Gil's example is great to show the value of WMI filters for GPOs in
Win2k3...
Another GPO independent option is to check the registry for the existance of
the PCMCIA key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Pcmcia
you'll likely find this on every laptop, but hardly on any desktop
Title: Message
No
problem - glad you found a solution, and to have been of
assist.
-rtk
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gasper,
RickSent: Tuesday, March 18, 2003 10:42 PMTo:
[EMAIL PROTECTED]
Rick,
We
found that out after playing a little more. I was t
Title: Message
Rick,
We
found that out after playing a little more. I was trying to set it at the OU
level. Once I set it at the domain level it worked.
Thanks
for the assist.
Rick Gasper <>< Manager of Network Services King's College Wilkes-Barre PA 18711 Phone:
570-208-5845 Fax: 570-
Title: Message
Rick,
Where
is this password policy being implemented? In Active Directory, typically
password policy must be implemented at the Domain level - it cannot (except for
specific cases which are outside the scope of this discussion) be implemented at
Site, OU, or at the Default
Given the high visibility of ANYTHING Microsoft, they have to review
these issues - even though there is likely no connection - other than
name
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Origina
Title: Message
Yep -
did see it.
It's
not too bad ;-) Good job, Gil.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bjelke John
Title: Message
I actually subscribed just so I could read the
article online last Wednesday. On Thursday, I was in training
and the center had a copy of the issue sitting in their magazine rack.
From what I've read, it's a great article.
Thanks much.
John WitasickProject Manager - Windo
Title: Message
Hey
John,
Thanks
for the kind words. Hope you found the article useful.
FWIW,
I believe getting the article online requires that you be a subscriber to
Windows&.NET Magazine.
Some of the information in the article was based on what I
learned from Dung Hoang-Khac from
Title: Force password length problem
Hi all,
I am using GPOs to force a password length of 5 characters. I force a password reset and my test account is allowed a password of zero length (blank). I checked TechNet and didn't find anything. If I don't enter the new password correctly the mes
Title: Anybody see Gil's article?
Funny
you mention that, I had let my subscription lapse and that article was enough to
get me off my duff last week to pay up so I could view the article online.
:-]
Nice
job Gil...
-Original
Message-From: Bjelke John A Contr AFRL/VSIO
[mailt
Understood,
I just saw this quote "Microsoft officials said that, while they're still
researching the issue, they don't believe that operating system is
vulnerable."
and know that some MSFT people read this list, and maybe they would be
willing to enlighten the list when they have something more c
Title: Message
Oops, you are EXACTLY right. My reading glasses
were broken... er... :-)
5.5 has no problems in AD no matter what format you
are in, native or mixed.
Marc Zukerman
Senior Network Engineer
Greenwich Technology Partners
- Original Message -
From:
Mike Newell
Title: Anybody see Gil's article?
March issue of Windows & .NET magazine has an article by Gil Kirkpatrick on AD Authentication Topology that is definitely worth a read.
http://www.winnetmag.com/Articles/Index.cfm?ArticleID=37935 is the article online. Good stuff Gil!
John A. Bjel
AD won't be affected. The vulnerability was found in Kerberos v4, while AD
is built on Kerberos v5. Very different beast.
--
Roger D. Seielstad - MCSE
Sr. Systems Administrator
Inovis Inc.
> -Original Message-
> From: Myrick, To
http://www.eweek.com/article2/0,3959,937385,00.asp
Just saw this and wondered if anyone on the list has a comment about it. I
sent a request to our MS TAM for comment on the article and will post
anything I get to the list.
Todd Myrick
List info : http://www.activedir.org/mail_list.htm
List FA
To more fully answer your cross-posted question, your server being set as a
forwarder is fine. It will forward for any domain for which it isn't
considered authoritative. Its authoritative for any zone which is has as a
primary, secondary or AD integrated zone.
Currently I'm using a primary DNS on one of my domain controllers. The
setup is a partial integration. I would like to have a full integration
with AD. My DNS server is acting as a forwarder so I'm not sure if a
full integration will work? Or will it? I have two domain controllers
and one E2k serve
Title: Message
I
believe you have that backwards, Marc. The Public Folder issues happen with
going E2k not AD Native Mode.
In
Exchange 5.5, public folder security is entirely managed with Exchange directory
objects. These can be replicated using the ADC into AD, but there's no need to
unt
Title: Message
That’s only if he decides to migrate to Exchange 2K right?
-Original
Message-
From: Marc Zukerman
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 18, 2003
10:43 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Native
Mode in AD
It can
be done, but there is a
Title: Message
It can be done, but there is an issue with the
public folders and the distribution lists that have been given access to them.
See the following Q article:
http://support.microsoft.com/default.aspx?scid=kb;en-us;297016
Don't be scared. They say you "must" run in native
mode.
Sorry I should have taken a bit more time
http://www.microsoft.com/windows2000/en/server/help/default.asp?url=/windows2000/en/server/help/sag_ADgroups_9builtin_intro.htm
Robert Rutherford
Hi All,
Does anyone know where I can grab a list of the rights for the builtin
groups?
Thanks in advance,
Rob
This E-mail and any files transmitted with it are in
commercial confidence and intended solely for the use of
Title: Message
We were also on 5.5 for a while (before going
to 2K) all the while in Native AD mode
-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 18, 2003
11:14 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Native
Mode in AD
Title: Message
Nope.
I've done it for close to 2 years now without issue.
Roger
--
Roger D. Seielstad -
MCSE Sr. Systems Administrator Inovis Inc.
-Original Message-From: Don Murawski
(Lenox) [mailto:[EMAIL PROTEC
Title: Message
Are there any issues with
Active Directory Native Mode and Exchange 5.5?
Don L.
Murawski
Sr. Network
Administrator
WorldTravel
BTI
Phone: (404)
923-9468
Fax: (404) 949-6710
Cell: (678) 549-1264
<>
Title: Message
Does anyone know if
Microsoft Directory Synchronization Services for Netware (MSDSS) will
work with Windows Server 2003? If not, is there a planned update? I
didn't see anything on the MS site in reference to MSDSS and Windows Server
2003.
Thanks,
-doug
__
It does do ‘desktop lockdown’
though, not with regards to things like removing the run command but many
lockdown options down to the file level security, (which is what I thought you
were looking for). Any additional Desktop configuration can be done via
scripts.
-Original Message--
I don't think this tool does desktop
settings… L
Amit Zinman
Systems Consultant
Integrity Systems
[EMAIL PROTECTED]
03-7522424
058-326753
From: Sullivan, Kevin
[mailto:[EMAIL PROTECTED]
Sent: Sunday, March 16, 2003 2:59
PM
To: [EMAIL PROTECTED]
If they are us
28 matches
Mail list logo