RE: [ActiveDir] ADAM on XP Pro
I had an exchange with a vendor who was planning on a similar approach: http://groups.google.co.uk/group/microsoft.public.windows.server.active_ directory/browse_frm/thread/83248bf50f9f76ec/2aac67203f612e2a my summary, see the end of the archived thread, was that they should talk to Microsoft about this use of the replication model as it did not seem appropriate use of a multimaster replication model to me. Even if we had RO ADAM instances I still think it would be a pain to manage... let us know how you get on Thanks Lee Flight On Wed, 4 Oct 2006, Tony Murray wrote: Thanks Dmitri Yes, my security concern was with regard to laptop theft. As you say, these are ADAM and not AD accounts, so the risk of compromise is localised to the application. Good tip about EFS (even if I'm not a big fan of it generally). There may be other options (e.g. hardware encryption). I will give some further thought to the potential replication issues you mention when I know more about the application - I haven't managed to get my hands on it yet :-) Tony -- Original Message -- From: Dmitri Gavrilov [EMAIL PROTECTED] Reply-To: ActiveDir@mail.activedir.org Date: Wed, 4 Oct 2006 20:18:28 -0700 ADAM on XP is no different from ADAM on w2k3 security-wise. The big differences are that it is throttled somewhat perf-wise, and also there's no auditing. I do not see any serious security problems with this approach. Unless you are thinking that somebody steals the laptop, cracks the DIT open and brute-forces the pwd hashes? Store the DIT on an EFS volume then. In any case, these are ADAM users, not windows... The only problem will be replication -- instances will complain that they are unable to replicate when in offline mode. Perhaps this can be resolved by creating a separate site for every instance and setting up manual links to the hub instance. Hmm. Not sure. I guess it depends on how long they'll stay offline. KCC is not really optimized to work well in such scenarios. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray Sent: Wednesday, October 04, 2006 7:34 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] ADAM on XP Pro I've been talking to a vendor about an application they are developing. It involves running ADAM instances on XP Pro machines (laptops) that replicate with a centralised ADAM instance running on W2K3. I don't have further details at this stage, but I believe the they are planning to use the local ADAM instance to authenticate laptop users to an application when they are off-line. In addition to security concerns with this approach, I'm not really comfortable with the idea of ADAM instances on laptops being part of a configuration set. I had always understool ADAM on XP to be used for a personal data store (http://technet2.microsoft.com/WindowsServer/en/library/29fb059e-544c-45 77-bf7c-ba4b08df48431033.mspx?mfr=true). Any thoughts on this? Tony List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] Domain Controller Bare Metal restore
List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫
RE: [ActiveDir] Domain Controller Bare Metal restore
PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫
RE: [ActiveDir] Domain Controller Bare Metal restore
That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫
RE: [ActiveDir] Domain Controller Bare Metal restore
Why do you need one sysprep image of all you DCs? Can't you just make one sysprep image in total (and just add all the necessary drivers for each model?). Alternatively there is an ADS image mounting tool you can use if you need to make slight modifications to a captured image to cater for different devices. Cheers Ken : -Original Message- : From: [EMAIL PROTECTED] [mailto:ActiveDir- : [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF : NASIC/SCNA : Sent: Thursday, 5 October 2006 10:11 PM : To: ActiveDir@mail.activedir.org : Subject: [ActiveDir] Domain Controller Bare Metal restore : : List, : : I have been looking at several options to restore a failed DC from the : ground up. ADS seems to look promising, but its hard to get one : SYSPREP image for all of my DCs even though they are all flavors of : Dell PowerEdge, it has proven difficult. Does anyone know of a good : solution to restore a DC from the ground up utilizing a network : connection, without inserting disk and going through the steps. : : Thanks, : Nathaniel V Bahta : Sr. Systems Administrator : General Dynamics Information Technology : (937)257-4757 : : : : -Original Message- : From: [EMAIL PROTECTED] [mailto:ActiveDir- : [EMAIL PROTECTED] On Behalf Of Mark Parris : Sent: Wednesday, October 04, 2006 3:24 AM : To: ActiveDir.org : Subject: Re: [ActiveDir] choose between SOAD and Netpro directory : Troubleshooter. : : SOAD has a lovely GUI and lots of flashing lights : : : Mark Parris : : Base IT Ltd : Active Directory Consultancy : Tel +44(0)7801 690596 : : : -Original Message- : From: Yann [EMAIL PROTECTED] : Date: Tue, 3 Oct 2006 20:11:12 : To:ActiveDir@mail.activedir.org : Subject: [ActiveDir] choose between SOAD and Netpro directory : Troubleshooter. : : Hello all, : : I don't know if it is the right place : I'm about to test 2 AD Troubleshooters products and I have to choose : one them to monitor,tshoot our AD infrastructure: : Spoltligh on Active Directory (SOAD) and Netpro Active Directory : Troubleshooter. : Does someone have any experiences with the 2 products and could tell me : what are the pros and cons of each of them ? : : Thank you, : : Yann : : : : : : Découvrez un nouveau moyen de poser toutes vos questions quel que soit : le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, : vos opinions et vos expériences. Cliquez ici: : http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . : .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 : .+w֧B+v*rz+v*汫
Re: [ActiveDir] Folder Redirection Problem
Have you tried giving a test user traverse folder or other benign rights at the level where Outlook gets stuck? Andrew Fidel Dan DeStefano [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 10/04/2006 09:01 PM Please respond to ActiveDir@mail.activedir.org To ActiveDir@mail.activedir.org cc Subject [ActiveDir] Folder Redirection Problem I am sorry if this is a repost, but I inadvertently deleted any responses: I am having a weird problem with folder redirection. I have set the My Documents redirection to the subfolder of the root drive option and set the path to the homefolders directory (\\servername\homefolders$). This is supposed to redirect users my documents to \\servername\homefolders$\%username%\my documents and it does. The users log onto their PCs and open their My Documents folder fine and looking at the properties of their my documents folder confirms that the redirection is working properly. The problem is that in certain applications, namely Outlook 2003 (all latest patches and SPs applied). When a user goes to save an attachment, for example, and clicks on my documents in the save dialog, they receive the error cannot access \\servername\homefolders$, which makes sense since the users do not have access to the homefolders$ share, just to their subfolder. So Outlook, for some reason, is not drilling down into the users my documents in the home folder, but instead is trying to access the root of the homefolders$ share. In other Office apps, the my documents works fine. There are also no event log entries that reference this issue. I am stuck here as I am unable to find any KB articles that discuss this. Does anyone have any suggestions? I have not yet reinstalled Outlook because all other Office apps work fine. Office was deployed to the workstations via group policy using an AIP and MST transform. Any help would be greatly appreciated. Dan DeStefano Info-lution Corporation [EMAIL PROTECTED] http://www.info-lution.com Office: 727 546-9143 FAX: 727 541-5888 If you have received this message in error please notify the sender, disregard any content and remove it from your possession.
RE: [ActiveDir] OT: ExMerge works for some, not others
Can you post the error? Make sure those users are not hidden in the GAL, if you hide them it will not work. Rezuma From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noah EigerSent: Wednesday, October 04, 2006 8:20 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: ExMerge works for some, not others Hello: Sorry for the OT. ExMerge is giving me heartburn. I have a small Exchange install where all the tools (and everything else) is on the DC. (Yes, if they had thought about it earlier, it would be SBS -- but it is not.) I am trying to run ExMerge to pull out PST files. The user running ExMerge is Domain Admin, Enterprise Admin, and Domian User. I believe all of those groups are denied SEnd As and Receive As. At least, Receive As is required to run ExMerge. Yet, despite that, I am able to run ExMerge against about half of the users. The other half cough up permission errors in the log. One additional factor: all of the problem users were disabled within AD. I re-enabled the accounts for this purpose. Any thoughts about what is going on here? Why some work and some don't? Thanks. - nme --No virus found in this outgoing message.Checked by AVG Free Edition.Version: 7.1.394 / Virus Database: 268.12.10/459 - Release Date: 9/29/2006
RE: [ActiveDir] Domain Controller Bare Metal restore
I don’t need one sysprep image OF all my DCs, it’s one sysprep image in total, just as you said. I added the necessary drivers for each model and used imgmount /mount to modify the sysprep.inf [SysprepMassStorage] section and to add the drivers for the different RAID controllers. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer Sent: Thursday, October 05, 2006 8:32 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore Why do you need one sysprep image of all you DCs? Can't you just make one sysprep image in total (and just add all the necessary drivers for each model?). Alternatively there is an ADS image mounting tool you can use if you need to make slight modifications to a captured image to cater for different devices. Cheers Ken : -Original Message- : From: [EMAIL PROTECTED] [mailto:ActiveDir- : [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF : NASIC/SCNA : Sent: Thursday, 5 October 2006 10:11 PM : To: ActiveDir@mail.activedir.org : Subject: [ActiveDir] Domain Controller Bare Metal restore : : List, : : I have been looking at several options to restore a failed DC from the : ground up. ADS seems to look promising, but its hard to get one : SYSPREP image for all of my DCs even though they are all flavors of : Dell PowerEdge, it has proven difficult. Does anyone know of a good : solution to restore a DC from the ground up utilizing a network : connection, without inserting disk and going through the steps. : : Thanks, : Nathaniel V Bahta : Sr. Systems Administrator : General Dynamics Information Technology : (937)257-4757 : : : : -Original Message- : From: [EMAIL PROTECTED] [mailto:ActiveDir- : [EMAIL PROTECTED] On Behalf Of Mark Parris : Sent: Wednesday, October 04, 2006 3:24 AM : To: ActiveDir.org : Subject: Re: [ActiveDir] choose between SOAD and Netpro directory : Troubleshooter. : : SOAD has a lovely GUI and lots of flashing lights : : : Mark Parris : : Base IT Ltd : Active Directory Consultancy : Tel +44(0)7801 690596 : : : -Original Message- : From: Yann [EMAIL PROTECTED] : Date: Tue, 3 Oct 2006 20:11:12 : To:ActiveDir@mail.activedir.org : Subject: [ActiveDir] choose between SOAD and Netpro directory : Troubleshooter. : : Hello all, : : I don't know if it is the right place : I'm about to test 2 AD Troubleshooters products and I have to choose : one them to monitor,tshoot our AD infrastructure: : Spoltligh on Active Directory (SOAD) and Netpro Active Directory : Troubleshooter. : Does someone have any experiences with the 2 products and could tell me : what are the pros and cons of each of them ? : : Thank you, : : Yann : : : : : : Découvrez un nouveau moyen de poser toutes vos questions quel que soit : le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, : vos opinions et vos expériences. Cliquez ici: : http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . : .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 : .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫
Re: [ActiveDir] Folder Redirection Issue
If you're using a transform file to deploy, you should be able to define the default file location, either as a variable (%homedrive%) or alternatively, you can install the GPO extensions for MS Office and set the item via GPO and stop worrying, as long as you test it a little bit before deploying it out to everyone. On 10/4/06, Kennedy, Jim [EMAIL PROTECTED] wrote: "Office was deployed to the workstations via group policy using an AIP and MST transform." Bet you will find something in that MST that is pointing to the wrong location. Blow out an Outlook profile on one as a test. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dan DeStefano Sent: Wednesday, October 04, 2006 11:02 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Folder Redirection Issue I am having a weird problem with folder redirection. I have set the My Documents redirection to the subfolder of the root drive option and set the path to the homefolders directory (\\servername\homefolders$). This is supposed to redirect users my documents to \\servername\homefolders$\%username%\my documents and it does. The users log onto their PCs and open their My Documents folder fine – and looking at the properties of their my documents folder confirms that the redirection is working properly. The problem is that in certain applications, namely Outlook 2003 (all latest patches and SPs applied). When a user goes to save an attachment, for example, and clicks on my documents in the save dialog, they receive the error "cannot access \\servername\homefolders$, which makes sense since the users do not have access to the homefolders$ share, just to their subfolder. So Outlook, for some reason, is not drilling down into the users my documents in the home folder, but instead is trying to access the root of the homefolders$ share. In other Office apps, the my documents works fine. There are also no event log entries that reference this issue. I am stuck here as I am unable to find any KB articles that discuss this. Does anyone have any suggestions? I have not yet reinstalled Outlook because all other Office apps work fine. Office was deployed to the workstations via group policy using an AIP and MST transform. Any help would be greatly appreciated. Dan DeStefano Info-lution Corporation [EMAIL PROTECTED] http://www.info-lution.com Office: 727 546-9143 FAX: 727 541-5888 If you have received this message in error please notify the sender, disregard any content and remove it from your possession.
Re: [ActiveDir] Folder Redirection Issue
Sorry, didn't read thoroughly first (oops). Yeah, it sounds like a perms issue, I usually set the root of my user shares directory to have Read/Traverse perms for users in case of an emergency and/or troubleshooting. It's an administrative share anyway, I can understand the paranoia of also setting it to basically be unbrowsable, but it sounds like you're going 1/2 a step too far (at least for the purposes of the applications in your environment). On 10/5/06, Matt Hargraves [EMAIL PROTECTED] wrote: If you're using a transform file to deploy, you should be able to define the default file location, either as a variable (%homedrive%) or alternatively, you can install the GPO extensions for MS Office and set the item via GPO and stop worrying, as long as you test it a little bit before deploying it out to everyone. On 10/4/06, Kennedy, Jim [EMAIL PROTECTED] wrote: Office was deployed to the workstations via group policy using an AIP and MST transform. Bet you will find something in that MST that is pointing to the wrong location. Blow out an Outlook profile on one as a test. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Dan DeStefano Sent: Wednesday, October 04, 2006 11:02 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Folder Redirection Issue I am having a weird problem with folder redirection. I have set the My Documents redirection to the subfolder of the root drive option and set the path to the homefolders directory (\\servername\homefolders$). This is supposed to redirect users my documents to \\servername\homefolders$\%username%\my documents and it does. The users log onto their PCs and open their My Documents folder fine – and looking at the properties of their my documents folder confirms that the redirection is working properly. The problem is that in certain applications, namely Outlook 2003 (all latest patches and SPs applied). When a user goes to save an attachment, for example, and clicks on my documents in the save dialog, they receive the error cannot access \\servername\homefolders$, which makes sense since the users do not have access to the homefolders$ share, just to their subfolder. So Outlook, for some reason, is not drilling down into the users my documents in the home folder, but instead is trying to access the root of the homefolders$ share. In other Office apps, the my documents works fine. There are also no event log entries that reference this issue. I am stuck here as I am unable to find any KB articles that discuss this. Does anyone have any suggestions? I have not yet reinstalled Outlook because all other Office apps work fine. Office was deployed to the workstations via group policy using an AIP and MST transform. Any help would be greatly appreciated. Dan DeStefano Info-lution Corporation [EMAIL PROTECTED] http://www.info-lution.com Office: 727 546-9143 FAX: 727 541-5888 If you have received this message in error please notify the sender, disregard any content and remove it from your possession.
RE: [ActiveDir] what is the meaning of OT in front of the subject
Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Domain Controller Bare Metal restore
Unattended install doesn't require an image ... it automates windows setup. You're probably missing something in your MassStorageControllers section. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 [EMAIL PROTECTED])
Re: [ActiveDir] what is the meaning of OT in front of the subject
Off Topic? Ramon Linan wrote: Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] what is the meaning of OT in front of the subject
OT = Off Topic http://en.wikipedia.org/wiki/Off-topic ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan Sent: Thursday, October 05, 2006 15:40 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] what is the meaning of OT in front of the subject
Off topic. You should have used it for this thread :-^ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan Sent: 05 October 2006 14:40 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Domain Controller Bare Metal restore
See I thought that as well, but if I were missing something in my MassStorageControllers section, then it would not even boot up to the splash screen, it would just BSOD with inaccessible boot device. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 9:45 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore Unattended install doesn't require an image ... it automates windows setup. You're probably missing something in your MassStorageControllers section. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:36 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 [EMAIL PROTECTED])
RE: [ActiveDir] what is the meaning of OT in front of the subject
Off Track? Original Message Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject From: Ramon Linan [EMAIL PROTECTED] Date: Thu, October 05, 2006 6:39 am To: ActiveDir@mail.activedir.org Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] what is the meaning of OT in front of the subject
Off Topic i.e. the people on the list might know the answer but it's nothing to do with Active Directory. e.g. What are the recommended Anti-Virus exclusions for a Domain Controller? Mark Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Ramon Linan [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 09:39:38 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Domain Controller Bare Metal restore
Look on the Altiris website for Hardware idependent installs v2 - you can disect all the info out of this document. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 08:35:57 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 [EMAIL PROTECTED])[EMAIL PROTECTED])
RE: [ActiveDir] what is the meaning of OT in front of the subject
Off-topic. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Gilbert Sent: Thursday, October 05, 2006 10:14 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Off Track? Original Message Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject From: Ramon Linan [EMAIL PROTECTED] Date: Thu, October 05, 2006 6:39 am To: ActiveDir@mail.activedir.org Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Goiong further OT :) RE: [ActiveDir] what is the meaning of OT in front of the subject
It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: 05 October 2006 14:57 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject OT = Off Topic http://en.wikipedia.org/wiki/Off-topic ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan Sent: Thursday, October 05, 2006 15:40 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] OT: Exchange in environment - reboot necessary after a DC has been made a GC
I have been spending a little more time on this. RPC Dump wouldnt run before and gave me an error (see earlier post). I now managed to get it working. To summarize it all: Exchange 2003 SP2 throws an error in the Eventlog (Event ID 9176) which seems to indicate that the GC it is contacting doesnt support the NSPI service. According to the information in that same Event ID this would be due to the fact that the DC had not been rebooted after it having been made a GC. I ran RPC Dump on the GC in question and have enclosed the output (I took everything but NSP). By the way, this GC is a root DC which is on W2K. Is NSP listed the way it should be? Cheers and thanks, Victor -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: zaterdag 23 september 2006 2:52 To: ActiveDir@mail.activedir.org Subject: RE: RE: [ActiveDir] OT: Exchange in environment - reboot necessary after a DC has been made a GC What is the rev of the DC? Using RPC Dump do you see MS NT Directory NSP Interface interfaces listed? joe -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of victor- [EMAIL PROTECTED] Sent: Friday, September 22, 2006 11:07 AM To: ActiveDir@mail.activedir.org Subject: Re: RE: [ActiveDir] OT: Exchange in environment - reboot necessary after a DC has been made a GC Yeah, I thought so, thanks for the info. The damn thing is that Exchange still throws event 9176: Event ID 9176 from MSExchangeSA occurred 1 times (NSPI Proxy can contact Global Catalog servername but it does not support the NSPI service. After a Domain Controller is promoted to a Global Catalog, the Global Catalog must be rebooted to support MAPI Clients. Reboot servernamerio as soon as possible. - Oorspronkelijk bericht - Van: joe [EMAIL PROTECTED] Datum: vrijdag, september 22, 2006 4:38 pm Onderwerp: RE: [ActiveDir] OT: Exchange in environment - reboot necessary after a DC has been made a GC This is no longer necessary with current revs of AD. It was necessary previously to get the NSPI functionality to fire up. Now it does that automagically. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of victor- [EMAIL PROTECTED]: Friday, September 22, 2006 10:31 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Exchange in environment - reboot necessary after a DC has been made a GC A question came up wether or not a reboot is really necessary after a DC has been made GC and Exchange would need to use this GC. I have worked in a pretty large environment (at least to my standards :- )). Where DC's did not get rebooted afther having been made GC's. The AD admins simply waited until event 1119 appeared. I have read the following article which indicates a reboot is necessary if you have Exchange in the environment. http://support.microsoft.com/kb/304403/ But is this really still necessary with Exchange 2003 SP2 and Windows 2003 SP1? Cheers, Victor List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx Querying Endpoint Mapper Database... 62 registered endpoints found. ProtSeq:ncacn_http Endpoint:1029 NetOpt: Annotation:MS NT Directory NSP Interface IsListening:NOT_PINGED StringBinding:ncacn_http:10.34.0.4[1029] UUID:f5cc5a18-4264-101a-8c59-08002b2f8426 ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT VersMajor 56 VersMinor 0 ProtSeq:ncadg_ip_udp Endpoint:1028 NetOpt: Annotation:MS NT Directory NSP Interface IsListening:NOT_PINGED StringBinding:ncadg_ip_udp:10.34.0.4[1028] UUID:f5cc5a18-4264-101a-8c59-08002b2f8426 ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT VersMajor 56 VersMinor 0 ProtSeq:ncalrpc Endpoint:NTDS_LPC NetOpt: Annotation:MS NT Directory NSP Interface IsListening:NOT_PINGED StringBinding:ncalrpc:[NTDS_LPC] UUID:f5cc5a18-4264-101a-8c59-08002b2f8426 ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT VersMajor 56 VersMinor 0 ProtSeq:ncalrpc Endpoint:LRPC0190.0001 NetOpt: Annotation:MS NT Directory NSP Interface IsListening:NOT_PINGED StringBinding:ncalrpc:[LRPC0190.0001] UUID:f5cc5a18-4264-101a-8c59-08002b2f8426
[ActiveDir] Not receiving email from this list
I'm not getting emails from this list at my work email, starting last Thursday. Has anyone else experienced the same thing? Alex List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Domain Controller Bare Metal restore
The constant reboot is often a different HAL, multiproc, singleproc, damn hyperthreading, or APCI non APCI, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Mark Parris [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 14:30:35 To:ActiveDir.org ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore Look on the Altiris website for Hardware idependent installs v2 - you can disect all the info out of this document. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 08:35:57 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 [EMAIL PROTECTED])[EMAIL PROTECTED])[EMAIL PROTECTED])
RE: Goiong further OT :) RE: [ActiveDir] what is the meaning of OT in front of the subject
Funnily enough, there's a wiki entry about this... :-) http://en.wikipedia.org/wiki/Wikipedia:Introduction -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, October 05, 2006 11:08 AM To: ActiveDir@mail.activedir.org Subject: Goiong further OT :) RE: [ActiveDir] what is the meaning of OT in front of the subject It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: 05 October 2006 14:57 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject OT = Off Topic http://en.wikipedia.org/wiki/Off-topic ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan Sent: Thursday, October 05, 2006 15:40 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email please notify the sender immediately and delete your copy from your system. You must not copy, distribute or take any further action in reliance on it. Email is not a secure method of communication and Nomura International plc ('NIplc') will not, to the extent permitted by law, accept responsibility or liability for (a) the accuracy or completeness of, or (b) the presence of any virus, worm or similar malicious or disabling code in, this message or any attachment(s) to it. If verification of this email is sought then please request a hard copy. Unless otherwise stated this email: (1) is not, and should not be treated or relied upon as, investment research; (2) contains views or opinions that are solely those of the author and do not necessarily represent those of NIplc; (3) is intended for informational purposes only and is not a recommendation, solicitation or offer to buy or sell securities or related financial instruments. NIplc does not provide investment services to private customers. Authorised and regulated by the Financial Services Authority. Registered in England no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand, London, EC1A 4NP. A member of the Nomura group of companies. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Domain Controller Bare Metal restore
Yeah that’s what I used to make my sysprep.inf file. It is very informative, better than MS's stuff by all means. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Thursday, October 05, 2006 10:31 AM To: ActiveDir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore Look on the Altiris website for Hardware idependent installs v2 - you can disect all the info out of this document. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 08:35:57 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 [EMAIL PROTECTED])[EMAIL PROTECTED]) [EMAIL PROTECTED])
RE: [ActiveDir] Domain Controller Bare Metal restore
Youre exactly right Mark, hyperthreading is enabled on the hardware that reboots and not enabled on the hardware that does not. Is there a best practice for a situation like this? Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Thursday, October 05, 2006 11:33 AM To: ActiveDir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore The constant reboot is often a different HAL, multiproc, singleproc, damn hyperthreading, or APCI non APCI, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Mark Parris [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 14:30:35 To:ActiveDir.org ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore Look on the Altiris website for Hardware idependent installs v2 - you can disect all the info out of this document. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 08:35:57 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 [EMAIL PROTECTED])[EMAIL PROTECTED])[EMAIL PROTECTED])
Re: [ActiveDir] Not receiving email from this list
I get some; but many are blank (sometimes blank from Brian Desmond, always from Mark Parris). On 10/5/06, Alex Alborzfard [EMAIL PROTECTED] wrote: I'm not getting emails from this list at my work email, starting lastThursday. Has anyone else experienced the same thing? AlexList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] what is the meaning of OT in front of the subject
Huh, I would've considered that on-topic ... esp. when threads start How do I configure a Exchange mailbox blah blah ... right like we know about Exchange? Cheers, -BrettSh no warranties, yada, yada ... On Thu, 5 Oct 2006, Mark Parris wrote: Off Topic i.e. the people on the list might know the answer but it's nothing to do with Active Directory. e.g. What are the recommended Anti-Virus exclusions for a Domain Controller? Mark Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Ramon Linan [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 09:39:38 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Not receiving email from this list
I was not receiving them until I realized that it was our sonicwall antispam...I have had no problem since then. Rezuma -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alex Alborzfard Sent: Thursday, October 05, 2006 11:34 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Not receiving email from this list I'm not getting emails from this list at my work email, starting last Thursday. Has anyone else experienced the same thing? Alex List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] OT: wikis
Right, and remember there is not absolute truth!! :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] OT: wikis
999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] Who keeps creating this folder files?!
Argh! On one of our file servers, there is a "public" directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
RE: [ActiveDir] what is the meaning of OT in front of the subject
While this thread is OT, I'd actually consider your example to be right on-topic ;-) /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Thursday, October 05, 2006 4:28 PM To: ActiveDir.org Subject: Re: [ActiveDir] what is the meaning of OT in front of the subject Off Topic i.e. the people on the list might know the answer but it's nothing to do with Active Directory. e.g. What are the recommended Anti-Virus exclusions for a Domain Controller? Mark Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Ramon Linan [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 09:39:38 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: wikis
Except when 99% of the common wisdom about something is wrong, like in the case of ESE / JET Blue ... ;-) Cheers, -BrettSh On Thu, 5 Oct 2006, Greg Nims wrote: It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Single forest with two domain trees to splut up.
The DomainB that you want to split off still needs the root domain (DomainA) to work. So you can't just say screw DomainA and cut it off. You'll need at least 1 (2 for redundancy) DCs of DomainA to remain in the site you wish to split off. No problems to get rid of DomainB in the site that keeps DomainA. There are still multiple risks with this approach as you don't need direct connectivity for the folks in Site2 (DomainB) to do harm to your folks in Site1 (DomainA) - they still have the same Enterprise Admins and local Admins SID in the root domain and you can do a lot of things with a notebook that travels between these sites... So ideally (and really the only way to do it safely from a security standpoint) you're talking about a migration of your DomainB objects to a new forest. /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of knighTslayer Sent: Wednesday, October 04, 2006 11:10 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Single forest with two domain trees to splut up. Hello, This is my first post, so please forgive me if this question has already been asked... I have a mixed AD forest with two domain trees. Each domain tree is located at a different geographical site, and sites and services is configured to reflect this. DomainA has the namespace of 'logistics.ads' and DomainB has a namespace of 'finance.dom' The very first domain tree (DomainA) is a Windows 2000 domain and the second domain tree (DomainB) is a Windows 2003 domain. Finance.dom has been bought by a third party and I must split the forest in two and resolve any issues that arises from doing this. As logistics.ads was the first domain in the forest, it holds the Schema Master role and Domain naming master role. Exchange 2000 is installed at DomainA and Exchange 2003 is installed in DomainB. Administrative groups are used to reflect the geographical topology of my set-up. Each domain has its own SMTP namespace and SMTP routing will not be a problem as I can comfortably overcome this. The GAL being split and replaced with contacts is acceptable and I have no issues at this level. The WAN connection between the domains will be removed and the only means of communication between the two organisations will be through SMTP routing through the internet and nothing else. No other application between the domains are in use, besides Exchange. My current plan is to simply cut the link between the sites and seize the roles that are missing from the newly split domains - so in effect bringing up two forests. Issues with Exchange, ghosted servers in AD, and so on will be removed using ADSI edit and NTDSutil. My main question is this: is there better technique I should follow for splitting up a forest or am I on the right track? Thanks in advance René List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Forest trusts
It will, but it is a solvable problem. You'll also have some headaches for the trust itself, but that's where the nifty Win2003 features such as Name Suffix Routing and Top Level Name Restrictions come into play. /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Daniel Gilbert Sent: Tuesday, October 03, 2006 4:32 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Forest trusts Don't you have to do some DNS delegations to ensure clients in one forest can find clients in the other forest? I would think that having domain.com as the tier two for both forests will cause some unique DNS headaches. Dan Original Message Subject: RE: [ActiveDir] Forest trusts From: Almeida Pinto, Jorge de [EMAIL PROTECTED] Date: Tue, October 03, 2006 6:47 am To: ActiveDir@mail.activedir.org Both forests can be connected to each other as long as within the connected environment each domain name is unique (NetBIOS and DNS)... So if you have a forest called DOMAIN.COM (NetBIOS = DOMAIN) and another forest called SUB.DOMAIN.COM (NetBIOS = SUB) you can connect them to each and setup trusts between the forests. jorge -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lev Zdenek Sent: Tuesday, October 03, 2006 15:35 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Forest trusts Hello evr. I have two independent forests. Is it possible to trust forests which share a same name space. For example. I have domain in first forest domain.com and a domain in second forest my.domain.com. If not is it possible to migrate with some tools a domain my.domain.com to domain domain.com ? Thx Zdenek Lev List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] Trusts and policy issues
Scenario: Two domains. Domain A is a child of Forest A. Domain B is the Root of Forest B. Domain B trusts Domain A Domain A selectively Trusts Domain B. Trying to setup so that Group policies for the users from Domain B will apply on a workstation from Domain A. Actions: I set a GPO with Allow Cross-Forest User Policy and Roaming User Profiles. Set within Domain A AD to Allow Authenticate on a specific workstation. RSOP: When I check on the machine I do not get the option to check for the user from Domain B on that workstation. I only see Domain A or local users. Am I missing something or is this possible when your using Selective Authentication? Jeff List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Domain Controller Bare Metal restore
What is do here is usually enable hyperthreading or disable it if applicable or swap the hal out, a KB article is available on microsoft to do this. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 12:22:41 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore Youre exactly right Mark, hyperthreading is enabled on the hardware that reboots and not enabled on the hardware that does not. Is there a best practice for a situation like this? Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Thursday, October 05, 2006 11:33 AM To: ActiveDir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore The constant reboot is often a different HAL, multiproc, singleproc, damn hyperthreading, or APCI non APCI, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Mark Parris [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 14:30:35 To:ActiveDir.org ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore Look on the Altiris website for Hardware idependent installs v2 - you can disect all the info out of this document. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 08:35:57 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫 .+w֧B+v*rz+v*汫 [EMAIL PROTECTED])[EMAIL PROTECTED])[EMAIL PROTECTED]) [EMAIL PROTECTED])
RE: [ActiveDir] Domain Controller Bare Metal restore
What brand of hardware is it? Maybe disable it as part of your imaging process and enable it when complete? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 12:23 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore Youre exactly right Mark, hyperthreading is enabled on the hardware that reboots and not enabled on the hardware that does not. Is there a best practice for a situation like this? Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Thursday, October 05, 2006 11:33 AM To: ActiveDir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore The constant reboot is often a different HAL, multiproc, singleproc, damn hyperthreading, or APCI non APCI, Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Mark Parris [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 14:30:35 To:ActiveDir.org ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Domain Controller Bare Metal restore Look on the Altiris website for Hardware idependent installs v2 - you can disect all the info out of this document. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Bahta, Nathaniel V CTR USAF NASIC/SCNA [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 08:35:57 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore That’s what I have been trying to do, but using one image for all of my different hardware types has not worked. Specifically I can get the image to apply via PXE, but once it boots up to go through the SYSPREP mini-setup, the splash screen appears and it reboots, it just keeps doing that. The same image works fine on another version of the PowerEdge, but on the other model it just continuously reboots. Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Brian Desmond Sent: Thursday, October 05, 2006 8:22 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Domain Controller Bare Metal restore PXE Boot into an unattended install? Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Bahta, Nathaniel V CTR USAF NASIC/SCNA Sent: Thursday, October 05, 2006 8:11 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Domain Controller Bare Metal restore List, I have been looking at several options to restore a failed DC from the ground up. ADS seems to look promising, but its hard to get one SYSPREP image for all of my DCs even though they are all flavors of Dell PowerEdge, it has proven difficult. Does anyone know of a good solution to restore a DC from the ground up utilizing a network connection, without inserting disk and going through the steps. Thanks, Nathaniel V Bahta Sr. Systems Administrator General Dynamics Information Technology (937)257-4757 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Wednesday, October 04, 2006 3:24 AM To: ActiveDir.org Subject: Re: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. SOAD has a lovely GUI and lots of flashing lights Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Yann [EMAIL PROTECTED] Date: Tue, 3 Oct 2006 20:11:12 To:ActiveDir@mail.activedir.org Subject: [ActiveDir] choose between SOAD and Netpro directory Troubleshooter. Hello all, I don't know if it is the right place I'm about to test 2 AD Troubleshooters products and I have to choose one them to monitor,tshoot our AD infrastructure: Spoltligh on Active Directory (SOAD) and Netpro Active Directory Troubleshooter. Does someone have any experiences with the 2 products and could tell me what are the pros and cons of each of them ? Thank you, Yann Découvrez un nouveau moyen de poser toutes vos questions quel que soit le sujet ! Yahoo! Questions/Réponses pour partager vos connaissances, vos opinions et vos expériences. Cliquez ici: http://fr.rd.yahoo.com/evt=42054/*http://fr.answers.yahoo.com . .+Šw†ÛÿüÁ§Š÷Šºƒò²Ö§²ÑB§ÿö+v*®ŠË§²Örz§ÿö+v*®—û汫 .+w֧B+v*rz+v*汫
Re: [ActiveDir] ADAM on XP Pro
A hybrid approach to storing it on EFS would be to use a laptop specific protection program. Something that encrypts the harddrive and prevents the laptop from being hacked via off-line means. This may or may not mitigate the legal concerns, but it would help to protect the data on a laptop that's gone missing. Saying that, I'm trying to see the benefit of using ADAM for, in essence a single user application. Seems overkill in my mind. If they want to have centralized control over the identities in an off-line fashion, then I suggest that ADAM might not be the right technology for their needs. As the others have alluded to, the replication would be difficult to manage as it's not really intended to be managed that way in my opinion. And relying on the client to sync up with the mothership is no way to enforce security. That's similar to asking a child to make sure he guards the cookie jar from himself. :) AlOn 10/5/06, Lee Flight [EMAIL PROTECTED] wrote: I had an exchange with a vendor who was planning on a similar approach:http://groups.google.co.uk/group/microsoft.public.windows.server.active_ directory/browse_frm/thread/83248bf50f9f76ec/2aac67203f612e2amy summary, see the end of the archived thread, was that theyshould talk to Microsoft about this use of the replication modelas it did not seem appropriate use of a multimaster replication model to me. Even if we had RO ADAM instances I still think itwould be a pain to manage... let us know how you get onThanksLee FlightOn Wed, 4 Oct 2006, Tony Murray wrote: Thanks Dmitri Yes, my security concern was with regard to laptop theft.As you say, these are ADAM and not AD accounts, so the risk of compromise is localised to the application.Good tip about EFS (even if I'm not a big fan of it generally).There may be other options ( e.g. hardware encryption). I will give some further thought to the potential replication issues you mention when I know more about the application - I haven't managed to get my hands on it yet :-) Tony -- Original Message -- From: Dmitri Gavrilov [EMAIL PROTECTED] Reply-To: ActiveDir@mail.activedir.org Date:Wed, 4 Oct 2006 20:18:28 -0700 ADAM on XP is no different from ADAM on w2k3 security-wise. The big differences are that it is throttled somewhat perf-wise, and also there's no auditing. I do not see any serious security problems with this approach. Unless you are thinking that somebody steals the laptop, cracks the DIT open and brute-forces the pwd hashes? Store the DIT on an EFS volume then. In any case, these are ADAM users, not windows... The only problem will be replication -- instances will complain that they are unable to replicate when in offline mode. Perhaps this can be resolved by creating a separate site for every instance and setting up manual links to the hub instance. Hmm. Not sure. I guess it depends on how long they'll stay offline. KCC is not really optimized to work well in such scenarios. -Original Message- From: [EMAIL PROTECTED] [mailto: [EMAIL PROTECTED]] On Behalf Of Tony Murray Sent: Wednesday, October 04, 2006 7:34 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] ADAM on XP Pro I've been talking to a vendor about an application they are developing. It involves running ADAM instances on XP Pro machines (laptops) that replicate with a centralised ADAM instance running on W2K3.I don't have further details at this stage, but I believe the they are planning to use the local ADAM instance to authenticate laptop users to an application when they are off-line. In addition to security concerns with this approach, I'm not really comfortable with the idea of ADAM instances on laptops being part of a configuration set.I had always understool ADAM on XP to be used for a personal data store ( http://technet2.microsoft.com/WindowsServer/en/library/29fb059e-544c-45 77-bf7c-ba4b08df48431033.mspx?mfr=true). Any thoughts on this? TonyList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: wikis
What's funny is that actual encyclopedias have almost the same level of accuracy as Wikipedia on any particular subject. Part of that is the fact that they're always 1-3+ years out of date when they are published and the other part is that many 'facts' are actually just theories and there are commonly conflicting theories or theories that have been around for 10+ years are assumed correct because the research that proved it wrong hadn't been made widely available to those who were part of the writing of the encyclopedia (or they don't trust the new evidence). Either way, you should try and find multiple sources of information for any subject that you're not familiar with.On 10/5/06, Ramon Linan [EMAIL PROTECTED] wrote:Right, and remember there is not absolute truth!! :) -Original Message-From: [EMAIL PROTECTED][mailto:[EMAIL PROTECTED] ] On Behalf Of Greg NimsSent: Thursday, October 05, 2006 11:49 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter??Anyone can edit, which is why they are generally correct.When 100,000 people view a record, and 2 people want to change it to be incorrect,999,998 will want to correct it.I wouldn't use a wiki as a great historical or technical source.Butfor encyclopedia entries, which give a good summation of a subject, they are great.List info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspxList info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Who keeps creating this folder files?!
Set some auditing on the folder that this is happening in and watch the security log for the relevant audits Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Thursday, October 05, 2006 12:57 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
RE: [ActiveDir] OT: wikis
999,998 + 2 = 1,000,000, not 100,000. ;-) good thing there are 998 on the list to correct me. :) List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Who keeps creating this folder files?!
Drop filemon on the box with a filter for mp3 and just let it stay running in a disconnected ts window would probably be one method. Kurt Falde From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Thursday, October 05, 2006 12:57 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
Re: [ActiveDir] Who keeps creating this folder files?!
Audit the folder. J B wrote: Argh! On one of our file servers, there is a "public" directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
RE: [ActiveDir] Who keeps creating this folder files?!
Try this http://www.watchdirectory.net/wdhelp/plugins/wdopAuditInfo.html From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Thursday, October 05, 2006 12:57 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
RE: [ActiveDir] Who keeps creating this folder files?!
Won't the ownership show up under the Security tab? From: [EMAIL PROTECTED] on behalf of J B Sent: Thu 10/5/2006 9:57 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know... winmail.dat
Re: [ActiveDir] what is the meaning of OT in front of the subject
I like to introduce debate ;-) whilst also highlighting the correct usage of i.e. and e.g. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Grillenmeier, Guido [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 13:03:23 To:ActiveDir@mail.activedir.org ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject While this thread is OT, I'd actually consider your example to be right on-topic ;-) /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris Sent: Thursday, October 05, 2006 4:28 PM To: ActiveDir.org Subject: Re: [ActiveDir] what is the meaning of OT in front of the subject Off Topic i.e. the people on the list might know the answer but it's nothing to do with Active Directory. e.g. What are the recommended Anti-Virus exclusions for a Domain Controller? Mark Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Ramon Linan [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 09:39:38 To:ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] what is the meaning of OT in front of the subject Some of the subjects have that OT preceding the subject, what's that? Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] OT: wikis
You mean Jet Blue doesn't have TV on their flights??? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley Sent: Thursday, October 05, 2006 10:12 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: wikis Except when 99% of the common wisdom about something is wrong, like in the case of ESE / JET Blue ... ;-) Cheers, -BrettSh On Thu, 5 Oct 2006, Greg Nims wrote: It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] OT: LDAP and AD? Learn more from Gil Kirkpatrick - plus three bonus tracks!
http://list.windowsitpro.com/t?ctl=3B222:40CB7 Calling all Linux Gurus; UNIX Ninjas; Windows Masters and rubber chicken lovers Just got this in my SPAM inbox. Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: wikis
Sure, but is that because the common wisdom is wrong or is it because there is not a definitive source of truthful information (such as decent documentation?) Could it be that a wiki is as good as it gets? Or could there be blog entries that would give better information? Or perhaps accurate documentation on some vendor website waiting to be read and understood? Philosophical questions such as these can keep you up late at night you know. (-;On 10/5/06, Brett Shirley [EMAIL PROTECTED] wrote:Except when 99% of the common wisdom about something is wrong, like in the case of ESE / JET Blue ... ;-)Cheers,-BrettShOn Thu, 5 Oct 2006, Greg Nims wrote: It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct.When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source.But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspxList info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: wikis
I thought it was 9A:DOn 10/5/06, Laura A. Robinson [EMAIL PROTECTED] wrote: 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source.But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspxList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] OT: wikis
Well here it is Correct away. :) http://en.wikipedia.org/wiki/Extensible_Storage_Engine -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley Sent: Thursday, October 05, 2006 1:12 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: wikis Except when 99% of the common wisdom about something is wrong, like in the case of ESE / JET Blue ... ;-) Cheers, -BrettSh On Thu, 5 Oct 2006, Greg Nims wrote: It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Who keeps creating this folder files?!
1. Check the owner of the files 2. You may want to look at FSRMin Win2K3 R2; it allows you to restrict creation of files based on type, among other things. http://www.microsoft.com/windowsserver2003/R2/storage/default.mspx Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J BSent: Thursday, October 05, 2006 12:57 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a "public" directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
[ActiveDir] Discovering LDAPS availability
Other than directly testing the 636 port on each DC, can anyone suggest a method for an unprivledged client to discover whether or not LDAPS should be available on a specific DC? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] OT: wikis
OT As I said before there is not universal truth , that is only truth if you are using decimal system ;) 999,998 + 2 = 9b ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Single forest with two domain trees to split up.
Thanks for your reply. I understand what you say and I accept that migrating DomainB is the only correct way forward. After I have migrated DomainB to a new forest, I will collapse DomainB so that only DomainA is left standing and therefore leave my original forest in good shape. Thanks and Regards René -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Grillenmeier, Guido Sent: 05 October 2006 18:14 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Single forest with two domain trees to splut up. The DomainB that you want to split off still needs the root domain (DomainA) to work. So you can't just say screw DomainA and cut it off. You'll need at least 1 (2 for redundancy) DCs of DomainA to remain in the site you wish to split off. No problems to get rid of DomainB in the site that keeps DomainA. There are still multiple risks with this approach as you don't need direct connectivity for the folks in Site2 (DomainB) to do harm to your folks in Site1 (DomainA) - they still have the same Enterprise Admins and local Admins SID in the root domain and you can do a lot of things with a notebook that travels between these sites... So ideally (and really the only way to do it safely from a security standpoint) you're talking about a migration of your DomainB objects to a new forest. /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of knighTslayer Sent: Wednesday, October 04, 2006 11:10 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Single forest with two domain trees to splut up. Hello, This is my first post, so please forgive me if this question has already been asked... I have a mixed AD forest with two domain trees. Each domain tree is located at a different geographical site, and sites and services is configured to reflect this. DomainA has the namespace of 'logistics.ads' and DomainB has a namespace of 'finance.dom' The very first domain tree (DomainA) is a Windows 2000 domain and the second domain tree (DomainB) is a Windows 2003 domain. Finance.dom has been bought by a third party and I must split the forest in two and resolve any issues that arises from doing this. As logistics.ads was the first domain in the forest, it holds the Schema Master role and Domain naming master role. Exchange 2000 is installed at DomainA and Exchange 2003 is installed in DomainB. Administrative groups are used to reflect the geographical topology of my set-up. Each domain has its own SMTP namespace and SMTP routing will not be a problem as I can comfortably overcome this. The GAL being split and replaced with contacts is acceptable and I have no issues at this level. The WAN connection between the domains will be removed and the only means of communication between the two organisations will be through SMTP routing through the internet and nothing else. No other application between the domains are in use, besides Exchange. My current plan is to simply cut the link between the sites and seize the roles that are missing from the newly split domains - so in effect bringing up two forests. Issues with Exchange, ghosted servers in AD, and so on will be removed using ADSI edit and NTDSutil. My main question is this: is there better technique I should follow for splitting up a forest or am I on the right track? Thanks in advance René List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Who keeps creating this folder files?!
I forgot tomention that we run an "rsync" on this directory that overwrites the file owner's name with the user under which this process runs... - Original Message - From: J B To: ActiveDir@mail.activedir.org Sent: Thursday, October 05, 2006 9:57 AM Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a "public" directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
Re: [ActiveDir] Who keeps creating this folder files?
Turn on security auditing.On 10/5/06, J B [EMAIL PROTECTED] wrote: Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
RE: [ActiveDir] Who keeps creating this folder files?!
Install R2 and filter MP3s. ;) Thanks, Anthony Scott From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kurt Falde Sent: Thursday, October 05, 2006 2:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Who keeps creating this folder files?! Drop filemon on the box with a filter for mp3 and just let it stay running in a disconnected ts window would probably be one method. Kurt Falde From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Thursday, October 05, 2006 12:57 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
Re: [ActiveDir] Who keeps creating this folder files?!
I was hoping that there was some way to see who created it rather than wait until it happened again, or wait until someone accessed it... I'll have to settle for the auditing though. Thanks! - Original Message - From: Brian Desmond To: ActiveDir@mail.activedir.org Sent: Thursday, October 05, 2006 11:14 AM Subject: RE: [ActiveDir] Who keeps creating this folder files?! Set some auditing on the folder that this is happening in and watch the security log for the relevant audits Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J BSent: Thursday, October 05, 2006 12:57 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a "public" directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
Re: [ActiveDir] Not receiving email from this list
Mark Parris Base IT Ltd Active Directory Consultancy Tel +44(0)7801 690596 -Original Message- From: Tim Foster [EMAIL PROTECTED] Date: Thu, 5 Oct 2006 09:24:25 To:ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Not receiving email from this list I get some; but many are blank (sometimes blank from Brian Desmond, always from Mark Parris). On 10/5/06, Alex Alborzfard [EMAIL PROTECTED]: mailto:[EMAIL PROTECTED] wrote: I'm not getting emails from this list at my work email, starting last Thursday. Has anyone else experienced the same thing? Alex List info : http://www.activedir.org/List.aspx: http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx: http://www.activedir.org/ml/threads.aspx [EMAIL PROTECTED])
RE: [ActiveDir] MORE OT OT: wikis
only 10 types of people understand binary... one type does understand and the other type does not understand Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address From: [EMAIL PROTECTED] on behalf of joe Sent: Thu 2006-10-05 20:22 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis Careful, I recall a math professor in my differential equations class or maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2 and it wasn't a numberical base trick I didn't follow through it, I just closed my eyes and shook my head and thought forward to my communications class as the sights were easier on the eyes... I still wonder why I went into a field with such a high ratio of men to women... :) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. winmail.dat
RE: [ActiveDir] Who keeps creating this folder files?!
Try FileNotify freeware at http://www.xtware.com/ Mike Thommes From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kurt Falde Sent: Thursday, October 05, 2006 1:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Who keeps creating this folder files?! Drop filemon on the box with a filter for mp3 and just let it stay running in a disconnected ts window would probably be one method. Kurt Falde From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J B Sent: Thursday, October 05, 2006 12:57 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
Re: [ActiveDir] OT: wikis
OT still The next version of Sharepoint includes wikis and blogs .. how many are internalizing all this good AD/ESE/Jetblue stuff in your own internal orgs and wiki/blogging/podcasting this stuff internally? Al Mulnick wrote: Sure, but is that because the common wisdom is wrong or is it because there is not a definitive source of truthful information (such as decent documentation?) Could it be that a wiki is as good as it gets? Or could there be blog entries that would give better information? Or perhaps accurate documentation on some vendor website waiting to be read and understood? Philosophical questions such as these can keep you up late at night you know. (-; On 10/5/06, *Brett Shirley* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Except when 99% of the common wisdom about something is wrong, like in the case of ESE / JET Blue ... ;-) Cheers, -BrettSh On Thu, 5 Oct 2006, Greg Nims wrote: It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir]OT:OT: OT
Diffie-qs ptooey ptooey How come everybody's so loopy today, anyway? Laura -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, October 05, 2006 2:22 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis Careful, I recall a math professor in my differential equations class or maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2 and it wasn't a numberical base trick I didn't follow through it, I just closed my eyes and shook my head and thought forward to my communications class as the sights were easier on the eyes... I still wonder why I went into a field with such a high ratio of men to women... :) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] OT: wikis
From: http://www.jimloy.com/algebra/two.htm a = x[true for some a's and x's] a+a = a+x [add a to both sides] 2a = a+x [a+a = 2a] 2a-2x = a+x-2x [subtract 2x from both sides] 2(a-x) = a+x-2x [2a-2x = 2(a-x)] 2(a-x) = a-x [x-2x = -x] 2 = 1[divide both sides by a-x] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, October 05, 2006 1:22 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis Careful, I recall a math professor in my differential equations class or maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2 and it wasn't a numberical base trick I didn't follow through it, I just closed my eyes and shook my head and thought forward to my communications class as the sights were easier on the eyes... I still wonder why I went into a field with such a high ratio of men to women... :) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] Who keeps creating this folder files?!
Okay, then I'd recommend item #2 in my last response- rather than spending a bunch of time trying to figure out who's doing it (which could be multiple people), why not just prevent it in the first place? :-) Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J BSent: Thursday, October 05, 2006 4:13 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Who keeps creating this folder files?! I forgot tomention that we run an "rsync" on this directory that overwrites the file owner's name with the user under which this process runs... - Original Message - From: J B To: ActiveDir@mail.activedir.org Sent: Thursday, October 05, 2006 9:57 AM Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a "public" directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
[ActiveDir] OT: recent MS updates changed Exchange SMTP servers?
We use Exchange 2003 running on Win2k3 server Standard Edition strictly for distribution groups where all user objects have external SMTP addresses - no Exchange mailboxes, etc. We have a simple single forest, single site AD Win2k R2 domain. A message addressed to one of our AD distribution groups ([EMAIL PROTECTED]) results in an out bound message with multiple RCPT TO entries. With very few exceptions, the external email addresses are for the main campus domain ([EMAIL PROTECTED]). This worked well since implementation in February 2006. Lately, there have been considerable delays in the UIUC campus domain servers accepting these messages in a timely manner. There have been no intentional changes to our Exchange server other than the application of patch Tuesday updates and, after becoming aware of these delays, changing the SMTP connection timeout from the default 10 minutes, to 30, then to 45 and now to 120 minutes. Do any of you Exchange gurus know of any recent MS updates that would have changed anything regarding outbound connections with the Exchange SMTP server? I suspect the problem is not on our end but don't want to start pointing fingers without some assurance that nothing has changed here. TIA, -mjm -- Michael J. Miller Computing Services College of Veterinary Medicine University of Illinois at Urbana-Champaign List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Not receiving email from this list
Sorry, Mark - but that was blank! On 10/5/06, Mark Parris [EMAIL PROTECTED] wrote:
RE: [ActiveDir] Who keeps creating this folder files?!
Okay, this is now my third time recommending FSRM in response to this query; are my replies not getting through to the list? *Seriously*, just address the issueby using FSRM and not allowing .mp3 files to be saved on the server in the first place. If anybody complains, you'll have your culprit, to boot. :-) If the link is needed again, please let me know. Laura From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J BSent: Thursday, October 05, 2006 4:58 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Who keeps creating this folder files?! I was hoping that there was some way to see who created it rather than wait until it happened again, or wait until someone accessed it... I'll have to settle for the auditing though. Thanks! - Original Message - From: Brian Desmond To: ActiveDir@mail.activedir.org Sent: Thursday, October 05, 2006 11:14 AM Subject: RE: [ActiveDir] Who keeps creating this folder files?! Set some auditing on the folder that this is happening in and watch the security log for the relevant audits Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of J BSent: Thursday, October 05, 2006 12:57 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a "public" directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
Re: [ActiveDir] Discovering LDAPS availability
There isn't really a way to do it without attempting to connect. Also, remember that SSL has to be negotiated between the client and server. The server may be perfectly capable of doing SSL, but if the client doesn't trust the server's certificate or attempts to contact the server with a name that does not match the name of the server in the certificate, the client may choose to reject the attempt to connect via SSL, whereas another client might not have the same objections. You have to try it. Also, the DC doesn't publish anything that you can query, say via RootDSE, to state whether it supports LDAPS or not (at least nothing that I've every heard of...). Joe K. - Original Message - From: David Loder [EMAIL PROTECTED] To: ActiveDir@mail.activedir.org Sent: Thursday, October 05, 2006 2:56 PM Subject: [ActiveDir] Discovering LDAPS availability Other than directly testing the 636 port on each DC, can anyone suggest a method for an unprivledged client to discover whether or not LDAPS should be available on a specific DC? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: wikis
Which do you want to know about - the internalizing it or sharing it? And of course, since we don't have it (as noted earlier by Mr Shirley (aka former garage door operator of building 7), anything internalized is suspect anyway right? A perfectionist would say that the information should be purged, although I shudder at the thought of what that would mean if it's in my head :) I have no problem sharing that type of information with anyone that would listen and could stay awake long enough to get into the second sentence. Others can go read about it. On 10/5/06, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [EMAIL PROTECTED] wrote: OT stillThe next version of Sharepoint includes wikis and blogs.. how many are internalizing all this good AD/ESE/Jetblue stuff in your own internal orgs and wiki/blogging/podcasting this stuff internally?Al Mulnick wrote: Sure, but is that because the common wisdom is wrong or is it because there is not a definitive source of truthful information (such as decent documentation?) Could it be that a wiki is as good as it gets? Or could there be blog entries that would give better information?Or perhaps accurate documentation on some vendor website waiting to be read and understood? Philosophical questions such as these can keep you up late at night you know. (-; On 10/5/06, *Brett Shirley* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Except when 99% of the common wisdom about something is wrong, like in the case of ESE / JET Blue ... ;-) Cheers, -BrettSh On Thu, 5 Oct 2006, Greg Nims wrote:It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct.When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source.But for encyclopedia entries, which give a good summation of a subject, they are great.List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx--Letting your vendors set your risk analysis these days? http://www.threatcode.comIf you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down...http://blogs.technet.com/sbsList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Major screwup on AD for my company - Can't install AD on remote server now
My first instinct is to say please step away from the keyboard but that's just to make me chuckle. :) It looks like the old server, FTP1 was configured as a time server? Or was it an AD domain controller? The answer to that guides the rest of the conversation, but the best thing to do regardless is to flatten the Sweden server. Rebuild it completely with a new name and everything. Because you're not sure of the state, be sure to get a backup should you need it. If everything else is fine, then you'll want to rebuild that server, rejoin it to the appropriate domain and let it settle. Before you continue, you'll want to ensure that everything else is in good shape including dns, replication and authentication at a minimum. DNS would be my primary concern at this point. Don't mess with the forest, domain or any of the other pieces if you can help it. Upgrading the forest functional level or the domain functional level is not something you want to just walk out and pull the trigger on without understanding what it means and what the implications are. Al On 10/5/06, Steve Egan (Temp) [EMAIL PROTECTED] wrote: I'm the System/Network Engineer for Purcell Systems, and I'm afraid I'vescrewed the pooch on my network. Here's how: Shut down an antiquated FTP server after transferring files to the newFTP server.The old one's OS was Win2K, the new one is Win2003.I *did not* do anything to AD at the time this occurred. A day before I started working here (8/8/06) the server in Sweden wasrebuilt by a local consultant.Hardware failure.He rebuilt from baremetal, and set up the DNS and AD incorrectly.The end result was a server sitting in its own domain.DNS was somehow told to replicate tothe server, and was working fine.I next tried to put/rename/move the Sweden server into the Purcell.com domain.Oops, have to upgrade out of Win2000 mixed mode.No problem,I'll just transfer the AD, DNS, and PDC to a master machine runningWin2003 and have lotsa machines (okay, one or two) running as PDCs and alternate DNS and AD, right?Here's where the pooch got this way - I'm a n00b when it comes to AD,and somehow in the transfer of functions I've messed up the domainsomething fierce.AD and DNS work just fine (replicate) on the USA and Poland servers, but I tried upgrading the Sweden server to the forestand things got cranky - it wouldn't upgrade because it swore up and downthat the domain was still in pre-Win2003 mode.In frustration, I tore down DNS and AD on the Sweden server, and rebuilt them - not an easytask by remote control...The DNS rebuilt just peachy on the Sweden server, but when I go toinstall AD on it, it tells me that the domain ain't ready for prime time - I have to run adprep on the domain.I ran adprep the first time, andeverything appeared to work just fine.Subsequent attempts are rebuffed- I've already prepared the domain, it tells me.The Sweden server just refuses to accept that the AD in the domain is Win2003 mode.I'vechecked - it's mode 2 on all the AD machines.The necessary containersfor a Win2003 AD have been built!SOMEthing is preventing the ADPREP from executing properly.Here's a partial log entry from the Swedenserver (adprep.log?):10/05 01:34:26 [INFO] Searching for a domain controller for the domain PURCELLSYSTEMS.COM that contains the account PURCELLABSWE$10/05 01:34:27[INFO] Located domain controller FTP1.PURCELLSYSTEMS.COM for domainPURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Using site PURCELLSYSTEMS forserver \\FTP1.PURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Forcing time sync10/05 01:34:27 [INFO] Forcing a time synch with\\FTP1.PURCELLSYSTEMS.COM10/05 01:34:29 [ERROR] Failed to get the current time on \\FTP1.PURCELLSYSTEMS.COM: 510/05 01:34:29 [ERROR] NON-FATAL error forcing a time sync (5).Ignoring10/05 01:34:32 [INFO] Stopping service NETLOGON10/05 01:34:32 [INFO]Stopping service NETLOGON10/05 01:35:32 [INFO] Configuring service NETLOGON to 1 returned 010/05 01:35:32 [INFO] Stopped NETLOGON10/05 01:35:32 [INFO] Deleting current sysvol path C:\WINDOWS\SYSVOL10/05 01:35:36 [INFO] Created system volume path10/05 01:35:36 [INFO] Copying initial Directory Service database file C:\WINDOWS\system32\ntds.dit to C:\WINDOWS\NTDS\ntds.dit10/05 01:35:36[INFO] Installing the Directory Service10/05 01:35:36 [INFO] CallingNtdsInstall for PURCELLSYSTEMS.COM 10/05 01:35:36 [INFO] Starting Active Directory installation10/05 01:35:36 [INFO] Validating user supplied options10/05 01:35:36 [INFO] Determining a site in which to install10/05 01:35:36 [INFO] Examining an existing Active Directory forest 10/05 01:35:40 [INFO] Error - The Active Directory Installation Wizardcannot continue because the forest is not prepared for installingWindows Server 2003. Use the Adprep command-line tool to prepare boththe forest and the domain. For more information about using the Adprep, see Active Directory Help. (8467)10/05 01:35:40 [INFO] NtdsInstall for
RE: [ActiveDir] Major screwup on AD for my company - Can't install AD on remote server now
are you by any chance trying to promote a R2 DC? If yes, use ADPREP from the SECOND CD from the R2 distribution set Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address From: [EMAIL PROTECTED] on behalf of Steve Egan (Temp) Sent: Thu 2006-10-05 22:25 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Major screwup on AD for my company - Can't install AD on remote server now I'm the System/Network Engineer for Purcell Systems, and I'm afraid I've screwed the pooch on my network. Here's how: Shut down an antiquated FTP server after transferring files to the new FTP server. The old one's OS was Win2K, the new one is Win2003. I *did not* do anything to AD at the time this occurred. A day before I started working here (8/8/06) the server in Sweden was rebuilt by a local consultant. Hardware failure. He rebuilt from bare metal, and set up the DNS and AD incorrectly. The end result was a server sitting in its own domain. DNS was somehow told to replicate to the server, and was working fine. I next tried to put/rename/move the Sweden server into the Purcell.com domain. Oops, have to upgrade out of Win2000 mixed mode. No problem, I'll just transfer the AD, DNS, and PDC to a master machine running Win2003 and have lotsa machines (okay, one or two) running as PDCs and alternate DNS and AD, right? Here's where the pooch got this way - I'm a n00b when it comes to AD, and somehow in the transfer of functions I've messed up the domain something fierce. AD and DNS work just fine (replicate) on the USA and Poland servers, but I tried upgrading the Sweden server to the forest and things got cranky - it wouldn't upgrade because it swore up and down that the domain was still in pre-Win2003 mode. In frustration, I tore down DNS and AD on the Sweden server, and rebuilt them - not an easy task by remote control... The DNS rebuilt just peachy on the Sweden server, but when I go to install AD on it, it tells me that the domain ain't ready for prime time - I have to run adprep on the domain. I ran adprep the first time, and everything appeared to work just fine. Subsequent attempts are rebuffed - I've already prepared the domain, it tells me. The Sweden server just refuses to accept that the AD in the domain is Win2003 mode. I've checked - it's mode 2 on all the AD machines. The necessary containers for a Win2003 AD have been built! SOMEthing is preventing the ADPREP from executing properly. Here's a partial log entry from the Sweden server (adprep.log?): 10/05 01:34:26 [INFO] Searching for a domain controller for the domain PURCELLSYSTEMS.COM that contains the account PURCELLABSWE$10/05 01:34:27 [INFO] Located domain controller FTP1.PURCELLSYSTEMS.COM for domain PURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Using site PURCELLSYSTEMS for server \\FTP1.PURCELLSYSTEMS.COM10/05 01:34:27 [INFO] Forcing time sync 10/05 01:34:27 [INFO] Forcing a time synch with \\FTP1.PURCELLSYSTEMS.COM10/05 01:34:29 [ERROR] Failed to get the current time on \\FTP1.PURCELLSYSTEMS.COM: 5 10/05 01:34:29 [ERROR] NON-FATAL error forcing a time sync (5). Ignoring 10/05 01:34:32 [INFO] Stopping service NETLOGON10/05 01:34:32 [INFO] Stopping service NETLOGON10/05 01:35:32 [INFO] Configuring service NETLOGON to 1 returned 0 10/05 01:35:32 [INFO] Stopped NETLOGON 10/05 01:35:32 [INFO] Deleting current sysvol path C:\WINDOWS\SYSVOL 10/05 01:35:36 [INFO] Created system volume path 10/05 01:35:36 [INFO] Copying initial Directory Service database file C:\WINDOWS\system32\ntds.dit to C:\WINDOWS\NTDS\ntds.dit10/05 01:35:36 [INFO] Installing the Directory Service10/05 01:35:36 [INFO] Calling NtdsInstall for PURCELLSYSTEMS.COM 10/05 01:35:36 [INFO] Starting Active Directory installation 10/05 01:35:36 [INFO] Validating user supplied options 10/05 01:35:36 [INFO] Determining a site in which to install 10/05 01:35:36 [INFO] Examining an existing Active Directory forest 10/05 01:35:40 [INFO] Error - The Active Directory Installation Wizard cannot continue because the forest is not prepared for installing Windows Server 2003. Use the Adprep command-line tool to prepare both the forest and the domain. For more information about using the Adprep, see Active Directory Help. (8467) 10/05 01:35:40 [INFO] NtdsInstall for PURCELLSYSTEMS.COM returned 8467 10/05 01:35:40 [INFO] DsRolepInstallDs returned 8467 10/05 01:35:40 [ERROR] Failed to install to Directory Service (8467) 10/05 01:35:49 [INFO] Starting service NETLOGON10/05 01:35:49 [INFO] Configuring service NETLOGON to 2 returned 0 10/05 01:35:49 [INFO] The attempted domain controller operation has completed10/05 01:35:49 [INFO] DsRolepSetOperationDone returned 0
RE: [ActiveDir] MORE OT OT: wikis
There are two types of people in the world- those who understand binary and those who don't. That's what the t-shirt I got for my birthday says, anyway. :-) Laura _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Thursday, October 05, 2006 5:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] MORE OT OT: wikis only 10 types of people understand binary... one type does understand and the other type does not understand Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address _ From: [EMAIL PROTECTED] on behalf of joe Sent: Thu 2006-10-05 20:22 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis Careful, I recall a math professor in my differential equations class or maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2 and it wasn't a numberical base trick I didn't follow through it, I just closed my eyes and shook my head and thought forward to my communications class as the sights were easier on the eyes... I still wonder why I went into a field with such a high ratio of men to women... :) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. attachment: winmail.dat
RE: [ActiveDir] MORE OT OT: wikis
AAARGH! TEN types! TEN! I need a nap. _ From: Laura A. Robinson [mailto:[EMAIL PROTECTED] Sent: Thursday, October 05, 2006 8:34 PM To: 'ActiveDir@mail.activedir.org' Subject: RE: [ActiveDir] MORE OT OT: wikis There are two types of people in the world- those who understand binary and those who don't. That's what the t-shirt I got for my birthday says, anyway. :-) Laura _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Thursday, October 05, 2006 5:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] MORE OT OT: wikis only 10 types of people understand binary... one type does understand and the other type does not understand Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address _ From: [EMAIL PROTECTED] on behalf of joe Sent: Thu 2006-10-05 20:22 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis Careful, I recall a math professor in my differential equations class or maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2 and it wasn't a numberical base trick I didn't follow through it, I just closed my eyes and shook my head and thought forward to my communications class as the sights were easier on the eyes... I still wonder why I went into a field with such a high ratio of men to women... :) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. attachment: winmail.dat
RE: [ActiveDir] MORE OT OT: wikis
TRIPLE AAARGH!!! 10! 10! I give up; I'm dain bramaged today. _ From: Laura A. Robinson [mailto:[EMAIL PROTECTED] Sent: Thursday, October 05, 2006 8:34 PM To: 'ActiveDir@mail.activedir.org' Subject: RE: [ActiveDir] MORE OT OT: wikis There are two types of people in the world- those who understand binary and those who don't. That's what the t-shirt I got for my birthday says, anyway. :-) Laura _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Thursday, October 05, 2006 5:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] MORE OT OT: wikis only 10 types of people understand binary... one type does understand and the other type does not understand Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address _ From: [EMAIL PROTECTED] on behalf of joe Sent: Thu 2006-10-05 20:22 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis Careful, I recall a math professor in my differential equations class or maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2 and it wasn't a numberical base trick I didn't follow through it, I just closed my eyes and shook my head and thought forward to my communications class as the sights were easier on the eyes... I still wonder why I went into a field with such a high ratio of men to women... :) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. attachment: winmail.dat
RE: [ActiveDir] Discovering LDAPS availability
LDAPS records aren't published by DCs, only LDAP records. I can assure you if it were that easy, David wouldn't have had an issue. From what I have seen, if a secure LDAP connection is required, the internal routines from MSFT simply locate a DC and go to the port. If LDAPS isn't hot, the connection is dropped with server down error. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, October 05, 2006 6:28 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Discovering LDAPS availability Couldn't you just query the DNS for the SRV record advertising it... Matt Duguid Systems Engineer for Identity Services Department of Internal Affairs Phone: +64 4 4748028 (wellington) Mobile: +64 21 1713290 Fax: +64 4 4748894 Address: Level 4, 47 Boulcott Street, Wellington CBD E-mail: [EMAIL PROTECTED] Web: http://www.dia.govt.nz/ |-+-- | | | | | | | | | | | David Loder| | | [EMAIL PROTECTED] | | | Sent by: | | | [EMAIL PROTECTED]| | | tivedir.org| | | | | | | | | 06/10/2006 08:56 a.m. | | | Please respond to | | | ActiveDir | | | | |-+-- --- ---| | | |To: ActiveDir@mail.activedir.org | |cc: | |Subject: [ActiveDir] Discovering LDAPS availability | --- ---| Other than directly testing the 636 port on each DC, can anyone suggest a method for an unprivledged client to discover whether or not LDAPS should be available on a specific DC? __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: recent MS updates changed Exchange SMTP servers?
You Had Me At EHLO... : New Exchange fixes may disrupt Blackberry, Goodlink and other services: http://msexchangeteam.com/archive/2006/04/28/426707.aspx Users cannot send e-mail messages from a mobile device or from a shared mailbox in Exchange 2000 Server and in Exchange Server 2003: http://support.microsoft.com/kb/912918 I think June was when these changes impacted the security patches? Michael Miller wrote: We use Exchange 2003 running on Win2k3 server Standard Edition strictly for distribution groups where all user objects have external SMTP addresses - no Exchange mailboxes, etc. We have a simple single forest, single site AD Win2k R2 domain. A message addressed to one of our AD distribution groups ([EMAIL PROTECTED]) results in an out bound message with multiple RCPT TO entries. With very few exceptions, the external email addresses are for the main campus domain ([EMAIL PROTECTED]). This worked well since implementation in February 2006. Lately, there have been considerable delays in the UIUC campus domain servers accepting these messages in a timely manner. There have been no intentional changes to our Exchange server other than the application of patch Tuesday updates and, after becoming aware of these delays, changing the SMTP connection timeout from the default 10 minutes, to 30, then to 45 and now to 120 minutes. Do any of you Exchange gurus know of any recent MS updates that would have changed anything regarding outbound connections with the Exchange SMTP server? I suspect the problem is not on our end but don't want to start pointing fingers without some assurance that nothing has changed here. TIA, -mjm -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Who keeps creating this folder files?
Magic 8 ball?Security event logs are great things, learning how to search them for the right data can be invaluable and increase the security at your company drastically. It will mean that instead of saying Who did this?, you will know who did it. Instead of going When did that happen?, you'll know when it happened. Unfortunately, you end up having to almost export your event logs to another location to make them searchable on active systems. The only bad part is that, once you get the data, you find yourself sitting there going Oh, that script did it... or worse - I did it?! or something similar. 95% of the time something where you're going Oh yeah, I'm gonna get them this time, you realize that there isn't anyone to get. After a little while you'll stop expecting to 'get them' this time and go OK, what do I need to fix this time and kinda dread the idea of it being someone doing something wrong and hope it's just something that you can fix in 10 minutes because it someone did something wrong, then you have to spend 2-4 hours in meetings discussing why they did it, how they did it, how to avoid it happening again, etc On 10/5/06, J B [EMAIL PROTECTED] wrote: I was hoping that there was some way to see who created it rather than wait until it happened again, or wait until someone accessed it... I'll have to settle for the auditing though. Thanks! - Original Message - From: Brian Desmond To: ActiveDir@mail.activedir.org Sent: Thursday, October 05, 2006 11:14 AM Subject: RE: [ActiveDir] Who keeps creating this folder files?! Set some auditing on the folder that this is happening in and watch the security log for the relevant audits… Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of J BSent: Thursday, October 05, 2006 12:57 PMTo: ActiveDir@mail.activedir.org Subject: [ActiveDir] Who keeps creating this folder files?! Argh! On one of our file servers, there is a public directory that allows any authenticated user to do anything within it (minus changing permissions). MP3 files and folders appear there every so often and are removed soon thereafter. Is there some way for me to tell who has created these folders and MP3 files? Every time I check, no one is currently accessing the files - which would be an easy way for me to know...
RE: [ActiveDir] MORE OT OT: wikis
There are three types of mathematicians, those who can count, and those who can't. On Thu, 5 Oct 2006, Laura A. Robinson wrote: TRIPLE AAARGH!!! 10! 10! I give up; I'm dain bramaged today. _ From: Laura A. Robinson [mailto:[EMAIL PROTECTED] Sent: Thursday, October 05, 2006 8:34 PM To: 'ActiveDir@mail.activedir.org' Subject: RE: [ActiveDir] MORE OT OT: wikis There are two types of people in the world- those who understand binary and those who don't. That's what the t-shirt I got for my birthday says, anyway. :-) Laura _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto, Jorge de Sent: Thursday, October 05, 2006 5:03 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] MORE OT OT: wikis only 10 types of people understand binary... one type does understand and the other type does not understand Met vriendelijke groeten / Kind regards, Ing. Jorge de Almeida Pinto Senior Infrastructure Consultant MVP Windows Server - Directory Services LogicaCMG Nederland B.V. (BU RTINC Eindhoven) ( Tel : +31-(0)40-29.57.777 ( Mobile : +31-(0)6-26.26.62.80 * E-mail : see sender address _ From: [EMAIL PROTECTED] on behalf of joe Sent: Thu 2006-10-05 20:22 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis Careful, I recall a math professor in my differential equations class or maybe it was higher throwing a proof up on the board showing that 1 + 1 != 2 and it wasn't a numberical base trick I didn't follow through it, I just closed my eyes and shook my head and thought forward to my communications class as the sights were easier on the eyes... I still wonder why I went into a field with such a high ratio of men to women... :) -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Laura A. Robinson Sent: Thursday, October 05, 2006 12:55 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: wikis 999,998 + 2 = 1,000,000, not 100,000. ;-) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Greg Nims Sent: Thursday, October 05, 2006 11:49 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: wikis It's funny how we quote wikis as definitive sources of information, when they can be edited by anyone and everyone :) Who vets the edits and how much does that person know about the subject matter?? Anyone can edit, which is why they are generally correct. When 100,000 people view a record, and 2 people want to change it to be incorrect, 999,998 will want to correct it. I wouldn't use a wiki as a great historical or technical source. But for encyclopedia entries, which give a good summation of a subject, they are great. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] [OT] Exchange 2007 Schema
Oh crap! Brian Puhl, you reading? Tony says E2k7 is a beta product, I hope you didn't load that schema on our main forest? Too late to get it backed out (via forest restore)? Thanks for the heads up Tony, BrettSh [msft] P.S. - Does anyone think I'm as funny as I think I am ... probably not ... On Thu, 5 Oct 2006, Tony Murray wrote: Hi all There are apparently schema changes post Beta 2 - just in case anyone was considering pre-loading the schema changes into production [1]. I don't have any further details on what the changes are. Tony [1] Which of course you wouldn't contemplate with a Beta product :-) Sent via the WebMail system at mail.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: Volume licensing activation
I can completely understand Microsoft's point, don't get me wrong.I guess it just kinda gets my goat that they're so tired of people using VLE keys as the new favorite of license violators that they're going to put the onus on the business owners to pay for a new server just to manage Microsoft's licenses. Also, Vista is one thing, but Longhorn? Do they really have that many server instances running with VLE keys that it justifies a company having to pay for 1-10 licensing servers (remember, not everyone is 100% in a single global region) to keep not only my workstations up and running, but the servers too? I just kinda feel like if they're going to go this far, they should provide me with a license appliance to handle every x number of stations. Enough people are paying for software assurance where it seems like it would be a good business move to keep people happy, a little good with the bad I guess. The scary part that I'm wondering about is what they're going to do with the retail/OEM versions of the software. There are enough people out there who will buy a computer but not have an internet connection (yes, I know it's not a *huge* number, the internet is half the reason a lot of people get computers), what are they going to have to do, call MS every 180 days to 'reactivate' their computer? Talk about a pain. My father would just end up giving his computer away if it came to that. Granted, he's 60 and doesn't know a tenth what most people under the age of 30 know about computers, but those are the people who need everything more convenient and less of a hassle. On 10/4/06, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [EMAIL PROTECTED] wrote: Microsoft's Software Protection Platform: Protecting Software andCustomers from Counterfeiters: The company announces innovativetechnology in Windows Vista and Windows Server "Longhorn" to reduce therisk of piracy and software tampering while improving software licensing.: http://www.microsoft.com/presspass/features/2006/oct06/10-04SoftwareProtection.mspxWindows Genuine Advantage : New technology to protect Windows Vista and other products:http://blogs.msdn.com/wga/archive/2006/10/04/New-technology-to-protect-Windows-Vista-and-other-products.aspx Whitepaperhttp://download.microsoft.com/download/c/2/9/c2935f83-1a10-4e4a-a137-c1db829637f5/10-03-06SoftwareProtectionWP.doc As long as it works and works well, and when it's updated it getsdisclosed so that tinfoil folks won't be shutting off auto updatesbecause that's what's happening now.Brian Desmond wrote: *I read through the docs on this vl activation and it's not as bad as it sounds. They're really just trying to protect the keys.* * * *Thanks,* *Brian Desmond* [EMAIL PROTECTED] * * *c - 312.731.3132* * * *From:* [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] *On Behalf Of *Matt Hargraves *Sent:* Tuesday, October 03, 2006 1:34 PM *To:* ActiveDir@mail.activedir.org *Subject:* Re: [ActiveDir] OT: Volume licensing activation Yeah... MS is going to get really high levels of adoption on this product... Gotta wonder what in the heck they're thinking sometimes. On 10/2/06, *Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: http://blogs.zdnet.com/microsoft/?p=26 Mary Jo Foley reports that the next version of Vista will have Volume licensing activation. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx http://www.activedir.org/ml/threads.aspx --Letting your vendors set your risk analysis these days?http://www.threatcode.comIf you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbsList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.activedir.org/ml/threads.aspx
RE: [ActiveDir] [OT] Exchange 2007 Schema
No Way! Nobody told us E2k7 is beta! When did that happen? Well, we're supposed to do a forest recovery periodically to exercise the doc's anyways (usually in a lab) - We can just roll back CORP this weekend... We should see how long it's going to take to move the ~20K mailboxes back to Ti first though... Thanks for the heads up!!! Thanks! Brian Puhl [msft] P.S. - Your as funny as you think you are - anyone else is just jealous -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brett Shirley Sent: Thursday, October 05, 2006 8:58 PM To: ActiveDir@mail.activedir.org Cc: [EMAIL PROTECTED] Subject: Re: [ActiveDir] [OT] Exchange 2007 Schema Oh crap! Brian Puhl, you reading? Tony says E2k7 is a beta product, I hope you didn't load that schema on our main forest? Too late to get it backed out (via forest restore)? Thanks for the heads up Tony, BrettSh [msft] P.S. - Does anyone think I'm as funny as I think I am ... probably not ... On Thu, 5 Oct 2006, Tony Murray wrote: Hi all There are apparently schema changes post Beta 2 - just in case anyone was considering pre-loading the schema changes into production [1]. I don't have any further details on what the changes are. Tony [1] Which of course you wouldn't contemplate with a Beta product :-) Sent via the WebMail system at mail.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] OT: Volume licensing activation
OEMs pre-activate. (off topic) Matt Hargraves wrote: I can completely understand Microsoft's point, don't get me wrong. I guess it just kinda gets my goat that they're so tired of people using VLE keys as the new favorite of license violators that they're going to put the onus on the business owners to pay for a new server just to manage Microsoft's licenses. Also, Vista is one thing, but Longhorn? Do they really have that many server instances running with VLE keys that it justifies a company having to pay for 1-10 licensing servers (remember, not everyone is 100% in a single global region) to keep not only my workstations up and running, but the servers too? I just kinda feel like if they're going to go this far, they should provide me with a license appliance to handle every x number of stations. Enough people are paying for software assurance where it seems like it would be a good business move to keep people happy, a little good with the bad I guess. The scary part that I'm wondering about is what they're going to do with the retail/OEM versions of the software. There are enough people out there who will buy a computer but not have an internet connection (yes, I know it's not a *huge* number, the internet is half the reason a lot of people get computers), what are they going to have to do, call MS every 180 days to 'reactivate' their computer? Talk about a pain. My father would just end up giving his computer away if it came to that. Granted, he's 60 and doesn't know a tenth what most people under the age of 30 know about computers, but those are the people who need everything more convenient and less of a hassle. On 10/4/06, *Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: Microsoft's Software Protection Platform: Protecting Software and Customers from Counterfeiters: The company announces innovative technology in Windows Vista and Windows Server Longhorn to reduce the risk of piracy and software tampering while improving software licensing.: http://www.microsoft.com/presspass/features/2006/oct06/10-04SoftwareProtection.mspx Windows Genuine Advantage : New technology to protect Windows Vista and other products: http://blogs.msdn.com/wga/archive/2006/10/04/New-technology-to-protect-Windows-Vista-and-other-products.aspx http://blogs.msdn.com/wga/archive/2006/10/04/New-technology-to-protect-Windows-Vista-and-other-products.aspx Whitepaper http://download.microsoft.com/download/c/2/9/c2935f83-1a10-4e4a-a137-c1db829637f5/10-03-06SoftwareProtectionWP.doc http://download.microsoft.com/download/c/2/9/c2935f83-1a10-4e4a-a137-c1db829637f5/10-03-06SoftwareProtectionWP.doc As long as it works and works well, and when it's updated it gets disclosed so that tinfoil folks won't be shutting off auto updates because that's what's happening now. Brian Desmond wrote: *I read through the docs on this vl activation and it's not as bad as it sounds. They're really just trying to protect the keys.* * * *Thanks,* *Brian Desmond* [EMAIL PROTECTED] * * *c - 312.731.3132* * * *From:* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]] *On Behalf Of *Matt Hargraves *Sent:* Tuesday, October 03, 2006 1:34 PM *To:* ActiveDir@mail.activedir.org mailto:ActiveDir@mail.activedir.org *Subject:* Re: [ActiveDir] OT: Volume licensing activation Yeah... MS is going to get really high levels of adoption on this product... Gotta wonder what in the heck they're thinking sometimes. On 10/2/06, *Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote: http://blogs.zdnet.com/microsoft/?p=26 Mary Jo Foley reports that the next version of Vista will have Volume licensing activation. List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx http://www.activedir.org/ml/threads.aspx http://www.activedir.org/ml/threads.aspx -- Letting your vendors set your risk analysis these days? http://www.threatcode.com If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will hunt you down... http://blogs.technet.com/sbs List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx