't use a wiki as a great historical or technical
 source.  But for encyclopedia entries, which give a good
 summation of a subject, they are great.


 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx


This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.


attachment: winmail.dat

RE: [ActiveDir] MORE OT OT: wikis

2006-10-05 Thread Laura A. Robinson 
AAARGH! TEN types! TEN!
 
I need a nap. 


  _  

From: Laura A. Robinson [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 05, 2006 8:34 PM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] MORE OT OT: wikis


There are two types of people in the world- those who understand binary and
those who don't.
 
That's what the t-shirt I got for my birthday says, anyway. :-)
 
Laura


  _  

From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge de
Sent: Thursday, October 05, 2006 5:03 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] MORE OT OT: wikis


only 10 types of people understand binary...
one type does understand and the other type does not understand
 

Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
 
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : see sender address

  _  

From: [EMAIL PROTECTED] on behalf of joe
Sent: Thu 2006-10-05 20:22
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis



Careful, I recall a math professor in my differential equations class or
maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2
and it wasn't a numberical base trick

I didn't follow through it, I just closed my eyes and shook my head and
thought forward to my communications class as the sights were easier on the
eyes...

I still wonder why I went into a field with such a high ratio of men to
women... :)


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson
Sent: Thursday, October 05, 2006 12:55 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis

999,998 + 2 = 1,000,000, not 100,000. ;-)

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: wikis


  It's funny how we quote wikis as definitive sources of information,
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the
  subject matter??

 Anyone can edit, which is why they are generally correct. 
 When 100,000 people view a record, and 2 people want to
 change it to be incorrect,
 999,998 will want to correct it.

 I wouldn't use a wiki as a great historical or technical
 source.  But for encyclopedia entries, which give a good
 summation of a subject, they are great.


 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx


This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.


attachment: winmail.dat

RE: [ActiveDir] MORE OT OT: wikis

2006-10-05 Thread Laura A. Robinson 
TRIPLE AAARGH!!! 
 
10! 10!
 
I give up; I'm dain bramaged today.


  _  

From: Laura A. Robinson [mailto:[EMAIL PROTECTED] 
Sent: Thursday, October 05, 2006 8:34 PM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] MORE OT OT: wikis


There are two types of people in the world- those who understand binary and
those who don't.
 
That's what the t-shirt I got for my birthday says, anyway. :-)
 
Laura


  _  

From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge de
Sent: Thursday, October 05, 2006 5:03 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] MORE OT OT: wikis


only 10 types of people understand binary...
one type does understand and the other type does not understand
 

Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
 
LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : see sender address

  _  

From: [EMAIL PROTECTED] on behalf of joe
Sent: Thu 2006-10-05 20:22
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis



Careful, I recall a math professor in my differential equations class or
maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2
and it wasn't a numberical base trick

I didn't follow through it, I just closed my eyes and shook my head and
thought forward to my communications class as the sights were easier on the
eyes...

I still wonder why I went into a field with such a high ratio of men to
women... :)


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson
Sent: Thursday, October 05, 2006 12:55 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: wikis

999,998 + 2 = 1,000,000, not 100,000. ;-)

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
 Sent: Thursday, October 05, 2006 11:49 AM
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] OT: wikis


  It's funny how we quote wikis as definitive sources of information,
  when they can be edited by anyone and everyone :)
 
  Who vets the edits and how much does that person know about the
  subject matter??

 Anyone can edit, which is why they are generally correct. 
 When 100,000 people view a record, and 2 people want to
 change it to be incorrect,
 999,998 will want to correct it.

 I wouldn't use a wiki as a great historical or technical
 source.  But for encyclopedia entries, which give a good
 summation of a subject, they are great.


 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx


This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.


attachment: winmail.dat

RE: [ActiveDir] Discovering LDAPS availability

2006-10-05 Thread joe 
LDAPS records aren't published by DCs, only LDAP records. I can assure you
if it were that easy, David wouldn't have had an issue. From what I have
seen, if a secure LDAP connection is required, the internal routines from
MSFT simply locate a DC and go to the port. If LDAPS isn't hot, the
connection is dropped with server down error.


--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm 
 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, October 05, 2006 6:28 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Discovering LDAPS availability

Couldn't you just query the DNS for the SRV record advertising it...

Matt Duguid
Systems Engineer for Identity Services
Department of Internal Affairs

Phone: +64 4 4748028 (wellington)
Mobile: +64 21 1713290
Fax: +64 4 4748894
Address: Level 4, 47 Boulcott Street, Wellington CBD
E-mail: [EMAIL PROTECTED]
Web: http://www.dia.govt.nz/



|-+--
| |  |
| |  |
| |  |
| |   David Loder|
| |   [EMAIL PROTECTED] |
| |   Sent by:   |
| |   [EMAIL PROTECTED]|
| |   tivedir.org|
| |  |
| |  |
| |   06/10/2006 08:56 a.m.  |
| |   Please respond to  |
| |   ActiveDir  |
| |  |
|-+--
 
---
---|
  |
|
  |To:  ActiveDir@mail.activedir.org
|
  |cc:
|
  |Subject: [ActiveDir] Discovering LDAPS availability
|
 
---
---|


Other than directly testing the 636 port on each DC,
can anyone suggest a method for an unprivledged client
to discover whether or not LDAPS should be available
on a specific DC?

__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx



List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: recent MS updates changed Exchange SMTP servers?

2006-10-05 Thread Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] 
You Had Me At EHLO... : New Exchange fixes may disrupt Blackberry, 
Goodlink and other services:

http://msexchangeteam.com/archive/2006/04/28/426707.aspx
Users cannot send e-mail messages from a mobile device or from a shared 
mailbox in Exchange 2000 Server and in Exchange Server 2003:

http://support.microsoft.com/kb/912918

I think June was when these changes impacted the security patches?


Michael Miller wrote:
We use Exchange 2003 running on Win2k3 server Standard Edition 
strictly for distribution groups where all user objects have external 
SMTP addresses - no Exchange mailboxes, etc.  We have a simple single 
forest, single site AD Win2k R2 domain.


A message addressed to one of our AD distribution groups 
([EMAIL PROTECTED])  results in an out bound message with 
multiple RCPT TO entries.


With very few exceptions,  the external email addresses are for the 
main campus domain ([EMAIL PROTECTED]).


This worked well since implementation in February 2006. Lately, there 
have been considerable delays in the UIUC campus domain servers 
accepting these messages in a timely manner. There have been no 
intentional changes to our Exchange server other than the application 
of patch Tuesday updates and, after becoming aware of these delays, 
changing the SMTP connection timeout from the default 10 minutes, to 
30, then to 45 and now to 120 minutes.


Do any of you Exchange gurus know of any recent MS updates that would 
have changed anything regarding outbound connections with the Exchange 
SMTP server?


I suspect the problem is not on our end but don't want to start 
pointing fingers without some assurance that nothing has changed here.


TIA,

-mjm




--
Letting your vendors set your risk analysis these days?  
http://www.threatcode.com


If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will 
hunt you down...
http://blogs.technet.com/sbs

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Who keeps creating this folder files?

2006-10-05 Thread Matt Hargraves 
Magic 8 ball?Security event logs are great things, learning how to search them for the right data can be invaluable and increase the security at your company drastically. It will mean that instead of saying Who did this?, you will know who did it. Instead of going When did that happen?, you'll know when it happened.
Unfortunately, you end up having to almost export your event logs to another location to make them searchable on active systems. The only bad part is that, once you get the data, you find yourself sitting there going Oh, that script did it... or worse - I did it?! or something similar. 95% of the time something where you're going Oh yeah, I'm gonna get them this time, you realize that there isn't anyone to get. After a little while you'll stop expecting to 'get them' this time and go OK, what do I need to fix this time and kinda dread the idea of it being someone doing something wrong and hope it's just something that you can fix in 10 minutes because it someone did something wrong, then you have to spend 2-4 hours in meetings discussing why they did it, how they did it, how to avoid it happening again, etc
On 10/5/06, J B [EMAIL PROTECTED] wrote:







I was hoping that there was some way to see who 
created it rather than wait until it happened again, or wait until someone 
accessed it...

I'll have to settle for the auditing 
though.

Thanks!

  - Original Message - 
  
From: 
  Brian 
  Desmond 
  To: 
ActiveDir@mail.activedir.org 
  
  Sent: Thursday, October 05, 2006 11:14 
  AM
  Subject: RE: [ActiveDir] Who keeps 
  creating this folder  files?!
  
  
  Set 
  some auditing on the folder that this is happening in and watch the security 
  log for the relevant audits…
  
  
  Thanks,
  Brian 
  Desmond
  [EMAIL PROTECTED]
  
  c 
  - 312.731.3132
  
  
  
  
  From: 
  [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED]] On Behalf Of J 
  BSent: Thursday, October 05, 2006 12:57 PMTo: ActiveDir@mail.activedir.org
Subject: 
  [ActiveDir] Who keeps creating this folder  
  files?!
  
  
  Argh! On one 
  of our file servers, there is a public directory that allows any 
  authenticated user to do anything within it (minus changing 
  permissions). MP3 files and folders appear there every so often and are 
  removed soon thereafter. Is there some way for me to tell who has 
  created these folders and MP3 files?
  
  
  
  Every time I check, 
  no one is currently accessing the files - which would be an easy way for me to 
  know...

RE: [ActiveDir] MORE OT OT: wikis

2006-10-05 Thread Brett Shirley 

There are three types of mathematicians, those who
can count, and those who can't.

On Thu, 5 Oct 2006, Laura A. Robinson wrote:

 TRIPLE AAARGH!!! 
  
 10! 10!
  
 I give up; I'm dain bramaged today.
 
 
   _  
 
 From: Laura A. Robinson [mailto:[EMAIL PROTECTED] 
 Sent: Thursday, October 05, 2006 8:34 PM
 To: 'ActiveDir@mail.activedir.org'
 Subject: RE: [ActiveDir] MORE OT OT: wikis
 
 
 There are two types of people in the world- those who understand binary and
 those who don't.
  
 That's what the t-shirt I got for my birthday says, anyway. :-)
  
 Laura
 
 
   _  
 
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
 Jorge de
 Sent: Thursday, October 05, 2006 5:03 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] MORE OT OT: wikis
 
 
 only 10 types of people understand binary...
 one type does understand and the other type does not understand
  
 
 Met vriendelijke groeten / Kind regards,
 Ing. Jorge de Almeida Pinto
 Senior Infrastructure Consultant
 MVP Windows Server - Directory Services
  
 LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
 (   Tel : +31-(0)40-29.57.777
 (   Mobile : +31-(0)6-26.26.62.80
 *   E-mail : see sender address
 
   _  
 
 From: [EMAIL PROTECTED] on behalf of joe
 Sent: Thu 2006-10-05 20:22
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] OT: wikis
 
 
 
 Careful, I recall a math professor in my differential equations class or
 maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2
 and it wasn't a numberical base trick
 
 I didn't follow through it, I just closed my eyes and shook my head and
 thought forward to my communications class as the sights were easier on the
 eyes...
 
 I still wonder why I went into a field with such a high ratio of men to
 women... :)
 
 
 --
 O'Reilly Active Directory Third Edition -
 http://www.joeware.net/win/ad3e.htm
 
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson
 Sent: Thursday, October 05, 2006 12:55 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] OT: wikis
 
 999,998 + 2 = 1,000,000, not 100,000. ;-)
 
  -Original Message-
  From: [EMAIL PROTECTED]
  [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims
  Sent: Thursday, October 05, 2006 11:49 AM
  To: ActiveDir@mail.activedir.org
  Subject: [ActiveDir] OT: wikis
 
 
   It's funny how we quote wikis as definitive sources of information,
   when they can be edited by anyone and everyone :)
  
   Who vets the edits and how much does that person know about the
   subject matter??
 
  Anyone can edit, which is why they are generally correct. 
  When 100,000 people view a record, and 2 people want to
  change it to be incorrect,
  999,998 will want to correct it.
 
  I wouldn't use a wiki as a great historical or technical
  source.  But for encyclopedia entries, which give a good
  summation of a subject, they are great.
 
 
  List info   : http://www.activedir.org/List.aspx
  List FAQ: http://www.activedir.org/ListFAQ.aspx
  List archive: http://www.activedir.org/ml/threads.aspx
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 
 
 This e-mail and any attachment is for authorised use by the intended
 recipient(s) only. It may contain proprietary material, confidential
 information and/or be subject to legal privilege. It should not be copied,
 disclosed to, retained or used by, any other party. If you are not an
 intended recipient then please promptly delete this e-mail and any
 attachment and all copies and inform the sender. Thank you.
 
 
 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] [OT] Exchange 2007 Schema

2006-10-05 Thread Brett Shirley 
Oh crap!  Brian Puhl, you reading?  Tony says E2k7 is a beta product, I
hope you didn't load that schema on our main forest?  Too late to get it
backed out (via forest restore)?

Thanks for the heads up Tony,
BrettSh [msft]

P.S. - Does anyone think I'm as funny as I think I am ... probably not ...


On Thu, 5 Oct 2006, Tony Murray wrote:

 Hi all
 
 There are apparently schema changes post Beta 2 - just in case anyone was 
 considering pre-loading the schema changes into production [1].
 
 I don't have any further details on what the changes are.
 
 Tony
 
 [1] Which of course you wouldn't contemplate with a Beta product :-) 
 
 
 
 
 
 Sent via the WebMail system at mail.activedir.org
 
 
  

 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: Volume licensing activation

2006-10-05 Thread Matt Hargraves 
I can completely understand Microsoft's point, don't get me wrong.I guess it just kinda gets my goat that they're so tired of people using VLE keys as the new favorite of license violators that they're going to put the onus on the business owners to pay for a new server just to manage Microsoft's licenses. Also, Vista is one thing, but Longhorn? Do they really have that many server instances running with VLE keys that it justifies a company having to pay for 1-10 licensing servers (remember, not everyone is 100% in a single global region) to keep not only my workstations up and running, but the servers too?
I just kinda feel like if they're going to go this far, they should provide me with a license appliance to handle every x number of stations. Enough people are paying for software assurance where it seems like it would be a good business move to keep people happy, a little good with the bad I guess.
The scary part that I'm wondering about is what they're going to do with the retail/OEM versions of the software. There are enough people out there who will buy a computer but not have an internet connection (yes, I know it's not a *huge* number, the internet is half the reason a lot of people get computers), what are they going to have to do, call MS every 180 days to 'reactivate' their computer? Talk about a pain. My father would just end up giving his computer away if it came to that. Granted, he's 60 and doesn't know a tenth what most people under the age of 30 know about computers, but those are the people who need everything more convenient and less of a hassle.
On 10/4/06, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [EMAIL PROTECTED] wrote:
Microsoft's Software Protection Platform: Protecting Software andCustomers from Counterfeiters: The company announces innovativetechnology in Windows Vista and Windows Server "Longhorn" to reduce therisk of piracy and software tampering while improving software licensing.:
http://www.microsoft.com/presspass/features/2006/oct06/10-04SoftwareProtection.mspxWindows Genuine Advantage : New technology to protect Windows Vista and
other products:http://blogs.msdn.com/wga/archive/2006/10/04/New-technology-to-protect-Windows-Vista-and-other-products.aspx
Whitepaperhttp://download.microsoft.com/download/c/2/9/c2935f83-1a10-4e4a-a137-c1db829637f5/10-03-06SoftwareProtectionWP.doc
As long as it works and works well, and when it's updated it getsdisclosed so that tinfoil folks won't be shutting off auto updatesbecause that's what's happening now.Brian Desmond wrote:
 *I read through the docs on this vl activation and it's not as bad as it sounds. They're really just trying to protect the keys.* * * *Thanks,* *Brian Desmond*
 [EMAIL PROTECTED] * * *c - 312.731.3132* * * *From:* [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]] *On Behalf Of *Matt Hargraves *Sent:* Tuesday, October 03, 2006 1:34 PM *To:* 
ActiveDir@mail.activedir.org *Subject:* Re: [ActiveDir] OT: Volume licensing activation Yeah... MS is going to get really high levels of adoption on this product... Gotta wonder what in the heck they're thinking sometimes.
 On 10/2/06, *Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
 wrote: http://blogs.zdnet.com/microsoft/?p=26 Mary Jo Foley reports that the next version of Vista will have Volume licensing activation.
 List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx http://www.activedir.org/ml/threads.aspx
--Letting your vendors set your risk analysis these days?http://www.threatcode.comIf you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down...
http://blogs.technet.com/sbsList info : http://www.activedir.org/List.aspxList FAQ: 
http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx

RE: [ActiveDir] [OT] Exchange 2007 Schema

2006-10-05 Thread Brian Puhl 
No Way!  Nobody told us E2k7 is beta!  When did that happen?  Well, we're
supposed to do a forest recovery periodically to exercise the doc's anyways
(usually in a lab) - We can just roll back CORP this weekend...

We should see how long it's going to take to move the ~20K mailboxes back to
Ti first though...

Thanks for the heads up!!!

Thanks!
Brian Puhl [msft]

P.S. - Your as funny as you think you are - anyone else is just jealous

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Thursday, October 05, 2006 8:58 PM
To: ActiveDir@mail.activedir.org
Cc: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] [OT] Exchange 2007 Schema

Oh crap!  Brian Puhl, you reading?  Tony says E2k7 is a beta product, I
hope you didn't load that schema on our main forest?  Too late to get it
backed out (via forest restore)?

Thanks for the heads up Tony,
BrettSh [msft]

P.S. - Does anyone think I'm as funny as I think I am ... probably not ...


On Thu, 5 Oct 2006, Tony Murray wrote:

 Hi all
 
 There are apparently schema changes post Beta 2 - just in case anyone was
considering pre-loading the schema changes into production [1].
 
 I don't have any further details on what the changes are.
 
 Tony
 
 [1] Which of course you wouldn't contemplate with a Beta product :-) 
 
 
 
 
 
 Sent via the WebMail system at mail.activedir.org
 
 
  

 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx


List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OT: Volume licensing activation

2006-10-05 Thread Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] 

OEMs pre-activate.

(off topic)

Matt Hargraves wrote:

I can completely understand Microsoft's point, don't get me wrong.

I guess it just kinda gets my goat that they're so tired of people 
using VLE keys as the new favorite of license violators that they're 
going to put the onus on the business owners to pay for a new server 
just to manage Microsoft's licenses.  Also, Vista is one thing, but 
Longhorn?  Do they really have that many server instances running with 
VLE keys that it justifies a company having to pay for 1-10 licensing 
servers (remember, not everyone is 100% in a single global region) to 
keep not only my workstations up and running, but the servers too?


I just kinda feel like if they're going to go this far, they should 
provide me with a license appliance to handle every x number of 
stations.  Enough people are paying for software assurance where it 
seems like it would be a good business move to keep people happy, a 
little good with the bad I guess.


The scary part that I'm wondering about is what they're going to do 
with the retail/OEM versions of the software.  There are enough people 
out there who will buy a computer but not have an internet connection 
(yes, I know it's not a *huge* number, the internet is half the reason 
a lot of people get computers), what are they going to have to do, 
call MS every 180 days to 'reactivate' their computer?  Talk about a 
pain.  My father would just end up giving his computer away if it came 
to that.  Granted, he's 60 and doesn't know a tenth what most people 
under the age of 30 know about computers, but those are the people who 
need everything more convenient and less of a hassle.



On 10/4/06, *Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]* 
[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote:


Microsoft's Software Protection Platform: Protecting Software and
Customers from Counterfeiters: The company announces innovative
technology in Windows Vista and Windows Server Longhorn to
reduce the
risk of piracy and software tampering while improving software
licensing.:

http://www.microsoft.com/presspass/features/2006/oct06/10-04SoftwareProtection.mspx

Windows Genuine Advantage : New technology to protect Windows
Vista and
other products:

http://blogs.msdn.com/wga/archive/2006/10/04/New-technology-to-protect-Windows-Vista-and-other-products.aspx

http://blogs.msdn.com/wga/archive/2006/10/04/New-technology-to-protect-Windows-Vista-and-other-products.aspx

Whitepaper

http://download.microsoft.com/download/c/2/9/c2935f83-1a10-4e4a-a137-c1db829637f5/10-03-06SoftwareProtectionWP.doc

http://download.microsoft.com/download/c/2/9/c2935f83-1a10-4e4a-a137-c1db829637f5/10-03-06SoftwareProtectionWP.doc


As long as it works and works well, and when it's updated it gets
disclosed so that tinfoil folks won't be shutting off auto updates
because that's what's happening now.


Brian Desmond wrote:

 *I read through the docs on this vl activation and it's not as
bad as
 it sounds. They're really just trying to protect the keys.*

 * *

 *Thanks,*

 *Brian Desmond*

 [EMAIL PROTECTED]

 * *

 *c - 312.731.3132*

 * *

 *From:* [EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]] *On Behalf Of *Matt
Hargraves
 *Sent:* Tuesday, October 03, 2006 1:34 PM
 *To:* ActiveDir@mail.activedir.org
mailto:ActiveDir@mail.activedir.org
 *Subject:* Re: [ActiveDir] OT: Volume licensing activation

 Yeah... MS is going to get really high levels of adoption on this
 product...

 Gotta wonder what in the heck they're thinking sometimes.

 On 10/2/06, *Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]*
 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote:

 http://blogs.zdnet.com/microsoft/?p=26

 Mary Jo Foley reports that the next version of Vista will have
Volume
 licensing activation.

 List info : http://www.activedir.org/List.aspx
 List FAQ : http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ml/threads.aspx
 http://www.activedir.org/ml/threads.aspx
http://www.activedir.org/ml/threads.aspx


--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com

If you are a SBSer and you don't subscribe to the SBS Blog... man
... I will hunt you down...
http://blogs.technet.com/sbs

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx



List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx