RE: [ActiveDir] ADUC MMC

[Rich Milburn]

Joe speaking of scripts to unlock users… have you (or anyone else) ever set up an alert/script combo that triggers when an account gets locked out, brings up the user info to you with various info, and lets you acknowledge and unlock it / call the user / chase the hacker depending on the situation?  At a glance this seems it might be useful, but maybe I haven’t thought through the implications… From: Joe [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 04, 2003 6:57 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] ADUC MMC   OK right off the bat, I wouldn't let anyone besides the domain admins TS into a domain controller. That isn't the root of your problem but could be the root of others before or down the road. You will probably get someone on here that may say that the server could be hardened but I am going to say there is going to be someone who will find a bug or some hole you aren't aware of be able to do damage.   Other than that if you have to use that DC in that way, I would recommend uninstall and then reinstall the adminpak from the SP that you currently have running on the machine.   Note that you can script the unlock and reset of user ID's....   set o=getobject(LDAP://cn=userid,cn=users,dc=domain,dc=com) o.lockouttime=0 o.setinfo o.setpassword "newpassword"   You simply have to know the DN or do a quick search for it or use name translate to get it, see posts from yesterday.   These scripts the users could run from their machines.   …<snip> -------APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE------- PRIVILEGED / CONFIDENTIAL INFORMATION may be contained in this message or any attachments. This information is strictly confidential and may be subject to attorney-client privilege. This message is intended only for the use of the named addressee. If you are not the intended recipient of this message, unauthorized forwarding, printing, copying, distribution, or using such information is strictly prohibited and may be unlawful. If you have received this in error, you should kindly notify the sender by reply e-mail and immediately destroy this message. Unauthorized interception of this e-mail is a violation of federal criminal law. Applebee's International, Inc. reserves the right to monitor and review the content of all messages sent to and from this e-mail address. Messages sent to or from this e-mail address may be stored on the Applebee's International, Inc. e-mail system.