The actual system runs on *nix but the agents (various ones) are available for
windows. It's quite easy to manage once you have it on the *nix box - just a
pile of text files.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Zi
Set the smarthost on the existing SMTP server to be IronPort, set the smarthost
on IronPort to be the ISP.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: David W. McSpadden [mailto:dav...@imcu.com]
Sent: Thursday, March 04, 2010 2:05
I'm pretty sure one of my customers does. What's the issue?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: David Lum [mailto:david@nwea.org]
Sent: Thursday, March 04, 2010 4:40 PM
To: NT System Admin Issues
Subject: Nagios
The servers I have access to use the NRPE agent and it's just in c:\nagios. Is
this some addon to that? I need an idea of what specifically I'm looking for.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: David Lum [mailto:da
Why not just dcpromo the box down, rename it, and dcpromo back up?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Burian, Matthew J. (mjb) [mailto:m...@burianit.com]
Sent: Friday, March 05, 2010 7:52 PM
To: NT System Admin Issues
S
You can also integrate the certs pretty easily with anything that uses IIS or
ISA/TMG/UAG for app auth.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Kevin Lundy [mailto:klu...@gmail.com]
Sent: Monday, March 08, 2010 1:59 PM
To: NT
DA does not require 2008R2 DCs...
Thanks,
Brian Desmond
br...@briandesmond.com
c – 312.731.3132
> -Original Message-
> From: Kurt Buff [mailto:kurt.b...@gmail.com]
> Sent: Monday, March 08, 2010 5:07 PM
> To: NT System Admin Issues
> Subject: Re: Win7 Pro vs. Enterprise
I haven't gone and looked but it probably just has a simple SKU check in it.
You can basically "unlock" higher SKUs of Windows without a reinstall so
everything has to be there for that to work.
Thanks,
Brian Desmond
br...@briandesmond.com
c – 312.731.3132
> -Original M
It should be able to kick out more info to a text file.
The scenario you mention of branch DCs not having connectivity is completely
normal.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Carl Houseman [mailto:c.house...@gmail.com
What version of Windows is this running on?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, March 09, 2010 1:44 PM
To: NT System Admin Issues
Subject: RE: DNS Server service
OK so I'm still unclear as to whether the service is crashing or it's never
entering a running state or what?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, March
OK well I'm not about to try and help you if you're going to deflect the
questions. Good luck.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Carl Houseman [mailto:c.house...@gmail.com]
Sent: Tuesday, March 09, 2010 3:20
No you can background load AD zones in WS08 plus
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Tuesday, March 09, 2010 5:20 PM
To: NT System Admin Issues
Subject: RE: DNS Server s
I've done it a couple times - was straight forward enough.
Just keep in mind you need to be consistent and use Vista RSAT+ tools moving
forward.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Christopher Bodnar [mailto:chri
tombstones.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Wednesday, March 10, 2010 3:05 PM
To: NT System Admin Issues
Subject: Re: DNS Server service shuts down shortly after the DC boots
I
No you only need one RAID controller, however, you're going at this backwards
IMO. Have you run your numbers through the Exchange storage calculator and
looked at the recommended disk config?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731
> Further reading suggests a single server could maintain multiple copies of
> the Exchange database on a single server's JBODs, but that's got to be more
> overhead than just RAID 1'ing it.
No, that LCR functionality was pulled. 1 DB copy per server max.
JBOD with <3 copies is not the recommended approach
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Tim Vander Kooi [mailto:tvanderk...@expl.com]
Sent: Wednesday, March 10, 2010 3:47 PM
To: NT System Admin Issues
Subject: RE: Disk conf
Option B is correct. :)
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Richard Stovall [mailto:rich...@gmail.com]
Sent: Wednesday, March 10, 2010 3:50 PM
To: NT System Admin Issues
Subject: Re: Disk configuration in new server
At lea
RAID5 for the DB may be just fine. Run the numbers through the Exchange storage
calculator.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Evan Brastow [mailto:ebras...@automatedemblem.com]
Sent: Wednesday, March 10, 2010 2:55 PM
Well the ADM files will all re-profilerate back in to your sysvol for one.
IIRC the legacy tools will fall back to local ADMs if they can’t find any on
sysvol but don’t quote me on that.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c – 312.731.3132
With something that small you're unlikely to max out I/O on whatever you
choose...
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Evan Brastow [mailto:ebras...@automatedemblem.com]
Sent: Thursday, March 11, 2010 1:45 PM
To: NT S
What do you have now and what does utilization look like on it?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Palmer, Neal [mailto:npal...@uwic.ac.uk]
Sent: Thursday, March 11, 2010 4:47 AM
To: NT System Admin Issues
Subject: Windows 2
There is an Exchange 2010 calculator -
http://msexchangeteam.com/archive/2010/01/22/453859.aspx. The i/o model in 2010
is completely different from 2007 so the data from the 2007 calculator would
not provide valid inputs.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto
DigiCert is awesome and who I send all my customers to.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
> -Original Message-
> From: Matthew W. Ross [mailto:mr...@ephrataschools.org]
> Sent: Friday, March 12, 2010 12:08 PM
> To: NT System Admin Issues
> Sub
Given that error I would dcpromo the box down and re-promote it. Also figure
out what's wrong with the i/o subsystem.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
> -Original Message-
> From: Bill Humphries [mailto:nt...@hedgedigger.com]
> Sent: Fr
IIRC CertificatesForExchange is just reselling GoDaddy
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
> -Original Message-
> From: Roger Wright [mailto:rhw...@gmail.com]
> Sent: Friday, March 12, 2010 1:41 PM
> To: NT System Admin Issues
> Subject: Re: S
I'll go with "yes" too. ;)
-ilike is the other operator I'd look at
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
c - 312.731.3132
From: Michael B. Smith [mailto:mich...@smithcons.com]
Sent: Friday, March 12, 2010 3:42 PM
To: NT Syste
The Select-Object cmdlet is probably what you want. It has -First, -Last,
-Skip, -Index, etc which you can use to step in to an array
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
> -Original Message-
> From: Joseph L. Casale [mailto:jcas...@activenetwerx.com]
Note that this is not necessarily going to give you the CDROM drive. The way I
do this in my build tool is I use WMI to find the CDROM drive letter than I use
diskpart to change it. Note that there is a corner case of a machine with
multiple CD/DVD drives.
Thanks,
Brian Desmond
br
. Your
machines each plug in to one box on each of the distributors for their power.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: RITA KAUR [mailto:mchani...@rogers.com]
Sent: Wednesday, March 17, 2010 12:19 PM
To: NT System Admin Issues
Subject: HP PDU's - HP
ility to soft patch
locations directly together at very high speeds.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Free, Bob [mailto:r...@pge.com]
Sent: Thursday, March 18, 2010 8:02 AM
To: NT System Admin Issues
Subject: RE: 1gbps+ traffic?
The core of our internal WAN
Probably want to look at the individual NIC. That said without more info and
some elaboration of "issues with connectivity", I wouldn't know where to
suggest starting.
My only gut reaction is check for a speed/duplex mismatch or other errors on
the port.
Thanks,
B
So what is the actual problem/symptom?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Benjamin Zachary - Lists [mailto:li...@levelfive.us]
Sent: Friday, March 19, 2010 12:12 AM
To: NT System Admin Issues
Subject: RE: perfmon w/ teamed nics
Thanks, we already have HP
What version of Windows are your DCs
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: David Lum [mailto:david@nwea.org]
Sent: Friday, March 19, 2010 9:43 AM
To: NT System Admin Issues
Subject: Computer account creation
So...I'm trying to catch when a new use
It's been OK on the box I have. I did use diskpart to do all the carving though
as it would have taken forever just by virtue of countless clicks to do it by
hand.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Glen Johnson [mailto:gjohn...@vhcc.edu]
Sent: Friday,
Are you using NTFRS or DFS-R?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Des Waugh [mailto:d...@charanda.com.au]
Sent: Saturday, March 20, 2010 8:16 PM
To: NT System Admin Issues
Subject: Alternatives to DFS
Hi
Anyone using 3rd party
Are you pushing enough data to need more than a gig of bandwidth? I'd highly
recommend just doing an active/passive team if possible.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov]
Sent: Monday,
These things (load balanced teaming, especially your NIC vendor) have a really
bad track record.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Joseph Heaton [mailto:jhea...@dfg.ca.gov]
Sent: Monday, March 22, 2010 12:26 PM
To: NT System
I think you can put a soft mac on the team vip. That app sounds ripe for a VM
though because you can cart the VM (and mac) around independent of the host
thus absolving yourself of the licensing nonsense.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message
s. It typically goes
faster than what I pay for and never slower - can't complain.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Sam Cayze [mailto:sam.ca...@rollouts.com]
Sent: Tuesday, March 23, 2010 11:10 AM
To: NT System Admin Issu
Dcpromo /forceremoval
Then do a metadata cleanup
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Bowles [mailto:john.bow...@wlkmmas.org]
Sent: Tuesday, March 23, 2010 9:37 AM
To: NT System Admin Issues
Subject: Win2K3 DC in Active Directory Recovery Mode
All-
I
joining the box
to the domain FWIW.
With regard to virtual DCs, you can certainly make them all this way although I
tend to shy away from this for the reasons others have noted.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Aldrich [mailto:jaldr
I have been using PrimalScript for years and really do like it.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: tony patton [mailto:tony.pat...@quinn-insurance.com]
Sent: Friday, March 26, 2010 6:00 PM
To: NT System Admin Issues
Subject: [OT
3-4 years is a VERY standard lifecycle in many orgs. Five years is really
pushing it and means that you're likely using some sort of supplemental
hardware/field service which is just an extra burden to manage.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Ori
Have you considered talking to PSS? DFSR is generally pretty good. Sounds like
something odd might be happening. Also consider updating to the latest QFE
build of the DFSR bits - possible you're hitting an issue that was fixed.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731
You can also just package the htm file and have him drop it in the right place
on his box.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Thursday, March 25, 2010 5:34 PM
To: NT System Admin Issues
Subject: RE
It's also very competitively priced as part of the eCAL step-up. If you license
through the consolidated CAL options all the Forefront stuff is included in the
eCAL step up so it's something very attractive to look at from a dollars
perspective as well.
Thanks,
Brian
Have you taken a network trace to ascertain whether the machine is attempting a
connection on the wire?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Len Hammond [mailto:lenhammo...@gmail.com]
Sent: Wednesday, March 31, 2010 9:30 PM
To: NT System Admin Issues
Subject
>... including 90% of Microsoft's stuff, falls into the category of
>"poorly-written".
I have no idea what your benchmark is for commercial software testing/design
given that statement...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original M
Why not just subscribe an alias?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Thursday, April 01, 2010 5:16 PM
To: NT System Admin Issues
Subject: Re: Microsoft Security Bulletin Advance
al PC stuff which is completely different. Vista had this - it was called
Virtual PC or VMWare and I have seen many places do stuff like deploy this in
scenarios where it's required.
Blaming the OS for the faults of applications is really silly.
Thanks,
Brian Desmond
br...@briandesmond.com
). You can buy
what you want, just have to pass it through them.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Ray [mailto:rz...@qwest.net]
Sent: Sunday, April 04, 2010 8:53 PM
To: NT System Admin Issues
Subject: RE: Enterprise Anti-Virus
Supposedly people who are supposed
Have you looked at whether the in-box functionality in Exchange 2010 will meet
your needs?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Cameron Cooper [mailto:ccoo...@aurico.com]
Sent: Monday, April 05, 2010 11:45 AM
To: NT System Admin Issues
Subject: Email Archive
7;s in-box monitoring stuff (e.g.
HP Insight, Dell Openmanage, etc) with whatever you use for monitoring.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: David Lum [mailto:david@nwea.org]
Sent: Monday, April 05, 2010 10:13 AM
To: NT System Admin Issues
Subject: Webcam to moni
So it sounds like what you actually need is an ILO/DRAC if you want access to
the console remotely. IP KVM would do the job too although not as good of a job.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, April 06
DRAC is fine - IP KVM not as much.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: jgarciaitl...@gmail.com [mailto:jgarciaitl...@gmail.com]
Sent: Tuesday, April 06, 2010 8:51 AM
To: NT System Admin Issues
Subject: Re: Webcam to monitor server rooms
Why does drac not do a
rupted or deleted or something, that corruption/deletion will get mirrored
to the second device. Some vendors (e.g. NetApp) offer plugins that will
actually make snapshot backups with the assistance of the host and store them
on the same storage units. I'd suggest looking at this stuff.
I've not run in to the HP tools not reflecting actual state?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Ray [mailto:rz...@qwest.net]
Sent: Tuesday, April 06, 2010 9:48 AM
To: NT System Admin Issues
Subject: RE: Webcam to monitor server rooms
In our case
Safe mode starts it without addins...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com]
Sent: Tuesday, April 06, 2010 11:31 AM
To: NT System Admin Issues
Subject: Outlook strangeness
I have ONE user who's having a pr
It's not going to show up in ADUC outside of the attribute editor tab in 2008+
ADUC.
PAS update on the GC will be during normal replication. Don't know what
rDirectory's problem is - never used it before.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
I think you need to tweak a display specifier to make it percolate up. Been a
while though - don't remember precisely.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: David Lum [mailto:david@nwea.org]
Sent: Tuesday, April 06, 2010 11:55 AM
To: NT System Admin I
and it's a lot cheaper than paying for IT FTEs to go out and do grunt work for
a day or two.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org]
Sent: Saturday, August 29, 2009 7:32 AM
To: NT System Admin Issues
Subj
I just saw a couple of new Dell ones go in in the past couple months - I don't
remember anything odd about the side panels?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Steven M. Caesare [mailto:scaes...@caesare.com]
Sent: Saturday, Augu
this works. Dumpanalysis.org may also have something
relevant.
è I have seen (but can't think of the name) a utility which monitors all ops
against the Clipboard and shows them to you
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: richardmccl...@aspca.org [mailto:richardmccl...@
e interested in the thread.
Lately I haven't been opening a lot of threads or am missing the ones I can
contribute to in between a lot of chaff.
I don't really care all that much as it's a folder and I just ignore the
folder, but, that's not the point of being
When is it? I've been in SF almost every week for work lately.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: John Cook [mailto:john.c...@pfsf.org]
Sent: Friday, August 28, 2009 4:04 PM
To: NT System Admin Issues
Subject: RE: OT VMWorld 2009
I'll think about you
Interesting - I'll try and remember to go look next time I'm in this computer
room
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Steven M. Caesare [mailto:scaes...@caesare.com]
Sent: Saturday, August 29, 2009 8:35 PM
To: NT System Ad
I have patched tens of thousands of boxes with psexec. My current patching
script I use is a VBScript which I launch from psexec. Works great. Logging is
built-in to the scripts...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http
Administrators are "Users" too.
Not sure offhand how you'd undo this.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Benjamin Zachary - Lists [mailto:li...@levelfive.us]
Sent: Monday, August 31, 2009 8:17 PM
To: NT System Admin Issues
Subject: Calling Securi
Rodcprep adds ACLs to NDCs as I recall. Since you are on W2000, you have no
NDNCs (they're not supported). Thus running rodcprep wouldn't do anything.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft M
There is a checkbox in the ACL to grant that group the right to Apply this
Policy as well as Read. You want both of those.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com
I believe if you pull the properties of the GPO there is a button Advanced or
Security or something to see the ACL editor for the GPO.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Tuesday, September 01, 2009 2:45 PM
To: NT
OK there is a detail missing here.
Is this a MACHINE policy or a USER policy? If it's a machine policy, the
computer needs to be able to have rights to apply it.
If you're trying to do machine policies on a per user basis you need to get
loopback processing going.
Thanks,
Brian
Chris-
Why not export the EVT files from each server to a big folder and let them read
them on their machines?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/profile
Hi Terri-
Others have chimed in with tools, but, I'll add the other part. Why are you
using share permissions? They aren't granular and they just add confusion.
Manage all your ACLs on NTFS (where you can do whatever you want more or less),
and just grant Everyone:FC on shares.
Tha
Well it's still required post 2003.
You shouldn't be doing OWA without SSL anyway.
Outlook 2007+ and Exchange 2007+ use SSL connectivity even while on the LAN for
certain things - autodiscover, address book download, web services, etc.
Thanks,
Brian Desmond
br...@briandesm
articular it's pain
free. You activate the KMS once and then add a couple DNS records and all your
machines will then just talk to your KMS on their own. There are special keys
published on Technet/Internet that you use for setup and they force the machine
to talk to a KMS (or you can leave the k
No you just plug the MAK (or KMS placeholder key) in the sysprep config and
machines will automatically activate.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sam Cayze [mailto:sam.ca...@rollouts.com]
Sent: Tuesday, September 08, 2009 3:07 PM
To: NT System Admin Issues
You just need to install the update for the KMS service and then you can add
and activate the Win7 keys.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Tuesday, September 08, 2009 3:04 PM
To: NT System Admin
Look at imagex in the WAIK. You can make a WIM of a drive and let PSS figure
out how to apply that to a VHD. Or you could do it yourself pretty easily (just
create a virtual PC, mount the VHD localy, and apply the WIM to it).
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
I've only ever seen this set when someone uses repadmin (or something direct
like adsiedit) to set the flag on the connection object.
Time delta wouldn't do this.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Don Guyer [mailto:don.gu...@prufoxroach.com]
Sent
That makes sense - I've not personally experienced that situation fortunately.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Thursday, September 10, 2009 2:00 PM
To: NT System Admin Issues
Subject: RE: In
Everyone goes through a reseller regardless. That said I expect your
negotiating power with that volume is somewhere around 0. :)
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Ben Scott [mailto:mailvor...@gmail.com]
Sent: Friday, September 11
I don't typically do all that stuff as I'm often doing hundreds of DCs. What I
will do is move FSMO roles to an alternate before bouncing the role owners.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Tuesday, Se
You need a cert with the Client auth EKU. You're not getting that with a cert
generated with selfssl l'm guessing. You generally use this feature with
smartcards or other 2 factor devices. The logon mapping happens based on the
UPN in the cert and an AD lookup.
Thanks,
Brian
x27;s no need to buy them from a public CA, but, you generally need PKI
infrastructure in place to accomplish this.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
-Original Message-
From: Tigran K [mailto:tigr...@gmail.com]
Sent: Thursday, September 17, 2009 3:50 PM
To: NT Sy
Hi-
You should only be setting the external time source on your root domain PDC
Emulator. Everything else (clients and DCs) should use NT5DS defaults which
means they'll sync with the domain hierarchy.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4
I've never overridden the default behavior in a multi-site scenario and
wouldn't generally recommend it...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP - https://mvp.support.microsoft.com/pro
I would call HP...
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: HELP_PC [mailto:g...@enter.it]
Sent: Monday, September 21, 2009 12:47 AM
To: NT System Admin Issues
Subject: Weird Windows 7 64 bit issue
In a DC 7700 Hp with 2 DDR 2 modules (Kingston Value RAM 2GB each
My recollection is that Enterprise CAs have a mechanism to push certs out into
GPOs. You might check the default domain policy.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Christopher Bodnar [mailto:christopher_bod...@glic.com]
Sent: Tuesday, September 22, 2009 11:03 AM
Why do you want an end user to be able to request a Computer certificate?
You need to look at the permissions on the certificate templates. IIRC that
list is generated from there based on the user accessing the page.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sean
Tom what version of the GPMC are you using?
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Tom Miller [mailto:tmil...@hnncsb.org]
Sent: Wednesday, September 23, 2009 1:16 PM
To: NT System Admin Issues
Subject: Re: GPO question
Thanks, now I know. If I wanted to be able to
Central store was exactly where I was going with that question. Just make sure
that once you deploy the central store (and clean up all your ADM files) that
you no longer use downlevel GP Editors.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Free, Bob [mailto:r
Nope you said exactly what I was going to :)
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Free, Bob [mailto:r...@pge.com]
Sent: Wednesday, September 23, 2009 4:20 PM
To: NT System Admin Issues
Subject: RE: GPO question
I figured that was the logical reason for your
It does actually work - it's a cute trick that you can have fun with. It's not
remotely scientific though.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Sean Martin [mailto:seanmarti...@gmail.com]
Sent: Wednesday, September 23, 2009 5:32 PM
To: NT System Ad
Malaysia's and TechEd China's. Look at the admission
ticket price on those versus say TechEd Australia.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Ken Schaefer [mailto:k...@adopenstatic.com]
Sent: Wednesday, September 30, 2009 9:46 PM
To: NT System Admin Issues
Subj
Is there a Technet page that links to that? If so send it to me.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
From: Maglinger, Paul [mailto:pmaglin...@scvl.com]
Sent: Thursday, October 01, 2009 11:10 AM
To: NT System Admin Issues
Subject: RE: 2003 AD DR restore
Link fall down
your DFL?).
You should just be able to reset the krbtgt password to something of your
choosing and be on your merry way. It's possible you may have boxes which need
to be bounced after this but this shouldn't happen.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Fro
Hi-
I'd expect this is a replication issue. You may want to create manual
connection objects temporarily and force replication.
Thanks,
Brian Desmond
br...@briandesmond.com
c - 312.731.3132
Active Directory, 4th Ed - http://www.briandesmond.com/ad4/
Microsoft MVP -
101 - 200 of 1412 matches
Mail list logo
