RE: [ActiveDir] Enhancement Question

2005-06-01 Thread James_Day 
Hi Charles

We had a similar question once and our answer was:
We can use group policy to provide better help desk support through
application upgrades, blocking of bad applications (ie. known spyware exe),
and remote administration.  For the end user this will mean help desk calls
will reduce, and no longer involve a 4 hour drive across town and up to 3
weeks to see somebody - they can now generally be handled either via. chat
or over the phone using remote administration.

Albeit, very little of this requires AD but without AD at some locations,
patching, updating software, and turning on remote desktop / turning off
the firewall to allow remote desktop and assistance take weeks to set up -
which to the user means weeks that he is unable to get something fixed, get
help, get support, or even get the latest software update.

The explanation - highlighting reduced time to support - seems to have made
the users in that location very happy.

Regards;

James R. Day
Active Directory Core Team
Office of the Chief Information Officer
National Park Service
(202) 354-1464 (direct)
(202) 371-1549 (fax)
[EMAIL PROTECTED]


|-+-->
| |   "joe"  |
| |   <[EMAIL PROTECTED]> |
| |   Sent by:   |
| |   [EMAIL PROTECTED]|
| |   tivedir.org|
| |  |
| |  |
| |   06/01/2005 09:06 AM AST|
| |   Please respond to  |
| |   ActiveDir  |
|-+-->
  
>--|
  | 
 |
  |   To: 
 |
  |   cc:   (bcc: James Day/Contractor/NPS) 
     |
  |   Subject:  RE: [ActiveDir] Enhancement Question
 |
  
>--|




I would be a bit concerned about the manager's approach. Playing up to the
end users is not the proper way to run the infrastructure. If the users
gripe about what is being done, the answer is simply we are doing these
upgrades to be in a position to better support the environment with
increased security, stability, and availability.

End users should be concerned with their end user job, not what IT is
doing.

   joe

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: Wednesday, June 01, 2005 8:54 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Enhancement Question

Neil,

We deployed AD based on a very serious and well defined business case.
However, when we argued for this it was indicated that the end-user would
not feel any effects and all of the enhancements would be on the management
and stability side.  Since then, however, we have a new network manager who
would like us to show the end-user what the new benefits are from the
upgrade.  However, telling an end-user we can not manage your PC more
effectively, well, they just don't care about that.  So now I'm stuck
looking for a way to show them how great AD is.

I would like to thank everyone for their responses.

Thanks,

Charlie

-Original Message-
From: Ruston, Neil [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 01, 2005 4:21 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Enhancement Question


It's funny how people approach AD this way - i.e. deploy and look to
justify
its existence thereafter :)

When AD was designed and a business case was created, what were the
perceived benefits back then? Why not try to create additional benefit
along
those lines? We all have different reasons for deploying AD - to some it's
simply an upgrade, to others it's seen as a way to simplify / improve the
Windows environment in many different ways. Identify your initial reasons
for deploying AD and then build from there.

For the record, I would argue that the end user need not see real, tangible
benefits in order that AD be seen to benefit the business itself. The real
benefits are normally less tangible.

neil


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: 31 May 2005 16:05
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question


This is an odd question.

We have just about

RE: [ActiveDir] Enhancement Question

2005-06-01 Thread joe 
I would be a bit concerned about the manager's approach. Playing up to the
end users is not the proper way to run the infrastructure. If the users
gripe about what is being done, the answer is simply we are doing these
upgrades to be in a position to better support the environment with
increased security, stability, and availability. 

End users should be concerned with their end user job, not what IT is doing.

   joe 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: Wednesday, June 01, 2005 8:54 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Enhancement Question

Neil,

We deployed AD based on a very serious and well defined business case.
However, when we argued for this it was indicated that the end-user would
not feel any effects and all of the enhancements would be on the management
and stability side.  Since then, however, we have a new network manager who
would like us to show the end-user what the new benefits are from the
upgrade.  However, telling an end-user we can not manage your PC more
effectively, well, they just don't care about that.  So now I'm stuck
looking for a way to show them how great AD is.

I would like to thank everyone for their responses.

Thanks, 

Charlie

-Original Message-
From: Ruston, Neil [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 01, 2005 4:21 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Enhancement Question


It's funny how people approach AD this way - i.e. deploy and look to justify
its existence thereafter :)

When AD was designed and a business case was created, what were the
perceived benefits back then? Why not try to create additional benefit along
those lines? We all have different reasons for deploying AD - to some it's
simply an upgrade, to others it's seen as a way to simplify / improve the
Windows environment in many different ways. Identify your initial reasons
for deploying AD and then build from there.

For the record, I would argue that the end user need not see real, tangible
benefits in order that AD be seen to benefit the business itself. The real
benefits are normally less tangible.

neil


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: 31 May 2005 16:05
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question


This is an odd question.

We have just about finished up rolling out AD 2003 (from an NT domain) and I
have been charged with finding "several ways to utilize Active Directory to
optimize the management of our applications and infrastructure.  At least
one of the solutions should enhance functionality directly for the user
community."

I'm having problems of finding ways to enhance functionally for the
end-users.  Besides tying the AD into a one of our outsourced web based
applications to reduce their password count I'm stretching.  

I know of a number of management and infrastructure enhancements that could
be made but none enhance the functionality of our end-users to a point where
they will notice it and say "Wow, now that's cool".  

Does anyone know of a location where I can get ideas on this topic?  

Increased security, stability, management.  These core things are not seen
by the end-user even though they directly affect them. I need to find
something that the end-users will like to see and something that benefits
them.  I'm just coming up blank on this.  In the past, I have always been
instructions to use AD in ways that the end-user doesn't notice but
increases the functionality.

Thanks,

Charlie
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/


==
This message is for the sole use of the intended recipient. If you received
this message in error please delete it and notify us. If this message was
misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not
waive any confidentiality or privilege. CS retains and monitors electronic
communications sent through its network. Instructions transmitted over this
system are not binding on CS until they are confirmed by us. Message
transmission is not guaranteed to be secure. 

==

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Enhancement Question

2005-06-01 Thread joe 
At the widget company that I converted from NT4 to 2K the reason was simply
self-preservation. The NT4 architecture was ready to blow at any second due
to size, we were running with 80k users in a single domain, 75k users in
another, 60k in yet another. Obviously the domain structures were ready to
collapse at any time.

However once done, the automatic benefits of additional stability and
delegation were well worth the move on their own even if the users didn't
have anything to point at besides a possibly perceived stability
increase[1].

Basically I am saying I agree with Neal. Users shouldn't even be aware of
the underlying infrastructure let alone being sold on the benefits. In
infrastructure ops positions I tend to say that the better things run, the
less people know you and the things you work on exist. 

It isn't usually necessary to "invent" ways to use AD, things will crop up.
Some ideas though:

The first thing I would do is start ripping away native permissions from
everyone but a couple of Ent Admins (say 3 or 4 tops) and everyone else gets
by with delegated permissions, much easier to start that way versus trying
to clean it up later. Goal, better security and enterprise stability. A
strong step towards change control

The next thing would be to start populating AD with object lifecycle
management information. This includes object owners, review dates on when
the owner has to say the object is still in use, expiration dates on when
objects should be removed, etc. Again much easier to start that early versus
later. Goal, a cleaner happier NOS Directory without baggage.

Populate the organizational managament structures, location info, contact
info, etc and set up a web site to allow creation of org charts and display
user info. Don't store the pics in the directory, store them in a SQL Server
or someplace else. Alternatively, stick all this info into AD/AM and
leverage AD Auth to access the info. Check to see if the Polyarchy stuff
ever made into a production setup in MIIS, that is an amazing way to display
that info.

If you have multiple platforms look to start using kerberos on them so you
can have single sign on. Users should really notice this if they don't have
it.

Look at how or even if GPOs should be used for controlling machines and user
experience.

Publish printer and shared folder information.

Set up a web based self password reset unlock system. See MIIS functionality
or MTEC's PSYNCH. This could be done under NT4 as well but more secure I
think under AD due to giving out delegated rights to do the work.

Deploy Exchange 2003. 


  joe



[1] It couldn't be anything but perceived on the users side unless they were
monitoring availability and performance which would be a stretch for those
users. 



-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil
Sent: Wednesday, June 01, 2005 5:21 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Enhancement Question

It's funny how people approach AD this way - i.e. deploy and look to justify
its existence thereafter :)

When AD was designed and a business case was created, what were the
perceived benefits back then? Why not try to create additional benefit along
those lines? We all have different reasons for deploying AD - to some it's
simply an upgrade, to others it's seen as a way to simplify / improve the
Windows environment in many different ways. Identify your initial reasons
for deploying AD and then build from there.

For the record, I would argue that the end user need not see real, tangible
benefits in order that AD be seen to benefit the business itself. The real
benefits are normally less tangible.

neil


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: 31 May 2005 16:05
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question


This is an odd question.

We have just about finished up rolling out AD 2003 (from an NT domain) and I
have been charged with finding "several ways to utilize Active Directory to
optimize the management of our applications and infrastructure.  At least
one of the solutions should enhance functionality directly for the user
community."

I'm having problems of finding ways to enhance functionally for the
end-users.  Besides tying the AD into a one of our outsourced web based
applications to reduce their password count I'm stretching.  

I know of a number of management and infrastructure enhancements that could
be made but none enhance the functionality of our end-users to a point where
they will notice it and say "Wow, now that's cool".  

Does anyone know of a location where I can get ideas on this topic?  

Increased security, stability, management.  These core things are not seen
by the end-user even though they directly affect them. I need t

RE: [ActiveDir] Enhancement Question

2005-06-01 Thread Carerros, Charles 
Neil,

We deployed AD based on a very serious and well defined business case.
However, when we argued for this it was indicated that the end-user would
not feel any effects and all of the enhancements would be on the management
and stability side.  Since then, however, we have a new network manager who
would like us to show the end-user what the new benefits are from the
upgrade.  However, telling an end-user we can not manage your PC more
effectively, well, they just don't care about that.  So now I'm stuck
looking for a way to show them how great AD is.

I would like to thank everyone for their responses.

Thanks, 

Charlie

-Original Message-
From: Ruston, Neil [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 01, 2005 4:21 AM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] Enhancement Question


It's funny how people approach AD this way - i.e. deploy and look to justify
its existence thereafter :)

When AD was designed and a business case was created, what were the
perceived benefits back then? Why not try to create additional benefit along
those lines? We all have different reasons for deploying AD - to some it's
simply an upgrade, to others it's seen as a way to simplify / improve the
Windows environment in many different ways. Identify your initial reasons
for deploying AD and then build from there.

For the record, I would argue that the end user need not see real, tangible
benefits in order that AD be seen to benefit the business itself. The real
benefits are normally less tangible.

neil


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: 31 May 2005 16:05
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question


This is an odd question.

We have just about finished up rolling out AD 2003 (from an NT domain) and I
have been charged with finding "several ways to utilize Active Directory to
optimize the management of our applications and infrastructure.  At least
one of the solutions should enhance functionality directly for the user
community."

I'm having problems of finding ways to enhance functionally for the
end-users.  Besides tying the AD into a one of our outsourced web based
applications to reduce their password count I'm stretching.  

I know of a number of management and infrastructure enhancements that could
be made but none enhance the functionality of our end-users to a point where
they will notice it and say "Wow, now that's cool".  

Does anyone know of a location where I can get ideas on this topic?  

Increased security, stability, management.  These core things are not seen
by the end-user even though they directly affect them. I need to find
something that the end-users will like to see and something that benefits
them.  I'm just coming up blank on this.  In the past, I have always been
instructions to use AD in ways that the end-user doesn't notice but
increases the functionality.

Thanks,

Charlie
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/


==
This message is for the sole use of the intended recipient. If you received 
this message in error please delete it and notify us. If this message was 
misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not 
waive any confidentiality or privilege. CS retains and monitors electronic 
communications sent through its network. Instructions transmitted over this
system are not binding on CS until they are confirmed by us. Message 
transmission is not guaranteed to be secure. 

==

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Enhancement Question

2005-06-01 Thread Ruston, Neil 
It's funny how people approach AD this way - i.e. deploy and look to justify 
its existence thereafter :)

When AD was designed and a business case was created, what were the perceived 
benefits back then? Why not try to create additional benefit along those lines? 
We all have different reasons for deploying AD - to some it's simply an 
upgrade, to others it's seen as a way to simplify / improve the Windows 
environment in many different ways. Identify your initial reasons for deploying 
AD and then build from there.

For the record, I would argue that the end user need not see real, tangible 
benefits in order that AD be seen to benefit the business itself. The real 
benefits are normally less tangible.

neil


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: 31 May 2005 16:05
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question


This is an odd question.

We have just about finished up rolling out AD 2003 (from an NT domain) and I 
have been charged with finding "several ways to utilize Active Directory to 
optimize the management of our applications and infrastructure.  At least one 
of the solutions should enhance functionality directly for the user community."

I'm having problems of finding ways to enhance functionally for the end-users.  
Besides tying the AD into a one of our outsourced web based applications to 
reduce their password count I'm stretching.  

I know of a number of management and infrastructure enhancements that could be 
made but none enhance the functionality of our end-users to a point where they 
will notice it and say "Wow, now that's cool".  

Does anyone know of a location where I can get ideas on this topic?  

Increased security, stability, management.  These core things are not seen by 
the end-user even though they directly affect them. I need to find something 
that the end-users will like to see and something that benefits them.  I'm just 
coming up blank on this.  In the past, I have always been instructions to use 
AD in ways that the end-user doesn't notice but increases the functionality.

Thanks,

Charlie
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

==
This message is for the sole use of the intended recipient. If you received 
this message in error please delete it and notify us. If this message was 
misdirected, Credit Suisse, its subsidiaries and affiliates (CS) do not 
waive any confidentiality or privilege. CS retains and monitors electronic 
communications sent through its network. Instructions transmitted over this
system are not binding on CS until they are confirmed by us. Message 
transmission is not guaranteed to be secure. 
==

List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Enhancement Question

2005-06-01 Thread Dan Holme 
Charlie:

This is a question I'm getting from a LOT of my clients these days.  I'd
be happy to chat through some ideas with you, but it's too much to type
out.  Give me a shout and I'll spend a bit of time talking you through
some "ooh-ahh-wow" things you can do with AD.   888.381.6956.

Dan Holme
Intelliem


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray
Sent: Tuesday, May 31, 2005 1:10 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Enhancement Question

You could look at pre-populating the location field for printer
searches.
This is quite a nice feature that uses the IP subnet of the workstation
the
user is logged on to to locate the nearest printer.  There's a few tasks
you
need to do to enable this, but it can be worth the effort, especially in
distributed organisations.  See the following whitepaper for more
information on this.

http://www.microsoft.com/windows2000/technologies/fileandprint/print/add
eplo
y.asp 

As you suggest, there are not a huge number of benefits that are
directly
visible to the end user.  

Tony

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros,
Charles
Sent: Wednesday, 1 June 2005 3:05 a.m.
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question

This is an odd question.

We have just about finished up rolling out AD 2003 (from an NT domain)
and I
have been charged with finding "several ways to utilize Active Directory
to
optimize the management of our applications and infrastructure.  At
least
one of the solutions should enhance functionality directly for the user
community."

I'm having problems of finding ways to enhance functionally for the
end-users.  Besides tying the AD into a one of our outsourced web based
applications to reduce their password count I'm stretching.  

I know of a number of management and infrastructure enhancements that
could
be made but none enhance the functionality of our end-users to a point
where
they will notice it and say "Wow, now that's cool".  

Does anyone know of a location where I can get ideas on this topic?  

Increased security, stability, management.  These core things are not
seen
by the end-user even though they directly affect them. I need to find
something that the end-users will like to see and something that
benefits
them.  I'm just coming up blank on this.  In the past, I have always
been
instructions to use AD in ways that the end-user doesn't notice but
increases the functionality.

Thanks,

Charlie
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/



List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Enhancement Question

2005-05-31 Thread Tony Murray 
You could look at pre-populating the location field for printer searches.
This is quite a nice feature that uses the IP subnet of the workstation the
user is logged on to to locate the nearest printer.  There's a few tasks you
need to do to enable this, but it can be worth the effort, especially in
distributed organisations.  See the following whitepaper for more
information on this.

http://www.microsoft.com/windows2000/technologies/fileandprint/print/addeplo
y.asp 

As you suggest, there are not a huge number of benefits that are directly
visible to the end user.  

Tony

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros, Charles
Sent: Wednesday, 1 June 2005 3:05 a.m.
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question

This is an odd question.

We have just about finished up rolling out AD 2003 (from an NT domain) and I
have been charged with finding "several ways to utilize Active Directory to
optimize the management of our applications and infrastructure.  At least
one of the solutions should enhance functionality directly for the user
community."

I'm having problems of finding ways to enhance functionally for the
end-users.  Besides tying the AD into a one of our outsourced web based
applications to reduce their password count I'm stretching.  

I know of a number of management and infrastructure enhancements that could
be made but none enhance the functionality of our end-users to a point where
they will notice it and say "Wow, now that's cool".  

Does anyone know of a location where I can get ideas on this topic?  

Increased security, stability, management.  These core things are not seen
by the end-user even though they directly affect them. I need to find
something that the end-users will like to see and something that benefits
them.  I'm just coming up blank on this.  In the past, I have always been
instructions to use AD in ways that the end-user doesn't notice but
increases the functionality.

Thanks,

Charlie
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/



List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/

RE: [ActiveDir] Enhancement Question

2005-05-31 Thread Joe Pochedley 
Do you have a new app you need to roll out that you can publish or
assign through AD?  Users get a kick out of being able to install new
software themselves or seeing updated software install auto-magically...

You could use LDAP and a little web page to make a simple phone number /
email address lookup page that pulls the info from AD... 

You could re-configure their Internet Explorer home page to point to the
corporate intranet (and prevent them from changing it)...  :)

Just some suggestions.

FWIW, AD isn't about making users go "oh, that's cool"  It's about
making administrators go "damn, that's useful".

Joe Pochedley
A computer terminal is not some clunky old television
with a typewriter in front of it. It is an interface 
where the mind and body can connect with the universe
and move bits of it about. -Douglas Adams 

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Carerros,
Charles
Sent: Tuesday, May 31, 2005 11:05 AM
To: 'ActiveDir@mail.activedir.org'
Subject: [ActiveDir] Enhancement Question

This is an odd question.

We have just about finished up rolling out AD 2003 (from an NT domain)
and I have been charged with finding "several ways to utilize Active
Directory to optimize the management of our applications and
infrastructure.  At least one of the solutions should enhance
functionality directly for the user community."

I'm having problems of finding ways to enhance functionally for the
end-users.  Besides tying the AD into a one of our outsourced web based
applications to reduce their password count I'm stretching.  

I know of a number of management and infrastructure enhancements that
could be made but none enhance the functionality of our end-users to a
point where they will notice it and say "Wow, now that's cool".  

Does anyone know of a location where I can get ideas on this topic?  

Increased security, stability, management.  These core things are not
seen by the end-user even though they directly affect them. I need to
find something that the end-users will like to see and something that
benefits them.  I'm just coming up blank on this.  In the past, I have
always been instructions to use AD in ways that the end-user doesn't
notice but increases the functionality.

Thanks,

Charlie
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info   : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/