is a sub domain name
OP will display them as MyCompany and MyCompany dropping off the extension.
It's not really a big issue since in my case the .NET domain is an empty root,
and really has no reason to be managing objects in there, but just an oddity.
Jef
- Original Message ---
curious if the new Network Monitor v3 has this same
issue.
Or..it's just an issue with me, as I haven't figured it out
Thanks,
Jef
- Original Message -
From:
Derek Harris
To: ActiveDir@mail.activedir.org
Sent: Monday, October 02, 2006 3:26
PM
S
, but just in case, do
not try it.
Jef
- Original Message -
From: "Brian Desmond" <[EMAIL PROTECTED]>
To:
Sent: Sunday, October 01, 2006 3:25 PM
Subject: RE: [ActiveDir] Update Server BIOS remotely.
No, good luck with that. Buy name brand servers with real tools next
t
d
how/why this was done.
Thanks,
Jef
- Original Message -
From:
Al
Mulnick
To: ActiveDir@mail.activedir.org
Sent: Friday, September 29, 2006 9:47
AM
Subject: Re: [ActiveDir] ADAM bind
Redirection with a NULL password
Curious about your scenari
this and add it to
my ammo bucket for the future :)
Jef
- Original Message -
From: "Flight, L." <[EMAIL PROTECTED]>
To:
Sent: Friday, September 29, 2006 5:41 AM
Subject: RE: [ActiveDir] ADAM bind Redirection with a NULL password
Hi
This is not just an ADAM problem i
make this
work I would definitely classify it as a "Special circumstance". If I had
not had MIIS experience prior, I would have been overwhelmed with trying to
implement that solution, so I can see how it is not something you would want
to implement casually.
Thanks again,
Jef
modules for JAVA
systems which I think might fit the bill.
OUr entire unix platform group is integrated into AD with Quest's VAS
product, and surprisingly, they LOVE AD. :)
Thanks for the insight,
Jef
- Original Message -
From: "Joe Kaplan" <[EMAIL PROTECTED]>
To:
Se
The issue will be, that it will require a 3rd party middleware to
make work, which I am not sure they will be thrilled about.
Thanks for the thoughts on this. Glad to know I'm not the only one
struggling with bad apps! ;)
Jef
- Original Message -
From: "Tony Murray&quo
Joe,
FCB works with simple binds, and BR ONLY works with simple binds, so I
suppose it's possible.
I've never coded to try however, but I could check it out.
Jef
- Original Message -
From: "Joe Kaplan" <[EMAIL PROTECTED]>
To:
Sent: Thursday, September 28,
s only smaller
developers. Many of the companies I've worked at, have had more than a
single domain, so I am surprised that so many "enterprise" apps assume a
single NC for authentication.
I can't solve the problems at the app level, but I try to solve it at the
centrali
of the
spec.
Besides the DCR, I think all you can do is validate on the application
side (but you already knew that).
Joe K.
- Original Message -
From: "Jef Kazimer" <[EMAIL PROTECTED]>
To:
Sent: Thursday, September 28, 2006 7:53 PM
Subject: [ActiveDir] ADAM bind
not been forced to solve by this method, which means it cane wait.
I could go into how it would be nice to have enterprise application minimum
standards, and application owners involve infrastructure staff BEFORE an app
is purchased, instead of after when it doesn't work, but I
ous if a bit flip to shut down this possibility could be put in
control of the directory Admin, instead of relying on the developers.
Thanks,
Jef Kazimer
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
ther out.
If you are dealing with MCS, I can get you the case # for a company
who attempted this, and had a disaster of a time resulting in 10 days of
downtime. In the end, they were left with a limping AD, so it would
have to be rebuilt because it was not sure the true state of this.
to an issue in the internal PAC
script, which was not directing the client correctly.
Jef
- Original Message -
From:
steve patrick
To: ActiveDir@mail.activedir.org
Sent: Tuesday, August 22, 2006 11:53
AM
Subject: Re: [ActiveDir] Secure LDAP
queries from the
It's .NET - Get it right! ;)
- Original Message -
From: "joe" <[EMAIL PROTECTED]>
To:
Sent: Friday, August 18, 2006 10:15 PM
Subject: RE: [ActiveDir] Single Space in LDAP query dropped: Why?
You NET programmers ;o)
--
O'Reilly Active Directory Third Edition -
http://www.joewar
Joe,
Yup, escaping the character worked like a charm.
Joe mentioned that the query appears to be trimmed, so that seems to be what
is happening.
Thanks,
Jef
- Original Message -
From: "Joe Kaplan" <[EMAIL PROTECTED]>
To:
Sent: Friday, August 18, 2006 8:3
blem, just a curiousity.
Thanks,
Jef
http://jeftek.spaces.live.com/blog/cns!F2042DC08607EF2!642.entry
LDAP queries are spaced out...
I was looking at a metaverse object in MIIS today noticed some admin had
set the mail attribute to a single SPACE ( ) character. The
Metaverse is store
erride the searching of appending the parent suffix of primary DNS suffix.
So if you just specify:
domain2.domain1.com
domain3.domain1.com
and not
domain1.com
it will not search domain1.com since it is not specified in the Suffix Search List.
So if you want to still search the pare
Suffix Search List.
So if you want to still search the parent
suffix, be sure to include it in the SSL.
Jef
- Original Message -
From:
Matheesha Weerasinghe
To: ActiveDir@mail.activedir.org
Sent: Monday, July 31, 2006 4:13 AM
Subject: Re: [ActiveDir] DNS suffix
and external from a DNS routing perspective, so we want to remove any possibly
assumption that they are the same thing.
Thanks,
Jef
- Original Message -
From:
[EMAIL PROTECTED]
To: ActiveDir@mail.activedir.org
Sent: Friday, July 21, 2006 4:19 AM
Subject: RE
The request to view attributes outside of the those
allowed with the standard ADUC display dll's seems to come up a lot. I am
surprised in the newer MMC and tools they did not come up with an SDK that is
more obtainable for the admins who are not programmers. I have never liked
the idea of
ectory&offset=1
There also seems to be a http://www.unityserver.com
Thanks,
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgDate: Thu, 25 May 2006 22:14:02 -0500Subject: [ActiveDir] UNITY SERVERS
Hi All,
Can any one tell me what is a unity server.I want to every detail of that
p all I don't know, and how it will affect my AD environment. I'm afraid the timelines are quite aggressive so I need to get moving.
Jef
-
http://www.jeftek.com
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] [OT] RAID 5 Best PracticeDate: Mon,
think. ;o)
TGIF.
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, May 19, 2006 2:36 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] OldCmp que
hmmm
How about -onlyenabled? :)
Ya know...just because...
> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> Subject: RE: [ActiveDir] OldCmp question> Date: Fri, 19 May 2006 11:41:21 -0400> > Disabled accounts are marked by having bit 1 list on userAccountControl> (valu
http://dictionary.reference.com/search?q=mucker
mucker
\Muck"er\, n. A term of reproach for a low or vulgar labor person. [Slang]
Let the Ragin' begin!
(Thought I could have sworn it was a lazy way to say "mofo" :) )
> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> Subjec
I think my company users Lotus Notes just because it doesn't integrate with anything so less headaches. :(
> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> Subject: RE: [ActiveDir] [OT] DNS on a DC or NOT> Date: Wed, 17 May 2006 15:32:15 -0400> > No I save up my D strength so I
standard primary zone, so it was not a viable option anyway. :(
I forget that auditiing applies to integrated zones, so I never think of utilizing it anyway.
thanks,
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: Re: [ActiveDir] DNS on a DC or NOTDate: Wed, 17 May
We have it on all of our DCs as well worldwide and have not seen an issue.
But a question about integrated zones. I had an issue recently where a system owner wanted to know if people were resolving an old CNAME for one of their systems. They wanted to remove it from the zone, but wanted to
John,
Just curious, was these option *ONLY* availiable in XP SP2? Any hope it exists in Windows Server 2003 SP1? :)
Thanks,
Jef
> From: [EMAIL PROTECTED]> Subject: RE: [ActiveDir] GPO> To: ActiveDir@mail.activedir.org> Date: Wed, 10 May 2006 08:49:21 -0500> > Hi
interface.
Sort of like a all in one package?
Jef
> Date: Mon, 8 May 2006 21:35:13 +0200> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> Subject: Re: [ActiveDir] AD Snapshot Tool (ADST) - how useful is it?> > Freddy HARTONO wrote:> > Is it useful at all?
do what you are asking or what is wrong with what you want changed. They have some bad apples of course, but in that case, the barrel is mostly good apples and you aren't trying to pick and choose who you deal with, you can take a random deal and almost always be ok.
joe
--
O&#
e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Wednesday, May 03, 2006 10:51 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd help
My first travesty with said blos, was when an admin could not reset a users password via the MMC. After
he actual binary chunk to send into admod to do it.
joe
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Wednesday, May 03, 2006 5:50 PMTo: ActiveDir@mail.activedir.orgSu
Mike,
Scratch that. It is not the string I was thinking about.
I'm sure Joe will know though :)
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] TScmd helpDate: Wed, 3 May 2006 16:38:42 -0500
Mike,
Can you use ADfind and ADmod for this?
ADfind -h -De
Mike,
Can you use ADfind and ADmod for this?
ADfind -h -Default -f "(TSpath=Blah)" -dsq | ADMOD tspath::NewPath
Now I don't remember f TS path (I know it's not the attribute name so you will need to look at it) is a string value or if t's contained in that blob value with the other TS set
HmmmI think my links got stripped there :
Security Myths and Passwords by Prof. Spafford
http://www.cerias.purdue.edu/weblogs/spaf/general/post-30/
Ten Windows Password Myths
http://www.securityfocus.com/infocus/1554
> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org>
This has been making the rounds as of late, so I am not sure if it has been
posted here:
Security Myths and Passwords by Prof. Spafford
and something from 2002:
Ten Windows Password Myths
Now...where I am, Smart Card integration into physical building access is
becoming a reality, so I
t you have to go chase down.
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, April 28, 2006 1:17 PMTo: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] O
to connect? If you do you can nominate yourself to test said functionality.
Thanks,Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, April 28, 2006 1:17 PMTo: ActiveDir@mail.activedir.orgSubject: RE
We use "employeeType" with values of
EMPLOYEE
CONTRACTOR
VENDOR
SERVICE
OTHER
ADMIN
Jef
Subject: RE: [ActiveDir] Cleanup of AD accountsDate: Fri, 28 Apr 2006 16:04:42 -0500From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Is there an attribute that's generally safe
I have some curiosity in this realm...
What would everyone consider good things and requirements for an ADAM management tool. Even assuming, cough, GUI.
joe
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL
I have to say...I've been having alot of fun with new stuff in te winFX gui programming :)
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: Re: [ActiveDir] ADAM Management Tool REQs and Desires.. WAS: Internet Authentication Concepts: Pointers?Date: Fri, 28 Apr
works nice...but still no Xbox 360 support :(
I want to test that piece :)
Subject: RE: [ActiveDir] OT: Windows Vista - Windows DefenderDate: Fri, 28 Apr 2006 12:15:52 -0400From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Have you tested MCE on it? 5342 MCE on a beefy box
the cause of such things, but how the environment will be managed and the pitfalls should be thought of.
Jef
Subject: RE: [ActiveDir] Root Place Holder justificationDate: Fri, 28 Apr 2006 15:20:45 +0100From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
I doubt a root domain would
Worldwide Information Network Systems
USAID/DoS IT Infrastructure Collaboration Program
[EMAIL PROTECTED]
[EMAIL PROTECTED]
703-866-7473
703-626-5741 (cell)
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Friday, April 28, 2006 9:27 AMTo: ActiveDir@mai
I guess it's a new environment and wanted to get some info ahead of before it was needed. :)
Thanks again!
Jef
> Date: Fri, 28 Apr 2006 01:40:09 +0200> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> Subject: Re: [ActiveDir] Internet Authentication Concepts: Pointers?>
AD utilize this password policy, as a few LDAP applications do query the policies defined in the domain for setting passwords in their apps which is a nice thing I think. :)Jef
Date: Thu, 27 Apr 2006 15:31:46 -0400From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: [ActiveDir] Exclude o
o was curious.
Thanks,
Jef
> Date: Thu, 27 Apr 2006 15:31:33 -0400> From: [EMAIL PROTECTED]> To:
> ActiveDir@mail.activedir.org> Subject: Re: [ActiveDir] Internet
> Authentication Concepts: Pointers?> > That's not a lot to go on, Jef. Can
> you give some mo
suggestions of good vendors to look at.
I am old that BMC's MIIS iDM suite is a good fit, but have only just begun reading up on it. I was hoping for other recommended apps to compare it against.
Thanks,
Jef
Join the next generation of Hotmail and you could win a trip to Africa Upgrade today
I have noticed it is not always in the system tray, except when it had a message for me.
I found the icon (looks like a little castle) on my main Programs Menu on the Start menu.
Jef
> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> Subject: Re: [ActiveDir] OT: Wind
when designed such a scenario.
Thanks,
Jef
Upgrade for free to Windows Live Mail beta and you could win an African Safari Learn more
...
Jef
Subject: RE: [ActiveDir] Root Place Holder justificationDate: Wed, 26 Apr 2006 15:26:57 -0700From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.org
Hey Rocky,
Watch me pull a rabbit out of my hat!
Sorry, just had to get that out of my system. Most people on the list won't h
icate and flow it into an aggregation directory?
If we had a single domain, this would not be an issue.
I suppose I am going to give you more gripes than hard facts as to why I think it causes problems right now though. :(
Jef
From: [EMAIL PROTECTED]To: Acti
My brother I welcome you into RDA :)
Root Domain Anonymous :)
Though, if the business requires the separation it still has it's place today in certain environments. I would just be more adamant at evaluating those business requirements as it relates to the directory.
Jef
Subjec
] [mailto:[EMAIL PROTECTED] On Behalf Of Jef KazimerSent: Mittwoch, 26. April 2006 17:48To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] Root Place Holder justification
I would tend to agree that a single domain is optimal with the current AD and infrastructure that is available. Other
policy in the Domain Admins group.
Of course this can all be done using different ACL's and task groups and what not, but is there a a simpler way that I am missing?
Jef
> Subject: RE: [ActiveDir] Root Place Holder justification> Date: Wed, 26 Apr 2006 16:03:13 +0200> From
offerings. :) I admit I was wrong :)
Jef
> Subject: RE: [ActiveDir] Root Place Holder justification> Date: Wed, 26 Apr 2006 08:03:19 -0600> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> > Mark,> > I'm in the same place you are: single forest, single d
ure impact is not understood.
If I had a magic wandI'd wish for a single domain. :)
Jef
> Subject: RE: [ActiveDir] Root Place Holder justification> Date: Wed, 26 Apr 2006 09:56:04 -0400> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> > > Your subject
fine...
-- We have used both the DELL client piece, and the 3COM client piece with success. though the management of these is horrible due to the lack of good replication of configurations.
Jef
Dave,
Hoping some of this makes sense,
hours so their crapplication could complete. :)
I'll let you guess what did not happen in that situation. :)
Jef
From: [EMAIL PROTECTED]To: ActiveDir@mail.activedir.orgSubject: RE: [ActiveDir] stupid ldap queriesDate: Thu, 20 Apr 2006 09:07:09 -0400
Oh I love those! The app dev fo
ll cllient does have a GINA addition, which allows a pre-logon WLAN authentication. Some people like this so their logon script runs, etc. So while not needed, it's a 3rd party tool some people like. It also allows us to do EAP-PEAP on WIndows 2k boxes which do not support it natively.
Jef
Ahhh...I thought you were aluding to some magical attribute in the 3rd dimension I did not know about in the Directory. :)
Yes, I agree, Process and policy needs to govern activity not just what the directory reports. :)
Thanks,
Jef
> Subject: RE: [ActiveDir] automatic account disa
ow account inactivity if not by lastlogon or lastlogontimestamp?
Thanks,
Jef
> Subject: RE: [ActiveDir] automatic account disable> Date: Wed, 19 Apr 2006 14:25:24 -0700> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> > Still, there is nothing "automatic"
they get prompted to relogon periodically but too bad for them :)
So far from what I hear, the response has been excellent since all the people have to do is walk into a conference room and they get access to the WLAN if their radio is on.
Jef
Subject: RE: [ActiveDir] Setting Wireless Config via
or a quick .NET exe for if you wanted.
Jef
> Date: Wed, 19 Apr 2006 11:38:58 -0300> From: [EMAIL PROTECTED]> To: ActiveDir@mail.activedir.org> Subject: [ActiveDir] automatic account disable> > hi guys,> > it's possible to make a automatic lockout in user account
It seems like an obvious idea to implement. Sad we never thought about it. :)
Has anyone done any tests to reveal what performance gains this yields on queries?
Thanks,
Jef
Subject: RE: [ActiveDir] stupid ldap queriesDate: Tue, 18 Apr 2006 17:03:35 -0400From: [EMAIL PROTECTED]To
Does the SCHTASKS.EXE do what you want?
perhaps with the /V switch
SCHTASKS /Query [/S system [/U username [/P password]]] [/FO format] [/NH] [/V] [/?]
Description: Enables an administrator to display the scheduled tasks on the local or remote system.
Parameter List: /S sy
expire at the end of. That is, the Active Directory Users and Computers MMC snap-in will display the account expiration date as one day earlier than the date contained in the accountExpires attribute." Hunter From: Jef Kazimer [mailto:[EMAIL PROTECTED] Sent: Friday, August 06, 20
I was brought this little problem today, which doesn't make alot of sense to me so far.It appears that ADUC displays the User Expiration date differently than a VBS script does. An in house coded application is being questioned because these values do not match.ADUC says 8/8/2004VBS says 8/9/200
[ 1/ 1/1601])"
>
>HTH
>
>Sincerely,
>
>Dèjì Akómöláfé, MCSE MCSA MCP+I
>Microsoft MVP - Directory Services
>www.readymaids.com - we know IT
>www.akomolafe.com
>Do you now realize that Today is the Tomorrow you were worried about Yesterday? -anon
>
>
>
>
so I think I am missing something else.
Thanks,
Jef Kazimer
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
We have some servers with "slow" connections due to some political site link
connections times. What I believe is happening is that the replication window is not
sufficient to propagate all the changes, and when the changes reach to the box, the
files it's expecting to change are no longer th
I've been looking at ways for tracking static DNS record changes. So far
I've been focusing on the "dnsTombestone" property which has 3 values of
NULL, TRUE, and FALSE.
Perhaps you can see if that object has a similar property? I'm not at an AD
terminal now, so I can't check, but it might be so
ces together to solve most of our issues.
Jef
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rich Milburn
Sent: Monday, January 19, 2004 7:41 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] MNS user flag - fixed
Nice to hear that they did look at the sou
P for 2003, which re-acls sysvol. This would
trigger a large amount of ACE replication, so the less files we have to do
it on, the better.
Jef
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Free, Bob
Sent: Saturday, January 17, 2004 4:31 PM
To: MarkSamue
to this problem in the future, and
it should be googled in the archive. :)
Jef
Abbott Labs
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
If anything, We just did a 2003 upgrade of our DIT with live data in the lab.
We did an upgrade of 2003, and then Compact in NTDSUTIL
in 2 seperate domains:
Went from 2.68gig to 1.1gb
Went from 1.0gb to 890mb
Also, removing the ADM templates from all but the PDCE, we went from a SYSVOL of
3
#x27;m with you, I'm not sure where to find it in the GUI, or what exactly it's
>for. I think the references I've seen to it have been copied from others
>(defining constants in VBScripts).
>
>Do you have Windows Server 2003 clusters there? Could it be related to
>t
MNS user" on the web.
What is an MNS user? What is MNS? How did this get set? and what is it doing?
I can set the flag with an ADSI script, but other than that, I don't know where it
came from?
Thanks,
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: ht
et for the keywords of "winlogon.log" and you should find the KB article
with the registry keylocation. Sorry I don't remember it off hand. :)
Jef
Original Message:
>From: "ActiveDirList-PPC" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: [Activ
Actually I just used the ADmap 1.6.2 utility last night. I believe it came out of MS
consulting services from Germany. (it says so in the about)
It reads your Sites structure and builds it into a rather unwieldly VISIO map. You
will need a Plotter to print it out, and it's not perfect. Not b
> -Original Message-
> From: Jef Kazimer [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, November 26, 2003 8:53 AM
> To: [EMAIL PROTECTED]
> Subject: RE: [ActiveDir] DNS, Reverse and Limit, and
> Searching for Static Records
>
>
> Roger,
>
> Thanks for th
Michael,
Sheez...The Zone Transfers alone must be mind boggling :)
Do you see any performance hits with so many zones? I'm not seeing any so
far, but I am curious if I will. I do notice the startup time of DNS is
wretched, but that I expected on bootup.
Jef
-Original Message-
or False are yet, but I suspect
this might be the searchable value to pull a list of static entries out of
AD. Any experience with that?
I'm wondering if and when we get these zones clean, if it would be better
to ClassB the DHCP zones, and create classC's for the Static zones and turn
s
ot be that high. It's just spread out amongst many zones.
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Hunter,
Awesome! I was just looking at the syntax for LDIFDE too, but this was easy! :)
Jef
Original Message:
>From: "Coleman, Hunter" <[EMAIL PROTECTED]>
>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: RE: [ActiveDir] Mirror OU struc
already existing one, that would help out alot!
Thanks,
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
. I don't know how to manually
correct this, as de-installing and re-installing the provider fails with the same
error.
Any thoughts?
Jef
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-a
I'm currently using the DNSresource.vbs to dump zones to a text file, then I use
another VBS I wrote to parse the text file, and re-import the Reverse zones.
The syntax I am using is:
DnsResource /LIST PTR %2.%1.10.in-addr.arpa /S /O zone\%2-%1-10.dns
%1 and %2 are the B and C octets since
it's only in W2k3.
Jef
Original Message:
>From: "Rocky Habeeb" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Subject: RE: [ActiveDir] Directory Services Restore Password
>Date: Fri, 14 Nov 2003 12:46:43 -0500
>"Yikes".
>
>I forgot to mentio
to check ntdsutil to see if that
option was added to it. It was on the main menu, and I believe it was "reset DSRM
password" was the command.
just a thought...
Jef
Original Message:
>From: "Rocky Habeeb" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>S
wll need a
connection to the other site BTw.
Jef
Original Message:
>From: "Rittenhouse, Cindy" <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: [ActiveDir] cleanup AD connections after move server to different site
>Date: Thu, 13 Nov 2003 15:50:01 -0500
>
>
re: [ActiveDir] dns aging with
> 01/7/1601(Document link: Sandy Wu)
>
>
>
>
>
>
re: [ActiveDir] dns aging with
> 01/7/1601(Document link: Sandy Wu)
>
>
>
>
>
timestamp will be that of when you ran the command, and if it is not
refreshed between then and scavenging date, it will be cleaned up.
Make sure you remove the "Age this record" check box thingy (I forgot the syntax) on
the record for any static records you don't want to
It's that Mysterious error they talk about in the ADMT 2.0 docs, that they say is
unknown cause of it.
Do a shutdown and reboot of your workstations before you migrate them, and it solves
this problem. I meant to send out verification and reboot scripts this week since
someone asked this earl
ou need RPCPING and the script. RPCping came from the Win2k3 resource kit.
Jef
Original Message:
>From: "Strand, Ted" <[EMAIL PROTECTED]>
>To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
>Subject: RE: [ActiveDir] Bindview and ADMT
>Date: Fri, 7
.
When migrating stations, we have pre-test which verifies their on the network, wakes
any machines or laptops out of sleep mode, and does a Force Logoff and Reboot of the
boxes we want. Since doing that, our migration % haave increased greatly.
jef
Original Message:
>From: "Colema
1 - 100 of 118 matches
Mail list logo
