Have a look for admgmt.msc
More info here:
http://technet2.microsoft.com/WindowsServer/en/Library/b8fa00f7-d3ff-48ee-8b
36-b2e1588686901033.mspx
And here
http://www.activedir.org/article.aspx?aid=91
Tony
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf O
I remember in the past downloading a MMC that already had ADUC, GPO, DNS,
and other snapins in it. I thought it was called Active Directory Management
Tool, but I can't find it. Does anyone else recall this tool? Its name?
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.
MIIS can do
this…
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of [EMAIL PROTECTED]
Sent: Wednesday, February 08, 2006
7:58 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Moving
Certificates between separate AD infrastructures
I have a DOD custom
Someone pointed me to this earlier on - http://www.namescape.com/
Thank you and have a splendid
day!
Kind Regards,
Freddy Hartono
Group Support
Engineer InternationalSOS Pte Ltd mail: [EMAIL PROTECTED]
phone: (+65)
6330-9785
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Beh
Microsoft Security Advisory (91): Vulnerability in Internet Explorer
Could Allow Remote Code Execution:
http://www.microsoft.com/technet/security/advisory/91.mspx
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
List info : http://www.activedir.o
Nothing personal, I assume everyone is lying to me. When I entered the world
of enterprise class corporate support back in like 1996, my supervisor sat
me down the first day and told me words to live by
1. Believe none of what you hear and only half of what you see.
2. Users lie.
He further cl
The tricky piece here is the space, the displayname=\20
mechanism would work as well as the very cute little query Dean posted of
displayname<=!. Check out http://msdn.microsoft.com/library/default.asp?url="">.
It talks a little about constructing queries.
The other thing that stuck out to
Title: Delegating attribute in property Set (Personal Information set)
instead of editing the DSSEC.DAT file to adjust the
visibility of the attribute in ADUC's sec-editor (which will only apply to the
local ADUC instance anyways), you could also just choose to set the appropriate
permissions
I haven't used it but recently learned
of
https://www.hp-lab.ch/ldapweb/
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Adeel
AnsariSent: Tuesday, February 07, 2006 4:32 PMTo:
Act
I have a need, but, alas, no
funds...
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Adeel
AnsariSent: Tuesday, February 07, 2006 2:32 PMTo:
ActiveDir@mail.activedir.orgSubject: [ActiveDir] AD Web
Interface
AD Gurus,
Anyone know of a web
interface for some basic AD a
AD Gurus,
Anyone know of a web
interface for some basic AD administration preferably a cheap or free
solution. Basically, this web interface will be provided to the
heldesk to perform tasks like unlock account, move account, check group
membership etc.
By googling arround
I found PHP
I have a DOD customer that is looking to break off a piece of the organization to stand up its own agency. The DOD customer is currently deployed in an Active Directory infrastructure with a PKI infrastructure deployed and smartcards in use. Shortly, the customers will be moved to a completely new
Two options come to mind, I'm sure there are
others...
1) Build a set of scripts and put a web front-end on them,
which would allow others to move the user account and as part of the move, the
OUone groups would get stripped and the OUtwo groups would get
added.
2) Directly delegate the
I have about 650 remote sites here, between 50 and 60 remote DCs
depending on how you count it. I have a script which generates the site links based
on a template link, and then depending on the connection between the sites and
utilization metrics, I have another list of links which are con
Adeel,
Ah, the old "best practices" question. You'll get a
lot of responses regarding the whole concept of "best practices" which will
ultimately say "it depends" :) For instance, what sort of
administrators do you have? Are they experienced, well educated in AD, reliable,
etc? What's your
To be sure, connection objects and site
links are two different things. Connection objects I typically created by
the KCC/ISTG although they can be created manually. Site Links are always
created “manually” even if that manual operation is performed by a
script.
Site links should be c
I am almost looking for a
query based Security Group, similar to Distribution
Groups.
It would save me a ton of
time if when I moved a user from OUone to OUtwo if it would/could strip that
user of all their old groups and drop them into the new groups, based upon what
OU the user account
Do you have manually created links? You’ll
likely get a lot better answers than mine, but basically when I had replication
problems, I eventually determined that a lot of it was my own causing.
Basically, I had no reason to create any site links manually, which I had done.
I got rid of thos
AD
Experts,
Is
there any best practices for creating and managing site links? The problem
I am facing where I have many hub and spoke sites with well over 20
site links. What is the best procedure to fix this issue?
-Adeel
Have you tried:
(&(objectCategory=Person)(objClass=User)(displayName=\\
))
David AragonYour ability to perceive a solution is
limitedonly by your understanding of the problem
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sitton Glen
ESent: Tuesday, Febru
Thank you Gil, Dean, Hunter. That works
perfectly.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Coleman,
HunterSent: Tuesday, February 07, 2006 12:48 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] DSQUERY filter
for space character only
(&objectCategory=u
Cool, buckle up, lots of very smart folks
here (not me K) you will see lots of chances to learn.
Dan
From: Olivarez, Sergio
J Mr ANOSC/FCBS [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 07, 2006
11:39 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] DSQUERY
(&objectCategory=user)(displayName=\20))
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sitton Glen
ESent: Tuesday, February 07, 2006 10:17 AMTo:
ActiveDir@mail.activedir.orgSubject: [ActiveDir] DSQUERY filter for
space character only
I need to run an obscure DSQUERY with
IIRC,
the query processor barks at the use of values comprised entirely of
spaces. As such, use the following -
dsquery * dc=mset,dc=local -scope subtree -filter
"(&(objectcategory=user)(displayname=\20))
... or
for a more creative approach -
dsquery * dc=mset,dc=local -scope subtree
Been using the archive for a while, but I
just subscribed yesterday!
Thanks...
... ... ...
Sergio J.
Olivarez
From: Gilbert, Daniel
L Mr ANOSC/FCBS [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 07, 2006
11:28 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveD
That will only work on appropriately indexed
attributes.
Try \20. That would be the appropriate escaped
filter.
-gil
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Olivarez, Sergio
J Mr ANOSC/FCBSSent: Tuesday, February 07, 2006 11:23
AMTo: ActiveDir@mail.activedir.org
Title: RE: [ActiveDir] DSQUERY filter for space character only
Some automated process has thrown a single space character into the
displayName and I'm hoping to construct a simple DSQUERY to find them
and then fix them.
Yes, the workaround you describe is pretty much what I am doing in lie
You follow this list?
From: Olivarez, Sergio
J Mr ANOSC/FCBS [mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 07, 2006
11:23 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] DSQUERY
filter for space character only
Have you tried * *
Thanks...
... ..
Have you tried * *
Thanks...
... ... ...
Sergio J.
Olivarez
From: Sitton Glen E
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, February 07, 2006
10:17 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] DSQUERY
filter for space character only
I need to run an obs
Groupstudy has a Cisco list that is quite active.
http://www.groupstudy.com/list/cisco.html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian Desmond
Sent: Tuesday, February 07, 2006 11:02 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
What's the query for? Can you not query on all objects then export to excel or
word and look for the spaces? Crude but it should work.
Mark
-Original Message-
From: Sitton Glen E <[EMAIL PROTECTED]>
Date: Tue, 7 Feb 2006 11:16:53
To:ActiveDir@mail.activedir.org
Subject: [ActiveDir] DSQU
I need to run an obscure DSQUERY with a filter that
finds displayNames with a value of a single space character. I'm
stumped. I've tried every escape character possibility that I'm aware
of. I know how to find null values, but can't seem to query on a space
character alone. It hoses the
Found it... Problem solved..
Za Vue wrote:
Okay you guys.
On one of my DC I keep getting an LDAP error when I run netdiag
/test:LDAP. I get the error
"[FATAL] Cannot do negotiate authenticated ldap_bin to
'dc.domain.edu': Invalid Credentials"
The domain account and password was rece
Okay you guys.
On one of my DC I keep getting an LDAP error when I run netdiag
/test:LDAP. I get the error
"[FATAL] Cannot do negotiate authenticated ldap_bin to
'dc.domain.edu': Invalid Credentials"
The domain account and password was recently changed.
In the System
Log:
Marwa-
Cisco-nsp on puck.nether.net is the Cisco list I hang out on/like. It's
geared towards larger networks, and service providers to a certain
degree so it depends what sort of "Cisco" discussion you're looking for.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
> -Origina
Title: Delegating attribute in property Set (Personal Information set)
Dssec.dat? Isn’t it called
dessicant? J
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells
Sent: Monday, February 06, 2006
8:09 PM
To: Send - AD mailing list
Subject: RE: [ActiveDir]
Heres a generic link directly to the
cisco forums - where I can actually answer questions instead of just lurking
- lol.
Enjoy!
http://forum.cisco.com/
Brent Eads
Employee Technology Solutions, Inc.
Office: (312) 762-9224
Fax: (312) 762-9275
The contents contain pri
Marwa,
You can also try http://www.tek-tips.com/
Salaam.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Za Vue
Sent: Tuesday, February 07, 2006 8:40 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Hi All-Please Help
I see some flamming to
bugzilla
www.bugzilla.org
On 1/30/06, Noah Eiger <[EMAIL PROTECTED]> wrote:
>
>
>
> Hi –
>
>
>
> I am looking for a database (preferably with a web interface) to track all
> changes made in the network/directory infrastructure. Change something in
> DNS? Log it. Make some registry changes on a ser
Somewhat OT, but I found a bug with the console TS sessions. Don't use
them to connect to Cisco Unity servers. It hoses the Unity app and
causes some big uglies. Cisco has a tech note on it somewhere IIRC. The
normal TS sessions are OK, though.
Found out the hard way... :-(
**
I don't imagine you're looking for suggestions for the last part, but just in case:
" If I log on to a machine with Outlook 2003 and don't set up cached mode then I get to seeall the groups. If I log on in cached mode then the Global Address Listin the address book doesn't show all the groups. I
I think you can set this setting in GPO. If you go to Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Sessions and there you can enable "Set time limit for disconnected ssessions" and set it to 1 minute. Sullivan Tim <[EMAIL PROTECTED]> wrote: Normally what
I see some flamming to come. :-D
-Z.V.
Dan Tesch wrote:
Cisco has discussion forums on their own site, I have received some answers
there
before - http://forum.cisco.com/eforum/servlet/NetProf?page=main
Hi All
My name is Marwa , i am from egypt.
Actually , i am looking for Cisco Discussi
Cisco has discussion forums on their own site, I have received some answers
there
before - http://forum.cisco.com/eforum/servlet/NetProf?page=main
Hi All
My name is Marwa , i am from egypt.
Actually , i am looking for Cisco Discussion Forums.
I did a search on Google & i could not find any t
Normally what I will do is use the console switch (if they
are 2003 servers) and free up the 2 in use connections. So its basically I
use a 3rd allowed RDP connection.
Start, then run: mstsc /v:servername
/console
But there are definetly GPO settings you can put in place
to help with thi
It really is a single domain; would I lie to you?? :-)
I've now gone through all the groups. They were all mail enabled and
permissions haven't been changed but I think there are two things which
were causing problems - one I've now fixed the other I'm still working
on.
The names of some of the g
Hi All
My name is Marwa , i am from egypt.
Actually , i am looking for Cisco Discussion Forums.
I did a search on Google & i could not find any thing.
i want to have a discussion list like this list for Active Directory but
for Cisco As well.
Please, if there is any one know it, send me th
Title: Delegating attribute in property Set (Personal Information set)
Thanks Jorge, Joe, Dean!
Thank you and have a splendid
day!
Kind Regards,
Freddy Hartono
Group Support
Engineer InternationalSOS Pte Ltd mail: [EMAIL PROTECTED]
phone: (+65)
6330-9785
From: Almeida Pinto, Jorge
Title: Message
Hi
Simon
I was
referring to the procedure for extending the schema (i.e. controlling outbound
replication from the Schema Master etc) rather than designing extensions.
But thanks anyway for this useful info.
Regards
David
-Original Message-From:
[EM
Title: Message
Hi
Frank
Are
they not able to click Start > Logoff from the TS session? If they forget to do this then configure a GPO to reset a disconnected TS session after
x minutes/hours/days
cheers
Dave
-Original Message-From:
[EMAIL PROTECTED] [mailto:[EMAIL PROT
Just one of the standard questions I use for DL expansion issues. Not
relevant to a single domain forest but we don't know in this case if this is
for sure a single domain forest or they simply manage a single domain in a
forest. I've made that assumption based on verbiage in the past and paid for
If for some reason you want to delegate the use of some attribute and that
attribute is not listed in the in the property/attribute specific list, then
that attribute is hidden from being viewed. To be able to use that attribute
in the delegation of control wizard on THAT SPECIFIC DC, open DSSEC
52 matches
Mail list logo