Hi,
At the moment the network runs W2KSP3 and upgrading the complete network
(trust me its large, maybe not as large as other networks, but its large) to
W2K3 is not an option, at least not now. I'm aware of the shortcommings of
the W2K DFS and the advantages of W2K3 DFS. The least-cost site
Thanks Joe,
this is very useful to us, while waiting for ADUC in SP1 to show the
info :-)
Ole Thomsen
-Original Message-
From: joe [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 13, 2004 1:59 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Unable to see users group membership
Title: Message
Self
explanatory he says, LOL, "I think not :)". The final line should have
read -
PPS -For the sake
ofcompleteness,there's also a 3rd referral behavior known as "same
site only" which seems fairly self
explanatory.
Deano
-- Dean Wells MSEtechnology ( Tel: +1 (954)
C:\netdom trust wh1 /domain:ccc.ourcompany.com /verify /verbose
Establishing a session with \\WHPDC01
Reading LSA domain policy information
Establishing a session with \\cambindc01.ccc.ourcompany.com
Reading LSA domain policy information
Verifying the trust between trusting domain wh1
and trusted
Title: LDAP Query Question
I would be using ADFIND but
unfortunately this is for an application that requires LDAP query strings
I just got softerra ldap browser yesterday I must be encountering a
steep learning curve. I havent felt this dumb for awhile J
From:
[EMAIL PROTECTED]
We are looking to
add a certificate to one of our web servers so we can do an https session over
it. This will be for our users to access OWA over a secure
connection. Instead of purchasing a certificate from Verisign we would
like to put up a CA server and use our own certificates.Is this
The certificate doesn't do anything about authentication
from a DC standpoint necessarily. The DC is still required for
authentication of the user credentials as well as authorization services.
The certificate will allow your user to encrypt the conversation from the web
client to the web
Also, if you don't want to go through the hassle of installing a CA you can
generate a cert using OpenSSL. Very easy. As Al already mentioned users
will get a popup using this method as well.
Resource: http://eal.us/blog/_archives/2003/6/2/25109.html (make sure you
take note of the section
Title: RE: [ActiveDir] Certificate Services
Thanks guys. One question about this line The client will require access to the CA machine if only one machine is hosting all functions. I'm a little confused by this. The server that the cert will be installed on is in a DMZ. We plan on putting it
I may have missed something here, but I read This tutorial assumes that you
have a Linux box with OpenSSL installed,and that you want to create a
self-signed certificate for IIS5.0
As indicating that I would have to setup a CA regardless. I think what I
was getting at in his case is that he may
Just saw these in
another list boys. Thought I'd pass it along.
My apoligies if it
is a double post.
http://support.microsoft.com/?kbid=838236
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/gp/
217.asp
This is actually a GPO setting.
On Apr 19, 2004, at 1:20 PM, Mulnick, Al wrote:
That's a great question; I wish I had a good answer for you, but I
think you
may have better luck posting this question on a scripting
Does anyone know of a Microsoft endorsed way to change a win2k3 user
object to an InetOrgPerson object without having to export the
information and reimport it? There is a potential that some of our
clients will need to interact with active directory from an alternate
client. This change
Title: RE: [ActiveDir] Certificate Services
When you issue a certificate, you generally want to control
it as well. In order to trust the cert, you generally have to have access to the
certificate store or one of the components to verify the trust hierarchy.
If the CA is unavailable, then
Hi Tom,
See
http://support.microsoft.com/default.aspx?scid=http://support.microsoft.com:80/support/kb/articles/Q252/3/88.aspNoWebContent=1
Mike Thommes
-Original Message-
From: Kern, Tom [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 20, 2004 3:19 PM
To: ActiveDir (E-mail)
Subject:
I should've added this reference also:
http://www.winnetmag.com/Windows/Article/ArticleID/39421/39421.html
Mike Thommes
-Original Message-
From: Kern, Tom [mailto:[EMAIL PROTECTED]
Sent: Tuesday, April 20, 2004 3:19 PM
To: ActiveDir (E-mail)
Subject: [ActiveDir] Default printer logon
Tom,
Maybe this can help: Changing a User's Default Printer in the Registry
http://support.microsoft.com/default.aspx?scid=kb;en-us;156212Product=win2000
or if that wraps horribly:
http://tinyurl.com/27cr9
good luck,
john
Kern, Tom composed the following message @ 04:19 PM 4/20/2004:
Sorry
Printers are user specific.
The script needs to run in user context.
Guy
On Tue, 2004-04-20 at 23:19, Kern, Tom wrote:
Sorry for the off topic.
I'm running a VBscript to set the default printer to always be the same printer on a
workstation( we have a legacy Paradox dos app and it always
Lara,
I haven't really spent any time trying to undo the kerberos entries created
by the custom admin template, so I don't have any useful input at this
point. I'll see if I can take a look at this at some point in time.
As for your problem with the Service Principal names, we do not
Title: LDAP Query Question
What do you mean by
I would be using
ADFIND but unfortunately this is for an application that requires LDAP query
strings
-
http://www.joeware.net (download joeware)
http://www.cafeshops.com/joewarenet (wear joeware)
From: [EMAIL PROTECTED]
Title: LDAP Query Question
A couple of things
1. You don't really need objectclass for this query. You
may or may not get a performance gain for removing it.
2. You don't mention anything around the *SMS* part of the
query.. if you don't need it, dump it, it will be the slowest part of your
Title: LDAP Query Question
A few things inline (in red)
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Tuesday, April 20, 2004 8:30
PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] LDAP
Query Question
A couple of things
1. You don't really need
22 matches
Mail list logo