RE: [ActiveDir] Group Membership Update Frequency

Thomas, The server will not update its group memberships until it refreshes its kerberos ticket. That can take up to a week. Alternatively, you can reboot the system, or, if you have console access, open a command line under the system's credentials. You can then use 'klist purge' to delete

RE: [ActiveDir] Gather member of query based distribution list thru command line

You can take the query and pop it into a new Saved Query in Active Directory Users and Computers. After the query has run, you can then right-click the query and choose export list. -Andrew -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Irwan Hadi Sent

RE: [ActiveDir] problem changing "employeeID" attribute value

Try clicking the 'Clear' button instead of deleting the value.   -Andrew   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.Sent: Tuesday, October 10, 2006 11:29 AMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] problem changing "employeeID" attribute

RE: [ActiveDir] DNS entry won't delete

question. Bruce Clingaman Information Technology Department Pensacola Christian College 850.478.8496 ext. 2198 [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED]

RE: [ActiveDir] DNS entry won't delete

try.Name next End Sub == It does not display all the zones, one of which has the enties in question. Bruce Clingaman Information Technology Department Pensacola Christian College 850.478.8496 ext. 2198 [EMAIL PR

RE: [ActiveDir] DNS entry won't delete

You can run the following command to see where an update is originating.  Then, if you have auditing enabled for that operation, you can check the originating DC to see who made the change.   repadmin /showobjmeta yourdc "dc=recordname,dc=yourzone.com,cn=MicrosoftDNS,dc=DomainDNSZones,dc=you

RE: [ActiveDir] Specifying builtin accounts in GPO settings.

I'm not disregarding what has happened in this thread since Matt asked if he could wildcard the IWAM account name.  In fact, I can't even answer that question authoritatively, but my gut feeling says that it won't work.  Matt can, however, delegate the logon locally right to a group, then ad

RE: [ActiveDir] LDAP Logon Name

In the error below, the LDAP filter is "(&(objectclass=person)displayname=phelps,k*))".  You missed the opening parenthesis before displayname.   -Andrew   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alex Alborzfard Sent: Monday, August 14, 2006 1:24 PM To: Ac

RE: [ActiveDir] Computer bootup speeds

Be careful using “set L”.  That command echoes an environmental variable that is set at boot and doesn’t change after that.  It should suffice in this situation.  A much better way to determine which DC a computer is currently authenticating against is nltest.exe.  “nltest /sc_query:domain_