Title: Message
Hello Andrew,
no, that's not able to extract in AD.
The most popular solution for that request is to log that
to a central file or database within the logon-script.
Gruesse - Sincerely,
Ulf B. Simon-Weidner
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
It uses either Kerberos or NTLM based on the best protocol that can be negotiated (using the Negotiate protocol). I dont believe you can disable the netlogon. Also, your question doesnt make sense to me as the server IS using Kerberos (or NTLM) to authenticate the user to AD.Oh, I don't know
-BEGIN PGP SIGNED MESSAGE-
We are seeing quite a few MSADC 8139 errors that talk about ensuring the
servers are in sync. We have confirmed our Win2k DC's and Ex5.5 servers are
in sync to within sub 1 second.
Any ideas why these we still get this alert.
Roy
-BEGIN PGP SIGNED MESSAGE-
We are seeing quite a few MSADC 8139 errors that talk about ensuring the
servers are in sync. We have confirmed our Win2k DC's and Ex5.5 servers are
in sync to within sub 1 second.
Any ideas why these we still get this alert.
Roy
Kerberos is the protocol of choice in Windows 2000/2003 domains.
Kerberos will be initially used on any authentication requests between a
Winsows 2000 or higher client and a Windows 2000/2003 resource. If the
resource is an NT 4.0 server of if Kerberos fails, the authentication
will resort to
While I can't get this information from Active Directory, it is possible
to get this information from the domain controllers. You can look
through your security logs on the domain controllers for event 540.
This event will give you the user who logged on and also the ip address
of the machine
Title: Message
Are you referring to "in the past"? Only by looking at
security audit records or writing an app that stores the information, as other
people have already said.
But if you are referring to "currently logged on", you can
get that:
IIRC, the 8139 error actually talks about modifications that were made on
the source and target out of order. The source target was updated after the
source before sync in other words. This can be caused by time sync issues
as you can imagine, but in your case if the time sync is properly
-BEGIN PGP SIGNED MESSAGE-
Time sync is working on all DC's fine.
We check that no other admin tasks were taking place, for a period of time,
30 minutes, we had over 700 event id for 8139, this has now dropped to just
5 in the past 2 hours. We stopped the ADC replication, restarted the
Title: Message
The below link on JSI shows a way to pull it from the
DCs.
http://www.jsiinc.com/SUBQ/tip8400/rh8433.htm
Dave
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Caple,
AndrewSent: Tuesday, September 07, 2004 10:07 PMTo:
[EMAIL PROTECTED]Subject: [ActiveDir]
Stumbled upon an issue couple of days ago and wanted to hear what you guys think about
it.
Suppose that your AD is called myad.com and you also configure additional UPN suffix
company.com.
Now I create 2 users in child.myad.com child domain:
1) sAMAccountName: guy
userPrincipalName: [EMAIL
Title: Message
Thanks
everyone for your help --- it will make my life a lot
easier!
Andrew
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Perdue David J Contr InDyne/Enterprise ITSent:
Thursday, September 09, 2004 2:00 AMTo:
'[EMAIL
12 matches
Mail list logo