Does anyone know of any sources of information that can show me how to
create Query Definition files to be used with the Query manager in ADUC
2003 ?
Olly
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
First, to the original question... If you still haven't solved your ISA
problem, head on over to www.ISAServer.org... There's lots of great
documentation, great forums and a great mailing list all dedicated to
ISA server there...
What Joe(@joeware.net) said is generally correct, but I have
Title: Message
75%
of our users have laptops, and they do tend to move around a
lot.
Also,
its a holdover from when we had Win95 everywhere - we used to have a lot of
problems with boxes holding onto IP's even after changing subnets, so we forced
them to have to look every two hours (i.e.
Yeah, but have you seen this one???
http://support.microsoft.com/?id=833407
A critical update is available to remove unacceptable symbols from the
Bookshelf Symbol 7 font
Exactly what symbol slipped by and made it into the final release??? Gonna
have to check that out..
Title: Message
It wouldnt be the first time I was
mistaken :-) Id rather you guys set the record straight
The security package I saw in particular
was eTrust Admin 1.2. Youd load a server with eTrust Directory, and put
an agent on NT4 and Win2k DCs and it provisioned users between the
Roger Seielstad wrote:
Yeah, but have you seen this one???
http://support.microsoft.com/?id=833407
A critical update is available to remove unacceptable symbols from the
Bookshelf Symbol 7 font
Exactly what symbol slipped by and made it into the final release??? Gonna
have to check that
From what I hear, it's a swastika.
mc
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 9:14 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] MS04-006 - Serious hole that needs patching - thi nk Blaster++
Yeah, but have you seen
There are two swastika-type symbols, or it might be a swear word in Japanese
or Chinese because there are a number of those too...
Rich
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 8:14 AM
To: '[EMAIL PROTECTED]'
Subject: RE:
Interesting. Thanks for pointing that out..
--
Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
-Original Message-
From: Tomasz Onyszko [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004
Title: Message
Im having trouble with a system
which is dual-homed. Both NICs have private addresses. One NIC is associated
with domainA.com, which is an internal-only AD domain. The other NIC is
associated with domainB.com, which is an Internet presence domain.
The problem is that on
Following up to my own question, I found this KB article
this morning. Might be good to have on hand for anyone if they were to run
into this sort of situation.
Took alot of digging :-)
http://support.microsoft.com/default.aspx?scid=kb;EN-US;216359
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Title: Message
There's a tick box on the NIC properties that tells it to
register DNS. Not near a machine at the moment to remember it
exactly. You want to de-select it and then remove it from the DNS.
Otherwise it will re-register itself on a regular interval.
Al
From: Creamer, Mark
Title: Message
The i, j business in Fortran is because those variables
default to being integers (as, I think, do k,l,m,n) - loops need integer
variables so you always used the first available integer variables for your loop
counters.
Steve
From: joe [mailto:[EMAIL PROTECTED]
Sent: 09
Title: Message
Well,
"Right off the bat ..." as Joe would say, I'm interested in this thread. I
have a situation which off-handedly relates to this and I'm curious what the
Brain Trust (capitalized personal pronouns out of sincere respect) have to say
about it. Here's my situation, not to
I have noticed that logons take an enourmous amount of time on non DC
Windows 2000 Servers if the Server running the Domain Naming Master is
rebooting. Why is this?
Justin A. Salandra, MCSE
Senior Network Engineer
Catholic Healthcare System
212.752.7300 - office
917.455.0110 - cell
[EMAIL
Title: Message
Al, thanks, but thats what I
mentioned below in my posting. I unchecked that box, but it still re-registers.
Anything else I can look into?
mc
-Original Message-
From: Mulnick, Al
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004
11:43 AM
To:
Is the Domain Naming Master FSMO on the same DC that is the PDC emulator??
-Stuart
-Original Message-
From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 11:14 AM
To: ActiveDir (E-mail)
Subject: [ActiveDir] Domain Naming Server FSOM
I have noticed
Fuller, Stuart wrote:
Is the Domain Naming Master FSMO on the same DC that is the PDC emulator??
Or is it a GC server in this site (did You have more GC)?
--
Tomasz Onyszko [MVP]- [EMAIL PROTECTED]
http://www.w2k.pl
List info : http://www.activedir.org/mail_list.htm
List FAQ:
Title: Message
I think I just found the answer. Theres
an article KB246804 which describes various scenarios affecting dynamic
registration. Turns out because this server is a DNS server, the DNS service
itself is creating the A record for both NICs. Theres a registry REG_SZ
value that
If any of you use Basic Authentication over HTTP or HTTPS you need to read
this.
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
Bulletin/MS04-004.asp
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security
/Bulletin/MS04-004.asp
The cumulative
Title: RE: [ActiveDir] MS04-004
Anyone know if this also applies to ftp connections too. On the SMS list one guy says it does and others say it doesn't? I haven't deployed the patch yet but plan on doing it soon.
Mike
-Original Message-
From: Salandra, Justin A. [mailto:[EMAIL
Title: RE: [ActiveDir] MS04-004
According to russ cooper on ntbugtraq, it
does.
-Original Message-
From: Celone, Mike
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004
3:36 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] MS04-004
Anyone know if this also
According to KB834489
(http://support.microsoft.com/default.aspx?scid=kb;en-us;834489), it only
applies to HTTP/HTTPS
Hunter
From: Celone, Mike [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 1:36 PM
To: '[EMAIL PROTECTED]'
Subject: RE:
Is there anyway to permit the basic authentication after it is installed?
-Original Message-
From: Coleman, Hunter [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 3:47 PM
To: '[EMAIL PROTECTED]'
Subject:RE: [ActiveDir] MS04-004
According to KB834489
NO It is on the Schema Master
-Original Message-
From: Fuller, Stuart [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 1:45 PM
To: '[EMAIL PROTECTED]'
Subject:RE: [ActiveDir] Domain Naming Server FSOM
Is the Domain Naming Master FSMO on the same DC that is
The server is in a site with 3 GC
-Original Message-
From: Tomasz Onyszko [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 1:56 PM
To: [EMAIL PROTECTED]
Subject:Re: [ActiveDir] Domain Naming Server FSOM
Fuller, Stuart wrote:
Is the Domain Naming Master FSMO
so does this have any affect on the dialog box IE shows you for basic auth? does that
still work?
-Original Message-
From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 3:49 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] MS04-004
Is there anyway
It should only affect URLs that embed user names and passwords. Otherwise, I
don't see anything that would bugger up basic authentication. But let us
know what you find on your test bench...
-Original Message-
From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February
Title: RE: [ActiveDir] MS04-004
If it applies to ftp they how are people going to FTP?
-Original
Message-
From: Kern, Tom
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004
3:43 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] MS04-004
According to russ cooper
on
That still works, it is only, as far as I can tell, when you try to use
basic authentication through http or https
(http://username:[EMAIL PROTECTED]/resource)
-Original Message-
From: Kern, Tom [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 3:58 PM
To: [EMAIL
What we have seen is that the urlmon.dll will get de-registered when
this patch (and a few others in the past) gets installed.
We placed the following line in our Machine startup script so that when
users get the problem with blank pop up boxes they just reboot to fix
it.
Regsvr32 urlmon.dll
Celone, Mike wrote:
Anyone know if this also applies to ftp connections too. On the SMS
list one guy says it does and others say it doesn't? I haven't deployed
the patch yet but plan on doing it soon.
It doesn't affect FTP
--
Tomasz Onyszko [MVP]- [EMAIL PROTECTED]
http://www.w2k.pl
List
I concur. And frankly, those aren't all that secure to begin with, so I
don't see it as a huge deal.
--
Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
-Original Message-
From: Coleman, Hunter
Title: Message
It
applies to ftp only so far as people entering or clicking on authenticated FTP
links in IE:
ftp://user:[EMAIL PROTECTED]/
will fail
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis
Salandra, Justin A. wrote:
Is there anyway to permit the basic authentication after it is installed?
This patch doesn't remove support but its give You a decison, You want
or You don't want to use URLS in http(s)://user:[EMAIL PROTECTED] This
is well described in KB834489
just finished testing it.
it works fine with the dialog box.
-Original Message-
From: Coleman, Hunter [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 4:04 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] MS04-004
It should only affect URLs that embed user names and
Salandra, Justin A. wrote:
If it applies to ftp they how are people going to FTP?
If You don't supply user credentials in FTP url IE simply show You a
window where You can enter You username and password.
MS04-004 blocks only specific URL synatax, not basic authentication at all.
--
Tomasz
Title: RE: [ActiveDir] MS04-004
It works via FTPing
thru IE and entering a username/password in the dialog box.
-Original Message-
From: Salandra, Justin A.
[mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004
4:06 PM
To: '[EMAIL PROTECTED]'
Subject: RE:
Until we can do it another way it is a huge deal here at my company with
over hundreds of people accessing Outlook Web Access this way from home or
remote locations.
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 4:15 PM
To:
Jeremy Waldrop wrote:
Are there any issues using password complexity with Win9x clients other
than Win9x clients not caring about case?
Windows 9x allows shorter passwords than Windows 2000/XP
--
Tomasz Onyszko [MVP]- [EMAIL PROTECTED]
http://www.w2k.pl
List info :
Win9X clients in Windows 2003 AD? Do
you really want to do that? Why dont you upgrade the OS?
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jeremy Waldrop
Sent: Wednesday, February 11, 2004
3:34 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Password
Complexity
So your users can remember to type
http://username:[EMAIL PROTECTED]/resource
But they can't remember to type
http://servername.domain.com/resource and then enter their username and
password when prompted?
-Original Message-
From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]
Sent:
Are they using the directory client?
Haven't really tried very hard with Windows 9x clients, but since the
complexity is enforced at the domain, I would expect that you can do this
and expect it to be enforced for domain access. Windows 9x clients will
have the option of not using the password
OK, I have another scripting question. Here's the scenario...
A domain of servers (probably W2K AD, but not certain; I don't have all the
details yet...). On each server, there are some files with a certain
extension created by a legacy application. No rhyme or reason as to their
location. I need
DC0 - FRS: 13508, 5 days ago, no 13509 following; DNS:
6702, 1 a day.
DC2 - FRS: 13570, 1 a day; 13508 and 13509 following; DNS:
6702, 1 a day.
DC1 - few events, all info, nothing looks
related.
I have DFS shares between DC0 and DC2.
FRS acts like it can't see DC2 with the
FQDN.
In the
Regarding MS04-004, you all should be aware of the following:
http://support.microsoft.com/default.aspx?scid=kb;en-us;831167
This issue is affecting us significantly.
Mike Thommes
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 11, 2004 3:15
46 matches
Mail list logo
