.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile
Publications: http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-
B489-F2F1214C811D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
-Original Message-
From: [EMAIL PROTECTED
Robocopy with the /B-Switch should work.
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Donnerstag, 25. Januar 2007 13:10
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: maintaining creation date when copying
directories?
What
Noah Eiger
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Wednesday, January 24, 2007 12:29 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [OT] Odd Folder under Forward Lookup Zone
Just 9:30 pm here, so not really late
.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: blocked::http://msmvps.org/UlfBSimonWeidner
http
Hi Stu,
I don't think there's a way to expose mulitvalued attributes with CSVDE -
you'd either have to use LDIFDE or VBScript or anything else to view all
values of those attributes.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http
.
Thanks for bringing this up so I had to look into it - I'll blog this since
it's a very interesting change.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http://mvp.support.microsoft.com
on default domain controller policy). So it seems that DCa is
still advertising himself as DC in site B. I will look why the process does
not work in our case... :(
We did not configured automatic aging/scavenging, i will look also into this
option.
Thanks again,
Yann
Ulf B. Simon-Weidner
approaching ;-) ).
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: blocked::http://msmvps.org
this and verify the printers
name), if it was registered automatically you need to change the name of the
printer.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http
No Zone – no properties ;-)
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Mittwoch, 24. Januar 2007 20:24
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] [OT] Odd Folder under Forward Lookup Zone
What are properties of the 1 zone?
On 1/24/07,
Options
And is named
Interactive logon: Prompt user to change password before expiration
Just a guess.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http
are things? See you in March?
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D
Weblog: blocked::http
it was someone
(probably me!) just typed a .1 in some setting on the printer and allowed it
to register in DNS.
Many thanks.
-- nme
Noah Eiger
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Wednesday, January 24, 2007 12:29 PM
of DC A in Site B,
however make sure that you are only deleting the SRV-Records underneath the
DNS-Subdomains of the Site-specific Records in the Site B-DNS-Domains
(looks like folders in the DNS Managementconsole).
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked
]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: 10 December 2006 12:06
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Quest Recovery Manager
I do disagree since we might have other withes, issues, possibilities with
Longhorn, so I'd wait when spending a lot of money
I can't remember exactly, but I think I've heard a Q1 at one of the
conferences last year. IIRC.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http://mvp.support.microsoft.com
complicated to generalize that it should be reset in
any case.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile
Publications: http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-
B489-F2F1214C811D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http
PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Monday, 22 January 2007 11:32 a.m.
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AdminSDHolder orphans
Hi Tony,
late response as well - sorry.
I guess why this isn't cleaned up is the same thing as in many other
that
this is respected.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
BLOCKED::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: BLOCKED::http
you can use ldp\script etc.. to set the
msNPAllowDialin == true.
It should reflect properly in ADUC when you next view that user..
spat
- Original Message -
From: Ulf B. Simon-Weidner mailto:[EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Thursday, November 30
- Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: blocked::http://msmvps.org/UlfBSimonWeidner
http
Just stepped across this - thanks for fixing it!
Ulf
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
Simon-Weidner
Sent: Freitag, 4. August 2006 09:26
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] ldp in ADAM-SP1
Hi Dmitri
Hi Dmitri,
And DSAcls still does not display a computer accounts ACL if someone was
being delegated permission to join a computer to this account using ADUC:
http://www.windowsserverfaq.org/faq/CompACLs.asp
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http
to manage them, or want to know very closely what the
requirements are and keep an extra eye on those machines. Dont put lives
at jeopardy b/c of a misconfigured GPO.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile="">
on x64 will perform better than on 32-bit,
since its very likely you already have some of the newer servers with
x64 Id just give it a try for one DC yourself.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile="">
Weblog: http
Every joe is someones joe, but Joe McNicholas Joe joeware Richards
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http
.
3)
Lag-Sites dont make any sense
if they do replicate in between the scheduled times so in this scenario you
may worry about both.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile="">
Weblog: http://msmvps.org/Ulf
to share this info on a blog? It's great, and we could give
you credits and avoid typing whenever there's a discussion of that topic.
Might be worth to include the imaged-client and reset password on a
computer account discussions.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile
the tombstone-lifetime I don't see any reasons why this should not
be supported since we are just talking about lag-sites without any memberservers
/ clients / users who log onto those DCs.
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile
no client is
hitting a lag sites DC.
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile=""> Weblog: http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org
From: [EMAIL PROTECTED]
[mailto:[EMA
!
And right after hitting OK there's a head banging against the monitor-sound -
Aahrg - Lag sites.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811D
Weblog: http://msmvps.org/UlfBSimonWeidner
did attend should be able to find the sessions. Currently you are
able to use Biztalk as workflow engine, or the Office 2007 workflow engine
when available.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489
an example
for you at
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/wmisdk/wmi/
wmi_tasks__networking.asp - look at the last example.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
You can also use WMI to ping the machine - works fast and you
don't have to text-analyze the output of the ping-command.
I've just dug out an example for you at
http://msdn.microsoft.com/library/default.asp?url=/library/en-u
s/wmisdk/wmi/
wmi_tasks__networking.asp - look at the last example.
:
http://www.microsoft.com/technet/archive/winntas/maintain/ntopt4.mspx?mfr=tr
ue
However I stand corrected - need to update my brains cache from google more
often - to bad brains don't support TTL of websites.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http
AFAIK the password change interval is set to 30 in XP (15 in NT, W2k), but
the computer accounts starts to request renewal after 50% of the time is
over. After 30 days it'll change it if being logged onto the domain for sure
(unless otherwise configured or connected).
Gruesse - Sincerely,
Ulf B
of tombstones most likely
not).
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile=""> Weblog: http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org
From: [EMAIL PROTECTED]
[mailto:[EM
You're welcome, and have a nice day too!
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
blocked::http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F
2F1214C811D
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog
Big fat ditto - and even better in the support tools.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
this hazzle. So I'm mainly limited to ds-tools or vbs.
Something like this should work:
Dsquery user -stalepwd 90 | dsget user -dn -disabled | find No
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489
I didn't catch it because I didn't bother enough to read the adfind syntax.
If you'd provided a standard LDAP-Filter with DSQuery ...
;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
published
more details and a script to fix the ACLs on my website, and also mentioned it
during one of my sessions at DEC:
http://windowsserverfaq.de/faq/CompACLs.asp
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile="">
Hi Mark,
You are right - Exchange is great - what I love especially is it's
capabilities of administrative delegation.
See you in Boston?
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
I
can't see them as well, OL2k3 into POP, provider is using ESMTP (Nemesis) and
POP appears to be mimap12 (at least that's what telnetting against the pop tells
me).
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile="&quo
If
all of those were intended I did get everything correct as well. Mainly one
thread IIRC.
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile=""> Weblog: http://msmvps.org/UlfBSimonWeidner Website: http://www.windows
(and it's actually way to early here
to handle thinking like that).
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http
-
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile=""> Weblog: http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Teo De Las
HerasSent
GREP?
Whats GREP! ;-)
Great
idea- forgot about that one.
GPOs
are really a big point here - I've seen an enterprise going down because of
that.
GPMC
with backup / import (instead of backup / restore) might help here as
well.
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
What
about the origin - are they created using OL2k7? If so must be a new bug - I was
using a bit older version for quite a while (and everything was readable), but
it almost corupted my mailstore - so I switched temporarily
back.
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
the time, but allow them to adjust the
timezone.
Gruesse -
Sincerely,
Ulf B.
Simon-Weidner
Profile
Publications:http://mvp.support.microsoft.com/profile=""> Weblog: http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org
From: [EMAIL PROTECTED]
[
be a possibility to reset DNTs programmatically after IFM, however
this would need additional code and time after reading the DB and rebooting
the DC for the first time.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489
.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
Profile Publications:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
-Original Message-
From: [EMAIL PROTECTED
Also the uninstall-files and all the previous garbage which isn't needed
won't install when using a slipstreamed media.
Ulf
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Freddy HARTONO
Sent: Monday, May 01, 2006 3:23 PM
To:
Did
you try shutdown.exe? The parameters /l /f /t 3600 allow you to time it for an
hour after executing it, and to force a logoff. No need to script around using
additional timers or scripts.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps&qu
Guess
you'll have to do that by yourself, e.g. logon-script shutdown -l -t
3600
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Pr
- Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
.
You can also combine the dstools:
Dsquery user ou=whatever,dc=example,dc=com -limit 0 | dsmod -profile ...
This should give you an example how to do this.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org
- Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
|
|
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
|Simon-Weidner
|Sent: Tuesday, April 18, 2006 11:40 PM
|To: ActiveDir@mail.activedir.org
|Subject: RE: [ActiveDir] User Accounts
|
|* DNTs (to me) are _not_ a component of the directory
|
|IIRC they are like
or use google, which
will bring it up as well.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.com/profile
it.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
AM
|To: ActiveDir@mail.activedir.org
|Subject: Re: [ActiveDir] Tombstone attributes
|
|Ulf B. Simon-Weidner wrote:
| Unfortunately the passwords is the same attribute for users and
| computers. I thought recently to put the password in the
|tombstone to
| ease computer account reanimation
? Do clue - I'm german - we have our own - can't keep a
dictionary of approabriate words in foreign languages in the same brain
which is interested in those answers.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http
they use 2B RDNs
|... if you're actually dealing with numbers that ballpark into
|that area, I'd be curious to hear about your scenario, but I
|suspect no one is doing that ... yet.
|
|Cheers,
|-BrettSh
|
|On Mon, 17 Apr 2006, Ulf B. Simon-Weidner wrote:
|
| Hi ~eric,
|
| I don't look very happy
: RE: [ActiveDir] User Accounts
|
|Never take me to serious
|
|Seriously? :)
|
|(Great thread by the way)
|
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
|Simon-Weidner
|Sent: Monday, April 17, 2006 6:06 PM
|To: ActiveDir@mail.activedir.org
seen large directories in this range.
|All of my experience with directories 25M objects was outward facing.
|IE, internet portal types, like Brett was talking about.
|
|~Eric
|
|
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of Ulf B.
|Simon-Weidner
|Sent
troduction of implementing manuall processes for floating
roles)
And
just in case:
;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserver
Yes -
prio 1 is delegation, prio 2 GPOs since you have multiple ways to influence
GPOs.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsser
for this.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.com/profile=35E388DE-4885-4308-B489-F2F1214C811
D
Well designed schema updates will not conflict with existing ones - so you
shouldn't have any issues - and if you have issues it's most likely another
non-MS schema extension.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Actually type NTP or AllSync may use the NTP-Server. AllSync is the
reg-setting for w32tm /syncfromflags:MANUAL,DOMHIER (so it's a combination
of NTP and NT5DS). If the setting is NoSync or NT5DS the NTP-Server setting
is not being used.
Ulf
|-Original Message-
|From: [EMAIL PROTECTED]
Might be - you know that you can delegate any eventlog by adjusting the
CustomSD Registrykey underneath the specific eventlog in the registry?
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org
it, it will inform the user that there's a different version of the file on the
server and offer him to reload. But apps which are doing this are pretty
rare.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://
Sounds like
http://www.dec2006.com/abstracts.cfm#directorysimonweidner
;-)
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan
HolmeSent: Wednesday, March 29, 2006 8:49 AMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] View Delegated
Tasks?
How about
dsquery * domainroot -Filter
((objectCategory=Computer)(sAMAccountName=computername)) -attr
objectSID
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Web
Why not
((objectCategory=computer)(|(operatingSystem=Windows 2000
Server)(operatingSystem=Windows Server 20003)))
This is at least limited to computer objects and should be slightly better.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http
Excellent writing buddy - hope you are keeping snippets
like this for the forth edition ;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsser
adjusts on windows
depending on the availability of memory.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Profile:http://mvp.support.mic
in time) in San Fransisco so I may expect it
earliest tonight.
Was
nice meeting you - and glad you've made it out of the lurking space
;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSi
and
spent time with us - there were a lot of great discussions between all of
the attendees, speakers, MS, and the conference would not be the same
without their support physically being there.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http
Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Profile:http://mvp.support.microsoft.com/profile="">
From: [EMAIL PROTE
Hmm - they figured that one out while under NDA ;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org/UlfBSimonWeidner
Website: http://www.windowsserverfaq.org
Profile:
http://mvp.support.microsoft.com
Nope, handed out with but not in the bag. Was only 128. It you want me to
mail you the content let me know. Easier than writing on the plane ;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
Weblog: http://msmvps.org
Title: Message
Hi David,
my script at http://www.windowsserverfaq.org/faq/CompACLs.aspprovides
you with all the parts you need to put your script together.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Web
Object inheritance is disabled by
default on those protected objects as well. If you enable inheritance on the
adminSdHolder the objects will inherit permissions.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die
Expertentipps": http://tinyurl.com/44zcz Weblo
to be unique.
For all those Attributes there's no supported way in changing them
afterwards. So make sure whatever used is as unique as you are sure no other
company ever would consider using the same ones.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http
://msmvps.com/blogs/ulfbsimonweidner/archive/2005/05/29/49659.aspx
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Pr
Since it hasn't been mentioned - LDP of R2 and ADAM provides the possiblity
to view the ntSecurityDescriptor as well.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book Windows XP - Die Expertentipps: http://tinyurl.com/44zcz
http://tinyurl.com/44zcz
Weblog: http://msmvps.org
.
AdminSdHolder is a object which has IMHO no specific use,
just to hold a securityDescriptor to use as template.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Web
but
some indexes from the domain database.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Profile:http://mvp.support.microsoft.c
€
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Profile:http://mvp.support.microsoft.com/profile="">
From: [EMAI
Hi Todd,
this would rock if you are able to scan it (or somebody has
contacts to the team to request a printable-file)?
Subscriptions are only free for US Residents (shipping
costs), and the web-version does not include the picture.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book
If you mention google after MSN Search you have to turn off
the shamless plug.
;-)
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al
MulnickSent: Thursday, March 09, 2006 3:26 AMTo:
ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] Bulk
Import
If
after a DC
has been stolen.
Since I'm talking about admin and service-accounts it's not
enforceable via GPO - at least not without 3rd party software or a special
domain design.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl
And keep in mind that it only works when users are logging
off and on (at least for domain groups) so that the token is recreated - so
running it multiple times a day is propably not practical.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps&qu
of
the SID without resolving it to the domain.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Website: http://www.windowsserverfaq.org Profile:http://mvp.support.microsoft.c
I've written down some related thoughts
once:
http://msmvps.com/blogs/ulfbsimonweidner/archive/2004/10/24/16568.aspx
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http://tinyurl.com/44zcz Weblog:
http://msmvps.org/UlfBSimonWeidner Web
not need to boot into directory recovery mode here. However note that
you are able to reset the directory recovery mode administrators password as
long as you have the domain admin by logging on while AD is active, then use
ntdsutil to reset the DSRM Admins password.
Gruesse - Sincerely,
Ulf B
Hi Gene,
the Infrastructure Master is not the most critical role.
However if you have a backup of that system I'd recommend a restore of the
Systemstate. If not, I'd seize the Infrastructure Master to another server,
clean up the Active Directory from the remainers of the old server
a at least half week old copy of the AD
intheone of theLag-Site. And I've even heard fromsomeone
using seven lag-sites for every day in the week. Perhaps he's jumping into this
thread later ;-)
Gruesse - Sincerely,
Ulf B. Simon-Weidner
MVP-Book "Windows XP - Die Expertentipps":
http
1 - 100 of 236 matches
Mail list logo
