computer configuration, Administrative templates, Windows
Components, terminal services.
Enable "allow users to connect remotely using terminal
services"
Nathan Casey
Network Analyst
WGS-ISD County of Sonoma
[EMAIL PROTECTED]
(707) 565-3519
>>> [EMAIL PROTECTED] 01/25/05 10:46 PM >>>
Hi all from s
Hi all from sunny South Africa
Does anyone know if it’s possible to turn on Remote
Desktop for Windows 2003 by GPO? We are rolling out a whole lot of W2K3 servers
and always seem to forget to turn on this feature J ;(
Regards
Peter Johnson
e:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
__ NOD32 1.982 (20050125) Information __
Thi
w.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
__ NOD32 1.982 (20050125) Information __
This message was checked by NOD32 antivirus system.
http://www.nod32.com
List inf
If you have to resort to lmhosts and hosts files in a 2K3/2K environment,
something wrong with DNS. Ahem... now that I have demonstrated that I am a
genius at stating the obvious. :-p
Let's comment out the entries you put in those files and configure the DCs to
not use lmhosts (in TCP/IP prop
Yes,,,
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Passo, Larry
Sent: Tuesday, January 25, 2005
10:59 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Trust
Problems
In the lmhosts file did you:
rename
it to not have any extension
us
Not to confuse the issue but what I would end up with is a root domain with
Exchange and SQL in it (already set up this way) and a separate domain tree,
not a child domain of the root. I don't really have much choice regarding
Exchange unless I want to rebuild in a different domain.
Its setup t
That's how I read it the first time. The mind plays
tricks with information we already know, I suppose
;)
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul van
GeldropSent: Tuesday, January 25, 2005 4:08 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Informa
Deji,
The way that I read the original post, he was going to consolidate into a
single child domain under a Top Level Domain (i.e. he ends up with a forest
that consists of a TLD placeholder domain and a single child domain under
that). If that is the secnario, all of the forest locator informatio
Thanks Brian and Guido, I really appreciate the help. A single domain under an
empty root makes sense to me in my environment but I really like to get other
opinions before I start a project of this size.
I have only been here 11 months and I haven't seen or heard of any company
being divested.
You really don't want to do this to be quite honest.
The tool should support paged queries because you can't
keep just cranking up the number of values that can be returned arbitrarily
because it can impact the performance and stability of your DCs.
If it doesn't support paged queries,
We are having exactly the same issue. We have an open call with PSS on
this.
For the short term, we make our standard settings the same as the domain
settings. Not real wonderful, but what can we do?
One of the PSS guys mentioned a trick involving unhiding the ipsecshm
"connectiod" via a registry
Well, at a first glance, the title ' Seperating two domain controllers
with in the same domain' is deceiving, in my opinion, making it seem as
if you'd want to have two DCs in the same domain while not
communicating.
The content, however, makes me believe otherwise:
' I would like to seperate two
Ahem.. that, of course, should be:
The size of your private store is the sum of the priv1.stm and priv1.edb
files. Your public store size is the same, but with the pub1.stm and pub1.edb
files.
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
I agree with Aric... I don't think creating a new domain and adding DCs
is going to resolve the end-point mapper error.
Some questions you might want to consider:
What's that patch level on the DCs?
Do you have AV-software running on the DCs?
Anything interesting in the event logs?
Does DCDIAG
Yes.
That answers my
question... Thank you.
John Parker, MCSE IS Admin. Senior Technical
Specialist Alpha Display Systems.
Alpha Video 7711
Computer Ave. Edina, MN. 55435
952-896-9898 Local 800-388-0008
Watts 952-896-9899 Fax 612-804-8769 Cell 952-841-3327 Direct
[EMAIL PROTECTED] "Be
I am not sure how it suggests that - maybe my skull is thicker today
than normal. Hopefully Robert will elaborate.
Regards,
Aric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul van
Geldrop
Sent: Tuesday, January 25, 2005 12:51 PM
To: ActiveDir@mail
The size of your public store is the sum
of the priv1.stm and priv1.edb files. Your public store size is the same, but
with the pub1.stm and pub1.edb files.
I do presume you’re talking about
Exchange here, right.. ? :o)
Regards,
Paul
-Original Message-
From: [EMAIL
Apparently either Paul or myself I confused as to your desire. Maybe
you can elaborate.
Aric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Paul van
Geldrop
Sent: Tuesday, January 25, 2005 12:44 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDi
That’s the one. Thanks.
From: Peck,
John C SITI-ITIPAD [mailto:[EMAIL PROTECTED]
Sent: Tuesday, January 25, 2005
11:23 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
fileacl.exe Replacement
Try SomarSoft's DumpSec (formerly known as
DumpAcl)
http://www.
Hi Aric,
I think you've been deceived slightly by the topic-title.
The title suggests separating the DCs while they stay in the same
domain, the content suggests creating two domains.
Regards,
Paul.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Berna
Hey
all...
is the size of my
store the sum total of the .stm and .edb files?
Thank
you.
John Parker, MCSE IS Admin. Senior Technical
Specialist Alpha Display Systems.
Actually, creating two separate domains in one forest should work just
fine.
Access to resources will work just fine due to the two-way transitive
trusts, and the replication will be much less of an issue.
However, what you might want to investigate first if the reason that the
synch capabilities
Robert,
My guess is that know one on this list will recommend doing what you
suggest. Creating to stove pipes of similar data would not be desired
by any organization especially when the data does not have a specific
technical need (e.g. security) to be separated.
Is it possible? Yes I suppose,
Folks,
I have a quick question, I have two DCs on in Los Angeles, one in San Diego.
The one in LA is the catalog server, the one in SD is the DC, and they are both
running Windows 2000 servers.
I would like to seperate two servers, and create two seperate domains.
The reason is DC are loosing
With apologies to the original poster, I would like to hijack this thread and
respond to Frank's idea on this:
DNS - If you use AD integrated DNS for your AD domains (I did), make sure
that each of your child DCs has a standard secondary of the TLD _msdcs zone
and then have the clients use their
Try
SomarSoft's DumpSec (formerly known as
DumpAcl)
http://www.somarsoft.com/
-Original
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On
Behalf Of Noah Eiger
Sent: Tuesday, January 25, 2005
1:14 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] fileacl.ex
Gil,
Thanks for the quick reply. I will give this a shot
and let you know.
Regards,
Jerry
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gil
KirkpatrickSent: Tuesday, January 25, 2005 2:07 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] AD - Modify
Query Limits
Hi –
I have been using fileacl.exe to show me permissions on
various directories. It does the job, but I recall a few graphical tools that
gave nicer reports and easier interfaces. I have searched the archives and
Google to no avail (except a reference to some expensive enterprise tools
I think Dan has the right idea here. You should be able to create a
transform that can detect whether Office is already installed. MSI
supports so-called LaunchConditions that allow a variety of conditional
statements, such as "NOT Installed" to be executed prior to the
installation. You should be
Try this:
http://support.microsoft.com/default.aspx?scid=kb;en-us;315071&sd=tech
-gil
Gil Kirkpatrick
CTO, NetPro
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jerry
WelchSent: Tuesday, January 25, 2005 12:03 PMTo:
ActiveDir@mail.activedir.orgSubject: [ActiveDir] AD -
Trying to use Softerra LDAP browser, nice tool, but running
into LDAP query policy limiting access to only 1,000 objects. Can
someone help with what it takes to change the AD Query Policy to allow more
returns?
Thanks,
Jerry
In the lmhosts file did you:
rename
it to not have any extension
use
the #PRE and #DOM entries
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Hogenauer
Sent: Tuesday, January 25, 2005
8:06 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDi
Is anybody really familiar with the GPO settings that control the XP2
firewall on/off network configurations?
What I'm trying to do:
I'm trying to setup and test IPSEC vpn connectivity back to the corp network
and use the XP2 firewall as the firewall of choice.
Expected results:
When I am off th
In most scenerios the clients use dhcp and that registry entry is
there by default. I don't think many people take the time to manually
add the "sitename" entry for all of their clients, but it is good to
know that there are 2 possibilities, especially the fact that the
"sitename" overrides the "dy
Do you know if the policy actually has the full string and is simply not
being applied properly? Look at the text file with the notice in it and that
will tell you if the issue is with the tool writing the policy or the
clients in applying the policy.
joe
-Original Message-
From: [EMAI
The functionality is there with GPOs. You just have to use a shorter
message. I've never had any luck getting a longer message to work via
GPO.
//SIGNED//
David J. Perdue
Network Security Engineer, InDyne Inc
Comm: (805) 606-4597DSN: 276-459
So I have a 2
way external trust from a Windows 2000 forest to a Windows 2003 forest.
I’m in
the process of migrating the 2000 forest to the 2003 forest because of a
merger. I’m using NETIQ’s domain Migration administrator to help in
the migration.
I’m
running DNS and WINS and the WINS
That is the way we did it before moving to AD. I was kind of hoping
to use the GPO functionality (it is there, after all). I guess a call
to PSS is in order as Google and Technet both turn up nothing.
Jordan
On Mon, 24 Jan 2005 13:20:03 -0800, Perdue David J Contr
InDyne/Enterprise IT <[EMAIL
I believe you can control this behavior via the Office 2003 Custom
Installation Wizard, which is part of the o2k3 resource kit toolbox:
http://download.microsoft.com/download/0/e/d/0eda9ae6-f5c9-44be-98c7-ccc
3016a296a/ork.exe.
Dan DeStefano
-Original Message-
From: [EMAIL PROTECTED]
[ma
Mike,
I am currently running a global AD and I have it broken up into a TLD and 4
regional child domains (NAFTA 5K users, EAME 12K users, LATAM 2K users, APAC
2K users). The main reason that I broke it up was to control replication
traffic. I did not want to have my LATAM and APAC DCs have to repl
Russ,
first of all, I understand your problem with Office being reinstalled causing
trouble, but remember that if you do not install Office on all your computers
where you want it to run with GP, the computer that you leave out will not be
managed, so if you later on want to apply an Office Ser
42 matches
Mail list logo
