Hi all,
I've subscribed to this list for this question so forgive me if this is
something recently covered.
I'm trying to do an LDAP query that appears to be uncommon. LDAP is new to
me in the last few days so I'm starting from the ground up.
Basically I need a filter something like this: (if
~
I would like for our internal AD DNS to only host records for our
internal systems and forward any other unresolved requests.
~
Won't happen when you are using the same name both internally and externally.
Your existing solution (
That is under the user configuration so therefore it applies to the user
logging in not the machine. So the machine should be able to still get
and install updates deployed thru SUS. Course only positive way is to
use a test OU with a test machine.
On Tue, 14 Dec 2004 13:31:42 -0500, Salandr
>From what I can determine You CANNOT Delete or add any files if the
image is of a NTFS partition. Unfortunately ours is NTFS. So the
easiest thing I can think of is to create the image under fat32. But I
need the final to be NTFS. So Is there a way I can have the system
convert to NTFS automat
Ghost explorer allows you to remove files from a NTFS partition that's
been imaged.
Regards
Tim Sutton
IT Systems Manager
Troup Bywaters & Anders
Eastgate House
10 Eastgate
LEEDS LS2 7JL
Tel: 01132432241
Fax: 01132424024
E-mail: [EMAIL PROTECTED]
Privilege and Confidentiality Notice
Th
I agree with you on this one, Jorge. I'm sure it drops it out off all
the images I've taken so far. Worth checking though.
Regards
Tim Sutton
IT Systems Manager
Troup Bywaters & Anders
Eastgate House
10 Eastgate
LEEDS LS2 7JL
Tel: 01132432241
Fax: 01132424024
E-mail: [EMAIL PROTECTED]
Pr
We have it done through a Watchguard firewall so the vpn is established
but if your password has expired you'll be prompted to enter a new one
and than that's cached locally I believe, but I'll check.
I'm sure exchange will ask for a new one though if yours has expired.
Regards
Tim Sutton
IT
Plus, even though I am the Enterprise Admin, I am getting access denied
when trying to access some systems, but I have no problems connecting to
them or doing anything else on them
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: T
I have however I have multiple domains and am having a hard time getting
it to consolidate to one report.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Tuesday, December 14, 2004 4:35 PM
To: [EMAIL PROTECTED]
Subject: RE: [Activ
>>I would like for our internal AD DNS to only host records for our internal
systems and forward any other unresolved requests
When a DNS server is told that it is authoritative for a zone, it takes that
responsibility seriously. This means that it considers ANYTHING that is not
in that zone non-
Lots of options:
http://www.ultratech-llc.com/KB/?File=Inventory.TXT
-ASB
FAST, CHEAP, SECURE: Pick Any TWO
http://www.ultratech-llc.com/KB/
On Tue, 14 Dec 2004 15:21:01 -0500, Salandra, Justin A.
<[EMAIL PROTECTED]> wrote:
> Does any one know of a good Product that I can use to scan my netw
Justin,
Have you seen Microsoft's Software Inventory Analyzer
(http://www.microsoft.com/resources/sam/msia.mspx)?
Mike Thommes
-Original Message-
From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]
Sent: Tuesday, December 14, 2004 2:21 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] OT
Your clients should continue to receive updates through SUS. However
the will not be able to access Windows Update and install patches
through the browser.
Regards,
Aric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salandra,
Justin A.
Sent: Tuesday,
Justin,
http://www.ezaudit.com/ does the job and is cheap...relatively
speaking...
James
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chris Blair
Sent: Wednesday, 15 December 2004 6:23 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT: Inventory S
I am more concerned about my clients not being able to automatically
download from the SUS Server if I configure that setting.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dennis Depp
Sent: Tuesday, December 14, 2004 4:00 PM
To: [EMAIL PROTECTED]
Subjec
Does any one know of a good Product that I can use to scan my networked
PCs and conduct a software inventory?
Justin A. Salandra, MCSE
Senior Network Engineer
Catholic Healthcare System
212.752.7300 - office
917.455.0110 - cell
[EMAIL PROTECTED]
List info : http://www.activedir.org/mail_list.h
I'm not sure about the SUS stuff. I have this set on my terminal
servers. While I can access the site, I get a message telling me
access is denied. You might want to set your SUS computer in a
special OU, or setup the ACL for thr GPO to deny apply GPO settings
for the SUS computer.
Dennis
On T
snort has a add on program called hogwash that is an IDP. you can run snort in
inline mode.
however, i'm looking for an IDP that runs internally and can stop irc bots from
executing on client pc's and creating outbound connections, flooding my network.
i'm not sure if hogwash is a good solution
Got this off of another list. Looks very promising:
http:/.sydi.sourceforge.net
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salandra,
Justin A.
Sent: Tuesday, December 14, 2004 2:21 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] OT: Inventory Software
Won’t happen since both are the same DNS
name
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edwin
Sent: Tuesday, December 14, 2004
1:01 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Domain
Name and DNS Problems
That is why I mentioned
that's likely the photo or the thumbnailPhoto attribute (both octet
strings) - best way to kill your AD. There are a couple of tools out
there that allow uploading a user's photo to this attribute... The
downside: every user has the right to do so on his own account (via the
SELF security principa
Your assuming in your second paragraph.
For “every day admin” perhaps, but for searching a subtree that you
don’t have list_contents to (which is of course the point J) it could in theory be
large. Recall that admin is usually a small % of your load. Users/apps tend to
be most of it.
~E
Unless Snort has added some features it is just an Intrusion Detection
System and does not offer Intrusion Prevention.
Phil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sean Johnson
Sent: Tuesday, December 14, 2004 1:30 PM
To: [EMAIL PROTECTED]
Subje
nope. you'd need to migrated - even with domain rename
(which also allows you to change parent/child relationships of domains) you
can't change which domain is the root of your forest.
/Guido
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Calders
StijnSent: Tuesday, Decem
That is why I mentioned the Perl script that is used. That is exactly what it does. But this is not what I would like to see. I would like for our internal AD DNS to only host records for our internal systems and forward any other unresolved requests.
On Tue, 2004-12-14 at 09:29 -0500, Sal
Edwin,
You could theoretically upgrade your
Exchange server to E2K3 followed by an upgrade of the OS to W2K3. At this
point, even with the W2K Pro systems, you could perform a domain rename
assuming your forest has a functional level of (2) Windows Server 2003 as a fix
now exists for E
Using Hyena, I can add a photo to a user object.
I cannot find what the attribute name is for the photo.
It looks like the photo itself is added to the database not just the path.
Are there any not used default attributes so I could use a path, instead of
embedding photos into AD?
Thanks,jb
List
If I set the policy "Remove access to all Windows Update Features" will
that prevent the Windows Update from updating from the SUS server I have
configured using GPO as well?
Justin A. Salandra, MCSE
Senior Network Engineer
Catholic Healthcare System
212.752.7300 - office
917.455.0110 - cell
[EMAI
Snort ( http://www.snort.org ) won't cost you anything other than the
time to learn it, and really no matter what kind of IDS solution you
use, there is a decent learning curve to overcome.
On Mon, 13 Dec 2004 18:05:50 -0500, Kern, Tom <[EMAIL PROTECTED]> wrote:
> my company is looking at getting
Return Receipt
Your RE: [ActiveDir] making another domain forest root
document
:
Return Receipt
Your RE: [ActiveDir] making another domain forest root
document
:
In W2K3 AD in DFL and FFL W2K3
you have the possibility to rename and/or reposition AD domains within an AD
forest. You can however rename a forest root domain but you can not reposition
it. A domain rename/reposition is also only possible when certain systems accept
it (e.g. E2K3 with SP1)
You didn't say what the BIND domain is or how many actual domains you have
(AD Domains).
That said, have you seen dnscmd.exe and what it can do for you?
http://www.microsoft.com/resources/documentation/WindowsServ/2003/all/deploy
guide/en-us/Default.asp?url=/resources/documentation/WindowsServ/200
yep, makes sense - with list object mode turned on and the
list content right removed on the parent, you're forced to check if an object
itself is to be displayed or not, which is a permission set on the object.
When the mode is turned off (default), you just either add all
children to the
34 matches
Mail list logo
