(-;
From: deji Agba [mailto:[EMAIL PROTECTED]
Sent: Friday, May 07, 2004 12:50 AMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] Here's what the MVPs
mean by NDA
I've decided to break ranks
and reveal to the world EXACTLY what the MVPs are up to when they pay their
annual pilgrimage to
They are
OSX
mc
-Original Message-
From: Bruce Clingaman
[mailto:[EMAIL PROTECTED]
Sent: Thursday, May 06, 2004 5:39
PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Mac
clients passwords
Are the Mac clients OSX
or 9.earlier?
From: [EMAIL PROTECTED]
I am searching for an article that identifies the behavior that
of how authentication DCs are selected based on AD sites.
Here is why.
Our default site cost for all our sites in the hub and spoke
architecture is 10.
We had a situation where we have a BDC Domain H that
is in Mixed
If the DC locator process used the site link costs it would actually make things
easier, but it doesn't, it uses the DC's SRV record in DNS.
Depending on your subnet that you have defined in Sites Services, the DC's record
will be added into a site specific SRV record and also a domain wide
Try reading "Authentication Topology" by Gil Kirkpatrick. I am not sure if it's a member-only doc, butit's available athttp://www.winnetmag.com/Articles/Print.cfm?ArticleID=37935
Sincerely,Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP -Directory Services
www.readymaids.com - we know
Thanks All, for the responses.
Here is what I found, the algorithm is
what answered my question. Appears that the number of DCs was what
caused the site selection, then alphabetical order.
http://www.microsoft.com/windows2000/techinfo/reskit/en-us/default.asp?url="">
from
this
Title: Migration info needed
There's a migration document that may help here: http://www.microsoft.com/windowsserver2003/techinfo/overview/sfncd.mspx
For Exchange, you can see a description of the
problem that Steve is talking about with "resource mailboxes" and the tool to
prevent it
LOL! This is hilarious.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of deji
AgbaSent: Friday, May 07, 2004 12:50 AMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] Here's what the MVPs
mean by NDA
I've decided to break ranks
and reveal to the world EXACTLY what the MVPs are
In a hub/spoke situation, you can always tell the DCs in the 'spoke' sites to NOT
register domain-wide SRV records. That way, if a machine is unable to find a DC in
the site-wide SRV records for its site, and goes to the domain-wide list, it will find
only DCs in the 'hub' site, which is
Is anyone aware of a utility that can be used to
extract a message from the Exchange IS using the message ID as the search
criteria (which is visible from the Message
Tracking center)?
I am looking for
autility similar to Exmerge with the ability to extract a message from the
IS, but
Which version of OS X?
10.3 or above has an Active Directory client built in that can typically be configured to work with AD, if not there are options for using Kerberos for single sign on. Post back the specific version, and I can help you get it going whether it be 10.3 or back.
Brent.
p.s.
Hello:
I have an XP SP1 laptop that cant log on to the 2000
domain. The error is that your computer account was not found. I
can get on locally and as the domain user when not physically connected to the
network. The computer account exists in the DSA, and DNS records are correct on
the
Hi and thanks for the replies.
I can tracert to and from both servers. I can ping to and from both
servers.
I can Manage and Map drives to the DC or any other server from the
member (Altiris) server.
What I cannot do is Manage or Map a drive from the DC or any other
servers to the Altiris
Disjoining AND rejoining to the same domain should not have a negative impact
on the Profiles. But, you might want to try Netdom Reset from the client
first.
Sincerely,
Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you
Hi
Brent, theyre all 10.3.2. Thanks for your help on this
mc
-Original Message-
From: Brent Westmoreland
[mailto:[EMAIL PROTECTED]
Sent: Friday, May 07, 2004 12:58
PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Mac
clients passwords
Which version of OS X?
Hi again all -
I found my problem. The file/print sharing was disabled unknowingly.
Have a great weekend and for you MOMs out there...Happy Mothers Day!
Samantha
-Original Message-
From: Bridges, Samantha
Sent: Friday, May 07, 2004 1:29 PM
To: [EMAIL PROTECTED]
Subject: RE:
Does anyone have a ADM script or know how to set the From Event Logs from
allowing Guest access?
Directory Service Event Log
File Replication Event Log
DNS Event Logs
Thanks,
Todd
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List
retrieve the memberOf attribute of the users - if
multi-domain forest, use a GC to also catch UGs. If you want the complete
picture, you'll have to run the query against all domains to also catch local
group memberships.
/Guido
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
shudder
So, if I read this correctly, somebody wants to put
lipstick on a pig? My first question is why? My second question is
also why? Why would you ever want to have authentication handled inside
your firewall for web servers? Why would you want to put in a single point
of failure only
Do you know of a way to use a GPO (Possibly through and ADM addin) to enable
this setting?
-Original Message-
From: Fugleberg, David A [mailto:[EMAIL PROTECTED]
Sent: Friday, May 07, 2004 12:22 PM
To: [EMAIL PROTECTED]
Subject: RE: LIKELY ADV: RE: [ActiveDir] Need to confirm a behavior
The computer account name. I think you should the disjoin/rejoin thing.
Sincerely,
Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
Hi,
Arelated issue that we had arose in our
Training Lab. We image the Workstations then roll them back at the end of the
course. Works great for a month or so, then theworkstation changes its
password and then when you reimage it the domain rejects it. You have to
disconnect it from the
Any tips or tricks in trying to deploy Outlook 2003 via GPO?
The information contained in this communication may be confidential or legally
privileged and may contain confidential health information. This email is intended
only for the recipient named above. If the reader of this message is
Hi Al, good
rant J
I think I
can elaborate a bitWe cant use the separate forest idea that you
mention as a best practice, because its not a 2000 or above domain (the
one in the DMZ). In fact, my first question was why dont we upgrade it
first (as its own forest, of course).
The goal
Hi Todd,
Check out http://www.winguides.com/registry/display.php/351/
-Original Message-
From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED]
Sent: Friday, May 07, 2004 2:53 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] GPO's
Does anyone have a ADM script or know how to set the
If somebody were to own one of your NT4 machines (not that
tough, now is it?) then they now have access internal to your network.
Simple as that. It wouldn't be tough to see that it's a domain member of
an internal domain via the lmhosts file (which is even better information) and
then
Yep. That worked.
Thanks.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, May 07, 2004 1:22 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Offline Files When Disjoining
The computer account name. I think you should the disjoin/rejoin thing.
You mean like this warning?
Warning
If you disable machine account password changes, there are security risks
because the security channel is used for pass-through authentication. If someone
discovers a password, he or she can potentially perform pass-through
authentication to the domain
http://www.microsoft.com/office/ork/2003/two/ch5/DepC04.htm
Sincerely,
Dèjì Akómöláfé, MCSE MCSA MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
http://briandesmond.com/blog/archive/2003/10/25/233.aspx
Same procedure applies to individual apps.
--Brian
-Original Message-
From: Craig Gauss [mailto:[EMAIL PROTECTED]
Sent: Fri 5/7/2004 3:29 PM
To: [EMAIL PROTECTED]
Cc:
Subject:
Hi guys,
I need some help here.
We have a single forest with 2 domain trees.
One of the domain trees has includes domains. One parent domain and 2 child
domains.
All three domains have one DC. A few days ago, the DC from the parent
domain stopped working because of some h/w issues. So,
This is not pretty, but with some good lucks (and an existing good backup),
you can have success using the methods described here:
http://www.microsoft.com/technet/prodtechnol/windows2000serv/technologies/act
ivedirectory/support/adrecov.mspx#XSLTsection126121120120
Sincerely,
Dèjì Akómöláfé,
Does the server show any connections to the outside when you run
netstat
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Bridges,
Samantha
Sent: Thursday, May 06, 2004 6:06 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Member server not seeing DC
Hello
Use ADMT to migrate accounts to new forest since you don't have a backup of
that domain.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Jones
Sent: Friday, May 07, 2004 4:13 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir]
Hi guys,
I need
34 matches
Mail list logo