[ActiveDir] Please Remove Me From your List

[Ellis, Debbie]

I will be on vacation for two weeks . 

RE: [ActiveDir] Outlook Exchange

[Ellis, Debbie]

I am not sure if this is what you want. When you create a pst file you
have the option of where to save it. Go to Mail in the Control Panel,
Under Mail Setup click data files   under Outlook Data Files, Select add
then personal folder file (pst file)  You can choose where to save it. 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of patrick
Sent: Friday, January 13, 2006 12:33 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Outlook Exchange

NOBODY???

 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of patrick
Sent: Thursday, January 12, 2006 10:20 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Outlook Exchange

 

Could someone please expand on how to setup a PST and how to get it to
download to the pst so as not to stay on the email server?

Thanks

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] Windows 2003 Server

[Ellis, Debbie]

There are a few pdf files that I can not delete on my file
and print server. I have domain admin permissions and the file is not read
only. It gives me the error messages that the file is in use. I don't want to
reboot the server. Has anyone else had this problem and what was the solution?

RE: [ActiveDir] Windows 2003 Server

[Ellis, Debbie]

Thanks for the info, but it did not work  The pdf files did not show up as
being in use.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, January 05, 2006 10:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

You can try this.
 
On the file server run the command
 
NET FILE
 
Look for the files in question. Write down the ID
 
Then when you have the IDs
 
NET FILE ID /CLOSE
DEL FILE
 
Obviously replace ID with the ID from the NET FILE enumeration.
 
 
 
 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Thursday, January 05, 2006 10:03 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Windows 2003 Server



There are a few pdf files that I can not delete on my file and print server.
I have domain admin permissions and the file is not read only.  It gives me
the error messages that the file is in use. I don't want to reboot the
server. Has anyone else had this problem and what was the solution?

 

 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Windows 2003 Server

[Ellis, Debbie]

I had already tried that and it did not work.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tim Vander Kooi
Sent: Thursday, January 05, 2006 11:09 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

I've had this happen before and have always been able to remove all
permissions to the file in question with the exception of Domain Admins or
my personal log in, depending on the situation. Usually it is removing the
System permissions that does the trick though.



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Thursday, January 05, 2006 9:03 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Windows 2003 Server



There are a few pdf files that I can not delete on my file and print server.
I have domain admin permissions and the file is not read only.  It gives me
the error messages that the file is in use. I don't want to reboot the
server. Has anyone else had this problem and what was the solution?

 

 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Windows 2003 Server

[Ellis, Debbie]

I did try this, but the problem is that the
pdf files are not showing open even though the error message says they are











From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Thommes, Michael M.
Sent: Thursday, January 05, 2006
11:24 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows
2003 Server





GUI-wise, a tool you can use is My
Computer/manage/System Tools/Shared Folders/Open Files. Highlight the
file in question, right-click, Close Open File.



hth,

Mike Thommes



-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ellis,
 Debbie
Sent: Thursday, January 05, 2006
9:03 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Windows 2003
Server



There are a few pdf files that I can
not delete on my file and print server. I have domain admin permissions and the
file is not read only. It gives me the error messages that the file is in
use. I don't want to reboot the server. Has anyone else had this problem and
what was the solution?

RE: [ActiveDir] Windows 2003 Server

[Ellis, Debbie]

I tried all and to no avail. The process could not be found. They are all
pdf files and I can make a copy of them and am able to delete them without
problems. Looks like I will have to reboot

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, January 05, 2006 11:44 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

Shoot over to sysinternals and look for their handle tool that will show you
what processes have handles open to files. 

You may not have a choice but to reboot if you can't find what is holding
the files.
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Thursday, January 05, 2006 11:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

Thanks for the info, but it did not work  The pdf files did not show up as
being in use.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, January 05, 2006 10:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

You can try this.
 
On the file server run the command
 
NET FILE
 
Look for the files in question. Write down the ID
 
Then when you have the IDs
 
NET FILE ID /CLOSE
DEL FILE
 
Obviously replace ID with the ID from the NET FILE enumeration.
 
 
 
 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Thursday, January 05, 2006 10:03 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Windows 2003 Server



There are a few pdf files that I can not delete on my file and print server.
I have domain admin permissions and the file is not read only.  It gives me
the error messages that the file is in use. I don't want to reboot the
server. Has anyone else had this problem and what was the solution?

 

 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Windows 2003 Server

[Ellis, Debbie]

I had already tried that and received the same error message as I did in
Explorer


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Parris
Sent: Thursday, January 05, 2006 3:28 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

I have had this in Explorer and I have just fired up CMD and deleted them
that way - with no issue. I know it sounds simplistic but it worked.

Mark

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn
Sent: 05 January 2006 20:09
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

I have seen this behavior too, but never got to the bottom of it.  I
ended up being pretty certain that antivirus software was locking it
though.  I have also seen the OS itself lock files, when it's trying to
show a preview or for other unknown reasons.  Sometimes opening a
command prompt window to the file's parent folder, and then killing
explorer with task manager, enabled me to delete it.

Good luck
Rich

---
Rich Milburn
MCSE, Microsoft MVP - Directory Services
Sr Network Analyst, Field Platform Development
Applebee's International, Inc.
4551 W. 107th St
Overland Park, KS 66207
913-967-2819
--
I love the smell of red herrings in the morning - anonymous

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Thursday, January 05, 2006 1:14 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

I tried all and to no avail. The process could not be found. They are
all
pdf files and I can make a copy of them and am able to delete them
without
problems. Looks like I will have to reboot

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, January 05, 2006 11:44 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

Shoot over to sysinternals and look for their handle tool that will show
you
what processes have handles open to files. 

You may not have a choice but to reboot if you can't find what is
holding
the files.
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Thursday, January 05, 2006 11:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

Thanks for the info, but it did not work  The pdf files did not show up
as
being in use.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, January 05, 2006 10:22 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Windows 2003 Server

You can try this.
 
On the file server run the command
 
NET FILE
 
Look for the files in question. Write down the ID
 
Then when you have the IDs
 
NET FILE ID /CLOSE
DEL FILE
 
Obviously replace ID with the ID from the NET FILE enumeration.
 
 
 
 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Thursday, January 05, 2006 10:03 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Windows 2003 Server



There are a few pdf files that I can not delete on my file and print
server.
I have domain admin permissions and the file is not read only.  It gives
me
the error messages that the file is in use. I don't want to reboot the
server. Has anyone else had this problem and what was the solution?

 

 

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/

---APPLEBEE'S INTERNATIONAL, INC. CONFIDENTIALITY NOTICE---
PRIVILEGED / 
CONFIDENTIAL INFORMATION may be contained in this message or any
attachments. 
This information is strictly confidential and may be subject to
attorney-client 
privilege. This message is intended only for the use of the named addressee.
If 
you are not the intended recipient of this message, unauthorized forwarding,

printing, copying, distribution, or using such information is strictly 
prohibited and may be unlawful. If you have received this in error, you
should 
kindly notify the sender by reply e-mail and immediately destroy this
message. 
Unauthorized interception of this e-mail is a violation of federal criminal
law. 
Applebee's International, Inc. reserves the right to monitor and review the 
content of all messages sent to and from this e-mail

RE: [ActiveDir] FSMO role transfer

[Ellis, Debbie]

Your links did not work

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Lou Vega
Sent: Thursday, December 01, 2005 11:34 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] FSMO role transfer

Hey Rich - no need to script one yourselfRobbie's cookbook recipe 3.25
and 3.26 deal nicely with FSMO roles. 

3.26 contains VBScript and Perl to transfer FSMO roles.

http://www.rallenhome.com/books/adcookbook/code.html
http://www.rallenhome.com/books/adcookbook/src/03.25-find_fsmos.vbs.txt
http://www.rallenhome.com/books/adcookbook/src/03.26-transfer_fsmo.vbs.txt

r/
Lou

-Original Message-
I was curious to see, with all these posts, no one ponied up with a real
script to help out all these folks who are 1) not scripters and 2)
amazed that moving the roles could be that easy. (I would post one but I
have not actually scripted this... it's not currently my job :)


List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] Display in ADUC

[Ellis, Debbie]

We have 2003 AD. I changed the display name of a user in their
property sheet but it still shows the old display name when you look at it in
Active Directory Users and Computers. You can look at the properties and it
shows the new display name.. What else do I need to do?

[ActiveDir] Scripts

[Ellis, Debbie]

Does anyone know of a script I can include in the login scripts to change
the local admin passwords on the computers in my environment?
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Home Directories

[Ellis, Debbie]

 
 
 So now you can map the user's H: drive or whatever to
 \\server\home1\johndoe.
 
 Hope that helps...
 
 :m:dsm:cci:mvp
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
 Sent: Friday, May 27, 2005 10:50 AM
 To: 'ActiveDir@mail.activedir.org'
 Subject: RE: [ActiveDir] Home Directories
 
 But it also allows then to create new folders under the top
 level Home share. Is there a way around that?
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 [EMAIL PROTECTED]
 Sent: Friday, May 27, 2005 10:40 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Home Directories
 
 Now that your share-level permissions are correct, you need
 to add the individual user to their respective home folder 
 and grant modify permissions (ntfs).  That should give them 
 change access to their files.
 
 :m:dsm:cci:mvp
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
 Sent: Friday, May 27, 2005 9:04 AM
 To: 'ActiveDir@mail.activedir.org'
 Subject: RE: [ActiveDir] Home Directories
 
 
 I appreciate all the feedback. I had to end up giving domain
 users change access on the top level Home share folder.  (On 
 both file and share) I removed domain users from the 
 individual home directory/folders.  The problem I have with 
 the solution is that won't users be able to create folders in 
 the Home Folder? Is there a solution to this?
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 [EMAIL PROTECTED]
 Sent: Friday, May 27, 2005 8:30 AM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Home Directories
 
 Sorry.  Please don't perceive my earlier post as
 disrespecting your opinion.  Simply typing in brevity.  :)
 
 At any rate, I read it as a user end permission error, not as
 a copy process failure.
 
 :m:dsm:cci:mvp
 
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 Medeiros, Jose
 Sent: Thursday, May 26, 2005 6:34 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Home Directories
 
 No problem in disagreeing, as long as we can respect each
 others opinions. 
 
 Granted Debbie did not give a us lot of details,  but based
 on what Debbie wrote, it sounds like she is having trouble 
 copying the files from the server, and if her users had full 
 control enabled on the original NT 4 home directory, then in 
 the middle of the move process she would probably have an 
 access denied even though she is the admin. 
 
 By taking ownership of the files prior to her move this issue
 would be resolved. She also stated that the permissions are 
 change ( Change for end users is better then Full control in 
 my option) and Debbie stated that she has moved some of the 
 files and that leads me to believe that the permissions on 
 the target server have at least write access at the Share and 
 NTFS permission level.
 
 I am also sure that Debbie was at least smart enough to
 verify the share level and file permissions on the new target 
 server prior to posting on this list, however I doubt if she 
 went through all the files on the source server to verify 
 that none of them had full control as a ACL for the user 
 account in question.
 
 The other issue that she me be experiencing is that if the
 files are currently in use the they will be locked also 
 stopping the move process from occurring.
 
 Well that's my two cents,
 
 Jose
 
 --
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] Behalf Of
 [EMAIL PROTECTED]
 Sent: Thursday, May 26, 2005 3:05 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Home Directories
 
 
 I disagree.  Taking ownership isn't going to fix the
 permissions issues for the user at the opposite end.  I'm 
 leaning towards a share-level permission problem, since 2003 
 by default sets shares at Everyone:Read while NT was 
 Everyone:Full Control.
  
 :m:dsm:cci:mvp
 
 
 
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] On Behalf Of
 Medeiros, Jose
 Sent: Thursday, May 26, 2005 4:00 PM
 To: ActiveDir@mail.activedir.org
 Subject: RE: [ActiveDir] Home Directories
  
 Hi Debbie,
  
 This sounds like you need to take ownership of all the files
 in each home directory before moving the data.
  
 Jose
 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] Behalf Of Ellis, Debbie
 Sent: Thursday, May 26, 2005 12:45 PM
 To: 'ActiveDir@mail.activedir.org'
 Subject: [ActiveDir] Home Directories
 We are in the process of moving our user's  home directories
 from  NT server to 2003 server.  We have moved some and have 
 ran into a problem.
 The user's are unable to delete or add but the effective 
 permissions is change access.  Has anyone ran into this issue?
 
 List info   : http://www.activedir.org/List.aspx
 List FAQ: http

RE: [ActiveDir] Home Directories

[Ellis, Debbie]

I appreciate all the feedback. I had to end up giving domain users change
access on the top level Home share folder.  (On both file and share) I
removed domain users from the individual home directory/folders.  The
problem I have with the solution is that won't users be able to create
folders in the Home Folder? Is there a solution to this?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Friday, May 27, 2005 8:30 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

Sorry.  Please don't perceive my earlier post as disrespecting your
opinion.  Simply typing in brevity.  :)

At any rate, I read it as a user end permission error, not as a copy
process failure.

:m:dsm:cci:mvp

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Thursday, May 26, 2005 6:34 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

No problem in disagreeing, as long as we can respect each others
opinions. 

Granted Debbie did not give a us lot of details,  but based on what
Debbie wrote, it sounds like she is having trouble copying the files
from the server, and if her users had full control enabled on the
original NT 4 home directory, then in the middle of the move process she
would probably have an access denied even though she is the admin. 

By taking ownership of the files prior to her move this issue would be
resolved. She also stated that the permissions are change ( Change for
end users is better then Full control in my option) and Debbie stated
that she has moved some of the files and that leads me to believe that
the permissions on the target server have at least write access at the
Share and NTFS permission level.

I am also sure that Debbie was at least smart enough to verify the share
level and file permissions on the new target server prior to posting on
this list, however I doubt if she went through all the files on the
source server to verify that none of them had full control as a ACL for
the user account in question.

The other issue that she me be experiencing is that if the files are
currently in use the they will be locked also stopping the move process
from occurring.

Well that's my two cents,

Jose

--
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, May 26, 2005 3:05 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories


I disagree.  Taking ownership isn't going to fix the permissions issues
for the user at the opposite end.  I'm leaning towards a share-level
permission problem, since 2003 by default sets shares at Everyone:Read
while NT was Everyone:Full Control.
 
:m:dsm:cci:mvp 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Thursday, May 26, 2005 4:00 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories
 
Hi Debbie, 
 
This sounds like you need to take ownership of all the files in each
home directory before moving the data.
 
Jose
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ellis, Debbie
Sent: Thursday, May 26, 2005 12:45 PM
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Home Directories
We are in the process of moving our user's  home directories from  NT
server to 2003 server.  We have moved some and have ran into a problem.
The user's are unable to delete or add but the effective permissions is
change access.  Has anyone ran into this issue?

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Home Directories

[Ellis, Debbie]

But it also allows then to create new folders under the top level Home
share. Is there a way around that?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Friday, May 27, 2005 10:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

Now that your share-level permissions are correct, you need to add the
individual user to their respective home folder and grant modify
permissions (ntfs).  That should give them change access to their files.

:m:dsm:cci:mvp

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Friday, May 27, 2005 9:04 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Home Directories


I appreciate all the feedback. I had to end up giving domain users
change
access on the top level Home share folder.  (On both file and share) I
removed domain users from the individual home directory/folders.  The
problem I have with the solution is that won't users be able to create
folders in the Home Folder? Is there a solution to this?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, May 27, 2005 8:30 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

Sorry.  Please don't perceive my earlier post as disrespecting your
opinion.  Simply typing in brevity.  :)

At any rate, I read it as a user end permission error, not as a copy
process failure.

:m:dsm:cci:mvp

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Thursday, May 26, 2005 6:34 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

No problem in disagreeing, as long as we can respect each others
opinions. 

Granted Debbie did not give a us lot of details,  but based on what
Debbie wrote, it sounds like she is having trouble copying the files
from the server, and if her users had full control enabled on the
original NT 4 home directory, then in the middle of the move process she
would probably have an access denied even though she is the admin. 

By taking ownership of the files prior to her move this issue would be
resolved. She also stated that the permissions are change ( Change for
end users is better then Full control in my option) and Debbie stated
that she has moved some of the files and that leads me to believe that
the permissions on the target server have at least write access at the
Share and NTFS permission level.

I am also sure that Debbie was at least smart enough to verify the share
level and file permissions on the new target server prior to posting on
this list, however I doubt if she went through all the files on the
source server to verify that none of them had full control as a ACL for
the user account in question.

The other issue that she me be experiencing is that if the files are
currently in use the they will be locked also stopping the move process
from occurring.

Well that's my two cents,

Jose

--
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, May 26, 2005 3:05 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories


I disagree.  Taking ownership isn't going to fix the permissions issues
for the user at the opposite end.  I'm leaning towards a share-level
permission problem, since 2003 by default sets shares at Everyone:Read
while NT was Everyone:Full Control.
 
:m:dsm:cci:mvp 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Thursday, May 26, 2005 4:00 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories
 
Hi Debbie, 
 
This sounds like you need to take ownership of all the files in each
home directory before moving the data.
 
Jose
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Ellis, Debbie
Sent: Thursday, May 26, 2005 12:45 PM
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Home Directories
We are in the process of moving our user's  home directories from  NT
server to 2003 server.  We have moved some and have ran into a problem.
The user's are unable to delete or add but the effective permissions is
change access.  Has anyone ran into this issue?

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List

RE: [ActiveDir] Home Directories

[Ellis, Debbie]

This did it. Thanks  

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Friday, May 27, 2005 11:00 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

Yes, make sure that the top level home folder that your share is
pointing to does not have rights for those users to make changes.  They
should only have rights at their individual folder.

For instance:

Share Level Perms
\\server\home1 is your home folder share which has the following perms:
Administrators - FC
Domain Users - C

NTFS Perms
That folder maps to h:\home1 on your server.  Home1 should have the
following:
Administrators - FC

There's a user folder under home1 that exists under home1 that maps to
JohnDoe such as h:\home1\johndoe.

At the johndoe folder, you want to make sure the following permissions
are set:
Administrators - FC
JohnDoe - Modify


So now you can map the user's H: drive or whatever to
\\server\home1\johndoe.

Hope that helps...

:m:dsm:cci:mvp

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Friday, May 27, 2005 10:50 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Home Directories

But it also allows then to create new folders under the top level Home
share. Is there a way around that?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, May 27, 2005 10:40 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

Now that your share-level permissions are correct, you need to add the
individual user to their respective home folder and grant modify
permissions (ntfs).  That should give them change access to their files.

:m:dsm:cci:mvp

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Friday, May 27, 2005 9:04 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Home Directories


I appreciate all the feedback. I had to end up giving domain users
change
access on the top level Home share folder.  (On both file and share) I
removed domain users from the individual home directory/folders.  The
problem I have with the solution is that won't users be able to create
folders in the Home Folder? Is there a solution to this?

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Friday, May 27, 2005 8:30 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

Sorry.  Please don't perceive my earlier post as disrespecting your
opinion.  Simply typing in brevity.  :)

At any rate, I read it as a user end permission error, not as a copy
process failure.

:m:dsm:cci:mvp

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Thursday, May 26, 2005 6:34 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories

No problem in disagreeing, as long as we can respect each others
opinions. 

Granted Debbie did not give a us lot of details,  but based on what
Debbie wrote, it sounds like she is having trouble copying the files
from the server, and if her users had full control enabled on the
original NT 4 home directory, then in the middle of the move process she
would probably have an access denied even though she is the admin. 

By taking ownership of the files prior to her move this issue would be
resolved. She also stated that the permissions are change ( Change for
end users is better then Full control in my option) and Debbie stated
that she has moved some of the files and that leads me to believe that
the permissions on the target server have at least write access at the
Share and NTFS permission level.

I am also sure that Debbie was at least smart enough to verify the share
level and file permissions on the new target server prior to posting on
this list, however I doubt if she went through all the files on the
source server to verify that none of them had full control as a ACL for
the user account in question.

The other issue that she me be experiencing is that if the files are
currently in use the they will be locked also stopping the move process
from occurring.

Well that's my two cents,

Jose

--
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, May 26, 2005 3:05 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Home Directories


I disagree.  Taking ownership isn't going to fix the permissions issues
for the user at the opposite end.  I'm leaning towards a share-level
permission problem, since 2003 by default sets shares at Everyone:Read
while NT was Everyone:Full Control.
 
:m:dsm:cci:mvp 



From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent

[ActiveDir] Home Directories

[Ellis, Debbie]

We are in the process of moving our users home
directories from NT server to 2003 server. We have moved some and have ran
into a problem. The users are unable to delete or add but the effective permissions
is change access. Has anyone ran into this issue?

RE: [ActiveDir]

[Ellis, Debbie]

There is no way I would attempt to have each school a separate domain. You
would have an administrative nightmare. You would need to have at least 27
domain controllers. Ideally you would have at least two for each domain for
redundancy so that would mean 54 DC's. I would use  OU's.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eddie Greene
Sent: Monday, May 16, 2005 12:39 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] 

We have not rolled out AD yet and are banging our heads against the wall
figuring out which way to go.  We have 24 Schools 1 Main office, 1
Maintenance shop, 1 Bus Garage.  would it be best for use to roll out a
single domain or 27 domains in our forest.

it is not important for our users to be able to go to other locations and
log into the system.  It would be nice to be able to replicate a folder with
all the schools that contains programs you never have when you need them
(i.e. Adobe).

I haven't got a clear understanding of Domains vs. OUs.  One way I read it
would be best for each school to be a domain and in another reading I think
that each school just needs to be their own OU.

any help would be greatly appreciated

Eddie

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] 2003 DNS

[Ellis, Debbie]

I thought I read about an issue with having a 2003 DNS
server pointing to itself as the preferred or primary DNS Server. Has anyone
heard about this issue and if so, where can I find documentation on it?

[ActiveDir] SUS

[Ellis, Debbie]

We are going to deploy SUS sometimes soon. Can patches be
deployed to machines while the user is logged off but the machine is turned on?

RE: [ActiveDir] RDP

[Ellis, Debbie]

My company was using Standard and auto enrollment would not work. We
consulted our TAM and he said we had to have Enterprise for Auto Enrollment.

Debbie Ellis
Systems Administrator
Viasat, Inc.
4356 Communications Drive
Norcross, GA   30093
678-924-2591
 
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Robbie Foust
Sent: Tuesday, November 16, 2004 10:28 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] RDP


Ken Cornetet wrote:

You also need enterprise for autoenrollment.
  


Weird, I wonder why autoenrollment works for me then?  I'm only running 
standard, not enterprise.  Autoenrollment is definitely working.

- Robbie


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Renouf, Phil
Sent: Monday, November 15, 2004 4:16 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] RDP


There are a number of PKI things that can't be done without Enterprise
Edition. I believe the most important being extra certificate templates
that can be used (although my terminology may be wrong).

Phil 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Robbie Foust
Sent: Monday, November 15, 2004 3:32 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] RDP


Ellis, Debbie wrote:

  

I recently upgraded one of our Windows 2003 Domain Controllers to
Enterprise Edition. (Needed for Certificates, auto enrollment).



You don't need enterprise edition for that.  I'm doing it with standard
edition and it works fine.
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
  


-- 
Robbie Foust, IT Analyst
OIT/CASI - Administrative Information Support
Duke University


List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] RDP

[Ellis, Debbie]

I recently upgraded one of our Windows 2003 Domain
Controllers to Enterprise Edition. (Needed for Certificates, auto enrollment).
The problem I am having is when I try to connect remotely via Remote Desktop
Protocol, the server reboots. It worked fine before the upgrade. Has anyone
experienced this problem or know a solution?

RE: [ActiveDir] RDP

[Ellis, Debbie]

When it tries to connect, before the log on screen.  

Debbie Ellis
Systems Administrator
Viasat, Inc.
4356 Communications Drive
Norcross, GA   30093
678-924-2591
 
 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Robbie Foust
Sent: Monday, November 15, 2004 3:32 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] RDP


Ellis, Debbie wrote:

 I recently upgraded one of our Windows 2003 Domain Controllers to 
 Enterprise Edition. (Needed for Certificates, auto enrollment).

You don't need enterprise edition for that.  I'm doing it with standard 
edition and it works fine.

 The problem I am having is when I try to connect remotely via Remote 
 Desktop Protocol, the server reboots.  It worked fine before the 
 upgrade. Has anyone experienced this problem or know a solution?

Does this happen as soon as the connection is established, or while 
you're logging on?

I've never been a fan of domain controller upgrades. Too many things can 
break or become unstable.  You're better off demoting it and rebuilding 
it from scratch.

- Robbie

-- 
Robbie Foust, IT Analyst
OIT/CASI - Administrative Information Support
Duke University


List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Shadow Copy

[Ellis, Debbie]

I don't really need faul tolerance at all for Shadow Copy if I am
maintaining regular backups do I?

Debbie Ellis
Systems Administrator
Viasat, Inc.
4356 Communications Drive
Norcross, GA   30093
678-924-2591
 
 

-Original Message-
From: Grillenmeier, Guido [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, October 19, 2004 10:24 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Shadow Copy

assuming you're talking about Shadow Copy Restore feature:
- how many changes do your users make per day and how many versions of
the documents do you want to keep? = this will determine the space you
should calculate for each volume.  Add 105 MB, which is what the feature
requires for itself.

- how much extra fault-tolerance do you need? you don't need to put the
previous versions data on a particular safe disk = could also be RAID 0
or separte disks.

/Guido

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Tuesday, October 19, 2004 1:12 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Shadow Copy

Is there any formula for figuring out how much hard drive space you will
need ? Also which is better, Raid 5 or mirror sets for Shadow Copy?

Debbie Ellis
Systems Administrator
Viasat, Inc.
4356 Communications Drive
Norcross, GA   30093
678-924-2591
 
 
-Original Message-
From: Robert Mezzone [mailto:[EMAIL PROTECTED]
Sent: Monday, October 18, 2004 6:18 PM
To: '[EMAIL PROTECTED]'
Subject: Re: [ActiveDir] Shadow Copy

There is an article in TechNet about formatting the drive with a certain
cluster size, if you don't and you defrag the drive, all your snapshots
are deleted during defrag. 

I've been using it for a year now wo any problems. I store all the
snapshots on a dedicated set of mirrored drives. Between shadow copy and
a long retention time for undelete, I have't restored anything from tape
in a very long time.

Robert


-Original Message-
From: [EMAIL PROTECTED]
[EMAIL PROTECTED]
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Sent: Mon Oct 18 15:41:39 2004
Subject: [ActiveDir] Shadow Copy

My company is thinking of instituting Shadow Copy.  Any advice would be
appreciated.  What are the approximate costs ?

 

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Shadow Copy

[Ellis, Debbie]

Is there any formula for figuring out how much hard drive space you will
need ? Also which is better, Raid 5 or mirror sets for Shadow Copy?

Debbie Ellis
Systems Administrator
Viasat, Inc.
4356 Communications Drive
Norcross, GA   30093
678-924-2591
 
 
-Original Message-
From: Robert Mezzone [mailto:[EMAIL PROTECTED] 
Sent: Monday, October 18, 2004 6:18 PM
To: '[EMAIL PROTECTED]'
Subject: Re: [ActiveDir] Shadow Copy

There is an article in TechNet about formatting the drive with a certain
cluster size, if you don't and you defrag the drive, all your snapshots are
deleted during defrag. 

I've been using it for a year now wo any problems. I store all the snapshots
on a dedicated set of mirrored drives. Between shadow copy and a long
retention time for undelete, I have't restored anything from tape in a very
long time.

Robert


-Original Message-
From: [EMAIL PROTECTED]
[EMAIL PROTECTED]
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Sent: Mon Oct 18 15:41:39 2004
Subject: [ActiveDir] Shadow Copy

My company is thinking of instituting Shadow Copy.  Any advice would be
appreciated.  What are the approximate costs ?

 

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Active Directory Monitoring Tools

[Ellis, Debbie]

We would like to do both











From: Mulnick, Al
[mailto:[EMAIL PROTECTED] 
Sent: Tuesday, July 13, 2004 9:27
AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Active
Directory Monitoring Tools





MOM is a great tool, but I never recommend
email alerts if you're also an Exchange shop. If Active Directory is
having problems, it's possible that email won't work. Paging or text
messaging is much more reliable.



Al









From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Tuesday, July 13, 2004 9:16
AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Active Directory
Monitoring Tools

My company is looking to purchase a tool that will monitor
Active Directory and send an email when there are critical errors. What
are your recommendations?

RE: [ActiveDir] Active Directory Monitoring Tools

[Ellis, Debbie]

Thanks, in fact I just downloaded an eval
version of App Manager. We used their migration suite and had great
results. Have you used App Manager and are you happy with it?











From: Peter Johnson
[mailto:[EMAIL PROTECTED] 
Sent: Tuesday, July 13, 2004 10:16
AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Active
Directory Monitoring Tools





Also take a look at the
NetIQ tools particularly App Manager and some of the SAS tools as well as their
Security tools











From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rachui, Scott
Sent: 13 July 2004 15:28
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Active
Directory Monitoring Tools







Microsoft Operations Manager is very good,
especially with the newest version (2005) about to come out. Also, NetPro
makes a nice suite of products.





-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Ellis, Debbie
Sent: Tuesday, July 13, 2004 8:16
AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Active
Directory Monitoring Tools

My company is looking to purchase a tool that will monitor
Active Directory and send an email when there are critical errors. What
are your recommendations?

RE: [ActiveDir] 2003 Domain Controllers

[Ellis, Debbie]

Thanks. I stopped and restarted the FRS
service on both dc's and no longer receive the error message.











From: Rachui, Scott
[mailto:[EMAIL PROTECTED] 
Sent: Tuesday, June 29, 2004 12:04
PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] 2003
Domain Controllers







There's an event log message in your File
Replication log that's reporting an error. Check there and look that
error up.





-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Ellis, Debbie
Sent: Tuesday, June 29, 2004 10:57
AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] 2003 Domain
Controllers

When running DCDIAG on one of my dc's I receive the
following message:



Starting test: frsevent

There are warning or error events within the last 24 hours
after the SYSVOL has been shared. Failing SYSVOL replication problems may
cause

Group Policy problems



I did a search on Technet but could not find the
message. Does anyone have an idea of what it means?

RE: [ActiveDir] AD diagnostic tools

[Ellis, Debbie]

AD
Tools



-Original Message-
From: Elton Gouvêa Pimentel [mailto:[EMAIL PROTECTED] 
Sent: Monday, June 28, 2004 1:25 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] AD diagnostic tools



Dear friends,



 Does anyone knows any tools to diagnose problems on AD ? 



Thanks,



Elton Pimentel.

List info   : http://www.activedir.org/mail_list.htm

List FAQ    : http://www.activedir.org/list_faq.htm

List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Active directory Error

[Ellis, Debbie]

Have you looked at DNS?  Can you ping the other domain controllers from this
dc?

-Original Message-
From: Roseta Radfar [mailto:[EMAIL PROTECTED] 
Sent: Thursday, June 24, 2004 9:19 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Active directory Error

hi,
 
I have active directory installed on my DC. but when i click on it . This
gives error:
 
The list of domain controllers for domain is unavailable because the RPC
server is unavailable.
 
what is this error and how can i correct it?
 
any help is appriciated.
roseta
.+-wi0g-+YbmPi0-+bf.+-j!
0j!oryIV+v*
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] User Icons

[Ellis, Debbie]

I am looking at group memberships in various groups in my AD
structure and notice some user icons are dim or gray looking. What does this
mean?



Debbie Ellis

Systems Administrator

Viasat, Inc.

4356
  Communications Drive

Norcross, GA 30093

678-924-2591










attachment: image001.jpg

RE: [ActiveDir] User Icons

[Ellis, Debbie]

The whole user icon is dimmed or gray and other users in the same group
arenot dimmed or gray.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, June 21, 2004 2:12 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] User Icons





Hey Debbie,

take a look here

http://support.microsoft.com/default.aspx?scid=kb;en-us;281923





|-+--
| |   Ellis, Debbie|
| |   [EMAIL PROTECTED]|
| |   m |
| |   Sent by:   |
| |   [EMAIL PROTECTED]|
| |   tivedir.org|
| |  |
| |  |
| |   06/21/2004 12:55 PM|
| |   Please respond to  |
| |   ActiveDir  |
| |  |
|-+--
 
---
-|
  |
|
  |   To:   [EMAIL PROTECTED]
|
  |   cc:
|
  |   Subject:  [ActiveDir] User Icons
|
 
---
-|





I am looking at group memberships in various groups in my AD structure and
notice some user icons are dim or gray looking. What does this mean?

Debbie Ellis
Systems Administrator
Viasat, Inc.
4356 Communications Drive
Norcross, GA   30093
678-924-2591
 (Embedded image moved to file: pic01990.jpg)

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] OT: Research Question

[Ellis, Debbie]

Title: OT: Research Question









 Pay
 Benefits
 Flexibility












From:
DL.ActiveDirectory [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 13, 2004 1:50
PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT:
Research Question





Paydays?





Thank you, 
Mitch Lawrence 




-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Zach Huseby
Sent: Thursday, May 13, 2004 11:59
AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT:
Research Question



the 2nd and the 18th of
each month.

















From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of DL.ActiveDirectory
Sent: Thursday, May 13, 2004 10:05
AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] OT: Research
Question

Hello,

I am doing research for a college project, and I
would appreciate any feedback I can get on the following question:

As an IT professional, what factors
in your employment make
a difference to you? Why?

I really appreciate the time you take to give me some
insight into your world.

Thank you,

Mitch

Noob college student

RE: [ActiveDir] Migration Dilemma

[Ellis, Debbie]

My company used Net IQ and had great results.  Cost was about 6.00 per user
for the whole suite. (Includes Exchange Migrator) We tried ADMT but had
problems with the local profiles migrating over to the new domain.  

-Original Message-
From: Morris, Adam [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, April 14, 2004 11:41 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Migration Dilemma


Hello,

We are in the process of planning our migration from NT 4 to Windows 2000
AD.  Last year we deployed a minimal AD site in order to roll-out Exchange
2000 for our users.  User accounts and mailboxes were created in the new
domain but no users were migrated.  Some initial testing with the ADMT
indicates that it will not produce the desired results.
  
At this time I can see 2 possible plans of action and I'm looking for some
better options.  (Like maybe another way to migrate the SID's to the new
accounts in AD or a way to get ADMT to update the existing accounts instead
of replacing them).

Plan 1:  Back up all the user mailboxes, wipe the AD accounts, use ADMT to
move all the accounts/gropus, and then restore mailbox data.

Plan 2:  Spend the time to develop custom scripts that will add/create the
appropriate groups and script as much of the migration as possible.

Currently we have close to 150 groups for around 400 users and multiple file
servers so the thought of doing a manual migration process is pretty
painful.  If anybody has any suggestions or thoughts I'd much appreciate the
feedback.

Thank you!
Adam Morris
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] DHCP

[Ellis, Debbie]

We are almost completed with our migration to AD 2003. Our users are migrated and we have been
using the DHCP Server in the old domain. I am a member of the Domain Admin Group
and Enterprise Admin Group in the new domain. I tried to authorize the scopes on a
domain controller in the new domain and received an access denied message. Do any of you know why I would be getting
this error message?

RE: [ActiveDir] DHCP

[Ellis, Debbie]

I should re phrase this. I tired to
authorize the DHCP Server, not activate the scopes.



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 7:53 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] DHCP



We are almost completed with our
migration to AD 2003. Our users are
migrated and we have been using the DHCP Server in the old domain. I am a member of the Domain Admin Group
and Enterprise Admin Group in the new domain. I tried to authorize the scopes on a
domain controller in the new domain and received an access denied message. Do any of you know why I would be
getting this error message?

RE: [ActiveDir] DHCP

[Ellis, Debbie]

Title: Message









Do we have to have a DHCP Server installed
in the Forest Root? It is an empty
forest root. I have tried logging
in to the forest root on the Domain Controller DHCP is
installed on, but there is no option given to authorize the server. I am using
DHCP Admin tool.



-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:42
AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP





Log in
as an enterprise admin in the forest root and try it.















--

Roger D. Seielstad - MTS MCSE MS-MVP 
Sr. Systems Administrator 
Inovis Inc. 



-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]

Sent: Monday, March 15, 2004 8:33
AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

I am logging into the
child domain of the Forest root domain. I am a member of the Enterprise Admin
group We are 2003 function level.



-Original Message-
From: Jorge de Almeida Pinto
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:20
AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DHCP



Hi,



What is your forest/domain structure and to what domain do you
logon to and what account are you using (including memberships) and what is the
domain functionality level of the domain(s)?



To authorize a DHCP server you must have one of the following
memberships:

* Root Domain Domain admins

* Root Domain Enterprise admins



These groups have the correct permissions on the
NetServices container in Active Directory Sites and
Services under the Services node to authorize DHCP servers.



regards,

Jorge

















From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Monday, March 15, 2004 14:00
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

I should
re phrase this. I tired to authorize the DHCP Server, not activate the scopes.



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 7:53
AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] DHCP



We are almost completed with our migration
to AD 2003. Our users are migrated
and we have been using the DHCP Server in the old domain. I am a member of the Domain Admin Group
and Enterprise Admin Group in the new domain. I tried to authorize the scopes on a
domain controller in the new domain and received an access denied message. Do any of you know why I would be
getting this error message?


This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an intended
recipient then please promptly delete this e-mail and any attachment and all copies
and inform the sender. Thank you.

RE: [ActiveDir] DHCP

[Ellis, Debbie]

Title: Message









Thanks, you are always a great deal of
help. Where do I get the snap
in? I tried to add it with mmc.



-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 9:11 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP





I log
into a forest root domain controller, as an enterprise admin/domain admin (in
the forest root) to authorize DHCP servers when I need to do it (which is
rarely). The only requirement is that you have the DHCP snap in installed on
that box.















--

Roger D. Seielstad - MTS MCSE MS-MVP 
Sr. Systems Administrator 
Inovis Inc. 



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 9:04 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

Do we have to have a DHCP
Server installed in the Forest Root?
It is an empty forest root.
I have tried logging in to the forest root on the Domain Controller DHCP is
installed on, but there is no option given to authorize the server. I am using
DHCP Admin tool.



-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:42 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP





Log in
as an enterprise admin in the forest root and try it.















--

Roger D. Seielstad - MTS MCSE MS-MVP 
Sr. Systems Administrator 
Inovis Inc. 



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:33 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

I am
logging into the child domain of the Forest root
domain. I am a member of the Enterprise Admin group We are 2003 function level.



-Original Message-
From: Jorge de Almeida Pinto
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:20 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DHCP



Hi,



What is your forest/domain structure and to what domain do you
logon to and what account are you using (including memberships) and what is the
domain functionality level of the domain(s)?



To authorize a DHCP server you must have one of the following
memberships:

* Root Domain Domain admins

* Root Domain Enterprise admins



These groups have the correct permissions on the
NetServices container in Active Directory Sites and
Services under the Services node to authorize DHCP servers.



regards,

Jorge





















From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Ellis, Debbie
Sent: Monday, March 15, 2004 14:00
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

I should
re phrase this. I tired to authorize the DHCP Server, not activate the scopes.



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 7:53
AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] DHCP



We are almost completed with our
migration to AD 2003. Our users are
migrated and we have been using the DHCP Server in the old domain. I am a member of the Domain Admin Group
and Enterprise Admin Group in the new domain. I tried to authorize the scopes on a
domain controller in the new domain and received an access denied message. Do any of you know why I would be
getting this error message?


This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential information
and/or be subject to legal privilege. It should not be copied, disclosed to,
retained or used by, any other party. If you are not an intended recipient then
please promptly delete this e-mail and any attachment and all copies and inform
the sender. Thank you.

RE: [ActiveDir] DHCP

[Ellis, Debbie]

Title: Message









Thanks this worked J



-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 10:32 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP





Install
adminpak.msi on the server is the easiest way















--

Roger D. Seielstad - MTS MCSE MS-MVP 
Sr. Systems Administrator 
Inovis Inc. 



-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]

Sent: Monday, March 15, 2004 10:08 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

Thanks, you are always a
great deal of help. Where do I get
the snap in? I tried to add it with
mmc.



-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 9:11 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP





I log
into a forest root domain controller, as an enterprise admin/domain admin (in
the forest root) to authorize DHCP servers when I need to do it (which is
rarely). The only requirement is that you have the DHCP snap in installed on
that box.















--

Roger D. Seielstad - MTS MCSE MS-MVP 
Sr. Systems Administrator 
Inovis Inc. 



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 9:04 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

Do we
have to have a DHCP Server installed in the Forest Root? It is an empty forest root. I have tried logging in to the forest
root on the Domain Controller DHCP is
installed on, but there is no option given to authorize the server. I am using
DHCP Admin tool.



-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:42 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP





Log in
as an enterprise admin in the forest root and try it.















--

Roger D. Seielstad - MTS MCSE MS-MVP 
Sr. Systems Administrator 
Inovis Inc. 



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:33 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

I am
logging into the child domain of the Forest root
domain. I am a member of the Enterprise Admin group We are 2003 function level.



-Original Message-
From: Jorge de Almeida Pinto
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 8:20 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DHCP



Hi,



What is your forest/domain structure and to what domain do you
logon to and what account are you using (including memberships) and what is the
domain functionality level of the domain(s)?



To authorize a DHCP server you must have one of the following
memberships:

* Root Domain Domain admins

* Root Domain Enterprise admins



These groups have the correct permissions on the
NetServices container in Active Directory Sites and
Services under the Services node to authorize DHCP servers.



regards,

Jorge

























From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Monday, March 15, 2004 14:00
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] DHCP

I should
re phrase this. I tired to authorize the DHCP Server, not activate the scopes.



-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Monday, March 15, 2004 7:53 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] DHCP



We are almost completed with our
migration to AD 2003. Our users are
migrated and we have been using the DHCP Server in the old domain. I am a member of the Domain Admin Group
and Enterprise Admin Group in the new domain. I tried to authorize the scopes on a
domain controller in the new domain and received an access denied message. Do any of you know why I would be
getting this error message?


This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential
information and/or be subject to legal privilege. It should not be copied,
disclosed to, retained or used by, any other party. If you are not an intended
recipient then please promptly delete this e-mail and any attachment and all
copies and inform the sender. Thank you.

RE: [ActiveDir] Domain Membership (Specify an Organizational Unit )

[Ellis, Debbie]

Title: Domain Membership (Specify an Organizational Unit)








We tested out ADMT but had
problems migrating the local user profiles on the
machines. We started using NetIQ's Migration Suite and it worked great. We had 1500 users to migrate.



-Original Message-
From: Santhosh Sivarajan
[mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 25, 2004
8:31 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Domain
Membership (Specify an Organizational Unit)



You can use ADMT V2.0 or
any third party migration tool (Net IQ, Fastlane, Bind View etc) for this.











From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kent Maxwell
Sent: Tuesday, February 24, 2004
3:54 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Domain
Membership (Specify an Organizational Unit)





I need to migrate several client computers from an NT
4.0 domain to a specific Organizational Unit in a new Active Directory.
Is this possible? If so how can I do this?

Additionally, I need retain and move the user profile
folder from the NT 4.0 domain account to the new AD Account. Is there any
way I can do this?

Thank you for all the help! 


-
This e-mail is intended for the use of the addressee (s) only and may contain
privileged, confidential, or proprietary information that is exempt from
disclosure under law. If you have received this message in error, please inform
us promptly by reply e-mail, then delete the e-mail and destroy any printed
copy. Thank you.

[ActiveDir] NT Member Server Migration to AD 2003

[Ellis, Debbie]

We have reached the phase in our migration where all the
users and their computers have been migrated. We are upgrading most of our member
servers to 2000 before migrating. There are a few servers we are leaving at
NT4. We are using NetIQ Migration Suite and it works great. The question I have is have any of you
had any problems migrating NT 4 member servers to AD? Are there any preparations that need to
be done before the member servers are migrated. I know
with our NT workstations we installed the directory services
client, but I understand that is just for workstations. Our domain controllers are all 2003.

[ActiveDir] Directory Services Client Software

[Ellis, Debbie]

Does anyone know where I can download the dsclient software for Windows 98 clients? I found one for NT 4.0 but not 98. I also did a search on the Server 2003 CD.
Thanks as always for your help.

[ActiveDir] Active Directory Users and Computers

[Ellis, Debbie]

We have a Windows 2003 Active Directory Structure. Can I install Active Directory Users and
Computers on my Windows XP computer and use it to administer the domain? If so, how? I have tried but have been unsuccessful.

RE: [ActiveDir] ADMT Vs Third Party Migration Tools

[Ellis, Debbie]

Title: Re: [ActiveDir] 









We had problems with ADMT not
migrating local profiles.



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] 
Sent: Tuesday, November 18, 2003
4:01 PM
To: [EMAIL PROTECTED]
Subject: ADMT Vs Third Party
Migration Tools





What are the advantages (other than
project based migration) of using any third party migration tools over ADMT
V2.0 ? How do you justify the licensing cost if you don't have that much help
with third party migration tools?

Thanks in advance.

[ActiveDir] Migration Tool

[Ellis, Debbie]

My
company has decided not to use ADMT. We are in the market for a migration
tool. We checked with Bindview and were
told they do not sell their products without also selling "Professional
Services" .We are not interested in
Professional Services. Can any of you
recommend a good
migration tool. We will also be
migrating Exchange 5.5 to Exchange 2003 later on.

RE: [ActiveDir] Migration Tool

[Ellis, Debbie]

My organization wants to include both in purchasing a migration tool.  Why
buy one tool for AD migration and another tool for Exchange migration? We
don't need to buy the service.

-Original Message-
From: DiBias, Chip [mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 9:21 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Migration Tool

Just so everyone is clear on this subject...BindView will sell our
NT/NDS migration tools to anyone.  The Exchange migration tool however
is now sold as a service.  We recently changed this to help
organizations expedite their Exchange migrations.  As you all know
Exchange migrations can be complex, challenging, and extremely visible
projects.  As such we have seen companies get themselves into trouble
due to lack of preparedness, knowledge, or time.  This is a new bundle
and we feel it will lessen the time, stress, and challenges of moving to
Exchange 2000/2003.

Regards,

Chip DiBias   

-Original Message-
From: Chianese, David P. [mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 8:15 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Migration Tool

NETIQ is a bomb IMO.  It might as well be vaporware.  We did better, and
are currently doing better with a homespun vbscript, exmerge and another
homespun profile update vbscript.  Netiq looked good on paper but when
it came down to the migration they left a lot to be desired.  One of my
biggest peeves about them is that we required a bunch of scripts outside
of the netiq product itself and when they originally came in to demo it
they told us the scripts would be made available to us.  We have to date
not received one script from them in helping our migration.  In fact,
they wanted to charge us for time to write the scripts we needed.  We
said no thanks and went on with our migration.  Just a word of caution
for you.  

Now with that said, our migration was a very complex one to say the
least.  We did inter-org with 5 different e-mail systems being collapsed
to one new E2k org. including our nemesis, the dreaded World Talk
switch.

Buyer beware!


Regards,

Dave



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Leeuwen van, JWJ
(Joost)
Sent: Friday, November 14, 2003 8:06 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Migration Tool


Do not remind me of Aelita and profile updates, it was a total disaster
at my site.
A script I wrote myself in 2 hours worked a lot better. 

 -Original Message-
 From: [EMAIL PROTECTED] 
 [mailto:[EMAIL PROTECTED] 
 Sent: vrijdag 14 november 2003 13:52
 To: [EMAIL PROTECTED]
 Subject: RE: [ActiveDir] Migration Tool
 
 I'm not involved directly but my team has been evaluation the 
 Aleita tool.  This handles profile updates.  
 
 They are looking at methods to migrate 60,000   users in two orgs
 so there is quite a bit to look at.
 
 Not sure if this tool is suitable for your environment.  I 
 believe they only look at selling this to sites over 3,000 users.
 
 
 
   from:Ellis, Debbie [EMAIL PROTECTED]
   date:Fri, 14 Nov 2003 12:03:47
   to:  [EMAIL PROTECTED]
   subject: RE: [ActiveDir] Migration Tool
  
  Thanks.  Did you have problems migrating local profiles?  We are 
  looking at NetIQ and Fastlane. NetIQ states they have the 
 lowest cost, 
  but we haven't received a price quote yet from either.  I 
 am concerned 
  by the after a few patches...  Does the Exchange Migration come 
  bundled in with the Fastlane Migration tool or purchased separately?
   
   
  -Original Message-
  From: Rimmerman, Russ [mailto:[EMAIL PROTECTED]
  Sent: Friday, November 14, 2003 6:58 AM
  To: '[EMAIL PROTECTED]'
  Subject: RE: [ActiveDir] Migration Tool
   
  We're in the middle of a migration and we're using Quest 
 Fastlane Migrator.
  We bought a small amount (big enough for a pilot of 5 or so 
 sites) to 
  make sure its worthwhile before buying enough for all 6000 users.  
  They will let you 'lease' the software if you don't want to pay so 
  much.  That way, since you'll probably never use it again after the 
  migration is over, you can just delete it and it ends up being 
  cheaper.  We've had pretty good luck with it (after a few patches).
  -Original Message-
  From: Ellis, Debbie [mailto:[EMAIL PROTECTED]
  Sent: Friday, November 14, 2003 5:27 AM
  To: [EMAIL PROTECTED]
  Subject: [ActiveDir] Migration Tool
  My  company has decided not to use ADMT.  We are in the 
 market for a 
  migration tool.  We checked with Bindview and were told they do not 
  sell their products without also selling Professional 
 Services . We 
  are not interested in Professional Services.  Can any of 
 you recommend 
  a  good migration tool.  We will also be migrating Exchange 5.5 to 
  Exchange 2003 later on.
  
  ~~
  
  This e-mail is confidential, may contain proprietary information
  
  of the Cooper Cameron Corporation and its operating Divisions

RE: [ActiveDir] Migration Tool

[Ellis, Debbie]

We spoke to the correct group, but why would we want to buy one tool for AD
and another tool for Exchange?

-Original Message-
From: Myrick, Todd (NIH/CIT) [mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 10:55 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Migration Tool

I thought so.  It sounds like this company only spoke to your professional
services group.

Todd

-Original Message-
From: DiBias, Chip [mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 9:21 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Migration Tool


Just so everyone is clear on this subject...BindView will sell our NT/NDS
migration tools to anyone.  The Exchange migration tool however is now sold
as a service.  We recently changed this to help organizations expedite their
Exchange migrations.  As you all know Exchange migrations can be complex,
challenging, and extremely visible projects.  As such we have seen companies
get themselves into trouble due to lack of preparedness, knowledge, or time.
This is a new bundle and we feel it will lessen the time, stress, and
challenges of moving to Exchange 2000/2003.

Regards,

Chip DiBias   

-Original Message-
From: Chianese, David P. [mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 8:15 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Migration Tool

NETIQ is a bomb IMO.  It might as well be vaporware.  We did better, and are
currently doing better with a homespun vbscript, exmerge and another
homespun profile update vbscript.  Netiq looked good on paper but when it
came down to the migration they left a lot to be desired.  One of my biggest
peeves about them is that we required a bunch of scripts outside of the
netiq product itself and when they originally came in to demo it they told
us the scripts would be made available to us.  We have to date not received
one script from them in helping our migration.  In fact, they wanted to
charge us for time to write the scripts we needed.  We said no thanks and
went on with our migration.  Just a word of caution for you.  

Now with that said, our migration was a very complex one to say the least.
We did inter-org with 5 different e-mail systems being collapsed to one new
E2k org. including our nemesis, the dreaded World Talk switch.

Buyer beware!


Regards,

Dave



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Leeuwen van, JWJ
(Joost)
Sent: Friday, November 14, 2003 8:06 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Migration Tool


Do not remind me of Aelita and profile updates, it was a total disaster at
my site. A script I wrote myself in 2 hours worked a lot better. 

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED] 
 Sent: vrijdag 14 november 2003 13:52
 To: [EMAIL PROTECTED]
 Subject: RE: [ActiveDir] Migration Tool
 
 I'm not involved directly but my team has been evaluation the
 Aleita tool.  This handles profile updates.  
 
 They are looking at methods to migrate 60,000   users in two orgs
 so there is quite a bit to look at.
 
 Not sure if this tool is suitable for your environment.  I
 believe they only look at selling this to sites over 3,000 users.
 
 
 
   from:Ellis, Debbie [EMAIL PROTECTED]
   date:Fri, 14 Nov 2003 12:03:47
   to:  [EMAIL PROTECTED]
   subject: RE: [ActiveDir] Migration Tool
  
  Thanks.  Did you have problems migrating local profiles?  We are
  looking at NetIQ and Fastlane. NetIQ states they have the 
 lowest cost,
  but we haven't received a price quote yet from either.  I
 am concerned
  by the after a few patches...  Does the Exchange Migration come
  bundled in with the Fastlane Migration tool or purchased separately?
   
   
  -Original Message-
  From: Rimmerman, Russ [mailto:[EMAIL PROTECTED]
  Sent: Friday, November 14, 2003 6:58 AM
  To: '[EMAIL PROTECTED]'
  Subject: RE: [ActiveDir] Migration Tool
   
  We're in the middle of a migration and we're using Quest
 Fastlane Migrator.
  We bought a small amount (big enough for a pilot of 5 or so
 sites) to
  make sure its worthwhile before buying enough for all 6000 users.
  They will let you 'lease' the software if you don't want to pay so 
  much.  That way, since you'll probably never use it again after the 
  migration is over, you can just delete it and it ends up being 
  cheaper.  We've had pretty good luck with it (after a few patches).
  -Original Message-
  From: Ellis, Debbie [mailto:[EMAIL PROTECTED]
  Sent: Friday, November 14, 2003 5:27 AM
  To: [EMAIL PROTECTED]
  Subject: [ActiveDir] Migration Tool
  My  company has decided not to use ADMT.  We are in the 
 market for a
  migration tool.  We checked with Bindview and were told they do not
  sell their products without also selling Professional 
 Services . We
  are not interested in Professional Services.  Can any of
 you recommend
  a  good migration tool.  We will also be migrating Exchange 5.5 to
  Exchange 2003 later

RE: [ActiveDir] Migration Tool

[Ellis, Debbie]

Title: Message









Our migration is very simple, and basic.



-Original Message-
From: Morley, Scott
[mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 11:06 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Migration
Tool





The vendorsI've
dealtwith(Quest/Aelita) both wanted Prof Services.initially I
felt the same way. Unfortunately, the products aremade for people
to do simple migrations. If your migration gets complicated (i.e.
simple=migration within a single maintence cycle) then you need to dig into the
products. THeir prof services provides the backdoors and the undocumented
features to make life easier. In most cases, the documentation provided
looks nice and clean, but is utterly deviod of any serious technical content.











I've evaluated both
products and my descision was based upon the lesser of two
evilsreally! 















Scott Morley
MCSE
2000/4.0, Exchange 2000/5.5, MCT, CCNA, CNE, CNI 
Senior
Systems Engineer/Architect 
Global
Messaging Services, Starwood Technology Center 
Starwood
Hotels and Resorts, Worldwide







Phone:
781-348-7120







Learning
is not compulsory... neither is survival.
- W. Edwards Deming 



-Original Message-
From: Myrick, Todd (NIH/CIT)
[mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003 10:41 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Migration
Tool



We have used Bindview, I
am surprised to hear Bindview only wants to sell professional services...
Bindview has a tools division, and the Professional Services Division.
Chip Dibias is on reader on the site and works for Bindview. He might be
someone you should talk to maybe clear this up...











Aelita is pretty
good. They can do NT4 to AD, AD to AD, and Exchange 5.5 to Exchange 2K,
pretty well. They like to sell tools, but also offer professional
services.











My recommendation is to
hire the professionals to come in and manage it like a project. That way
you build from the Vendors experience, and also put a serious dollar figure on
the migration to get people to move their asses, instead of BWM about breaking
stuff.











Todd





-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED] 
Sent: Friday, November 14, 2003
6:27 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Migration
Tool

My company has decided not to use ADMT. We are in the market for a migration
tool. We checked with Bindview and
were told they do not sell their products without also selling Professional
Services .We are not interested in Professional Services. Can any of you recommend a good migration tool. We will also be migrating Exchange 5.5
to Exchange 2003 later on.





/

This electronic message transmission contains information from the Company that may be proprietary, confidential and/or privileged.The information is intended only for the use of the individual(s) or entity named above. If you are not the intended recipient, beaware that any disclosure, copying or distribution or use of the contents of this information is prohibited. If you have receivedthis electronic transmission in error, please notify the sender immediately by replying to the address listed in the From: field.

BODY

[ActiveDir] User Profile

[Ellis, Debbie]

Does anyone know of a process or service that locks a user
profile even when logged off? We are trying to migrate
local profiles using ADMT and are
receiving an error message that the profile is in use. We have even tried rebooting the pc and not
logging on and still receive the same error message.

RE: [ActiveDir] User Profile

[Ellis, Debbie]

I did do a shutdown and reboot but it did not solve the problem.  

-Original Message-
From: Jef Kazimer [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, November 12, 2003 3:08 PM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: re: [ActiveDir] User Profile

It's that Mysterious error they talk about in the ADMT 2.0 docs, that they
say is unknown cause of it.

Do a shutdown and reboot of your workstations before you migrate them, and
it solves this problem.   I meant to send out verification and reboot
scripts this week since someone asked this earlier, but I forgot I am in
training this week.   Send me a noten ext week, and maybe it can be of help.

J

Original Message:
From: Ellis, Debbie [EMAIL PROTECTED]
To: '[EMAIL PROTECTED]' [EMAIL PROTECTED]
Subject: [ActiveDir] User Profile
Date: Wed, 12 Nov 2003 14:30:39 -0500

Does anyone know of a process or service that locks a user profile even
when
logged off? We are trying to migrate local profiles using ADMT and are
receiving an error message that the profile is in use.  We have even tried
rebooting the pc and not logging on and still receive the same error
message.




List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] Bindview and ADMT

[Ellis, Debbie]

Have any of your guys used the Bindview
Migration tool? We have been
testing the newest ADMT but have
run into several problems that are listed below. Have any of you had similar problems?




 If a
 member of the domain admin or domain user group is migrated, there are
 problems with accessing the resources in the source domain. SIDhistory
 was migrated and instructions from ADMT were
 followed.
 There
 are problems migrating the local profiles on the
 user's desktops. It
 shows they were migrated over and no error message in the log files, but
 they were not migrated. We
 have tried with the user logged off and logged on.

[ActiveDir] ADMT

[Ellis, Debbie]

We are getting ready to migrate
users to our new forest. We want to
migrate passwords, but force the user to change the password when they first
log on to the new domain.. I did not see a command line
reference in ADMT to do this. Is there
batch way to require this?

RE: [ActiveDir] Calculating AD replication traffic

[Ellis, Debbie]

Title: RE: [ActiveDir] Calculating AD replication traffic









http://www.windows-servers.info/active_directory.htm



Scroll close to the bottom and you will
see "Free Tools, Utilities and Downloads"

F"FreeEFREE Tools, Utilities  Tools, 

-Original Message-
From: Mayet, Yusuf Y
[mailto:[EMAIL PROTECTED]] 
Sent: Thursday, October 30, 2003 7:54 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir]
Calculating AD replication traffic



How can one get a hold of admapper 

It will definitely be helpful for future use.


Regards, 
Yusuf 



__





For information about the Standard Bank group visit
our web site www.standardbank.co.za
__

Disclaimer and confidentiality note 
Everything in this e-mail and any attachments relating to the official business
of Standard Bank Group Limited is proprietary to the group. 
It is confidential, legally privileged and protected by law. 
Standard Bank does not own and endorse any other content. Views and opinions
are those of the sender unless clearly stated as being that of the group. 
The person addressed in the e-mail is the sole authorised recipient. Please
notify the sender immediately if it has unintentionally reached you and do not
read, 
disclose or use the content in any way.
Standard Bank can not assure that the integrity of this communication has been
maintained nor that it is free of errors, virus, interception or interference.
___

RE: [ActiveDir] Migrating Computers and Users

[Ellis, Debbie]

I was looking for something where you could
import the computer or user names into a text file. I am sorry I was not clear.



-Original Message-
From: John Reijnders
[mailto:[EMAIL PROTECTED] 
Sent: Wednesday, October 29, 2003 8:58 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Migrating
Computers and Users



I was
surprised by your remark that ADMT does not let you migrate compus/users in
batch style. I've been through numerous migrations that ran in batches (up to
50K users and compus) using ADMT v2.0. Maybe your definition of batches is
something else than mine? I've included some quotes and linksfrom Technet
that confirm that batch wise migration (as I define it)is possible using
ADMT...



http://www.microsoft.com/technet/treeview/default.asp?url="">

http://www.microsoft.com/technet/treeview/default.asp?url="">

http://www.microsoft.com/technet/treeview/default.asp?url="">



If you have a
large number of users, groups, or computers to migrate, you can list them in an
include file. For example, to create an include file for a batch of computers,
create a plain text file and list the computer names, each name on a separate
line. Then specify the include file name with the /F option, as follows: ADMT COMPUTER /F "includefile_name" /SD:"source_domain"
/TD:"target_domain" /TO:"target_OU"









Cheers!





John

















From: Ellis,
Debbie [mailto:[EMAIL PROTECTED] 
Sent: woensdag 29 oktober 2003
14:05
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Migrating
Computers and Users

We plan on migrating our users and
computers to a new forest and new domain.
I am familiar with ADMT, but it does not appear to let you migrate
computers or users in batch style. Does anyone know of a script or tool that
will let you migrate more than one user or computer to a new domain? NT 4.0 -
Windows 2003 AD.

[ActiveDir] AD 2003

[Ellis, Debbie]

My company is going to migrate from NT 40 to AD 2003.
In the design, I have an empty forest root domain (Corp. Atlanta.com) and so
far (there will more added later) just have one domain (Non contiguous
namespace  Atlanta.com). My understanding is the dns name of the
domain will be Atlanta.com not Atlanta.corp.atlanta.com. I just wanted to
confirm this. I substituted Atlanta for the name of my company.

RE: [ActiveDir] Groups and OU's

[Ellis, Debbie]

Title: Message








What are the reasons for delegating the AD
Root Identifier? Why delegate read?











From: Myrick, Todd
(NIH/CIT) [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 08, 2003 6:25 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Groups
and OU's







Per delegation I do the following











AD ---Root Identifier





 +Delegation
Description =Del-ID (5 Char Max)Give FC to the
Directory Administrators, Enterprise
Admins, andSystem; Read to the Data Administrators
Authenticated Users.





 +OU or CN = Users Description = Del_IDUsers Give
R/C/M to Full Data Admins, Jr Data Admins, and R/M to Helpdesk. (Contains all
Mail-Enabled Users in Delegation)





 +OU or CN = Groups Description = Del_ID-Groups Give R/C/M
to Full Data Admins, Jr Data Admins, and R/M to Helpdesk. (Contains all Org
Level Global Groups in delegation)





 +OU or CN = Computers Description = Del_ID-Computers Give
R/C/M to Full Data Admins, Jr Data Admins, and R/M to Helpdesk. (Contains all
Workstations in delegation)





 +OU = OPS Description =Del-ID-OPS GiveR/C
to the Full Data Administrators. FC to the Create Owner (Contains Custom OU's
for the delegation)





 + OU or CN = Accounts Description = Del_ID-Accounts Give
R/C/M to Full Data Admins, R/C to Jr Data Admins, and R to Helpdesk. (Contains
Alt-Admin credentials)





 + OU or CN = Services Description =
Del_ID-ServicesGive R/C/M to Full Data Admins, R to Jr Data Admins
and to Helpdesk. (Contains Service Accounts)





 + OU or CN = Resources Description = Del_ID-Resources Give
R/C/M to Full Data Admins,R/C to Jr Data Admins and R to Helpdesk.
(Contains DLG for Each Share Resource {Each type of Access})





 + OU or CN = DL = Description =Del_ID-DL Give R/C/M to Full
Data Admins,R/C to Jr Data Admins and R to Helpdesk. (Contains Mail
Enabled UG for each level of org in del)





 + OU or CN = Contacts Description =Del_ID-Contacts Give
R/C/M to Full Data Admins,R/C to Jr Data Admins and R to Helpdesk.
(Contains Contacts for the Del)





 + OU or CN = Servers Description =Del_ID-Servers Give
R/C/M to Full Data Admins,R/C to Jr Data Admins and R to Helpdesk.
(Contains Servers for the Delegation)





 + OU or CN =SecGroup Description =Del_ID-SecGroup
Give R/G/M to Full Data Admins,R/C Jr Data Admins and R to Helpdesk.
(Contains GPO Filter Security Groups, and Special Security Groups)











The main driver for this tight model is
for easier scriptable delegations.











Principles of the design





=





All OU/CNis identified with
asmall 1 word identifierto facilitate searches.





Each objects Description field is filled
out with the delegation ID a - and the CN name to facilitate with
proper identification from searches.





OU's allow for additional OU's within the
OU. CN's don'tI believe by default do.





Data Administration is delegated as Full,
Jr, and Helpdesk.





Full DA's can create mail enabled DL UG
only.





GPO linking can be done on the
Users/Computers/Accounts/Services/Servers containers for easy troubleshooting
and modeling of changes.





Full DA's are the only ones who can modify
GPO's. FDA and Jr. DA can Link GPO's. Use Security Groups for GPO
filtering.





Dir Admins create GPO's and delegate them
to the Data Admins.





All accounts in the Users container are
Mail Enabled.





All accounts in the Accounts and Services
are not mail enabled. (ME Service accounts are normally a Directory
Admin, Exchange Admin function in my mind)





Groups contains only GG and uses nesting
to create organizational groups.





Computers contains all workstations.
Use GPO Security Groups for filtering.





DL contains mail enabled Organizational
UG. Use nesting like in the Groups container.





Resources contains a DLG for Each resource
with specific permissions, R/C/Deny. On the Network Share add each DLG
for each Access type to the Share and assign permissions. Administer the
DLG for Dir.

















As you can see I like to control were
object creation happens, and also limit the creation of additional OU's if
possible to a specific location under OPS.





The reason is for Scriptability. If
the name space Path is consistent, it is easier to create additional
delegations through scripts and ACL them.





With a good third-party tool, you can also
do form validation, hide OU's from the Data Admins to make the provisioning or
resources more focused, and automate certain Administration operations.
Like Account Creation validation, transfers, enforcingonly certain types
of object creation (Like noLG orUG creation),mailbox
creation, etc.











What do you all think?











What are the Principles of AD delegation!





What are theRules
forNativeAccess Control Delegation





What are the Rules for Proxy Access
Control Delegation





What are theRules for Native and
Proxy Access Control Delegation.











Toddler





 





-Original Message-
From: Ellis, Debbie
[mailto

[ActiveDir] Group Policy

[Ellis, Debbie]

Does anyone have a Group Policy  Spreadsheet ?
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Group Policy

[Ellis, Debbie]

Could you please send it to [EMAIL PROTECTED]  Thanks

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

Sent: Tuesday, August 05, 2003 2:23 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Group Policy

We do. It is our way to display the GPO's in human readable format.

Dan

-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED] 
Sent: Tuesday, August 05, 2003 10:32 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Group Policy


Does anyone have a Group Policy  Spreadsheet ?
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Groups and OU's

[Ellis, Debbie]

I will have a single forest, single domain .  Less than 1,000 users.  I want
it simple.  If I don't create an OU for the groups will I have to include
groups into another ou?  I will have one person administer groups. 

-Original Message-
From: Jimmy Andersson [mailto:[EMAIL PROTECTED] 
Sent: Friday, August 08, 2003 4:11 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Groups and OU's

Yes, you could have an OU for groups if you want. But the pros and cons all
depend on the way you want to administrate your AD. Can you give a bit more
info on your environment?

Regards,
/Jimmy
-
Jimmy Andersson, Q Advice AB  
  CEO  Principal Advisor  
Microsoft MVP - Active Directory
-- www.qadvice.com -- 


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie
Sent: Friday, August 08, 2003 10:20 PM
To: [EMAIL PROTECTED]

Is it advisible to have an OU for Groups? What are the pros and cons?  I
want a very simple and basic OU structure.


List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] DNS and Active Directory

[Ellis, Debbie]

I am considering setting up an Active Directory namespace
that does not mirror my DNS namespace and I would like to make sure it can be
done and the downside to doing it this way.

[ActiveDir] Network Monitoring Tool

[Ellis, Debbie]

My company is in the process of evaluating SolarWinds to monitor our
network. Have any of you used this tool? If so, can you provide feedback?
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] AD/Exchange Question

[Ellis, Debbie]

I know only one Exchange Organization per forest, but someone mentioned to
me that if you have a forest  structure with trees instead of child domains
you have to have an Exchange Organization for each one because of the
namespace issue. I don't believe that sounds correct, but I am not an
Exchange expert.(Exchange 2003)

-Original Message-
From: Sullivan, Kevin [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 29, 2003 12:30 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD/Exchange Question


You can have only one Ex2000 organization per forest. Or are you talking
about Exchange 5.5?

Kevin

-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED] 
Sent: Thursday, May 29, 2003 9:35 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] AD/Exchange Question

My company is getting ready to migrate to Windows 2003 Active Directory
from
NT 4.0.  Our design is to have separate trees in the enterprise forest.
Do
we have to have separate Exchange Organizations or is there a work
around to
still have one?
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] w2k replication

[Ellis, Debbie]

http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B232690

  -Original Message-From: [EMAIL PROTECTED] 
  [mailto:[EMAIL PROTECTED]Sent: Thursday, May 29, 2003 3:57 
  PMTo: [EMAIL PROTECTED]Subject: [ActiveDir] 
  w2k replicationCan you set the time for password replication in ad with windows 2000? 
  The problem I have is that when I change a password it can take up to an hour 
  to replicate the change. Thanks Ryan

RE: [ActiveDir] Setting up a secondary DNS Server

[Ellis, Debbie]

Check out this article in MCP Magazine this month.  You may find it helpful.

http://mcpmag.com/Features/article.asp?EditorialsID=273


-Original Message-
From: Oluwaseyi Owoeye [mailto:[EMAIL PROTECTED]] 
Sent: Sunday, May 05, 2002 3:51 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Setting up a secondary DNS Server

Hi guys,

I want to set up a secondary DNS Server on windows 2000. We have a primary
DNS server that is running on Unix. This machine is public and receives
regular updates of new DNS entries, but is far away from us and is managed
by our sister company. Now I want the Unix box to replicate all its changes
to the DNS server that I want to set up.

How do I go about setting this up, and help would be highly appreciated.


Thanks
Seyi

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Program for blocking of websites

[Ellis, Debbie]

I would just enable Content Advisor in Internet Explorer. (Tools. Internet
Options click on the Content tab) You have to be a local admin to do this.
You can't block just one site, but it sounds like they want to block the
porn sites and other objectionable sites.
-Original Message-
From: Christopher Hummert [mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 29, 2002 2:59 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Program for blocking of websites

Actually they want to block one of their children from using the
internet.
_Chris

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Christopher
Hummert
Sent: Monday, April 29, 2002 11:54 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Program for blocking of websites


Well I just had a user ask if I could do this on their home computer.
They have windows XP pro. Any idea on how to do it on there? -Chris

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Morgan, Joshua
Sent: Monday, April 29, 2002 11:51 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Program for blocking of websites


Well there are a few ways... Proxy or IAS 

Or a third party program  like WebSense






Joshua Morgan
PH: (864) 250-1350 Ext 133
[EMAIL PROTECTED]
http://www.profit-lab.com
http://ncontrol.info


-Original Message-
From: Christopher Hummert [mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 29, 2002 2:42 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Program for blocking of websites


I need to block certain websites from a few of my users computers. Could
someone give me suggestions on how to do this?

Thanks
Chris Hummert


Network Administrator - Albany Agency of Insurance
Webmaster for Noghri.net
http://www.noghri.net
MS Beta tester ID #: 388366

Sometimes I think the surest sign that intelligent life exists elsewhere
in the universe is that none of it has tried to contacts us. 

- from Calvin and Hobbes


List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: VERY OT Re: [ActiveDir] Program for blocking of websites

[Ellis, Debbie]

To be honest, I use Content Advisor to keep hubby off the Porn sites, not my
kids.  They are in college.

-Original Message-
From: Hutchins, Mike [mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 29, 2002 4:39 PM
To: '[EMAIL PROTECTED]'
Subject: RE: VERY OT Re: [ActiveDir] Program for blocking of websites

I think the nail has been severely smacked on the top of the head on that
one.

I don't think it could have been more eloquent..



-Original Message-
From: Nah Idee [mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 29, 2002 2:37 PM
To: [EMAIL PROTECTED]
Subject: VERY OT Re: [ActiveDir] Program for blocking of websites


There is nothing that will do what the parents ultimately want, complete
porn screening. So they have 2 choices. Put in a network and run vnc server
on the lad's PC and watch where he goes on another PC or here's a wild one,
act like parents and exert parental control over internet access, rather
than treat it as a substitute parent or substitute friends. Hell that one's
free. Gee, how much do I have to pay to relinquish my duties as a parent,
because if I can defer the child's needs for now, I can get the state
(prisons, hospitals) to fulfill his needs later, woo hoo. Why did I have
children again ?



- Original Message -
From: Christopher Hummert [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, April 29, 2002 4:23 PM
Subject: RE: [ActiveDir] Program for blocking of websites


 Yea after talking to them they caught their kid looking at porn and 
 they want to block all porn sites from themI think cybersitter 
 will be what I'm going to use for them. Thanks to everyone that helped 
 and if anyone has any other comments I would love to hear them

 -Chris

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]] On Behalf Of Ellis, Debbie
 Sent: Monday, April 29, 2002 12:43 PM
 To: '[EMAIL PROTECTED]'
 Subject: RE: [ActiveDir] Program for blocking of websites


 I would just enable Content Advisor in Internet Explorer. (Tools. 
 Internet Options click on the Content tab) You have to be a local 
 admin to do this. You can't block just one site, but it sounds like 
 they want to block the porn sites and other objectionable sites. 
 -Original
 Message-
 From: Christopher Hummert [mailto:[EMAIL PROTECTED]]
 Sent: Monday, April 29, 2002 2:59 PM
 To: [EMAIL PROTECTED]
 Subject: RE: [ActiveDir] Program for blocking of websites

 Actually they want to block one of their children from using the 
 internet. _Chris

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]] On Behalf Of Christopher 
 Hummert
 Sent: Monday, April 29, 2002 11:54 AM
 To: [EMAIL PROTECTED]
 Subject: RE: [ActiveDir] Program for blocking of websites


 Well I just had a user ask if I could do this on their home computer. 
 They have windows XP pro. Any idea on how to do it on there? -Chris

 -Original Message-
 From: [EMAIL PROTECTED]
 [mailto:[EMAIL PROTECTED]] On Behalf Of Morgan, 
 Joshua
 Sent: Monday, April 29, 2002 11:51 AM
 To: '[EMAIL PROTECTED]'
 Subject: RE: [ActiveDir] Program for blocking of websites


 Well there are a few ways... Proxy or IAS

 Or a third party program  like WebSense






 Joshua Morgan
 PH: (864) 250-1350 Ext 133
 [EMAIL PROTECTED]
 http://www.profit-lab.com
 http://ncontrol.info


 -Original Message-
 From: Christopher Hummert [mailto:[EMAIL PROTECTED]]
 Sent: Monday, April 29, 2002 2:42 PM
 To: [EMAIL PROTECTED]
 Subject: [ActiveDir] Program for blocking of websites


 I need to block certain websites from a few of my users computers. 
 Could someone give me suggestions on how to do this?

 Thanks
 Chris Hummert

 
 Network Administrator - Albany Agency of Insurance
 Webmaster for Noghri.net
 http://www.noghri.net
 MS Beta tester ID #: 388366

 Sometimes I think the surest sign that intelligent life exists 
 elsewhere in the universe is that none of it has tried to contacts 
 us.

 - from Calvin and Hobbes
 

 List info   : http://www.activedir.org/mail_list.htm
 List FAQ: http://www.activedir.org/list_faq.htm
 List archive: 
 http://www.mail-archive.com/activedir%40mail.activedir.org/
 List info   : http://www.activedir.org/mail_list.htm
 List FAQ: http://www.activedir.org/list_faq.htm
 List archive: 
 http://www.mail-archive.com/activedir%40mail.activedir.org/

 List info   : http://www.activedir.org/mail_list.htm
 List FAQ: http://www.activedir.org/list_faq.htm
 List archive: 
 http://www.mail-archive.com/activedir%40mail.activedir.org/

 List info   : http://www.activedir.org/mail_list.htm
 List FAQ: http://www.activedir.org/list_faq.htm
 List archive: 
 http://www.mail-archive.com/activedir%40mail.activedir.org/
 List info   : http://www.activedir.org/mail_list.htm
 List FAQ: http://www.activedir.org/list_faq.htm
 List archive: 
 http://www.mail-archive.com/activedir

RE: [ActiveDir] Event ID NET www.eventid.net

[Ellis, Debbie]

I was unable to reach the site at first.  I was able to ping and noticed
some spikes in response times. I just tried again and was able to reach. I
am in Atlanta, Georgia, USA

-Original Message-
From: SALANDRA, JUSTIN [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 17, 2002 10:52 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Event ID NET www.eventid.net

I am not sure, I just tried it and can't get to it.  Can anyone get to it?

 -Original Message-
From:   Myrick, Todd (CIT) [mailto:[EMAIL PROTECTED]] 
Sent:   Wednesday, April 17, 2002 10:47 AM
To: '[EMAIL PROTECTED]'
Subject:[ActiveDir] Event ID NET  www.eventid.net

Does anyone know what happened to this jewel of a site?

Todd
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] AD Administration Tools Suvey

[Ellis, Debbie]

Title: Message









I like DRA (Directory and Resource
Administrator) from NetIQ

Advanced delegation and reporting 



http://www.netiq.com/products/dra/default.asp





-Original Message-
From: Myrick, Todd (CIT)
[mailto:[EMAIL PROTECTED]] 
Sent: Monday, April 08, 2002 9:03
AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] AD
Administration Tools Suvey





Our group is in the process of
evaluating some 3rd party tools to assist in delegation and administration of
our Active Directory technology. We are evaluating the products based on 6 key
areas.











1. Role / Trustee delegation





2. Control View of resources





3. Data Validation  Rule
Sets





4. Group Policy Management





5. Reporting





6. Web based administration











We are also evaluating Native
Delegation vs Proxy based Delegation.











What I am fishing for from this
community is some experiences and possibly some recommendations from this group
on some of the Admin consoles you folks use.











Thanks 











Todd

RE: [ActiveDir] Introductions...

[Ellis, Debbie]

Thanks for your input.  I should have put modify instead of change.  I was
trying to encompass everything. This is why I did not put all changes:

Many schema modifications cannot be reversed, so you must make sure that
changes are planned and well thought out before they are implemented.
Planning for schema modification involves examining the default schema that
comes with Active Directory to verify that there is no way to use the
existing classes or attributes for your needs. It is then necessary to
understand the types of modifications that can be made and, conversely, that
cannot be changed 
url:
http://www.microsoft.com/WINDOWS2000/techinfo/reskit/en/Distrib/dsbe_ext_axg
c.htm

-Original Message-
From: Rachui, Scott [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 2:13 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...

This is a good list.  The only modification I'd make to it is that ALL
schema changes are permanent.  There is currently no way to remove anything
from the Schema.  In future versions, yes.  But not at present.

-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 1:15 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...




-Original Message-
From: Strand, Ted [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 1:16 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...

Here are the points we used  Had to copy to this e mail  Was in PowerPoint
format. This is for using separate forests (User accounts in one forest,
resources in separate forests)  There may be some things that have been left
out.

Pros

Public Key Infrastructure
  Auto enrollment
  Single source for certificates
  Essential in secure e-commerce transactions between businesses
  Certificate Revocation List (CRL)
Lower cost to support and maintain a single forest
  Case Studies and Gartner Report 
  Indicate averages of 17% reduction in TCO
  $300-$600 per desktop savings in administration costs per year
Common Schema
  Definition and extensibility of object classes are maintained centrally
  by committee  
  Reduces risk of catastrophic failure, since group administrative
  membership for modifying the schema is smaller (some schema changes are
  permanent)  
Management of objects within an OU are easier to maintain and administer in
  a single forest
  Business Unit Administrators still maintain control of resources 
Common userid with permissions to multiple objects
  Supports single sign on from anywhere in the forest
Easier search capabilities in AD
Promotes single, one company view of the enterprise
Increased collaboration thru a common global catalog
  Lower costs of performing audits to validate that separate forests are
  following corporate policies
  Less complex and more efficient use of bandwidth for replication and
  synchronization across the enterprise
  Allows common visible distribution lists, meeting requests, calendaring,
  instant messaging, presence notification, and a shared community of user
  throughout the forest
Easier to find users and resources throughout the organization in a single
forest (The AD Structure is transparent to user) 
Information and processes are consolidated
Terminal Server management tools only recognize one forest
  Lower admin costs
Distribution of administration is easier to delegate
  OU's are the new units of administration
  Local and centralized
  

Cons

Separate Exchange Organizations
Increased network traffic
Complicated Logons
 Users have to log on using UPN
 Logon time increased by 30 - 40 %
TCO is higher
 More Labor
 Higher Maintenance
Increased machine (server) needs
Introduces complexity
Synchronization of objects between forests isn't (natively) supported
 Requires very expensive Metadirectory services from Microsoft or 3rd party
 Vendor ( Can cost over one million dollars)
Increased points of failure
Duplication of efforts across the organization
Multiple Schemas to maintain
Duplication of Backup and Recovery processes
Multiple DNS designs
Complex navigation (Users will have to navigate AD Structure)
Promotes separate company views of the enterprise
Only NT4 style non-transitive trust are supported between forests
  Higher cost of managing the trusts (manual setup)
  Higher propensity for failure (due to human error - manual setup)
  
Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 9:57 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...


K

Can you forward a copy of the pro's/con's list that you presented?  We are
about to embark on the same battle.  Any information (documentation) that
anyone has would be very beneficial.

-Ted Strand-
Tech Data Corporation


-

Cheers,
Paul

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir

RE: [ActiveDir] Introductions...

[Ellis, Debbie]

-Original Message-
From: Strand, Ted [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 1:16 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...

Here are the points we used  Had to copy to this e mail  Was in PowerPoint
format. This is for using separate forests (User accounts in one forest,
resources in separate forests)  There may be some things that have been left
out.

Pros

Public Key Infrastructure
  Auto enrollment
  Single source for certificates
  Essential in secure e-commerce transactions between businesses
  Certificate Revocation List (CRL)
Lower cost to support and maintain a single forest
  Case Studies and Gartner Report 
  Indicate averages of 17% reduction in TCO
  $300-$600 per desktop savings in administration costs per year
Common Schema
  Definition and extensibility of object classes are maintained centrally
  by committee  
  Reduces risk of catastrophic failure, since group administrative
  membership for modifying the schema is smaller (some schema changes are
  permanent)  
Management of objects within an OU are easier to maintain and administer in
  a single forest
  Business Unit Administrators still maintain control of resources 
Common userid with permissions to multiple objects
  Supports single sign on from anywhere in the forest
Easier search capabilities in AD
Promotes single, one company view of the enterprise
Increased collaboration thru a common global catalog
  Lower costs of performing audits to validate that separate forests are
  following corporate policies
  Less complex and more efficient use of bandwidth for replication and
  synchronization across the enterprise
  Allows common visible distribution lists, meeting requests, calendaring,
  instant messaging, presence notification, and a shared community of user
  throughout the forest
Easier to find users and resources throughout the organization in a single
forest (The AD Structure is transparent to user) 
Information and processes are consolidated
Terminal Server management tools only recognize one forest
  Lower admin costs
Distribution of administration is easier to delegate
  OU's are the new units of administration
  Local and centralized
  

Cons

Separate Exchange Organizations
Increased network traffic
Complicated Logons
 Users have to log on using UPN
 Logon time increased by 30 - 40 %
TCO is higher
 More Labor
 Higher Maintenance
Increased machine (server) needs
Introduces complexity
Synchronization of objects between forests isn't (natively) supported
 Requires very expensive Metadirectory services from Microsoft or 3rd party
 Vendor ( Can cost over one million dollars)
Increased points of failure
Duplication of efforts across the organization
Multiple Schemas to maintain
Duplication of Backup and Recovery processes
Multiple DNS designs
Complex navigation (Users will have to navigate AD Structure)
Promotes separate company views of the enterprise
Only NT4 style non-transitive trust are supported between forests
  Higher cost of managing the trusts (manual setup)
  Higher propensity for failure (due to human error - manual setup)
  
Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 9:57 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...


K

Can you forward a copy of the pro's/con's list that you presented?  We are
about to embark on the same battle.  Any information (documentation) that
anyone has would be very beneficial.

-Ted Strand-
Tech Data Corporation


-

Cheers,
Paul

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Introductions...

[Ellis, Debbie]

I added Exchange in the Cons for companies using entirely separate forests
(user accounts and resources in same forests-Each business unit creating
their own forest.)

-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 2:15 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...



-Original Message-
From: Strand, Ted [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 1:16 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...

Here are the points we used  Had to copy to this e mail  Was in PowerPoint
format. This is for using separate forests (User accounts in one forest,
resources in separate forests)  There may be some things that have been left
out.

Pros

Public Key Infrastructure
  Auto enrollment
  Single source for certificates
  Essential in secure e-commerce transactions between businesses
  Certificate Revocation List (CRL)
Lower cost to support and maintain a single forest
  Case Studies and Gartner Report 
  Indicate averages of 17% reduction in TCO
  $300-$600 per desktop savings in administration costs per year
Common Schema
  Definition and extensibility of object classes are maintained centrally
  by committee  
  Reduces risk of catastrophic failure, since group administrative
  membership for modifying the schema is smaller (some schema changes are
  permanent)  
Management of objects within an OU are easier to maintain and administer in
  a single forest
  Business Unit Administrators still maintain control of resources 
Common userid with permissions to multiple objects
  Supports single sign on from anywhere in the forest
Easier search capabilities in AD
Promotes single, one company view of the enterprise
Increased collaboration thru a common global catalog
  Lower costs of performing audits to validate that separate forests are
  following corporate policies
  Less complex and more efficient use of bandwidth for replication and
  synchronization across the enterprise
  Allows common visible distribution lists, meeting requests, calendaring,
  instant messaging, presence notification, and a shared community of user
  throughout the forest
Easier to find users and resources throughout the organization in a single
forest (The AD Structure is transparent to user) 
Information and processes are consolidated
Terminal Server management tools only recognize one forest
  Lower admin costs
Distribution of administration is easier to delegate
  OU's are the new units of administration
  Local and centralized
  

Cons

Separate Exchange Organizations
Increased network traffic
Complicated Logons
 Users have to log on using UPN
 Logon time increased by 30 - 40 %
TCO is higher
 More Labor
 Higher Maintenance
Increased machine (server) needs
Introduces complexity
Synchronization of objects between forests isn't (natively) supported
 Requires very expensive Metadirectory services from Microsoft or 3rd party
 Vendor ( Can cost over one million dollars)
Increased points of failure
Duplication of efforts across the organization
Multiple Schemas to maintain
Duplication of Backup and Recovery processes
Multiple DNS designs
Complex navigation (Users will have to navigate AD Structure)
Promotes separate company views of the enterprise
Only NT4 style non-transitive trust are supported between forests
  Higher cost of managing the trusts (manual setup)
  Higher propensity for failure (due to human error - manual setup)
  
Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, April 03, 2002 9:57 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Introductions...


K

Can you forward a copy of the pro's/con's list that you presented?  We are
about to embark on the same battle.  Any information (documentation) that
anyone has would be very beneficial.

-Ted Strand-
Tech Data Corporation


-

Cheers,
Paul

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] AD Tool opinions

[Ellis, Debbie]

Looks like you included everything.  I would like a copy when you are
finished.

-Original Message-
From: Nah Idee [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 2:14 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] AD Tool opinions

Hi,
I recognize that MS Op Mgr (MOM) gives you good info about AD status, but it
is not free. So I am writing a little VB freeware utility and was wondering
if I could solicit some comments about what you might like to see (or not
see) with respect to what I am proposing to include. Thanks

Performance reports will look like a spreadsheet in html showing (each):

Availability
* A/D Server name
* Availability (tested by doing a login) % avail

Directory Database
* A/D Server name
* Cache % Hit
* Table Open Cache % hit
* Cache Size
* Log Threads Waiting
* Log Record Stalls/sec

Client logins
* A/D Server name
* Time
* #  of logins

NTDS
* A/D Server name
* DS Reads per second
* DS Writes per second
* Threads in use
* Search Time (seconds)

Replication
* A/D Server name
* DRA Inbound Bytes
* DRA Outbound Bytes

Authentication
* A/D Server name
* LDAP bind time
* LDAP client sessions
* LDAP sessions per second
* NTLM Authentications per second


List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] AD Tool opinions

[Ellis, Debbie]

AD Check should do this. It is free. Here is the URL:



http://www.netiq.com/adcheck/instantdiagnostictests.asp





-Original Message-
From: Joe Sargent [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02,
 2002 2:28 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD Tool opinions



Anyway you could report which server has the FSMO roles also or if the

target server has any of the roles if it is one machine at a time?



I would also like a copy



Thanks,

Joe Sargent



-Original Message-

From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 

Sent: Tuesday, April 02, 2002 2:10 PM

To: '[EMAIL PROTECTED]'

Subject: RE: [ActiveDir] AD Tool opinions





Looks like you included everything.
I would like a copy when you are

finished.



-Original Message-

From: Nah Idee [mailto:[EMAIL PROTECTED]] 

Sent: Tuesday, April 02, 2002 2:14 PM

To: [EMAIL PROTECTED]

Subject: [ActiveDir] AD Tool opinions



Hi,

I recognize that MS Op Mgr (MOM) gives you good info about AD status,

but it is not free. So I am writing a little VB freeware utility and
was

wondering if I could solicit some comments about what you might like to

see (or not

see) with respect to what I am proposing to include. Thanks



Performance reports will look like a spreadsheet in html showing
(each):



Availability

* A/D Server name

* Availability (tested by doing a login) % avail



Directory Database

* A/D Server name

* Cache % Hit

* Table Open Cache % hit

* Cache Size

* Log Threads Waiting

* Log Record Stalls/sec



Client logins

* A/D Server name

* Time

* # of logins



NTDS

* A/D Server name

* DS Reads per second

* DS Writes per second

* Threads in use

* Search Time (seconds)



Replication

* A/D Server name

* DRA Inbound Bytes

* DRA Outbound Bytes



Authentication

* A/D Server name

* LDAP bind time

* LDAP client sessions

* LDAP sessions per second

* NTLM Authentications per second





List info :
http://www.activedir.org/mail_list.htm

List FAQ :
http://www.activedir.org/list_faq.htm

List archive:

http://www.mail-archive.com/activedir%40mail.activedir.org/

List info :
http://www.activedir.org/mail_list.htm

List FAQ :
http://www.activedir.org/list_faq.htm

List archive:

http://www.mail-archive.com/activedir%40mail.activedir.org/



List info :
http://www.activedir.org/mail_list.htm

List FAQ :
http://www.activedir.org/list_faq.htm

List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] How to use AD

[Ellis, Debbie]

http://www.microsoft.com/windows2000/techinfo/planning/security/casetupsteps
.asp

Step by step guide

-Original Message-
From: enrique cauich [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 2:25 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] How to use AD

Hi.

I start to use Active Directory, because I need to configure an 
enterprise CA in Windows 2000, but I have no idea how to configure it, I use

the ldp.exe utility to explore the AD contents, but I can't get 
certificates, or store it.

Any idea how I can configure it,and store information

Regards
Enrique Cauich

_
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] AD Tool opinions

[Ellis, Debbie]

This was in reference to the fsmo roles of
servers. See comment from Joe Sargent. 



-Original Message-
From: David Abbishaw
[mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 2:58
PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] AD Tool
opinions





I used this tool to try and diagnose
a AD DC where all of the c: drives permissions had been changed to allow





just one normal user access to the
machine, applications like exchange which where installed on the machine





failed to start and the netiq check
tool didnt find a damn thing wrong!! Bloody useless!











regards





David.







- Original Message - 





From: Ellis, Debbie 





To: '[EMAIL PROTECTED]' 





Sent: Tuesday,
April 02, 2002 8:43 PM





Subject: RE:
[ActiveDir] AD Tool opinions









AD Check should do this. It is free. Here is the URL:



http://www.netiq.com/adcheck/instantdiagnostictests.asp





-Original
Message-
From: Joe Sargent [mailto:[EMAIL PROTECTED]] 
Sent: Tuesday, April 02, 2002 2:28 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD Tool opinions



Anyway you could report which server has the FSMO
roles also or if the

target server has any of the roles if it is one
machine at a time?



I would also like a copy



Thanks,

Joe Sargent



-Original Message-

From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 

Sent: Tuesday, April 02, 2002 2:10 PM

To: '[EMAIL PROTECTED]'

Subject: RE: [ActiveDir] AD Tool opinions





Looks like you included everything. I would like a copy when you are

finished.



-Original Message-

From: Nah Idee [mailto:[EMAIL PROTECTED]] 

Sent: Tuesday, April 02, 2002 2:14 PM

To: [EMAIL PROTECTED]

Subject: [ActiveDir] AD Tool opinions



Hi,

I recognize that MS Op Mgr (MOM) gives you good info
about AD status,

but it is not free. So I am writing a little VB
freeware utility and was

wondering if I could solicit some comments about what
you might like to

see (or not

see) with respect to what I am proposing to include.
Thanks



Performance reports will look like a spreadsheet in
html showing (each):



Availability

* A/D Server name

* Availability (tested by doing a login) % avail



Directory Database

* A/D Server name

* Cache % Hit

* Table Open Cache % hit

* Cache Size

* Log Threads Waiting

* Log Record Stalls/sec



Client logins

* A/D Server name

* Time

* # of logins



NTDS

* A/D Server name

* DS Reads per second

* DS Writes per second

* Threads in use

* Search Time (seconds)



Replication

* A/D Server name

* DRA Inbound Bytes

* DRA Outbound Bytes



Authentication

* A/D Server name

* LDAP bind time

* LDAP client sessions

* LDAP sessions per second

* NTLM Authentications per second





List info :
http://www.activedir.org/mail_list.htm

List FAQ :
http://www.activedir.org/list_faq.htm

List archive:

http://www.mail-archive.com/activedir%40mail.activedir.org/

List info :
http://www.activedir.org/mail_list.htm

List FAQ :
http://www.activedir.org/list_faq.htm

List archive:

http://www.mail-archive.com/activedir%40mail.activedir.org/



List info :
http://www.activedir.org/mail_list.htm

List FAQ :
http://www.activedir.org/list_faq.htm

List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/

[ActiveDir] Workstation migration

[Ellis, Debbie]

This is for you migration veterans. We are about to embark of moving 1000
workstations from our old NT Resource domain into a pristine forest. There are 4 OU's the computer accounts
need to be moved to . These will all be W2K Professional using Sysprep. My understanding is these computer
accounts will join our domain and will be automatically added to the default computers
OU created when AD was installed. I
am looking for the cleanest and most efficient way to move these workstations
to the correct OU's. Any tips from
you veterans?

RE: [ActiveDir] Workstation migration

[Ellis, Debbie]

I know about these two. I was hoping someone knew an easier way or
method, if not I will have to pre-create the accounts in the
correct OU . Thanks for your input.



-Original Message-
From: Parker, Edward
[mailto:[EMAIL PROTECTED]] 
Sent: Friday, March 29, 2002 9:50
AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir]
Workstation migration



Within Users and
Computersyou can drag and drop them into the correct OU. 



Or



You could pre-create the
computer accounts in the correct OU, and when the computers join, they are
already there. This requires all PC names to be known upfront.





-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED]] 
Sent: Friday, March 29, 2002 8:28
AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Workstation
migration



This is for you migration
veterans. We are about to embark of moving 1000 workstations from
our old NT Resource domain into a pristine forest. There are 4 OU's the
computer accounts need to be moved to . These will all be W2K
Professional using Sysprep. My understanding is these computer
accounts will join our domain and will be automatically added to the default
computers OU created when AD was installed. I am looking for the cleanest
and most efficient way to move these workstations to the correct OU's.
Any tips from you veterans?

RE: [ActiveDir] Workstation migration

[Ellis, Debbie]

Title: Message









Thanks I knew there had to be a better way.
I had looked at Sysprep
documentation, but did not see this 



-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] 
Sent: Friday, March 29, 2002 10:28
AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir]
Workstation migration





Q226315





-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED]] 
Sent: 29 March 2002 15:45
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir]
Workstation migration

I know about these
two. I was hoping someone knew an easier
way or method, if not I will have to
pre-create the accounts in the correct OU
. Thanks for your input.



-Original Message-
From: Parker, Edward
[mailto:[EMAIL PROTECTED]] 
Sent: Friday, March 29, 2002 9:50
AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir]
Workstation migration



Within
Users and Computersyou can drag and drop them into the correct OU. 



Or



You
could pre-create the computer accounts in the correct OU, and when the
computers join, they are already there. This requires all PC names to be
known upfront.





-Original Message-
From: Ellis, Debbie
[mailto:[EMAIL PROTECTED]] 
Sent: Friday, March 29, 2002 8:28
AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Workstation
migration



This is for you migration
veterans. We are about to embark of moving 1000 workstations from
our old NT Resource domain into a pristine forest. There are 4 OU's the
computer accounts need to be moved to . These will all be W2K
Professional using Sysprep. My understanding is these computer
accounts will join our domain and will be automatically added to the default
computers OU created when AD was installed. I am looking for the cleanest
and most efficient way to move these workstations to the correct OU's.
Any tips from you veterans?








-

ATTENTION:

No legal consequences can be derived from the content of this 

e-mail and/or its attachments. Neither is sender committed to 

these. The content of this e-mail is exclusively intended for 

addressee(s) and information purposes. Should you receive this 

message by mistake, you are hereby notified that any disclosure, 

reproduction, distribution or use of this message is strictly 

prohibited. Sender accepts no liability for any damage resulting 

from the use and/or acceptation of the content of this e-mail. 

Always scan attachments for viruses before opening them. 

- 

RE: [ActiveDir] Group Policy Object and registry keys

[Ellis, Debbie]

This link may help.  Part of Windows 2000 Resource Kit  drill down to
Windows 2000 Group Policy Reference/Group policy regsitry table  Hope it
helps!  

http://www.microsoft.com/windows2000/techinfo/reskit/en/default.asp

-Original Message-
From: Abbiss, Mark [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 22, 2002 9:32 AM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Group Policy Object and registry keys


How can I locate the registry key that corresponds to any setting I have
changed via the Group Policy MMC ?

For example, if I use the GPO MMC to set the value of Computer
Configuration\Windows Settings\Security Settings\Local Policies\Security
Option - Network Security: Force logoff when logon hours expire to ENABLED,
how do I find the corresponding modified registry key ?

Many thanks,

Mark
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Win2k and Roaming Profiles

[Ellis, Debbie]

It works good in my environment

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 28, 2002 1:52 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Win2k and Roaming Profiles


Thank you for your reply,
I have read most of the white papers and TechNet Articles, but I was looking
for more real world experiences




Joshua Morgan
PH: (864) 250-1350 Ext 133
Fax: (413) 581-4936
[EMAIL PROTECTED]



-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Thursday, February 28, 2002 1:46 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Win2k and Roaming Profiles


Check out Intellimirror

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 28, 2002 1:45 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: [ActiveDir] Win2k and Roaming Profiles


I'm looking at implementing some Roaming Profiles with Win2k Pro  and AD
Does anyone have any recommendations on doing this?

 
  
  
  
Joshua Morgan 
PROFITLAB 
Network Engineer 
PH: (864) 250-1350 Ext 133 
Fax: (413) 581-4936 
[EMAIL PROTECTED] 
One is glad to be of service  
--Robin Williams (Bicentennial Man)-- 
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] My Computer Icon

[Ellis, Debbie]

Are you trying to find a way to do this by using scripting or manually with
the correct pc name?

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:22 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: [ActiveDir] My Computer Icon


I know that you can set the registry entry manually to change the Name of My
Computer to 
My Computer %computername%

The process I have for this is a bit cumbersome reference this Article:
http://www.techrepublic.com/article.jhtml?id=r00320010611det02.htmsrc=searc
h

Does anyone have any easier way to do it?

 
 
 
 
Joshua Morgan
PROFITLAB
Network Engineer
[EMAIL PROTECTED]

One is glad to be of service 
--Robin Williams (Bicentennial Man)--

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] My Computer Icon

[Ellis, Debbie]

I don't know if this is what you are after or not, but when my field support
personnel set up a pc for a user, I have them just rename (with a Right
Click) the My Computer Icon to My Computer-correct pc name .I prefer to
keep it simple.

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:22 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: [ActiveDir] My Computer Icon


I know that you can set the registry entry manually to change the Name of My
Computer to 
My Computer %computername%

The process I have for this is a bit cumbersome reference this Article:
http://www.techrepublic.com/article.jhtml?id=r00320010611det02.htmsrc=searc
h

Does anyone have any easier way to do it?

 
 
 
 
Joshua Morgan
PROFITLAB
Network Engineer
[EMAIL PROTECTED]

One is glad to be of service 
--Robin Williams (Bicentennial Man)--

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] My Computer Icon

[Ellis, Debbie]

Don't believe it would, but in our environment,  each pc is assigned to only
one user.  There has got to be an easier way.

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:52 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] My Computer Icon


But if you do that does that name stay constant for all users?




Joshua Morgan
PH: (864) 250-1350 Ext 133
Fax: (413) 581-4936
[EMAIL PROTECTED]



-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 27, 2002 3:48 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] My Computer Icon


I don't know if this is what you are after or not, but when my field support
personnel set up a pc for a user, I have them just rename (with a Right
Click) the My Computer Icon to My Computer-correct pc name .I prefer to
keep it simple.

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:22 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: [ActiveDir] My Computer Icon


I know that you can set the registry entry manually to change the Name of My
Computer to 
My Computer %computername%

The process I have for this is a bit cumbersome reference this Article:
http://www.techrepublic.com/article.jhtml?id=r00320010611det02.htmsrc=searc
h

Does anyone have any easier way to do it?

 
 
 
 
Joshua Morgan
PROFITLAB
Network Engineer
[EMAIL PROTECTED]

One is glad to be of service 
--Robin Williams (Bicentennial Man)--

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] My Computer Icon

[Ellis, Debbie]

http://www.onecomputerguy.com/tips.htm  Check this site out. 
-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:52 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] My Computer Icon


But if you do that does that name stay constant for all users?




Joshua Morgan
PH: (864) 250-1350 Ext 133
Fax: (413) 581-4936
[EMAIL PROTECTED]



-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 27, 2002 3:48 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] My Computer Icon


I don't know if this is what you are after or not, but when my field support
personnel set up a pc for a user, I have them just rename (with a Right
Click) the My Computer Icon to My Computer-correct pc name .I prefer to
keep it simple.

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:22 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: [ActiveDir] My Computer Icon


I know that you can set the registry entry manually to change the Name of My
Computer to 
My Computer %computername%

The process I have for this is a bit cumbersome reference this Article:
http://www.techrepublic.com/article.jhtml?id=r00320010611det02.htmsrc=searc
h

Does anyone have any easier way to do it?

 
 
 
 
Joshua Morgan
PROFITLAB
Network Engineer
[EMAIL PROTECTED]

One is glad to be of service 
--Robin Williams (Bicentennial Man)--

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] My Computer Icon

[Ellis, Debbie]

http://www.onecomputerguy.com/tips.htm  Check this site out. I found the
answer at this site.

Open up Regedit and do a find on  20D04FE0-3AEA-1069-A2D8-08002B30309D  Once
you find the key, double click in the right pane on localized string ,
change My computer at the end of the string (
@C:\WINNT\system32\shell32.dll,-9216@1033,My Computer) to the name you wish.
I have tried it and every user that logs on will see this name .

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:52 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] My Computer Icon


But if you do that does that name stay constant for all users?




Joshua Morgan
PH: (864) 250-1350 Ext 133
Fax: (413) 581-4936
[EMAIL PROTECTED]



-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]] 
Sent: Wednesday, February 27, 2002 3:48 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] My Computer Icon


I don't know if this is what you are after or not, but when my field support
personnel set up a pc for a user, I have them just rename (with a Right
Click) the My Computer Icon to My Computer-correct pc name .I prefer to
keep it simple.

-Original Message-
From: Morgan, Joshua [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, February 27, 2002 3:22 PM
To: '[EMAIL PROTECTED]'; [EMAIL PROTECTED]
Subject: [ActiveDir] My Computer Icon


I know that you can set the registry entry manually to change the Name of My
Computer to 
My Computer %computername%

The process I have for this is a bit cumbersome reference this Article:
http://www.techrepublic.com/article.jhtml?id=r00320010611det02.htmsrc=searc
h

Does anyone have any easier way to do it?

 
 
 
 
Joshua Morgan
PROFITLAB
Network Engineer
[EMAIL PROTECTED]

One is glad to be of service 
--Robin Williams (Bicentennial Man)--

List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/