As the writer and owner of the VS-DC doc, I can attest to the fact Brett
was present on the review email threads last year :-)
Furthermore, the doc is correct. If you follow the recommendations and
practices in the Running DCs in a Virtual Server 2005 then Microsoft
will support the
I think this is not easy with WMI.
Remarks
The CIM_Scanner class is derived from CIM_LogicalDevice.
WMI does not implement this class.
from http://msdn.microsoft.com/library/default.asp?url="">
Peter
Title: Use of SRV records (_ldap, _kerberos, _kpasswd) (WAS: DNS vs. Hosts File)
Hi,
A few days ago we were talking about the different service records (_ldap, _kerberos and _kpasswd) and when these are used. Joe did a network trace and posted his findings. I was also curious and I also did
Title: Message
1. If
memory serves (and it lets me down now and then!), the kpasswd service is only
used by non-Windows Kerberos clients. Windows servers register this service in
DNS for compatibility (and adherence to standards) rather than because Windows
clients actually use/need this
Now that is good information. It is fully understandable why a DC's image will
not perform correctly in a restored state based upon the facts of that article
and Brett's PPT slideshow. Thanks for that article. Thanks for the slideshow
Brett. Very informative. Hopefully this post will help
2. I believe that KRB5KRB_ERR_RESPONSE_TOO_BIG implies that the response
was too big for UDP
I can second that belief. I only see these in the logs on domains where Kerb
traffic has NOT been forced to TCP. A regular symptom in such domains is the
notorious event Id 5719, the inability to join
I have almost always chosen to go with
allowing the new image on the machines to reset and reuse the
existing AD computer object as the process of doing so does reset all the
information such as description, OS version etc. The one area where some care
needs to be taken is the ownership of
I was!
Thanks Eric!
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric
FleischmanSent: May 9, 2005 12:22 AMTo:
ActiveDir@mail.activedir.orgSubject: [ActiveDir] Who was asking for a
list of SP1 changes? I think it was this DL..
Excellent thanks ~Eric... This looks to be a good
document.
However, anyone else think this info on confidential
attributes is a bit weak in the documentation
Improved security to protect confidential attributes
To prevent
Read access to confidential attributes, such as a Social Security
Title: OT: Exchange Public folder content replication
Sorry this is off topic but this group is usually an excellent source of information on Exchange 200x.
Can anyone advise how, if it is possible, to force the replication of all content from an Exchange 5.5 public folder server to an
All,
I have a domain with a forest root (AD1) and two child domains (AD2 AD3).
When I browse AD1 and AD2, no domain controllers are listed under microsoft
windows network\domain name. Yet under AD3 I can see all domain controllers
with no issue.
I have run all the normal troubleshhoting
This really has nothing to do with AD so ignore this if you like or give me
some feedback if you're bored.
My company is looking at a SAP solution. I was wondering if anyone is running
SAP out there or what your thoughts are.
Frankly, I feel with the failure rate for erp coupled with the fact
Title: Cross forest trusts and site subnet syncing
I am researching x forest trusts and the need / advantage in syncing sites and subnets between forests. I have found a MS paper which describes multi forest scenarios in some detail but would ideally like to see a paper which describes the
Greetings Jacqui,
Try using PFMIGRATE
http://support.microsoft.com/default.aspx?scid=kb;EN-US;822895, if your looking
for a good exchange list, try http://www.MSExchange.org/ at [EMAIL PROTECTED]
Hope this helps,
Jose
-Original
I figured out the problem, my GAL filter did not include the proper
filtering for the dynamic list. I had to edit the filter in ADSI Edit,
once done everything was good.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Saturday, May 07, 2005
where would you set this in IIS5? I thought that was only in IIS6?
thanks a lot
Tomasz Onyszko wrote:
Kern, Tom wrote:
Hi, I'm running a classic asp(no dotnet) script on IIS 5.0 which
needs to call a dll on another server in the same domain. The script
has to be accessed anoymously from the
I just tested this and yes it did indeed work for me.
I would fully expect it to. It isn't anything magical about ADUC, that is AD
Delegation functionality at work there and normal ACLs.
I even used the Self well known security principal as the managing group.
joe
-Original
Does PFMigrate have the option to force replication?
I have used this previously to add replicas from one public folder server to
another but I am not aware how this can be used to initiate a full content
replication.
Could you explain in any further details?
I will check out the other listing
Unless you got clearance from Tony to post this prepare to be thumped.
As an aside, who are the largest 5 IT specific companies now?
IBM, HP, Dell??, MS, Lockheed, Unisys, ??
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Simon Cooper
Hey no fair, you jumped ahead in the troubleshooting process. eg
Good show. :)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A.
Sent: Monday, May 09, 2005 11:33 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Query-based
Kern, Tom wrote:
where would you set this in IIS5? I thought that was only in IIS6?
thanks a lot
You can use component services snap-in - on source server You can export
COM+ app proxy and on IIS server you can import it
--
Tomasz Onyszko [MVP]
[EMAIL PROTECTED]
http://www.w2k.pl
List info :
I am not a SAP consultant, like your I am an infrastructure geek, but
I have been around a few companies that have implemented it. In my
non-involved view SAP is a great product as long as you do not need to
customize it very heavily. Anytime that heavy customization is
required (from what I've
Absolutely. :)
- Original Message -
From: Rick Kingslan [EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Sunday, May 08, 2005 12:41 PM
Subject: RE: [ActiveDir] OT: e-mail archiving systems
:o)
Good to hear from you, Missy. Even if it was meant to be a private message
to Deji.
unsubscribe
From http://www.activedir.org/List.aspx
*
To unsubscribe send an email to [EMAIL PROTECTED] and type,
UNSUBSCRIBE ActiveDir "your name
here"
(without using the quotation marks) in the message body
*
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ed
Sorry to be a pest but I don't have that object in component services. What is
it called exactly?
I'm running win2k sp4
thanks a lot and I apologize for being so dense
Tomasz Onyszko wrote:
Kern, Tom wrote:
where would you set this in IIS5? I thought that was only in IIS6?
thanks a lot
You
Kern, Tom wrote:
Sorry to be a pest but I don't have that object in component services. What is
it called exactly?
I'm running win2k sp4
thanks a lot and I apologize for being so dense
As I said I don't know Your application architecture. When I was working
with IIS apps and COM+ applications we
Hi Jacqui,
I am going to assume that your using the Active Directory Connector for
Exchange 2003 and both servers are within the same site? Although I have not
used PFMIGRATE other then in a lab enviroment, Microsoft has an updated version
in the Exchange 2003 service pack1.
So you are going to the My Network Places to try and browse your DC's
but only the DCs from AD3 are showing up?
The My Network Places is based on NetBIOS so you will have to have a
functional WINS environment in order for everything to show up there.
Are your DCs in AD1 and AD2 using WINS? Is it
I've used it fairly extensively exactly as you've described. It's all
worked splendidly.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, May 09, 2005 12:40 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Group
Accenture? Compucom? CSC?
I don't think MS would rank that high in the consulting arena.
What's a Cv? Pardon my ignorance, but that has me puzzled. I mean, before
Tony comes back online I'd like to know. :)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Al-
C.V. == Curriculum Vitae
Used more often in Europe to refer to the resume than in the States.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Monday, May 09, 2005 7:01 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
the dll is accesed as an active x object on a seperate server from IIS via an
asp script.
thanks
Tomasz Onyszko wrote:
Kern, Tom wrote:
Sorry to be a pest but I don't have that object in component
services. What is it called exactly? I'm running win2k sp4
thanks a lot and I apologize
Title: Cross forest trusts and site & subnet syncing
Were you referring to already seeing this document? http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/directory/activedirectory/mtfstwp.mspx
Cross-Forest Logon Process
When a user from Forest A logs on to a
CV in the UK is like Resume in the US.
-Ryan
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Monday, May 09, 2005 1:01 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] All
Accenture? Compucom? CSC?
I don't think MS would
Curriculum Vitae, also known as resume ;-)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: May 9, 2005 1:01 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] All
Accenture? Compucom? CSC?
I don't think MS would rank that
I am still not clear that this is going to help.
You are right to assume that I am using the ADC and that both servers are in
the same site. There is also only one routing group.
I have previously used the pfmigrate tool to setup replicas and this worked
fine in the model office environment.
I know that SP2 is for Windows XP. But did anything get released for Windows
2000 SP4 that might cause similar share problems 9this time it is with a USB
printer, local LAN)?
Thanks Randy
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tim Hines
Sent:
Ah. Thanks Darren.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia
Sent: Monday, May 09, 2005 1:15 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] All
Al-
C.V. == Curriculum Vitae
Used more often in Europe to refer to
It is all using the same WINS server.
-Original Message-
From: Phil Renouf [EMAIL PROTECTED]
Date: Mon, 9 May 2005 12:57:30
To:ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Missing Domain Controllers
So you are going to the My Network Places to try and browse your DC's
but only
I like that. You don't have to have an understanding of the context of the
sentence to pronounce it properly.
I would like to see your resume.
I would like to see you resume.
Granted that second sentence seems to be missing the what should be resumed.
But it could be assumed which means you
I keep hearing rumours that MS is really going to be kicking its presence up
in consulting and services by adding thousands (or tens of thousands) of
analysts for it.
Oh and I thought of another possible one though I don't know how big they
are anymore... Compuware.
-Original
I assume to make a com+ proxy, I have to first create a .msi for the dll active
x object?
Tomasz Onyszko wrote:
Kern, Tom wrote:
Sorry to be a pest but I don't have that object in component
services. What is it called exactly? I'm running win2k sp4
thanks a lot and I apologize for being
Hi Jacqui,
I am not sure how to solve your problem then. Can I ask why you haven't taken
down your Exchange 5.5 servers yet? If your planning on taking them down soon,
you can use Exmerge to migrate them to PST's and re-import them back into
Exchange 2003.
Although this may not solve your
On 5/9/05, Francis Ouellet [EMAIL PROTECTED] wrote:
Curriculum Vitae, also known as resume ;-)
1) http://www.google.ca/search?q=define%3ACurriculum+Vitae
2) A CV in North America is much different than a CV in Europe; a CV
in North America is not the same as a resume.
...D
List info :
Depends on which part of NA you live I guess. I've been to job
interviews for both french and english positions and been asked for a
curriculum viate and resume respectively. ;)
Francis
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Danny
Sent: May 9,
I, more than many, would really appreciate Microsoft building up its consulting
ranks/headcount ;)
Until then, I don't think they can be considered as a serious player in the
consulting arena. I think they will never (by virtue of their culture) be able
to be a consulting organization that
Yep, that's why I asked. I've heard of it before in relation to an
educational position.
Sounds like it might be common to refer to a resume that way on the
other side of the pond.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Francis Ouellet
Sent:
Title: LDAPS question
Thanks Guy,
I've spent about 12hours trying to write a script that will
include the Subject Alternative Name in the CSR. I found the ICEnroll COM
interface on MSDN and am using it to generate my request. The request
works fine; however, the Subject Alternative Name
I thought my problem would speak for itself as to why I have not removed any
Exchange 5.5 servers. Until I have replicated the data from E55 PFs to E2K3
server I am unable to do this.
I may have to start looking at other migration methods if I cannot find
anyone who has experienced this or
Hi:
When adding PF replicas, you can get into a situation where initially only new content replicates, but every 24 hours or so the stores should swap status messages comparing CNsets and, discovering that old content is missing, kick off the backfill process. There are registry keys that can be
All (not just Al),
Microsoft has never really intended to be a true player in the Services market
- unless they are taking a radical turn in the past few months.
They see services as a necessary tool for customers who require Microsoft to be
involved in installs and the like. If it wasn't for
Hi Jacqui,
Before you look at other tools, try uninstalling your Active Directory
Connector, reboot and try installing the latest Active Directory Connector with
Exchange service pack 1. Try recreating the Public Folder connection agreement
and then try using Exchange 5.5 to replicate the
Interesting that RickD is now in charge of services. I find that infinitely
fascinating.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, May 09, 2005 3:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] All - OT (and
ProServices at Microsoft is all about radical turns. Trust me :)
You're concept of partners having more/less in-depth experience than Microsoft
is intriguing. I suppose that indicates that the Microsoft consultants have a
corporate sanctioned line back to the development team (as opposed to
Hi,
I delegated the password management to the technicians group.
There is a glitch though, they can't seem to be able to reset password
even if I gave the permission to do so (on the OU). All the get is
Access denied (and the check box to set the change password a next
logon bit is
So what's the difference?
Many of the engagements several of my MCS friends end up going on are to
clean up after partners in escalation mode - the value add there being that
MS won't look like they have a crap product because partners f'ed up. I
think there are good number of partners not doing that great of a job and
can
LOL. Rick are you still stringing them along trying to get free dinners?
If they ever get to the point of letting people work from home and not
having to travel all over the place all of the time and start paying good
salaries, I will possibly look at them again. In the meanwhile, I am quite
Sorry, but the ADC has nothing to do with PF content replication.
AndyFrom: "Medeiros, Jose" [EMAIL PROTECTED]Reply-To: ActiveDir@mail.activedir.orgTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OT: Exchange Public folder content replicationDate: Mon, 9 May 2005 12:49:04 -0700Hi
Hi
Andy,
Hmm..
Then why do you have to configure a public folder connection
agreement?
Jose
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Andy
SCHANSent: Monday, May 09, 2005 1:46 PMTo:
ActiveDir@mail.activedir.orgSubject: RE:
Hi
Andy,
Actually this may help you understand the various options used when
migrating public folders. If your using ADC.
http://support.microsoft.com/?kbid=281223
If
your using PGMIGRATE there appears to be an issue that this article
address.
http://support.microsoft.com/?kbid=885826
The public folder CA is to replicate mail-enabled
PFs to AD, so theyre visible in the GAL to Exchange 2003 users and can
receive messages addressed to them; PF hierarchy and content replication are
separate processes that dont involve either directory (AD or the
Exchange 5.5 directory).
Wouldn't it have been easier to use the delegation wizard to do that for
you so you don't miss something?
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technolog
ies/directory/activedirectory/stepbystep/ctrlwiz.mspx
-Original Message-
From: [EMAIL PROTECTED]
Read those articles carefully; a quote
from 281223: If you want to email Exchange
Server 5.5 public folders from Exchange 2000 or Exchange Server 2003 mailboxes,
you must create a public folder Connection Agreement for each Exchange Server
5.5 site in the organization. The public folder CA
Title: OT: Exchange Public folder content replication
Another KB article that may help you:
How to troubleshoot public folder
replication problems in Exchange 2000 Server and in Exchange Server 2003:
http://support.microsoft.com/kb/842273/
Andy
From:
[EMAIL PROTECTED]
Hmm.. Article 885826 address an issue with PFMigrate and it suggest recreating
the Public Folder connection agreement in the ADC. There must be some type of
interdependency.
RESOLUTION
To resolve this issue, verify that there is a configuration connection
agreement, and then force replication
Title: OT: Exchange Public folder content replication
Hi
Andy,
This
article only refers to replicating public folders between Exchange 2000 or
Exchange 2003 servers.
When
adding an Exchange 2000 or Exchange 2003 server to an Exchange 5.5 site one
needs the ADC and a public folder
Read ALL the articles, including the appendix from the admin guide; all will become clear. From: "Medeiros, Jose" [EMAIL PROTECTED]Reply-To: ActiveDir@mail.activedir.orgTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Folder replicas may not be created when you run the Exchange Server 2003
Hi Andy,
I do understand and either I a missing some thing or you are. The article that
you that you sent states :
http://www.microsoft.com/technet/prodtechnol/exchange/guides/E2k3AdminGuide/e2bd3cd4-33be-4aa7-9042-886046c53cc7.mspx
Connection Agreements and Public Folder Replication
All
As this was an OT post to begin with, if you want to discuss further we
should take this off-line. I just noticed the OT got dropped off the subject
line.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: May 9, 2005 6:37 PM
To:
: From: [EMAIL PROTECTED] [mailto:ActiveDir-
: [EMAIL PROTECTED] On Behalf Of joe
: Subject: RE: [ActiveDir] All - OT (and drifting further away)
:
: I think as MS gets more and more complicated products
: deeper in the field (SMS, MIIS, MOM, Active
Oh wow, I never heard of them and they are the leading global technology
integrator...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer
Sent: Monday, May 09, 2005 8:54 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] All - OT
You never heard of Avenade? You need to get out a bit more, eh? G
I will ask though: if Avenade might exist so that more complicated
systems can be implemented without Microsoft having to do the work
themselves, does that mean they're different than other partners? If
so, why and how Ken? I
XP sp2 workstations.
I have created a Folder called Desktop. Permissions are administrator
and system full control users read only. The users are set thru GPO to
be redirected to this Folder. That part is working. The strange part is
that two files are showing up in that Directory.
You need to get out a bit more, eh?
Heh, maybe so. I quickly glimpsed the customer list, no huge hitters in
there that caught my eye. Keep in mind the scope of the customers I tend to
work on though - usually Fortune 50 or better with most of my last 10 years
experience in the Fortune 5. I have
Hi all
Rather off topic I know, but just wondering if there are anyone that
knows or has done cleanup before.
Basically found some deleted users/sids that are still showing up on the
server User Rights Assignment section of some of the servers.
Is there any command line mode of doing these type
: From: [EMAIL PROTECTED] [mailto:ActiveDir-
: [EMAIL PROTECTED] On Behalf Of Al Mulnick
: Subject: RE: [ActiveDir] All - OT (and drifting further away)
:
: I will ask though: if Avenade might exist so that more complicated
: systems can be implemented
Title: LDAPS question
It turned out to be a bit more complicated
than I thought
I made some notes over here:
http://guy.netguru.co.il/archives/18-Issuing-certificates-to-DCs-with-additional-DNS-names.html
I have not yet verified that LDAPS works
with aliases when querying, but the
79 matches
Mail list logo