AW: [ActiveDir]

Hi Chris, If you have a backup of that domain - restore. If you don't have a backup, and it was the fist domain in the forest (forest root) then create a new forest and migrate step by step every of the existing domains into the new forest (ADMT or other migration tools from 3rd party vendors wil

AW: [ActiveDir] Exchange

You must install Exchange System-Manager on every computer you want to use AD administrator with the exchange-specific tabs. Then just start AD administrator and it works! Ursprüngliche Nachricht- Von: Jon Sellers [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 13. März 2002 15:16 An: [EMA

AW: [ActiveDir] Introductions...

We have been trying for almost a year now to link 2 sites !!! the POLITICS are the killer. Just wait until you get to who has the FSMO roleschildren, children. good luck and make sure you have a reservation for a berakdown sometime early in the New Year. Mark -Ursprüngliche Nachricht

AW: [ActiveDir] Dieing forest

Hello Rens,   Migrate with ADMTv2, look into the guides MS published for a migration from one forest into another. Since you are able to keep the SID in the SIDHistory you are able to retain permissions, however I'd also look to reAcl the Ressources to the new SIDs. This can be done with ADMT

AW: [ActiveDir] Replication issues

Hi Russ,   there's a additional tool which would be able to help you here. If you register the AcctInfo.dll on the Computers running Active Directory Users and Computers it extends the property pages of a useraccount by a Tab "Additional Account Information". On this tab you can see some more

AW: [ActiveDir] hidding users

Maybe the AD List Mode will be an option for you: http://www.chrisse.se/MAQB.asp?ID=34 Ulf -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Kern, Tom Gesendet: Donnerstag, 20. Mai 2004 20:00 An: ActiveDir (E-mail) Betreff: [ActiveDir] hidding users

AW: [ActiveDir] Root Hints

Hello Russ, they just get repopulated if you delete all of them (keep one and it doesn't get repopulated). There are multiple instances where you need to change to keep them from repopulating. One instance to change that is the checkbox Dean pointed out, but what I also like is just putting in you

AW: [ActiveDir] DNS replication

Hi there, That's my problem: 15 minutes is too slow. Is there any chance to make a kind of "urgent replication" like it was on a NT4 domain when you disable a user? Cu, Alex -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Gesendet: Mittwoch, 26. März 2003 15:1

AW: [ActiveDir] migrating accounts

If you try to start at Novell, DirXML or Novell Account Management could be something for you. These Novell products synchronize users (incl. passwords) between NDS and MAD. You would have to pay for the licences - but it could be worth it, as long as your migration will succeed.   Mike Ton

AW: [ActiveDir] Remote Administration

Thank you very much - it works fine :-) Mike -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]Im Auftrag von Abbiss, Mark Gesendet: Donnerstag, 6. September 2001 14:01 An: '[EMAIL PROTECTED]' Betreff: RE: [ActiveDir] Remote Administration Just run the ADMINPAK

AW: [ActiveDir] DNS question

Thank you everybody for your help!! > > It has been reported (though I've not personally > experienced it) that the > > DNS client tends to preference either the public servers or > the alternate > > server ... this being the case, resolution against the zone(s) > representing > > Active Direct

AW: [ActiveDir] Simple LDAP Query

Hi Michael,   just define it in the search base, e.g. LDAP://ou=myou,dc=mydomain,dc=com. You define usually searchbase, filter, attribues and scope - and searchbase does not need to be the domain, it can be any LDAP Path.   HTH, Ulf Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftra

Re: AW: [ActiveDir] hidding users

> To: <[EMAIL PROTECTED]> Sent by:cc: [EMAIL PROTECTED] Subject: AW: [ActiveDir] h

RE: AW: [ActiveDir] hidding users

them eather => you'll just hide the whole OU that contains the admin accounts and the admin groups... /Guido -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mike Baudino Sent: Donnerstag, 20. Mai 2004 23:48 To: [EMAIL PROTECTED] Subject: Re:

Re: AW: [ActiveDir] DNS replication

D]'" <[EMAIL PROTECTED]> m> cc: Sent by: Subject:

AW: [ActiveDir] ActiveDir and DNS

My domain runs fine without MS DNS. All I use is a DNS forwarder to my internet provider.   -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Im Auftrag von Giovanni Bianchini Gesendet: Dienstag, 13. November 2001 16:25 An: [EMAIL PROTECTED] Betreff: [Act

AW: [ActiveDir] a small problem.

In my experience a pc that shows this behaviour has a mapping to a network drive that doesn't exist anymore. Sometimes a defect CD-Rom shows similar behaviour. The box tries to access it but without success. After a while it gives it up and then shows the available network drives. mike -Ur

AW: [ActiveDir] Service monitoring tools

Depending on how deep you want to get into monitoring and how complex your network is, a good product is RoboMon by Heroix. Can do what you need and a whole lot morewe are just about to install it here after comapring it with NetIQ and MOM Mark -Ursprüngliche Nachricht- Von: Al Lil

AW: [ActiveDir] Group Membership Update Frequency

Joe, thanks a lot for your helpful reply and sorry that my reply took so long. I am still waiting for a response because of my Microsoft Support ticket. Its my goal to combine GPO´s with Security Groups to manage different actions of the servers in the same OU. For this reason I created some Se

AW: [ActiveDir] help querying for groups

Hi Mark,   first thing which comes to my eyes is that the base it not started and ended with "<" and ">", but the whole query including base, filter and scope is.   So what I'd try is modifying the line beginning with strBase with strBase = "LDAP://dc=my,dc=domain,dc=com;"   and the line star

AW: [ActiveDir] Indexing attributes in GC's

Event to it's replication partners if they are W2k? I somewhat heard that WS2k3 <-> WS2k3 will always particial replicate syncs, while W2k <-> WS2k(3) will always full sync? -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Dean Wells Gesendet: Mittw

AW: [ActiveDir] RID master / ADMT 2.0

If you use SP4 your DCs will request a new rid pool as soon as 50% of the old pool is consumed. Have a look here: http://support.microsoft.com/default.aspx?scid=kb%3ben-us%3b316201 You can also adjust the number of rids a DC requests by changing the "RID Block Size" value in the registry (see same

AW: [ActiveDir] AD Policy Logon Error

We are using DHCP. I checked the DNS entries and they are correct. mike > -Ursprüngliche Nachricht- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] Im Auftrag von > Jacqui Hurst > Gesendet: Samstag, 5. Januar 2002 12:05 > An: [EMAIL PROTECTED] > Betreff: RE: [Active

AW: [ActiveDir] AD Policy Logon Error

Message- From: [EMAIL PROTECTED] [ mailto:[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> ]On Behalf Of Mike Tonazzi Sent: 07 January 2002 06:17 To: [EMAIL PROTECTED] Subject: AW: [ActiveDir] AD Policy Logon Error We are using DHCP. I checked the DNS entries and they are c

Re: AW: [ActiveDir] Service monitoring tools

"Abbiss, Mark" wrote: > > Depending on how deep you want to get into monitoring and how complex your > network is, a good product is RoboMon by Heroix. > > Can do what you need and a whole lot morewe are just about to install it > here after comapring it with NetIQ and MOM > > Mark I tho

AW: [ActiveDir] how to restrict RootDSE access

Hi Tony, Security Testing Companies consider it a vulnerabilty, if LDAP returns null base information. An attacker could use the information on namingContexts and supporte control for malicious activity, they say. They suggest to use an access control to prevent users from dumping the base of the

AW: [ActiveDir] Server availability/monitoring/management tools

Thanks, looking at it right now..anything else out there ? Mark Abbiss EADS Headquarters 81663 Muenchen Deutschland Phone : +49 (0)89 607-34776 Email:[EMAIL PROTECTED] -Ursprüngliche Nachricht- Von: Strand, Ted [mailto:[EMAIL PROTECTED]] Gesendet: Donnerstag, 10. Januar 2002 14:51

AW: [ActiveDir] Server availability/monitoring/management tools

Appmanager. I've really liked Appmanager where we used it at my last job. -Original Message- From: Abbiss, Mark [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 10, 2002 8:53 AM To: '[EMAIL PROTECTED]' Subject: AW: [ActiveDir] Server availability/monitoring/management t

AW: [ActiveDir] Clusters - Good or Bad idea?

I am specially interested in NLB (network load balancing) for a webserver farm. Here is what I found on Microsoft's Website (it's a overview over Clustering and Network Load Balancing) http://www.microsoft.com/windows2000/advancedserver/evaluation/business/ overview/advanced.asp

AW: [ActiveDir] Clusters - Good or Bad idea?

Is it a big price difference btwn. BigIP and Win2K NLBS? -Ursprüngliche Nachricht- Von: Ayers, Diane [mailto:[EMAIL PROTECTED]] Gesendet: Dienstag, 5. März 2002 18:09 An: '[EMAIL PROTECTED]' Betreff: RE: [ActiveDir] Clusters - Good or Bad idea? We've used both the NT 4.0 WLBS and WIn2K

AW: [ActiveDir] Running progam automatically at logon

Title: Nachricht Well, the best place to control user logon actions would be to write a custom ms-gina dll. This way you can even let your program decide who is allowed to log in. There have already been some mails about ms-gina programming. This way you are able to do some actions right a

AW: [ActiveDir] Bulk of client going to PDC

Hi Kamlesh, first of all, iwould enable the logging of the Netlogon Service. I ve found an article in the WindowsITPro The Netlogon service is one of the key Local Security Authority (LSA) processes that run on every Windows domain controller. When you troubleshoot authentication proble

AW: [ActiveDir] Variables allowed for creating home folders

Hello Stephen,   I don't think so. AFAIK the only variables which you are able to use during logon are the ones which are system variables on the clients plus the %username%. Variables defined in the context of the user are not available at this time.   AFAIK2 - the variable username is fille

AW: [ActiveDir] Setting Desktop Settings via Group Policy

Hi Raymond, one thing that didn't get mentioned: If your users don’t have a profile right now, you can change the default profile as well instead of assigning a mandatory (where the changes a user make will be lost after every session). The default profile is being used if a profile of the users

AW: [ActiveDir] Accessing NT4 resource domain via sIDHistory

Thanks for all of your answer - BUT I know about sIDHistory and how it works. I am looking for how the authentication using sIDHistory works. Does there have to be a secure channel in place between the target AD domain and the not-trusted NT4 resource domain? I also know that as soon as the tru

AW: [ActiveDir] Accessing NT4 resource domain via sIDHistory

y the wording. Or did I get it wrong again? Cheers, Bert -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Bert Skorupski Gesendet: Donnerstag, 12. Mai 2005 10:16 An: ActiveDir@mail.activedir.org Betreff: AW: [ActiveDir] Accessing NT4 resource domai

AW: [ActiveDir] Win2K Server install - driving me crazy !

Thanks to everyone who offered help and advice. In the end the vital piece of missing advice was "plug the network card of your 'to-be-installed' domain controller, into some other network device such as a hub or another pc´s network card". After I did that the instalation of AD worked fine and n

AW: [ActiveDir] changing the Pre-Windows 2000 computer name

I dont seem to have much luck with my posts to this list...have I upset anyone ? have I been blacklisted for some reason ? Do I smell bad ?   To support my post regarding changing the Pre-Windows 2000 name of a members server I found this in the Microsoft documentation (URL-http://www.mi

AW: [ActiveDir] Dial-In Property Sheet and Windows XP SP1

Better this way, it really Bugs me since it’s buggy.   I hope for a new Adminpak with SP1.   Ulf   Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Fuller, Stuart Gesendet: Freitag, 14. Mai 2004 21:48 An: '[EMAIL PROTECTED]' Betreff: RE: [ActiveDir] Dial-In Prop

AW: [ActiveDir] Can't join a server to an existing domain

Many thanksproblem solved...i only half configured DNS !! Mark Abbiss EADS Headquarters 81663 Muenchen Deutschland Phone : +49 (0)89 607-34776 Email:[EMAIL PROTECTED] -Ursprüngliche Nachricht- Von: David Lloyd [mailto:[EMAIL PROTECTED]] Gesendet: Mittwoch, 16. Januar 2002 14:30 An:

AW: [ActiveDir] Cached Domain Credential logon expiry for Win2k/X P

Hi Joe, AFIAK the passwords of the computer accounts are not set to expire, but they are automatically changed. The password change is done from the netlogon service. The default time in NT was 15 days, changed to 30 days in W2k and later. The client might decide to change after the half of th

AW: [ActiveDir] Block User and Computer Group Policy on a particular machine

Move the machine account(s) into another OU for which You then can define another policy. -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Jennifer Fountain Gesendet: Mittwoch, 23. Juli 2003 18:56 An: [EMAIL PROTECTED] Betreff: [ActiveDir] Block

AW: [ActiveDir] How do I grant user with rights to "logon as a service" on local machine.

In Windows you can grant and deny rights. If you deny someone the right To logon as a service and later on you grant him this right, then he'll Still don't have the right to logon as a service. This is what the "Effective column" says. Your "Local Policy column" probably says "grant this Right to

AW: [ActiveDir] How do I grant user with rights to "logon as a service" on local machine.

tested all the places I know where this right is being handled, and could not see any "deny". Avishay -Original Message- From: Tom-The-Bomb [mailto:[EMAIL PROTECTED]] Sent: Tuesday, July 31, 2001 2:32 PM To: [EMAIL PROTECTED] Subject: AW: [ActiveDir] How do I grant user with