Search Results

Search found 22 results on 1 pages for 'aduc'.

Page 1/1 | 1 

  • ADUC Exchange tabs - Windows 7 & Exchange 2003

    - by John Gardeniers
    I have the admin tools install on a Win 7 64 bit machine but would like to see the Exchange tabs in ADUC. Googling shows this is a popular request and the most common solution (and the only one which appears to work to all) is to install Exchange Server Management for Vista using esmvista.msi /q. That may well have worked on beta versions of Win 7 but is definitely not working with my OEM copy of Win 7. Can this perhaps be made to work by installing from an Exchange 2007 CD (which I don't have at this time), bearing in mind that we have Exchange 2003 only? Can someone please offer a solution that works? I figure some of you must have solved this by now. Edit: I don't know if this is relevant or not but the Win 7 machine is also running Office 2010 Pro. About the bounty I had intended to award the bounty to gWaldo for having taken the extra steps to try to help me with this issue. However, as I was about to do so my screen started scrolling and I actually clicked on the answer posted by natxo asenjo, who's answer offended me, without realising it. Perhaps if I wasn't rushing I might have noticed but that's now history.

    Read the article

  • In ADUC MMC, Advanced View, how to get Attribute Editor tab on the result of a Find?

    - by geoffc
    In Win2008 MS added a new Tab on objects in ADUC. Called Attribute Editor it is like Novell Console One's Other tab, or an arbitrary LDAP editor view, or an ADSI Edit style view. Basically it shows all allowed attributes for the object class, and allows you to edit according to your permissions. You need to enable Advanced Options in the View menu before it shows up. This is great, however it only shows up when you browse the directory tree and select an object. If you use the Find tool and open an object Attribute Editor is not shown. How annoying! Especially if your domain has more than 2000 users in a single container, then you almost must use Find to get to an object. Is there any way to make the Attribute Editor tab show up after using Find to open an object?

    Read the article

  • Active Directory: Viewing "Attribute Editor" after finding an account via ADUC's "Find" option

    - by Beaming Mel-Bin
    When I activate the Advanced features (View - Advanced Features) and open a user's properties by navigating to their OU and right clicking the user object, I see the Attribute Editor tab. However, if I search for a user (right click the domain - Find - search for the user), and double click on the user, I do not see the tab. I cannot normally navigate to users because some OUs have too many users. Can someone suggest an alternative that allows me to view the Attribute Editor tab?

    Read the article

  • "Unknown user name or bad password" when I launch ADUC

    - by Chris
    When I open up Active Directory Users and Computers from my workstation, I receive an error: Naming information cannot be located because: Logon failure: unknown user name or bad password. Contact your system administrator to verify that your domain is properly configured and is currently online. If I log in to my workstation as somebody else, it works. If I log into a different workstation using my account, it works. All the workstations in question are running Windows Vista (32 and 64 bit) or Windows Server 2008. The domain controller in question is running Windows Small Business Server 2008. Everything else (that I tried) in the Remote Server Administration Tools runs just fine. Any thoughts? Edit: I just tried reinstalling RSAT. No such luck.

    Read the article

  • How can I recreate root dnsNode objects and their RootDNSServers folder in AD after they are deleted?

    - by TonyD
    A few days ago I was trying to permanently remove root hints from my DNS server. After much ado, I decided to go a different route and am now trying to put everything back as it was. During the original process, I opened ADUC, clicked ViewAdvanced Features, and then browsed to System MicrosoftDNS and deleted the folder RootDNSServers. Now in ADUC, I cannot create a folder here to replace the one I deleted. I can run adsiedit and load DomainDNSZones for my domain. Under there, I see MicrosoftDNS, RootDNSServers, with all of the objects still inside of it. Is there a way for me to undo what I did? Can I recreate these objects in ADUC? Can I do something else to cause them to show back up there? Thanks!

    Read the article

  • How to select a user and remove all groups they are a member of using Powershell (with Quest)?

    - by Don
    I've read quite a bit online about this and thought I had found a solution, but it doesn't seem to be working like I would expect. I am wanting to get a user based on the username I input, then remove all groups that it is a member of. Basically the same thing as going into ADUC, selecting the user, selecting the Member Of tab, highlighting everything (except domain users of course) and selecting remove. Here's the command I'm trying to use: Get-QADUser -Name $username | Remove-QADMemberOf -RemoveAll Others have said online that it works for them, but so far it hasn't for me. It doesn't give an error, it accepts the command just fine, but when I look in ADUC, the groups are still there for the user. Any suggestions as to what I may be doing wrong? Executing from Windows 7 with domain admin rights, Exchange cmdlets and Quest snapin loaded. Thanks!

    Read the article

  • How to connect Home Folder using PowerShell

    - by Maximus
    I tried to create user using New-QADUser cmdlet. I know this cmdlet has -HomeDrive switch. But the problem is that cmdlet is just applying path string to user's account and not creating user's home directory on the fileserver like it happens when you use ADUC console. How can I do it corerctly?

    Read the article

  • Windows Phone 7 ActiveSync error 86000C09 (My First Post!)

    - by Chris Heacock
    Hello fellow geeks! I'm kicking off this new blog with an issue that was a real nuisance, but was relatively easy to fix. During a recent Exchange 2003 to 2010 migration, one of the users was getting an error on his Windows Phone 7 device. The error code that popped up on the phone on every sync attempt was 86000C09 We tested the following: Different user on the same device: WORKED Problem user on a different device: FAILED   Seemed to point (conclusively) at the user's account as the crux of the issue. This error can come up if a user has too many devices syncing, but he had no other phones. We verified that using the following command: Get-ActiveSyncDeviceStatistics -Identity USERID Turns out, it was the old familiar inheritable permissions issue in Active Directory. :-/ This user was not an admin, nor had he ever been one. HOWEVER, his account was cloned from an ex-admin user, so the unchecked box stayed unchecked. We checked the box and voila, data started flowing to his device(s). Here's a refresher on enabling Inheritable permissions: Open ADUC, and enable Advanced Features: Then open properties and go to the Security tab for the user in question: Click on Advanced, and the following screen should pop up: Verify that "Include inheritable permissions from this object's parent" is *checked*.   You will notice that for certain users, this box keeps getting unchecked. This is normal behavior due to the inbuilt security of Active Directory. People that are in the following groups will have this flag altered by AD: Account Operators Administrators Backup Operators Domain Admins Domain Controllers Enterprise Admins Print Operators Read-Only Domain Controllers Replicator Schema Admins Server Operators Once the box is cheked, permissions will flow and the user will be set correctly. Even if the box is unchecked, they will function normally as they now has the proper permissions configured. You need to perform this same excercise when enabling users for Lync, but that's another blog. :-)   -Chris

    Read the article

  • Unable to remove broken Exchange 2003 installation (SBS 2003)

    - by Austin ''Danger'' Powers
    We have a non-functional Exchange 2003 installation on our SBS 2003 server that I am trying to uninstall. So far we have never used, and will never use, Exchange on this server- all we need is to remove it from the system (as it is installed on a partition which we want to merge with the main data partition to increase network storage capacity). Attempting to remove it using Add/Remove Programs produces the following error: When doing a search in ADUC to see which users still have a mailbox associated with them, it seems to only be the domain administrator account: As the Exchange installation is broken, it is not possible to run either System Manager or Exchange 5.5 Administrator to make mailbox changes. How can I forcibly remove a mailbox (which does not need to be salvaged or backed up), to allow the uninstall of Exchange to proceed? Any ideas would be appreciated!

    Read the article

  • How can I permanently remove default root hints from a Server 2008 DNS server?

    - by TonyD
    My network exists in private address space and I am unable to perform DNS lookups against DNS servers on the internet directly (blocked by firewall). There are other networks that exist in the same private address space as my network. I need to be able to perform DNS lookups for devices in these networks as well. There are 2 main internal DNS servers in this private address space, but not on my netowrk. I can perform DNS lookups against both of these servers for devices internal to our address space and names on the internet. I would like to permanently remove the root hints from our Server 2008 R2 DNS server and replace them with these 2 internal DNS servers. I have removed them from the dnsmgmt console, the C:\Windows\System32\DNS\cache.dns file, and from the RootDNSServers folder under the System folder in ADUC. Even so, they continue to repopulate into the root hints tab in the server properties for DNS after roughly an hour. Does anyone know how to permanently remove these entries?

    Read the article

  • Active Directory Support Folder Redirection AND Portable Home Directories?

    - by Robert F
    Does anyone here know if Active Directory will support the use of both Windows Folder Redirection and Mac OS X's Portable Home Directories for synchronizing a user's files to a remote share? I want to synchronize my user's files with a remote share as a way of backing up their data. This is fairly straightforward if a user has only a Windows computer or only a Mac computer. However, will Active Directory support a situation in which a user has both types of computers or they have a Mac on which they're running Windows within Parallels? If I configure a remote share via Group Policies for their Windows files and then configure a different share for their Mac files via ADUC, when they change a file on either computer, will AD know which computer the file was changed on and synchronize that file with the appropriate remote folder? Thanks!

    Read the article

  • SBS 2008 File access restrictions after 5:30PM

    - by Moif Murphy
    Hi there, SBS 2008, I have an issue whereby a user can't access a file after 5:30PM. They get the message: "cannot be accessed. The file may be corrupted, located on a server that is not responding, or read only I've checked the logon hours on the AD User account in question and there's no restrictions there. I have noticed that the account in question does not appear in the SBS Console, only in ADUC which means the account wasn't added using the wizard. It's a long shot but would that make a difference? Other than that I'm pretty stumped, any suggestions welcomed. Thanks

    Read the article

  • Modifying Exchange 2003 accounts in Exchange 2010 management console?

    - by MartinC
    You can look at Exchange 2003 accounts via the 2010 Management console but is modifying supported? No warnings that it is not, and all is held in Active Directory. Adding an additional email address works... But results in Error 4, Keywords "classic" Task Get-MailboxStatistics writing error when processing record of index 0. Error: Microsoft.Exchange.Management.Tasks.MdbAdminTaskException: Mailbox 'domain/OU/account name' doesn't exist in an Exchange 2007 or later mailbox database. Management Console has the updated change, as does ADUC in 2003.

    Read the article

  • A Duplicate name exists on the network

    - by Adam
    Recently we changed out office IT structure from having a dedicated server to be the DC, a dedicated server for the exchange etc... (Each running Windows Server 2003 R2) Now we have a single server running Windows SBS 2008 and created a new domain (with a different domain name) We then changed every PC so it connected to the new domain and renamed every PC with a new naming structure. After I had done this, we were getting several PCs that would get the following message just before the login screen (Alt+Ctrl+Del Screen) A Duplicate name exists on the network I have checked the ADUC and have removed the trouble PCs from the list and renamed each PC and changed the SID before connecting back onto the domain but still getting this message. I have tried everything that i can think of but still getting the problem. Any help would be greatly appreticated.

    Read the article

  • VBS Script for modifying multi-value Active Directory display specifier

    - by sh-beta
    Following the howto Extending the Active Directory Schema To Track Custom Info I'm able to setup a single-value schema attribute that is easily changeable via a context menu in ADUC. Multi-value schema attributes get considerably more complicated. Say (for the sake of argument) my value is "Projects" and each user may be a list as many projects as necessary. Following is a sad little script that will set Project to a single value: Dim oproject Dim oUser1 Dim temp1 Set oproject = Wscript.Arguments Set oUser1 = GetObject(oproject(0)) temp1 = InputBox("Project: " & oUser1.project & vbCRLF & vbCRLF & "Project") if temp1 <> "" then oUser1.Put "project",temp1 oUser1.SetInfo Set oUser1 = Nothing Set oproject = Nothing Set temp1 = Nothing WScript.Quit How can I modify this to allow, assign, and modify multiple values?

    Read the article

  • Exchange 2003 IMAP not working for some users

    - by John Gardeniers
    We normally don't have a need for IMAP connections from outside the company network but in order to allow a one user to use IMAP on a portable device I've turned it on and opened port 993 on the firewall. When the user in question was unable to get connected I tested this using Outlook remotely. Start by creating a new IMAP account in Outlook using a test account. No problems, it worked perfectly. Now try the same thing using the account of the user who actually needs to connect and it's a no-go. Outlook simply keeps prompting for logon credentials. Next I tried using my own account and that too failed. Testing with a couple of other accounts worked perfectly. Interestingly enough, with my own account I've used IMAP on a MAC before (internally) without a problem and I'm not aware of anything that has changed which could affect IMAP on my account. Checking the user settings in ADUC showed that all accounts have the same Exchange protocol settings. Specifically, IMAP is enabled. A check of the event logs on the server reveals no entries for the connection attempts, making this kind of difficult to debug. Has anyone here encountered such a situation and, even more importantly, what caused it?

    Read the article

  • What ways are there to set permissions on an Exchange 2003 mailbox?

    - by HopelessN00b
    I'm having a difficult/impossible time tracing down a permissions issue on an Exchange 2003 mailbox, and I was wondering if I'm missing any technical possibilities here. The basic question is what ways are there to set a user's permissions to access a mailbox in Exchange 2003? I know of two. Permissions on the mailbox itself (Mailbox Rights) and having delegated rights. And then, if it's possible, how would one view all the permissions (including delegated permissions) on the mailbox? The situation is that a new user who's been set up "exactly like all the others" in his department (pretty sure he was copied via the right click option in ADUC, in fact) can't access a specific shared mailbox, which I've been assured about a dozen other people do have access to and access on a regular basis. As to how they got permissions to the mailbox, no one knows, so it must have been granted by a white wizard whose spell has since worn off, so now IT has to handle it instead. Anyway... This mailbox is a normal AD user, created as a service account, for which no one knows the password (of course), so it's probably not the case that this service account was being used to delegate permissions. Upon taking examining the Mailbox Rights directly... Here are the permissions I see: This leads me to believe that one of two things are happening - the managers have been delegating full mailbox permissions to the rest of the department, or everyone's logging in using... not their own account. But, before I get too excited about the prospect of busting out the LART and strolling over to that department, I want to make sure I'm not missing another possible explanation. Like most of the rest of the world, I ditched Exchange 2003 at the earliest possible opportunity, and had been looking forward to never seeing it again, so I'm a bit rusty on the intricacies of how it [mostly, sort of] works. Anyone see any or possibilities, or things I may have missed, or does the LART get to come out and play?

    Read the article

  • opath syntax to force dynamic distribution group field as numerical comparison? (Exchange 2010)

    - by Matt
    I'm upgrading a (working) query based group (Exchange 2003) to a new and 'improved' dynamic distribution group (2010). For better or worse, our company decided to store everyone's employee ID in the pager field, so it's easy to manipulate via ADUC. That employee number has significance, as all employees are in a certain range, and all contractors are in a very different range. Basically, the new opath syntax appears to be using string compare on my pager field, even though it's a number. Let's say my employee ID is 3004, well, it's "less than" 4 from a string check POV. Set-DynamicDistributionGroup -Identity "my-funky-new-group" -RecipientFilter "(pager -lt 4) -and (pager -like '*') -and (RecipientType -eq 'UserMailbox')" Shows up in EMC with this: ((((((Pager -lt '4') -and (Pager -ne $null))) -and (RecipientType -eq 'UserMailbox'))) -and (-not(Name -like 'SystemMailbox{*')) -and (-not(Name -like 'CAS_{*')) -and (-not(RecipientTypeDetailsValue -eq 'MailboxPlan')) -and (-not(RecipientTypeDetailsValue -eq 'DiscoveryMailbox')) -and (-not(RecipientTypeDetailsValue -eq 'ArbitrationMailbox'))) This group should have max of 3 members right? Nope - I get a ton because of the string compare. I show up, and I'm in the 3000 range. Question: Anyone know a clever way to force this to be an integer check? The read-only LDAP filter on this group looks good, but of course it can't be edited. The LDAP representation (look ma, no quotes on the 4!) - Also interesting it sort of 'fills the' bed with the (pager=4) thing... (&(pager<=4)(!(pager=4))(pager=*)(objectClass=user)(objectCategory=person)(mailNickname=*)(msExchHomeServerName=*)(!(name=SystemMailbox{*))(!(name=CAS_{*))!(msExchRecipientTypeDetails=16777216))(!(msExchRecipientTypeDetails=536870912))(!(msExchRecipientTypeDetails=8388608))) If there is no solution, I suppose my recourse is either finding an unused field that actually will be treated as an integer, or most likely building this list with powershell every morning with my own automation - lame. I know of a few ways to fix this outside of the opath filter (designate "full-time" in another field, etc.), but would rather exchange do the lifting since this is the environment at the moment. Any insight would be great - thanks! Matt

    Read the article

  • Scripted forwarding for Outlook 2003

    - by John Gardeniers
    We have a staff member in sales who has gone onto a 4 day week (getting ready for retirement), so each Thursday afternoon her email needs to be forwarded to another user and each Friday afternoon it needs to be set back. I'm using the VBS script below to do this, run via the Task Scheduler. Although the script appears to do it's job, based on what I see when I view the user's Exchange settings, Exchange doesn't always recognise that the setting has changed. e.g. Last Thursday the forwarding was a enabled and worked correctly. On Friday the script did it's thing to clear the forwarding but Exchange continued to forward messages all weekend. I found that I can force Exchange to honour the changed setting be merely opening and closing the user's properties in ADUC. Of course I don't want to have to do that. Is there a non-manual way I can have Exchange read and honour the setting? The script (VBS): ' Call this script with the following parameters: ' ' SrcUser - The logon ID of the suer who's account is to be modified ' DstUser - The logon account of the person to who mail is to be forwarded ' Use "reset" to clear the email forwarding SrcUser = WScript.Arguments.Item(0) DstUser = WScript.Arguments.Item(1) SourceUser = SearchDistinguishedName(SrcUser) 'The user login name Set objUser = GetObject("LDAP://" & SourceUser) If DstUser = "reset" then objUser.PutEx 1, "altRecipient", "" Else ForwardTo = SearchDistinguishedName(DstUser)' The contact common name objUser.Put "AltRecipient", ForwardTo End If objUser.SetInfo Public Function SearchDistinguishedName(ByVal vSAN) Dim oRootDSE, oConnection, oCommand, oRecordSet Set oRootDSE = GetObject("LDAP://rootDSE") Set oConnection = CreateObject("ADODB.Connection") oConnection.Open "Provider=ADsDSOObject;" Set oCommand = CreateObject("ADODB.Command") oCommand.ActiveConnection = oConnection oCommand.CommandText = "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;(&(objectCategory=User)(samAccountName=" & vSAN & "));distinguishedName;subtree" Set oRecordSet = oCommand.Execute On Error Resume Next SearchDistinguishedName = oRecordSet.Fields("DistinguishedName") On Error GoTo 0 oConnection.Close Set oRecordSet = Nothing Set oCommand = Nothing Set oConnection = Nothing Set oRootDSE = Nothing End Function

    Read the article

  • Delegating account unlock rights in AD

    - by ewall
    I'm trying to delegate the rights to unlock user accounts in our Active Directory domain. This should be easy, and I've done it before... but every time the user tries to unlock an account (using the LockoutStatus tool), he gets denied with the error "You do not have the necessary permissions to unlock this account." Here's what I've done: I created a domain local group and added the members who should have the rights. This was created over a week ago, so the users have logged out and in again. In ADUC, I've used the Delegate Rights wizard on the OU which contains our user accounts to grant permissions to Read lockoutTime and Writer lockoutTime to the group, per MSKB 279723 I have double-checked the permissions were applied correctly in ADSIEdit. I have forced replication between all domain controllers to ensure the permission changes were copied over. The user testing it has logged out and in again to ensure he has any changes applied to his account. ...That covers all the bases I can think of. Anything else I could be missing?

    Read the article

  • Scripted redirection for Outlook 2003

    - by John Gardeniers
    We have a staff member in sales who has gone onto a 4 day week (getting ready for retirement), so each Thursday afternoon her email needs to be forwarded to another user and each Friday afternoon it needs to be set back. I'm using the VBS script below to do this, run via the Task Scheduler. Although the script appears to do it's job, based on what I see when I view the user's Exchange settings, Exchange doesn't always recognise that the setting has changed. e.g. Last Thursday the forwarding was a enabled and worked correctly. On Friday the script did it's thing to clear the forwarding but Exchange continued to forward messages all weekend. I found that I can force Exchange to honour the changed setting be merely opening and closing the user's properties in ADUC. Of course I don't want to have to do that. Is there a non-manual way I can have Exchange read and honour the setting? The script (VBS): ' Call this script with the following parameters: ' ' SrcUser - The logon ID of the suer who's account is to be modified ' DstUser - The logon account of the person to who mail is to be forwarded ' Use "reset" to clear the email forwarding SrcUser = WScript.Arguments.Item(0) DstUser = WScript.Arguments.Item(1) SourceUser = SearchDistinguishedName(SrcUser) 'The user login name Set objUser = GetObject("LDAP://" & SourceUser) If DstUser = "reset" then objUser.PutEx 1, "altRecipient", "" Else ForwardTo = SearchDistinguishedName(DstUser)' The contact common name objUser.Put "AltRecipient", ForwardTo End If objUser.SetInfo Public Function SearchDistinguishedName(ByVal vSAN) Dim oRootDSE, oConnection, oCommand, oRecordSet Set oRootDSE = GetObject("LDAP://rootDSE") Set oConnection = CreateObject("ADODB.Connection") oConnection.Open "Provider=ADsDSOObject;" Set oCommand = CreateObject("ADODB.Command") oCommand.ActiveConnection = oConnection oCommand.CommandText = "<LDAP://" & oRootDSE.get("defaultNamingContext") & ">;(&(objectCategory=User)(samAccountName=" & vSAN & "));distinguishedName;subtree" Set oRecordSet = oCommand.Execute On Error Resume Next SearchDistinguishedName = oRecordSet.Fields("DistinguishedName") On Error GoTo 0 oConnection.Close Set oRecordSet = Nothing Set oCommand = Nothing Set oConnection = Nothing Set oRootDSE = Nothing End Function

    Read the article

1