Thanks for checking Gil.
Todd
-Original Message-
From: Gil Kirkpatrick [mailto:gilk@;netpro.com]
Sent: Monday, October 21, 2002 11:54 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] AD Integration of DDNS Zone and zone replication
Solution!
Hey Todd,
I know we check for proper DNS
Title: Message
ahh,
compiled... right... where's the fun it that?
:-p
To augment Rick's suggestion, you might also try Richard
MacDonald's SID Checker v1.0. It converts both ways sid -> username/username
-> sid
http://www.richmac.org/tools/sidchk/sidchk2.html
Regards,
Richard
Title: Message
Brian,
I like
Richard's script. Great stuff to learn from.
BUT -
just in case you want a compiled tool, check out a fellow MVP's site for tools
that will do what you need. Joe even bills it as the complement to
getsid.exe.
Find
Joe Richard's site and collection of too
Brian,
There's probably a couple of tools/scripts out there, but here's one using
WMI and VBS.
Hope this helps,
Richard
option explicit
' declares
dim strUsrPDC, strUsrDom, strUsrAct, strUsrPwd, strUsrSid, strUsrName
' - target userid information -
' string sid to search for
strUsrSid = "S-1
Title: Opposite of GETSID.EXE (OT?)
All-
I am looking for a utility (or script) that will translate an account's SID into an account name. I want to feed the utility (or script) the SID and have the account named returned via the command prompt.
Basically, the tool would do the opposite o
Version 1 was/is usable in Win2k environments as well - typically cross
forest.
>From the ADMT v 2.0 README:
Scripting and command-line interface
Password migration
Migration log files
Credentials needed for migration operators
SID Mapping Files for security translation
Windows 2000 attribute exc
Title: Message
How much overhead does leaving it up to
the locator incur?
Ken
-Original Message-
From: Gil Kirkpatrick [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, October 23, 2002
4:37 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Sites
with no DC
Hey Don,
Title: Message
Hey
Don,
Is
this your first post to the list? If so, welcome.
To
answer your question, no you don't have to create a site for each subnet. You
can associate multiple subnets with a single site. Or you can leave the
subnets unassigned, and the DC locator will do its best t
Title: Message
We have subnets
without dc's, do you need to create a site and subnet in Sites and Services
anyway for those sites?
Don L Murawski
It's running on Solaris. I don't know what LDAP libraries they use.
Dave
-Original Message-
From: Gil Kirkpatrick [mailto:gilk@;netpro.com]
Sent: Wednesday, October 23, 2002 11:10 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] LDAP referral during subtree search
David,
Glad to hel
I have used a tool from www.smallwonders.com called secure copy. I dont know
what it can offer you moving files between domains but I use it to move
files around within a domain all the time. It moves files, ntfs perms,
shares and perms, and will even recreate local groups on the destination
server
Hi,
Has anyone tried setting up Folder Redirection Group Policies with the .NET
version of the AD Users and Computers Tool? Normally, Folder Redirection is
located under:
User Configuration-->Windows Settings-->Folder Redirection.
However, w/ the .NET version of the tools, there are no Folder
Rmtshare is a command line tool that will add shares to a folder. Here is an
example.
rmtshare \serverA\alotz="d:\users\alotz /grant ynet\alotz:c /grant
"wgh-nw-adm":f /remove everyone
This will create a share on serverA on a folder alotz in the directory
users. Giving alotz change permissions a
What is a rmtshare script?
-Original Message-
From: Patrick.Jackson [mailto:Patrick.Jackson@;gov.yk.ca]
Sent: Wednesday, October 23, 2002 12:45 PM
To: '[EMAIL PROTECTED]'
Subject:[ActiveDir] File Server
Good Morning,
We are in the process of changing over a file serve
Good Morning,
We are in the process of changing over a file server from one server to
another. The new server will be in our new AD and we use roaming profiles. I
very much value this group's opinion and was therefore looking to see if I
am missing anything or could do the job better.
Here are t
David,
Glad to help...
Is the app server running on W2K or some Unix variant? If its running on
W2K, I'd be amazed if they were using their own LDAP client instead of the
MSFT-supplied client. You could check to see if the server loads the
WLDAP32.DLL.
-g
-Original Message-
From: Fugleb
Oh yeah, I realized that after I sent it.
-Original Message-
From: Rick Kingslan [mailto:rkingsla@;cox.net]
Sent: Friday, October 18, 2002 2:07 PM
To: [EMAIL PROTECTED]
Subject:RE: [ActiveDir] RAID configuration on DC's
Justin,
Check that - NTDS.DIT resides in the %syst
What is the difference between ADMT v2 and v1? Can you use the ADMT v2 in a
Windows 2000 Active Directory Enviorment?
Justin A. Salandra, MCSE
Senior Network Engineer
Catholic Healthcare System
914.681.8117 office
646.483.3325 cell
[EMAIL PROTECTED]
-Original Message-
From: Rick King
I'm curious too. The app server is WebLogic 7.0, configured to use AD/LDAP as the
authentication provider. When the search base is the Users container, it binds to AD
(using an account created for that purpose), searches for the user, and binds as that
user with the credentials the user suppli
I'd consider that a false sense of security, for the exact reason Tony
mentioned - administrator has the same RID regardless of name - any half
intelligent script kiddie would hack using the RID rather than the username
anyway.
--
Roger D. Seiels
Diane,
Glad to hear that everything is working. I was a bit concerned that
your password migration scenario was not working. It's been flawless
for us.
Now, as to the "migration can _only_ be done on the computer that
generated the key" - Yep. Did you miss that in the notes that I posted
on th
Tony said:
"Could it be that the Administrator account has been renamed and new
account created using the name "Administrator". Why anyone would want
to do this I don't know, but it can be done (just tested it)."
---
I have been known to do this on some DMZ or Internet facing
I have done just that for security reasons. (Rename the administrator
account and create a dummy "Administrator" account with no real privileges.)
Its been for situations where someone is trying to 'guess' what the
administrator account is and let them spin their wheels harmlessly. And in
one case
Are you using IPX by any chance. We had a problem like this too.
Q260399
-Original Message-
From: [EMAIL PROTECTED] [mailto:rrutherford@;dek.com]
Sent: Tuesday, October 22, 2002 4:27 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] 98 user account lockouts
Hi All,
We have just perform
Ok, so this is an old thread - sorry to raise the dead. :-)
I had an idea about this. Could it be that the Administrator account has been renamed
and new account created using the name "Administrator". Why anyone would want to do
this I don't know, but it can be done (just tested it).
If this
While not specifically the purpose of the app, I believe MessageOne's
MessageView (http://www.messageone.com/MV.asp) could do something along
those lines. Also, Promodag might do it as well.
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
26 matches
Mail list logo