have found on my trawl around usenet / internet today that the date of the msi file and supporting files is about 8 months more recent than that distributed with the .NET server RC media
i assume it is a correct procedure to install this over the top of the current ADMT installation - assuming of course the components are a more recent build ?? supporting readme.doc contains no revision information !! GT ----- Original Message ----- From: "Graham Turner" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, July 11, 2003 3:58 PM Subject: Re: [ActiveDir] admt 2.0 - nt4 computer migration > Rick, thanks your time on this issue. > > my view is that we failing at the installation of the agent - as i read it > this takes place using the credentials of the logged in user at the ADMT > console ?? > > GT > > > ----- Original Message ----- > From: "Rick Kingslan" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, July 11, 2003 2:05 PM > Subject: RE: [ActiveDir] admt 2.0 - nt4 computer migration > > > > Graham - > > > > I have no documentation of an 'allowedrunlist' policy or setting in NT 4.0 > > (not saying that it doesn't exist - just in the limited time I have this > AM > > I can't find anything). But, given that it does exist, yes - that's what > > I'm saying. If the policy does truly enforce WHO can run WHAT - then this > > could be an issue. > > > > With that being said - this agent (ADMT), in my experience, runs at the > > LocalSystem context, and therefore should not be subject to the rules of a > > ruleset applied by system policy, AFAIK. > > > > Rick Kingslan MCSE, MCSA, MCT > > Microsoft MVP - Active Directory > > Associate Expert > > Expert Zone - www.microsoft.com/windowsxp/expertzone > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Graham Turner > > Sent: Friday, July 11, 2003 5:20 AM > > To: [EMAIL PROTECTED] > > Subject: Re: [ActiveDir] admt 2.0 - nt4 computer migration > > > > Rick, thanks for post reply. > > > > is your inference then that it is conceivable that a restrictive > > allowedrunlist "tattooed" into the registry is able to prevent whatever > > application it is to run on the NT4 workstation. ??? > > > > GT > > > > > > ----- Original Message ----- > > From: "Rick Kingslan" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Thursday, July 10, 2003 1:13 AM > > Subject: RE: [ActiveDir] admt 2.0 - nt4 computer migration > > > > > > > Graham, > > > > > > System Policy on NT 4.0 is truly tatooed to the system. If you turn > > > it > > off > > > and back on, it's still there - unless manually removed or the policy > > > is backed out via the de-application of said policy. > > > > > > And, sadly - I can't tell you right now what needs to run (yes the > > > Agent, damn it - but what IS the Agent?).... > > > > > > Rick Kingslan MCSE, MCSA, MCT > > > Microsoft MVP - Active Directory > > > Associate Expert > > > Expert Zone - www.microsoft.com/windowsxp/expertzone > > > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Graham Turner > > > Sent: Wednesday, July 09, 2003 4:25 PM > > > To: [EMAIL PROTECTED] > > > Subject: Re: [ActiveDir] admt 2.0 - nt4 computer migration > > > > > > but then thinking about it no - when i failed on the first nt4 host > > thought > > > it was down to that computer so tried another one straight away - same > > > access denied result > > > > > > have spoken with the developers of the nt4 build - there is a system > > policy > > > with an allowedrunlist policy - that was that even while logged off > > > this registry value is tattooed into the computer registry ???? > > > > > > if this is possible which i must confess to not being sure on then > > > need to work out what actually needs to be allowed to run for the admt > > > dispatch agent to execute > > > > > > clutching at straws a bit !!! > > > > > > GT > > > > > > > > > ----- Original Message ----- > > > From: "Wilkinson, Stephen" <[EMAIL PROTECTED]> > > > To: <[EMAIL PROTECTED]> > > > Sent: Wednesday, July 09, 2003 2:01 PM > > > Subject: RE: [ActiveDir] admt 2.0 - nt4 computer migration > > > > > > > > > > I think Larry's first response could be it Graham. > > > > > > > > We saw exactly this in our testing with the Quest Migrator product. > > > > You must make sure there is no computer account with the same name > > > > already in the AD - hiding in an OU you least expect it! (ours got > > > > there during testing by manually moving test boxes in and out of the > > > > ad domain and forgetting to remove the computer accounts. > > > > > > > > > > > > Stephen Wilkinson > > > > > > > > Tel +44(0)207 4759276 > > > > Mobile +44(0)7973 143970 > > > > E-Mail: [EMAIL PROTECTED] > > > > > > > > > > > > -----Original Message----- > > > > From: Duncan, Larry [mailto:[EMAIL PROTECTED] > > > > Sent: 08 July 2003 21:45 > > > > To: '[EMAIL PROTECTED]' > > > > > > > > Has the "Everyone" group been added to the "Pre-Windows 2000 > > > > Compatible Access" group in the new domain? > > > > > > > > > > > > -----Original Message----- > > > > From: Graham Turner [mailto:[EMAIL PROTECTED] > > > > Sent: Tuesday, July 08, 2003 3:24 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: [ActiveDir] admt 2.0 - nt4 computer migration > > > > > > > > Am attempting the migration of computer from NT4 source domain to > > > > Windows 2000 target domain. > > > > > > > > the migration environment is working fine with windows 2000 > > > > professional clients > > > > > > > > have got issues with the migration of an NT4 workstation > > > > > > > > the extract from dispatch.log on the admt server is attached from > > > > which i > > > am > > > > hoping to get a few clues as to the "access denied" > > > > > > > > have checked the "obvious" issues such as sourcedom\domain admins > > > > being a member of the local administrators group and the computer > > > > migration being run while logged an as a member of that > > > > sourcedom\domain admins group > > > > > > > > Thanks > > > > > > > > GT > > > > > > > > List info : http://www.activedir.org/mail_list.htm > > > > List FAQ : http://www.activedir.org/list_faq.htm > > > > List archive: > > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > > > > > > > -------------------------------------------------------------------- > > > > -- If you have received this e-mail in error or wish to read our > > > > e-mail disclaimer statement and monitoring policy, please refer to > > > > http://www.drkw.com/disc/email/ or contact the sender. > > > > -------------------------------------------------------------------- > > > > -- > > > > > > > > List info : http://www.activedir.org/mail_list.htm > > > > List FAQ : http://www.activedir.org/list_faq.htm > > > > List archive: > > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > List info : http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > > > > List info : http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
