'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] [ActiveDir Digest]
Is it possible to apply a group policy to establish one of our managers
as
an administrator on all the laptops we stage for the employees in his
department, without having to manually go in on each laptop in Local
day, October 05, 2005 12:37 PM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] [ActiveDir Digest]
Is it possible to apply a group policy to establish one of our managers
as
an administrator on all the laptops we stage for the employees in his
department, without having to
Thank you Darren
From: "Darren Mar-Elia" <[EMAIL PROTECTED]>
Reply-To: ActiveDir@mail.activedir.org
Jeri-
(Not sure about the thread this email came attached to but here goes)
Yes, you can use Restricted Group policy for this purpose. Its under
Computer Configuration\Windows Settings\Security Set
Is there a way to set up Group Policy to direct two different OUs at login
to connect to their respective system DSNs pointing to specific SQL
databases running on the same terminal server? Am I even saying this right?
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.act
006 5:38 PM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] [ActiveDir Digest]
Is there a way to set up Group Policy to direct two different OUs at login
to connect to their respective system DSNs pointing to specific SQL
databases running on the same terminal server? Am I e
inal Message-
From: Bland, Jeri [mailto:[EMAIL PROTECTED]
Sent: Monday, May 15, 2006 4:38 PM
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] [ActiveDir Digest]
Is there a way to set up Group Policy to direct two different OUs at login
to connect to their respective s
Thanks Jef, I'll give it a whirl
From: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] [ActiveDir Digest]
Date: Tue, 16 May 2006 09:12:09 -0500
Reply-To: ActiveDir@mail.activedir.org
Jeri,
System ODBC DSN's are stored in the registry at
HKLM\SOFTWARE\ODBC\ODBC.INI\.
The DSN names them
Although this also involves Exchange, I hope someone can help me with the
following scenario as soon as possible:
Same Company
Two Separate Forests
Two Separate Domains
Two-way transitive trust
One Exchange Org with Admin Group One as Forest A
and Admin Group Two as Forest B
Full ability
Jeri, the ADC is the component that helps to bridge the 5.5 and AD directories. Regardless of what happens, you should have the ability for the ADC to put Exchange 5.5 data into the AD and vice-versa. Although the 5.5
server is gone in forest A that doesn't necessarily mean they can't have the AD
just trying to use every resource available to resolve
our issue. Thanks for your help.
Date: Thu, 1 Jun 2006 21:37:11 -0400
From: "Al Mulnick" <[EMAIL PROTECTED]>
Subject: Re: [ActiveDir] [ActiveDir Digest]
Reply-To: ActiveDir@mail.activedir.org
--=_Part_757_19584744.11492
If I change the domain admin password in AD, do I also have to change it in
all the Services accounts? Do I have to change it anywhere else?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Sunday, September 18, 2005 11:16 PM
Subject: [ActiveDir Digest]
7;
Subject: RE: [ActiveDir] [ActiveDir Digest]
If I change the domain admin password in AD, do I also have to change it in
all the Services accounts? Do I have to change it anywhere else?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Sunday, September 18,
Here's two places to look:
- any persistent mappings where authentication is done
- scheduled jobs
HTH,
Mike Thommes
From: [EMAIL PROTECTED] on behalf of Bland, Jeri
Sent: Mon 9/19/2005 4:32 PM
To: 'ActiveDir@mail.activedir.org'
Subject:
ECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Bland, Jeri
Sent: 19 September 2005 22:33
To: 'ActiveDir@mail.activedir.org'
Subject: RE: [ActiveDir] [ActiveDir Digest]
If I change the domain admin password in AD, do I also have to chang
The Microsoft 'rule of thumb' is to allow 400Mb for each 1000 users (as per
the w2003 deployment kit).
E.g.
- Allow 800Mb for 2,000 users
- Allow 2Gb for 5,000 users
- Allow 4Gb for 10,000 users
- Allow 20Gb for 50,000 users
- Allow 40Gb for 100,000 users
I guess what I'm trying to illustrate is
NetWare 3 used a Bindery, which existed on each server. This in essence meant
that each server had its own SAM equivalent and was 'stand alone'. If you
needed to connect to a server resource, then you needed a login account
created on that server. [Imagine using local accounts in w2k on each serve
This question can be answered in an number of ways, depending upon the nature
of the issue that one is trying to mitigate against.
1. Deleted objects can be re-animated from another DC which has yet to receive
the deletion event, perhaps because that DC is in a site which only replicates
with it p
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil
Sent: Thursday, March 04, 2004 3:36 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] [ActiveDir Digest]
This question can be answered in an number of ways, depending upon the
nature
of th
net (download joeware)
http://www.cafeshops.com/joewarenet (wear joeware)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Eric Fleischman
Sent: Thursday, March 04, 2004 7:37 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] [ActiveDir Digest]
If I co
This can only be done by querying for the lastLogonTimestamp attribute across
*all* DCs in your domain. In w2k this attribute's data is not replicated
between DCs, but in w2k3, this data is replicated and shared between all DCs
in the domain so is more readily available.
Thanks,
Neil
MVP (AD)
--
, Neil
Sent: Wednesday, August 04, 2004 4:36 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] [ActiveDir Digest]
This can only be done by querying for the lastLogonTimestamp attribute
across
*all* DCs in your domain. In w2k this attribute's data is not replicated
between DCs, bu
To minimise impact, consider the following approach:
1. Upgrade the schema
2. Upgrade the Domain Naming Master
3. Upgrade a DC hosting no FSMO roles (or one hosting roles which can be unavailable
for a period of time e.g. RID master)
4. Move the PDC role to the DC upgraded in 3.
5. Upgrade th
With all due respect to Mr Wells: I'm not sure Dean really answered the
question - instead, he offered an alternative way to create objects, such that
they are removed automatically, after a TTL expires.
:)
Neil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent:
those rules,
I would say Dean answered the question perfectly.
joe
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ruston, Neil
Sent: Monday, September 06, 2004 5:10 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] [ActiveDir Digest]
With al
In the past, I have simply enabled 'user must change password at next logon'
as part of the user creation process.
The user will then be *forced* to change his/her password at next (i.e. first)
logon and cannot continue to work until that pw change has been actioned.
Thanks,
Neil
PS I am assumin
Hi,
the windows-hied list (there is a link from http://windows.stanford.edu)
discusses these issues for hied. There is an archive at:
http://admin.ufl.edu/windows/discussions/windows-hied/
search in the subject for "OU design".
Empty root is certainly a design option but I do not believe
that
26 matches
Mail list logo
