at
the same point of installing the agent Is there something I am
missing?
2. Should I logon to the w2k3 ad dc as the NT4 admin account?
Over.
-Original Message-
From: Thornley, Dave H [mailto:[EMAIL PROTECTED]
Sent: 05 December 2003 11:58
To: [EMAIL PROTECTED
Hi Rob,
Perhaps I've missed something, but why don't you use ADMT to migrate the
machines?
It has a two stage process where the machine accounts are migrated first
of all, then an agent is dispatched to the workstations which changes
the domain affiliation, translates any ACLs on the machine
with the run as command and
have used the NT4 domain admin account but still fails at the
same point of installing the agent Is there something I am
missing? 2. Should I logon to the w2k3 ad dc as the NT4
admin account?
Over.
-Original Message-
From: Thornley, Dave H [mailto
Title: Message
Hi
John,
Look
at the Directory Access applet in the Utilities folder. This allows you to
configure authentication to external directories.
cheers
dave
-Original Message-From: John Parker
[mailto:[EMAIL PROTECTED] Sent: 23 September 2003
14:40To: [EMAIL
Title: Message
To
provideweb based stuff you're looking for then we're in the middle of
implementing Novell iChain - we run both NDS and AD, but I'm told it can be
installed against either (or any LDAP v3 directory).
Basically it's a reverse proxy that sits between you and the web server,
Title: Message
Hi
Yusuf,
You
need to make the property visible first.
Open
the file c:\winnt\system32\dssec.dat, search for [User], then scroll down til
you find the line lockoutTime=7, and change this to lockoutTime=0. This makes
lockoutTime visible in ACLs.
You
should then be able to
Hi Justin,
We've had some similar problems - we came across a suggestion (can't remember where
I'm afraid) that re-applying SP4 to the server can fix
some of these problems. We did this two weeks ago and haven't seen it since, although
it was a very intermittent problem so it's a bit early
to
Title: Message
Hi
Natacha,
We had
a similar problem where we didn't choose 'Permissions Compatible with NT 4.0'
when setting up the domain, then had to add a trust to an NT 4.0 domain. What we
found was that accounts created manually in Active Directory Users and Computers
were visible
As I understand it SIDHistory entries are added to the access token in the same way
that group membership SIDs are, client version isn't an
issue.
dave
-Original Message-
From: Roger Seielstad [mailto:[EMAIL PROTECTED]]
Sent: 03 December 2002 12:54
To: '[EMAIL PROTECTED]'
Subject: RE:
Dave,
I don't know your exact circumstances or plans, but this was our ADC plan. We
generally had flat Recipients' containers in Exchange
Moved all users with mailboxes to an OU (not Users as we've reserved that for built in
accounts and service accounts).
Create a CA on a 'Never Run' schedule
You need to set the showInAdvancedViewOnly attribute of the object to TRUE
dave
-Original Message-
From: Brown, Bill [contractor] [mailto:Bill_Brown;ssp.navy.mil]
Sent: 15 November 2002 11:24
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Mutilple questions Schema, ou's
Run the
-Original Message-
From: Carlos Magalhaes [mailto:CarlosM;trencor.net]
Sent: 15 November 2002 12:57
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Mutilple questions Schema, ou's
HOW do you DO that?
Regards,
Carlos Magalhaes
-Original Message-
From: Thornley, Dave H
Well following on from this I'll mention Big Brother - we use it on 100 plus servers,
Windows and Unix. Its Open Source and its free.
There's a fairly rich set of scripts that have been developed and shared by the user
community to cater for those things not monitored by
the basic product.
dave
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Monitoring AD
Agreed, except that it is not free for commercial use.
-Original Message-
From: Thornley, Dave H [mailto:D.H.Thornley;shu.ac.uk]
Sent: Tuesday, November 12, 2002 4:02 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Monitoring AD
Title: Message
Hi
Why
not grab it with a loginscript and save it on the workstation somewhere - file
or registry key until you need to collect it?
Check
to see if it's a domain user then search AD for the user and save the result.
You could even skip checking to see if they're a domain
ADMT can report on machines with expired passwords.
HTH
dave
-Original Message-
From: Jason Benway [mailto:[EMAIL PROTECTED]]
Sent: 03 October 2002 16:36
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] Cleaning out old machine accounts
Our AD was upgraded from a NT domain. We have a
Thanks for all the replys - should set the management minds at rest...!
dave
--
Dave Thornley
Systems Support
Sheffield Hallam University
Tel (0114) 225 3822
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
Hi Todd,
We use ADC like this - creating accounts in AD, and allowing ADC to manage the
creation of 5.5 mailboxes across four Exchange servers. You
can specify the Exchange server to use by setting msExchHomeServerName on the AD
account. ADC then uses this to place the mailbox in
Exchange.
We
646.483.3325 cell
[EMAIL PROTECTED]
-Original Message-
From: Thornley, Dave H [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 3:30 AM
To: '[EMAIL PROTECTED]'
Subject:RE: [ActiveDir] ADC Question
Hi Todd,
We use ADC like this - creating accounts in AD, and allowing ADC
to have the users mailbox
created on the right mail server, namely the server at their location. I hope this
helps in understanding what I want to do.
-Original Message-
From: Thornley, Dave H [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, July 16, 2002 10:08 AM
To: '[EMAIL PROTECTED
Hi Justin,
Are you setting the Exchange attributes on the user object in AD? ADC
won't replicate from AD to Ex5.5 without certain attributes set. The
program I wrote sets the following in AD:
mailNickname
msExchHomeServerName
textEncodedORAddress
ADC then creates the mailbox on the 5.5 server.
Do you have DNS alias for the server? There is a problem with Win2k
where servers with DNS aliases can return this error when clients try to
connect. Can't remember the Q I'm afraid.
dave
-Original Message-
From: David Abbishaw [mailto:[EMAIL PROTECTED]]
Sent: 10 April 2002 13:11
To:
Hi,
We had a similar problem some time ago, I can't remember the cause (I'm sure it wasn't
licensing), but we fixed it by moving the master
browser role to another server.
The master browser role had been taken by an Exchange server, we moved it to a domain
controller and that fixed the
Do you have the gc._msdcs A record?
This isn't registered if you disable A record registration by DDNS and IIRC is
required to add machines etc to the domain.
cheers
dave
-Original Message-
From: No Idea [mailto:[EMAIL PROTECTED]]
Sent: 26 October 2001 21:01
To: ActiveDir
24 matches
Mail list logo
