ExMerge allows you to search on certain parameters such
as subject, attachments, date/time, etc. It runs with privileged
credentials to access and search through the mailboxes. Downloadable from
the MS download page
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of D
Title: Message
Your better course of action (besides upgrading from a
dead version but that is another thread) is build the new server as a
second server in your organization and moving the mailboxes. You get a
clean db and a fresh start. Forget trying to migrate the DB
like you would an
ing workgroups that should have never been created and i'm
now policing against -- any way to rid myself of this or detect where they are
being generated ?
Thanks
On 8/2/06, Ayers,
Diane <[EMAIL PROTECTED]>
wrote:
Check your WINS da
Check your WINS database if you are
using WINS. Part of the browsing data comes from WINS and the database
will tell you where those records are coming from. You can address
it via the hosts if it's coming from there or clean up your WINS
db.
Diane
From: [EMAIL PROTECTED]
[mailt
The POP3 is just via my local Telco
ISP (not a major Telco). I'm not sure what they are using but it's not
Exchange. Mirapoint MOS 3.7.0-GA is what I glean from the headers but I'm
not familiar with it.
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSent: Mond
I'm getting the list at home and at
work. Outlook 2K3 via POP3 is coming in fine. Outlook 2K3 via
Exchange and MAPI is coming in blank. Both the non-SP standard builds of
Outlook. Exchange is still @ E2K...
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
joeSen
SMS as well if you are using AD sites for your distribution points.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray
Sent: Thursday, March 30, 2006 2:38 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] DC Demotion & AD Site Configura
Maybe we should ask a question on the
merits of doubling down on an 11 when the dealer has a face card
showing... :-)
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge deSent: Wednesday, March 29, 2006 9:35 AMTo:
ActiveDir@mail.activedir.orgSubje
Russ:
We pursuing a "reduced" sign on
environment as opposed to a single sign on. Fortunately we've been able to
leverage AD as our "authoritative source" for IDs and passwords but due to the
plethora of heterogeneous applications, not all of them can leverage AD as the
authentication and
agine not drinking before the age of 21 - i.e. all thru
my uni years!! it can't be done :)
i take my hat off to you guys who have to wait until 21 :))
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ayers, Diane
Sent: 13 January 2006 15:13
To:
16 more years and we can start drinking... WooHoo..
My cranial capacity on AD has grown immensely through the sharing on the
list. Thanks much to you and the members of the list.
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray
Sent:
Try ADmodify for a GUI
tool...
Diane
http://tinyurl.com/5ruog
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Harding,
DevonSent: Monday, December 05, 2005 12:40 PMTo:
ActiveDir@mail.activedir.orgSubject: [ActiveDir] remove logon
script?
How can I remove the logon.
IIRC in the conversations that I had with MS around MONAD was that one
goal was intended to "fix" the issue of inconsistencies of the various
command line tools (different switches, piping options, etc.). The
other goal was to ensure that every option that was available via the
GUI was exposed via
here is a script that you can
use. It dumps the group to a spreadsheet with column headers. Modify
as you see fit
Diane
On Error Resume Next
CRLF=CHR(13)+CHR(10)
strADName = InputBox("Enter Complete LDAP DN for desired
group","Group
You mention that it is a legacy trust. I don't know how far back it goes
legacy wise but I ran into an issue where a legacy trust could not be
"upgraded" (modified) as the trust existed prior to upgrade (way back in NT
4.0 land) and the solution was to delete the trust entirely and recreate.
Th
Title: Schema Updates
>You
ever find that often times the products are already bought before your input is
requested?
The better question is when do they
ever check with you before they buy a product? Nope... They usually
ask someone that has no clue of the impact to the production syste
ors Group
How does it work? Do you use LDAP to look at the membership? If so, you
probably have a whole in the implementation.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ayers, Diane
Sent: Thursday, October 06, 2005 2:20 PM
To: ActiveDir@mail.acti
We run a simple process that monitors the members of elevated privilege
groups. Any changes trigger a notification. Doesn't address the
prevention but will allow you to capture the occurrence and deal with it
appropriately.
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAI
Tom:
I used Robbie Allen's script to do this. You can glean from his script
the techniques for doing this. I sent you a copy under a separate email
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kern, Tom
Sent: Thursday, September 01, 2005 11:0
My preferred approach would be to
demote the box to member server and re-promote to a domain controller to ensure
a good fresh copy of the DIT. YMMV as the specific requirements at your
location may prevent this. We have only run into this once early in our AD
days and this was the approac
Not a AD gripe but a tools gripe. The AD Sites and Services snap-in
sucks canal water as Laura sez. MS said they would fix it in Win2K3
but it still sucks.
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Tuesday, August 02, 2005 9:25 A
Title: Account lockout
Look in the security event logs on the
domain controller and it will tell you what machine the lockout is coming
from. You will have to check all the DCs until you find the one that is
authenticating the account and locking it out. MS has tools to do this for
you.
Title: Message
I was considering a process similar to
what you describe to rebuild are somewhat "messy" existing lab setup. Two
things that popped into my mind that maybe you have a perspective
on;
How do you deal with those services that are integrated
into AD? Exchange, SMS and M
ly 07, 2005 7:12 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Doubletake(OT)
Can you elaborate further on why you don't feel comfortable using it with
Exchange as well as what you think the limitations are, if you don't mind?
Thanks a lot.
Ayers, Diane wrote:
> We use Doubl
We use DoubleTake on a number of DAS based File/Print servers in our
distributed environment that are fairly large (~1 TB). We implemented it
when we had some server failures that created extended outages for clients
while we recovered data from backup tapes. Our current implementation is
locally
Not to hijack the thread but has anyone used a hardware based load
balancer such as a BigIP appliance to load balance and/or fail over
LDAP? We have some apps that have to be configured to a specific host
and this was one idea floated up.
Diane
-Original Message-
From: [EMAIL PROTECTED]
ure of NT4, the PDC would have burned to the ground
in any decent sized enterprise.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ayers, Diane
Sent: Friday, May 27, 2005 7:18 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] lastlogontimestamp-
> In NT4, all updates go up to the PDC. This is why you will get a true last
login report
Not that my small wattage can hold a candle to the brain power for the
others on the list but isn't this incorrect? IIRC, under NT 4.0 the last
logon went to the authenticating DC. That is why you had to qu
Brenda:
Fire up ADSIedit and take a look at
the Exchange Services container in AD. (CN=Microsoft
Exchange,CN=Services,CN=Configuration,DC=domain,DC=com) and verify that the
Exchange groups have been applied to the container correctly.
Exchange Domain Servers group "should" (don't have mu
older than February to another machine to free
space. If I don't need to ever backup those transaction logs, then I
will just delete them once I have verified that the backups are working
correctly.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behal
JS/Stealus.gen trojan as well
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Devan Pala
Sent: Sunday, April 10, 2005 3:40 PM
To: [EMAIL PROTECTED]
Cc: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Update Your PayPal Account Information
Hi al
Not to be nit picky but it means you are not backing it up _correctly_
As Doug mentions, a correct on-line exchange backup will purge the logs
on completion of the backup process.
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Stelley,
Douglas
Sent
FWIW, there was a long conversation
covering PRC over HTTP on the security basics mailing list. You can look
at the archives to see if there was anything worth gleaning from the
conversation
Diane
http://www.securityfocus.com/archive/105/389606/2005-02-04/2005-02-10/1
From: [EMAIL
The one instance that we had a corrupt database, we used this method as
well. Fortunately we had enough redundancy to allow the demotion of the
server and not affect any services. Is was also fortunate that we had
high connectivity between the DCs to allow a full copy of the directory
to be repli
We have a very similar situation. The Citrix MetaFrame boxes are the
same OU as other servers. We created two policies for the Citrix
settings. One for the machine policies and one for the user policies.
We also created two groups, one for the Citrix machines and one for the
Citrix users. The m
here's my "I'm not a programmer but I
play one on TV" approach... Dumps to an excel spreadsheet. Easily
modifiable to even the programming challenged like me...
Diane
---
On Error Resume Next
CRLF=CHR(13)+CHR(10)
strADName
Wouldn't this be dependent on the volume of changes that you see in your
environment? With Exchange and its accompanying volume of changes,
moving the log files to separate spindles is as you say, a no
no-brainer. However in our AD environment, we see very low volume of
changes. We get maybe 50 M
You can use Outlook 2003 against
Exchange 2000. The local cached mode is a specific configuration of
the Outlook 2003 on the client side, No server config work is
required.
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan
DeStefanoSent: Monday, December 06, 20
One option is to have the users switch
to Outlook 2003 and run it in "local cached mode"
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dan
DeStefanoSent: Monday, December 06, 2004 9:06 AMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] Exchange
Latency
A couple of our
e not available.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ayers, Diane
Sent: Tuesday, November 16, 2004 9:36 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Master Browser
Dusting off the old NT 4.0 memories... Key point is that "browsing&quo
Dusting off the old NT 4.0 memories... Key point is that "browsing" is
not related to name resolution at all. Browsing is a simple NetBIOS
based directory that allows users to find resources. Conecting to the
resource either by clicking on an object in the browse list or by
manually connecting (v
anage...
Thanks all...
Diane
From: Ayers, Diane [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 09, 2004 7:05 AMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] 64
Bit?
I guess my questions are
general. I can see some advantages on shifting to a 64 bit platform for AD
service
Title: RE: [ActiveDir] 64 Bit?
I guess my questions are
general. I can see some advantages on shifting to a 64 bit platform for AD
services but since the company I work for is definitely not bleeding edge, I was
looking for what the general adoption rate of the 64 bit platform was. Our
dep
All:
Is anyone looking at using the 64 bit platform for their AD domain
controllers? We're doing a life cycle replacement of our hardware next year
and was wondering if anyone has gone down this path. I sat though some of
the Web casts but is there anyone running 64 bit in the "real world" ;-)
I don't know squat about apple but you probably have
SMB signing set in your domain policies and Apple probably does not support SMB
signing. Once you moved the server into AD, it received the domain
policies and breaking the Apple access.
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PR
Just to Echo Justin's comment, the BIG difference between NT 4.0 and
Active Directory is the integration/dependence on your DNS environment.
In addition to the integration into your other LDAP sources, DNS is an
area that you should focus some time on before you create your Active
directory namespa
Title: RE: [ActiveDir] BDC upgrade
Ditto. Used it once to "demote"
a BDC that was also a time source in the NT 4.0 world. wanted to keep the
server but didn't want it to be a BDC anymore. Best $99 bucks spent as far
as saved time, etc.
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PR
Your Exchange STMP addresses are assigned separately. Your domain could be
JoeBagOfDoughnuts.com and your email address can be DoughnutHoles.com
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sveta
Sent: Saturday, October 16, 2004 5:35 PM
To: Dej
th just a FE server, but
using ISA would be safer and more secure.
________
From: [EMAIL PROTECTED] on behalf of Ayers, Diane
Sent: Wed 10/6/2004 5:21 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Off-topic sorta
I'm not a DMZ/firewall person but generally the shear numbe
I'm not a DMZ/firewall person but
generally the shear number of ports, etc that you have to open between the DMZ
and the internal network is not a "good thing"®.
Additionally for boxes that are in the DMZ, they should be configured as highly
secure boxes and that tends to break Exchange.
Bad idea to place an exchange server
in the DMZ. Better choice would be to use ISA 2004 in the DMZ to publish
OWA. OMA and http over RPC to the external users. See http://www.isaserver.org for more
info.
I was fairly impressed with ISA
2004. Not as a firewall but being able to securel
An option that we use is that the actual VPN is launched by a "wrapper"
program that will launch the VPN client for the user and then once
authenticated, the wrapper program will launch the usual login
processes. This ensures that we can enforce our standards on the laptop
irregardless if the user
It takes a while to take affect (~ 2 hrs). Take a look at the KB
below to see how to modify this behavior
Diane
http://support.microsoft.com/default.aspx?scid=kb;%5bLN%5d;327378
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Douglas M.
LongSent: Thursday, September 23, 200
Hunter:
With Cisco ACS, how are you going to
deal with non-MS based devices that get DHCP addresses? That's always been
the hang-up for us to shift to a setup like you
describe.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Coleman,
HunterSent: Monday, September 13, 20
Backup to disks IMHO will become more the norm as the disk capacity
continue to outstrip the tape backup capabilities. We do this for all
our Exchange boxes and has worked very well. We keep 2-3days of backup
files on a "secondary" server. All backups are sucked off the disks
onto tape(s) for lo
Unfortunately, I don't know, and the SAP guy who installed it doesn't
remember either.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ayers, Diane
Sent: Wednesday, August 04, 2004 7:20 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Schema Gurus needed
Ken:
Do you recall which version of the SAP portal it was that made the
schema changes? I'm asking since we are testing the SAP portal against
AD in our lab with our SAP folks. I know that the initial version that
they came to us with required a schema change (version 5?) and before we
got it se
inter admins
Do you perchance know what those REG permission changes are at?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ayers, Diane
Sent: Thursday, July 29, 2004 11:10 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD and printer admins
I'
I'm sorry, I must be missing something. Can't you just add them desktop
support team to the local power users group on the servers that you create
the print shares on? That what we do and it seems to work. The only thing
that they can't do is to create new IP ports for shares if they are requir
My bets are on Sasser. Reapply MS04-011 and reboot.
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rutherford,
Robert
Sent: Tuesday, July 27, 2004 7:28 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] LSASS.EXE!
What started this? Was it after
It may be more than you want but what the heck. I'm not a programmer so
YMMV
Diane
-
On Error Resume Next
Set Network = WScript.CreateObject("WScript.Network")
strComputer = InputBox ("Enter NETBIOS name of computer",
"GetComputerLocation In AD", Network.Com
Yes. We have we have clients that do it all the time. Win2K native mode
and we did not use the AD client.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jennifer Fountain
Sent: Thursday, June 24, 2004 4:29 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDi
It seems that outside of the FRS / replication issues, using DFS would
be a good way of virtualizing the storage location of the profiles. If
you used a DFS root to designate your storage location and you needed to
migrate/replace this location, you could update the DFS root without
having to modi
I'll second Nick's comment to test
your implementation in a lab setup first before doing it live. There are
some subtle (and not so subtle) things that you can do to hose your production
setup. The first lab run we did hosed our lab but we learned. That's
what labs are for
Diane
F
Gee... you give them remote
access to the company via the internet from anywhere and their complaining about
having to hit cancel? I would tell them to get over it...
:-)
Actually with my client, I can just type in my password in the
ctrl-alt-del login box and just ignore the VPN client
I'm running v 4.0.3(D) of Cisco VPN
client and it is configured as Jeff describes below (logon to VPN before laptop
logon). I had my domain password "expire" and IIRC, I was
able to change my password at my usual ctrl-alt-del logon after I had done my
VPN login.
This was after a few a
SWAG but we've run into issues with
the thumbs.db file being corrupted. thumbs.db (hidden system) is created
when you do the thumbnails view. Try deleting that and see if it
helps.
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Michael
WassellSent: Tuesday, May 1
Don't even get me started on PERC raid
controllers... I'll share my stories after a few "adult
beverages"...
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brent
WestmorelandSent: Tuesday, May 18, 2004 4:02 AMTo:
[EMAIL PROTECTED]Subject: Re: [ActiveDir] Mixed net
We wrote a basic one that allows users
to dump DL memberships to a spreadsheet w some of the attributes.
Basically it was for the clerical folks that create phone lists for depts. and
floors. I don't know if we can share. Also It's hard coded to
our domains and OUs
Diane
From: [EMAIL
Unplug a DC before it
replicates
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Grantham,
CaronSent: Monday, May 03, 2004 10:05 AMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] HELP I just deleted
an OU
How can I
get the OU with all objectes restored
immediately
Title: Message
Have you read the Branch Office
guides?
http://www.microsoft.com/windows2000/techinfo/planning/activedirectory/branchoffice/default.asp for
Windows 2000
http://www.microsoft.com/downloads/details.aspx?FamilyID=9353a4f6-a8a8-40bb-9fa7-3a95c9540112&DisplayLang=en for
Window
Also, just as an FYI, If you're on XP, you can use the
Win2K3version ADUC which allows you to build a query in the GUI itself for all
accounts that are configured as you described. It will work aganst both
Win2K and Win2K3 domains.
Diane
-Original Message-From:
[EMAIL PROTEC
Title: Message
Yes. FRS today would trigger the
replication of the entire file with a change to that file. There are also
issues with open files. You coulod configure a less frequent replication
schedule but...
Diane
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Chri
We looked at a DFS / FRS combo and quickly rejected it based on the
problems with FRS. For data replication, FRS is a PoS (to be brutally
honest). MS needs to start from scrtach on that one. Any efficient
data replication scheme would utilize a block level or some other low
level replicat
Crap. Our bad too. sorry guys...
Diane
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, March 11, 2004 7:00 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] [MailServer Notification]To Recipient file blocking
settings matched
For us, our user management is centralized so the user objects were placed
in a single OU broken into sub OUs by type (users, administrators, service,
restricted). Computer support is more decentralized so we have computer
objects in geographic based OUs with sub OUs by function (servers,
workstat
___
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ayers, Diane
Sent: Wednesday, February 18, 2004 11:18 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Site Configurations and SMS2003
All:
I know that this is somewhat off topic
location to location
links and that would move you towards defining a location to be in a separate
site.
Just my $.02. Coming
out of lurking mode. Great list. Thanks for being here.
John McGlinchey, MCSA, MCSE,
CCNA
Bristol-Myers Squibb
Company
__________
> All:
>
> I know that this is somewhat off topic (SMS) but I had a recent
> conversation with some folks in regards to AD and SMS 2003. We are looking
> at possibly deploying SMS 2003 and looking at some deployment scenarios.
> Anyway the conversation turn to the AD sites and what is the best
> c
You have any pointers to info the
"proof of concept"? I'm not interested in code but would like to look at
the info and we may want to pull the trigger at our organization. We're
working the rollout for 007 but may want to deploy quicker than
we currently have mapped out.
Diane
From:
vs
I hope you didn't mean that as arrogantly as it sounds. :) But I do
agree it's a little to much for me sometimes too.
So tell me what lists do you consider the best ones for Exchange?
Thanks,
Julie
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Ditto
I dropped all the sunbelt lists due to the high signal-to-noise ratio
Diane
-Original Message-
From: Martin Tuip [mailto:[EMAIL PROTECTED]
Sent: Monday, February 09, 2004 1:28 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Other Listsrvs
Personally I'm not too fond of the Sun
No wonder I could never make that DLL
work. I pretty much use the find function exclusively. I
too ass-umed it was me...
Diane
From: deji Agba [mailto:[EMAIL PROTECTED]
Sent: Monday, February 09, 2004 7:21 AMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Where did
"Additional Acct
But they wouldn't be able to shift to
a new paradigm...
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Creamer,
MarkSent: Thursday, January 29, 2004 6:05 AMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] I: Quest to
aquire Aelita
Wouldn’t it be
refreshing just once to rea
Title: Message
Following this thread, a related
question (taking it even more OT) comes up. Often in email discovery
cases, we use ExMerge to suck the dumpster off a server to look at what's
there. Would DumpsterAlwaysOn on the host that ExMerge is run from have an
effect on what data is r
re how you modified the "Search for People" form?
-Original Message-
From: Ayers, Diane [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 11, 2003 1:27 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Search for phone numbers
We simply modified the form for address book
We simply modified the form for address book searches to include phone
number. Individuals can now search one phone numbers for those mail
enabled objects in AD. For us that meet the requirements 99% of the
time.
Diane
-Original Message-
From: Douglas M. Long [mailto:[EMAIL PROTECTED]
't set up a large ring like you
had within a single site.
joe
_____
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ayers, Diane Sent: Monday, November 17, 2003 6:04
PM To: [EMAIL PROTECTED]
Greetings
In an effort to localize our authentication
site with the same frequency that they are propagated within the
source site, including changes that warrant urgent replication.
From: Ayers, Diane Sent: Monday,
November 17, 2003 5:02 PMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Inter-site
Urgent replication
We are at
anding (haven't tried it
myself) is that urgent intersite replication observes the intersite replication
schedule. You can work around this by enabling intersite notifications, but then
that effectively circumvents any replication schedule.
That's my understanding anyway.
-gil
-
Breaking the DB, logs and SysVol into
separate logical partitions on the same physical spindles doesn't buy
you much. Your still sharing the same spindles, head and I/O amongst
the three logical partitions. I'd just create a D: volume and be done with
it but that's just my opinion.
Diane
Title: Message
If you want a GUI, I recommend "Security Explorer" from Small
Wonders. I've found it to be very useful at times
Diane
http://www.smallwonders.com/SecurityExplorer.htm
-Original Message-From: Abbiss, Mark
[mailto:[EMAIL PROTECTED]Sent: Wednesday, September 17, 2
Title: Message
We use a type of ACL for our Bind stuff. Only our DCs have the
"rights" to do dynamic updates to our AD zone on the bind server.
Other hosts are updated in DNS via the DHCP server (Cisco) or other
processes. The access rights are based on the source IP address. Not
100% se
There's a MMS (MIIS) email group on Yahoo Groups. Some of the Microsoft MMS/MIIS
folks monitor the group and participate on occasion. I'm sure they'll be glad to give
you an earful :-)
http://groups.yahoo.com/group/MMSUG/
Diane
-Original Message-
From: Wilson, Julie [mailto:[EMAIL PR
Title: Message
Plus the fact if you have physical access to the box, it's trivial to
become an admin if you really really want to get access. Not that
Interactive is a Good Thing® (we are working to remove the need to have
it).
-Original Message-From: Malcolm Reitz
[mailto:[EMA
start up script GPO option that executes a
simple net localgroup command; it will work fine because that script
executes as local system. The restricted groups GPO option will
definitely overwrite though.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ayers
IIRC, the GPO method will over-write the existing membership rather than add the
desired member(s).
Diane
-Original Message-
From: Kevin Miller [mailto:[EMAIL PROTECTED]
Sent: Tuesday, July 29, 2003 10:21 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Local Admin
you can do that wit
Title: Message
I couldn't help but laugh reading this. How true. In our
internal documentation, we discribe this setting and that they need to change
when setting up computer accounts. We even have a huge screenshot with red
circles and big arrows highlighting the point. I still get calls
Title: Message
I stil prefer the upgraded version, bIg stIck®
Diane
-Original Message-From: Myrick, Todd (NIH/CIT)
[mailto:[EMAIL PROTECTED]Sent: Tuesday, July 08, 2003 7:37
AMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir] AD, Logon times & Custom messages
I
ordered 1
Jan:
I was browsing the Win2K tools page and saw this. Not sure if you've seen these or
not.
Windows Server 2003 Domain Rename Tools
http://www.microsoft.com/windowsserver2003/downloads/domainrename.mspx
Diane
-Original Message-
From: Jan Wilson [mailto:[EMAIL PROTECTED]
Sent: Tuesda
1 - 100 of 198 matches
Mail list logo