RE: [ActiveDir] OT: Hello?

I've seen a few today, but the list has been quite slow for the last week or so. Come on guys, the holidays are the time to actually get stuff done :-) From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of WATSON, BEN Sent: Thursday, January 04, 2007

RE: [ActiveDir] OT: Possessed PCs

I agree. I'm also curious about the security side of this. Are the transmissions encrypted? Apparently not very well if one mouse affects another's pc. Just open notepad on an affected PC and you have a poor man's keylogger. From: [EMAIL PROTECTED] [mailto:

RE: RE: [ActiveDir] Split pagefile

This is Mark Russinovich's presentation from Tech Ed. http://www.microsoft.com/events/EventDetails.aspx?CMTYSvcSource=MSCOMMed ia&Params=%7eCMTYDataSvcParams%5e%7earg+Name%3d%22ID%22+Value%3d%2210322 98076%22%2f%5e%7earg+Name%3d%22ProviderID%22+Value%3d%22A6B43178-497C-42 25-BA42-DF595171F04C%22%2

RE: [ActiveDir] OT: wikis

From: http://www.jimloy.com/algebra/two.htm a = x[true for some a's and x's] a+a = a+x [add a to both sides] 2a = a+x [a+a = 2a] 2a-2x = a+x-2x [subtract 2x from both sides] 2(a-x) = a+x-2x [2a-2x = 2(a-x)] 2(a-x) = a-x [x-2x = -x]

RE: [ActiveDir] RealVNC removal

It’s been a while since I’ve played with VNC, but as I recall, there’s really 3 parts to it: 1 service, 1 registry hive, and 1 folder.  So, something like this should work:   sc stop VNC sc delete VNC reg delete HKLM\Software\VNC /f rd /s/q C:\Progra~1\VNC   I’m sure the paths and se

RE: [ActiveDir]SUBDOMAIN AND LDAP

"I agree that a vendor should have a minimum qualification to meet to be able to call it AD Integrated. " Aye, something like the wildly successful XP Logo program that ensures all the apps we use are written well and don't need administrative rights to run.

RE: [ActiveDir] OT: Protecting against Spyware/Adware

;we" the buying public do not care. As long as we don't care they can continued to code exactly the way they are now. When Vista arrives the problem will only get worse. "We" as the buying public need to let the vendors know that this is no longer acceptable. Crawford, Sc

RE: [ActiveDir] OT: Protecting against Spyware/Adware

asically said that if you don't run it as admin then you don't get support. Steve -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: 15 September 2006 21:33 To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] OT: Protec

RE: [ActiveDir] OT: Protecting against Spyware/Adware

There was a message (can't remember if it was this listserv or antoher) where the poster gave a link to a list of programs that needed local admin to run properly. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Crawford, Scott Sent: Friday, September 15,

RE: [ActiveDir] OT: Protecting against Spyware/Adware

I'm sure there are apps that are written exceptionally stupidly, requiring admin, but I've yet to run across one. I've had lots of our guys tell me something HAS to have admin to run, but I've yet to run across one that really does. I suggest you read this article: http://www.microsoft.com/techn

RE: [ActiveDir] OT: Protecting against Spyware/Adware

dware Nope. Crawford, Scott wrote: > Nobody runs as a local administrator. We have zero issues with spyware. Coincidence? > > > > From: [EMAIL PROTECTED] on behalf of Chris Pohlschneider > Sent: Thu 9/14/2006 9:44 AM > To: ActiveDir@ma

RE: [ActiveDir] OT: Protecting against Spyware/Adware

: [ActiveDir] OT: Protecting against Spyware/Adware   Are all of your users in power user group or user group of their workstation?   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Thursday, September 14, 2006 11:33 AM To: ActiveDir@mail.activedir.org

RE: [ActiveDir] OT: Protecting against Spyware/Adware

Nobody runs as a local administrator. We have zero issues with spyware. Coincidence? From: [EMAIL PROTECTED] on behalf of Chris Pohlschneider Sent: Thu 9/14/2006 9:44 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT: Protecting against Spyware/Adware

RE: [ActiveDir] Seperate Administrator password policy

Ø  of plans to allow setting password policies at the OU level   What would be the direction they’d go to implement this?  Since the setting is in the computer section of the GPO, it seems to offer all the functionality one should expect.  And in fact, it is applicable at the OU level

RE: [ActiveDir] Granting Exchange Mailbox Access

The perm you’re looking for is Receive As on the Mailbox store.  The problem is that delegating Exchange Full Administrator adds an explicit Deny ACE to CN=First Organization,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=domain,DC=com for Receive As and that gets replicated all the

RE: [ActiveDir] Read-Only Domain Controller and Server Core

sister's name is Cindy ;-) From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Saturday, July 29, 2006 8:42 PM To: ActiveDir@mail.activedir.org; ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Read-Only Domain Controller and Server Core Well, sinc

RE: [ActiveDir] Read-Only Domain Controller and Server Core

Well, since you offeredI'll take a large pan pepperoni and mushroom. From: [EMAIL PROTECTED] on behalf of Eric FleischmanSent: Sat 7/29/2006 11:22 AMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Read-Only Domain Controller and Server Core I want to make one other thing clear….

RE: [ActiveDir] Deny Read Permissions to Group Policy

Why not just create a sub OU and put the 55 people in there? To deny rights to apply, you need to be on the Delegation tab and click on Advanced. Add a group and deny them the right to Apply Group Policy. Deny permissions tend to make things difficult to understand, so I think a better option wou

RE: [ActiveDir] OT: Overriding local computer logon scripts - anyway to do it?

You can get an explorer window using runas several ways, but by far the easiest is: Runas /user:administrator "explorer /separate" -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dave Wade Sent: Thursday, May 18, 2006 3:44 AM To: ActiveDir@mail.activedir.

RE: [ActiveDir] OT: Overriding local computer logon scripts - anyway to do it?

"what is stopping some server admins to put in some logon scripts that adds a certain account as enterprise admin (boobietrap)." The same thing that prevents them from installing a keylogger or modifying any code on the system to do their nefarious deeds when a high level account runs them - a

RE: [ActiveDir] User Accounts

"Never take me to serious" Seriously? :) (Great thread by the way) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ulf B. Simon-Weidner Sent: Monday, April 17, 2006 6:06 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] User Accounts Hi Bret

RE: [ActiveDir] Allowing users to manage security groups

AND…lets try that once more with a working link… http://www.evangel.edu/personal/crawfords/web/ManageGroups.zip     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Friday, April 07, 2006 2:14 PM To: ActiveDir@mail.activedir.org Subject: RE

RE: [ActiveDir] Allowing users to manage security groups

commented.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Friday, April 07, 2006 1:46 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Allowing users to manage security groups   I’ve got an asp.net app that does this.  Its really not

RE: [ActiveDir] Allowing users to manage security groups

I’ve got an asp.net app that does this.  Its really not meant for general consumption, but you’re welcome to it if you’d like to tweak it.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lucas, Bryan Sent: Friday, April 07, 2006 1:33 PM To: ActiveDir@mail.activedi

RE: [ActiveDir] OT: Hacking up QB to run under user rights (the official Intuit answer)

AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] OT: Hacking up QB to run under user rights (the official Intuit answer) www.threatcode.com "WE" push them. That's how it gets done. Crawford, Scott wrote: >That is awesome. Now why can't all vendors do that? If t

RE: [ActiveDir] OT: Hacking up QB to run under user rights (the official Intuit answer)

That is awesome. Now why can't all vendors do that? If they're gonna write insecure apps, at least tell us how to minimize the risks. What's the point in every customer figuring it out for themselves? That's a lot more total time spent than if they'd just do it once. What would be even better

RE: [ActiveDir] Folder redirection exceptions?

I haven't tried to do this with My Pictures, but redirecting My Music required changing both of these keys: My Music under HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders CDRecordPath under HKCU\Software\Microsoft\MediaPlayer\Preferences Apparantly Media Player (versi

RE: [ActiveDir] Setting up Home Folder Gives User Full Access

I'm a pretty big fan of FileACL as well. http://www.gbordier.com/gbtools/fileacl.htm. The syntax is MUCH easier to deal with IMHO, but SetACL is definitely more flexible, allowing you to set perms on a wide range of objects: files and directories, registry keys, printers, services, network shares.

RE: [ActiveDir] (off topi) Sound problem

I got all the way to fixTheBloominSound before I woke up from my “Wow, I had no idea how OO the whole OS is.” stupor.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Monday, February 20, 2006 6:05 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveD

RE: [ActiveDir] OT: Any Programming courses for Systems Administrators?

I’m getting the same thing with Derek’s emails in Outlook.  When I view my mailbox in Outlook Web Access, I can see that they have a smime.p7m attachment.  I can download and view the attachment as text however.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kren

RE: [ActiveDir] Script to change owner?

EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Wednesday, February 01, 2006 6:48 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Script to change owner? Thanks for the suggestion, but I looked at dsacls originally.  The WO permission allows someone the ability

RE: [ActiveDir] Script to change owner?

microsoft.com/downloads   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Wednesday, February 01, 2006 5:46 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Script to change owner? Is there anyway in script (preferred) or through the GUI to change the

RE: [ActiveDir] Script to change owner?

D] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Wednesday, February 01, 2006 3:46 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Script to change owner? Is there anyway in script (preferred) or through the GUI to change the owner of an object?  I realize I can seize ownersh

[ActiveDir] Script to change owner?

Is there anyway in script (preferred) or through the GUI to change the owner of an object?  I realize I can seize ownership in ADUC, but I’d like to be able to assign ownership to a 3rd party.  If need be, I can login as that 3rd party to seize ownership, but I’d like to be able to do it on

RE: [ActiveDir] OT - Deployment of Office SP2

Its worked fine for us. Installs silently, just like any other thing with WSUS. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Shaff Sent: Tuesday, January 24, 2006 12:59 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] OT - Deployment of O

[ActiveDir] FW: Stopping accidental folder moves by users

Title: Re: Stopping accidental folder moves by users This topic was mentioned a few months ago.  I just got this from another list.  Seems like a pretty cool idea to me. From: Windows NT/2000 Discussion List on behalf of Scott BrooksSent: Mon 1/23/2006 7:55 AMTo: [EMAIL PROTECTED]Subjec

RE: [ActiveDir] AD computer accounts being removed

I don’t have any suggestions for why its happening or how to prevent it, but I do have a tip for speeding up the rejoin process.  I’ve never had a problem ignoring the reboot prompt after you remove it from the domain.  So basically, I just add it to a workgroup, ignore the reboot prompt, a

RE: [ActiveDir] ADUC updates - Was Expired Accounts

I'd like the ability to customize the display pane differently for each node in the tree. For example, specifying different widths for the same column in different nodes and choosing different sets of columns to display for different nodes in the tree. For instance if I had an OU of users and one

RE: [ActiveDir] ZeroDay-WMF

This has been discussed on Jespers blog, but the main problem is that blocking wmf files doesn't mitigate the risk because simply renaming a file to .jpg or .gif will still cause it to be parsed by the same .dll which will treat it as the file type it really is. -Original Message- From:

RE: [ActiveDir] password changer

RE: "...have all GUI tools output MONAD output for every operation..." Whats the current 'feel' for the likelihood of this happening? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Wednesday, December 21, 2005 1:51 PM To: ActiveDir@mail.actived

RE: [ActiveDir] remove logon script?

This is a fairly old and ugly vbs script, and it only works for one OU in the domain, but it should get the job done.  You’ll need to modify strPathToContainer and strDomain.   Option Explicit Dim strPathToContainer, strDomain Dim oUser, oUserContainer   strPathToContainer = "OU=Stude

RE: [ActiveDir] OT: QuickBooks 2005 permissions

es admin /power user rights. Crawford, Scott wrote: > Actually, it was just pointed out to me that I copied and pasted > correctly, but when I was applying the perm to > HKLM\Software\Classes\CLSID\{E53C85D6-E6D9-4BCF-A632-72062A99AA7F}, that > key didn't exist and I instead applie

RE: [ActiveDir] OT: QuickBooks 2005 permissions

orks I'll update the instructions http://www.sbslinks.com/lua2.htm Crawford, Scott wrote: > A few weeks ago, there was some mention of the required permissions to > run Quickbooks as a non-admin user. According to this site: > http://www.quickbooksgroup.com/webx/[EMAIL PROTECTED]@ the

[ActiveDir] OT: QuickBooks 2005 permissions

A few weeks ago, there was some mention of the required permissions to run Quickbooks as a non-admin user. According to this site: http://www.quickbooksgroup.com/webx/[EMAIL PROTECTED]@ the perms needed are Users:W to the following locations: HKLM\Software\Intuit HKLM\Software\Classes\QuickBooks.

RE: [ActiveDir] Authenticated drive mapping via .vbs

to getting a syntax error on the comma or space after the username.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Thursday, October 13, 2005 11:49 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Authenticated drive mapping via .vbs

RE: [ActiveDir] WOL

Here’s one of many links from googling for “magic packet” wol   http://ahh.sourceforge.net/wol/wol.html     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of DeStefano, Dan Sent: Tuesday, October 11, 2005 4:49 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir

RE: [ActiveDir] Modifying Domain Admins & Administrators Group

Care to elaborate on what you mean by defeated? Are you suggesting that gpo's can be overridden by a local user w/o admin rights? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Thursday, October 06, 2005 7:28 PM To: ActiveDir@mail.activedir.or

RE: [ActiveDir] Exchange Backup

We’ve used a Firmtek enclosure and controller card for about 7 months now and I absolutely love it.  It has hotswappable trays so instead of the magazine of tapes we used to swap daily, I now just swap out a drive.  This is the kit I bought:   http://store.yahoo.com/firmtek/sata1sen2.html

RE: [ActiveDir] OT: Exchange alternate email address

Anybody care to explain why this needs to be set? I realize it does, but I just don’t understand what function it serves in preventing the event log errors.  Also, why can’t it be set on a non-disabled accout?   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Se

RE: [ActiveDir] Admin rights shouldn't be required (was AD Question for your peers-GPO)

Nice links Susan. Apps misbehaving like this has been my biggest pet peeve for years now. I've tweaked more than my fair share of apps and I've been fortunate enough to never hit one that I can't make work with filemon/regmon. However, some of my guys are telling me they can't make Quicken wo

RE: [ActiveDir] Export Folder Members

Are you looking for something more than cacls? "Cacls C:\" will show you everyone on its permission tab. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Monday, September 12, 2005 1:01 PM To: ActiveDir@mail.activedir.org Subject: [Ac

RE: [ActiveDir] Startup script error

You can use: echo f|xcopy \\mfgpro2\uschrcl$\client\services... That's the same as pressing f at the prompt. Though, I'm curious why it would be prompting you all of a sudden. Are you sure you don't have a folder called services on your share that it's now trying to copy? -Original Message-

RE: [ActiveDir] Connecting to IIS

The link just worked for me. It has some wrapping though. Try this -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Za Vue Sent: Friday, Septe

RE: [ActiveDir] Folder Options adm file

What settings are you looking to manage?  I have an .ADM at www.scottes.com/udrive.htm that expands the functionality of Folder Redirection.  If you’re looking at managing options such as default view and showing hidden files etc, I’d be interested in seeing the .ADM file you found.  

RE: [ActiveDir] DC authentication

Setprfdc from NT4 allows you to specify a DC to use, but if you're actually looking for what you're asking for, the other answers posted are what you're looking for. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christine Allen Sent: Wednesday, August 31

RE: [ActiveDir] Rename User Accounts

When I rename accounts here, I change FirstName, LastName, FullName, EmailAddress, mailNickName, samAccountName, userPrincipalName and clear the values for proxyaddresses and legacyExchangeDN and simply let them be regenerated. joe's[1] stated several times not to change the legacyExchangeDN becau

RE: [ActiveDir] GPO on XP & 2000 Pro

Here is such a script. Just unrem the correct strOS line that you're working with and set strSource and strDestination to the correct values for your environment. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Coleman, Hunter Sent: Wednesday, August 24,

RE: [ActiveDir] OT: ISA FW Client

Basically, you just need to delete the shortcut from the StartUp Start Menu folder. If you're deploying the client using group policy, you can use the .MST file at www.scottes.com/MS_FWC.zip -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Visser Sen

RE: [ActiveDir] GPO with Computer Accounts?

You are correct. The best you can do is setting the filter to apply only to W2K, which only XP will process and therefore ignore. The W2K machines won't see the filter, but it'll be ok since they're the ones you want to run it anyways. Of course, this would imply creating an 'inverse' GPO of s

[ActiveDir] Anal retentivity

I like to have our computer names in all caps, so naturally I create them upper case and instruct our machine builders to do the same. The problem is that they're just not that attentive - I guess RIS has bred laziness (Its SO much easier now). Is there anyway, I can go back and update AD, changi

[ActiveDir] Effectively Disable Accounts

I've written a script that we use instead of disabling accounts when people leave. It prevents the account from being used, but also eliminates some errors we had with Exchange when we had a bunch of mailboxes tied to disabled accounts. Here it is, if anyone's interested. Thoughts? '

RE: [ActiveDir] Biggest AD Gripes

the domain from that machine. Yes? Rick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Tuesday, August 02, 2005 2:10 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Biggest AD Gripes > o I dislike the fact tha

RE: [ActiveDir] Biggest AD Gripes

> o I dislike the fact that pw policies aren't OU specific (I'm sure I'm > the ONLY one ) Actually they are OU specific in that the machines in the various OUs will require accounts that they authenticate to follow their password policy. Seems to me the issue is that they're applied a machine rat

[ActiveDir] Documentation with video

There was at least one thread lately about documenting the environment. I've just found that Windows Media Encoder (free download) is superb for this. http://www.microsoft.com/windows/windowsmedia/9series/encoder/default.as px It gives you the option on startup to capture video from the screen. I

RE: [ActiveDir] OT: Ghost Imaging HP Proliant Servers..

I can't say that I've ever actually tried, but I've always wondered how Ghost could NOT support hardware RAID. How would Ghost even know? The controller should handle all the translation. It seems to me that saying Ghost doesn't support RAID is analogous to saying Ghost doesn't support hard driv

RE: [ActiveDir] Logon script with Admin rights

If you use a startup script, it will run as local system and be able to fully install. If, however, it NEEDS to be run as a user, this won't work. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Harding, Devon Sent: Tuesday, July 19, 2005 8:10 AM To: Acti

RE: [ActiveDir] Remote Desktop vs. Remote assistance

Well, isn't that convenient? Thanks much, I've been wondering that for months now. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alexander Suhovey Sent: Thursday, July 14, 2005 3:19 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Remote Des

RE: [ActiveDir] Do you make your users local admins on their PCs?

Not that I have anything to add, but you wanted a consensus, so I’ll whole heartedly vote for everything Dan’s said.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan DeStefano Sent: Thursday, June 30, 2005 8:02 AM To: ActiveDir@mail.activedir.org Subject: RE: [

RE: [ActiveDir] OT: Outlook Web Access & Split DNS

ogon returns with the external domain name appended to the username makes me think this is a DNS issue, but I'm pretty new to Exchange so that's just my shot in the dark. Any other suggestions on where to look? Thanks! --Dave -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAI

RE: [ActiveDir] OT: Outlook Web Access & Split DNS

Well, you can, and it will work for a while, but Exchange will reset it to whatever is set in Exchange Enterprise Manager. You can change it by browsing to Organization/Administrative Group/Servers/Server/Protocols/HTTP/Exchange Virtual Server/Exchange, right click Exchange, Properties, Access tab

RE: [ActiveDir] Open Another User's Registry File

Yup.  In Regedit, highlight the HKU tree and click file, load hive.  Browse to the ntuser.dat file, open it and give it a name, ie TempReg.  You can then edit that hive in regedit just as you would the normal HKCU hive.  When you’re done, highlight the root of the tree – TempReg – and click

RE: [ActiveDir] FYI---WSUS released, Exchange 2003 SP2 coming

coming Do you know if the Storage Group limit is based on the edb file or both the edb file and the stm file? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Tuesday, June 07, 2005 2:08 PM To: ActiveDir@mail.activedir.org Subject: RE

RE: [ActiveDir] FYI---WSUS released, Exchange 2003 SP2 coming

f getting larger stores. But now, less than a month after the check cleared, we find out that Exchange Standard with support up to 75GB. -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 07, 2005 12:14 PM To: Crawford, Scott Subject: RE: FYI---WSUS re

RE: [ActiveDir] FYI---WSUS released, Exchange 2003 SP2 coming

- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 07, 2005 12:14 PM To: Crawford, Scott Subject: RE: FYI---WSUS released, Exchange 2003 SP2 coming Scott, What is this that you are saying that Enterprise Exchange only supports 75 GB? Justin A. Salandra MCSE Windows 2000

RE: [ActiveDir] FYI---WSUS released, Exchange 2003 SP2 coming

Title: Re: [ActiveDir] Background Intelligent Transfer Service (BITS) se rvice doesn't start Thanks for the info.  Pretty excited about WSUS.  Not too thrilled that I just upgraded our Exchange servers to enterprise solely for the increased store size only to find out that 75GB is supported

RE: [ActiveDir] multiple email addresses

I may be missing something, but if I understand you correctly, you can simply open a users properties in ADUC, click on the email Addresses tab and add a new smtp address.   I personally like to use distribution lists for this though.  For instance here, this usually comes up when people

RE: [ActiveDir] Restricted Groups GPO

"domain" replacment info from? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Tuesday, May 17, 2005 10:16 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Restricted Groups GPO Instead of using the name adminis

RE: [ActiveDir] Restricted Groups GPO

Instead of using the name administrators, use the well-known SID. S-1-5-32-544 for Administrators. There's a list of other SIDS that should be the same on all boxes, regardless of language, here. http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/e n-us/Default.asp?url=/resour

RE: [ActiveDir] Computer Configuration GP applying to W2K but not WinXP

I run the following reg file on all our images with the same effect.  I'm not real clear why MS changed the default.  It seems to me that it has the potential of circumventing system security.  If I've set something in GP, I want it applied before any user can use the system.   Windows Re

RE: [ActiveDir] Shutdown script not working.

If you're just trying to schedule something to run from the command line, you can use schtasks.exe and specify alternate credentials using the /RU switch. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose Sent: Tuesday, May 10, 2005 12:13 PM T

RE: [ActiveDir] Group ManageBy 'feature' in SP1 does not work?

I've used it fairly extensively exactly as you've described. It's all worked splendidly. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, May 09, 2005 12:40 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Group Mana

RE: [ActiveDir] Group Policy Not working

I would think you could use a batch file with only "cscript scriptname.vbs" -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Charlie Kaiser Sent: Friday, April 29, 2005 9:39 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Group Policy Not worki

RE: [ActiveDir] More than 1 user having 'managed by' for a group?

Yup. It simply adds an ACE for the group with the Write Members permission for just that object. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Fugleberg, David A Sent: Wednesday, April 27, 2005 4:45 PM To: ActiveDir@mail.activedir.org Subject: RE: [Acti

RE: [ActiveDir] More than 1 user having 'managed by' for a group?

tt, thanks for that info, I wasn't aware of that. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Tuesday, April 26, 2005 7:49 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] More than 1 user having 'managed by&#

RE: [ActiveDir] More than 1 user having 'managed by' for a group?

In the W2K3 SP1 version of dsa.msc, you can specify a group in the Managed By tab. You'll need to select Groups under Object Types when searching for the name though. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, April 2

RE: [ActiveDir] Group policy management console

On a related note, pressing at-PrtScn will copy the current window only - in this case, the error message. Makes for much smaller screen captures. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tomasz Onyszko Sent: Wednesday, April 13, 2005 10:19 AM To:

RE: [ActiveDir] SLOWWWWWW Logons

[ActiveDir] SLOWW Logons 309 KB, that is KB -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Crawford, Scott Sent: Friday, April 08, 2005 5:23 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] SLOWW Logons How much data is in the redirect

RE: [ActiveDir] SLOWWWWWW Logons

How much data is in the redirected folders? We've seen slower logins with large amounts of redirected data. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Salandra, Justin A. Sent: Friday, April 08, 2005 4:18 PM To: ActiveDir@mail.activedir.org Subject: R

RE: [ActiveDir] AD logging

I can't help much, but to say I've seen a similar situation. In my case, I had several group objects that I modified security on. After some time, say a few hours or so, the permissions would revert back to the default. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]

RE: [ActiveDir] startup scripts not running

I would say that the computer’s account doesn’t have access to the .exe.   Where is the .exe located?  If its in the GPO’s script folder, it should have inherited the Authenticated Users permission by default.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Creame

RE: [ActiveDir] GPO question

Yup, just set the below key to enabled and then any settings you put in the User Configuration part of that GPO will be applied to any user logging into any computer assigned that GPO. Computer Configuration\Administrative Templates\System\Group Policy\User Group Policy loopback processing mode

RE: [ActiveDir] Account Name Change

We also delete the exchangeLegacyDN value as well so that it gets regenerated with the current username.  This has the downside of people not being able to reply to old emails from the person, but I think it makes more sense that they can’t reply to the old name.  Also, I create a distribut

RE: [ActiveDir] POST RIS Install Questions

: [ActiveDir] POST RIS Install Questions It is not exactly what I was looking for but it is definitly close enough. Thanks, Edwin -- Original Message -- From: "Crawford, Scott" <[EMAIL PROTECTED]> Reply-To: ActiveDir@mail.activedir.org Date: Thu

RE: [ActiveDir] POST RIS Install Questions

If I understand you correctly, you'd like to add a script to your RIS image that runs after RIS, but takes input from the text mode setup of RIS. You should be able to add a field to one of the OSC files and use that variable in the GUIRunOnce (e.g. "C:\script.bat %newOSCVariable%") section of you

RE: [ActiveDir] GPO Software Deployment

I believe 9.0.0.338 is the first version of SAV that supports GPO deployment.  I haven’t seen a transform creator per se, but the Symantec System Center allows you to configure most options.  These settings are stored in GRC.dat on \\ParentServer\VPHOME\CLT-INST\WIN32 along with the MSI ne

RE: [ActiveDir] Using GPO to install an MSI package

have a designation such as "Microsoft Security Partner", which folks involved in purchasing solutions could point out as a key requirement in any future solutions.   Jeff   From: Crawford, Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 15, 2005 1:29 PM To:

RE: [ActiveDir] Using GPO to install an MSI package

sure way to keep security problems out of their way during testing so they can concentrate on code quality.  But then no one pays attention to security until implementation, and...you know the rest. -Original Message----- From: Crawford, Scott [mailto:[EMAIL PROTECTED] Sent: Tuesday, Feb

RE: [ActiveDir] Using GPO to install an MSI package

Envision my utopia – all apps, in order to get a “Designed for XP” logo need to meet some requirements: Come with an MSI installer or have one that’s easily extractable from an EXE. Come with an .ADM file for configuring options Run under a non-privileged user account.

RE: [ActiveDir] Using GPO to install an MSI package

I’ll stay off my soap box of how frustrating it is that developers don’t code properly for NT – They’ve only had 10 years – and just let you know that I feel your pain.   On the plus side, I’ve very rarely come up against an app I couldn’t get to run as a regular user by fixing file or re

RE: [ActiveDir] RIS Unattended (Was: Automate Computer Name Changes)

I’d be interested in the customizations you’re unable to make using RIS.   From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dan DeStefano Sent: Monday, February 14, 2005 3:23 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Automate Computer Name Changes

  1   2   >