When migrating objects between domains in the same forest, remember that you
always need to migrate the closed sets. E.g. let's say the following
situation exists: user-global group1-global group2. Ik you want to migrate
global group 2 to another domain and retain memberships you must also
migrate
If you had local connection (same subnet) connection to a DC and DNS
then I can't think of any reason why your problem would occur It's
also strange that the DHCP server was serving to its own subnet and not
to others.
I would just it put it down to a 'one off' and wouldn't be too
concerned.
Hi,
I would like to know what would be the best way to export and
reimport users and group from a DC to another. The source DC is the one
that is in our LAN and the second one is in a test lab. They both must
have the same accounts and groups but, they are not connected in any way
and the
I believe LDIFDE will allow you to achieve this.
http://support.microsoft.com/kb/q237677/
Its available on the Windows 200x Server CD
Iain
-Original Message-
From: Bruyere, Michel [mailto:[EMAIL PROTECTED]
Sent: 02 November 2004 13:15
To: [EMAIL PROTECTED]
Subject: [ActiveDir] User
Have you been able to connect to the file shares using the UNC path names
from the XP workstations? Can you run the scripts manually? How many 2K3
domain controllers? Any chance the scripts have not replicated to the
netlogon share of all of them yet?
Regards;
James R. Day
Active Directory
Hi Rodney
Lockoutstatus.exe is part of the 2003 resource kit (and I would assume the
2000 resource kit as well) although it can be downloaded separately from
Microsoft. I did a search on google for lockoutstatus.exe to get it.
We saw pretty much the same thing about 3 months ago and it turned
You can use ldifde for this purpose... see MS site for all the syntax
and examples. It's very simple to do and will get you users, OUs, etc.
Another way is to bring another DC into your production domain, DCPROMO
it, remove it from the domain and then seize all the FSMO roles using
NTDSUTIL. You
I'm going to test it again by yanking the ethernet cable after hours and
seeing if the same problem returns. I'm still not convinced there isn't
a core switch config or code issue. I have seen this happen before;
that's why I knew to bounce the service. We're going to keep looking at
it.
The only
http://www.webopedia.com/TERM/d/disk_cache.html is a reference for what it
is.
Disk cache is a very dangerous thing when it comes to JET DB technology.
The reason is that if the disk device loses power, or corrupts before it can
commit to media, then you lose that bit of data likely corrupting
Charlie, is it possible that you were having problems at a lower level in
the stack?
DHCP should check every 60 minutes by default IIRC. If it loses
connectivity, it should check every 5 minutes (default) for the AD. But I
don't recall a limit on the number of retries and it sounds like
Hi,
Thanks for the information... that's exactly the type of tool I was looking
for... I didn't know that MS had such a tool.
Many thanks!
M.Bruyere
-Message d'origine-
De : [EMAIL PROTECTED] [mailto:ActiveDir-
[EMAIL PROTECTED] De la part de
[EMAIL PROTECTED]
Envoyé :
What does your script look like?
Have you considered running the logon scripts via GPO?
http://www.ultratech-llc.com/KB/?File=LogonScripts.TXT
http://www.ultratech-llc.com/KB/?File=GroupPol.TXT
- ASB
Cheap, Fast, Secure -- Pick Any TWO.
http://www.ultratech-llc.com/KB/
On Mon, 1 Nov
Windows 2003 Resource Kit
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rodney Gardiner
Sent: Monday, November 01, 2004 4:17 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] locked out
Just curious as to where this lockedoutstatus.exe is kept?
I'm looking into helpdesk software.
I need integration into active directory, a web interface, and the biggest
issue.
I want to be able to use email to open and track the tickets. I want the
user to be able to send an email to an internal email address, the tech
replies to the email which gets
How about Track-It!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jason Benway
Sent: Tuesday, November 02, 2004 9:19 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] OT: helpdesk software
I'm looking into helpdesk software.
I need integration into
Have a look at http://www.hornbill.com/
Should do everything you want.
Rob
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jason Benway
Sent: 02 November 2004 15:19
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] OT: helpdesk software
I'm looking into
Try bigWebDesk www.bigwebdesk.com
Sonia Tapia
-Original Message-
From: Jason Benway [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 02, 2004 7:19 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] OT: helpdesk software
I'm looking into helpdesk software.
I need integration into
Liberum is a nice, free alternative if open-source is an option,
although production on the project has slowed quite a bit over these
past few months the software is still very functional and does meet all
of the requirements that you mentioned.
http://www.liberum.org/
-Original
http://wm.quest.com/products/activerolesserver/
It used to be Enterprise Directory Manager. Nice stuff.
David J. Perdue
MCSE 2000, MCSE NT, MCSA, MCP+I
Network Security Engineer, InDyne Inc
Comm: (805) 606-4597DSN: 276-4597
[EMAIL
What is the cost of that software package?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Robert
Rutherford
Sent: Tuesday, November 02, 2004 10:42 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT: helpdesk software
Have a look at
We use RT ( http://www.bestpractical ). If you have some perl
experience, it's fairly easy to extensively customize. Authentication
can be done via active directory via ldap, with autocreation of user
accounts, etc. The system is easily email driven, so emails can
create,modify, and resolve
Hey group,
I'm trying to find an easy way to do a massive migration of Windows 95\98
workstation from an NT domain to a Windows 2003 AD domain, however the tools
that I'm finding don't seem to function, don't exists, or after installation
I can't seem to find a domain controller.
Also, MS seems
If you build your Windows 2003 domain with the same netbios domain name
they Win 9x won't care one way or another.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros,
Charles
Sent: Tuesday, November 02, 2004 11:39 AM
To: '[EMAIL PROTECTED]'
Subject:
I honestly can't remember give them a call (and then get plagued to
the end of your days).
Rob
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salandra,
Justin A.
Sent: 02 November 2004 16:07
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT:
We are doing a migration from an NT domain into child domain of new AD
forest so we cannot keep the same netbios name. We also have a slight
problem with our naming convention in that all of our DCs are going to have
nine character names.
Thanks, chuck
-Original Message-
From:
I can also vouch for Liberum. I think the development has not moved much for
a long time because the tool does all the things it's supposed to do
beautifully. It meets all the criteria you mentioned in your request and it
does so for free.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
You could potentially upgrade your NT Domain to a child domain of a AD
forest. This would allow you to keep the netbios name at least for your
network.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros,
Charles
Sent: Tuesday, November 02, 2004
Upgrading is not an option in this case. Politically its not allowed and
technically its not that feasible either (there is an issue with the number
of Exchange 5.5 environments that are going to be migrated into the new
forest and how this is planned to be done).
-Original Message-
How many Win95/98 clients are you talking about? Another question is:
Why do you have Win95/98 clients at all?
Phil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros,
Charles
Sent: Tuesday, November 02, 2004 12:13 PM
To: '[EMAIL PROTECTED]'
We have them for the same reason that everyone else does, economics. If
they still perform their function and can access the network resources why
spend the money to upgrade what isn't broken. I have someone looking for
the number right now, but it was indicated that it might be as many as 300
Ok, it was worth a shot. I have not heard of or seen any tool that will
help you with this. The only thing I can think of it in your logon
script have it copy a script to the 9x machine, modify the registry to
RunOnce that script you just copied and have that script on next logon
change the
I think there is more I have to do to get it work with AD though. Don't
have I to make sure that the workstation is using NTLM2 authentication and
SMB signing? (In which case I still might have to write off my Win95 boxes
because I don't believe that they support either of those.)
I really hope
Understandable, if it's not broke why fix it. Although you do need to
live with the fact that it has less functionality within Active
Directory (even with the DS Client) and is no longer supported by
Microsoft. My rant ends here ;)
For 300 clients you might just want to send out a pre and
Okay, here's the scenario: Exchange Server 2003 (upgraded in June from
2K w/current SPs) has, over the past two weeks, begun allowing users to
open other users mailboxes. Up until now, it was secure in that people
had to assign delegates, but now it's pretty much wide open.
Additionally, the
Does anyone have info on the this hotfix?
Thanks
[EMAIL PROTECTED] 11/1/2004 12:31:44 PM
This happens if someone connected to your GPO's and they
were running XP
SP2. There is a hotfix for this.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Nathan
Why would they need NTLM2 authentication and SMB Signing? Is this
something that Windows 2003 requires?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros,
Charles
Sent: Tuesday, November 02, 2004 12:34 PM
To: '[EMAIL PROTECTED]'
Subject: RE:
Do you have AV scanning the info stores at the file level?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Monte Barnett
(Tech)
Sent: Tuesday, November 02, 2004 12:39 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Exchange 2K3 Private Information Store
Sounds like some administrative issues are possible such as changes to
rights, GPO's, etc.
However, to start to rule things out, how about gathering dcdiag and netdiag
reports for the GC's and the Exchange servers? To run dcdiag from a member
server, you specify the DC you want it to collect.
Windows 2003 requires clients to support SMB signing and (quoting)
signing of secure channel network traffic.
To enable that on downlevel clients (Win9x or WinNT) you need to install
the DS Client, although the recommended approach is to upgrade the OS.
Phil
-Original Message-
From:
I haven't look at
this but saw an email on it today... It is a Active Directory plugin for Excel
2003. This is not in any way related to joeware nor ADFind and I do not
otherwise endorse or recommend, however I know some folks were looking for this
capability so I thought I would let you
Hello
I´am looking for a possibility to rename local and global groups into a AD.
Can anybody help me?
THX
Thomas
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
I vote for putting add functionality in admod and not breaking it
out as a separate tool. (you didn'tput AD deletions into a separate
tool)
Robbie Allen
http://www.rallenhome.com/
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Tuesday, November 02,
What is it exactly that you are looking for? You can rename groups through Active
Directory Users Computers.
Phil
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Wohlgemuth
Sent: Tuesday, November 02, 2004 1:51 PM
To: [EMAIL PROTECTED]
Subject:
Hello
I would create a little script for renaming a great amount of groups from
time to time (changes in the structure of our company).
Thomas
- Original Message -
From: Renouf, Phil [EMAIL PROTECTED]
To: unsure; [EMAIL PROTECTED]
Sent: Tuesday, November 02, 2004 8:05 PM
Subject: RE:
You could create a script based on dsmove to change the names of groups:
dsmove DN of group -newname New group name
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Wohlgemuth
Sent: Tuesday, November 02, 2004 2:11 PM
To: [EMAIL PROTECTED]
admod -add
:-)
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Tuesday, November 02, 2004 1:51 PMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] Excel plugin for
directory access
I haven't look at
this but saw an email on it today... It is a Active Directory plugin
I got the tool,
Pretty slick, takes some getting used to,
and I havent done any live modifications yet, but could be quite useful
for bulk updates, etc.
Todd
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 02, 2004
2:02 PM
To: [EMAIL PROTECTED]
This article may be of assistance too.
http://support.microsoft.com/default.aspx?scid=kb;en-us;276440Product=win20
00
Rodney
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, 3 November 2004 12:25 AM
To: [EMAIL
James,
Thanks for that. I do not have this problem though - I was taking onto the
end of a previous post to find out where to get the tool that was spoken of.
Thanks for the script too. Also note that on www.joeware.net web site there
is a tool been created to help with bulk unlock etc.
Rodney
Al,
Thank you very much for your comprehensive response. I am currently in the
process of trying to Disable Write Cache. I have managed to do it via the
Adaptec Software but for some reason windows still states that it is
enabled.
I go into System manager - Devices - Hard Disks - Properties. In
50 matches
Mail list logo