RE: [ActiveDir] OT/ cannot share resources

tcp/ip to answer your question. As it turns out the network card was bad. Now why did that not show up when it was pinged? -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner@;mail.activedir.org]On Behalf Of David N. Precht Sent: Thursday, October 24, 2002 8:00 PM To: [EMAIL

RE: [ActiveDir] OT/ cannot share resources

What protocols are running on that box? -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of Michael Tock Sent: Thursday, October 24, 2002 11:21 To: [EMAIL PROTECTED] Subject: [ActiveDir] OT/ cannot share resources Ok you network people, I

RE: [ActiveDir] Sites with no DC

Title: Message I haven't tested it myself, but I doubt very much. Assuming the programmers used reasonable data structures internally, the calculation should be pretty straightforward. Of all the things a DC does during authentication, I suspect that site determination is one of the quickest

RE: [ActiveDir] Sites with no DC

Roger, You know, Robbie Allen at Cisco as a cool setup where they dredge the router config information every night and rebuild the site topology based on the router configs. No need to talk to the network engineers at all! He prowls the list and might offer more commentary. -gil -Original Me

RE: [ActiveDir] Mac and AD integration

Also see http://www.microsoft.com/mac/ There are also a number of good articles in TechNet. -Mark -Original Message- From: Noah Eiger [mailto:neiger@;prbo.org] Sent: Thursday, October 24, 2002 5:27 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Mac and AD integration You might check

RE: [ActiveDir] DNS for Parents and Childs

Yes - what's the question? Rick Kingslan - Microsoft MVP [Windows NT/2000] Microsoft Certified Trainer MCSA, MCSE+I - Windows NT / 2000 "Any sufficiently advanced technology is indistinguishable from magic." --- Arthur C. Clarke > -Original Message- > From: [EMAIL PROTECTED]

RE: [ActiveDir] ADMT v2

ADMT requires that the target be native, too. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of > Salandra, Justin A. > Sent: Thursday, October 24, 2002 11:18 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] ADMT v2 > > >

RE: [ActiveDir] LDAP referral during subtree search

See, I always get into trouble when I'm cynical. I didn't even look in the larger .EXE file. -gil -Original Message- From: Fugleberg, David A [mailto:david.fugleberg@;nwa.com] Sent: Thursday, October 24, 2002 1:14 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] LDAP referral during sub

RE: [ActiveDir] Mac and AD integration

You might check out this site: http://www.macwindows.com/Win2000.html > -Original Message- > From: [EMAIL PROTECTED] > [mailto:ActiveDir-owner@;mail.activedir.org]On Behalf Of Oliver Marshall > Sent: Thursday, October 24, 2002 1:11 AM > To: [EMAIL PROTECTED] > Subject: [ActiveDir] Mac and

RE: [ActiveDir] OT/ cannot share resources

I am way past looking at the basic network fixes. As it turned out a new network card has solved the problem. It would have seem that ping would have shown that to be the problem. At what layer does the browser service work? -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-ow

RE: [ActiveDir] Two Domains on Same Subnet / DNS & AD Integrated

It will allow it, but defeat the basic purpose. Each DNS server will believe itself to be SOA and as such the clients that access the ROOT dns servers will get one response for the reverse lookup zones and clients that use the child will get another. IMS You would setup the SOA on one or the oth

Re: [ActiveDir] OT/ cannot share resources

It's been a long time since Ive touched a 98 workstation. Have you verified that file and printer sharing is enabled under the network properties? What happens when you try to share folders? Tim Hines, MCSA, MCSE (2000 & NT4) MVP - Active Directory - Original Message - From: "Michael

RE: [ActiveDir] OT: Scripting question

WSH as the ability to do that - shouldn't be that hard. I don't have the book handy, but I think either Tim Hill's or Thomas Eck's books covers that in detail. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger an

RE: [ActiveDir] OT: Scripting question

Does anyone know the wsh call to rename a key though? I have been unable to find it. Unfortunately, I do not have either of the texts you reference, but I have put them on the wish list! -Original Message- From: Roger Seielstad [mailto:roger.seielstad@;inovis.com] Sent: Thursday, October 2

RE: [ActiveDir] OT: Scripting question

I don't think there is a rename. You would just read the old, write the new with that info and then delete the old. -Original Message- From: Bjelke John A Contr AFRL/VSIO [mailto:John.Bjelke@;kirtland.af.mil] Sent: Thursday, October 24, 2002 11:09 AM To: '[EMAIL PROTECTED]' Subject: RE:

[ActiveDir] OT/ cannot share resources

Ok you network people, I cannot share my files on just one of my computers, it is just a small peer to peer workgroup. I can see the computer in the network neighborhood. The computer I am having problems with has win 98. So what is causing the problem, and how do I fix it. List info : http://w

RE: [ActiveDir] LDAP referral during subtree search

Dave If you want an in-depth view on Active Directory LDAP support, see this whitepaper from Dan Thompson. http://www.microsoft.com/windows2000/techinfo/howitworks/activedirectory/ldap.asp It explains the whole area of LDAP referrals very clearly (well, as clear as anything can be with LDAP)

RE: [ActiveDir] ADMT v2

Should be able to do that no problem. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -Original Message- > From: Salandra, Justin A. [mailto:jasalandra@;chcsnet.org] > Sent

RE: [ActiveDir] OT/ cannot share resources

Michael, a little more info would be helpful, but let me ask a few things: 1)Have you enabled and print sharing on the 98 box in question? 2)Are the subnet masks the same on all machines in the workgroup? 3)Is the workgroup name the same on all boxen? 4)Can you ping and/or tracert to the t

RE: [ActiveDir] Modifying Multiple Active Directory User Accounts at Once

Hello all, While on the subject of Citrix/ Terminal Services, has anyone come across the need to modify the user object class to include an attribute for 'Login Scripts' with the 'Terminal Server Profile'? There is a need for us to run another login script to map some drives to a data-sensitiv

RE: [ActiveDir] OT: Scripting question

That's what I was afraid of. It doesn't make sense to me that you can rename from the console but not programatically! Oh, well. -Original Message- From: Carey, Greg [mailto:Greg.Carey@;haledorr.com] Sent: Thursday, October 24, 2002 9:18 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir

RE: [ActiveDir] Modifying Multiple Active Directory User Accountsat Once

I'm not sure about an TS specific login script option in AD, but in our TS/Citrix environment we have solved this using the %systemroot%\system32\usrlogn.cmd command file mechanism. The usrlogon.cmd file gets called by default when a user logs on. >From the .cmd file we would call a separate script

RE: [ActiveDir] ADMT v2

You've got Movetree to move objects within a Forest. You don't need to migrate with ADMT. http://www.winnetmag.com/Articles/Index.cfm?ArticleID=7614 Tony -- Original Message -- From: "Salandra, Justin A." <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] D

RE: [ActiveDir] ADMT v2

I believe there are prune and graft tools that will let you do a intra-forest migration like that. I look at ADMT as an inter-forest migration tool. I have not investigated the intra-forest tools so I don't have the details. Diane -Original Message- From: Salandra, Justin A. [mailto:jas

[ActiveDir] DNS for Parents and Childs

Does anyone have this type of configuration in place for Parent and child domain DNS. You can find the setup on MS Q Article 255258 Q255248 - HOW TO: Create a Child Domain in Active Directory and Delegate the DNS Namespace to the Child Domain

RE: [ActiveDir] ADMT v2

But move tree requires that the target domain be in native mode. I have some places that need to stay in mixed mode. -Original Message- From: Tony Murray [mailto:tony@;mail.activedir.org] Sent: Thursday, October 24, 2002 11:38 AM To: [EMAIL PROTECTED] Subject:RE: [Active

RE: [ActiveDir] OT: Scripting question

Correct - there is no option to rename in the registry. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -Original Message- > From: Carey, Greg [mailto:Greg.Carey@;haledorr.c

RE: [ActiveDir] Modifying Multiple Active Directory User Accountsat Once

We do something similar to that with our citrix/termservers versus workstations using the %windir% variable in a batch file if %windir% == J:\WTSRV goto termserv if %windir% == J:\WINNT goto citrixmf :wrkstn call workstation.kix goto end :termserv call termserv.kix goto end :citrixmf call cit

[ActiveDir] Domain Admin of 2 Domains Question

This is probably an easy question, but I my brain just isn't cooperating. Let's say I have a user account in Domain1 that I need to be a Domain Admin in. Easy, I add myself to the Domain Admins group. If we create a second Domain (or whatever reason), and I also want to be a Domain Admin of th

[ActiveDir] DS Client Issues

Title: Message We are planning  to switch to native node within a month, we a lot of of win9x clients still in the field. Is it a must to install the DS client on these machine? Has anyone had issues in native mode with win9x clients? Also has anyone see the DS client installation fail c

[ActiveDir] Domain Admin of 2 Domains Question

(Resending this once since it hasn't appeared after a few hours.) This is probably an easy question, but I my brain just isn't cooperating. Let's say I have a user account in Domain1 that I need to be a Domain Admin in. Easy, I add myself to the Domain Admins group. If we create a second Doma

RE: [ActiveDir] Domain Admin of 2 Domains Question

Enterprise Admin -Original Message- From: David Adner [mailto:davidadner@;adelphia.net] Sent: Thursday, October 24, 2002 1:35 PM To: '[EMAIL PROTECTED]' Subject:[ActiveDir] Domain Admin of 2 Domains Question (Resending this once since it hasn't appeared after a few hours

RE: [ActiveDir] DS Client Issues

See response in-line -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner@;mail.activedir.org] On Behalf Of Don Murawski (Lenox) Sent: Thursday, October 24, 2002 11:34 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] DS Client Issues We are planning to switch to native no

RE: [ActiveDir] ADMT v2

Well, you can - but it is meant more for entity to entity, e.g. forest to forest, NT Domain to Windows 2000. A migration from domain to domain within the same forest effectively ends up being a move of security principals - there is no option or ability to disable the source account and maintain i

RE: [ActiveDir] Domain Admin of 2 Domains Question

Thanks. I knew the Enterprise Admin group would take care of it, but I was hoping to not use it. I also forgot to mention that one of the Domain's could be an NT4 Domain. Enterprise Admin -Original Message- From: David Adner [mailto:davidadner@;adelphia.net] Sent: Thursday, Octo

RE: [ActiveDir] Domain Admin of 2 Domains Question

Add the "domain admins" global group from domain1 into the Builtin\Administrators group of domain2. Clyde Burns -Original Message- From: David Adner [mailto:davidadner@;adelphia.net] Sent: Thursday, October 24, 2002 11:19 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Domain Admin of 2

RE: [ActiveDir] ADMT v2

I understood ADMT to be a good method for migrating Intraforest if you need to move users & computers & Servers. As in the case of domain consolidation. We have used v1 to collapse domains into the parent. IE: Upgrade Domain 1 to AD.com Upgrade Domain 2 to child.AD.com Use ADMT to move the groups,

[ActiveDir] Secondary Root Domain DNS Zones

Hello Folks, I'm in the process of documenting the setup of a secondary DNS server of the root domain (ADI) to a child domain. Is it best practice to point the server hosting the secondary zone in the child domain to all root DC's or just one? I guess in the event of failure of that DC the zone

RE: [ActiveDir] DS Client Issues

Title: Message We still have 5,000 Wintendo boxes and they work fine (as far as a Wintendo box that is) with a native mode domain .  They are not using the DS client.  IHMO, I wouldn't waste time with it...    Just my .02   Diane -Original Message-From: Don Murawski (Lenox) [ma

RE: [ActiveDir] Sites with no DC

If you don't put DCs in sites and associate subnets with the sites, the locator process reduces to selecting the first responding DC. Depending on DC loads and WAN latency, you easily get authentications directed to almost anywhere on the network. It works, but not efficiently. -g -Original M

RE: [ActiveDir] DNS for Parents and Childs

We do.. -Original Message- From: Salandra, Justin A. [mailto:jasalandra@;chcsnet.org] Sent: Thursday, October 24, 2002 10:52 AM To: ActiveDir (E-mail) Subject: [ActiveDir] DNS for Parents and Childs Does anyone have this type of configuration in place for Parent and child domain DNS. Y

RE: [ActiveDir] DS Client Issues

Mixed mode/native mode has no impact on clients. All downlevel clients see it as an NT4 style domain. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -Original Message- > Fr

RE: [ActiveDir] OT: DMZ server security

Thanks, I will take a look at their site and see what I can find. John Hicks | KEMET Electronics Corporation | Network Engineer Phone: 864-228-4473 | E-mail: [EMAIL PROTECTED] | AOL IM: ipaq1978 [ Mailing: 2835 KEMET Way  Simpsonville, SC 29681 USA ] "Rick Kingslan" <[EMAIL PROTECTED]>

[ActiveDir] Two Domains on Same Subnet / DNS & AD Integrated

We are in the process of creating a multi-domain environment (empty root / multiple children).  The root and one child domain happen to be on the same subnet.  The root DCs have been created, and both forward and reverse lookup zones are AD integrated.  However, while creating the first chil

RE: [ActiveDir] Two Domains on Same Subnet / DNS & AD Integrated

No it can not be, as I have learned from this group, AD Integrated zones do not replicate between domains.  This only happens in a .NET enviorment.   You could try to setup the zone on the root and then set up the reverse zone also on the child and see if it will allow you to have two of

RE: [ActiveDir] LDAP referral during subtree search

Gil - It's that 'negative compression' feature... Actually, the compressed version includes some other goodies, including a powerpoint presentation, some sample vbs code, and such. After Tony jarred my memory, I went out looking on my hard disk and found that I had downloaded the doc some time

RE: [ActiveDir] Sites with no DC

I would agree that you want to register the subnets in Sites and Services. If a client attempts to authenticate from a subnet that is not registered, AD has no way to determine what site the client is in. It this case, I believe the client will query DNS for all of the DCs in the domain and the

RE: [ActiveDir] Sites with no DC

> Oh, and this all does assume that YOUR network engineers TELL you when > they put in a whole 'nother group of networks or sub-netted something > that you already had defined. No, really - I'm not bitter Glad to know that happens elsewhere, too.

[ActiveDir] AD DNS Problem

I need some help, my Web Designer has his AD Domain where he has many AD integrated zones for all the websites he maintains. He is now getting errors in his DNS Event Log that says that all the zones could not be loaded because Active Directory could not be contacted. I can open ADU&C and AD Site

[ActiveDir] OT: Scripting question

Hey folks... I need to automate repointing print queues on ~2000 clients to a different print server and retain user settings on each queue... does anyone know how to RENAME a registry key, either in VB, Perl, C++, or WSH? I can pull the value and create a new key to the same printer name

RE: [ActiveDir] ADMT v2

So I can use ADMT v2 in a Windows 2000 AD environment to migrate between domains? Such as parent to child? -Original Message- From: Rick Kingslan [mailto:rkingsla@;cox.net] Sent: Wednesday, October 23, 2002 6:50 PM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] ADMT v2 V

[ActiveDir] OT: DMZ server security

Hello All, I have been put in charge of developing security policies for all of our DMZ servers. I am fairly new to constructing security policies, I have been reading through mainly SANS and Microsoft security documents. They have yielded good things to consider, but I was wondering if anyone he

RE: [ActiveDir] Sites with no DC

I'd agree with Roger on this one - unless you don't mind machines in Pnsacola FL. Authenticating in Reno, NV. If we don't have one of our subnets defined to some site, we see messages from the Locator reporting that some machine at some site with the subnet xx.xx couldn't find an associated site.

RE: [ActiveDir] Default Wallpaper via GP

Title: Message Jamie,   IIRC, it can't be done with the base GP's as delivered without using the Active Desktop.   This however, doesn't mean that it can't be done.  It is possible to use a startup script to set the reg keys, or to create an entry in the .ADM of your choice to allow you to

RE: [ActiveDir] Sites with no DC

>From experience, I wouldn't trust the locator to get 'close' very often. During our initial deployment, the WAN team changed the IP pools of our VPN concentrators. After looking through some of the logs on domain controllers, we were seeing a very random distribution of authentication, with some

RE: [ActiveDir] Sites with no DC

You need to create a subnet, but not a discrete site. We tend to run a hub and spoke WAN layout - a small number of larger offices, each with a full infrastructure, all interconnected. The smaller offices are spoked off one of the larger offices. In the case of small offices without domain control

RE: [ActiveDir] User login takes a long time

Linton, SIDHistory should not slow down your operations. SIDHistory information is stored with the user object as well as on your GC's. When you kill off all NT4 access, the only time SIDHistory should come into play is when accessing resources. Any resource(s) that had references to the old NT

[ActiveDir] Default Wallpaper via GP

Does anyone know how to set a default backdrop via Group Policies without using the Active Desktop Wallpaper? Regards Jamie Simcox PC Network Technician J C Bamford Excavators Ltd ___ J. C. Bamford Excavators Ltd. Registered Office:

RE: [ActiveDir] Modifying Multiple Active Directory User Accountsat Once

Title: Message Thanks for this guys! I also found a couple of very useful applications which aid with AD maintenance, one aimed specifically at user, share and acl maintenance and the other at entire AD maintenance. Not sure I should be advertising these products on this list, so if you want

[ActiveDir] Mac and AD integration

Hi, Does anyone know of any documents relating to configuring Mac OS's (as many types as possible) so that they authenticate with AD ? There was one on the Apple site for ages, but its gone and I am trying to create a good source of Mac info for my site. Ta Olly