I understand. For a long time I was very go native delegation but as I saw
more and more folks doing it, usually poorly, and then trying to figure out
who was doing what and how they were doing it and a long chat with Stuart
about the possibility of business rules and triggers in AD and getting
Does anyone know a good location to find visual studio coders that have
worked with both AD and Visio.
I found some resources at Microsoft
Generating Active Directory Diagrams with Visio 2003 and Visual Studio
.NET 2003
http://msdn2.microsoft.com/en-us/library/aa662190(office.11).aspx
The
I will be out of the office starting 12/22/2006 and will not return until
01/02/2007.
I will respond to your message when I return.
HAPPY NEW YEAR!
==
This communication, together with any attachments hereto or links
A couple of items to look at for all issues like this:
Is the group a universal group[1]?
Are the users direct members of the group or in the group via nesting?
Specifically here I would look at the filter in a cleaner format such as
what adfind will give you with the -stats+ and -stats+only
Yep the reference is Error Code 0x55B (1371) in winerror.h
ERROR_SPECIAL_ACCOUNT
# Cannot perform this operation on built-in accounts.
An alternate reference is
isCriticalSystemObject: TRUE
Send back up to the above that they should be setting overall generic
security policies and
Yes actually adfind can show you metadata... Look at the attributes
msDS-ReplAttributeMetaData
msDS-ReplValueMetaData
I actually have a DCR for AdFind (submitted by me which means it for sure
will get done) that will display that info in a better way than that XML
format they use. When it
You won't need anything other than a normal userid unless you have put weird
ACEs in place to hide user objects and then you just need to have the normal
userid in the right group and that right group shouldn't have to be
Administrative level.
Note though that no group membership is going to give
Error message when you install the Windows Server 2003 management tools
on a Windows Vista-based computer: MMC could not create the snap-in:
http://support.microsoft.com/default.aspx/kb/930056
