The web script authenticates against AD and checks for group membership in
the Join Computer to the Domain group. If they are members of the group
they are allowed to create the computer account. Their userid is used for
the creation of the computer account.
This group (Join Computer to the
Roger,
I do not want them to join the domain by using My network Places. If they
pre-create the computer account in the appropriate OU using the web page
they are able to join the domain. This forces them to name their computers
according to the naming standards and create the computer account
Bill,
Assuming that everything is withing the same organization, you will use
Exchange's database for resolution of addresses. Then, if it has to go to a
different server, as long as you have a record for that site's DNS server in
the DNS that the upgraded servers are using, you'll get there. It
Title: Message
This
is probably a misfeature of LDP.
AD
presents timestamps through the LDAP interface as defined by RFC 2252 section
6.14 "Generalized Time". The RFC defers to the ITU definition in X.208, which
was superceded by X.680. Note thatActive Directory includes a decimal and
Ms-DS-machineAccountQuota is an optional attribute of the samDomain class,
which is an auxillary class that is attached to the domainDNS class.
-Original Message-
From: Greg Felzer [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 27, 2003 7:40 AM
To: [EMAIL PROTECTED]
Subject: RE:
Correction: Should read ...as long as you have a record for that site's
Exchange server in the DNS that the upgraded servers are using...
Sorry, my proofreader is on vacation... :-)
- Original Message -
From: Marc Zukerman [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, February
Greg, if you create an Acct Creation user, and set your script to use
those credentials from the webpage, wouldn't that work for you? In this way,
you can grant computer acct creation rights to just that user and set the
quotas on everyone else to prevent creation of accts through any method
other
Title: Dual Administration of partially migrated NT 4 domains
We are in the process of planning our migration to ADS from 90 NT 4 domains that are used for authentication within the company into a single forest with one domain. Some of these NT domains contain upwards of 3K to 4K user
Title: Dual Administration of partially migrated NT 4 domains
Nel,
That is a bit broad to answer in a post. This is
why consulting companies are in business. They are there to aid companies
through the really complex migrations. You can check out Microsoft's site for a
number of case
Title: Message
Nef,
I
won't hold punches on this answer.
Get a
plan in place, and Microsoft Operations Framework is about as good as any.
As Marc says - there are a number of good 'best practice' studies, white papers,
etc to guide you. Given that I'm at the tale end of a 3 year process
10 matches
Mail list logo