Search Results

Search found 16633 results on 666 pages for 'tivoli directory integrat'.

Page 14/666 | < Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >

  • LDAP, Active Directory and bears, oh my!

    - by Tim Post
    What I have: Workstations running Ubuntu Jaunty mounting /home on a remote NFS server. User accounts are still created locally on each individual workstation. Workstations running Windows XP / Vista NFS server (as noted above) Windows 2008 server All machines share a single private network (LAN). What I need to accomplish: A single, intuitive (GUI driven) place for an office administrator to create user accounts. This should let anyone login to their (linux or windows) workstation, then fire up remote desktop and use the same login to the Windows 2008 server, from any machine on the network. I have read so much on samba, LDAP vs AD, etc and now I'm even more confused than I was before I began researching the problem. Ideally, Linux and Windows users should be able to get to their local files once logged into the Win2008 server. I am a programmer, not an interoperability guru and I'm completely lost on where to even start trying to accomplish this, plus I've run out of things to Google. How would you do this? Is it even possible?

    Read the article

  • Windows Shares / NTFS permissions on folder redirection in Active Directory

    - by Shawn Gradwell
    A client has folder redirection in AD setup on each user's Home Folder set to the Z:\ drive as \server\share\username. A Group Policy redirects the user's Documents to the user's Home Folder with the option 'Grant the user to exclusive rights to Documents' selected. The share on the server has permissions for the relevant user security group with 'Full Control', but each user's folder only have NTFS permissions only for 'CREATOR OWNER' and 'Domain Admins'. Why can the different users access other user's folders? I thought the most restrictive permissions applied effectively between the share and the NTFS permissions. Also, this setup has been like this for years, and this client recently updated all client computers to Windows 7. What is the best way to setup this redirection now? I assume only in Group Policy, also Basic Redirection - to create a folder for each user under the root path?

    Read the article

  • Intraforest user account merge with Active Directory

    - by Neobyte
    I have a scenario where there is a root domain (RD) and two child domains (CD1 and CD2). Users have accounts on both CD1 and CD2, with identical samAccountNames, names etc, and various applications either use the CD1 or CD2 account for authentication to resources. I need to collapse CD2 into CD1, so I want to merge the accounts together. However ADMT does not allow me this option (merge options are greyed out), I think because it does not support intraforest merge of accounts (although it does not explicitly state this anywhere in the documentation). My question is - what is the easiest way for me to merge these accounts? Ultimately all I really need (I think) is for the SID of CD2\user1 to be added to the SIDHistory of CD1\user1 - is there a tool that supports this? Computer accounts and profiles are not a concern for this scenario. Group migration is unlikely to be an issue either - CD2\user1 is usually granted resource access through membership of a group on CD1.

    Read the article

  • Active Directory theme policies

    - by Tuinslak
    Hey, I'm currently managing a terminal server in a domain. As the TS-service just got installed, previous users (I logged in with every user once to test it and set up a few things) use the default windows 2008 theme. New users automatically use the fancy Aero theme. Is there a way to push the Aero theme to all current users? I currently have something like this in my policies: However, when logging in with a user, the theme is not changed. Only if I disable "prohibit access to the control panel", the theme can be changed (doesn't seem to change automatically). But this gives them access to every other control panel feature as well. And giving users only access to "desk.cpl" CP-applet, gives them an access error as well when attempting to change the theme. Another question: can I, as admin, take over and/or log in as another user when that user is not logged in? Thanks

    Read the article

  • Active Directory: Viewing "Attribute Editor" after finding an account via ADUC's "Find" option

    - by Beaming Mel-Bin
    When I activate the Advanced features (View - Advanced Features) and open a user's properties by navigating to their OU and right clicking the user object, I see the Attribute Editor tab. However, if I search for a user (right click the domain - Find - search for the user), and double click on the user, I do not see the tab. I cannot normally navigate to users because some OUs have too many users. Can someone suggest an alternative that allows me to view the Attribute Editor tab?

    Read the article

  • pfsense, active directory, local domain

    - by Dalton Conley
    First things first, I have no idea what I'm doing. Certainly not afraid to admit that.. but here is my network setup. I have 2 servers, one of them in a domain controller. Both are running windows server 2008. They have replicated directories. Each server is at a different location and has its own firewall for the network at that location. Both firewalls are using pfsense. Recently a firewall went down and my coworker reinstalled pfsense, and everything seems setup correctly. Again, I have no idea what I'm doing so I'm not sure. I have records from when the previous IT person had setup this network and the firewall settings are the same but those records could have been extremely old. Now, I have a domain name for my network.. we'll call it "mydomain.net". I use to be able to access this domain name and it would bring up the servers replicated drives(i.e. \\mydomain.net). Now I cannot. I can however access the servers individual host names on my network(i.e. \\server1 , \\server2). We didn't change anything on the server which is what makes me think its something to do with the firewall. I know this is probably a very general question and I don't have a lot of detail to add but could anyone give me some insight on to what could be causing this, or some debugging techniques I can apply to this? I'm a programmer, not a network administrator.

    Read the article

  • Immediate Propagation in Active Directory

    - by squillman
    It's been a while since I've done any large-scale AD administration so I'm reaching back a bit here. I remember that there are certain security related attributes on a user account object that, due to their nature, are flagged for immediate propagation to other sites. I have a case where passwords resets are not being propagated until scheduled replication happens. I had thought that was a case of immediate propagation. Am I just remembering incorrectly? Domain function level is 2003.

    Read the article

  • Redeploy using Active Directory

    - by Noam Gal
    I am trying to use group policy to deploy our msi through AD. For some strange reason, when I overwrite the msi with a newer version, and then go to the policy, and click on "Redeploy Application", the application gets uninstalled on the users' machines, and all reg keys, binaries and shortcuts are gone from them. The "Add/Remove Programs" still contain the application entry. I have managed to create a minimal vdproj that does nothing but write its current Product Version to a registry key, and created two versions of it (1.0.0 and 1.1.0). I still face the same problems when using this msi in my AD environment. I did check that my Package Codes and Product Codes are different for both versions, and that the Upgrade Codes are identical. I also checked the RemovePreviousVersion to true. Checking with some other msi (firefox 3.0.0 and 3.6.3) I downloaded from a site specifically for AD deploy, it worked just as expected (first installing the 3.0.0, then I over-written the msi, and clicked on "Redeploy", and the users got 3.6.3 after the next log-off-log-on). What am I missing here?

    Read the article

  • Upgrading Active Directory from 2000 to 2008

    - by Doug
    Our config is currently: 1 Windows 2000 domain controller running ISA2000, dhcp, dns 1 Windows 2003 domain controller as main file server, prob cert server as well, dhcp, dns 1 Windows 2008/Exchange2010 domain controller as Exchange server, DHCP,DNS Currently getting FRS errors on files server journalwrap error Currently getting FRS errors on othe DC's can't replicate from above Exchange DC holds Schema, rid,pdc, and infastructure roles File Server holds Domain namaing operation master role WOW, I didn't set this up, just inherited it. Am I right to assume that fixing the FRS errors is #1, what do I need to do for that? set enable journalwrap auto restore in registry? Demote W2000 domain controller, should that have any implications for ISA? We have Forefront to be deployed but that's another day Transfer Domain Nameing Role to Exchange server (I know or think having an Exchange server as DC isn't best practive) We will be getting another server W2008 to replace current file server and I thought it could takeover all roles once deployed Demote W2k3 file server and then raise functional domain level to 2008 Am I missing anything other that the sense to walk away? Thanks

    Read the article

  • Manage computer from active directory manager

    - by Ripeed
    Within dsa.mac when I right-click on a computer and choose "Manage", it displays the following error message: Can't find path to computer \\computer.domain.tld. If I try ping computer.domain.tld, DNS translates it to an IP but the computer does not answer. It is right that ping does not answer? Pinging a computer that is not joined to the domain replies as expected. How can I correct this issue?

    Read the article

  • Grant account write access to specific attributes on Active Directory User object

    - by Patricker
    I am trying to allow an account to update very specific attributes on all User objects. I am setting this security on the "User" object. When I add the account on the security tab, go to advanced, edit the accounts permissions, and start going through the list of attributes I am only able to find a few, like First Name, but most of the attributes I want to let them write to are missing. How can I grant the account write access to these attributes? Attributes I need to grant permission for: First Name (givenName) Last Name (sn) Initials (initials) Department (department) Company (company) Title (title) Manager (manager) Location Info (physicalDeliveryOfficeName, streetAddress, postOfficeBox) Work Phone (telephoneNumber) Pager (pager) IP Phone (ipPhone) IP Phone Other (otherIpPhone) ThumbnailLogo (thumbnailLogo) jpegPhoto (jpegPhoto) Description (displayName) Thanks

    Read the article

  • Active Directory remote versus local computer logon

    - by Jake
    Hi, Hope some one can help a network/server noob understand how domains work in AD. I am in an organisation with 2 AD servers in 2 different countries, e.g. US and UK, and they set up the US and UK domains respectively. the accounts are set up such that all employees in both countries have a US\user and UK\user account. What is the difference if a UK user logon with US\user from a local UK computer, versus RDP (remote desktop) into a US server with US\user? Thanks for your help.

    Read the article

  • Creating a new Active Directory account with an InfoPath form

    - by ryan
    I am setting up a business partner portal in our Sharepoint server. There will be an AD group with permissions limited to viewing and possibly contributing to the specific business partner site and employees of our business partners will have accounts created for them as needed. Now we would like to let our business development group(BDG) have control over the partner accounts. Ideally they should be able to add and delete accounts and change permissions on them. The BDG are not domain admins so we don't want to give them access to the domain controller. We want to create an Infopath form that will allow them to do all this. Is it possible to create and manage AD accounts from within an Infopath form on the sharepoint server? I searched this site and MSDN and can not find anything specifically related to my question.

    Read the article

  • Active Directory - Using GPO To Update Multiple Versions Of .NET

    - by Joe Wilson
    OK, I have searched everywhere for this one. I have all the MSI's and packages I need to deploy .Net 3.5 SP1, and 2.0 and 3.0 (which are prerequisites for 3.5). I can't figure out how to install all of them at once via GPO. Basically, the computers on the network do NOT have any version of .Net installed, and I need them to be at 3.5 SP1. I know I can deploy each version via GPO, force reboot the client, then push the next one, force reboot, and so on. Is there a way to streamline install all 3 at once via GPO? Thanks

    Read the article

  • Alias a Virtual Directory or Application as Root on IIS 7

    - by manyxcxi
    Our current IIS setup as two applications running on different paths at (for example) http://server/sub-a and http://server/sub-b. I want to alias http://server/sub-a as root so that just going to http://server/ will bring up the contents of sub-a. The problem I face is that when I initially set up a ReverseProxy it negatively affected http://server/sub-b. I know this is a fairly common problem- how have you solved it? 99.9% of my experience is with Apache, so I feel a tad lost in the GUI world of IIS.

    Read the article

  • Active Directory Replication across Sites slow or not working

    - by neildeadman
    I've just inherited (isn't it always the way!) a Windows Domain. The domain is spread across 2 sites. Site01 has 3 DCs & Site02 has 2 DCs. If I create a user in either site, the other DCs in that site, immediately replicate and show the new user. The new user is not shown in the other site though. If I manually run the following command, everything syncs and the new user appears: repadmin /syncall issdc01 /APed In the Inter-Site Transports DEFAULTIPSITELINK the replicate every time value is set to 180 minutes. I thought this was the solution, but on another Windows Domain, this is the same, but replication takes place across sites immediately. What can I check to resolve this issue? We are running Windows Server 2008 Results of dcdiag /test:dns show a server that is no longer part of our domain: TEST: Delegations (Del) Error: DNS server: oldserver.win.domain.com IP: [Missing glue A record]

    Read the article

  • Disable password complexity rule in Active Directory

    - by Dan Revell
    Where do I go to disable the password complexity policy for the domain. I've logged onto the domain controller (Windows Server 2008) and found the option in local policies which is of course locked from any changes. However I can't find the same sort of policies in the group policy manager. Which nodes do I have to expand out to find it?

    Read the article

  • Synchronize Active Directory to Database

    - by Tommy Jakobsen
    We are in a situation where we would like to offer our customers to be able to manage their users themselves. It is around 300 customers with up to a total of 10.000 users. Besides creating, updating and removing users, they will very often read information about users for statics and other useful informations available. All this functionality, should be available from an Intranet web page (.NET Framework 4) that the users will access through Citrix or similar. Now the problem is that we would really like the users not to query AD directly for each request, but rather make them hit a database that is synchronized with AD. It would be sufficient to run this synchronization a few time each day (maybe every 5. hour). When they create a user, it should not be available right away, but reviewed and then created within two days (the next step would be to remove this manual review, but that's out of scope for this question). What do you think about this synchronization of AD? Does anyone have any experience with it and is it something that is done in other organizations, where you will have lots of requests which is better handled by a database than AD (I presume)? Are there any techniques out there for writing such a script that synchronizes AD with database tables? My primary concern is the groups/members relations which can be rather complicated. Or are there software that synchronizes AD with a database? Any comments will be much appreciated. Thank you.

    Read the article

  • The function of service principal names in Active Directory

    - by boxerbucks
    I am thinking about taking a service that runs on multiple servers in my domain currently as "NETWORK SERVICE" and configuring it to run as an AD domain account for various reasons. If I have this one account running the same service under multiple servers, do I need to create SPN's for each of the machines and services it runs? Would I need to worry about creating SPN's at all? If the answer is no, then what is the proper role of an SPN?

    Read the article

  • Active Directory: Find out which users belong to a Group Policy Object

    - by gentlesea
    Hi, I want to make sure that certain users are available in a group from the windows domain. I installed "Group Policy Management" and can open the Forest, the Domain. But then I am not sure what I am searching. I can select a link to a Group Policy Object (GPO). In Settings i see the Drive Maps and I know them. But how can I display a list of users that use this GPO? Right-click, Edit... is disabled. net group my_gpo does not work since I am not on a Windows Domain Controller. Any possibility to find out anyway?

    Read the article

  • Delegation Permissions to admins in Active Directory/Taskpads

    - by user1569537
    I am trying to provide taskpads to few admins to operate on few tasks delegated to them at OU level.I ran into the following problem; lets say i delegated access to the admin on OU X and which is ability to modify groups such as sample group X1 , he must be able to add any users from OU X to the group X1. The issue here is while testing i found out the admin can do the above but also can add a user Y1 from the OU Y(which he doesnt have delegated permissions) to the group X1.What am i missing? how to restrict admin from adding users out of OU to the groups he has modify access to? Please ask me if any more details/clarification required.

    Read the article

  • Active Directory - Join domain in specific OU when its a workstation

    - by Jonathan Rioux
    I would like to know how can I accomplish the following: When I join a workstation (with Windows 7) in the domain, I want that computer to be put into a specific OU. Only when its a workstation with Windows 7. This is because I have GPOs that must apply to all workstations in the domain. Can I only accomplish this using a script? Or can I set a rule like if the computers has Windows 7, put that computer into this specific OU.

    Read the article

< Previous Page | 10 11 12 13 14 15 16 17 18 19 20 21  | Next Page >