HI,
well most of the topics about Proxy Server were still mentioned. We had the
same discussion a few months ago and this is a problem if you have different
browsers in use.
So in deed GPOs (default settings) and IEAK can only be used for Internet
Explorer which reduces the solutions.
We figured
Title: Message
Glenn,
Interesting questions, and I'd like to take a shot at
lending an opinion on some of these points. Firstly, privacy seems to have
become a trure art form in the States. From Graham-Leach-Bliley to HIPPA,
we're regulated to the n-th degree. I'm not sure if it's good
Title: Message
Thanks Todd.
At the moment, we arent hugely concerned about
putting *some* privacy information into AD, as this instance of AD will only be
for our external clients, and the attribute level ACL's provided by AD should
provide enough security to stop certain applications / use
Workstation machine accounts? I don't think so nor recall anything
about that? As for Authenticated Users group, yes.
On Tuesday, July 8, 2003, at 01:48 PM, Darren Mar-Elia wrote:
Richard-
Where are the GPOs linked? Have you checked permissions on them to
ensure that the workstation machine
Check out KB
http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b252898
I haven't used this feature, thought it could be relevant.
-Original Message-
From: Richard Sumilang [mailto:[EMAIL PROTECTED]
Sent: Tue 7/8/2003 4:49 PM
To: [EMAIL PROTEC
Has the "Everyone" group been added to the "Pre-Windows 2000 Compatible
Access" group in the new domain?
-Original Message-
From: Graham Turner [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 3:24 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] admt 2.0 - nt4 computer migration
Am
How so? 072 World Wide Web Servers?
On Tuesday, July 8, 2003, at 01:04 PM, Robinson, Chuck wrote:
DHCP Scope Options?
-Original Message-
From: Richard Sumilang [mailto:[EMAIL PROTECTED]
Sent: Tue 7/8/2003 3:29 PM
To: [EMAIL PROTECTED]
Cc:
Subj
While continuing my interest in this issue, I came across the following
Q-article that seems dead-on:
http://support.microsoft.com/default.aspx?scid=kb;en-us;316073
-Original Message-
From: Graham Turner [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 3:24 PM
To: [EMAIL PROTECTED
Richard-
Where are the GPOs linked? Have you checked permissions on them to ensure that the
workstation machine accounts have Read and Apply Group Policy perms? Authenticated
Users will do.
-Original Message-
From: Richard Sumilang [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 20
Check under the Computer Configuration side of the GPO
-Original Message-
From: Duncan, Larry [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 3:44 PM
To: '[EMAIL PROTECTED]'
Subject:RE: [ActiveDir] Proxy Server
Actually, I don't think so. The GPO path reference be
Assuming the other browser stores it proxy settings in the registry, you can create a
custom .adm template file and add it to a GPO, and set it that way. Let me know if you
need pointers on doing that.
-Original Message-
From: Duncan, Larry [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July
Am attempting the migration of computer from NT4 source domain to Windows
2000 target domain.
the migration environment is working fine with windows 2000 professional
clients
have got issues with the migration of an NT4 workstation
the extract from dispatch.log on the admt server is attached fro
Thats why everyone should use a Mac!!! Hehehe, with my mac I can just
specify it in my Network Settings for the system and that should work
for all my browsers. Anyways since we are bringing up GPO, I have a
finger to pick with that. For some reason my group policies are only
getting applied on
DHCP Scope Options?
-Original Message-
From: Richard Sumilang [mailto:[EMAIL PROTECTED]
Sent: Tue 7/8/2003 3:29 PM
To: [EMAIL PROTECTED]
Cc:
Subject: Re: [ActiveDir] Proxy Server
Oh wait, hmmm that's only goo
Besides a hardware solution, both browser platforms support Proxy
Auto-Configuration (PAC) files. But, this is a last-ditch effort by those in
the know. IE, in particular, has been known to dislike PACs.
Another alternative is to use the login script to modify the registry. Not
pretty, but it work
Actually, I don't think so. The GPO path reference below appears to be
missing the "Internet Explorer Maintenance" entry under Windows Settings.
This would lead me to believe that it is a Microsoft-centric policy setting.
-Original Message-
From: Richard Sumilang [mailto:[EMAIL PROTECTED]
GPO, there is a setting in the Computer Configuration section I believe
-Original Message-
From: Richard Sumilang [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 08, 2003 2:47 PM
To: [EMAIL PROTECTED]
Subject:[ActiveDir] Proxy Server
I'm running DHCP from my Windows 2000 S
Title: [ActiveDir] Proxy Server
Well, one benefit of going ahead and using
IEAK is that if you use the Auto Config feature and change your
settings/environment after the initial deployment of your IEAK package, then you
can simply update the .INS file and the settings will be applied durin
Oh wait, hmmm that's only good for IE. Is there a way to do it
regardless of their browser?
On Tuesday, July 8, 2003, at 12:05 PM, <[EMAIL PROTECTED]> wrote:
Using GPO:
User Configuration
Windows Settings
-Connection
-Proxy Settings
You can use IEAK for similar
I assume that will work for whatever browser they are using correct
(doesn't have to be IE)?
On Tuesday, July 8, 2003, at 12:05 PM, <[EMAIL PROTECTED]> wrote:
Using GPO:
User Configuration
Windows Settings
-Connection
-Proxy Settings
You can use IEAK for similar
Title: Message
My
spell checker broke my joke...
I ment
to say Marchitecture. As in Marketing Architecture.
I
think the who IIS part is just a bad thing..
Todd
-Original Message-From: Myrick, Todd
(NIH/CIT) Sent: Tuesday, July 08, 2003 1:02 PMTo:
'[EMAIL PROTECTED]'
Title: Message
Actually, a better strategy to use for M/A/D activities
(merger/acquisition/divestiture) activities is to use domain name(s) which are
completely removed from the company's name.
One
of my two unofficial titles while we were part of a larger company was "Iron
Chef - Migrati
I think both should be considered together. Example.net will be at the top (empty
forest root) and ad.example.net will be the production child domain where you have all
the user accounts and resources. Makes it easier when it comes time for
aquisition/merger/spin-off/political and diplomatic emp
Title: Message
You've apparently never met the pimp^H^H^H^H salesman of the StIcK, have
you?
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: Gil Kirkpatrick
Title: Message
According to the "Technical Overview
of Microsoft Identity Integration Server 2003" whitepaper, MIIS 2003 is
the third major release of Microsoft's metadirectory product. This would mean
that, yes; MIIS is indeed the next version of the MMS product.
http://www.microsoft
Title: Message
Yes it
is a new Architecture product from MMicrosoft.
The
next question should be does it use IIS?
Todd
-Original Message-From: Thommes, Michael
M. [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 11:57
AMTo: [EMAIL PROTECTED]Subject: RE:
[Activ
Title: Message
I've
always used the freeware predecessor to StIcK called KicK. Its not quite as
fancy, but it requires no additional hardware.
-gil
-Original Message-From: Ayers,
Diane [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 7:51
AMTo: [EMAIL PROTECTED]Subject: RE
Title: Message
Mike,
You're
basically correct, although the renaming of MMS is accompanied by a broader IM
strategy incorporating other products, services, and partnerships. MSFT is going
to spell it out at Catlyst this week (today I think). IM has become a strategic
issue for MSFT, partly
Title: Message
I stil prefer the upgraded version, bIg stIck®
Diane
-Original Message-From: Myrick, Todd (NIH/CIT)
[mailto:[EMAIL PROTECTED]Sent: Tuesday, July 08, 2003 7:37
AMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir] AD, Logon times & Custom messages
I
ordered 1
Shorter is better, IMO.
Now, you *could*, although I haven't tried it, do a non-contiguous forest
using a contiguous namespace. This might get a little convoluted...
In other words, it should be possible to create the root domain as
root.example.net. Once that's complete, you should be able to in
Title: Message
I've
been told that MIIS is really just MMS 3.0 renamed. The description of the
software would seem to indicate so. Is this true?
Mike
Thommes
Argonne National Laboratory
-Original Message-From: Myrick, Todd (NIH/CIT)
[mailto:[EMAIL PROTECTED]Sent: Tuesday, Ju
I am wondering if there is a preferred location for the first (AKA root)
domain in a AD forest given these parameters.
Company name is example and they have a Internet presence at example.com.
They have registered example.net for there AD DNS structure. example.net
will never be resolvable in the
Title: Message
Why
not use a tool like Aelita's In-trust http://www.aelita.com/products/InTrust.htm to
run the scans against the production environment, I would also mention
BV-Control, but I am mad at bindview right now and don't want to promote their
products. (Long story). It would be le
We run application center and SP4 seems to corrupt MSSQL$MSAC. To correct it is easy
enough, you uninstall MSDE through app center install and then re-install and re-apply
MSDE SP2.
>>> [EMAIL PROTECTED] 07/07/03 03:40PM >>>
Anyone installed SP4 yet on their DC's?
If so, have you had any issues?
Title: Message
I
ordered 10 StIcK's (tm) and they work great. I name my StIck's for the
special purposes they serve. The best thing is one size fits
all!
Toddler
-Original Message-From: Roger Seielstad
[mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003
8:56 AMTo: '
Well, a couple of solutions exist here:
1. You can set a generic notification at logon time
Start->Programs->Administrative Tools->Local Security Policy->Local
Policies->Security Options-> Message Text/Title for Users Attempting to
Logon
You could say something menacing like "I know wh
Excellent info!
Keep this stuff coming.
I also use the GPO to enforce group memberships as well as some registry
tips. I plan to write a story on my Blog soon that talks about this
information. I will send you the URL when the blog starts to take shape.
Todd
-Original Message-
From:
Title: Message
We are
in the process of evaluating MIIS here, and AD is currently our source for
authentication information, for Enterprise application, we are using a custom
database running on Critical Path to sync with other application directories,
and get a metaview of the information f
Title: Message
This
vbscript unlocks all users in a OU, modify for your needs
while
TRUE
Set objOU =
GetObject("LDAP://OU=Spider,OU=Betalingsverkeer,DC=rnbvu,DC=rabobank,DC=corp")objOU.Filter
= Array("User")
For Each objUser In
objOU call
unLockUser(objUser.sAMAccountName)Next
Hi All,
I am testing folder redirection in windows 2000 with positive results except
for one problem:
In the policy removal section I have checked the option to redirect the
folder back to the local user profile location
when policy is removed.
When I remove the policy the user still goes to the s
Title: Message
My father must have had a PhD in StIcK(tm).--Sent from my BlackBerry Wireless Handheld - Original Message - From: ActiveDir-owner Sent: 07/08/2003 08:55 AM To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> Subject: RE: [ActiveDir] AD, Logon times &
Title: Message
The
StIcK(tm) is a wonderful tool for addressing those issues which aren't quite
technological in nature. Its generally applied, somewhat liberally, by a trained
professional.
Roger
--
Roger D. Seielstad -
MTS MCSE
Title: Message
I know
that your program is far better than any script but an unlock script is easy to
do and might give a starting point to people wanting to write scripts. What
I've done before is:
net
user > users.txt
Load
the users.txt file into Excel and remove the header/footer. Ma
Title: Message
nice
tool Joe, but you should add a time filter. In an attack-scenario (be it
hacker or auditors), you don't necessarily want to unlock all the locked
accounts you find - instead you want to unlock the ones that were locked after a
specific time (this is the approach I took -
Title: Message
And what, exactly would be StIck?
How would ISA server, or a web filter program change/customize the
logon message?
Thanks.
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Roger Seielstad
Sent: Tuesday, July 08, 2003 06:43
Title: Message
The
right tool for this job might just be the StIcK(tm) ;)
Roger
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: [EMAIL PROTECTED]
[mailto:[EM
46 matches
Mail list logo