from:"Mathieu CHATEAU"

Re: [ActiveDir] msi package

2005-11-27 Thread Mathieu CHATEAU






Sunday, November 27, 2005, 2:20:26 PM, you wrote:







Dear all, how can I create an msi file from installation files? any tools recommended?
thank you






you can use adminstudio from installshield, it's the best i have used (but a $$$ one).

Winstall LE is free but limited to capture an install to make a msi.

NEVER MAKE A MSI FROM A MSI !

cheers,
Mathieu CHATEAU




List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Re[2]: [ActiveDir] Limit Logon thru GPO

2006-02-18 Thread Mathieu CHATEAU


Thursday, February 16, 2006, 6:56:38 PM, you wrote:

MP Another way I have seen this done is via a logon script and the
MP users home directory, basically the directory is limited to 1
MP connection then if this number is exceeded the computer logs the user off.

MP Very crude I know.

MP Mark

MP -Original Message-
MP From: Jacqui Hurst [EMAIL PROTECTED]
MP Date: Thu, 16 Feb 2006 17:46:35 
MP To:ActiveDir@mail.activedir.org
MP Subject: RE: [ActiveDir] Limit Logon thru GPO

MP   
MP   
MP I have seen CConnect working fine in a Windows 2003 environment.  
MP
MP
MP Jacqui.  
MP
MP
MP This cconnect.exe seems interesting anybody used it with 2003
MP Server? or is it strictly a NT/2000 tool?  
MP
MP   
MP   
MP From: [EMAIL PROTECTED]
MP [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia
MP Sent: Thursday, February 16, 2006 8:17 AM
MP To: ActiveDir@mail.activedir.org
MP Subject: RE: [ActiveDir] Limit Logon thru GPO  
MP
MP There is no native way of doing this in GP, but there is the 
MP Resource Kit utility Cconnect.exe that tries to accomplish the
MP same thing without messy AD partitions (not at all to imply that
MP anything remotely related to AD is messy :))  
MP
MP Darren  
MP
MP   
MP From: [EMAIL PROTECTED]
MP [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Visser
MP Sent: Thursday, February 16, 2006 7:59 AM
MP To: ActiveDir@mail.activedir.org
MP Subject: [ActiveDir] Limit Logon thru GPO  
MP Sorry if this question has already been asked but I was sure I
MP saw this at one time and now I cannot find it anywhere. I am
MP beginning to think it was all just a wishful dream.  
MP
MP Q. Is it possible to limit the number of logons a user may have at any one 
moment, using GPO?
MP
MP Microsoft has released the LimitLogin tool, which you can
MP download from
MP 
http://download.microsoft.com/download/f/d/0/fd05def7-68a1-4f71-8546-25c359cc0842/limitlogin.exe.
MP The tool stores logged-on information in a custom AD partition
MP (dc=limitlogin, dc=domain, dc=com; e.g.,
MP dc=limitlogin,dc=savilltech,dc=com) via a Microsoft IIS 6.0
MP (Windows Server 2003) hosted Web service, a client component, and a logon 
and logoff script.
MP
MP This is the only answer I could find on the internet but surely
MP this cannot be the only way, like I mentioned I was sure I saw
MP this at one time and now I cannot find it anywhere. Was it all a
MP dream? Should MS get there act together? or did I really see this?
MP I would rather not use LimitLogon as it seems like a bit of a pain
MP in the a$$ to setup and I am pretty sure it is irreversible.  
MP
MP
MP Thanks,  
MP
MP
MP Aaron Visser  


hello,

if i understand your way, you must create a share per user's home dir.
One share with subdir sounds much simple to manage and should provide
better performance..
If you are using one share, i am interested in your solution (as far
as i can remember, the connection limit is per share and not per login
connected to the shares)

Mathieu CHATEAU

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Re: [ActiveDir] GPO question

2006-04-07 Thread Mathieu CHATEAU

Hello Johnny,

you can use the loopback in replace mode which should do the trick
(then a user gpo should be in the OU, even if empty)




Friday, April 7, 2006, 5:38:20 PM, you wrote:

FJ We have a GPO in place for all users to do Folder Redirection of My
FJ Documents. We are experiencing problems with long delays during this
FJ process when users connect to a Citrix Server. This started with 2003
FJ SP1 (there is a potential hot fix from MS, but we are not crazy about
FJ it)

FJ The real question is that I am not finding a way to not apply that GPO
FJ when our users connect to the Citrix servers. Here is what I mean:

FJ A) Typically you can counteract a GPO applied above with a GPO that
FJ disables that same function, like we did recently with Screen Saver
FJ settings. But, Folder redirection of My Documents can not be disabled,
FJ it is just not configured or Configured and pointing to the
FJ redirection location. 

FJ B) There are no GPOs applied to the Terminal Server or Citrix Servers
FJ OUs, but do not want to Block inheritance of GPOs (not best practices
FJ because it is hard to troubleshoot and I am not even sure it is an
FJ option in this case). The Folder Redirection GPO is applied to the USERS
FJ OU and sub OUs based on AD Group membership.

FJ C) Loopback processing seems to be the reverse of what I am trying to
FJ do. Unless I am just not getting it. 

FJ Any other ideas?

FJ Thanks

FJ Johnny Figueroa
FJ Enterprise Network Consultant/Integrator
FJ Network Services Banner Health Voice (602)
FJ 495-4195 Fax (602) 495-4406
FJ  


List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

Re: [ActiveDir] Forestprep Failure

2006-07-06 Thread Mathieu CHATEAU

Hello BEN,

are you in Windows 2000 native mode ? the forest too ? exchange native mode ?

Do you have SMS ? it extends the schema as well.

Cheers,
Mathieu CHATEAU

Thursday, July 6, 2006, 7:43:21 PM, you wrote:

I am working to perform a domain upgrade from 2000 to 2003 R2 and I am running into problems right from the start when attempting an ADPREP /FORESTPREP. The domain also has Exchange 2003 running as well. Also, we have never extended the schema with Services for Unix 2.0 which I know can create some issues as well.

I am currently working in a test environment in which we took a recent full tape backup of one of our domain controllers, and restored it in a separate network. As this is a test environment, this restored domain controller is the ONLY domain controller in existence and all FSMO roles have been transferred to it.

Here is the output from my ADPREP /FORESTPREP attempt. Im looking for assistance on how to fix these schema attributes so the FORESTPREP will be successful. As Im working in a test environment, I am afforded the ability to make the necessary changes and see what it breaks to determine what made these schema changes (if anything).

C:\WIN2K3R2\CMPNENTS\R2\ADPREPadprep /forestprep

ADPREP WARNING:

Before running adprep, all Windows 2000 domain controllers in the forest should
be upgraded to Windows 2000 Service Pack 1 (SP1) with QFE 265089, or to Windows
2000 SP2 (or later).

QFE 265089 (included in Windows 2000 SP2 and later) is required to prevent poten
tial domain controller corruption.

For more information about preparing your forest and domain see KB article Q3311
61 at http://support.microsoft.com.

[User Action]
If ALL your existing Windows 2000 domain controllers meet this requirement, type
C and then press ENTER to continue. Otherwise, type any other key and press ENT
ER to quit.

=
"attributeSyntax" attribute value for objects defined in Windows 2000 schema and
extended schema do not match.

A previous schema extension has defined the attribute value as "2.5.5.5" for obj
ect "CN=uid,CN=Schema,CN=Configuration,DC=appsig,DC=com" differently than the sc
hema extension needed for Windows 2003 server .
[Status/Consequence]
Adprep cannot extend your existing schema
[User Action]
Contact the vendor of the application that previously extended the schema to res
olve the inconsistency. Then run adprep again.

=
"attributeId" attribute value for objects defined in Windows 2000 schema and ext
ended schema do not match.

A previous schema extension has defined the attribute value as "1.2.840.113556.1
.4.7000.233.28688.28684.8.192196.1165976.1266044.855334" for object "CN=roomNumb
er,CN=Schema,CN=Configuration,DC=appsig,DC=com" differently than the schema exte
nsion needed for Windows 2003 server .
[Status/Consequence]
Adprep cannot extend your existing schema
[User Action]
Contact the vendor of the application that previously extended the schema to res
olve the inconsistency. Then run adprep again.

=
"isSingleValued" attribute value for objects defined in Windows 2000 schema and
extended schema do not match.

A previous schema extension has defined the attribute value as "TRUE" for object
"CN=roomNumber,CN=Schema,CN=Configuration,DC=appsig,DC=com" differently than th
e schema extension needed for Windows 2003 server .
[Status/Consequence]
Adprep cannot extend your existing schema
[User Action]
Contact the vendor of the application that previously extended the schema to res
olve the inconsistency. Then run adprep again.

--
Best regards,
Mathieu mailto:[EMAIL PROTECTED]

List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re[2]: [ActiveDir] Forestprep Failure

2006-07-06 Thread Mathieu CHATEAU

Hello BEN,

since you only did one DR, does it mean that the same coputer is both DC and Exchange ?

I now limitations when Exchange is on a DC.

Since you can restore again, can you shoot of exchange before ?

Thursday, July 6, 2006, 10:12:58 PM, you wrote:

Hello Mathieu,
Yes, we run a fairly simple domain setup. Single domain, single forest.
We are running in Windows 2000 native mode for domain and forest. Exchange 2003 is also in native mode.
And nice catch on SMS, I deployed it myself and shouldve remembered to mention that. We do have SMS 2003 in our environment with the schema extended of course.
~Ben

From:Mathieu CHATEAU [mailto:[EMAIL PROTECTED]
Sent:Thursday, July 06, 2006 11:21 AM
To:WATSON, BEN
Cc:ActiveDir@mail.activedir.org
Subject:Re: [ActiveDir] Forestprep Failure

Hello BEN,

are you in Windows 2000 native mode ? the forest too ? exchange native mode ?

Do you have SMS ? it extends the schema as well.

Cheers,
Mathieu CHATEAU

Thursday, July 6, 2006, 7:43:21 PM, you wrote:

C:\WIN2K3R2\CMPNENTS\R2\ADPREPadprep /forestprep

ADPREP WARNING:

Before running adprep, all Windows 2000 domain controllers in the forest should
be upgraded to Windows 2000 Service Pack 1 (SP1) with QFE 265089, or to Windows
2000 SP2 (or later).

QFE 265089 (included in Windows 2000 SP2 and later) is required to prevent poten
tial domain controller corruption.

For more information about preparing your forest and domain see KB article Q3311
61 at http://support.microsoft.com.

[User Action]
If ALL your existing Windows 2000 domain controllers meet this requirement, type
C and then press ENTER to continue. Otherwise, type any other key and press ENT
ER to quit.

=
"attributeSyntax" attribute value for objects defined in Windows 2000 schema and
extended schema do not match.

=
"attributeId" attribute value for objects defined in Windows 2000 schema and ext
ended schema do not match.

=
"isSingleValued" attribute value for objects defined in Windows 2000 schema and
extended schema do not match.

--
Best regards,
Mathieu mailto:[EMAIL PROTECTED]

List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re[2]: [ActiveDir] Forestprep Failure

2006-07-06 Thread Mathieu CHATEAU

Hello BEN,

Just for info, i already had some trouble after doing a P2V of one DC.

When i tried to install Exchange on it, domainprep was freezing, trying to contact the other DC which i didn't P2V's.

Zeising the role was enough, i needed to remove it from AD.

cheers,
Mathieu CHATEAU

Thursday, July 6, 2006, 10:12:58 PM, you wrote:

From:Mathieu CHATEAU [mailto:[EMAIL PROTECTED]
Sent:Thursday, July 06, 2006 11:21 AM
To:WATSON, BEN
Cc:ActiveDir@mail.activedir.org
Subject:Re: [ActiveDir] Forestprep Failure

Hello BEN,

are you in Windows 2000 native mode ? the forest too ? exchange native mode ?

Do you have SMS ? it extends the schema as well.

Cheers,
Mathieu CHATEAU

Thursday, July 6, 2006, 7:43:21 PM, you wrote:

C:\WIN2K3R2\CMPNENTS\R2\ADPREPadprep /forestprep

ADPREP WARNING:

Before running adprep, all Windows 2000 domain controllers in the forest should
be upgraded to Windows 2000 Service Pack 1 (SP1) with QFE 265089, or to Windows
2000 SP2 (or later).

QFE 265089 (included in Windows 2000 SP2 and later) is required to prevent poten
tial domain controller corruption.

For more information about preparing your forest and domain see KB article Q3311
61 at http://support.microsoft.com.

[User Action]
If ALL your existing Windows 2000 domain controllers meet this requirement, type
C and then press ENTER to continue. Otherwise, type any other key and press ENT
ER to quit.

=
"attributeSyntax" attribute value for objects defined in Windows 2000 schema and
extended schema do not match.

=
"attributeId" attribute value for objects defined in Windows 2000 schema and ext
ended schema do not match.

=
"isSingleValued" attribute value for objects defined in Windows 2000 schema and
extended schema do not match.

--
Best regards,
Mathieu mailto:[EMAIL PROTECTED]

List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Domain rename [DONE!]

2006-07-09 Thread Mathieu CHATEAU

Hello,

I finally renamed our AD Domain yesterday !

Here are the sticky steps:

For SQL, I asked the PSS : you need to go trough the SQL Setup, see:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;319016

Then you need to recreate ALL AD Users in SQL.

For the filer/printer cluster, i followed:
http://support.microsoft.com/kb/269196/


For Exchange, i followed the same KB but only after issuing the
xdr-fixup.

SMS 2003 Was removed and installed again after (we exported our
collections/ query as MOF file)

WSUS didn't have any issue, we didn't removed it.

Norton passed trough without any trouble, server and client still
communicate well.

Citrix is a bad one, needed to create again all users, and we didn't
change the farm name (same as domain); if you do so, you have to
recreate all publish.

For the NT Service, i used a vbscript to find all of them, the same
for scheduled tasks.

About the scheduled tasks, when you change the first, all are updated
!


So everything was fine, except one mistake from me : I issued the
/clean too fast, workstation weren't migrated yet.. Too bad..We had to
brought them out  in the domain.

Hope this will help others in the same case,

cheers,
Mathieu CHATEAU

Wednesday, July 5, 2006, 9:52:53 AM, you wrote:

gff hello,

gff we are about to do a domain rename soon.
gff We Have :
gff two DC, Windows 2003 SP1 last update.
gff AD in native windows 2003 domain
gff Forest in native mode.

gff I am a bit worried about:
gff -We have 3 clusters : Exchange, Filer, SQL 2000
gff -We have SMS 2003 (will deinstall/reinstall)
gff -We have WSUS (will deinstall/reinstall)
gff -Norton corporate 10
gff -Citrix Metaframe PPS 3.0
gff -We have some services that uses DOMAIN\adminaccount

gff if someone have pointer, i am interested in !

gff Cheers,
gff Mathieu CHATEAU

gff List info   : http://www.activedir.org/List.aspx
gff List FAQ: http://www.activedir.org/ListFAQ.aspx
gff List archive: http://www.activedir.org/ml/threads.aspx



-- 
Best regards,
 Mathieumailto:[EMAIL PROTECTED]

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Can the Gods return to our domain? an ex-DC naming question

2006-08-18 Thread Mathieu CHATEAU

Hello Steven,

why not choosing another god's name ? :)

After all, this is just a name !

Since you can dcpromo down the server, it should be ok.
Just be sure to remove replicate link and it's computer object from ADUC...Cleaning DNS

my 2 cents,

Mathieu CHATEAU

Friday, August 18, 2006, 9:30:19 PM, you wrote:

Hello list,

(Skip the first Paragraph if your in a rush :p It is a self introduction.)

This is my first post so I would like to introduce myself and say hello to everyone and thanks for the bucket loads of good info floating around. I am relatively new to the industry and this is my first permanent job since University, I have just 8 months in my current role after 6 months of contracting for a large Aerospace company. I work for a consultancy that mainly provides software solutions using .net. I am working as a Systems Admin and am totally responsible for our internal systems (25 or so servers including development boxes) and also for several external clients server environments. I have been trying to pick up as much as possible by reading books, blogs, whitepapers and gathering advice from the many helpful individuals in this community. With that in mind forgive me for any newbie mistakesJ Thanks again and on that note, I hope one day to be as useful as many of you already are.

Ok so here is the situation: I am planning an Active Directory 2k and Exchange 2k upgrade to 2k3. Our servers are named after Greek / Roman Gods hence the subject.

I have 2 DCs Ceres and Hades (also the Exchange server) and a third new server running server 2k3 (Server3 currently unnamed) which shall replace the DC Ceres. I plan to do an in place upgrade of Exchange on Hades, join Server3 to the domain install Exchange 2k3 move all the mail boxes, public folders and system folders then demote Hades remove it from the domain, rebuild it with 2003 and rejoin it again and dcpromo. Finally I will demote, remove Ceres and bin it (its very old :p) . Ok so maybe I have simplified this a bit but you get the general idea, enough to answer my question.

My question is.. Can I use the name Hades again when it is rebuilt and re-made a DC? I presume if the name Ceres is given to another box it wont matter unless that box goes on to become a DC too.

I know the answer to the above is yes but it requires some tweaking using ADSIedit. This is the part I dont know. What needs to be changed and what precautions can I take before making this change to ensure I wont mess it up?

Oh and Dont worry I am doing this on Virtuals at the moment and will do multiple full backups on the live systems before I start this :p

Thanks

Steven Johnston

--
Best regards,
Mathieu mailto:[EMAIL PROTECTED]

List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Enumerating Group type and Mebership...

2006-08-19 Thread Mathieu CHATEAU





Hello Mike,

Try this one:
-
Option Explicit
Dim objDomain, objUser, objGroup


Set objDomain = GetObject("WinNT://MyDomain")
objDomain.Filter = Array("user")


For Each objUser In objDomain
 Wscript.Echo "User: "  objUser.Name
 For Each objGroup In objUser.Groups
  Wscript.Echo "-- Member of group: "  objGroup.Name
 Next
Next


objDomain.Filter = Array("group")


For Each objGroup In objDomain
 Wscript.Echo "Group: "  objGroup.Name
 For Each objUser In objGroup.Members
  Wscript.Echo "-- Member: "  objUser.Name
 Next
Next


Fire it with something like cscript dump.vbs  dump.txt


Just my 2 cents
Mathieu CHATEAU
http://lordoftheping.blogspot.com


Tuesday, July 25, 2006, 8:49:11 PM, you wrote:







All,

Im trying to enumerate all groups in my AD environment. I need to get Group name group type and group members for each group

Ive tried some sample _vbscript_s fromhttp://www.microsoft.com/technet/scriptcenter/resources/qanda/apr05/hey0419.mspx

Then I tried (below) but It still doesnt seem to pull back everything I need- Any help would be great! In a perfect world -J- I need a list of all security groups and distribution groups and their members
Thanks,
Mike

Enumerate Security Groups and Member in Domain

csvde -f c:\tmp\SecurityGroups.csv -p subtree -l cn,mail,member -r "(|((objectCategory=Group)(objectClass=Group)(|(groupType=-2147483644)(groupType=-2147483646)(groupType=-2147483640" -j c:\tmp


Enumerate Distribution Groups and Member in Domain

csvde -f c:\tmp\DistributionLists.csv -p subtree -l cn,mail,member -r "(|((objectCategory=Group)(objectClass=Group)(|(groupType=8)(groupType=4)(groupType=2" -j c:\tmp










--
Best regards,
Mathieu  mailto:[EMAIL PROTECTED]



List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re[2]: [ActiveDir] Exchange question

2006-08-22 Thread Mathieu CHATEAU

It all depend on the smtp traffic your company has...
And how fast you server process mail..

in the MS doc "ExchangeServer 2003 Design and Architecture at Microsoft "

MS use a 50GB partition to hold the SMTP Queue.

In my opnion, it also depends who sends mail to the internet.

If you have a dedicated smtp gateway, then your exchange will empty it's queue on the smtp gateway (will always success)
while your smtp gateway will have to do many retries on many domain...

my two cents,

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Tuesday, August 22, 2006, 10:14:09 PM, you wrote:

I dont guess I ever thought about moving mailroot, but that is a really good idea. Heres an article that tells how to do it just so no one has to go looking..
http://support.microsoft.com/?kbid=822933

From:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf OfAl Mulnick
Sent:Tuesday, August 22, 2006 3:02 PM
To:ActiveDir@mail.activedir.org
Subject:Re: [ActiveDir] Exchange question

Just to add my $0.04 worth:

By the time you ask what's the minimum, it's usually too late and not enough. The SMTP queue drive should, as a general rule, not get below 10% free space. The way the product works, every smtp message is accepted then acted upon. What that means to you is that SMTP messages are going to hit the disk hard. This indicates that you want to separate that I/O from the rest of the server where possible. That would mean that you'd typically place this directory on a dedicated set of spindles and the smallest drive size you'll likely find these days is a 72GB drive. If your average message is ~100KB, then you have approximately 72GB/(100KB-10%) of space before you would even want to consider that your drive should stop. That's a lot of a messages for most corporate implementations and could easily translate into several days worth of mail at those numbers.

Wouldn't you want your mail system to stop sending at some point like that? So that you go find the issue and resolve it?

Honestly, I think the better questions to ask are going to be along the lines of what is the typical formula for figuring out drive performance and sizing of Exchange server drives for the various i/o types? That will give you the better idea of what you can and should not get away with on those disks if you need to make changes. If you don't make changes, at least you'll know the areas to be aware of.

My thoughts anyway.

On 8/22/06,Akomolafe, Deji[EMAIL PROTECTED] wrote:
minimum amount of HD space needed for the smtp to work?
It depends mostly on how busy is the server.

Also, if the hard drive gets full will that stop the queue from delivering the emails?
Of course.

Sincerely,
_
(, / | /)/) /)
/---| (/_ __ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.com- we know IT
-5.75, -3.23
Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon

From:Ramon Linan
Sent:Tue 8/22/2006 11:51 AM
To:ActiveDir@mail.activedir.org
Subject:[ActiveDir] Exchange question

Hi,

I have 2 emails server in 2 different locations.
All the sudden emails are not coming from one server to the other, I found out that smtp queue folder was in a hard drive that was running out of space.

Do you guys know what is the minimum amount of HD space needed for the smtp to work?

Also, if the hard drive gets full will that stop the queue from delivering the emails?

Thanks

Rezuma

List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re[3]: [ActiveDir] Exchange question

2006-08-22 Thread Mathieu CHATEAU

Just to add that they also put 5000 Mailboxes of 250MB on the server.

50GB / 5000 mailboxes = 10,24 MB of smtp queue/mailbox on average.

Of course you will want a minimum size, anyway the number of mailboxes!

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Tuesday, August 22, 2006, 10:45:44 PM, you wrote:

It all depend on the smtp traffic your company has...
And how fast you server process mail..

in the MS doc "Exchange Server 2003 Design and Architecture at Microsoft "

MS use a 50GB partition to hold the SMTP Queue.

In my opnion, it also depends who sends mail to the internet.

If you have a dedicated smtp gateway, then your exchange will empty it's queue on the smtp gateway (will always success)
while your smtp gateway will have to do many retries on many domain...

my two cents,

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Tuesday, August 22, 2006, 10:14:09 PM, you wrote:

From:[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf OfAl Mulnick
Sent:Tuesday, August 22, 2006 3:02 PM
To:ActiveDir@mail.activedir.org
Subject:Re: [ActiveDir] Exchange question

Just to add my $0.04 worth:

Wouldn't you want your mail system to stop sending at some point like that? So that you go find the issue and resolve it?

My thoughts anyway.

On 8/22/06,Akomolafe, Deji[EMAIL PROTECTED] wrote:
minimum amount of HD space needed for the smtp to work?
It depends mostly on how busy is the server.

Also, if the hard drive gets full will that stop the queue from delivering the emails?
Of course.

From:Ramon Linan
Sent:Tue 8/22/2006 11:51 AM
To:ActiveDir@mail.activedir.org
Subject:[ActiveDir] Exchange question

Hi,

Do you guys know what is the minimum amount of HD space needed for the smtp to work?

Also, if the hard drive gets full will that stop the queue from delivering the emails?

Thanks

Rezuma

List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx

List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Best Practice for replacing a DC

2006-08-23 Thread Mathieu CHATEAU

Hello Bob,

-Buy the new server
-Install W2K3 SP1 + Full update
-dcpromo to the domain
-Transfer all 5 FSMO roles to this new server
-Make this new server Global catalog
-Checkup DNS, DHCP if applicable
-Wait for replication

Then you should poweroff the old one to be sure everything is ok.

If ok,
-power on the old one
-dcpromo the old one (and NO, It's not the last of the domain)
-power off


You should always have at least 2 DC and 2 global catalog.

When all DC are W2K3, you can raise the forest and domain to native
W2K3

 my 2 cents

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Wednesday, August 23, 2006, 8:15:33 PM, you wrote:

BA Good Afternoon,
BA This is a rather newbie question.  We have an aging HP server
BA that is our present DC it is running W2K. We would like to replace it
BA with a new box running Windows 2003 Std R2. 
BA What is the best practice on bringing the new DC online and
BA decommissioning the old server.  The new server will replace the DC and
BA another member server. We also have a windows 3003 Exchange Server and a
BA Windows 200 SQL Server machine that will be staying.  Eventually we will
BA upgrade the Windows 2000 box to 2003 giving us a full windows 2003
BA domain.


BA Thanks
BA Bob Anderson
BA IT Guy
BA Kent Sporting Goods. 
BA List info   : http://www.activedir.org/List.aspx
BA List FAQ: http://www.activedir.org/ListFAQ.aspx
BA List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] OU tareq

2006-08-24 Thread Mathieu CHATEAU





Hello tareq,


use the restricted group
make mydomain\Domain users members of the "Administrators" group.

Take care of the way you do it, else it will empty the local group before appending domain users.


The GPO is computer based

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Thursday, August 24, 2006, 4:13:59 PM, you wrote:







dears,
How i can build a group policy that permit normal account in the active directory to loginas Local Admin for any computer in one OU.

tareq


All-new Yahoo! Mail- Fire up a more powerful email and get things done faster.







List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

[ActiveDir] [OT] CHKDSK NTFS.SYS bugs = Security descriptor issue / resolved

2006-08-27 Thread Mathieu CHATEAU

Hello ActiveDir,

I know this is out of topic, but it I think this is a non common issue
to know about.

I just came across a bug on ntfs.sys. It made chkdsk reporting many
errors on security descriptors like this:

Replacing invalid security id with default security id for file 1396371.
Replacing invalid security id with default security id for file 1396372.
Replacing invalid security id with default security id for file 1429033.
Fixing mirror copy of the security descriptors data stream.
Security descriptor verification completed.
Windows found problems with the file system.
Run CHKDSK with the /F (fix) option to correct these.

At the beginning I just thought about data corruption. I just opened a
call to pss to get the good way to handle it (it's on a MSCS cluster).

In fact, this is a ntfs.sys bug, that should raise with 4 Millions of
File or an MFT of 4GB. We have 1,6 Millions of files.

original: http://support.microsoft.com/default.aspx?scid=kb;EN-US;913034
The Chkdsk.exe utility incorrectly identifies and resets security descriptors 
in Windows Server 2003

New one: http://support.microsoft.com/default.aspx?scid=kb;en-us;915691
FIX: The system stops responding during high disk activity on a computer that 
is running Windows Server 2003

the last version of ntfs.sys is 5.2.3790.2655
MS gave us an internal tool get trough this SD issue.

You can read the full story on my blog: http://lordoftheping.blogspot.com
  

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

2006-08-27 Thread Mathieu CHATEAU

Hello Victor,

you will at least need an account that can access all mailboxes (not a domain admins one)
(or give a script to everyone that they will execute)

To my knowledge, quota is mailbox based. You may set up a special retention on this folder.

sample _vbscript_ to create the private folder
set olApp = CreateObject("Outlook.Application")
set inbox = olApp.GetNamespace("MAPI").getDefaultFolder(6)
set temp5 = inbox.folders.add("Private",6)

hope it helps,

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Sunday, August 27, 2006, 8:57:03 PM, you wrote:

Does anybody know what is the 'best' way to add automatically a folder to existing mailboxes and set a quota on that same folder?
We would like all our users to get a folder called "private" added to the root of their mailbox and if possible, a quota to be set to that folder.

Can this be done by scripting easily or is there perhaps even a tool which is capable of doing this?

This also counts for new, still to be created users. I mean, every user that will be created will have to have that certain folder added to his or her mailbox.
Offcourse this could be done by running the script a couple of times a day, checking if the folder exists allready and if not, adding it. Or perhaps it can even by realised the moment a user has been created.

Any ideas are greatly appreciated.

List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

2006-08-27 Thread Mathieu CHATEAU





Hello Victor,

If the folder already exist, it will simply do nothing, except going into errors..
need to add a on error resume next or test if the folder exist before.
will create in the inbox, as a subfolder

I don't see your goal with this folder...except if you turn special rights on it.

may ask them to put it [private] in the subject instead (it will work for the sent folders)




Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Sunday, August 27, 2006, 10:26:59 PM, you wrote:

VW 
VW 
VW Thanks Mathieu, nice.
VW 
VW 
VW 
VW Does this create a folder in the root of the mailbox?
VW 
VW Access all mailboxes you say, that sounds logical. I know that
VW domain admins indeed dont actually have the full mailbox access (they have some denies).
VW 
VW 
VW 
VW What if a user already has the folder, does this script take this into account?
VW 
VW 
VW 
VW Again thanks.
VW 
VW 
VW 
VW 
VW 
VW Victor

VW 
VW 

VW From: Mathieu CHATEAU [mailto:[EMAIL PROTECTED]
VW Sent: zondag 27 augustus 2006 22:04
VW To: Victor W.
VW Cc:ActiveDir@mail.activedir.org
VW Subject: Re: [ActiveDir] Add folder with quota to existing
VW mailboxes - via scripting or tool

VW 
VW 
VW Hello Victor,
VW 

VW 

VW 
VW you will at least need an account that can access all mailboxes (not a domain admins one)
VW 
VW (or give a script to everyone that they will execute)
VW 

VW 
VW To my knowledge, quota is mailbox based. You may set up a special retention on this folder.
VW 

VW 
VW sample _vbscript_ to create the private folder
VW 
VW set olApp = CreateObject("Outlook.Application")  
VW 
VW set inbox = olApp.GetNamespace("MAPI").getDefaultFolder(6)
VW 
VW set temp5 = inbox.folders.add("Private",6)
VW 

VW 
VW hope it helps,
VW 

VW 
VW Regards,
VW 
VW Mathieu CHATEAU
VW 
VW http://lordoftheping.blogspot.com
VW 

VW 
VW Sunday, August 27, 2006, 8:57:03 PM, you wrote:
VW 

VW 
VW 

VW  
VW Does anybody know what is the 'best' way to add   
VW automatically a folder to existing mailboxes and set a quota on that samefolder?
VW 
VW We would like all our users to get a folder called   
VW "private" added to the root of their mailbox and if possible, a
VW quota tobe set to that folder.
VW 
VW 
VW 
VW Can this be done by scripting easily or is thereperhaps
VW even a tool which is capable of doing this?
VW 
VW 
VW 
VW This also counts for new, still to be created users.I
VW mean, every user that will be created will have to have that
VW certainfolder added to his or her mailbox.
VW 
VW Offcourse this could be done by running the script a   
VW couple of times a day, checking if the folder exists allready and
VW if not,adding it. Or perhaps it can even by realised the
VW moment a user has beencreated.
VW 
VW 
VW 
VW Any ideas are greatly appreciated.
VW 
VW 
VW 
VW 
VW 
VW 
VW 
VW 
VW 
VW 

VW 



List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Auto Logon

2006-08-29 Thread Mathieu CHATEAU

Hello Za,

try using autlogon.exe from sysinternals.

Works in our case.


Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Tuesday, August 29, 2006, 2:16:44 PM, you wrote:

ZV Domain: Windows 2003
ZV Clients: Xp w/sp2

ZV Problem: The autologon registry hack on 3 of my lab machines will not 
ZV stay permanent. All machines restart each morning at 2:00 AM and they 
ZV automatically  log in to the domain. In the morning if I re-apply the 
ZV auto logon registry hack the machines work fine the rest of the day, no
ZV matter how many reboots.Comments? Suggestions?

ZV Thanks,
ZV Z.V.
ZV List info   : http://www.activedir.org/List.aspx
ZV List FAQ: http://www.activedir.org/ListFAQ.aspx
ZV List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

2006-08-29 Thread Mathieu CHATEAU

Hello joe,

 Adding the vbscript to the logon script would do the trick.

 For the rest, it also depends where you live. In France, you can't
 just open the employees mailboxes. Our laws protect individual's
 privacy.

 Companies sometimes prefers uses using the company mailboxes for
 personal use than having users opening mails on webmail, which may
 contain virus  co (going through smtp gateway allow more protection
 against virus, instead of just having the workstation antivirus as
 the only shield).


Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Monday, August 28, 2006, 3:45:31 PM, you wrote:

j This sounds kooky. What does the customer intend to do with the rest of the
j mailbox or how do they intend to specially treat the private folder? What
j about the calendar and tasks? Private or not? 

j Currently there really isn't a good technical solution to this. About the
j best is that you tack onto the end of the script you use to mailbox enable
j users and it logs into the mailbox so it gets instantiated and then creates
j the folder; you can't specify Exchange to create a folder once the mailbox
j is instantiated later. As Brian indicated, you also can't set a quota on the
j folder. 

j Now with the above you still have the issue of people not using your script
j to mailbox enable users (or say doing a mailbox reconnect) so at some point
j you would have to be scanning mailboxes looking for that folder and adding
j it if missing. Depending on the number of mailboxes this could be something
j that has to be constantly running because it can take a long time to log in
j and check all of those mailboxes. Personally I hate writing scripts that
j loop through all mailboxes like that as they always seem to get screwed up
j after a bit. The whole programmatic aspect of Exchange mailboxes and logging
j into them, etc is flakey and slow, IMO. 

j Probably the better solution is just to tell people, hi, if you get private
j or personal email, create a folder called private and put it in there. The
j rest of your mailbox is not considered private and we will be xxx. Where
j the xx is whatever it is the customer intends to do with the rest of the
j mailbox or how they expect to treat the private folder differently from the
j rest of the mailbox. 

j Personally again, I say it is all kooky. IMO, when you really get down to
j it, none of a business mailbox is private/personal. The company can go into
j any part of any mailbox any time they want. They have legal obligations to
j do so in some cases and in other cases it could become necessary for
j troubleshooting. If the customer thinks administrators will just avoid those
j folders when working on mailboxes they are almost certainly wrong, if
j anything, if you have an admin who does that kind of perusing, that would be
j the first place they would go hunting in. 


j --
j O'Reilly Active Directory Third Edition -
j http://www.joeware.net/win/ad3e.htm 
j  

j -Original Message-
j From: [EMAIL PROTECTED]
j [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
j Sent: Monday, August 28, 2006 5:00 AM
j To: ActiveDir@mail.activedir.org
j Subject: RE: [ActiveDir] Add folder with quota to existing mailboxes - via
j scripting or tool

j Thanks Brian and Mathieu,

j I will tell a little bit more about the background of this. The 
j customer has asked for a folder called private to be created in the 
j root of every users mailbox and if possible set a quota to this folder.

j After this has been done, the customer wants to instruct his users to 
j use only this folder only as their personal/private email folder and 
j move everything that the users sees as being private, to the private 
j folder. From that moment on, all other folders in the users mailboxes 
j are no longer considered as private/personal.

j I do have some additional questions:

j - how would the script look if the requirement would be to create the 
j folder in the root.

j - The way the script is set up now, do I have to set up which users 
j this script will apply to, I mean will it now apply to all users in the
j entire domain which are mailbox enabled?

j - Is there any way that I can specify which users this script has to be
j applied to, I mean can I run it against all mailbox enabled users in a
j specific OU?





j 
j ---
j Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via 
j scripting or tool
j From: Mathieu CHATEAU [EMAIL PROTECTED] 
j Date: Mon, 28 Aug 2006 00:24:47 +0200 

j 
j 

j Hello Victor,

j If the folder already exist, it will simply do nothing, except going 
j into errors..

j need to add a on error resume next or test if the folder exist before.

j will create  in the inbox, as a subfolder

j I don't see your goal with this folder...except if you turn special 
j rights on it.

j

Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

2006-08-29 Thread Mathieu CHATEAU


this script goes through outlook.
Each user need to fire this script (or fire it via logon script).

for the Root Folder, change:
set inbox = olApp.GetNamespace(MAPI).getDefaultFolder(6)

to

set inbox = olApp.GetNamespace(MAPI).Folder(Personal Folder)
(should do the trick but i didn't test it yet)



Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Monday, August 28, 2006, 11:00:14 AM, you wrote:

vwpn Thanks Brian and Mathieu,

vwpn I will tell a little bit more about the background of this. The 
vwpn customer has asked for a folder called private to be created in the 
vwpn root of every users mailbox and if possible set a quota to this folder.

vwpn After this has been done, the customer wants to instruct his users to 
vwpn use only this folder only as their personal/private email folder and 
vwpn move everything that the users sees as being private, to the private 
vwpn folder. From that moment on, all other folders in the users mailboxes 
vwpn are no longer considered as private/personal.

vwpn I do have some additional questions:

vwpn - how would the script look if the requirement would be to create the 
vwpn folder in the root.

vwpn - The way the script is set up now, do I have to set up which users 
vwpn this script will apply to, I mean will it now apply to all users in the
vwpn entire domain which are mailbox enabled?

vwpn - Is there any way that I can specify which users this script has to be
vwpn applied to, I mean can I run it against all mailbox enabled users in a
vwpn specific OU?





vwpn 
vwpn ---
vwpn Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via 
vwpn scripting or tool
vwpn From: Mathieu CHATEAU [EMAIL PROTECTED] 
vwpn Date: Mon, 28 Aug 2006 00:24:47 +0200 

vwpn 
vwpn 

vwpn Hello Victor,

vwpn If the folder already exist, it will simply do nothing, except going 
vwpn into errors..

vwpn need to add a on error resume next or test if the folder exist before.

vwpn will create  in the inbox, as a subfolder

vwpn I don't see your goal with this folder...except if you turn special 
vwpn rights on it.

vwpn may ask them to put it [private] in the subject instead (it will work 
vwpn for the sent folders)

vwpn Regards,

vwpn Mathieu CHATEAU

vwpn http://lordoftheping.blogspot.com




vwpn Sunday, August 27, 2006, 10:26:59 PM, you wrote:


vwpn Thanks Mathieu, nice.

vwpn Does this create a folder in the root of the  mailbox?
vwpn  
vwpn Access all mailboxes you say, that sounds logical. I know  that
vwpn domain admins indeed dont actually have the full mailbox access (they 
vwpn have  some denies).

vwpn What if a user already has the folder, does this script  take this into
vwpn account?

vwpn Again thanks.

vwpn Victor










vwpn From: Mathieu CHATEAU [mailto:[EMAIL PROTECTED] 

vwpn Sent: zondag 27 augustus 2006 22:04
vwpn To: Victor  W.

vwpn Cc: [EMAIL PROTECTED]

vwpn Subject: Re: [ActiveDir]  Add folder with quota to existing
vwpn mailboxes - via scripting or  tool


vwpn Hello Victor,

vwpn you will at least need an account that can access all mailboxes (not a
vwpn domain  admins one)

vwpn (or give a script to everyone that they will execute)

vwpn To my knowledge, quota is mailbox based. You may set up a special 
vwpn retention  on this folder.


vwpn sample _vbscript_ to create the private folder

vwpn set olApp = CreateObject(Outlook.Application) 
vwpn set inbox = olApp.GetNamespace(MAPI).getDefaultFolder(6) 
vwpn set temp5 = inbox.folders.add(Private,6) 

vwpn hope it helps,

vwpn Regards,
vwpn  

vwpn Mathieu CHATEAU



vwpn http://lordoftheping.blogspot.com








vwpn Sunday, August 27, 2006, 8:57:03 PM, you wrote:


vwpn Does anybody know what is the 'best' way to add   

vwpn automatically a folder to existing mailboxes and set a quota on that 
vwpn same folder?

vwpn We would like all our users to get a folder called   

vwpn private added to the root of their mailbox and if possible, a quota 
vwpn to be set to that folder.

vwpn Can this be done by scripting easily or is there perhaps

vwpn even a tool which is capable of doing this?

vwpn This also counts for new, still to be created users. I mean, every user
vwpn that will be created will have to have that certain folder added to his
vwpn or her mailbox.

vwpn Offcourse this could be done by running the script a   
vwpn couple of times a day, checking if the folder exists allready and

vwpn if not, adding it. Or perhaps it can even by realised the

vwpn moment a user has been created.
vwpn   
vwpn Any ideas are greatly appreciated.
vwpn List info   : http://www.activedir.org/List.aspx
vwpn List FAQ: http://www.activedir.org/ListFAQ.aspx
vwpn List archive: http://www.activedir.org/ml/threads.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List

Re[4]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

2006-08-30 Thread Mathieu CHATEAU

Hello Victor,

sorry.

Here is the working for the Root folder:
On Error Resume Next

set olApp = CreateObject(Outlook.Application)
set inbox = olApp.GetNamespace(MAPI).getDefaultFolder(6).Parent
set temp5 = inbox.folders.add(Added by vbscript,6)


Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Wednesday, August 30, 2006, 8:01:50 PM, you wrote:

VW Thanks for this Mathieu, the script which creates the folder under the inbox
VW works good.
VW To create it in the root must be a little more complex because this doesnt
VW work yet.
VW When I fire up the script it prompts me with the following error:

VW Error:  Object doesnt support this property or method:
VW 'olApp.GetNamespace(...).Folder' 
VW Code:   800A01B6

VW Can you point me in the right direction to solve this?

VW Cheers,

VW Victor



VW -Original Message-
VW From: [EMAIL PROTECTED]
VW [mailto:[EMAIL PROTECTED] On Behalf Of Mathieu CHATEAU
VW Sent: maandag 28 augustus 2006 11:26
VW To: [EMAIL PROTECTED]
VW Cc: ActiveDir@mail.activedir.org
VW Subject: Re[2]: [ActiveDir] Add folder with quota to existing mailboxes -
VW via scripting or tool


VW this script goes through outlook.
VW Each user need to fire this script (or fire it via logon script).

VW for the Root Folder, change:
VW set inbox = olApp.GetNamespace(MAPI).getDefaultFolder(6)

VW to

VW set inbox = olApp.GetNamespace(MAPI).Folder(Personal Folder) (should do
VW the trick but i didn't test it yet)



VW Regards,
VW Mathieu CHATEAU
VW http://lordoftheping.blogspot.com

VW Monday, August 28, 2006, 11:00:14 AM, you wrote:

vwpn Thanks Brian and Mathieu,

vwpn I will tell a little bit more about the background of this. The 
vwpn customer has asked for a folder called private to be created in 
vwpn the root of every users mailbox and if possible set a quota to this
VW folder.

vwpn After this has been done, the customer wants to instruct his users 
vwpn to use only this folder only as their personal/private email 
vwpn folder and move everything that the users sees as being private, 
vwpn to the private folder. From that moment on, all other folders in 
vwpn the users mailboxes are no longer considered as private/personal.

vwpn I do have some additional questions:

vwpn - how would the script look if the requirement would be to create 
vwpn the folder in the root.

vwpn - The way the script is set up now, do I have to set up which 
vwpn users this script will apply to, I mean will it now apply to all 
vwpn users in the entire domain which are mailbox enabled?

vwpn - Is there any way that I can specify which users this script has 
vwpn to be applied to, I mean can I run it against all mailbox enabled 
vwpn users in a specific OU?





vwpn --
vwpn --
vwpn ---
vwpn Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - 
vwpn via scripting or tool
vwpn From: Mathieu CHATEAU [EMAIL PROTECTED]
vwpn Date: Mon, 28 Aug 2006 00:24:47 +0200

vwpn --
vwpn --
vwpn 

vwpn Hello Victor,

vwpn If the folder already exist, it will simply do nothing, except 
vwpn going into errors..

vwpn need to add a on error resume next or test if the folder exist before.

vwpn will create  in the inbox, as a subfolder

vwpn I don't see your goal with this folder...except if you turn 
vwpn special rights on it.

vwpn may ask them to put it [private] in the subject instead (it will 
vwpn work for the sent folders)

vwpn Regards,

vwpn Mathieu CHATEAU

vwpn http://lordoftheping.blogspot.com




vwpn Sunday, August 27, 2006, 10:26:59 PM, you wrote:


vwpn Thanks Mathieu, nice.

vwpn Does this create a folder in the root of the  mailbox?
vwpn  
vwpn Access all mailboxes you say, that sounds logical. I know  that 
vwpn domain admins indeed dont actually have the full mailbox access 
vwpn (they have  some denies).

vwpn What if a user already has the folder, does this script  take this 
vwpn into account?

vwpn Again thanks.

vwpn Victor










vwpn From: Mathieu CHATEAU [mailto:[EMAIL PROTECTED]

vwpn Sent: zondag 27 augustus 2006 22:04
vwpn To: Victor  W.

vwpn Cc: [EMAIL PROTECTED]

vwpn Subject: Re: [ActiveDir]  Add folder with quota to existing 
vwpn mailboxes - via scripting or  tool


vwpn Hello Victor,

vwpn you will at least need an account that can access all mailboxes 
vwpn (not a domain  admins one)

vwpn (or give a script to everyone that they will execute)

vwpn To my knowledge, quota is mailbox based. You may set up a special 
vwpn retention  on this folder.


vwpn sample _vbscript_ to create the private folder

vwpn set olApp = CreateObject(Outlook.Application) 
vwpn set inbox = olApp.GetNamespace(MAPI).getDefaultFolder(6)
vwpn set temp5 = inbox.folders.add(Private,6)

vwpn hope it helps,

vwpn Regards,
vwpn  

vwpn Mathieu CHATEAU



vwpn http://lordoftheping.blogspot.com








vwpn Sunday, August 27, 2006, 8:57:03 PM

Re[2]: [ActiveDir] Auto Logon

2006-08-31 Thread Mathieu CHATEAU





Hello Za,

try using autlogon.exe from sysinternals:
http://download.sysinternals.com/Files/Autologon.zip

Works great in our case.

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com

Thursday, August 31, 2006, 12:27:13 PM, you wrote:







Tried this and it did not work. I do not have time to worry about it for now.
-Z.V

[EMAIL PROTECTED]wrote:

I had this problem about a year ago. I got it working in the end by changing the logon name from "user" to"[EMAIL PROTECTED]"and it worked fine, give that a go and let us know what happens

C.







Za Vue[EMAIL PROTECTED]
Sent by:[EMAIL PROTECTED]
29/08/2006 13:16



Please respond to
ActiveDir@mail.activedir.org









To


ActiveDir@mail.activedir.org




cc






Subject


[ActiveDir] Auto Logon






















Domain: Windows 2003
Clients: Xp w/sp2

Problem: The autologon registry hack on 3 of my lab machines will not
stay permanent. All machines restart each morning at 2:00 AM and they
automatically log in to the domain. In the morning if I re-apply the
auto logon registry hack the machines work fine the rest of the day, no
matter how many reboots.Comments? Suggestions?

Thanks,
Z.V.
List info  :http://www.activedir.org/List.aspx
List FAQ  :http://www.activedir.org/ListFAQ.aspx
List archive:http://www.activedir.org/ml/threads.aspx









List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx

Re: [ActiveDir] Overlapping AD Subnet Boundaries

2007-01-26 Thread Mathieu CHATEAU

Overlapping AD Subnet Boundariesis it really 10.10.0.0/16 or a mistake (/24) ?
Because your first site won't be able to joint the other one as it will think 
it's local and won't sent packet to the gateway (if it's really a /16). 

If it's a real /24, then it will works as expected (10.10.41.104 will be 
attached to the secondary site).

If it's a /16 and you need router between both site, your configuration can't 
work from a network point of view.
Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


  - Original Message - 
  From: Brian Cline 
  To: ActiveDir@mail.activedir.org 
  Sent: Friday, January 26, 2007 10:19 PM
  Subject: [ActiveDir] Overlapping AD Subnet Boundaries


  Say I create an AD subnet of 10.10.0.0/16 and assign it to our primary site, 
and another subnet as 10.10.41.0/24 and assign it to a secondary site. Will AD 
treat a client address of, say, 10.10.41.104 as a client on the secondary site, 
or will it default to the more general primary subnet? The reason I ask is we 
now have a need for a second AD site (I can see all the enterprise folks 
grinning now) and we have quite a number of other subnets that I'd have to 
manually enter if this is not the case. I don't mind doing it, but I was 
curious either way.

  Brian Cline, Applications Developer
  Department of Information Technology
  GP Trucking Company, Inc.
  803.936.8595 Direct Line
  800.922.1147 Toll-Free (x8595)
  803.739.1176 Fax

Re: [ActiveDir] Overlapping AD Subnet Boundaries

2007-01-27 Thread Mathieu CHATEAU


In my opinion, there is a pure TCP/IP network issue...

A sample example:
The DC is 10.10.0.1 with a netmask of 255.255.0.0 (/16 as indicated).
if you try to ping 10.10.41.104, it will try to communicate on the LAN, 
seeking its arp.

It won't send packet to the gateway since 10.10.41.0 must be on the LAN.

The only way to get it work is to use a Layer 2 link between both site.


Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


- Original Message - 
From: Almeida Pinto, Jorge de [EMAIL PROTECTED]

To: ActiveDir@mail.activedir.org
Sent: Friday, January 26, 2007 11:37 PM
Subject: RE: [ActiveDir] Overlapping AD Subnet Boundaries


it will go for the second site 10.10.41.0/24 (= best matching)

Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services

LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : see sender address



From: [EMAIL PROTECTED] on behalf of Brian Cline
Sent: Fri 2007-01-26 22:19
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Overlapping AD Subnet Boundaries



Say I create an AD subnet of 10.10.0.0/16 and assign it to our primary site, 
and another subnet as 10.10.41.0/24 and assign it to a secondary site. Will 
AD treat a client address of, say, 10.10.41.104 as a client on the secondary 
site, or will it default to the more general primary subnet? The reason I 
ask is we now have a need for a second AD site (I can see all the enterprise 
folks grinning now) and we have quite a number of other subnets that I'd 
have to manually enter if this is not the case. I don't mind doing it, but I 
was curious either way.


Brian Cline, Applications Developer
Department of Information Technology
GP Trucking Company, Inc.
803.936.8595 Direct Line
800.922.1147 Toll-Free (x8595)
803.739.1176 Fax



This e-mail and any attachment is for authorised use by the intended 
recipient(s) only. It may contain proprietary material, confidential 
information and/or be subject to legal privilege. It should not be copied, 
disclosed to, retained or used by, any other party. If you are not an 
intended recipient then please promptly delete this e-mail and any 
attachment and all copies and inform the sender. Thank you.


List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

Re: [ActiveDir] Overlapping AD Subnet Boundaries

2007-01-27 Thread Mathieu CHATEAU


hi,

i am coming from network job, so i am used to sub/super netting somehow :)
thanks anyway !

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


- Original Message - 
From: Brian Desmond [EMAIL PROTECTED]

To: ActiveDir@mail.activedir.org
Sent: Saturday, January 27, 2007 6:47 PM
Subject: RE: [ActiveDir] Overlapping AD Subnet Boundaries


While your math is right you should look up supernetting and subnetting 
somewhere.


Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132


-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Mathieu CHATEAU
Sent: Saturday, January 27, 2007 4:17 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Overlapping AD Subnet Boundaries

In my opinion, there is a pure TCP/IP network issue...

A sample example:
The DC is 10.10.0.1 with a netmask of 255.255.0.0 (/16 as indicated).
if you try to ping 10.10.41.104, it will try to communicate on the LAN,
seeking its arp.
It won't send packet to the gateway since 10.10.41.0 must be on the
LAN.

The only way to get it work is to use a Layer 2 link between both site.


Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


- Original Message -
From: Almeida Pinto, Jorge de [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Friday, January 26, 2007 11:37 PM
Subject: RE: [ActiveDir] Overlapping AD Subnet Boundaries


it will go for the second site 10.10.41.0/24 (= best matching)

Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services

LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
(   Tel : +31-(0)40-29.57.777
(   Mobile : +31-(0)6-26.26.62.80
*   E-mail : see sender address



From: [EMAIL PROTECTED] on behalf of Brian Cline
Sent: Fri 2007-01-26 22:19
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Overlapping AD Subnet Boundaries



Say I create an AD subnet of 10.10.0.0/16 and assign it to our primary
site,
and another subnet as 10.10.41.0/24 and assign it to a secondary site.
Will
AD treat a client address of, say, 10.10.41.104 as a client on the
secondary
site, or will it default to the more general primary subnet? The reason
I
ask is we now have a need for a second AD site (I can see all the
enterprise
folks grinning now) and we have quite a number of other subnets that
I'd
have to manually enter if this is not the case. I don't mind doing it,
but I
was curious either way.

Brian Cline, Applications Developer
Department of Information Technology
GP Trucking Company, Inc.
803.936.8595 Direct Line
800.922.1147 Toll-Free (x8595)
803.739.1176 Fax



This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be
copied,
disclosed to, retained or used by, any other party. If you are not an
intended recipient then please promptly delete this e-mail and any
attachment and all copies and inform the sender. Thank you.

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

Re: [ActiveDir] Overlapping AD Subnet Boundaries

2007-01-27 Thread Mathieu CHATEAU


i don't agree.
the /24 is included in the /16.
You won't have layer 3 routing between the two site, at least from the 
primary to the secondary. Even if it will work from a routing point of view 
from the secondary to the primary.


what's the point ?

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


- Original Message - 
From: Brian Desmond [EMAIL PROTECTED]

To: ActiveDir@mail.activedir.org
Sent: Saturday, January 27, 2007 6:58 PM
Subject: RE: [ActiveDir] Overlapping AD Subnet Boundaries


OK well you don't need a layer 2 link to do what the OP wants...

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132



-Original Message-
From: [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] On Behalf Of Mathieu CHATEAU
Sent: Saturday, January 27, 2007 12:53 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Overlapping AD Subnet Boundaries

hi,

i am coming from network job, so i am used to sub/super netting somehow
:)
thanks anyway !

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


- Original Message -
From: Brian Desmond [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Saturday, January 27, 2007 6:47 PM
Subject: RE: [ActiveDir] Overlapping AD Subnet Boundaries


While your math is right you should look up supernetting and subnetting
somewhere.

Thanks,
Brian Desmond
[EMAIL PROTECTED]

c - 312.731.3132

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:ActiveDir-
 [EMAIL PROTECTED] On Behalf Of Mathieu CHATEAU
 Sent: Saturday, January 27, 2007 4:17 AM
 To: ActiveDir@mail.activedir.org
 Subject: Re: [ActiveDir] Overlapping AD Subnet Boundaries

 In my opinion, there is a pure TCP/IP network issue...

 A sample example:
 The DC is 10.10.0.1 with a netmask of 255.255.0.0 (/16 as indicated).
 if you try to ping 10.10.41.104, it will try to communicate on the
LAN,
 seeking its arp.
 It won't send packet to the gateway since 10.10.41.0 must be on the
 LAN.

 The only way to get it work is to use a Layer 2 link between both
site.


 Regards,
 Mathieu CHATEAU
 http://lordoftheping.blogspot.com


 - Original Message -
 From: Almeida Pinto, Jorge de
[EMAIL PROTECTED]
 To: ActiveDir@mail.activedir.org
 Sent: Friday, January 26, 2007 11:37 PM
 Subject: RE: [ActiveDir] Overlapping AD Subnet Boundaries


 it will go for the second site 10.10.41.0/24 (= best matching)

 Met vriendelijke groeten / Kind regards,
 Ing. Jorge de Almeida Pinto
 Senior Infrastructure Consultant
 MVP Windows Server - Directory Services

 LogicaCMG Nederland B.V. (BU RTINC Eindhoven)
 (   Tel : +31-(0)40-29.57.777
 (   Mobile : +31-(0)6-26.26.62.80
 *   E-mail : see sender address

 

 From: [EMAIL PROTECTED] on behalf of Brian Cline
 Sent: Fri 2007-01-26 22:19
 To: ActiveDir@mail.activedir.org
 Subject: [ActiveDir] Overlapping AD Subnet Boundaries



 Say I create an AD subnet of 10.10.0.0/16 and assign it to our
primary
 site,
 and another subnet as 10.10.41.0/24 and assign it to a secondary
site.
 Will
 AD treat a client address of, say, 10.10.41.104 as a client on the
 secondary
 site, or will it default to the more general primary subnet? The
reason
 I
 ask is we now have a need for a second AD site (I can see all the
 enterprise
 folks grinning now) and we have quite a number of other subnets that
 I'd
 have to manually enter if this is not the case. I don't mind doing
it,
 but I
 was curious either way.

 Brian Cline, Applications Developer
 Department of Information Technology
 GP Trucking Company, Inc.
 803.936.8595 Direct Line
 800.922.1147 Toll-Free (x8595)
 803.739.1176 Fax



 This e-mail and any attachment is for authorised use by the intended
 recipient(s) only. It may contain proprietary material, confidential
 information and/or be subject to legal privilege. It should not be
 copied,
 disclosed to, retained or used by, any other party. If you are not an
 intended recipient then please promptly delete this e-mail and any
 attachment and all copies and inform the sender. Thank you.

 List info   : http://www.activedir.org/List.aspx
 List FAQ: http://www.activedir.org/ListFAQ.aspx
 List archive: http://www.activedir.org/ma/default.aspx
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx

Re: [ActiveDir] Overlapping AD Subnet Boundaries

2007-01-27 Thread Mathieu CHATEAU

Overlapping AD Subnet BoundariesI know there is not a direct relation, but i 
don't know if the original poster understand that this can't work if it's the
real implementation.

I think that someone knowing this wouldn't have post the question.

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


  - Original Message - 
  From: joe 
  To: ActiveDir@mail.activedir.org 
  Sent: Saturday, January 27, 2007 9:03 PM
  Subject: RE: [ActiveDir] Overlapping AD Subnet Boundaries


  You are mistaking machine subnetting and subnetting defined in AD. They are 
not connected. The definitions in AD do not have to reflect what is really 
happening at the routing layer. They are generally close but there isn't any 
technical reason why they have to be. 

  --
  O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm 





--
  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mathieu CHATEAU
  Sent: Friday, January 26, 2007 4:34 PM
  To: ActiveDir@mail.activedir.org
  Subject: Re: [ActiveDir] Overlapping AD Subnet Boundaries


  is it really 10.10.0.0/16 or a mistake (/24) ?
  Because your first site won't be able to joint the other one as it will think 
it's local and won't sent packet to the gateway (if it's really a /16). 

  If it's a real /24, then it will works as expected (10.10.41.104 will be 
attached to the secondary site).

  If it's a /16 and you need router between both site, your configuration can't 
work from a network point of view.
  Regards,
  Mathieu CHATEAU
  http://lordoftheping.blogspot.com


- Original Message - 
From: Brian Cline 
To: ActiveDir@mail.activedir.org 
Sent: Friday, January 26, 2007 10:19 PM
Subject: [ActiveDir] Overlapping AD Subnet Boundaries


Say I create an AD subnet of 10.10.0.0/16 and assign it to our primary 
site, and another subnet as 10.10.41.0/24 and assign it to a secondary site. 
Will AD treat a client address of, say, 10.10.41.104 as a client on the 
secondary site, or will it default to the more general primary subnet? The 
reason I ask is we now have a need for a second AD site (I can see all the 
enterprise folks grinning now) and we have quite a number of other subnets that 
I'd have to manually enter if this is not the case. I don't mind doing it, but 
I was curious either way.

Brian Cline, Applications Developer
Department of Information Technology
GP Trucking Company, Inc.
803.936.8595 Direct Line
800.922.1147 Toll-Free (x8595)
803.739.1176 Fax

Re: [ActiveDir] Overlapping AD Subnet Boundaries

2007-01-28 Thread Mathieu CHATEAU

Overlapping AD Subnet Boundarieshello,

just to stop the troll...
Do you understand my others post about your network ?
Is you DC set up on its network interface with a 255.255.0.0 netmask ?

Your setup will work fine from an AD point of view (dssite.msc) , but not an IP 
routing point of view if you are really using a 255.255.0.0

Regards,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


  - Original Message - 
  From: Brian Cline 
  To: ActiveDir@mail.activedir.org 
  Sent: Friday, January 26, 2007 10:19 PM
  Subject: [ActiveDir] Overlapping AD Subnet Boundaries


  Say I create an AD subnet of 10.10.0.0/16 and assign it to our primary site, 
and another subnet as 10.10.41.0/24 and assign it to a secondary site. Will AD 
treat a client address of, say, 10.10.41.104 as a client on the secondary site, 
or will it default to the more general primary subnet? The reason I ask is we 
now have a need for a second AD site (I can see all the enterprise folks 
grinning now) and we have quite a number of other subnets that I'd have to 
manually enter if this is not the case. I don't mind doing it, but I was 
curious either way.

  Brian Cline, Applications Developer
  Department of Information Technology
  GP Trucking Company, Inc.
  803.936.8595 Direct Line
  800.922.1147 Toll-Free (x8595)
  803.739.1176 Fax

Re: [ActiveDir] msi package

Re[2]: [ActiveDir] Limit Logon thru GPO

Re: [ActiveDir] GPO question

Re: [ActiveDir] Forestprep Failure

Re[2]: [ActiveDir] Forestprep Failure

Re[2]: [ActiveDir] Forestprep Failure

Re: [ActiveDir] Domain rename [DONE!]

Re: [ActiveDir] Can the Gods return to our domain? an ex-DC naming question

Re: [ActiveDir] Enumerating Group type and Mebership...

Re[2]: [ActiveDir] Exchange question

Re[3]: [ActiveDir] Exchange question

Re: [ActiveDir] Best Practice for replacing a DC

Re: [ActiveDir] OU tareq

[ActiveDir] [OT] CHKDSK NTFS.SYS bugs = Security descriptor issue / resolved

Re: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

Re: [ActiveDir] Auto Logon

Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

Re[2]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

Re[4]: [ActiveDir] Add folder with quota to existing mailboxes - via scripting or tool

Re[2]: [ActiveDir] Auto Logon

Re: [ActiveDir] Overlapping AD Subnet Boundaries

Re: [ActiveDir] Overlapping AD Subnet Boundaries

Re: [ActiveDir] Overlapping AD Subnet Boundaries

Re: [ActiveDir] Overlapping AD Subnet Boundaries

Re: [ActiveDir] Overlapping AD Subnet Boundaries

Re: [ActiveDir] Overlapping AD Subnet Boundaries

27 matches

Site Navigation

Mail list logo

Footer information