Thanks again Joe and Darren
I did a RD of how the GPOs are getting stored. I will
share info with you.
First I took the backup of a GPO then observed that GptTmpl.inf
stores few information other than Administrative Template settings.
Then reset the information in the GptTmpl.inf
Return Receipt
Your RE: [ActiveDir] Active Directory Programming
document:
If you disable the firewall is all ok? You should really be disabling
the firewall while inside the network perimeter as it seems to cause all
sorts of comm and domain issues.
Rob
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Cothern Jeff D.
Team EITC
First off, I have found no major problems with the firewall turned on.
We have had to make some settings to allow some products, including SMS,
to work with their full functionality. Since everything works with an
Admin account, but not with a standard user, my guess is this is a
permission
Maybe the service should run as administrator. Do you need to open any
ports on the XP Firewall?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Cothern Jeff D.
Team EITC
Sent: Monday, September 20, 2004 5:19 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir]
When rebooting the computer, didn't that stop and start the service for
Windows Firewall?
Perhaps we can utilize GPO to disable the Windows Firewall in the
services section of Computer Configuration.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of J0mb
I've loaded adsi editor and adsi sdk. Thanks for the suggestions.
Where, in the editor (which property name) or sdk, will I find the attributes for the
fields?
Thanks.
-Original Message-
From: Mulnick, Al [mailto:[EMAIL PROTECTED]
Sent: Monday, September 20, 2004 12:29 PM
To:
When you open ADSIEDIT.msc then it brings up the domain naming context. If
you drill down until you find the users you're interested in, you can
right-click and select properties to view the details of the user. Find the
attribute in the list and note the details.
Al
-Original
No issues in a corporate environment? I will admit that I had a few
issues and then jut canned it as we used Checkpoint secureclient.
Geoff, which version of SMS are we talking about?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Depp, Dennis M.
Sent:
Return Receipt
Your RE: [ActiveDir] Active Directory Programming
document
:
Of course rebooting the pc would stop/start the firewall service, but for
some weird reason this doesn't sort out the problem.
And yes, i may disable the WF service through GPO but this would be a last
resort. I'd like to make this work through GPO, because in this case i can
have 2 different
I didn't say no issues, I said no major issues. We were able to use
group policy settings to modifiy the settings of the firewall in SP2 to
open the ports needed for our software to function.
Denny
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
I created this thread a while ago but
something came up that took priority over this question. I would appreciate it
if I could continue to get help on this topic.
For the first user, I assume then that you realize the answer
right?
No, I do not know the answer to this. Could you share
Question:
If you have GPO's at the Site level, can you block Inheritance from
the Block Inheritance tab at the OU?
Thanks,
Mario
***
The contents of this communication are intended only for the addressee and
may
The problem is you are using two totally separate
DNS , not to mention you probably have a firewall between you and the
Exchange server when on the public networkunless I got totally lost
reading thisJ
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edwin
Sent:
Yes, unless it's enforced
Rosales, Mario
[EMAIL PROTECTED]
com
Why would this only affect XP clients?
I do not have the same problem when using Win2K Pro clients from the outside
network.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Douglas M. Long
Sent: Tuesday, September 21, 2004
2:51 PM
To: [EMAIL PROTECTED]
Subject:
We were finally able to track it down to port settings. And the client
loads now
Denny
Would be interested to know where the GPO settings are to modify
the firewall settings for SP2.
Any seen a book yet for the secrets of XP with SP2
Jeff
-Original Message-
From: [EMAIL
Return Receipt
Your [ActiveDir] GPO Inheritance
document
:
If you install SP2 on a machine that had the Windows 2003 admin tools,
you will see the new settings availble. The .adm files are also
available on Microsofts web site. You might want to check out
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/mangxpsp2
/mngintro.mspx there is a
I am having some perculiar behavior. In a 2003 environement with the
group policy management snap-ip I get an error when looking at the
settings for a policy. Dealing with the administrative template. IT
says
Error has occurred while collecting date for administrative template.
The
Yeah, I had this issue when we applied the Windows XP templates to the
policy. I found that installing SP2 on the XP machine that I use to
access the GPO policy.
S
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Cothern Jeff D.
Team EITC
Sent:
This might help. There is a KB article for the error message you get
when viewing a GPO previously opened on a Windows XP SP2 machine.
http://support.microsoft.com/default.aspx?kbid=842933
There are hotfixes available for Windows 2000 SP3 and Windows XP SP1.
Of course, I you are running
Nope wasn't that issue but I found a fix through a hunch. I did a
search on my windows 2003 server for wuau.adm. It was only in the
policy directory. So I copied it to c:\windows\inf and then restarted
the Group policy management and everything worked correctly then.
-Original
Is there a way to set via group policies what machines a user account is
able to login to. As in want the user account to be able to log into
machines in workstation OU but not the machines in any other OU.
List info : http://www.activedir.org/mail_list.htm
List FAQ:
Return Receipt
Your [ActiveDir] GPO Inheritance
document:
Do the XP clients have SP2 on them. If so
perhaps there is something in the windows firewall that is blocking the
connection when connecting thru a public network?
Just a though
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edwin
Sent: Tuesday, September
You can use security policy to control the logon locally right, or more
precisely, you can use the Deny Logon Locally right to prevent your
users from logging into certain machines. For example, you could set
this right on a GPO that is linked to the machines you don't want those
users to log
Sorry, I should have said, ...on a GPO that is linked to an OU where
the machines you don't want those users to log into reside...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia
Sent: Tuesday, September 21, 2004 5:35 PM
To: [EMAIL
Thanks yes that does make sense now. Forgot all about the Deny logon
locally setting
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia
Sent: Tuesday, September 21, 2004 8:43 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir]Group Policy to
30 matches
Mail list logo
