SEARCHWIN2000.COM | Active Directory Tip December 16, 2003 Essential tools and advice for AD management and migration. More tips: http://searchwin2000.techtarget.com/tips/?track=NL-23
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= FROM OUR SPONSORS: - Bogged Down By Year-End Projects? http://searchWin2000.com/r/0,,22529,00.htm?track=NL-23&ecora - Compliance, Capacity, Policy - Reasons to Archive Email FREE White Paper: http://searchWin2000.com/r/0,,22528,00.htm?track=NL-23&c2csystems =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= IN THIS ISSUE | Table of Contents 1. ACTIVE DIRECTORY TIPS - Ask Jeremy Moskowitz: Group policy editor and messenger service - Set up split-brain DNS - Modify user Terminal Services settings for OU in AD - Override Active Directory policies 2. WHAT'S NEW! - Article: This year's top 10 stories - Chapter of the Week: 'Active Directory management' - Opinion: Antispam bill: Savior or toothless wonder? - Tip Contest: Santa wants to give you a free CD/MP3 player! ____________________________________________________________________ ******************* SPONSORED BY: Ecora ************************ Working on DR documentation, IT audits, or migration? Ecora Enterprise Auditor generates detailed configuration reports and tracks changes to AD, Windows, Exchange, Citrix, SQL, IIS, and Linux. Make your life easier! No agents to install on your servers. Download and try a fully functional evaluation today: http://searchWin2000.com/r/0,,22529,00.htm?track=NL-23&ecora ____________________________________________________________________ GROUP POLICY EDITOR AND MESSENGER SERVICE | Ask Jeremy Moskowitz Dear Jeremy, We used group policy editor to disable a messenger service, but that made it possible for a user with local admin permissions to re-enable and start it. We then adjusted group policy to set permissions on messenger service to give users 'read-only' permission. Now every time we apply the group policy, it tries to disable the messenger service again and gets an access denied error. >> CLICK for the full expert tip: http://searchwin2000.techtarget.com/ateQuestionNResponse/0,289625,sid1_cid563076_tax295531,00.html?track=NL-23 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= SET UP SPLIT-BRAIN DNS | James Michael Stewart Without DNS, there is no Active Directory. Many organizations are aware that it is not a secure policy to expose your internal Active Directory and DNS infrastructure to external entities, especially the Internet. So there should be some means by which you can have a private Active Directory network space that is, nevertheless, tied to publicly accessible Internet servers while maintaining DNS and Active Directory security and segregation. There is, and it's called split-brain DNS. >> CLICK here for the full expert tip: http://searchwin2000.techtarget.com/tip/1,289483,sid1_gci912486,00.html?track=NL-23 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= MODIFY USER TERMINAL SERVICES SETTINGS FOR OU IN AD | David Savoie Windows 2000 Active Directory does not expose the Terminal Services attributes of a user. These settings are stored as a string in the UserParameters attribute. This attribute also stores the settings for Remote Access. However, any testing that can affect multiple users should be tried and tested in a Lab environment. >> CLICK here for the full user-submited tip: http://searchwin2000.techtarget.com/tip/1,289483,sid1_gci940273,00.html?track=NL-23 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= OVERIDE ACTIVE DIRECTORY POLICIES | Rick Bankers Have you ever gone to a user's PC to make a change only to find that AD policies have disabled that option for that user? Rather than logging out and back in as yourself, you can double click on a registry file to temporarily turn off policies. >> CLICK here for the full user-submited tip: http://searchwin2000.techtarget.com/tip/1,289483,sid1_gci912310,00.html?track=NL-23 ____________________________________________________________________ *********************SPONSORED BY: C2C ************************ Compliance, Capacity, Policy - Reasons to Archive Email FREE White Paper Compliance, capacity and policy; what is driving email archiving at your organization? And how do you pick a solution that solves your specific problems without breaking the bank? C2C's new white paper, '3 Reasons to Archive Email' - explores the internal and external influences on email archiving - reveals the best-practices for lowering your exposure to legal risk - unveils the 'gotchas' including the importance of maintaining email integrity - discusses the requirements of current legislation and how it could evolve. Download the '3 Reasons' white paper now! http://searchWin2000.com/r/0,,22528,00.htm?track=NL-23&c2csystems ___________________________________________________________________ WHAT'S NEW! =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= THIS YEAR'S TOP 10 STORIES | Article We crunched some numbers to find out what news stories you favored over the past 12 months. The result: SearchWin2000's top 10 news stories of 2003. What were the hot buttons for Windows admins this year? Patch management - specifically Microsoft's free Software Update Services tool. http://searchwin2000.techtarget.com/featuredTopic/0,290042,sid1_gci940534,00.html?track=NL-23 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ACTIVE DIRECTORY MANAGEMENT | Chapter of the Week Chapter two from 'Managing Enterprise Active Directory Services' will teach you how to manage and monitor Active Directory programmatically in a large-scale environment. It provides expert advice from two authors who led Cisco's Active Directory deployment and management initiative. With a focus on post-deployment issues surrounding Active Directory, it also shares insight from enterprise-level deployers through real-world case studies. http://searchwin2000.techtarget.com/whitepaperPage/0,293857,sid1_gci928235,00.html?track=NL-23 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ANTISPAM BILL: SAVIOR OR TOOTHLESS WONDER? | Opinion We now have a national "do not call" list to protect us from those loathsome telemarketing calls at dinnertime. A "do not spam" law, to protect us from those loathsome round-the-clock junk e-mails, may not be far behind, if President Bush signs the bill that Congress passed this week. But are we really getting what's advertised here? http://searchwin2000.techtarget.com/columnItem/0,294698,sid1_gci940935,00.html?track=NL-23 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= SANTA WANTS TO GIVE YOU A NEW CD/MP3 PLAYER! | Tip Contest Are our members really all out of tips or just too busy with the holidays? We didn't receive enough tips in November to give away our super duper contest prize so we're giving you another chance. Start fresh in December and get your Windows related IT tips submitted early! You could end up with an iRiver SlimX iMP-350 CD/MP3 player in your stocking! >> CLICK here to submit and read more about this month's prize: http://searchwin2000.techtarget.com/tips/0,289484,sid1_tax5e1,00.html?track=NL-23 ___________________________________________________________________ SECURITY ADMINISTRATION TIP NEWSLETTER | Sign up for free SearchWin2000.com's security administration free biweekly newsletter draws off the knowledge of experienced users, authors and other experts to provide IT professionals the tips and guidance they need to effectively secure their networks. >> CLICK here to auto-activate your subscription: http://searchWin2000.techtarget.com/OptIn/1,290894,sid1,00.html?track=NL-23&&&&&&cid=&em=&tid=136&FE=1 ___________________________________________________________________ ********************* SEARCHWIN2000 CONTACTS ********************** TIP MAILBOX, (mailto:[EMAIL PROTECTED]) >> Send feedback on tips and ideas for new tip content. _________________________________________________________________ MARILYN COHODAS, Senior Site Editor (mailto:[EMAIL PROTECTED]) >> Send me your original articles and best practices. __________________________________________________________________ CHRISTINE POLEWARCZYK, Site Editor (mailto:[EMAIL PROTECTED]) >> Send me your IT bloopers and original articles. __________________________________________________________________ VANDANA SHARMA, Assistant Editor (mailto:[EMAIL PROTECTED]) >> Send me your tips and true IT bloopers. __________________________________________________________________ MATT DANIELSSON, Assistant Editor (mailto:[EMAIL PROTECTED]) >> Send me your ideas for online event and discussion day topics. __________________________________________________________________ DAVID GABEL, Executive Tech Editor (mailto:[EMAIL PROTECTED]) >> Send me your technical tips and tip ideas. __________________________________________________________________ KEVIN NOLAN (mailto:[EMAIL PROTECTED]) >> Sponsor this or any other TechTarget newsletter. __________________________________________________________________ ::::::::::::::::::::: ABOUT THIS NEWSLETTER :::::::::::::::::::::: This newsletter is published by TechTarget, the most targeted IT media. http://www.techtarget.com?track=NL-23 Copyright 2003 TechTarget. All rights reserved. ____________________________________________________________________ To unsubscribe from "Active Directory Administration Tips" reply to this e-mail with REMOVE in the Subject line. Please note, unsubscribe requests may take up to 24 hours to process; you may receive additional mailings during that time. A confirmation e-mail will be sent when your request has been successfully processed.
