You can encrypt the password used for autologon. There is an API to do
this but it is also included in the tweakui power toy.
Thanks,
-Steve
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Laura E. Hunter
Sent: Thursday, February 16, 2006 5:44 AM
To:
Using Autologon from http://www.sysinternals.com/Utilities/Autologon.htmlIt hides the password using some windows API--Kamlesh
On 2/16/06, Laura E. Hunter [EMAIL PROTECTED] wrote:
So for those of you that need to put Internet kiosks in placesomewhere in your organization, in a lobby or a dining
:[EMAIL PROTECTED] On Behalf Of Ken Schaefer
Sent: Wednesday, 30 November 2005 1:38 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] authentication problem
Hi,
A) IIS logfiles must have something. The browser pops-up the credentials
dialogue when it receives a 401 HTTP status (Access
Ebitz - SBS Rocks [MVP]
Sent: Tuesday, 29 November 2005 2:40 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] authentication problem
Should be error messages in your IIS log files though and if you have a
system state backup from before the changes that would have those [or
should have
for the auditing information - I turned it instantly on.
Thanks for the help.
Cheers,
Kat
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer
Sent: Tuesday, 29 November 2005 10:17 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] authentication
Bradley,
CPA aka Ebitz - SBS Rocks [MVP]
Sent: Tuesday, 29 November 2005 2:40 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] authentication problem
Should be error messages in your IIS log files though and if you have a
system state backup from before the changes that would have
What are the errors you are getting in the error logs? IIS access logs?
CRM 1.2 or 3.0? {I'm assuming 1.2 since 3.0 is just out}
CRM uses integrated authentication on that web app if memory serves me
right...given that its both your CRM and your intranet what IIS changes
did he/she make? I
Employment Training Specialists
Australia
E-mail: [EMAIL PROTECTED]
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley,
CPA aka Ebitz - SBS Rocks [MVP]
Sent: Tuesday, 29 November 2005 2:02 PM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir
Title: Message
When in DOS mode, you will *not* have any
DNS name resolution - all names will be translated via WINS or NBT broadcast or
lmhosts file.
Ensure you have an entry in your lmhosts
file if WINS is not available.
neil
-Original Message-From:
[EMAIL PROTECTED]
@mail.activedir.org'Subject: RE: [ActiveDir] Authentication
in DOS mode
When in DOS mode, you will *not* have any
DNS name resolution - all names will be translated via WINS or NBT broadcast or
lmhosts file.
Ensure you have an entry in your lmhosts
file if WINS is not available.
neil
-Original Message
HI,
As I know off clients and
servers that can talk kerberos will talk kerberos. NTLM will only be used if the
client or the server cannot use kerberos.
Are there other errors in the
event log? (MRXSmb messages...)
0x29 (KRB_AP_ERR_MODIFIED) "Message stream modified"
This indicates that
: [ActiveDir]
Authentication issue with Outlook 2003
HI,
As I know
off clients and servers that can talk kerberos will talk kerberos. NTLM will
only be used if the client or the server cannot use kerberos.
Are there
other errors in the event log? (MRXSmb messages...)
0x29
(KRB_AP_ERR_MODIFIED
From the IAS Help file:
RADIUS protocol
Remote Authentication Dial-In User Service (RADIUS) is an industry standard protocol
described in RFC 2865, Remote Authentication Dial-in User Service (RADIUS), and RFC
2866, RADIUS Accounting. RADIUS is used to provide authentication, authorization,
Title: Message
Looking into my crystal ball.
You're using downlevel (i.e. pre-Win2k) clients, and have enabled
password complexity requirements. This was done after creating non-complex
passwords for the users.
Either disable password complexity, or reset their passwords to something
lto:[EMAIL PROTECTED] Sent: Monday, June 09, 2003
5:30 AMTo: '[EMAIL PROTECTED]'Subject: RE:
[ActiveDir] Authentication Problems.
Looking into my crystal ball.
You're using downlevel (i.e. pre-Win2k) clients, and have enabled
password complexity requirements. This was done after
Have you created two sites each associated with the different networks. (I
suppose it's a routed network?)
-Original Message-
From: Oluwaseyi Owoeye [mailto:[EMAIL PROTECTED]]
Sent: 21 February 2003 10:58 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Authentication irregularities
I
At a command prompt type set logonserver. That'll get you where you logged
in to. If you set up different sites for the two buildings, and associate
subnets with each site, the machines will log into their local DC. This is
assuming you have W2K or XP clients. If you've got 9x or pre SP4 NT4,
PROTECTED]] Sent: Thursday, January 16, 2003 7:49
PMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Authentication ?
Jim,
I'd
like to hear more (and, if others want to chime in, please do) about legacy
apps and sec groups. If myproduction environment and experience is
corr
by: [EMAIL PROTECTED]
01/17/2003 09:57 AM
Please respond to ActiveDir
To:
[EMAIL PROTECTED]
cc:
Subject:
RE: [ActiveDir] Authentication ?
In the testing I've done, I couldn't get any
NT4 API functions to break by using AD in native mode. Universal groups
simply appear
: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Authentication ?
In the testing
I've done, I couldn't get anyNT4API functionsto break by
using AD in native mode. Universal groups simply appear to be global groups.
Any inter-domain members and nested groupsjust don't show up as a
member. I do
Title: Message
If you run DCPROMO on them and make them a
DC they will.
Which youll have to do anyway or
downgrade them to member servers
-Original Message-
From: Don Murawski (Lenox)
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 7:16 AM
To: [EMAIL
:
[ActiveDir] Authentication ?
If you run DCPROMO on
them and make them a DC they will.
Which you'll have to
do anyway or downgrade them to member servers
-Original
Message-From: Don
Murawski (Lenox) [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 16,
2003 7
-
From: EALES, Jack - FPIL
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 7:51 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir]
Authentication ?
switching to native mode
means having NO more NT4.0 BDC's... that's when it becomes a Native domain -
rather than mixed
There are precious few change to a domain when it goes native mode, the most
important being that you can no longer have NT4 BDCs within that domain. It
doesn't mean you can't have them in other mixed mode domains, just not in
any Native Mode ones.
You can have as many NT4 member servers as you
Message-From: EALES,
Jack - FPIL [mailto:[EMAIL PROTECTED]] Sent: Thursday, January 16,
2003 7:51
AMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir] Authentication
?
switching to native
mode means having NO more NT4.0 BDC's... that's when it becomes a Native
domain
PROTECTED]
Subject: Re: [ActiveDir]
Authentication ?
The only way his NT 4 PDCs and BDCs are going to
become DCs in a Win2K domain is to purchase W2K and upgrade them.
- Original Message -
From: Craig Cerino
To: [EMAIL PROTECTED]
Sent: Thursday, January 16, 2003 8
:[EMAIL PROTECTED]] Sent: Thursday, January 16, 2003
11:14 AMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Authentication ?
Unless I am reading
his email wrong - - -
He is considering
going to NATIVE mode which means one of two
things:
He already HAS Win2K Srv
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Authentication ?
The only way his NT 4 PDCs and BDCs are going to become DCs in a Win2K
domain is to purchase W2K and upgrade them.
- Original Message -
From: Craig mailto:[EMAIL PROTECTED] Cerino
To: [EMAIL PROTECTED] mailto:[EMAIL PROTECTED
: '[EMAIL PROTECTED]'Subject:
RE: [ActiveDir] Authentication ?
Let
me clear upmy question!
I
have NO 4.0 BDCs, AllWin2k DC's, but have a lot of legacy clients
and applications.
Switching to native mode, I'm assuming should have NOT impact on these
applications or systems
I agree
-Original Message-
From: Tony Murray [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 11:46 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Authentication ?
Correct - there should be no impact.
Tony
-- Original Message
Title: Message
As long as all DCs
on the wire are 2k ---by definition - - -youll
be ok
-Original Message-
From: Fugleberg, David A
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 11:54 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir]
Authentication ?
We had
-Original Message-
From: Tony Murray [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 9:46 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Authentication ?
Correct - there should be no impact.
Tony
-- Original Message --
From: Don Murawski
,
2003 10:29 AMTo:
'[EMAIL PROTECTED]'Subject: RE: [ActiveDir]
Authentication ?
Let me clear upmy question!
I
have NO 4.0 BDCs, AllWin2k DC's, but have a lot of legacy
clients and applications.
Switching to native mode, I'm assuming should have NOT impact
respond to ActiveDir
To:
'[EMAIL PROTECTED]'
[EMAIL PROTECTED]
cc:
Subject:
RE: [ActiveDir] Authentication ?
Let me clear up my question!
I have NO 4.0 BDCs, All Win2k
DC's, but have a lot of legacy clients and applications.
Switching to native mode, I'm
assuming should
[EMAIL PROTECTED] cc:
Subject:RE: [ActiveDir]
Authentication ?Let me clear up my question! I have NO 4.0
BDCs, All Win2k DC's, but have a lot of legacy clients and
applications. Switching to
native mode, I'm assuming should have NOT impact on these applications or
s
If the user is logging into IIS you would have to search AD for the
request.servervariables(AUTH_USER) or LOGON_USER, for a local account.
So something like this may work for you:
set objUser = getObject(WinNT://Domain/Server/ _
request.servervariables(AUTH_USER))
AdsPath =
When you say, create an entry with the userpassword attribute, what sort of object
did you create?
Anonymous access to the Active Directory is restricted by default. This means that
access is only available to authenticated users.
You can change this by granting READ permissions to the
Tony Murray a écrit :
When you say, create an entry with the userpassword attribute, what sort of object
did you create?
i created an entry inetorgperson.
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive:
In that case I guess you have either installed the inetOrgPerson Kit for Windows 2000
or you are using the .Net Server Beta 3?
I don't know much about the inetOrgPerson class, but if you have installed the Kit
then I believe there are some limitations with the UI and certain of the Wizards.
magic.
--- Arthur C. Clarke
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of
JEHANNO Marie-Amélie
Sent: Friday, May 31, 2002 8:30 AM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] authentication with AD
Tony Murray a écrit :
When you say
If you have Auditing enabled on the DCs for login failure it will show
up in the security log on the DC.
Noah Ravenscroft
-Original Message-
From: No Idea [mailto:[EMAIL PROTECTED]]
Sent: Thursday, September 27, 2001 3:29 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir]
Use audit policies to track them...need to be on NTFS volumes
-Original Message-
From: No Idea [mailto:[EMAIL PROTECTED]]
Sent: 27 September 2001 20:29
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Authentication
When a user/hacker tries to authenticate, failing many times, does Active
42 matches
Mail list logo
