Sorry to throw that half-baked code at you, Tom. I reposted it. It's tested
and works now - in my VM Lab :)
IPCONFIG sees it correctly. Yes, it will overwrite whatever you have in
there, so you would want to adjust your array to include the current entries.
Again, apologies. BTW, this is a mach
Cool. Good to know.
In the meantime, this
http://www.akomolafe.com/LinkClick.aspx?link=change-DNS-Suffixes-thru-GPO.txt
&tabid=63&mid=431 is (IMO) as good as the adm you are doing now, and it
*should* take care of the ipconfig discrepancies. Again, I am not able to
test it right now to prove the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfa
ces
BTW, does this return the correct suffix for you?
wmic nicconfig get DNSDomainSuffixSearchOrder (from cmd)
I'm just curious, and not at a place where I can test. I won't be able to see
your response for a long t
When MS introduced that GPO ability, someone forgot to remember where
ipconfig looks for the information it displays. Ipconfig reads the registry
for the information, but the suffix adm/gpo is not stored in the same
location, so ipconfig will never be able to report whatever you are setting
in the
>>>As an aside, I dislike the use of the word distribution groups and
security groups because both could be used for either. Any group can be a
distribution group, the groups are simply NT security enabled or not NT
security enabled.
Which is why you need to distinguish between them. "Non-NT Secur
This is not in DHCP. This is GPO or script thing. Something like this:
http://www.mail-archive.com/activedir@mail.activedir.org/msg32800.html, for
non-XP clients
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
VM would be an option, but moving the files and share, re-permissioning,
repointing scripts and re-educating users may make that unattractive.
BTW, I heard that "caching-only" will not make it into the final R2. Can
anyone confirm or refute?
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Mic
>>>make it a child domain so he can't climb up the tree
Not only will (s)he be able to run up the tree, (s)he will own the tree, the
leaves, the bushes, the grasses, and, for that matter, the forest.
The Domain is NOT a security boundary. It is an administrative boundary.
Service administrators
MS did not "implement" a limit. The paging is a function of the client doing
the LDAP query and conforms to the specs outlined in RFC 2696.
If you read the RFC, you will come to agree that, although RFCs are not
(strictly speaking) "standards", you are "expected" to page your LDAP
queries.
Si
It is something my company[1] does. If you are interested in talking, we can
take it off-list.
[1] I should say my "main" employer :)
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that To
ow realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: [EMAIL PROTECTED] on behalf of joe
Sent: Wed 9/21/2005 2:03 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] OT: exchange max. dist. list size
Hey Deji... Remember the
I don't have exact figures, but your numbers are unbelievably low. 200 max? I
have DLs with 2300, and those are small.
What gives you this impression? Are you using a tool that's barfing when
expanding DLs with more than 200 membership?
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsof
Brian,
This is how I explain and OPEN Relay. Although there is a common tendency for
people to assume that they are the same, Relay != Open Relay. Relay is NOT a
bad thing. Your Exchange server is meant to relay, and it does relay, like
all the other servers I'm familiar with.
An Open Relay occ
Tom, a while back, I sent you the link to the Exchange Server Technical
Reference. All this is explained in that document.
Go fish, man.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that
For reading and writing files, I use FileSystemObject (FSO), like this:
Set myFSO = CreateObject("Scripting.FileSystemObject")
Set MyFile
=myFSO.OpenTextFile("\\remotecomputername\remoteshare\remoteFile.txt",
8,true)
HTH
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP -
Isn't this simply controlled by the msExchPoliciesExcluded attribute?
The corresponding value is {26491CFC-9E50-4857-861B-0CB8DF22B5D7}. When the
value is absent, then email addy generation is controlled by RUS policies.
When the value is present, RUS policies have no effect.
Sincerely,
Dèjì
Who said you could talk? :)
Honestly, my position on all this is very simple. I was a tech and have been
hacking solutions a long time before I became an MVP. I will always be a
techie first.
It is MS' responsibility to enforce its EULA, and they have enough resources
to do just that. IF I make
OK, Susan. Dew time :)
"Should" and "Can" are not interchangeable, that's my opinion. When I explain
technical feasibilities to customers, I try not to hide the relevant
distinction.
BTW, I think the writer made it sufficiently clear that the procedure is a
"hack".
Sincerely,
Dèjì Akómöláf
Actually, depending on your level of tolerance for pains, I know that you
can.
http://www.akomolafe.com/Portals/1/Creating%20a%20trust%20relationship%20betw
een%20two%20Small%20Business%20Server%202000%20domains.htm
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Ser
http://www.eventid.net/display.asp?eventid=1202&eventno=348&source=SceCli&pha
se=1
Look at the 0x4b8 section.
HTH
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorro
The simple answer: I don't know
The rhetorical question: Why would you want to do that?
A lot of things changed between ISA 2000 and 2004. I will confine my
description to the Enterprise version. The built-in Array functionality has
built-in intelligence that lets you leverage multiple array memb
>>Clustering and Load Balancing I wouldn't really call a tomato tomoto thing
Maybe not in the ordinary sense, Brian. But in the ISA 2004 Enterp realm, we
should be able to do that. OR, if you prefer, we can say "tomato" and
"ketchup" or something. NLB is the way to go in ISA 2004, and the way ISA
If you are using ADMT, then you won't really be doing a netdom. So, you won't
have the dc switch available for use. If you are using ADMT, you need to get
the V3 version. This lets you target a specific DC for the migration process.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP
At least not the way *I* read the way *he* described it :)
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
___
No disagreement about MAPI. Just not the way he described it.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
If the way you described is the way Sector really does their archiving,
please stay away from them.
Now, since your boss wants to offload this to a 3rd-party, the next logical
question is how much is (s)he willing to spend. There are a number of good
offerings out there and the recommendation wil
If you are thinking of finding them as they arrive or as they are being sent,
eventsink is the way to go. I don't know how to write one that will go
through messages already in the store and look for the keyword. But, writing
one that looks for the keyword as the message is coming in or leaving sho
>> Sheesh, i'm getting to hate Exchange
That's a very common feeling. Eventually people either come to love it or
learn to live with it - ask Joe :-)
Anyway, your question is broad, but let me briefly explain this:
When you ran ForestPrep, you are just creating (empty) place-holders in the
Schema
As others have pointed out, modify your policy to remove the 24-hour (one
day) restriction.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Y
The install process still needs to write stuff to the Schema.
Try this:
On the DC being used by the Exchange server during the install (you can find
this by doing "set L" from a cmd prompt) add the following reg value:
HKEY LOCAL MACHINE\System\Current Control Set\Services\NTDS\Parameters
"Sche
That works - IF he has a build process that uses sysprep. Otherwise,
pre-creating the computer account in the appropriate OU before joining it to
the domain will be the way to go from here on.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com
It's time for a code re-write.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: [EM
Which part is "not working" and how is it "not working"?
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
_
Probably because the "patch" is not really installing anything new for IE. It
is just setting a "killbit", setting the compatibility mode to 1024 so IE
doesn't call that component any longer.
Just a SWAG. But that would explain why you don't see anything under
installed components (I haven't chec
So, the ASP pages feed the SQL. If so, then in your case, I'd just extend the
ASP pages to feed AD at the same time. You already have a mechanism in place,
you just need to extend it.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know
Correct. WSUS has internal logic that staggers the deployment/install such
that the clients are not pulling all at the same time. My experience has been
that this staggering is sufficient, and, depending on the number of clients
and sites you have, one server can accommodate and service the request
Good point. If it's a one-time thing, I'm thinking even 10K is a killer. And
MIIS will be like nuking a cockroach.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow y
Sure. But there will be no relationship between them. You would need to know
how to script. You will need to script reading the names from SQL and feeding
each name into AD as new user using "net user", "CSVDE", "straight LDAP",
etc.
It's all free, except for time investment.
Sincerely,
Dèjì
king a
cname is a better way to go.
FYI, you also can't use netsh to set this :) Script is the best way and Deji
was nice enough to post a sample.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of RM
Sent: Tuesday, Aug
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/Server
Help/1e8b6cc0-a434-47d8-84f3-5ee8806a8711.mspx
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the
stry key:
HKLM\System\CurrentControlSet\Services\TCPIP\Parameters\SearchList using
reg.exe or Wscript shell
Should work for XP clients as well.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize
If all your clients are XP, you use GPO to set multiple suffixes.
If you have pre-XP clients in the mix, you use a script to stuff multiple
suffixes in there. I thought I had a sample script for this on my site, but
it's not there right now. When I'm less busy, I'll whip something up and post
it.
You make your disagreement known to the CIO in a corporately-acceptable way -
and move on. Chalk it down as one of the things numerous IT personnel
encounter on a very regular basis everyday.
Don't take it personal, is what I tell myself.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Micros
] On Behalf Of Deji Akomolafe
Sent: Thursday, August 18, 2005 8:37 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] w2k sp4 Kerberos changes?
Do you perhaps have restrictAnonymous enabled? I have first-hand
knowledge of
someone flipping this switch because they couldn't install 03
I think you are onto something there, Steve J
Just finished doing a compare and the problematic system has some
traces of R2 on it.
Apologies for the screen-shot, but it’s faster ;)
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Dir. Services / Secu
Do you perhaps have restrictAnonymous enabled? I have first-hand knowledge of
someone flipping this switch because they couldn't install 039 yet and they
read the tech doc that came with 039 where it says restrictanonymous could be
used to remediate the vuln IF 039 can not be installed immediately.
I meant to send this here earlier, but I ended up sending it to Tony instead
:)
--
Since applying the latest series of Patches release last week, I have been
experiencing the following symptoms:
When trying to connect from any other system to shares on this 2K3-SP1
Yes.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: [EMAIL PROTECTED] on behalf o
Since you said you want to apply it to "all computer account in a domain",
you'd need to apply it at the Domain level. If you don't want it to apply to
the servers (since you said you moved them to a separate OU), you can block
the GPO at the OU where the servers now reside. Alternatively, you coul
Eric,
I just want to be sure that you are not equating backup with cloning. I am
afraid that the OP may take your "eat cake" statement to mean that you are
agreeing with the cloning proposal. Install from media was not made for
cloning. Unless I am wrong again, the install from media is not done
I tested PromoDag about 2-3 years ago. I was very impressed and would have
bought it in a jiffy if their price had not been too high. They later offered
some deal, but by then I was out of budget.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.
Juan,
A reboot is REQUIRED only IF you want the system to be protected. IF you
install the patch and do not reboot the system, the patch will NOT protect
you.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
D
The /norestart option is available for this patch. You can choose to use it
and wait for the latest mutation of the worm to hit the server and reboot it
for you, or you could just simply schedule your patch-and-reboot time and
ensure that the server is REALLY protected.
What I'm trying to say in
This behavior is actually documented. The "warn but allowed installation" was
never intended to work in unattended scenario.
You are either left with the Auto-IT option, or do what this guy suggested
here (I haven't personally done that, mind you):
http://www.appdeploy.com/messageboards/tm.asp?m=
KB192185 has good info on this. You are on the right path, IMO.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
__
Hello, Al.
I am not getting the TTL angle. Since all he is changing is really the DNS
servers and the clients's IP are not changing, I'd say bring up the new DNS
server, copy the zone to the new server (secondary promoted to primary),
reconfigure the DHCP scope to now hand out this new server as
OK, so we know now that Unity is doing the toggling.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
_
Charlie, the mod you are doing in ADUC Exchange Advanced corresponds to the
"ShowInAddressBook" attrib, not the "showInAdvancedViewOnly" attrib. I am not
familiar with Unity, but from what you guys have been saying, it looks that
Unity is toggling the "showInAdvancedViewOnly" value, not (or maybe i
Unfortunately, I don't. I just remember it being a "standard" practice when
we have to "hide" address lists of one company from all the other companies
we were hosting emails for.
If I come across a reference, I'll post it.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Direc
Not as far as I know. Maybe Joe will do something similar to his ABE tool,
thereby nudging MS to come up with something.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomo
Exchange in the mix. Is custom address list in the mix also? Using restricted
view of address list? Could the user have been part of this list and the list
has had its "showInAdvancedViewOnly" set to TRUE in the past? This is common
in the Hosted Exchange space. At least it was when I used to play
r quite follow the reasoning
why about the IM/GC issue... but learn a little more about it each time.
:m:dsm:cci:mvp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rocky Habeeb
Sent: Tuesday, August 16, 2005 12:12 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [
the reasoning
why about the IM/GC issue... but learn a little more about it each time.
:m:dsm:cci:mvp
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rocky Habeeb
Sent: Tuesday, August 16, 2005 12:12 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
I read it to be that he has 2 domains. He fat-fingered the number of FSMO
roles in the child. But the conclusion is still the same - when all DCs are
GCs in a given domain, IM and GC can co-exist.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.
When you move objects, you should see at least 3 "566". One should be for
DELETE because you've REMOVED the object from the current OU; one should be
for CREATE CHILD because you have now added it to the new OU. One should be
for WRITE PROPERTIES because the object's DN is now modified to reflect i
probably because those addresses are still in the registry and have not been
whacked.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterd
>> The question is, "Shouldn't they all have automatically generated
connection objects to everybody else
Not necessarily. They are generated as deemed necessary by ISTG
>> and if they don't, is it just a matter of me adding the manual new
connection object?
You can always add your own connectio
What, you mean you don't trust my codes? Shesh! :-p
'Still using the same folder structure and input file as before, you will run
this AFTER running the previous script
'Code Begins
Const FILEPATH = "C:\MyScripts\"
'Get the input file
Set FSO = CreateObject("Scripting.FileSystemObject")
Se
Let's say the new DNS servers are 192.168.11.250 and 192.168.11.251
Let's say you have a folder called Myscripts in C:\
You create a file called Server-List.txt that contains all your servers'
names, listed one per line and put it in C:\myscripts
Then you copy the following code, put it in a file
[1]
It's actually 64 if you do it through the GUI.
You can stuff 104 in there by script.
[1]They just let me out of my rabbit hole long enough to compose this
response.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.ako
try cusrmgr. Look for the -alg and +s options.
Jsiinc.com had some details on cusrmgr.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yest
You and Jeff are both completely correct - well, almost :). It's
well-documented - I was just too excited to think when I saw Joe cop a plea
on Exchange :)
Since he has E2K3, I believe that this is what he wants:
http://support.microsoft.com/kb/820378/
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+
IIS -> Default Website (or wherever your exchange VD is located) ->
right-click on Exchange -> Directory Security - > Default Domain.
Type in the name of your domain in there or just browse and select it.
And he says this isn’t his specialty ………. Yeah,
right …. ;)
Sincerely,
This? http://support.microsoft.com/?kbid=834926
Next time, if Google lets you down, there is still eventid.net :)
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow
>>Deji, you mention you've already leveraged rendom in production
environments
Correct. One of the most recent involved a divestiture, and that was when I
had the conversation with Chris. You are correct in that this is an
OS-limitation and Chris and I agreed on that too. But, he was th
Rick, you are overlooking one important factor - client usually do not have
the tolerance for the method you are describing, especially not on an
existing, production domain. They don't want to disrupt the existing
infrastructure, they don't want to change what the users are used to, they
don't wan
Guido,
I had a discussion around this issue with Chris Macaulay (of ADMT3) last
year. He said he would look into the possibility of doing something about
this in the next build of v3. It's been more than 7 months since, and a new
V3 build was released last month. You may want to look and see if t
Something similar came up for discussion last week. My response was to
increase the maxreceivebuffer size.
See Q315071 and Q834317
HTH
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that T
iisadmpwd VD is one of the VDs that is ALWAYS neutered on any IIS server I
touch - as part of my "server hardening" procedure. htr is one of the
extensions that gets unmapped in any IIS installation I do. I have been doing
this before IISLOCKDOWN and, luckily, before CodeRed I and II.
Your experi
M
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Affect of a schema update on W2K SP4 AD
Deji,
The attribute is used by the Aelita Exchange migration product. I am having
to change it because Aelita uses it to store the alternate recipients and I
have a few Exc 5.5 mailboxes that b
This issue is discussed in 08_Deploy_ShipDC.doc and there are sample scripts
to make the process smoother and more automated.
The scripts and docs are available in ADBODG03.EXE and can be downloaded from
http://www.microsoft.com/downloads/details.aspx?FamilyID=9353a4f6-a8a8-40bb-9
fa7-3a95c95401
Even though you've prep'd everything, your underlying infrastructure is still
W2K. As a result, you will still be doing a full GC sync.
I have a q, though. Why are you increasing the RangeUpper? I am just curious
and asking for my own education.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Rick,
Got a minute to chat off-list? Don't know if your @cox.net addy is still
live.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yester
Is this helpful?
http://support.microsoft.com/default.aspx?scid=kb;en-us;315071&sd=tech
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yes
This is NOT personal, but let me say that your limits are overly restrictive
and counter-productive as far as fostering good relationship with your
end-users is concerned. In this day and age (html email and all), 25MB is
nothing, especially when you consider the fact that hard drive costs are
expo
http://www.webelists.com/cgi/lyris.pl?join=exchangelist
We occassionally field Exchange questions here, but the list above is
dedicated solely to Exchange. A very good list, but not as gentle as
Activedir.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.
Something that confuses me in this (and in RID allocation generally) is:
Isn't the RIDavailablePool held by the RID master? Is the value replicated
among DCs? If it's not, does a DC have to check with the RID master BEFORE it
increments this value? (I assume that it would, but I am not sure, espe
Admod, eh? That's where you are hiding it? Who woulda thunk :o.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
__
Joe says ExchMbx does not currently support this (got this info from his
website). Now, if you are looking to script proxyaddresses, there are a
number of sample vbscript codes out there to do this. What you need to
understand is that proxyaddresses is multi-valued and should, therefore, be
read/wr
Why not simply add the new group to the existing group that already has perm?
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.com - we know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -an
in a
multi-domain
> environ, or trust establishment, etc), it is not a necessity IF you do the
> necessary home-work.
>
>
> Sincerely,
>
> Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
> Microsoft MVP - Directory Services
> www.readymaids.com - we know IT
> www.akomolafe.
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: [EMAIL PROTECTED] on behalf of Santhosh Sivarajan
Sent: Tue 5/31/2005 4:59 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] _msdcs question
anthosh Sivarajan
Sent: Tue 5/31/2005 4:59 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] _msdcs question
Deji,
I completely understand your point but from my experience, if you
don't have NetBIOS name resolution you cannot establish a trust.
Also, you need to make sure all
gets resolved to the YourDC that is located in MyDomain, which happens to be
the same as YourDC.YourDomain.
Deji
From: [EMAIL PROTECTED] on behalf of Santhosh Sivarajan
Sent: Tue 5/31/2005 2:07 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] _msdcs
know IT
www.akomolafe.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
From: [EMAIL PROTECTED] on behalf of Mike Newell
Sent: Fri 5/27/2005 8:25 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Catch all DNS rec
You are ascribing more power to me than I possess, Rick :p
There is no known way to get Joe's head to be bigger than it currently is.
It's sooo big it has its own separate zip/area code :-0
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Directory Services
www.readymaids.c
I'll yield on this and stand corrected. Although I did not exactly remember
reading about (or observing) this behavior, current materials I just
consulted say that Joe and Diane are correct - as always.
Got to read more.
Sincerely,
Dèjì Akómöláfé, MCSE+M MCSA+M MCP+I
Microsoft MVP - Director
In NT4, all updates go up to the PDC. This is why you will get a true last
login report.
Post NT4, most updates take place on any DC, and lastlogon is one such
update. Because it is possible that a user can be authenticated by different
DC at different time, AND because lastlogon is NOT replicate
A SWAG? I think it's because the tool is NOT looking at the
lastlogontimestamp, it is looking at the regular lastlogon, which,
unfortunately is still not replicated and correlated between DCs. The tools
predate 2K3, so it's possible that they weren't re-written to look at
lastlogontimestamp.
I wo
It *should* be fine. A catch-all will only be mapped for non-existent
records, so if the records exists in DNS, the lookup for that record will
resolve to the right resource.
Now, I qualify "should" because there are some interesting behaviors you will
see when using DNS wildcards. One of them is
401 - 500 of 967 matches
Mail list logo
