Title: Message
Hi guys,
I am
having a little problem that is really bugging down my network.
I have two
domain controllers on my network and about 300 users all logging on to the
domain. For some funny reason for which I cannot explain anybody can walk up to
a domain controller and
All,
Need a bit of advise here...Our sister company has decided to eventually
migrate to W2K and in their design considerations they have put forward a
proposal to create a new domain and have us integrate into it with them to
centralise things and therefore make things easier to manage etc. Do
-Original Message-
From: Blair, James [mailto:[EMAIL PROTECTED]]
Sent: 16 April 2002 13:28
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] It's A Question Of Trust...
All,
Need a bit of advise here...Our sister company has decided to
eventually migrate to W2K and in their
Still debating on what kind of scripting to use for Logins.
PDC is a 2000 Server, in Native mode. Ideally I would use the startup login script in
Group Policy for the whole domain, minimizing all administration. However I only have
about 10% of my machines on Windows 2000 Professional and
James,
My take on this is the same as it was literally 5 years ago when we
deployed out first test LAN in larger environments - KISS.
The single domain is a simple method to provide a managed environment
where the OU's create the management structure. Domains are typically
created for one of
Go with 2 domains in different Forest with 2-way transitive trusts, easier
and lesser hassles!
ERIC
- Original Message -
From: Blair, James [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 16, 2002 8:27 PM
Subject: [ActiveDir] It's A Question Of Trust...
All,
Need a bit
Eric,
Tell me I'm reading this wrong - two different forests - one for each
company - each forest with two domains? Or, is this a new forest with
two trees (tree root domains)?
Thanks!
Rick Kingslan - Microsoft MVP [Windows NT/2000]
Microsoft Certified Trainer
MCSA, MCSE+I - Windows NT /
I think neither, a forest for each company with one domain/forest. I would
go with one forest with 2 trees as you offered below.
- Original Message -
From: Rick Kingslan [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, April 16, 2002 10:23 AM
Subject: RE: [ActiveDir] It's A
James,
One thing that I neglected (or plain forgot - I'm the only one who knows
for sure!) is that the speed of the networks CAN have an impact. You
know this because it seems to be a primary concern.
The best way (or one of the best ways) to get around or to mitigate this
is to get the
Well I took these statements as telling
They are used to high speed WAN's and have predominantly office workers
with the OS, Office Suite, IE 6 etc installed. We on the other hand have
a lot of places linked by various methods of phone: Satellite, Mobile etc.
Over and above the standard
Nah Idee,
I agree wholeheartedly - short of one point. We've only heard from one
side. James' account of the current state does indicate that he has a
lot to lose. But, I would suspect (just the Consultant in me thinking
here) that the other company has a different perspective on the same
Hi Rick,
What I meant was one forest each for the comapnies. In each forest, one
domain and explicit trsust between the forests.
Consolidating everything into one domain is cool too, but there are more
pressing issues like boundary administration and ownership issues.
In short, the technology
KixStart is pretty handy. It has several features that make it easy to use
as a login script language. It's simple enough that even non-programmers
should be able to pick it up easily.
In my humble opinion, however, KixStart peters out pretty quickly when
attempting to do much more than map
Ever seen this error? I have replaced the ou and
server names with generic info but this is on every domain controller occurring
several times a minute.
Any ideas?
Event Type: Error
Event Source: NTDS SDPROP
Event Category: Internal Processing
Event ID: 1450
Date: 4/16/2002
If you are running SMS license metering, then I can think you can safely buy
only 25 copies. Correct me if I am wrong - any MS license managers out
there?
-Original Message-
From: Rick Kingslan [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 16, 2002 1:04 PM
To: [EMAIL PROTECTED]
Thank you Rick for your valuable insight; now please correct me if I am
wrong with my very personal, and definitely subjective, interpretation of
this fact. If I remember correctly, around 1996 or 1997 with most hardware
being extremely expensive, NCs (Network Computers) came out. This consisted
David,
You correct with the SMS licensing, although it does add some complexity to
deploying
clients, also we found trying to rollout out sms over 5000 clients in 37
european sites to be
an absolute pain, there weremany client problems especially with 9x clients
and old releases of Mcafee
I dont beleive this is correct, if I remeber correctly the Office license
states one PC for one individual
user, and in the US there used to be a clause which allowed it to be
install on a Home PC also.
We deployed Citrix and TS and had to purchase 1 license per person that
could use the
Well after much messing about and removing a linux
server from the network
my clients can now connect to the \\domain.co.uk\sysvol\ share to read
the group policy
information, however they are all logging the
following error every 2 hours (All are XP Pro clients.).
Security policies were
David,
Mostly, this is correct. MS DID, however, do away with concurrent
licensing for the office and home user, IIRC (this is what I mean - it's
to the point that it may as flippin' well be the US tax code!) you must
now HAVE a license for home and the office, unless it's on a laptop that
you
David: I dont beleive this is correct, if I remeber correctly the Office
license
states one PC for one individual user...
Rick: They now stipulate in most, not all, cases that
each user (USER) requires a license. So, you cannot have a siutation
where you set up one machine for everyone to use
And, you're right. It is insane, it is what they intended, and
IntelliMirror only makes the maddening reality only more obvious. Give
me technology to easily get software to users and then make the
licensing so unplatable that I won't want to use it. The horror, the
horror...
As to schools,
NetPro is hosting a conference in Scottsdale, AZ for experienced Active
Directory administrators and architects, May 19th-21st. Microsoft and
NetPro are sponsoring. It is intended to be an open exchange of experiences
with Active Directory, so the more companies that attend, the bigger pool of
I second that - my login scripts on NT4 have been perl based since I joined
- the flexibility is simply awesome.
I've been playing with deploying ActivePerl via GPO to my workstations then
writing GPO scripts in PerlScript (perl inside WSH files) - seems to work a
treat :)
Paul
Have any of you gathered information on what Event ID's are important to be
notified about for the following areas of AD and AD Domain Controllers.
Network
# of Network Session = Event ID for not being able to establish
sessions
# of LDAP Sessions = Event ID for not being able
Title: RE: [ActiveDir] Logon Scripting
That's pretty cool, but as not to scare anyone on the list off, I'd like to point out that Perl does not have to be installed on the workstations to use it for login scripts.
Perl can easily be invoked over the network via a UNC. I.e.:
Thanks, Ken, but that ain't the part that scares me about perl. I'm
just a programming wussie.
-Original Message-
From: Ken Cornetet [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 16, 2002 04:11 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Logon Scripting
That's
Title: RE: [ActiveDir] Logon Scripting
Thanks
all for your input, perl maybe a little outta my league, but I am definitely
willing to explore the option.
-Original Message-From: Ken Cornetet
[mailto:[EMAIL PROTECTED]]Sent: Tuesday, April 16, 2002 5:11
PMTo: '[EMAIL
I only wish I could use vbscript 95 and 98 machines are the bain of my existence.
-Original Message-
From: Sargent Joey E [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 16, 2002 9:23 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Logon Scripting
I have not seen anyone mention
Hi!
I am new to active directory. We are developing an application whereby user
will be able to download his corporate email([EMAIL PROTECTED]) into pop3
account developed by us. The user id and passwords are stored in active
directory on WIN2k Server which is there in the corporation ,We want
30 matches
Mail list logo
