RE: CN format question
Only when it's tickled by a lookup. From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, February 03, 2012 2:26 PM To: NT System Admin Issues Subject: RE: CN format question Fall onto its back and giggle loudly? From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 3:02 PM To: NT System Admin Issues Subject: RE: CN format question IIRC, we had commas in our names too after our migration up from Winnt4 to Windows 2000. Because of some of the display issues (and because we only had a small number of staff on NT-based platforms at the time), we renamed everything to take out the commas and standardize. Otherwise, our cns would look about the same as yours, with my last name then first, but we also have middle initials. If I understand correctly, the cn is just reflecting the name on the object. You don't even really have to have a first/last name combo-it could be elmo, if that was the name of the object. What would the app do then? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 11:17 AM To: NT System Admin Issues Subject: RE: CN format question Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CN format question
I know this is an impossible question to answer without knowing everything we have here, but what are the ramifications of changing them. Look pretty easy and straightforward to do it. I don't mind fixing this app for these people if it doesn't burn me. What else would be looking at that CN? From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 3:02 PM To: NT System Admin Issues Subject: RE: CN format question IIRC, we had commas in our names too after our migration up from Winnt4 to Windows 2000. Because of some of the display issues (and because we only had a small number of staff on NT-based platforms at the time), we renamed everything to take out the commas and standardize. Otherwise, our cns would look about the same as yours, with my last name then first, but we also have middle initials. If I understand correctly, the cn is just reflecting the name on the object. You don't even really have to have a first/last name combo-it could be elmo, if that was the name of the object. What would the app do then? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 11:17 AM To: NT System Admin Issues Subject: RE: CN format question Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana
RE: CN format question
Any application going against AD could be configured to use it, potentially. From a pure AD perspective, the value is entirely insignificant beyond needing to be unique within the parent container/OU. Thanks, Brian Desmond br...@briandesmond.com w - 312.625.1438 | c - 312.731.3132 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Monday, February 06, 2012 11:38 AM To: NT System Admin Issues Subject: RE: CN format question I know this is an impossible question to answer without knowing everything we have here, but what are the ramifications of changing them. Look pretty easy and straightforward to do it. I don't mind fixing this app for these people if it doesn't burn me. What else would be looking at that CN? From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 3:02 PM To: NT System Admin Issues Subject: RE: CN format question IIRC, we had commas in our names too after our migration up from Winnt4 to Windows 2000. Because of some of the display issues (and because we only had a small number of staff on NT-based platforms at the time), we renamed everything to take out the commas and standardize. Otherwise, our cns would look about the same as yours, with my last name then first, but we also have middle initials. If I understand correctly, the cn is just reflecting the name on the object. You don't even really have to have a first/last name combo-it could be elmo, if that was the name of the object. What would the app do then? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 11:17 AM To: NT System Admin Issues Subject: RE: CN format question Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http
RE: CN format question
I was thinking more when it was fingered. [1] [1] http://en.wikipedia.org/wiki/Finger_protocol From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Monday, February 06, 2012 11:24 AM To: NT System Admin Issues Subject: RE: CN format question Only when it's tickled by a lookup. From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, February 03, 2012 2:26 PM To: NT System Admin Issues Subject: RE: CN format question Fall onto its back and giggle loudly? From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 3:02 PM To: NT System Admin Issues Subject: RE: CN format question IIRC, we had commas in our names too after our migration up from Winnt4 to Windows 2000. Because of some of the display issues (and because we only had a small number of staff on NT-based platforms at the time), we renamed everything to take out the commas and standardize. Otherwise, our cns would look about the same as yours, with my last name then first, but we also have middle initials. If I understand correctly, the cn is just reflecting the name on the object. You don't even really have to have a first/last name combo-it could be elmo, if that was the name of the object. What would the app do then? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 11:17 AM To: NT System Admin Issues Subject: RE: CN format question Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
RE: CN format question
Thanks Brian. While I will certainly do a ton of investigating and lab it first I am pretty confident all our apps (which are few) that do this use samaccountname. From: Brian Desmond [mailto:br...@briandesmond.com] Sent: Monday, February 06, 2012 1:57 PM To: NT System Admin Issues Subject: RE: CN format question Any application going against AD could be configured to use it, potentially. From a pure AD perspective, the value is entirely insignificant beyond needing to be unique within the parent container/OU. Thanks, Brian Desmond br...@briandesmond.commailto:br...@briandesmond.com w - 312.625.1438 | c - 312.731.3132 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Monday, February 06, 2012 11:38 AM To: NT System Admin Issues Subject: RE: CN format question I know this is an impossible question to answer without knowing everything we have here, but what are the ramifications of changing them. Look pretty easy and straightforward to do it. I don't mind fixing this app for these people if it doesn't burn me. What else would be looking at that CN? From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 3:02 PM To: NT System Admin Issues Subject: RE: CN format question IIRC, we had commas in our names too after our migration up from Winnt4 to Windows 2000. Because of some of the display issues (and because we only had a small number of staff on NT-based platforms at the time), we renamed everything to take out the commas and standardize. Otherwise, our cns would look about the same as yours, with my last name then first, but we also have middle initials. If I understand correctly, the cn is just reflecting the name on the object. You don't even really have to have a first/last name combo-it could be elmo, if that was the name of the object. What would the app do then? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 11:17 AM To: NT System Admin Issues Subject: RE: CN format question Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage
RE: CN format question
The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: CN format question
Commas are a special character. Your name is entered as Kennedy, Jim. Since the , is special to use the comma is must be Escaped by a \. Therefore you get the Kennedy\, Jim. http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzahy/rzahyunderdn.htm DN escaping rules Some characters have special meaning in a DN. For example, = (equals) separates an attribute name and value, and , (comma) separates attribute=value pairs.The special characters are , (comma), = (equals), + (plus), (less than), (greater than), # (number sign), ; (semicolon), \ (backslash), and (quotation mark,ASCII 34). A special character can be escaped in an attribute value to remove the special meaning. To escape these special characters or other characters in an attribute value in a DN string, use the following methods: 1. If a character to be escaped is one of the special characters, precede it by a backslash ('\' ASCII 92). This example shows a method of escaping a comma in an organization name: CN=L. Eagle,O=Sue\, Grabbit and Runn,C=GB This is the preferred method. 2. Otherwise replace the character to be escaped by a backslash and two hex digits, which form a single byte in the code of the character. The code ofthe character must be in UTF-8 code set. CN=L. Eagle,O=Sue\2C Grabbit and Runn,C=GB 3. Surround the entire attribute value by (quotation marks) (ASCII 34), that are not part of the value. Between the quotation character pair, all characters are taken as is, except for the \ (backslash). The \ (backslash) can be used to escape a backslash (ASCII 92) or quotation marks (ASCII 34),any of the special characters previously mentioned, or hex pairs as in method 2. For example, to escape the quotation marks in cn=xyzqrsabc, it becomes cn=xyz\qrs\abc or to escape a \: you need to escape a single backslash this way \\ Another example, \Zoo is illegal, because 'Z' cannot be escaped in this context. Thanks Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.comhttp://www.carlwebster.com/ From: Kennedy, Jim kennedy...@elyriaschools.orgmailto:kennedy...@elyriaschools.org Reply-To: NT Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Date: Fri, 3 Feb 2012 13:08:39 -0500 To: NT Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN’s are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC’s) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: CN format question
On Fri, Feb 3, 2012 at 1:08 PM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN’s are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC’s) I can't speak to the rest of your problem, but I bet that backslash is there because you have a comma in your CN (Common Name). The comma is used in that particular syntax of DN (Distinguished Name). So the comma has to be escaped somehow. A lot of systems use a backslash as an escape character. In a different syntax, I bet would see: /CN=Kennedy, Jim/OU=... -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CN format question
Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: CN format question
I would hazard to guess 50% of Active Directory deployments use CN=Last\, First RDN format. It is quite normal, and an application has no business trying to parse meaningful stuff out of the RDN anyway... that is why the discrete sn and givenName fields are there. Certainly if an application cannot tolerate an escaped comma in the DN at all, that's an application bug, not a problem with the directory data. IMHO, CN=logonid is a better way--this is how most non-AD directories roll--but I guess since ADUC slops the name fields into CN / RDN, that approach persists in AD generally. --Steve On Fri, Feb 3, 2012 at 2:16 PM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn’t the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can’t imagine my way is ‘wrong’. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you’ve shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can’t deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN’s are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC’s) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CN format question
IIRC, we had commas in our names too after our migration up from Winnt4 to Windows 2000. Because of some of the display issues (and because we only had a small number of staff on NT-based platforms at the time), we renamed everything to take out the commas and standardize. Otherwise, our cns would look about the same as yours, with my last name then first, but we also have middle initials. If I understand correctly, the cn is just reflecting the name on the object. You don't even really have to have a first/last name combo-it could be elmo, if that was the name of the object. What would the app do then? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 11:17 AM To: NT System Admin Issues Subject: RE: CN format question Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CN format question
Apparently the app is hard coded to only lookup CN's of Firstname Lastname Must have the space, no comma's and no deviation allowed. Oh well, if the department that wants this goes ahead with it they are going to spend a ton of time manually tagging AD accounts to accounts in this app. 7000 user changes per year is going to keep them busy. -Original Message- From: Steve Kradel [mailto:skra...@zetetic.net] Sent: Friday, February 03, 2012 3:19 PM To: NT System Admin Issues Subject: Re: CN format question I would hazard to guess 50% of Active Directory deployments use CN=Last\, First RDN format. It is quite normal, and an application has no business trying to parse meaningful stuff out of the RDN anyway... that is why the discrete sn and givenName fields are there. Certainly if an application cannot tolerate an escaped comma in the DN at all, that's an application bug, not a problem with the directory data. IMHO, CN=logonid is a better way--this is how most non-AD directories roll--but I guess since ADUC slops the name fields into CN / RDN, that approach persists in AD generally. --Steve On Fri, Feb 3, 2012 at 2:16 PM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: CN format question
On Fri, Feb 3, 2012 at 2:16 PM, Kennedy, Jim kennedy...@elyriaschools.org wrote: I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. ... They are looking for FirstName first. I'm not even sure the CN (Common Name) is required to be a person's name (and not, e.g., a logon ID or employee #). In any event, AD provides separate attributes for first name and last name. They should be using those. It's certainly not unusual to put last-name first. In particular, that's the way the entire Department of Defense works. Your app vendor is an idiot. internally redundant statement -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CN format question
Most customers I work with do CN=samAccountName or CN=badge number. CN=First Last or CN=Last, First are great for manual management with ADUC but beyond that they're obnoxious. Vendors assuming this is the only way data should be formatted, much less assuming that they can split on the first space to get the two tokens need to rethink things. Thanks, Brian Desmond br...@briandesmond.com w - 312.625.1438 | c - 312.731.3132 -Original Message- From: Steve Kradel [mailto:skra...@zetetic.net] Sent: Friday, February 03, 2012 2:19 PM To: NT System Admin Issues Subject: Re: CN format question I would hazard to guess 50% of Active Directory deployments use CN=Last\, First RDN format. It is quite normal, and an application has no business trying to parse meaningful stuff out of the RDN anyway... that is why the discrete sn and givenName fields are there. Certainly if an application cannot tolerate an escaped comma in the DN at all, that's an application bug, not a problem with the directory data. IMHO, CN=logonid is a better way--this is how most non-AD directories roll--but I guess since ADUC slops the name fields into CN / RDN, that approach persists in AD generally. --Steve On Fri, Feb 3, 2012 at 2:16 PM, Kennedy, Jim kennedy...@elyriaschools.org wrote: Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: CN format question
On Fri, Feb 3, 2012 at 4:01 PM, Miller Bonnie L. mille...@mukilteo.wednet.edu wrote: If I understand correctly, the cn is just reflecting the name on the object. You don’t even really have to have a first/last name combo—it could be “elmo”, if that was the name of the object. What would the app do then? If it's like most apps, crash and burn. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: CN format question
Fall onto its back and giggle loudly? From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 3:02 PM To: NT System Admin Issues Subject: RE: CN format question IIRC, we had commas in our names too after our migration up from Winnt4 to Windows 2000. Because of some of the display issues (and because we only had a small number of staff on NT-based platforms at the time), we renamed everything to take out the commas and standardize. Otherwise, our cns would look about the same as yours, with my last name then first, but we also have middle initials. If I understand correctly, the cn is just reflecting the name on the object. You don't even really have to have a first/last name combo-it could be elmo, if that was the name of the object. What would the app do then? From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 11:17 AM To: NT System Admin Issues Subject: RE: CN format question Thanks Bonnie, that was my feeling also. I too feel it is an app issue, but wanted to get some opinions since I am fuzzy on this. The issue isn't the \, they are choking on my lastname then firstname. They are looking for FirstName first. I would be shocked that they cannot accommodate my way. Can't imagine my way is 'wrong'. It was just a choice someone made here before my time. From: Miller Bonnie L. [mailto:mille...@mukilteo.wednet.edu] Sent: Friday, February 03, 2012 2:01 PM To: NT System Admin Issues Subject: RE: CN format question The part you've shown us looks normal to me for Microsoft AD. The \ is there to escape the comma that follows. Maybe their app can't deal with that? http://www.informit.com/articles/article.aspx?p=101405seqNum=7 From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org]mailto:[mailto:kennedy...@elyriaschools.org] Sent: Friday, February 03, 2012 10:09 AM To: NT System Admin Issues Subject: CN format question Having an issue with a vendor with some LDAP lookups. I certainly saw this years ago, but never looked into it. Our CN's are backwards from how most people do it I think. Is there anything wrong with it being this way? Why is that \ there? CN=Kennedy\, Jim,OU=(Redacted list of OU/DC's) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin