-----Original Message-----
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Brett Shirley
Sent: Tuesday, August 15, 2006 9:12 AM
To: ActiveDir@mail.activedir.org
Cc: Send - AD mailing list
Subject: RE: [ActiveDir][OT]Dean's kick-a## article
Maybe I can help w/ the ego (after all I consider trimming Dean's ego
one of my higher callings in life ;-) ...
Dean, you said you didn't mind if we continued to discuss this thread
at one point (a at the time highly volatile thread, which I decided to
let settle down), do you remember this thread:
http://www.mail-
archive.com/activedir@mail.activedir.org/msg32470.html
Where I think you basically conveyed (IMNHO) I didn't know what I was
talking about in regards to what is required for a DS implementation
...
>From your two emails in that thread, first you said:
... that the process of injecting the phantom isn't a behavioral
requirement imposed or carried out by the directory service itself.
It is a requirement imposed by the underlying database and is
necessary because of the mechanism used by ESE to provide uniform
representation of object references (i.e. link pairs).
Then in a subsequent email:
Nod, I understand your point but, to me, it's a matter of perspective
-- where does the directory begin and end? From a developers
standpoint, the directory may well be a whole component neatly
organized into a single area of a source tree. From my perspective,
the term directory (in this context) is used to relay the concept of
a
(mostly) standards based component with predictable features,
interfaces, behaviors, structures, underlying mechanisms, etc.
Any directory service has a form of the infrastructure master DN-
cleanup problem, when the "cross-reference" spans replication scopes,
irregardless of underlying database technology, ESE, or SQL Server, or
anything else you can think of. If they seemingly don't have this
problem, then there is some form of replication happening and thus the
DN isn't really crossing replication scopes (that's why the GC doesn't
have this problem ... as you pointed out in part 1 of the article).
So I'd argue the last 2 lines in the first quote were wrong in two
ways:
(A) ESE doesn't provide uniform representation of object references.
That's just patently incorrect. And (B) this isn't an ESE
implementation detail, it is a DS implementation detail for being
constructed on any kind of database that isn't performing replication
(same as SQL, MySQL, BerkleyDB, whatever NDS used, or ESE)? I just
want it on record ...
8/17/2005, Dean was wrong once.
Thanks,
BrettSh
ex-Garage Door Operator #7.
On Mon, 14 Aug 2006, Dean Wells wrote:
Cheeky git . my head, your stomach . at least we'll have the plane to
ourselves! :0)
Best start working on that pilot's license!
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com <http://msetechnology.com/>
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, August 14, 2006 5:09 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir][OT]Dean's kick-a## article
Hey I sometimes have to ride on planes with that guy, don't swell his
ego
too much... I want to be able to sit on the plane.
:)
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
_____
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matheesha
Weerasinghe
Sent: Monday, August 14, 2006 3:02 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir]
joe said "pretty decent" http://blog.joeware.net/2006/06/08/400/
I think thats an understatement ;-)
However, my profuse thanks to joe too. I wasnt aware of the article
until he
blogged it.
M@
On 8/14/06, Dean Wells <[EMAIL PROTECTED]> wrote:
Why thank you . but who said otherwise? ;0)
--
Dean Wells
MSE technology
* Email: [EMAIL PROTECTED]
http://msetechnology.com <http://msetechnology.com/>
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matheesha
Weerasinghe
Sent: Monday, August 14, 2006 2:35 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir]
http://searchwinit.techtarget.com/originalContent/0,289142,sid1_gci1192
821,0
0.html?track=NL-463
<http://searchwinit.techtarget.com/originalContent/0,289142,sid1_gci119
2821,
00.html?track=NL-463&ad=554811USCA&ad=554808>
&ad=554811USCA&ad=554808
I dont care what anyone says. Thats a damn fine article.
I couldnt possibly thank Dean enough for that info.
M@
On 8/14/06, Graham Turner <[EMAIL PROTECTED]> wrote:
Alter ego !
my thanks are due
worked out a treat - so the GC's are not so ***'d as i thought
any info on the concept of the phantoms though ??
GT
Hey Robert,
In the article you posted, the registry key is incorrect in the KB
content. It lists the registry key as:
HKCU\Software\Policies\Microsoft\Windows\Directory
However, the correct registry key is:
HKCU\Software\Policies\Microsoft\Windows\Directory UI
I've sent a comment to my former employer to ask for them to fix
the
article...next time, test it *before* you post!
Your Alter Ego,
Robert Williams
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto: <mailto:[EMAIL PROTECTED]>
[EMAIL PROTECTED] On Behalf Of Williams,
Robert
Sent: Monday, August 14, 2006 9:28 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
Hey Graham,
This may not be what you're experiencing, but it could be worth it
to
check to see how many members you have in the group(s) in question.
By
default, if the group has over 500 members in it, the user icons
inside
the group will turn grey. Check out this article for more
information:
http://support.microsoft.com/kb/q281923/
Let us know if that turned out to be the cause.
Have a great day!
Robert Williams
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto: <mailto:[EMAIL PROTECTED]>
[EMAIL PROTECTED] On Behalf Of Graham Turner
Sent: Monday, August 14, 2006 9:01 AM
To: activedir@mail.activedir.org
Subject: [ActiveDir]
Dear all, am experiencing issues that i think attributable to the
concept of Active
Directory phantoms
the symptom is that when we open certain global groups the
membership
list comes out
with grey icons
this is not all groups - affected ones being - Domain Users /
Domain
computers
must confess to not a full understanding of the issue here -but it
seems
this
relates in some way to GC lookup ??
i can for sure confirm that the GC port 3268 is open on the GC's
not sure why as the group / user members are in the same domain ?
after the understanding of what is going on here is, of course 'HOW
DO
WE FIX' ??
technet seems to reference a concept of 'phantom clean up task' - a
process that
runs on the server running 'INFRASTRUCURE MASTER' fsmo role on a
scheduled basis to
resolve the directory issue.
would seem not in this case ?
as a point to note, neither netdiag or dcdiag are coming up with
nothing
concliusive
in this respect.
help as always gladly received
GT
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
