Search Results

Search found 18329 results on 734 pages for 'vendor directory'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 91/734 | < Previous Page | 87 88 89 90 91 92 93 94 95 96 97 98  | Next Page >

  • What Defines an AD Object as "Inactive"

    - by Malnizzle
    I am going to be using some DSQUERY/DSMOVE scripts to clean up my AD Domin. One option is to move inactive objects to a OU that has restrictive GPOs applied to it. Something like: DSQUERY computer -inactive 10 | DSMOVE -newparent <distinguished name of target OU> My question is what value defines an object, both user and computer, as "inactive" for a period of time? Is it the last time a computer was logged on to for computer accounts, and for users is it the last time that the user account logged on to a computer? But what if, say for example, I had a web server that wasn't rebooted and or logged into for a couple of months but remain powered on and functioning as normal, would it be defined as "inactive" where as technically it's still serving web pages and so on? Thanks for the help!

    Read the article

  • What are the consequences of giving an AD domain differing NetBIOS and DNS names?

    - by Newt
    In the past, when creating AD domains, I've used the common convention of using a sub-domain of the company's publicly registered domain name, e.g "corp.mycompany.com" or "int.mycompany.com". I've always accepted the default NetBIOS name when running DCPromo, for fear that creating a NetBIOS name that differs from the sub-domain may cause complications. I've recently been doing a bit of research on the consequences of providing an alternate NetBIOS name. The main reasons behind this are: The NetBIOS name isn't particularly descriptive or unique to the company Apparently generic NetBIOS names such as "CORP" or "INT" can cause issues when merging IT systems (although I've not had experience with this myself) Providing something "before the slash" that means more to users (less important) In looking at the possible downsides, the only one I can come up with is the disjointed namespace issue when configuring Exchange. Can anybody with more experience than I elaborate on my findings at all? Many thanks

    Read the article

  • Double root folder vs single root folder

    - by Tomas
    On my Linux box, in bash, I have access to a "double root" folder denoted by two forward slashes: tomas:~ $ cd / tomas:/ $ ls bin/ cdrom@ ... tomas:/ $ cd // tomas:// $ ls bin/ cdrom@ ... The content of the folder and its subfolder is identical to the "normal" single slash root. The double slash does not go away when I access its subfolders. The annomaly does not repeat itself with three or more slashes; these are simple synonyms for the root: tomas:// $ cd home/tomas tomas://home/tomas $ cd /// tomas:/ $ cd //// tomas:/ $ What kindof place is it? Is it a bug? Can anyone explain the annomaly?

    Read the article

  • AD Custom Attribute with unique value

    - by Zilog
    I have custom AD attribute added to my AD schema. Attribute's syntax is Unicode String. It is added to user class and the purpose of it is to store user ID of corporate ERP system. Problem is, that I can have two or more user objects with the same value stored in that attribute, which is something that I would like to avoid. Is there a way to configure AD attribute so it is unique within the domain boundary? (The same behavior as SAMAccountName attribute.) i.e : If there already exists user object in AD with this attribute set to "JSmith" and I try to set that attribute with the same value for another user, Direcory Services will refuse to update that object and give me "already exists" error. Domain functional level is windows 2003.

    Read the article

  • How a password is transmited to AD Server

    - by erdogany
    My question is how ADSI performs SetPassword operation. According to what I have read ADSI is a COM interface and it has more capabilities than AD provides through LDAP. While you are suppose to update unicodePwd attribute of a personaccount entity through LDAP, ADSI provides you SetPassword call. I know that ADSI & AD provides Kerberos during authentication. So how the password is transmitted to server when SetPassword is called? Is it raw binary unencrypted data? Or does Kerberos comes into play at this call?

    Read the article

  • Windows Server: Change AD account name

    - by Bastien974
    Hello everybody, In my SBS 08 (AD, exchange), is it possible to change the name, email address of a user because he is leaving and I'd like to transfer all the account and credential to the new employee that is replacing him. Lot's of thing are set up for this user and it would save me lots of time if I can transfer an account like this. Thanks for your help !

    Read the article

  • How to correct time on Windows PDC server without affecting logons

    - by Kieran Walsh
    I know how to set an authoritative time server in Server 2008 R2. That's not what this question is. I want to know how I can change the time on a network where the PDC (and therefore everything) is a month out of date? I know that a 5 minute difference in time between clients and the domain prevents logons, so just changing the time on the PDC will break everything. What is the best way to fix this? Thanks Kieran.

    Read the article

  • Querying Domain Controller objects using Powershell

    - by Neobyte
    Could someone explain to me why this does not work? Import-Module ActiveDirectory $dcs = Get-ADComputer -Filter {DistinguishedName -Like "*Domain Controllers*"} I get no results for this query. Alternatively, could someone suggest a way using the module above that I can generate a list of systems on my domain that are NOT Domain Controllers (which is what I'm eventually trying to achieve). Cheers

    Read the article

  • Where do I define a group policy that will set a users desktop background color to green the first time they log in?

    - by Tyler
    Servers: W2k8 R2 x64 Desktops: Win7 Pro x64 Our current group policy uses a custom ADM file to define certain properties of the desktop (Background Image (centered), Background Color is green (00 74 00)). This policy works for us, but the down-side is that policies defined in our custom ADM are only applied after a GPUpdate /Force is applied. We would like these desktop theme settings to be applied the first time the user logs onto the computer. I've been working on a new policy that forces the computer to wait for the network when the user logs on to handle folder redirection. The reason for writing the new policy was to resolve the issue that a user needs to run GPupdate /Force the first time they log in, so it doesn't make sense for me to implement the new policy if there is still something that requires GPUpdate /Force to get the user in the state that we want them. I've moved the setting for background image out into Admin Templates- Desktop- Desktop- "Desktop Wallpaper" so this is now being set properly when the user first logs in. Now I'm left with a black background until I force a group policy update. I have tried to play around with setting a default "Theme" and had limited success; this was not reliable enough to call a solution. I suppose I could set the background color with a script? Any thoughts? It feels like I'm missing something obvious, or that this should be much easier than it is.

    Read the article

  • LDAP authentication issue with Kerio Connect

    - by djk
    Hi, We have Kerio Connect (mail server) running on a Windows Server 2003 server on a domain. In the webmail client, users are able to change their domain password. This functionality used to work fine until a user tried to change their password a few days ago, when every password they'd try would result in the webmail client claiming their password was "invalid". I spoke to Kerio about this and they claim that this error is returned by the domain controller, which supports my initial investigations. The error that the DC is logging when an attempt is made to change the password is this: "80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece" The "data 52e" part indicates that this is an "invalid credentials" error. I don't see how this can be as I've tried (in the Kerio Connect configuration) various accounts that have privileges to modify accounts, including my own as I am a domain admin. I have ran 'dcdiag' (all tests) on the DC and it came back passing every single one of them. I've searched high and low for an answer to this and came up empty. Does anyone have any idea why this may have suddenly started happening? Thanks! Edit: I should mention that the passwords we are changing to do comply with the complexity policy.

    Read the article

  • How to resolve SSPI context error without changing Service Account from MSSQL

    - by kockiren
    There is a issue while connecting from new Windows 8.1 Clients to SQL Server 2008 running on Windows Server 2008 R2. The SQL Service running under account Domain\mssqlservice on a machine thats works fine I get this output from setspn -l domain\mssqlservice C:\>setspn -l domain\mssqlservice Registrierte Dienstprinzipalnamen (SPN) für CN=MSSQLService,CN=Users,DC=domain, DC=local,DC=tld: MSSQLSvc/mssql.domain.local.tld:1433 MSSQLSvc/mssql.domain.local.tld MSSQLSERVER/mssql.domain.local.tld:1433 On a windows 8.1 machine that don't work I get this output: C:\>setspn -l domain\msssqlservice FindDomainForAccount: Fehler beim Aufrufen von DsGetDcNameWithAccountW mit dem R ückgabewert 0x0000054B. Konto kockiren wurde nicht gefunden. On this Post I found a solution but, I can't change the Service Account who runs the SQL Service. Some application need this service delegation. But how I can realize that it works on my Windows 8.1 Clients?

    Read the article

  • Specify Credentials to run Powershell Script to Query AD

    - by Ben
    I want to run a powershell script to query AD from a machine that is NOT on the domain. Basically I want to query to see if there is computer account already on the domain for this machine and create it if there is not. Because this has to happen before the machine joins the domain I assume I will need to specify some credentials to enable it to run. (I'm pretty new to Powershell, so apologies if this is a newbie question!) The script I am using to check the account is below, and then once this has run it will join the domain using the computername specified. Can you tell me how to specify some domain credentials to run this section of the script as? Cheers, Ben $found=$false $thisComputer = <SERVICE TAG FROM BIOS> $ou = [ADSI]"LDAP://OU=My Computer OU,DC=myDomain,DC=com" foreach ($child in $ou.psbase.Children ) { if ($child.ObjectCategory -like '*computer*') { If ($child.Name -eq $thisComputer) { $found=$true } } } If ($found) { <DELETE THE EXISTING ACCOUNT> }

    Read the article

  • SBS 2008 - Add user not seeing AD users (reconnecting or creating new mailbox)

    - by Robert
    Using SBS 2008 - completely updated. I was originally trying to create a spam mailbox for quarantine purposes, and when I bring up the "select an existing user" it does not display any of the domain users (other than QB database user accounts installed on their server). I have tried changing the scope and still nothing. Searching reveals nothing either. Then later I noticed that we had (1) disconnected mailbox, and I tried to reconnect it to the AD user - and I got the same results. Help would be much appreciated.

    Read the article

  • Cannot resolve Hostname to IP, but IP to hostname works

    - by dotnetdev
    I have deployed a bunch of windows server VMs on a cloud hosting service. These machines are all joined to a domain controller on the same service, which also hosts DNS. All of the domain-joined machines have dynamic IP (along with the DC). If I try to resolve any of the hostnames remotely, it fails. For example, I am in SQL Server Reporting Services and I need to connect to a remote server. I provide the hostname of the desired target server and this fails, but then if I provide the IP, this works. How can I pass the hostname and have this resolve to IP? Is there anything I need to look for in the DNS server? It has records of the hostnames (in forward lookup I think), but reverse is empty. Isn't it the case that forward lookup resolves ip to hostname and reverse resolves hostname to ip? Also, I don't know what he subnet mask because this is not in my control, so the machines may not be in the same subnet - can this be a cause of the problem? Where is the problem? Thanks

    Read the article

  • Move flag for follow of a specific color to a folder in Outlook 2003

    - by Campo
    I have a user request to be able to create a rule that would move an email in outlook 2003 that the user flagged for follow up to a specific folder. That seemed simple enough till he requested that depending on the flag color they were to be moved to a specific folder. Issue is that in outlook 2003 that's not an option when creating a rule. I know that this is very straight forward in outlook 2007 and 2010 and using the categories feature is very convenient as it displays as a list when you right click.... Though in 2003 categories are not so convenient. as an example the user will flag for follow up as so... Red Flag for sales Blue Flag for requests Green Flag for personal They want a rule that will move all items with a red flag to the sales folder, Green flag to the requests folder and so on.... Thank you for your suggestions.

    Read the article

  • STOP: c000021a {Fatal System Error} The initial session process or system process terminated unexpectedly

    - by christof
    I'm encountering such an error after expanding disk space on a virtual machine using Hyper-V. STOP: c000021a {Fatal System Error} The initial session process or system process terminated unexpectedly with a status of (0x00000000) (0xc000012d 0x001003f0). The virtual server there is Windows Server 2008 R2 Enterprise Edition, which is also Domain Controller. I've tried to repair Windows but there is no restore point, and using the command line. I've tried the sfc /SCANNOW /OFFBOOTDIR /OFFWINDIR command, but I got the error Windows Resource Protection could not perform the requested operation.

    Read the article

  • Can an LDAP query on AD provide the netbios domain name for a single account when using the Global Catalog?

    - by Kirk Liemohn
    I am using ADSI Edit to look at LDAP properties of a single user account in AD. I see properties such as userPrincipalName, but I do not see one for the fully qualified domain name (FQDN) or the netbios domain name. We will be setting up the Global Catalog (GC) to give us LDAP access to multiple domains and through configuration in an application we map LDAP properties to user profile properties within the application. With typical AD the FQDN and netbios domain name are the same for all users, but with the GC involved we need this additional information. We really only need the netbios domain name (the FQDN is not good enough). Maybe there is a LDAP query that can be done to request this information from a more top-level object in AD?

    Read the article

  • Must I have Exchange to use Blackberry Enterprise Server Express?

    - by John Spaz
    In the past I've setup BES (not express) for a company that just wanted their users on the corporate network, they didn't care for email or any other enterprise feature, they just wanted to push a policy that the phones internet should be routed through the corporate network. I want to setup BES Express now for a customer that also just wants the phones on his network but wherever I look, it says that BES Express requires Exchange. Is there a way to install BES Express without Exchange and without a AD Domain? Basically what the customer wants to accomplish is to be able to filter and log the internet access on the phones.

    Read the article

  • Trouble joining Windows Server 2008 to Domain

    - by Jim R
    When I try to join my new server to my existing domain I get the following error: "An attempt to resolve the DNS name of a DC in the domain being joined has failed. Please verify this client is configured to reach a DNS server that can resove DNS names in the target domain." I have tried all of the following already: Successfully pinged the domain controller. Ping the new server from the domain controller by IP address and by DNS name. Ping the DC server from the new server by IP address and by DNS name. Changed the network to DHCP (it was originally static). No joy as static or DHCP. Turned off all firewall settings. Added the domain name to 'hosts' file. Added the server name of the primary domain controller to the 'hosts' file in the new server. Any ideas? Thanks in advance for any help! Jim Update: With help from J. Brian Kelly (Thanks) I have managed to narrow down the problem to a DNS issue. Specifically, UDP/53 packets are being sent (they are seen in Network Monitor), but are not getting to the DNS server. But, I do not yet know why. Update: The quested output from IPCONFIG for the HyperV host and the virtual machine. IPCONFIG from HyperV Server Windows IP Configuration Host Name . . . . . . . . . . . . : HYPER Primary Dns Suffix . . . . . . . : sfi-wfc.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : sfi-wfc.com Ethernet adapter Local Area Connection 4: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Primary Network Physical Address. . . . . . . . . : 00-30-48-CA-CC-7A DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::cd16:3ac2:3d4f:e275%679(Preferred) IPv4 Address. . . . . . . . . . . : 192.168.100.1(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 192.168.100.10 DHCPv6 IAID . . . . . . . . . . . : -1476382648 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-12-10-20-E9-00-30-48-CA-CC-7A DNS Servers . . . . . . . . . . . : 192.168.100.5 NetBIOS over Tcpip. . . . . . . . : Enabled Ethernet adapter Local Area Connection 3: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : sfi Description . . . . . . . . . . . : Intel(R) 82576 Gigabit Dual Port Network Connection #2 Physical Address. . . . . . . . . : 00-30-48-CA-CC-7B DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPCONFIG from Virtual Machine Windows IP Configuration Host Name . . . . . . . . . . . . : DB Primary Dns Suffix . . . . . . . : Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : sfi Ethernet adapter Local Area Connection 2: Connection-specific DNS Suffix . : sfi Description . . . . . . . . . . . : Microsoft Virtual Machine Bus Network Adapter Physical Address. . . . . . . . . : 00-15-5D-66-03-02 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 192.168.100.128(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Saturday, August 29, 2009 10:44:45 AM Lease Expires . . . . . . . . . . : Tuesday, September 01, 2009 3:08:33 PM Default Gateway . . . . . . . . . : 192.168.100.10 DHCP Server . . . . . . . . . . . : 192.168.100.5 DNS Servers . . . . . . . . . . . : 192.168.102.5 Primary WINS Server . . . . . . . : 192.168.100.5 NetBIOS over Tcpip. . . . . . . . : Enabled Tunnel adapter Local Area Connection* 8: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : sfi Description . . . . . . . . . . . : isatap.sfi Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes Tunnel adapter Local Area Connection* 9: Media State . . . . . . . . . . . : Media disconnected Connection-specific DNS Suffix . : Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Physical Address. . . . . . . . . : 02-00-54-55-4E-01 DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes

    Read the article

  • How to Setup Sharepoint Extranet to authenticate against a dmz AD

    - by Satish
    I have a web app which is extended to extranet for our clients to access. We have setup a different AD server and domain for dmz and clients have to be authenticated against that domain. I'm little confused about the setup especially what all web.config files I have to update. Do I have to update the web.config file for Central admin site and the extended web app. According to this blog I need to do update both, but as soon as I make the changes in the web.config for central admin, central admin site stops working. Here is what I added to the central admin web.config file between /Sharepoint and system.web I have this <connectionStrings> <add name="DMZConnectionString" connectionString= "LDAP://dmz.xxx.com:389/OU=Clients,DC=dmz,DC=xxx,DC=com "/> Between system.web and securityPolicy <membership defaultProvider=”DMZADProvider“> <providers> <add name="DMZADProvider" connectionStringName="DMZConnectionString" connectionUsername="DMZ\ldapUser" connectionPassword="Password" enableSearchMethods="true" attributeMapUsername="userPrincipalName" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" /> </providers> </membership> I know the connectionusername and password works becuase I use the same in SSP for importing profiles. Any idea what might be causing the error?

    Read the article

  • Multi-Domain Root Administrator

    - by Brent Pabst
    We have a new domain structure we are planning on rolling out in the next few months. Essentially there is a single top level and forest domain controller "mydomain.lan" and two children "us.mydomain.lan" and "pl.mydomain.lan". We want to configure an administrator account or two at the top level domain that then has full administrator permissions on the sub domains. By default the top level administrator cannot access or login to machines on the sub-domains. Running W2K8R2. Ideas?

    Read the article

  • Exchange 2003 - Keep user's mailbox but disable account and prevent new emails

    - by molecule
    Hi all, Just wanted to know what's your take on this... A user has left the company but may return in future. I would like to disable his AD account, archive all his emails, keep his mailbox and prevent new emails from being sent to him. What's the "best practice" method of doing this? Please enlighten and thanks in advance. What I would do: Reset AD password Change SMTP address - leading to NDRs if new emails are sent to his/her previous address Logon as him/her and archive emails Disable AD account Hide address from GAL

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 87 88 89 90 91 92 93 94 95 96 97 98  | Next Page >