An AD client will try to associate itself with the site that it is most
specific for its IP.
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Brian Cline
Sent: Friday, January 26, 2007 3:20 PM
To: ActiveDir@mail.activedir.org
Subj
85-4308-B4
89-F2F1214C811D>
Weblog: http://msmvps.org/UlfBSimonWeidner
http://msmvps.org/UlfBSimonWeidner>
Website: http://www.windowsserverfaq.org
http://www.windowsserverfaq.org/>
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Donnerstag
I think you are seeing your Kerberos tickets start to reach their
expiration time. The kerbtray icon will go from green to red. I think
the last 5 or 15 minutes the default configuration will also issue an
audible (and very distinctive) sound. The tickets will renew
automatically (and the icon w
with the /B-Switch should work.
Ulf
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Donnerstag, 25. Januar 2007 13:10
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: maintaining "creation date" when copying
directories?
Wh
What "move/copy" tools can be used to copy directories/files to another
location and still retain the "creation date" value? Robocopy seems to
keep creation date on files but directories are given the current date.
Am I missing a switch in Robocopy to do this? A backup/restore
operation (with ntb
(I sure hope this doesn't sound like too dumb a question!) We have a
server where local security groups were created for local file access.
The files on this server are going to be moved to a file server cluster.
Can ADMT v3 migrate these security groups up to the AD structure with
the hopes of re
Is this what you are looking for? http://www.php.net/downloads.phpI
have not used it, however, and can't speak to how well it works but it
seems to come from the right place. ;)
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Has anyone heard of a release date for Windows Server 2003/SP2? Thanks.
Mike Thommes
You might want to test the network connection. We have a public tester
at http://miranda.ctd.anl.gov:7123/ that might detect duplex mismatches
or faulty cables.
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Darren Mar-Elia
Sent: Friday, Ja
We have an application that is using an Apache server to do LDAP
authentications against our active directory. (Yeah, I know; if only I
were king! LOL!) The application developer tells me that if he tries
doing an auth against our root base (dc=yyy,dc=zzz), the auth fails. If
he uses a search b
Hi Laura,
That's what I thought of first but that would stop all traffic to
the server, not just a particular share.
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura A.
Robinson
Sent: Tuesday, January 09, 2007 4:19 PM
If nothing else has been done to the account, I wonder if you could use
the "whenChanged" attribute.
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Parag Nagwekar
Sent: Wednesday, January 03, 2007 9:28 AM
To: ActiveDir@mail.acti
I am trying to get a list of all of the users in the builtin group
"Domain Users". I am using the following commands, but get incomplete
results. Can someone tell me why? Thanks! And Happy New Year to
everyone!
dsquery group -name "domain users" | dsget group -members >
c:\temp\domain_users
rvers where we have ordinary users executing
"batch" jobs I've setup a local group to grant read and execute.
http://support.microsoft.com/kb/867466
Mike
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Se
We are trying to get a particular account to run a scheduled backup job
on a server. Our results are puzzling. Here are the particulars:
2003 R2 standard server
Domain account, non privileged, doesn't belong to "domain users"
Added to local "backup operators" group
Trying to run a system stat
How about a remote shutdown like "shutdown /m \\computername /r /f"
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Kevin Brunson
Sent: Friday, December 01, 2006 9:51 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Split pagefile
last sentence even made sense, sorry. I'm sleep
deprived.
Laura
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, November 30, 2006 10:40 PM
To: ActiveDir@mai
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, November 30, 2006 7:33 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] dynamic variables within an event log
entry?
I wonder if someone could explain t
I wonder if someone could explain to me (or point me at some reference)
about what mechanism is used to populate the information in a Windows
event log entry. The reason why I ask is that I see in the Security log
when a new user account is created by an account which is a member of
the Domain Adm
adfind -default
-f "&(objectclass=group)(groupType=-2147483646)" -tdc whenChanged
hth,
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frank Abagnale
Sent: Tuesday, October 31, 2006
2:51 AM
To: activedir@mail.activedir.org
Subject: [ActiveDir] AD
Hi Deji,
My version
of whoami shows the usage as: “whoami /groups”. Thanks for
pointing me at this; I always just used “whoami”.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Akomolafe, Deji
Sent: Wednesday, October 25, 2006
11:58 AM
To: A
dsquery group -name _samaccountname_here_ | dsget group -members
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Irwan Hadi
Sent: Wednesday, October 18, 2006 4:14 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Gather member of query
joined from my domain. but i am sure this has
nothing to do with any GPO. Also
same thing happened for me when i joined this to any other domain. other than
the previous one.
Thanks!!!
Ravi
From: [EMAIL PROTECTED] on behalf of Thommes, Michael M.
S
Hi Susan,
I didn't mean to imply that this was just with the last set of
patches. I think your note says that you have been seeing this for a
while. We have too. One of the guys in my group uses Update Expert to
patch and he sees it more often than I do. Of course, he patches a lot
more ser
I have also
seen where a second reboot is necessary for RDP to work. I have not determined
the cause of this yet. It does not happen on all servers.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Vinnie Cardona
Sent: Tuesday, October 17, 2006
1
Check out "oldcmp" at http://www.joeware.net/win/free/tools/oldcmp.htm
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Condra, Jerry W
Mr HP
Sent: Monday, October 16, 2006 12:50 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Determi
In this context, would it make sense to write/use a servicePrincipalName
value? (maybe even using admod/adfind 8-) )
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Wednesday, October 11, 2006 9:42 AM
To: ActiveDir@mail.activedir.
: RE: [ActiveDir] problem
changing "employeeID" attribute value
Try clicking the 'Clear' button instead of
deleting the value.
-Andrew
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Tuesday, October
For an AD user account, we normally populate
the attribute “employeeID” with a value. Circumstances surrounding
some accounts requires me to “unpopulate” this value. In ADSIEdit,
however, when I go to this Unicode String valued attribute with the Edit
function, I can delete the value but
Try FileNotify –
freeware at http://www.xtware.com/
Mike Thommes
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Kurt Falde
Sent: Thursday, October 05, 2006
1:19 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Who keeps
creating this folder & file
Hi Rezuma,
I suspect
you might run into the same issue I had when I did the R2 forestprep with SFU
3.5 (although you have the earlier SFU 3.0). If so, see the fixup from Steve
Linehan posted to this newsgroup on 8/7/06 (and my comment from 8/12/06).
Mike Thommes
From:
, Michael M.
Sent: Wednesday, September 20,
2006 5:58 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] different
version of R2 available?
My officemate and I were discussing whether
there are different versions of the R2 CD depending on whether you’re
running Server 2003 Standard or Server
My officemate and I were discussing whether
there are different versions of the R2 CD depending on whether you’re
running Server 2003 Standard or Server 2003 Enterprise. Or is there only one version of
R2? TIA!
Mike Thommes
Touche’
8-)
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Thursday, September 14, 2006
5:04 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT:
Protecting against Spyware/Adware
I run as local admin and have zero i
Hi,
I have moved a job that employs uptime.exe (in
a loop using the FOR command) from a Windows 2000/SP4 server to a Windows
2003/SP1 server. Now part way through the job, I get:
Event Type: Information
Event Source: Application Popup
Event Category: None
Event ID:
We are still testing PassFiltPro software
(http://www.altusnet.com/products/) which supposedly has the ability with one
of its versions (MPE) to enforce different password policies based on global
groups. This is mentioned only for information, not endorsement, at this
time.
Mike Thomm
Can anyone else get to the archives? Specifically, I was
looking for a thread from, I think, a couple of years ago where there was
discussion about storing (not storing?) employee pictures in AD. I am concerned
about how that attribute will grow our DIT. I seem to recall that maybe just
I am guessing, based on the port number,
you have a DNS A record for this computer in gc._msdcs.domain.com .
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan
Sent: Tuesday, August 29, 2006
10:06 AM
To: ActiveDir@mail.activedir.org
Subje
You should get back your domain
controllers’ IP addresses. Is it possible that your user’s
computer has gotten the IP of an old DC?
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ramon Linan
Sent: Monday, August 28, 2006 3:03
PM
To: ActiveDir@ma
from perfect in that regard.
joe
--
O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael
M.
Sent: Wednesday, August 23, 2006 8:0
:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Tuesday, August 22, 2006
9:36 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Secure
LDAP queries from the outside
Hi Robert,
Yes, the command is *exactly* the same. We are thinking
that our CRL location is not
get the object
returned?
I tried using adfind to connect to my test
DC using port 636 and got the exact same error…but I don’t have a
cert installed on my DC so I’d expect mine not to work.
Robert
Williams
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael
Hi,
We are trying to set up secure LDAP queries
from the outside to AD for pulling email addresses but are running into an
issue. Port 636 has been opened up to our DCs but we get a 0x51 error
like the one shown below in this example of using “adfind”:
adfind -h dc1.abc.com:636 -u
Maybe the CRL (Certificate Revocation List) location is not available?
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Za Vue
Sent: Wednesday, August 16, 2006 8:17 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] User AutoEnrollment
I fixed this issue with ldp and Steve
Linehan’s instructions to the list about two weeks ago. Microsoft
supposedly has an “unofficial” patch to fix this issue. Talk to
your TAM.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Tuesday,
TECTED] On Behalf Of Thommes, Michael M.
Sent: Monday, August 14, 2006 3:28
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] joe -
please say it isn't so!
So here I went to take a look at
Dean’s article, and I find this: http://blog.joeware.net/cat/recipes/
, expecting to find m
So here I went to take a look at Dean’s
article, and I find this: http://blog.joeware.net/cat/recipes/
, expecting to find more of joe’s great adfind codes. At first, I
thought it got misfiled and should have been filed under “humor”
but I suspect this is hardly funny. Joe, are you pullin
PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Saturday, August 05, 2006
5:04 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT:
Enterprise Terminal Server Licensing Server question
Hi,
This is not causing any issues that I am aware of, but something does not seem
right. We set
Title: OT: Enterprise Terminal Server Licensing Server question
Hi,
This is not causing any issues that I am aware of, but something does not seem right. We set up two Enterprise Terminal Server Licensing Servers, both DCs. They are both identified in CN=TS-Enterprise-License-Server,CN
Infrastructure
Consultant
MVP Windows
Server - Directory Services
LogicaCMG
Nederland B.V. (BU RTINC Eindhoven)
( Tel : +31-(0)40-29.57.777
( Mobile : +31-(0)6-26.26.62.80
* E-mail :
From:
[EMAIL PROTECTED] on behalf of Thommes, Michael
Title: OT: Microsoft Acquires Winternals Software
You may find this of interest (from today’s WServerNews):
Mike Thommes
=
Microsoft Acquires Winternals Software
Mark Russinovich and Bryce Cogswell have been snagged up by Redmond. And th
Title: root admin account able to be locked out?
Hi AD Gurus!
We have penetration testing going on and I saw a security event log entry that showed our root admin account getting locked out. I was surprised because I thought this account could never get locked out. In addition, we ha
joe's tools again ( 8-) ):
adfind -b ou=Employees,dc=xyz,dc=com -bit -f
"&((objectcategory=person)(useraccountcontrol:AND:=65536))"
samaccountname > c:\temp\pw_never_expires.txt
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alex Alborzfar
Title: importance of "gc._msdcs..com" A records?
What is the importance of the “gc._msdcs..com” A records?
Environment:
1) Split DNS – Unix Bind and AD integrated DNS
2) DCs use:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"RegisterDnsARecords"=dw
Hi Larry,
You might want to check this reference which was posted to this
group a few days ago:
http://iase.disa.mil/stigs/checklist/AD_Checklist_V1R11_20060607.pdf
It discusses physical security and not running other services on DCs,
among other things.
Mike Thommes
-Original Message--
I know, I know...how about the AD Party? We're ethical, right? joe's
probably the most ethical guy around. And he gives stuff away for free.
When was the last time you saw a politician do that? I nominate him for
President! ;-)
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
Title: can I exclude a particular user account from "authenticated users"?
This may sound like an off the wall question, but I would like to exclude a particular user account from the built-in security principal “Authenticated Users”. Is there any way to do this?
TIA!
Mike Thommes
This is the same issue I posted to this
group on 5/25/06. We never did figure out the cause. The local admins were
rebuilding the workstation in question yesterday since that seemed to be the
most expedient thing to do. I will be interested in future postings to this
thread.
Mike Tho
m: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, June 01, 2006 8:55 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] OT: srvinfo output incomplete
Situation: running "srvinfo \\computer_name "
with domain admin credentials from a
Title: OT: srvinfo output incomplete
Situation: running “srvinfo \\computer_name” with domain admin credentials from a remote computer. One w2k3/sp1 server target returns the full complement of information, including CPU, BIOS info, hotfixes, network card info, uptime. Another w2k3sp1 serve
Sorry for the last incorrect answer. Try this:
runas /netonly /user:domain_or_target_computer\username "mmc.exe
eventvwr.msc /computer=target_computer"
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AdamT
Sent: Wednesday, May 31, 2006 11:3
How about:
Runas /netonly /user:target_computer\username "eventvwr.exe
/auxsource=target_computer"
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of AdamT
Sent: Wednesday, May 31, 2006 11:39 AM
To: ActiveDir@mail.activedir.org
Subject: [Active
rrors. Everything
described to this point could easily be related to network issues (especially
at the NIC/Router) as well.
Al
On 5/26/06, Thommes,
Michael M. <[EMAIL PROTECTED]>
wrote:
Hi Shariff (and Darren too!),
Yeah, I saw some entries
in WINS that I didn
, check the system event log on the
client to ensure there are no errors related to authentication, etc.
Darren
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Thursday, May 25, 2006 2:12
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [Acti
Sent: Thursday, May 25, 2006 4:07
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: stuck
processing policy
Hi Mike. Can you post the lines of userenv
right around that GetUserNameEx error?
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M
Title: OT: stuck processing policy
I have a user on a computer that takes forever to log in. She can go to any other computer and log in quickly. Anyone else can go to the computer in question and log in quickly. It is only THIS user on the THIS computer. We have renamed her local profile
.
Could just be a personal preference I suppose...
Aric
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Wednesday, May 24, 2006 12:47 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] AD DNS along with Bind
Hi Freddy
Title: Naming conventions (quasi-OT)
Following this thread, I want to comment
that we name workstations with their local serial numbers. In addition,
we have a process to look through the local security log to see who is the most
common user of the workstation and put their name in the des
Support Engineer
InternationalSOS Pte Ltd
mail: [EMAIL PROTECTED]
phone: (+65) 6330-9785
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Wednesday, May 24, 2006 4:38 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir
The Microsoft link at the bottom of an event
log entry has gotten much better.
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd (NIH/CC/DNA) [E]
Sent: Wednesday, May 24, 2006
10:21 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [Acti
Adeel,
Here is a response from our DNS guy. I hope it helps you.
Mike Thommes
=
Here are the steps I took for delegating the AD zones for example.com:
1) In the example.com zone on the BIND server I added these NS records
to delegate the zone t
Hi Deji,
I was thinking about the following but the results are wrong (and I
don't understand why!):
For /F %a IN ('dsquery server -o rdn -forest') do srvinfo \\%a |find /i
"DNS Server"
Can anyone tell me what I am doing wrong? Thanks!
Mike Thommes
-Original Message-
From: [EMAIL P
"DefaultHidingValue"?
defaultHidingValue
A Boolean value that
specifies the default setting of the showInAdvancedViewOnly
property of new instances of this class. Many directory objects are not
interesting to end users. To keep these objects from cluttering the UI,
telnet or portqry?
telnet [-a][-e escape char][-f log file][-l user][-t term][host [port]]
-a Attempt automatic logon. Same as -l option except uses
the currently logged on user's name.
-e Escape character to enter telnet client prompt.
-f File name for client side loggi
Hi Jorge,
I don’t mean to hijack this
thread but I have also been having an issue with lingeringobjects. I ran your
repadmin command shown below on one of the lingering objects I have. For the
lingering object I specified, the output lists a GUID (“Originating DC”) that doesn’t exist
How do other admins deal with the copious authentication errors a user
will generate after the user resets his password with a CNTL+ALT+DEL and
stays logged into the session with his old credentials?
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.o
H.so *is* ADSIEdit a valid tool to use? I can see the object I
want to delete in ADSIEdit. (Would I be talking to myself if I reply to my own
post?)
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M
CTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Hutchins, Mike
Sent: Tuesday, May 02, 2006 3:06 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] how to get rid of an obsolete DC?
ntdsutil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M
In a child domain I have what I believe is the remnants of an old NT4
DC. Using ADUC, it shows up in the child domain's "Domain Controllers"
OU. When I try to delete it, I get "The DSA object cannot be deleted."
When I use ADSIEdit and go to the domain, it only shows me the two
functioning DCs an
Hi,
In trying to determine why my TS Licensing Server (located on a
W2K3/SP1 DC) is only handing out temporary licenses, although we have
successfully entered the license data, I find the registry key for the
type of license is spelled differently (an extra space) than what I find
in KB834651.
Has anyone tried IPV6 yet? Production? Or just testbed? Any gotchas?
What kind of infrastructure (eg, switches) is needed to support it? How
does AD play in this sandbox?
I am probably out of my league pretty quickly with subject. I've done a
little googling but it seems like a pretty big sub
Maybe this will help. From eventid.net:
Matthew
C. Miller (Last update 11/24/2005):
The error in our server (domain controller) System Event Log was: "The
Security System detected an authentication error for the server .
The failure code from authentication protocol Kerberos was "{Ope
(I didn't get any response to my first query. I thought I would try it
again). This software (http://www.altusnet.com/products/pfp/)
supposedly enhances the default passflt.dll, allowing an admin to
enforce/control password complexity and, at the same time, does a
dictionary check. The price app
Anybody out there have any experience with the PassFilt Pro software by
Altus Networks Solutions, Inc.?
TIA,
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Excellent! Just what I was looking for! Thanks,
Jef!
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Monday, April 17, 2006 3:15
PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] how to
report on scheduled jobs?
Is there a script to output scheduled job information? Maybe something
I could call in a "for" loop driven by a list of servers. Ideally, I
would like to see the job and who's credentials it is running under,
with maybe the schedule.
Mike Thommes
List info : http://www.activedir.org/List.aspx
There is a command that shows on a single line
what services are running on a DC. The output is something like
DS::GC::Time::LDAP:: Can someone help this poor, tired
brain out? Thanks!
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.
> Subject: RE: [ActiveDir] issue with R2 upgrade; SFU confusion?
>
> Ask him/her what the article number is if this is a known issue. If
> he/she says there isn't one then say it sure isn't known very well
> then.
>
>
> --
> O'Reilly Active Directory T
Hi,
I've noticed in our Active Directory environment default settings on
Windows XP and Server 2003 computers for "net time /querysntp" to be one
of two values:
net time /querysntp
The current SNTP value is: time.windows.com,0x1
net time /querysntp
This computer is not currently configured to
|-Original Message-
|From: [EMAIL PROTECTED]
|[mailto:[EMAIL PROTECTED] On Behalf Of
|Thommes, Michael M.
|Sent: Thursday, April 06, 2006 5:54 PM
|To: ActiveDir@mail.activedir.org
|Subject: [ActiveDir] Server 2003 "DNS Admins" group permissions
|
|The default "DNS Ad
Gott
From:
[EMAIL PROTECTED] on behalf of Thommes, Michael M.
Sent: Wed 4/5/2006 7:25 AM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] 2003 DFS/open
files
Can
someone tell me what happens with DFS/replication when a file is
updated on one DFS server and a client has
The default "DNS Admins" group has permission to use the DNS GUI
(dnsmgmt.msc) and to make changes in it but does not have permission to
view the DNS event log (DnsEvent.Evt). Would this just be an oversight
on Microsoft's part?
TIA,
Mike Thommes
List info : http://www.activedir.org/List.aspx
L
Can someone tell me what happens with DFS/replication when a file is
updated on one DFS server and a client has that same file open on
another DFS server?
TIA!
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive: http://www
How about:
dsquery computer -samid
| dsget computer –sid
Mike Thommes
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of matheesha weerasinghe
Sent: Tuesday, April 04, 2006
10:56 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Empty
hostname for a
Hi joe,
Two questions:
-
Are “lingering
objects” the same as “phantom objects”?
-
The help for repadmin on
my 2003/SP1 DCs doesn’t indicate a “/removelingeringobjects”
option. What version do you have that lets you do this?
Thanks!
Mike Thommes
Ps.
These may be of interest to you:
http://support.microsoft.com/kb/277717/en-us
http://support.microsoft.com/?kbid=300427
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Danny
Sent: Wednesday, March 01, 2006 1:42 PM
To: ActiveDir@mail.activedi
Adfind (http://www.joeware.net/win/free/tools/adfind.htm) to the rescue!
I recently had to do this and got it accomplished with the following
syntax (with a little help from joe :) ):
adfind -default -binenc -f
objectGUID={{GUID:0B3F5BC4-5713-4611-8F6A-752A3B0DE664}} dn
("adfind /???" For lots o
Our MS TAM has indicated this is a known bug! I will keep the group
posted as I learn more details.
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Friday, February 17, 2006 10:52 AM
To: ActiveDir
nment where SFU 3.5 had been
installed. Thanks!
Mike Thommes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Thommes,
Michael M.
Sent: Thursday, February 16, 2006 9:07 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] issue with R2 upgrade; SFU conf
Is there a technical reason why the ability to create a new container is
not available in the Active Directory Users and Computers (ADUC) mmc?
(Sorry if this is a dumb question.)
Mike Thommes
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List
1 - 100 of 354 matches
Mail list logo