Re: [ActiveDir] Scripts
Here is a link for one such utility: http://www.danish-company.com/dcwcm/page/%7B4D40EC77-0788-48E7-9FB6-B81A51F70CD2%7D.html Brian Desmond wrote: Put this in a .bat file: net user administrator thepassword Just keep in mind that a user could see this when it's executing or even browse through sysvol and retrieve the script, so that's a risk you take. There are various little utilities out there that will do some encryption of the password and then you include the utility and the password in the path with the script and call the utility. Can't say that I know one off the top of my head. Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ellis, Debbie Sent: Sunday, June 19, 2005 4:22 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Scripts Does anyone know of a script I can include in the login scripts to change the local admin passwords on the computers in my environment? List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ --- Checked for viruses by Transact Bermuda List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Native Mode
Title: Native Mode Yes, you can have NT clients in native mode. (But no NT BDC's) -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Sudhir KaushalSent: 27 January 2004 12:22To: [EMAIL PROTECTED]Subject: [ActiveDir] Native Mode Hi All, I would like to thanks to all the members of this forum who helped me to carry out my Migration from NT 4.0 to Win2K successfully. Just wanted to clear one doubt. Is native mode related only to domain controllers? Can we have NT 4.0 clients in Native Mode? Or do we need everything to be in Win2K including domain controllers and clients? Regards, Sudhir Kaushal Systems Administrator ( Hosted Team ) eGain Communications Pvt. Ltd. Hello - (+91 20) 4222812, (+91 20) 4228607, Ext-126
RE: [ActiveDir] LDIFDE and Perl...
This script from the TechNet script centre will create 1000 new users. Set objRootDSE = GetObject("LDAP://rootDSE";) Set objContainer = GetObject("LDAP://cn=Users,"; & _ objRootDSE.Get("defaultNamingContext")) For i = 1 To 1000 Set objLeaf = objContainer.Create("User", "cn=UserNo" & i) objLeaf.Put "sAMAccountName", "UserNo" & i objLeaf.SetInfo Next WScript.Echo "1000 Users created." -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Mike Hogenauer Sent: 15 January 2004 07:09 To: [EMAIL PROTECTED] Subject: [ActiveDir] LDIFDE and Perl... I need to import 1500 user accounts into a test environment, I would like to use LDIFDE. First is there an easy way to batch or create dummy accounts for a test environment without having to type each one, and second can any of this be done with Perl? I will also be consulting the Cookbook! Thanks in advance. Mike List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Forcing logoffs 9x
Title: Message The DC Client will not allow you to enforce logoff via Group Policy if that is what you were meaning. The winexit.scr screensaver might be a solution though. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Creamer, MarkSent: 13 October 2003 15:59To: [EMAIL PROTECTED]Subject: [ActiveDir] Forcing logoffs 9x We recently implemented ScriptLogic, which has been very successful in helping us manage security patch rollouts, etc. However, some users have decided they’ll just stay logged on all the time now so they don’t have to wait for the log on script to run. Obviously not good. Is there a reliable way to force a Win9x client to log off so we can be sure users are logging on properly and running the scripts? Does the DS Client have any affect on this ability? Thanks!
RE: [ActiveDir] Multiple PTR records for different hosts
Title: Message In Windows 2000, PTR records are not cleaned up properly resulting in multiple PTR records for the same host. I believe this oversight is corrected in Windows Server 2003. What you could do is use the dnscmd / ageallrecords command which would allow scavenging to delete the unwanted records. Note that this would be no use if you have static entries you want to retain in DNS, eg Unix boxes. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Gandy, EricSent: 29 September 2003 22:37To: [EMAIL PROTECTED]Subject: [ActiveDir] Multiple PTR records for different hosts Everyone, Does anyone know if there are best practices for scavenging AD integrated DNS zones? I have a situation were we are experiencing multiple PTR records in our reverse lookup zones, but they are for various hosts. This situation is confusing our software distribution tools and reverse lookups are failing. DHCP is set up to "Always" update and "Discard Forward Lookups" . Is there anyway to discard reverse lookups? Also, ? I just noticed that Gil and Steve work for Netpro. We own DA, but it does not pick this up. Are there other monitors that can plug into DA? Regards, Eric Gandy BHBSS Network Services Team Office 281.209.7513
RE: [ActiveDir] how to delete these domains
This KB might help. http://support.microsoft.com/?id=230306 -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of rosetaSent: 22 September 2003 09:48To: [EMAIL PROTECTED]Subject: [ActiveDir] how to delete these domains dear friends, We have several computers and made a domain with W2000 and they were working perfectly. I decided to create another domain with in same forest so here is what I did. my server 2000 was in first domain. I got out of that domain an created a workgroup. joined it. so there was one server 2000 in one workgroup. then In active directory wizard I said that I want to be a domain controller of a new domain. and it went on. when it reached the step creating trust relation ship with new domain, it did not finish. The pen was writing but nothing happened even my clock stopped working I waited about 10 hours. but it was just the same.I restarted the computer. now there is name of that domain but there is no domain controller. my computer is in that domain. but is not the DC. If I run active directory wizard for new domain it says it is there. and if for an existing domain, it says it can not be found. I did this twice with different names and I had the same problem. Please me me in removing it at least. Any suggestion is much appriciated. thanks in advance. Best Regards, Roseta Radfar Raman Afzar Co. LTD.
RE: [ActiveDir] replication problems
Title: Message This article may help. http://support.microsoft.com/?id=257844 -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Don Murawski (Lenox)Sent: 17 September 2003 21:21To: '[EMAIL PROTECTED]'Subject: [ActiveDir] replication problems I'm getting a 1645 error on a remote DC. SPN is not registered on the target server, does anyone know a fix for this? Note: The information contained in this email and in any attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or proprietary material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. The recipient should check this email and any attachments for the presence of viruses. Sender accepts no liability for any damages caused by any virus transmitted by this email. If you have received this email in error, please notify us immediately by replying to the message and delete the email from your computer. This e-mail is and any response to it will be unencrypted and, therefore, potentially unsecure. Thank you.
RE: [ActiveDir] sysvol not replicating
No, that would be the worse possible thing you could do! You should never manually copy any FRS replicated data over as that could trigger a full replication of Sysvol and bring your network down to a crawl. If FRS isn't working, look for the root cause and fix that instead, don't try any shortcuts. The main thing to check is the components that FRS relies on, mainly DNS. How does the DNS configuration look, can you resolve names to\from that server? DNS misconfiguration should be the first possible cause you focus on as it is the most common. Other troubleshooting steps: Check all event logs for associated errors. Any jrnl_wrap or FRS\DNS related pointers? dcdiag /v netdiag /v repadmin /showreps (should have at least one inbound and outbound partner) Do any of these point you towards the problem? If you are unable to track down the source of the problem you can always give up and start again, which is actually not so bad as it sounds. If the FRS problem can't be resolved, dcpromo back to a member server, double check DNS settings and then attempt the promotion again. Simon Geary MVP -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Rittenhouse, Cindy Sent: 29 August 2003 16:33 To: [EMAIL PROTECTED] Subject: [ActiveDir] sysvol not replicating Two days ago a consulting firm upgraded a BDC at a remote location to Windows 2000. After the upgrade users had all types of trouble connecting. It seems the sysvol is not replicating because the Do_Not_Remove_NtFrs_PreInstall_Directory, Policies directory, and Scripts directory do not exist on the remote server in either the sysvol\domain or the sysvol\sysvol directory. The rest of AD seems to be replicating fine. Can I simply copy those directories from one of my DCs to the DC in the remote location? Thanks Cynthia Rittenhouse MCSE,CCNA LAN Administrator County of Lancaster Lancaster, PA 17602 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/