Todd,
With all due respect, I think there are more people doing this than you
think. You aren't using a Lag Site, so it's 'whacky'. Your opinion, so
you're entitled to it.
PSS blessed our implementation, BTW. If you'd like, I'll be happy to
provide you with contacts for the ROSS tech (out of L
Mark,
Please post the link to the white paper, if you would. I'm sure that you
can imagine that there are more than a few white papers that we all know
about....
Rick Kingslan MCSE, MCSA, MCT, CISSP
Microsoft MVP:
Windows Server / Directory Services
Windows Server / Rights Management
Wi
nt to fix
what's not broke, Todd.
Rick Kingslan MCSE, MCSA, MCT, CISSP
Microsoft MVP:
Windows Server / Directory Services
Windows Server / Rights Management
Windows Security (Affiliate)
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
WebLog - www.msmvps.com/willhack4food
e of a GPO:
Administrative Templates
System
Netlogon
DC Locator DNS Records
These settings are disccused in Chapter 4: Planning DNS of the Windows
Server 2003 Active Directory Branch Office Deployment Guide.
-Arden
On 5/19/05, Rick Kingslan <[EMAIL PROTECTED]> wrote:
> You
PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: 19 May 2005 15:59
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD DR - replication lag site
Just two things...
Disable Netlogon. If it's disabled as a policy or by going to services and
changing the ser
There are
a number of freeware event log -> syslog tools that will scrape the event
logs for what you are looking to dump out to the syslog server.
Obviously, the second part of this is a syslog server. Those are a dime a
dozen – or free. Choose your OS (Windows, *nix, Mac, whatever) a
Sounds like there might be some NATing going on. Get with your Network
folks. I suspect that there is something going on at layers 2 and 3 that
are going to prevent what you want to do until the DCPromo is completed.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECT
Marcus,
I kill off the specific rules on those servers. If I'm not interested in a
particular message, it's gone.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Thursday, May 19, 2005 9:24 AM
To: ActiveDir@mail.activedir.or
Todd -
I personally don't have a problem with Recovery Manager.
That being said - Last I checked, Microsoft still didn't allow it as a
SUPPORTABLE solution for the purpose under discussion.
With our company being an Enterprise Agreement customer with a PSS agreement
scaled to 'Get Ballmer out o
Yann,
If you remember the situation that I proposed for you (it's working in my
environment today, so I'm fairly certain of its viability) I use a VMWare
server with multiple DC instances. Each instance is staggered for
replication - from 30 minutes to 30 days.
In the instance of a problem in w
Just two things...
Disable Netlogon. If it's disabled as a policy or by going to services and
changing the service properties, restarting on reboot won't be an issue.
Disabled is disabled, regardless.
As to DNS records, I suppose that if the Netlogon service is disabled
(primary for registering
(Caveat - I didn't go read the article fairly certain what this is
about)
I've implemented something quite similar to this in my environment - except
I did it quite a bit differently - and, I think that it's a very viable DR
and near-line recovery solution.
What we did in our Enterprise was t
Mark,
This may be a bit bizarre, but are you certain that when you restored the
DCs that the passwords of the accounts went with them? I'm not certain why
this might have occurred, but remember that there is an account restriction
that would apply that REQUIRES a password for all principals. And
If you’re concerned that there might
be a problem – I don’t see any real value in taking a chance.
I tend to treat DCs much like ‘tin soldiers’. Their purpose
in life is primarily object repository and authN. If the object
repository can’t be trusted (possibly out of date) then the authN
Title: Re: [ActiveDir] delegation not working on Win2k AD
I agree with many of the other posts here –
a domain level is likely the correct area to do this, simply because the usual
location for a joined computer is the Computers Container – not an OU.
If they don’t have access to the conta
o know our own Brian Desmond here on the list. He's
sys admin / designer / all around 'good guy' with a school district in
(Chicago???). He's been there, done that with what you are doing.
Good luck!
Rick Kingslan MCSE, MCSA, MCT, CISSP
Microsoft MVP:
Windows Server / Di
Sadly, the beta for ACS has been closed for a VERY long time. This close to
what might be a release, I suspect that there will not be any opportunity to
get in on the beta.
However, check with your local MS folks and see if they can get you the
bits.
-rtk
-Original Message-
From: [EMAIL
I thought it was dropped - maybe not, however. I seem to remember seeing in
- I think - one of Paul T.'s write-ups that the ACS piece in R2 had been
dropped.
For now - at least.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Francis Ouellet
Se
Nope - it's still in beta. Final stages, but still not released.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Medeiros, Jose
Sent: Friday, May 13, 2005 10:29 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Audit Collection Services
Gree
Right. And joe thinks I asked this question because I didn't know. ;o)
There are interesting idiosyncrasies with the built-in and default groups
that are not well understood.
This was the real reason that I was bringing up the discussion - to
hopefully ferret out some of the interesting and pecul
AND - in addition to what Jorge and Deji said:
Target Domain technically needs to be in Native mode to support sIDHistory.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jorge de Almeida
Pinto
Sent: Thursday, May 12, 2005 12:39 AM
To: '[EMAIL PROTE
Details, details.
However, I think that it was actually fixed is SP3, no?
;o)
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Santhosh Sivarajan
Sent: Wednesday, May 11, 2005 10:30 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] 20
And, from personal experience in our Enterprise, I can absolutely guarantee that
what Darren says is true. I, too, had a problem where policy parts and
pieces were getting applied. Looking into it, if I ran GPResult/RSoP, I
could see that more and more was being applied on each reboot
[1] In shorts.
Bugger off, joe.
;op
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, May 09, 2005 3:45 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] All - OT (and drifting further away)
LOL. Rick are you still stri
Honestly, I found it a bit of a surprise as well. However, there must be
something in his background or his talents that lend him to that end.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Monday, May 09, 2005 3:01 PM
To:
ith google... I don't think this
stuff is locked down to just AD ORG members.
Regardless First public posting of this URL... http://blog.joeware.net/
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Sunday, May 08,
:o)
Good to hear from you, Missy. Even if it was meant to be a private message
to Deji.
Keep in touch, would you?
Rick Kingslan MCSE, MCSA, MCT, CISSP
Microsoft MVP:
Windows Server / Directory Services
Windows Server / Rights Management
Windows Security (Affiliate)
Associate Expert
Expert
"The last I heard, newsid wasn't something MS supported the use of."
But, it works and it seems to be very good at following the rules.
Of course, I haven't seen a statement of support out of Redmond on adfind,
either :o)
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMA
Of course LDAP is going to be used, as there needs to be a protocol that
knows how to find the authenticating DC.
However, not to confuse any issues here - LDAP is not and authenticating
protocol in any way, shape or form.
Jorge, just want to be sure that you know that I know you weren't
insinu
I can ABSOLUTELY guarantee that it's the _kerberos records that are
responsible for the AuthN locator.
Consider a keen little problem I ran into this week. I've got a site that
has member servers and user machines authenticating anywhere they want to -
across our 50-some odd sites.
After checkin
"Completely in my opinion"
Completely MY opinion.
Dude - you need a blog worse than most anyone I know.
joe, you have these wonderful, concise, often controversial dissertations on
subjects of importance. And, often times they are hard to find and
sometimes unavailable to non-members of thi
~Eric,
“If
you have a policy out there resetting the local admin password, how are you
storing the new password in the script?”
Fully admitting I haven’t delved
deeply into this…. As a parameter to the script passed from the GPO
settings on a Startup Script object?
-rtk
as MVPs have a special
newsgroup on the MVP private server specifically where we can submit for
changes in KBs, they are very responsive. Take a peek, if you can't find it,
let me know and I will dig out the actual name.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMA
Al,
"Can" and "Will" are two different things. Knowing Brett and his, shall we
say, feisty nature - anything is possible. :o)
Brett - what's the Xbox game of the week, BTW?
Rick
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick
Sent: Wednesd
Sent: Saturday, April 30, 2005 4:13 AM
To: 'Rick Kingslan '; '[EMAIL PROTECTED] ';
'ActiveDir@mail.activedir.org '
Subject: RE: [ActiveDir] primary and secondary dns question
In addition to what Rick told you...
Win2K DCs in a forest root domain (the first domain c
orest Functional level.
This will kick in the much more optimized AD Replication.
HTH!
Rick Kingslan MCSE, MCSA, MCT, CISSP
Microsoft MVP:
Windows Server / Directory Services
Windows Server / Rights Management
Windows Security (Affiliate)
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/exper
rosoft.com/default.aspx?scid=kb%3Ben-us%3B291382
WINS - Honestly I'm not so sure. I suspect that I would do the same, more
because I have a lack of real evidence one way or another.
I know of potential issues with DNS settings, WINS - not so much.
Good luck!
Rick Kingslan MCSE, MCSA, MCT, CISS
I agree with everything that Roger says. Exactly correct in all regards.
However, I have a similar environment (BIND except for the AD / Windows
necessary DNS) where my Exchange servers sit on the internal network -
corp.company.com, with the actual SMTP alias of external mail being
acme.com. So
Title: Message
So, joe and Joe – is this
indisputable truth that we’ve been looking for that NTLM is a required
part of the Kerberos authentication process?
:-D
(Joe, just ask joe….. trust me…..)
-rtk
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of j
Joe –
Run into this issue all of the time.
Usually, it has to do with an application or some other application / process
that either uses or caches the user’s credentials. If the password
is changed, the application or process needs to be changed as well.
My recommendation: The Ac
The debate on this topic seems to rage on. Russ, the issue is one of risk.
How much control or access are you willing to give folks on your DCs?
This is the same discussion that joe and I have had on more than a couple of
occasions. Me, I'm a bit more willing to delegate out authority to do just
you a good
security person, though it is a good start. Many security people I have met are
more paranoid than technical. Their technical knowledge is limited to
understanding how to use the the available security tools, not necessarily the
concepts and the guts behind them.
From:
[EMA
joe –
Great answer in a perfect world.
Great answer in the joe-run world. I’d like to do the same, but it’s
kind of funny that the guys I can’t really trust, the company still
employs because I can’t get evidence that is going to get them fired to the
degree in which HR is not going t
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Tuesday, March 08, 2005 4:21
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Problem:
Limit Domain Admins and Administrators
Yeah, that’s been discussed a few
times here. One of the
doing the audit to really know anything about AD other
than this person can do ‘A” job with these rights in AD.
Rick Kingslan MCSE, MCSA, MCT, CISSP
Microsoft MVP:
Windows Server / Directory Services
Windows Server / Rights Management
Windows Security (Affiliate)
Associate Expert
Expert Zone
t win the Lotto. :)
It seems more and more like I am going to have to actually earn my first
million.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Monday, March 07, 2005 10:14 PM
To: ActiveDir@mail.activedir.org
Subject: RE
earn my first
million.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Monday, March 07, 2005 10:14 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Active Directory and LDAP
" The Cat Book rocks. Actually I should get
Oh, and mine's signed! Thanks again, Gil!
:)
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Monday, March 07, 2005 9:16 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Active Directory and LDAP
It's the
It's the best Nuts and bolts book on programming to AD that I've got on the
shelf.
"Active Directory Programming" by Gil Kirkpatrick
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gil Kirkpatrick
Sent: Monday, March 07, 2005 11:19 AM
To: ActiveDir@
" The Cat Book rocks. Actually I should get royalties for that one too, I
have made a bunch of people buy it"
Here we go again
-rtk
P.S :p
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, March 07, 2005 11:11 AM
To: ActiveDir
WTF?!?!? Has this list sunk this far?
However, I should know better. It's joe, Al, and Deji.
Never mind all. False alarm. Nothing odd going on at all.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Sunday, March 06, 2005 12:29 PM
To:
--Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Sunday, March 06, 2005 11:38 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] ADAM - Clarification
Joe,
Thanks for the feedback. This is pretty much what I had concluded,
after
doing so
an identity store and then
possibly looking at the group membership for authorization purposes.
My $0.04 anyway,
al
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Saturday, March 05, 2005 11:57 PM
To: ActiveDir@mail.activedir.
t 636 between these two IP addresses.
Eric will probably weigh in this as well.
Joe K.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Saturday, March 05, 2005 10:57 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] ADAM - Clarifi
the requirements for
SASL bind. Is this an option?
The bottom line is that I want to use ADAM, but have run into this brick
wall. What options do I have, as I've exhausted the resources that I have
at my disposal, at this point in time at least :)
Rick Kingslan MCSE, MCSA, MCT, CISSP
Micr
“If you have only one Enterprise admin account,
and only one person who knows the credentials for that account, then there are
some large organizational risks if something happens to that one person.”
True – one is really asking for a
disaster at this point.
My environment – two EA
you need to patch RMS, it's obviously much easier if the code is not
kernel deep and not critical to the running of the OS.
Others will obviously weigh in here. Hopefully, one of those folks will be
~Eric, with his clearly 'insider' info on what the overall direction in this
area
ou put into place.
It has no bearing how good you are as the delegation person, it all comes
down to how good the DA is.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Tuesday, February 22, 2005 8:05 PM
To: ActiveDir@mail.acti
Hmmm. OK, I'm inclined to agree, but aren't DA's and EA's governed by the
same set of ACLs and ACEs applied at specific levels of AD as any other
user?
IOW, can't I remove the Allow from DA to Create / Delete User Object?
Right. AdminSDHolder is going to change it back on its rounds.
And (thoug
Noah,
Your options are pretty limited if you don't have access to WU, WUS or SUS.
The options really do come down to applying each patch, potentially
rebooting between each of the patches. If you don't reboot, you run into a
potential issue in which the bits from patch A are over-written by pa
Title: Message
You haven’t met Dean face to face,
have you?
-rtk
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael B. Smith
Sent: Monday, February 14, 2005
8:27 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Two
little tools ...
IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
____
From: [EMAIL PROTECTED] on behalf of Rick Kingslan
Sent: Sun 2/13/2005 6:59 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] [Dreadfully OT]: I
Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: [EMAIL PROTECTED] on behalf of Rick Kingslan
Sent: Sun 2/13/2005 1:08 PM
To: ActiveDir@mail.activedir
it's worth the time.
http://www.colinux.org
Rick Kingslan MCSE, MCSA, MCT, CISSP
Microsoft MVP:
Windows Server / Directory Services
Windows Server / Rights Management
Windows Security (Affiliate)
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
WebLog - www.msmvps.com
Justin -
I'm going to try again because, IMHO, you're working WAY too hard at this
one problem.
My current preference -
http://www.kewlit.com/whoami/index2b.html
Great for the Data Center boxes connected via KVM.
If you haven't looked at this tool - you have NO IDEA what you're missing.
Simp
Yep - you can be sure that I'll be taking on a role of 'enforcer' ;o)
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Sunday, February 13, 2005 11:05 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] VERY VERY OT: DEC and Va
lackluster separation of
program to program corruption.
If you want more info – see here. http://www.webdevelopersjournal.com/archive/win95.html
I remember Greg from the ‘Chicago’ (code name for Win95) beta days, and
thought he wrote an article or two.
Hope this helps.
Rick
Sadly, no - from what I've seen so far. But, the value of the tool still
far exceeds the cost, even with the inconvenience that you correctly state.
However, I don't know if a new version is being prepped for the SP1
timeframe, either.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[ma
Nope Rick's going to DEC Thought joe wouldn't miss it. Apparently,
I'm quite mistaken.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, February 10, 2005 10:26 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
-nodn -nolabel -q |unique
BUILTIN\Administrators
CHILD1\Domain Admins
JOE\$jricha34
JOE\2K3DC01$
JOE\2K3EXC01$
JOE\2K3EXC02$
JOE\2K3UTL01$
JOE\Domain Admins
JOE\Enterprise Admins
JOE\FASTMOFO$
JOE\Schema Admins
NT AUTHORITY\SYSTEM
joe
From:
[EMAIL PROTECTED] [ma
] Built-in
Defragger and Clustering
That did sound like a silly superstition
to me. Anyway, do you use the built-in defragger to defragment your shared
cluster drives?
Dan
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Wednesday, February 09
Tom,
If I do an nslookup against sales.charmer.com, I get the SOA with no
problem. There are no other records in that zone, but it responds.
Are you running AD integrated? If so, can you temporarily change it back to
Primary and cut and paste the .dns file for sales.charmer.com out to us to
t
Where the hell have _YOU_ been, you little over-cooked Swede?
:OD Great to hear from you!
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jimmy
Sent: Wednesday, February 09, 2005 6:19 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Mig
ectory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: [EMAIL PROTECTED] on behalf of Rick Kingslan
Sent: Tue 2/8/2005 9:02 PM
To: ActiveDir@mail.activedir.org
Subject:
I’d load NetMon or Ethereal on both
machines and capture the traffic. Filter on the names / IPs of the two
machines involved, just to reduce the noise to just the important bits.
I suspect this will most likely uncover
the problem much quicker than anything else you could likely do.
Nathan,
I'm quite certain that if you contact the local Microsoft sales office in
your area, they will most likely fall all over themselves in getting a
presentation to assist you on this.
I know for a fact that they have more than a couple on just this topic.
-rtk
-Original Message-
Fr
Yeah – I agree with Darren on this
one. Picture the Yeknom Inc. (CareerBuilder.Com) commercials that aired
during the Super Bowl. Picture a gray-haired Monkey standing in his
chair, and a younger chimp kissing his butt.
Yep – American Capitalism at its
finest.
-rtk
Fro
Dan,
Been working with Clusters for a number of
years, and I have never heard of this. I can ping a couple folks, but I
can’t surmise what the problem would be. If data is re-ordered, the
disk is going to work fine one way or another.
-rtk
From:
[EMAIL PROTECTED] [mail
Security filtering to groups of users is the best way to accomplish this.
Put all of the administrative context users that you DO NOT want this to
apply to into a specific group. Ensure that the READ and APPPLY Group
Policy are not enforced.
However, in most Citrix applications that I've worked w
Login script won't work. It would have to be a Startup script. Startup
script runs under LocalSystem, while the context of the login script runs
under that of the user who has just logged on - typically with noting more
than Domain User rights. Of course, Domain User won't be enough (I hope!)
to
bject: RE: [ActiveDir] Using GPO's to force a Lock Workstation in
conjunction with task manager
I doubt that the task scheduler can run a shortcut... Shortcuts are a
shell function. Can you run the .exe directly from the scheduler instead
of running the shortcut?
-gil
-----Original Message
station in
conjunction with task manager
I doubt that the task scheduler can run a shortcut... Shortcuts are a
shell function. Can you run the .exe directly from the scheduler instead
of running the shortcut?
-gil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On B
Jason,
I'm sure that there's a good reason for not wanting to use the enable screen
saver option, but I'm curious as to why you want to do that actual
LockWorkStation function. Is it an academic exercise, or is there something
more to it?
Just simply curious...
-rtk
-Original Message-
Sakari,
To echo the one phrase from Microsoft that, I personally have flat gotten
sick of, we can likely expect to see your next edition "In the LONGHORN
TIMEFRAME"
;o)
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sakari Kouti
Sent: Monday,
You CAN, but 'FIND' has nowhere near the 'fun' that grep does. Have you
ever seen an entire BOOK written on 'FIND'?
;p
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, February 07, 2005 12:37 PM
To: ActiveDir@mail.activedir.org
Sub
Title: Message
Ø
Doing
this for multiple groups is trickier. No doubt it can be done with batch
commands but I'm not the one that could do it.
Pose that one to Dean. I’ve
never seen keener DOS or CMD batch scripts in my life… (sorry joe –
including you…) ;o)
-rtk
Brian,
I think the most important issue to take into account with this is one of
perceived or real confidentiality. The technology of SMTP is not, nor was
it really ever, designed with confidentiality in mind.
S/MIME - different story. This is a solution to the SMTP issue.
So, if one wants con
hink the one-way trust is probably the way to go here. I also think
> that's exactly what MS does for their partner extranet that uses WSS.
>
> Joe K.
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
> Sent:
. I also think
that's exactly what MS does for their partner extranet that uses WSS.
Joe K.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Saturday, February 05, 2005 10:31 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir
e you mean just creating users in ADAM here? I wasn't sure, it
wasn't clear to me from the way that was worded.
~Eric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: Saturday, February 05, 2005 10:31 PM
To: ActiveDir@m
Me, I'd go the AD/AM route. AD/AM supports both a mode for saving the
password hash info for user objects, or - and my preferred method for authN
from an external repository to AD - DS-Proxy-Bind mode in which the user
object in AD/AM has one key attribute - SID of the object to auth against in
th
ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] VERY VERY OT: DEC and Vancouver/Canada
come on Rick - I'd really enjoy watching Joe race down the Whistler mountain
on a snowboard _with shorts on_ ;-))
/Guido
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTEC
L PROTECTED] On Behalf Of Rick Kingslan
Sent: Thursday, February 03, 2005 2:01 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] VERY VERY OT: DEC and Vancouver/Canada
However, there is one small problem - no one else wants to to see you
_WITH SHORTS ON_!
:p
-rtk
-Original Me
Dell DRAC and RAC as well as IBM RSA will do similar
funtions - as well as shut it off cold, and start it up -
remotely.
-rtk
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian
DesmondSent: Monday, January 31, 2005 3:55 PMTo:
ActiveDir@mail.activedir.orgSubject: RE: [A
However, there is one small problem - no one else wants to to see you
_WITH SHORTS ON_!
:p
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Monday, January 31, 2005 11:06 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] VER
In our dealings with this in my environment - which
has just learned that sticks and stones do, in fact, exist - legal standings in
relation to Federal law is pretty much untested. In fact, any disclaimers
tied to specific sections of the Electronic Communications Acts, are most likely
grea
Title: time server
Mark,
I've got a number of Avayas (S8700's) at work. I can
check with our on-staff Avaya folks, as I know that they are synching time
internally. However, I think that it's going back against our AIX
systems.
But, as to it being Linux - it's how you order the
modules
Ummm, yeah - I do.
-rtk
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells
Sent: Friday, January 07, 2005 5:22 PM
To: Send - AD mailing list
Subject: RE: [ActiveDir] Forest trusts vs trusts within forests
Does nobody but me like or even prefer s
Dean, joe - you were right. Brett did, and does - have an opinion. His
opinion, as it seems from this is, that you should bloody well go stuff
yourself elsewhere, and do the job yourself.
However, I *might* have read it out of context...
Regardless, Brett - it's always great to hear from you..
12:12:26 -0600, Rick Kingslan <[EMAIL PROTECTED]> wrote:
> If we're speaking of a hub rather than a switch, you can plug in to
> any port and sniff the traffic. A hub runs at the physical layer,
> while a switch operates more at the MAC portion of the Data Link of the
good old O
301 - 400 of 1153 matches
Mail list logo