Today's Messages (OFF)  | Unanswered Messages (ON)

Forum: Active Directory
 Topic: There is possibility
There is possibility [message #595926] Sat, 07 November 2009 03:51
Venkata Dendukuri  is currently offline Venkata Dendukuri
Messages: 1
Registered: November 2009
Location: NULL
Junior Member

Hi,

with reference to your query there is some possibility to query Active Directory with Qmail.

But not on already implemented Infrastructure.

On a new Windows Server before implementing you Active Directory install Services for Unix and then implement Active Directory, on User account properties you will find another tab as Unix Attribute.

mention the LDAP and query.

Try this out and reply.



Matte wrote:

QMAIL - AD 2003 INTEGRATION
12-Nov-07

Dear all,
anyone have some material useful to enable me to integrate qmail and 2003 ad
schema?
I would to authenticate qmail users with ad credentials? is it possible? The
it chief doesn't like to pass to exchange so I have no other ways, is it
available a step by step guide?

thank you

Matteo

Previous Posts In This Thread:

On Monday, November 12, 2007 12:02 PM
Matte wrote:

QMAIL - AD 2003 INTEGRATION
Dear all,
anyone have some material useful to enable me to integrate qmail and 2003 ad
schema?
I would to authenticate qmail users with ad credentials? is it possible? The
it chief doesn't like to pass to exchange so I have no other ways, is it
available a step by step guide?

thank you

Matteo

On Monday, November 12, 2007 1:33 PM
Anthony wrote:

Re: QMAIL - AD 2003 INTEGRATION
Matteo,
You need to look into LDAP for QMail, this for example:
http://www.qmail-ldap.org/wiki/Main_Page. I don't know whether QMail produce
any schema extensions. If not, you'd have to script something.
Hope that helps,
Anthony, http://www.airdesk.co.uk


"Matteo" <Matteo@discussions.microsoft.com> wrote in message
news:D594CD15-4F96-4DD3-996D-A0E73EC37FFD@microsoft.com...

On Tuesday, November 13, 2007 4:06 AM
Matte wrote:

Actually I found this but what you can read into the installation guide could
Actually I found this but what you can read into the installation guide could
really scaring you: the beginning is:
WARNING: USE AT YOUR OWN RISK!
This software comes with NO WARRANTY.
I make no guarantees that this software will work on your system,
that it will compile on your system, or that it won't
irrecoverably destroy your system. Nothing bad should happen,
but as soon as you say it is usually when it does.

Many software houses say this but...

Ok anyone did authentication into qmail via Active directory before also in
other ways?

Thank you.

ps.

Is there a more specific newsgroup where I could insert this thread?

Matteo

"Anthony" wrote:

On Tuesday, November 13, 2007 7:23 AM
Anthony wrote:

Hi Matteo,Well really it's a question purely about qmail.
Hi Matteo,
Well really it's a question purely about qmail. You would be best off asking
in some kind of qmail forum. Active Directory will act as a compliant LDAP
directory for any application that asks to authenticate over ldap. So its
legitimate to ask if anyone happens to be using qmail with AD, but there is
no specific windows server or AD connection.
Anthony, http://www.airdesk.com


"Matteo" <Matteo@discussions.microsoft.com> wrote in message
news:8E3CED52-16F5-497B-A3A7-96AA66D88F9B@microsoft.com...

On Tuesday, November 13, 2007 8:35 AM
Matte wrote:

Yep, that true, I am trying to find more infos as I can, in our environment
Yep, that true, I am trying to find more infos as I can, in our environment
the unix tecnhician found a way that require the extension of the ad schema,
so I before to start I would try to find another way letting it as out of the
box...

Sincerely I don't wanna extend the schema with product not produced by
Microsoft.

Matteo

"Anthony" wrote:

EggHeadCafe - Software Developer Portal of Choice
ASP.NET Database Cache Dependency
http://www.eggheadcafe.com/tutorials/aspnet/5cca102c-48ae-45 e9-80b5-1bf5e36f9c6d/aspnet-database-cache-de.aspx
 Topic: Domain migration :Disabling SID history and allowing anonymous SID
Domain migration :Disabling SID history and allowing anonymous SID [message #595587] Thu, 05 November 2009 15:37
polilop  is currently offline polilop
Messages: 13
Registered: September 2006
Location: NULL
Junior Member

After trying to disable SID history i ran to a problem that on the source DC
after running the :
Netdom trust SourceDomain.com /domain:target.com /quarantine:No /userD:User
/passwordD:Password

command i got access denied.
found in an articile i have to enable following in the Group policy:

[Computer Configuration\Windows Settings\Security Settings\Local
Policies\Security Options]
"Network access: Allow anonymous SID/Name translation

the command passed sucessfully but now i wondershould i disable it again or
do i leave it until
migration has passed and then desable it ?
 Topic: DFS won't work, get RPC is unavailable
DFS won't work, get RPC is unavailable [message #595134] Wed, 04 November 2009 15:16
Gonzo  is currently offline Gonzo
Messages: 46
Registered: July 2006
Location: NULL
Member

Hello,

I have created a cloned domain controller for our test domain, we have 3 DC
on our love network. Anyway I have cleaned up the metadata, etc and
everything is working fine apart from DFS. If load the DFS manager and show
root then select our DFS share it says "RPC unavailable".

Any ideas what I can do to fix this?
 Topic: DNS Alias
DNS Alias [message #595130] Wed, 04 November 2009 13:47
petefisher78  is currently offline petefisher78
Messages: 1
Registered: November 2009
Location: NULL
Junior Member

Is it possible, to setup an DNS alias in the same domain, but to 2
different machines, and depending on your location, the alias would
point to a specific machine. What I mean is, we are one 1 domain. We
have 2 DC in both locations and DNS is being replicated between
them. We have an alias pointing to Sharepoint. Sharepoint is being
replicated in real-time in both locations. What we would like is, if
someone tries to get to the alias from pointA, we would like them to
be directed to the pointA server. If someone from pointB tries to get
to the alias, point them to thepointB server. Is this possible, and
if so, how?
 Topic: Re: DNS has wrong server holding PDC FSMO role
Re: DNS has wrong server holding PDC FSMO role [message #593501] Thu, 29 October 2009 01:11
aceman  is currently offline aceman
Messages: 2324
Registered: April 2009
Location: NULL
Senior Member

"eaglesix" <mhanntest@gmail.com> wrote in message
news:a42836d7-7db2-430c-b200-150c05e02217@l2g2000yqd.googlegroups.com...
>I have a 2003 AD network with three DC running 2003 AD mixed mode and
> one NT4 BDC. The person i had help setup the DNS advised we not set
> the msdcs forward zone as dynamic.
>
> My problem is the DNS entry for the PDC is pointing to the wrong DC.
> DNS is pointing to the machine that was the first DC in the domain and
> I assume the PDC entry pointing to it is in there due to that.
>
> Using ntdsutil shows the role of the PDC with the correct DC.
>
> nslookup -type=SRV _ldap._tcp.pdc._msdcs.<domainname> pulls up the
> wrong PDC entry.
>
> Can i just modify the DNS entry for the PDC to point to the new
> machine so everything matches? Do I need to wait until most users are
> off the network? Or can this be done at any time? The network has
> been working fine this way for quite awhile. But if machines query
> DNS for the DC offering the PDC service they will get the wrong
> machine.
>
> I appreciate any help as always
>


Sounds like this is an AD issue. I am cross-posting this to the AD newsgroup
for your convenience. Although many of the folks respond to both groups, I
think it would be better for specific exposure to the AD group. However you
can just check back here for responses.

What do you mean by not setting the _msdcs.yourdomain.local zone as dynamic?
You mean not to set as AD Integrated (store data in AD) or not to allow
Dynamic Updates? That's ill advised. I suggest to keep it AD integrated,
using the Forest Replication scope as well as to allow updates, otherwise
any changes in AD do not get registered.

I suggest you ask a qualified engineer who is familiar with AD and DNS how
to set it up. Or post here. But looks like we may need more info from you.
Read below for more info.

As for the PDC Emulator and other roles, are you sure that DC you are
referring to is the actual PDC Emulator Role holder? Run the following to
verify all Role holders:

netdom query fsmo

No, you can't simply alter the SRV records to change what you believe is the
PDC Emulator compared to what is in the SRV records in DNS. The SRV records
are automatically published (registered into DNS) automatically by the
Netlogon service based on what the service finds in the AD database.

To insure that the records are accurate, or at least to make sure the
Netlogon service is accurately publishing the records, perform the
following:
rename the system32\config\netlogon.dns and netlogon.bak files.
ipconfig /registerdns
net stop netlogon
net start netlogon

Go back to DNS and refresh the records to manually look at the records.
Re-run your nslookup command. Compare to what the netdom output gave you. If
the netdom output says it's DC2, but DC1 is registering as the PDC Emulator,
then it appears the problem is deeper, such as a replication issue.

What can cause issues with AD? The following is a list, but not limited to,
the causes of AD issues.

1. Using the ISP's DNS addrresses in your DCs. Since AD relies on DNS, it
will be asking your ISP, 'where is my domain controller?' The ISP's DNS does
not have that info. Only use your DCs for DNS and configure a Forwarder (DNS
properties, Forwarding tab) to your ISP's DNS. If you have multiple DCs (not
including the NT4, which should NOT be running DNS) - in each DC, DNS#1
entry should be itself, and DNS#2 entry should be another DC in the same
subnet, or one across the WAN if no other DCs are on the same subnet. For
the NT4 box, point it to two of your DCs, not matter which order. Whatever
you do, do NOT use the ISP's DNS other than as a forwarder. The same goes on
all client and other machines on the network.

2. Single label name. This is a common issue many years ago when some admins
upgraded their NT4 domains to AD but did not choose a proper AD DNS domain
name, such as domain.com, domain.local, etc. A single label name example is
"DOMAIN" (without the TLD - top level domainname - of .com, .net, .local,
etc). This issue is extremely, extremely problematic.

3. Multihomed DC - DC has more than one NIC and/or IP address, and/or has
RRAS installed. Very problematic and requires registry changes to make it
work. Suggest to disable or team the NICs and use your routers for routing
data across subnets.

4. Disjointed namespace - Primary DNS Suffix does not match the zone name in
DNS, which muct have updates allowed.

5. Dynamic Updates are not allowed. Extremely problematic. Registration with
Windows 2003 AD is every 24 hours. If not allowed, you will get (IIRC)
EventID 5782 errors, among other errors associated with incorrect SRV data.

That;s just for starters. There are more issues associated wtih AD
functionality problems.

To better assist if you feel there is a problem that needs further
investigation and evaluation, please post the following:

1. Unedited ipconfig /all from your DCs.
2. Run dcdiag /v and netdiag /v and post any errors in the results.
3. Event log errors - post the eventID# and Source name

I hope that helps.


--
Ace

This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.

Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.

Ace Fekay, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA
2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer

For urgent issues, please contact Microsoft PSS directly. Please check
http://support.microsoft.com for regional support phone numbers.
 Topic: Performance Monitor Allow duplicate Instance option
Performance Monitor Allow duplicate Instance option [message #592073] Sat, 24 October 2009 00:14
aconti  is currently offline aconti
Messages: 112
Registered: January 2009
Location: NULL
Senior Member

Hello, what is the meaning of this value as I am confused whether I have
to enable it or not while monitoring my system.

Thank you


--
aconti
------------------------------------------------------------ ------------
aconti's Profile: http://forums.techarena.in/members/73272.htm
View this thread: http://forums.techarena.in/active-directory/1262458.htm

http://forums.techarena.in
 Topic: lots of event 4662 related to DomainDNSZones
lots of event 4662 related to DomainDNSZones [message #588978] Tue, 13 October 2009 10:42
paulreims  is currently offline paulreims
Messages: 2
Registered: April 2009
Location: NULL
Junior Member

Hello,
We are working with AD-integrated DNS zones. Workstations are
configured to update their own DNS-entries(register the connections
addresses in DNS).

The problem is that I see a lot of events 4662 in the AD Security log
(every few minutes), showing objects updating their entries in the
DomainDNSZone Partition. For me it seems like if the computers do not
have the right to update their own DNS entries

Concerning the Rights of the DNS-objects, "enterprise Domain
Controllers has full control" and System has Full control and
"Everyone" has Read-access.
Could there be something wrong in the DNS-server security
configuration or is there any modification to do if I want
workstations to update their own entries in DNS?

Here the detail about the event shown in the event log:

An operation was performed on an object.

Subject :
Security ID: DOMAIN\<PC NAME>$
Account Name: <PC NAME>$
Account Domain: Domain
Logon ID: 0x186984bd8

Object:
Object Server: DS
Object Type: dnsNode
Object Name: DC=<PC Name>,DC=Domain,CN=MicrosoftDNS,
DC=DomainDnsZones,....
Handle ID: 0x0

Operation:
Operation Type: Object Access
Accesses: Write Self

Access Mask: 0x8
Properties: ---
{771727b1-31b8-4cdf-ae62-4fe39fadf89e}
{e0fa1e69-9b45-11d0-afdd-00c04fd930c9}
{d5eb2eb7-be4e-463b-a214-634a44d7392e}
{e0fa1e8c-9b45-11d0-afdd-00c04fd930c9}
 Topic: Re: Change mime type and file extensions through gpo's
Re: Change mime type and file extensions through gpo's [message #588976] Tue, 13 October 2009 09:29
zyclon  is currently offline zyclon
Messages: 1
Registered: October 2009
Location: NULL
Junior Member

Hi,

I see it's some times ago... Could this help?
http://technochat.in/2009/02/set-file-association-via-group- policy/

The Articel describes how to set the file association within an Active
Directory.
We also upgrade our SAP CRM system and now have problems with opening
files through our document archive solution.


--
zyclon
------------------------------------------------------------ ------------
zyclon's Profile: http://forums.techarena.in/members/143883.htm
View this thread: http://forums.techarena.in/active-directory/947587.htm

http://forums.techarena.in
 Topic: Net localgroup API
Net localgroup API [message #587696] Thu, 08 October 2009 12:28
carl[2]  is currently offline carl[2]
Messages: 13
Registered: August 2009
Location: NULL
Junior Member

This is a multi-part message in MIME format.

------=_NextPart_000_0042_01CA4862.830777A0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Happen to read in one of the RODC presentations and didnt quite =
understand what it meant. This was identified as one of the challenges =
of Admin Role Separation.

"Memberships are not visible through NetLocalGroup APIs, since the =
"extensions" from RODC groups are only examined at token construction =
time"

------=_NextPart_000_0042_01CA4862.830777A0
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.6000.16890" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY>
<DIV><FONT face=3DVerdana size=3D2>Happen to read in one of the RODC =
presentations=20
and didnt quite understand what it meant. This was identified&nbsp;as =
one of the=20
challenges&nbsp;of Admin Role Separation.</FONT></DIV>
<DIV><SPAN=20
style=3D"FONT-SIZE: 20pt; COLOR: #4f81bd; FONT-FAMILY: Arial; language: =
en-US; mso-color-index: 4; mso-ascii-font-family: Arial; =
mso-fareast-font-family: '&#65325;&#65331; =
&#65328;&#12468;&#12471;&#12483;&#12463; '; mso-bidi-font-family: Arial; =
mso-font-kerning: 12.0pt"></SPAN><SPAN=20
style=3D"FONT-SIZE: 20pt; COLOR: #4f81bd; FONT-FAMILY: Arial; language: =
en-US; mso-color-index: 4; mso-ascii-font-family: Arial; =
mso-fareast-font-family: '&#65325;&#65331; =
&#65328;&#12468;&#12471;&#12483;&#12463; '; mso-bidi-font-family: Arial; =
mso-font-kerning: 12.0pt"><FONT=20
face=3DVerdana size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN=20
style=3D"FONT-SIZE: 20pt; COLOR: #4f81bd; FONT-FAMILY: Arial; language: =
en-US; mso-color-index: 4; mso-ascii-font-family: Arial; =
mso-fareast-font-family: '&#65325;&#65331; =
&#65328;&#12468;&#12471;&#12483;&#12463; '; mso-bidi-font-family: Arial; =
mso-font-kerning: 12.0pt"><FONT=20
face=3DVerdana size=3D2>"Memberships are not visible through =
NetLocalGroup<SPAN=20
style=3D"mso-spacerun: yes">&nbsp; </SPAN>APIs, since the =
=93extensions=94 from RODC=20
groups are only examined at token construction time"</FONT></SPAN></DIV>
<DIV><SPAN=20
style=3D"FONT-SIZE: 20pt; COLOR: #4f81bd; FONT-FAMILY: Arial; language: =
en-US; mso-color-index: 4; mso-ascii-font-family: Arial; =
mso-fareast-font-family: '&#65325;&#65331; =
&#65328;&#12468;&#12471;&#12483;&#12463; '; mso-bidi-font-family: Arial; =
mso-font-kerning: 12.0pt"><FONT=20
face=3DVerdana size=3D2></FONT></SPAN>&nbsp;</DIV></BODY></HTML>

------=_NextPart_000_0042_01CA4862.830777A0--
 Topic: Monitor events by Domain Admins members
Monitor events by Domain Admins members [message #585950] Mon, 05 October 2009 04:48
cgng
Messages: 1
Registered: October 2009
Junior Member
I am in the midst of establishing Active Directory Event Logs review policy.

Events of my concern are:
1. Logon access by any member of Domain Admins group
2. Actions performed by member of Domain Admins group

How are these activities reflect in AD server security event viewer log? What are the Event IDs to take note of?

Please advise. Thanks.

CGNG
 Topic: AD Migration & LCS 2005
AD Migration & LCS 2005 [message #583288] Wed, 30 September 2009 13:12
jeremy  is currently offline jeremy
Messages: 42
Registered: September 2006
Location: NULL
Member

I am in the process of migrating a domain from 2000/2003 to 2008. This is a
complete side-by-side migration to new forest, using ADMT 3.1 to migrate
accounts. In the source domain the company is running LCS 2005. I have a
feeling I will run into issues after migrating user accounts to the target
domain with access to the LCS 2005 environment that is still in the source
domain.

Does anyone have any experience with such a migration? Any advice,
suggestions, or pitfalls to watch out for?
 Topic: Can not use javascript operate AD objectSid.
Can not use javascript operate AD objectSid. [message #582076] Sun, 27 September 2009 03:36
liyong  is currently offline liyong
Messages: 15
Registered: June 2009
Location: NULL
Junior Member

I have a script to get AD's object sid, I can using vbscript do it, but I
must use java script in product Env. Now
the java script has error, anyone can help me?
my issue is I cannot operate the field 'objectSid' in javascript.
I have post both VBscript code and javascript ( javascript is only a little,
which include the error)

//javascript code for test, the code must run under a domain context, that
means you must login to a domain before you test
var ObjRootDSE=GetObject("LDAP://rootDSE");
var strDomain = ObjRootDSE.Get("defaultNamingContext");
alert(strDomain);
var rootGroups=GetObject("LDAP://" + strDomain);
var enumRoot = new Enumerator( rootGroups);
for (;!enumRoot .atEnd();enumRoot.moveNext())
{
var rootItem=enumRoot.item();
var x=rootItem.objectSid; //or rootItem.objectsid; have the same error
rootItem.Name; //ok
x==null; // false; not null
//x+""; // error,
//rootItem.objectSid.valueOf(); // error, rootItem.objectsid.valueOf()
also error
//x.length; // error ?
}



' VB script////////////////////////////////////////////////
sub GetLDAP()
Set ObjRootDSE = GetObject("LDAP://rootDSE")
strDomain = ObjRootDSE.Get("defaultNamingContext")
Set groups = GetObject("LDAP://" & strDomain)
For Each GroupItem In groups
Debug.Print GroupItem.Name & ", SID=" &
Module1.HexStrToDecStr(Module1.OctetToHexStr(GroupItem.objec tsid))
Set childgroups = GetObject("LDAP://" & GroupItem.Name & "," &
strDomain)
For Each childgroupItem In childgroups
'Debug.Print vbTab & childgroupItem.Name & ", SID=" &
Module1.OctetToHexStr(childgroupItem.objectsid)
'Debug.Print vbTab & childgroupItem.Name & ", SID=" &
Module1.HexStrToDecStr(Module1.OctetToHexStr(childgroupItem. objectsid))
Next
Next
End sub
'''''''''''''''''''''''''''''''''
Function OctetToHexStr(arrbytOctet)
' Function to convert OctetString (byte array) to Hex string.

Dim k
OctetToHexStr = ""
For k = 1 To LenB(arrbytOctet)
OctetToHexStr = OctetToHexStr & Right("0" & Hex(AscB(MidB(arrbytOctet, k,
1))), 2)
Next
End Function
''''''''''''''''''''''''''''''''''''''''
Function HexStrToDecStr(strSid)
' Function to convert hex Sid to decimal (SDDL) Sid.
If strSid = "" Then Exit Function
Dim arrbytSid, lngTemp, j

ReDim arrbytSid(Len(strSid) / 2 - 1)
For j = 0 To UBound(arrbytSid)
arrbytSid(j) = CInt("&H" & Mid(strSid, 2 * j + 1, 2))
Next

HexStrToDecStr = "S-" & arrbytSid(0) & "-" _
& arrbytSid(1) & "-" & arrbytSid(8)
If UBound(arrbytSid) >= 15 Then

lngTemp = arrbytSid(15)
lngTemp = lngTemp * 256 + arrbytSid(14)
lngTemp = lngTemp * 256 + arrbytSid(13)
lngTemp = lngTemp * 256 + arrbytSid(12)

HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
End If
If UBound(arrbytSid) >= 19 Then
lngTemp = arrbytSid(19)
lngTemp = lngTemp * 256 + arrbytSid(18)
lngTemp = lngTemp * 256 + arrbytSid(17)
lngTemp = lngTemp * 256 + arrbytSid(16)

HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
End If
If UBound(arrbytSid) >= 23 Then
lngTemp = arrbytSid(23)
lngTemp = lngTemp * 256 + arrbytSid(22)
lngTemp = lngTemp * 256 + arrbytSid(21)
lngTemp = lngTemp * 256 + arrbytSid(20)

HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
End If
If UBound(arrbytSid) >= 25 Then
lngTemp = arrbytSid(25)
lngTemp = lngTemp * 256 + arrbytSid(24)

HexStrToDecStr = HexStrToDecStr & "-" & CStr(lngTemp)
End If
End Function
 Topic: Re: Restoring Registry.pol file
Re: Restoring Registry.pol file [message #580611] Wed, 23 September 2009 06:05
Charles Stevenson  is currently offline Charles Stevenson
Messages: 1
Registered: September 2009
Location: NULL
Junior Member

In my case I had only created one setting when, for whatever reason, the process stopped responding. I removed the registry.pol file and created the setting again. All is well :)



Posted as a reply to:

Restoring Registry.pol file
14-Dec-07

I have encountered an issue where it appears my Machine\registry.pol file has
become corrupted on my main Domain GPO. I have an Windows 2003 AD enviroment
with some Windows 2000 Domain Controllers. When I try to edit the Domain GPO
I get an error saying "Failed to open the Group Policy Object. You may not
have appropriate rights."

When I go into the Group Policy Management MMC under Computer Configuration
Administrative templates I see the following:

The following errors were encountered:
The file
" \\servername.hoc.nrc.gov\sysvol\hoc.nrc.gov\Policies\{GUID}\ Machine\registry.pol "
is not in a valid format. The file might be corrupt. Use Group Policy Object
Editor to reconfigure the settings in this extension.

Do I have to do a complete system state restore to restore the registry.pol
file? Or is there a way to just restore that file?

I am able to access all other GPOs in all other containers other than the
main GPO.

Thanks for any help!!
Bill

EggHeadCafe - Software Developer Portal of Choice
WPF And The Model View View Model Pattern
http://www.eggheadcafe.com/tutorials/aspnet/ec832ac7-6e4c-4e a8-81ab-7374d3da3425/wpf-and-the-model-view-vi.aspx
 Topic: Forest to Forest trust?
Forest to Forest trust? [message #572242] Wed, 02 September 2009 09:34
David Robson1  is currently offline David Robson1
Messages: 5
Registered: August 2009
Location: NULL
Junior Member

Hi,

I've got a forest called forest_a. All my users and servers and workstations
are in here.

I'm planning on creating a forest_b. In here will sit my web servers.

I will then set a trust so forest_b trusts forest_a which will allow admins
to admin the new forest.
I will then set only certain accounts via selective authentication that can
run as a service.

For example:
Web server sits on forest_b (Used to sit on forest_a)
SQL server sits on forest_a
Previously i had a service account that the website would run under to query
the sql server.
I plan on doing the same. I'm guessing the service account from forest_a
will work in forest_b with my trust in place?


Is this good security?

(The thinking being is someone hacked my web server and got domain admin
they would not be able to do anyhting to my internal network/doman). Is this
correct?

Should i consider ADAM (or ADFS) in any part of this? How would this
integrate?

What is the best setup? This is Win2003.

Thank you.
Dave.
 Topic: Re: Blackberry SendAs Permissions
Re: Blackberry SendAs Permissions [message #566306] Fri, 21 August 2009 03:35
alo.jacko.3x9evc  is currently offline alo.jacko.3x9evc
Messages: 1
Registered: August 2009
Location: NULL
Junior Member

Marked! Jacko will be back to check it soon !thanks a lot.:-)
'_simulation_taux_banque_credit_immobilier_de_France_'
(http://creditimmobilierdefrance.org/) - Credit immobilier de France,
simulation credit immobilier. Résultat mitigé pour le crédit immobilier
de France.'_simulation_taux_banque_credit_immobilier_de_France_ '
(http://creditimmobilierdefrance.org/)


--
alo.jacko
------------------------------------------------------------ ------------
alo.jacko's Profile: http://forums.techarena.in/members/127031.htm
View this thread: http://forums.techarena.in/active-directory/710406.htm

http://forums.techarena.in
 Topic: General access denied error
General access denied error [message #564004] Fri, 14 August 2009 10:51
Sundarram  is currently offline Sundarram
Messages: 1
Registered: August 2009
Location: NULL
Junior Member

I am updating the AD user details in my application using a generic login.
The problem is it fails for few user detail update saying "General access
denied error" at
System.DirectoryServices.Interop.UnsafeNativeMethods.IAds.Se tInfo()
exception, but the users permission level is similar to other user.

Can any one help me out in the problem? What right i have to give for my
generic account to allow it to edit all the AD user? (other than adding it in
admin group)
 Topic: ADUC won't open
ADUC won't open [message #562412] Mon, 10 August 2009 13:12
gcatech  is currently offline gcatech
Messages: 1
Registered: August 2009
Location: NULL
Junior Member

on new server running 2008 64bit, when i try to run ADUC, i get MVC++ runtime
library error...this application has requested the Runtime to terminate in an
unusual way. there is no other program specified.
in reviewing my logs, it appears explorer.exe hung upon ADUC request. all
other nodes of AD open fine, just not users and computers.
 Topic: TEST
TEST [message #561892] Sat, 08 August 2009 05:51
whyso88  is currently offline whyso88
Messages: 15
Registered: May 2009
Junior Member
Ftp Download! Cracked Software/software Cracks/dongle Cracks/warez Cd Cracks/serials! CRACKED SOFTWARE(CAD/CAE/CAM/EDA/PCB/GIS/CNC/FEA)! if you need some softwares, please email me: hunker@bk.ru


Use Ctrl+F to search the program you need.

Cadimage Pack v11 For Archicad 11
Borland.Together.Designer.2005-SHOCK
Borland.Together.Developer.for.JBuilder.2005-SHOCK
Borland.Together.for.Eclipse.v7.0-SHOCK
Borland.Together.for.Microsoft.Visual.Studio.NET.v2.0
Borland.Turbo.Delphi.2006.Explorer.Edition.
Bosch.Rexroth.Indraworks.v7.04
Bosch.Rexroth.WinStudio.v6.5
Boson.Router.Simulator.v3.71.WinALL.CRACKED
BOSS.RiverCAD.Professional.for.AutoCAD.v8.1
BOSS.RiverCAD.XP.for.AutoCAD.v8.1
BOSS.StormNET.v4.18
Boston.Dynamics.DI-GUY.v5.0
Box.Shot.3D.v2.10.Working
Box.Vellum.v5.01CD
BPA.2006
BR&E.ProMax.2.0.7047.0
Braid.Art.Labs.GroBoto.v2.1.8.1.
BRAINSTORM.ESTUDIO.V11
BrainVoyager.QX.v2.0.7
BrazilRS.1.2.52R6-R7
Breault.ASAP.v8.0
Breeze.5.1.SP2.
BricsCad.Architecturals.4.1.0015
BricsCad.Pro.v9.2.15.14684
BricsCad.Structural.Frames.v2.1.0004
Bricsys.Bricscad.Pro.v9.1.8.
BRIO.REPORTS.V6.2
Broderbund.3D.Home.Architect.Professional.5.0
Broderbund.3D.Home.Design.Deluxe.v6.0
BRODERBUND.3D.HOME.DESIGN.SUITE.PROFESSIONAL.V5.0
Broderbund.3D.Home.Landscape.Designer.Deluxe.5
Brother.PE-Design.v6.0.WinALL
bryce.6.0
Bryce.Lightning.v2.0b
Bryce.v6.0.MacOS
BSI.FB-Pier.v3.21
BtoCAD.2009A.v0416.11
BuildersCAD.v9.1
Building.Systems.2007.Metric.Bonus.Tools
Bunkspeed.HyperShot.v1.5.20.
Business.Objects.Xcelsius.Engage.2008.v5.0.0.99.
BUW.EFX.EVX.v6.0
BUW.SmartElectrode.v5.0
BWRSCalc.1.0
Byte.Mountain.GridSmith.v1.0.4.224.
C.A.T.S.RT.Tuner.v1.12
C.A.T.S.Tuner.v2.08ECM
C.A.T.SCross.Disassembler.v1.36
C.A.T.SECM.PCM.Checksum.Utility
C.A.T.STuner.v2.08.
C30.Release.1.20.00
CA.AllFusion.Data.Model.Validator.7.2
CA.AllFusion.ERwin.Data.Modeler.7.2.9.SP2
CA.AllFusion.Model.Manager.7.2.9.SP1
CA.AllFusion.Model.Navigator.7.2.9.SP2
CA.AllFusion.Process.Modeller.7.2.5.SP1
CAA.API.v5R13.SP2
CAA.Enovia.LCA.v5R14
CAA.Enovia.v5R14
CAA.RADE.v5R14
CAAD.4.0
CABINET.VISION.SOLID.V4.0
Cache.v7.5.0.85
Cacidi.Extreme.Suite.v6.0.for.Adobe.Indesign.CS2
Cactus3D.CD.Jointskin.v1.026.for.Cinema.4D.WinALL
Cactus3D.CD.Morph.v1.120.for.Cinema.4D.WinALL
CAD.CH3ATER.V3.6.PREMIUM.G4YER
Cad.Closure.V1.8.5
CAD.Duct.Solids.v2.27
CAD.EASY.EASYSITE.AUTOCAD.V2
CAD.Ence.Logic.Dnsign.AND.Verifcation.v5.11CD
CAD.Fix.v6.0.Proper
CAD.HMCAD8.0
CAD.Import.Module.for.Comsol.Multiphysics.v3.3
CAD.Mai.v2.0
CAD.Schroer.Stheno.Advanced.V3.1.1.
CAD.Translators.for.Cranes.NISA.v15.1
CAD.Viewer.v7.0.A.15.Network.Edition.WinAll
CAD2CAD.DWG.Express.7.03
CAD2CAD.Express.3.4
CAD2CAD.TrueDTP.v1.39
CAD2CAD.TwinView.12.7
CAD2CAD.TwinView.Plus.v12.50
Cadance.Signal.Processing.Workstation.4.7
CADBID-ROAD.V4.4
CADCAM-E.Cat4Works.v5.2
CADCAM-E.CAT5Edge.v2.0
CADCAM-E.CAT5Ug.v3.1
CADCAM-E.Cat5Works.v3.1
CADCAM-E.IGES/Cat.v9.0.WinNT.2K
CADCAM-E.IGES/Cat5.v4.0.WinNT.2K
CADCAM-E.IGES/Pro.v4.1.WinNT.2K
CADCAM-E.IGES/Ug.v8.0.WinNT.2K
CADCAM-E.IGESCat.v9.0
CADCAM-E.IGESCat5.v4.06.09.24.
CADCAM-E.IGESPro.v4.1
CADCAM-E.IGESUg.v8.0
CADCAM-E.MCCat5.v4.0
CADCAM-E.PS/Cat.v3.0
CADCAM-E.PS/Cat5.v4.0.WinNT.2K
CADCAM-E.PS/Pro.v4.1.WinNT.2K
CADCAM-E.PSCAT5.v2.2.
CADCAM-E.PSCat5.v4.0
CADCAM-E.PSPro.v4.1
CADCAM-E.STEP/Cat5.v3.0.WinNT.2K
CADCAM-E.STEPCat5.v3.0
CADCAM-E.UG/Works.v3.1.WinNT.2K
CADCAM-E.UGWorks.v3.1
CADCEUS.6.4
CADDAT.DwgBase.V2.0
Caddie.Professional.v9.0
CAD-DUCT.Solids.v2.27.035
CADdy.Plus.Plus.Mechanical.Design.Basic.v6.0
Caddy-Electrical-3.8-3.6
Cadem.CAMLite.v8.0
Cadem.CAPSmill.8.1
Cadem.CAPSturn.v8.1.WiN32
CADEM.NCNET.V4.0
Cadem.NCnet-1.v4.1.WiN32
Cadem.SeeNC.Mill.v6.1.WiNNT2K
Cadem.SeeNC.Turn.v6.1.WiNNT2K
Cadenas.Partsolutions.v8.1.06
Cadenas.SPECCTRA.Router.v10.2
Cadenas.SPECCTRA.Version.10.1.1
Cadence.Allegro.PCB.Design.v16.2.
Cadence.Allegro.Silicon.Package.Board.(SPB).16.2
Cadence.Allegro.v13.6
Cadence.AMS.Methodology.Kit.6.12.Linux
Cadence.Analog.VoltageStorm.(EANL).5.1.linux
Cadence.ANLS.v6.1.Linux
Cadence.ASSURA.3.20.Linux
Cadence.Base.IC5141.lnx86
Cadence.BSIMProPlus.v5.1
Cadence.Conformal.Constraint.Designer.(ccd).v61.Linux
Cadence.Conformal.v8.1.Linux
Cadence.CONFRML.v5.0.Base
Cadence.CTS.v9.1.Linux
Cadence.EMGR.v08.02.001.Linux
Cadence.Encounter.Conformal.Low.Power.8.1.Linux.
Cadence.Encounter.RTL.Compiler.v8.1.Linux
Cadence.Encounter.Timing.System.(ETS).8.1.Linux.
Cadence.ETS.v8.10.Linux
Cadence.EXT.7.1.Linux
Cadence.FINALE.6.1.Linux
Cadence.Generic.PDK090.v3.7.Linux
Cadence.IC.Craftsman.v11.241
Cadence.IC.Design.v6.13
Cadence.IC5141.usr6.
Cadence.IC610 5CD
Cadence.IFV.v8.1.Linux
Cadence.Incisive.Desktop.Manager.(EMGR20).2.0.Linux
Cadence.Incisive.Enterprise.Specman.Elite.Testbench.(SPMN).6 .0.Linux
Cadence.Incisive.Formal.Verifier.(IFV).5.8.Linux
Cadence.Incisive.Plan-to-Closure.Methodology.(IPCM).6.0.Linu x
Cadence.IUS.8.2
Cadence.LDV.v5.1.
Cadence.LEC.Conformal.7.2.Linux
Cadence.MMsim.v7.1.Linux
Cadence.OrCAD.Capture.CIS.9 1CD
CADENCE.ORCAD.SUITE.WITH.PSPICE.V10.5 2CD
Cadence.OrCAD.v16.2
Cadence.PAS.v3.1
CADENCE.PCB.DESIGN.STUDIO.V15.1 3CD
Cadence.PSD.15.1
Cadence.RF.Methodology.Kit.8.1.Linux.
Cadence.RFKIT.v8.1.Linux
Cadence.SEV.v4.1.Linux
Cadence.Silicon.Package.Board.Codesign.v15.2
Cadence.SOC.Encounter.v8.1.Linux
Cadence.SOC 6.1
Cadence.SOCKIT.v08.02.001.Linux
Cadence.SPB.16.2.Linux
Cadence.Specctra.Router.v10.2
Cadence.Specman.Elite.v5.0.Linux
Cadence.Spectra.10.2
Cadence.SPMN.v08.02.001.Linux
Cadence.SPW.v4.9.Linux
Cadence.TSI.v6.1.Linux
Cadence.Virtual.Component.Co-design.v2.2
Cadence.Virtuoso.Analog.ElectronStorm.(ANLS).v6.1
CADEX.for.CADAM.Drafting.v4.2.4.3.PTF4
CADfix.7.1
CADFX.MPT.for.Autocad.v4.0
CADFX.Plotminder.for.AutoCAD.v2.5.1.0
CADFX.Replot.v1.9.
CADFX.StampFX.for.AutoCAD.v2.5
CADian.2008.6.2.36
CADian.2008.Omega.v63
CADianARCH.2008.Omega.v21
Cadimage.3d.Profiler.v12.1.For.AC12.
Cadimage.Accessory.Tools.v12.1.For.AC12.
Cadimage.Key.Notes.v12.1.For.AC12.
Cadimage.Landscaping.Tools.v12.2.For.AC12.
Cadimage.Pack.v11.For.Archicad.11
Cadimage.Rapid.Details.v12.1.For.AC12.
Cadimage.Revision.Manager.v12.1.For.AC12.
Cadimage.Stair.Builder.v12.1.For.Archicad.12(Archicad.12.
Cadimage.Tools.3D.Profiler.Tools.v11.2.For.Archicad.11
Cadimage.Tools.Accessory.Tools.v11.3.For.Archicad.11
Cadimage.Tools.Door.And.Window.Builder.v11.3.For.Archicad.11
Cadimage.Tools.Key.Notes.v11.2.For.Archicad.11
Cadimage.Tools.Revision.Manager.v11.3.For.Archicad.11
Cadimage.Tools.v9r2.And.Library.Plugins.For.ARCHICAD.9
Cadkey.99.R1
CADKEY.Workshop.EX.v21.5.incl.SP2
CADKey.Workshop.v21.5
CADlink.EngraveLab.Expert.7.1.rev.1.Build.8.
Cadlink.Engravelab.v6.1.Rev9
Cadlink.ProfileLab.2D.7.1.rev.1.Build.8
Cadlink.Signlab.e6.1.Rev13
Cadlink.SignLab.Vinyl.7.1.Rev.1.Build.7.
Cadlink.Vision.Pro.v6.1
Cadmai.v3.11
CADMAX.Solid.Master.v10.00
CADopia.6.0.SP1
CADopia.8.6.4.23
CADopia.8.Professional.v6.4.23
CADopia.Intellicad.5.Standard.SP1.v5.0.20.0
CADOPIA.INTELLICAD.PROFESSIONAL.EDITION.V4.0
CADopia.Standard.v6.SP1
Cadpipe.2002.3D.Design.v7.0.for.AutoCAD
Cadpipe.2002.Building.Services.v7.0.for.AutoCAD
Cadpipe.2002.Commercial.PIPE.v7.0.for.AutoCAD
Cadpipe.2002.HVAC.v7.0.for.AutoCAD
Cadpipe.2002.ISO.v7.0.for.AutoCAD
Cadpipe.2002.Ortho.v7.0.for.AutoCAD
Cadpipe.2002.PID.v7.0.for.AutoCAD
CADRASTER.LTX.V4.80.FOR.FELIXCAD
CADRaster.LTX.v6.10.for.AutoCAD
CADRASTER.PRO.V4.80.FOR.FELIXCAD
CADRASTER.pro.V5.10.For.AutoCAD
CADRASTER.PRO.V8.0.FOR.AUTOCAD
CADRASTER.V5.10.For.LTXCAD
CADRE.Flow.v1.1.1007.0
CADRE.Geo.v5.0.1009.0
CADRE.Pro.v5.0.2.6
CADRE.Profiler.v2.0.6003.0
CADRE.Rescol.v2.0.1.4
CADS.HYPERSTEEL.V7.1.SP1
CAD-Schroer.Medusa.4.v2
CADSION.Pipes.v4.12
CadSoft.Eagle.Professional.v5.6.0
Cadsoft.Envisioneer.v3.00.c2.458
CADSOFT.TR.ADE.M.E.CAD.ENCE.V1.0
Cadstar.9.0
cadsuper.jx.for.jwindows.CAD
CadTech.SolidCAM.2003.v8.2.7.for.SolidWorks
CADTooLs.v6.0.for.Solidedge
CADVance.2005.v12.25
CADVANCE.V12.32
CADvent.5.6.0.9
Cadwork.v14
CADWorx.DataSheets.2008
cadworx.equipment.V2009.
CADWorx.P&ID.Professional.2008
cadworx.plant.V2009.
CADWorx.Steel.2006
CADzation.AcroPlot.Pro.v2009.02.03
CAE.InteCASTR 8.0
CAE.PowerTools.FEvis.Publisher.v1.1.0.13
CAE/InteCAST.6.0
CAE/InteCASTR8.0
CAEFEM.v9.3
Caesar.II.5.1
Cakewalk.Project 5.1.5
Cakewalk.Sonar.v6.0.Producer.Edition.
Calc.3D.Pro.1.9
Calcmaster.v6.1
Calcusyn.v2.0
Calepilight.v1.16b.
Calibration.Master.v2.1.7
Caligari.Conversion.Pack.For.TrueSpace.v6.00
Caligari.gameSpace.1.5
Caligari.TrueSpace.for.IntelliCAD.v5.1
Caligari.TrueSpace.v6.5
CALSEP.PVTSIM.V17.3C
Calyx.Point.6.0
Cam.Analyzer.v3.2.B.011
CAM.Expert.v2.0.4.8
cam.tool.2.0.CAD
CAM.Utilities.v6.6
CAM350.v10.0.1.312
CAMbridge.Animation.Systems.Animo.v6.0.
CambridgeSoft.BioDraw.Ultra.v11.0.1.
CambridgeSoft.BioOffice.Ultra.v11.0.1.
CambridgeSoft.ChemACX.Ultra.v10.0
CambridgeSoft.ChemBio3D.Ultra.v11.0.1.
CambridgeSoft.ChemBioDraw.Ultra.v11.0.1.
CambridgeSoft.ChemBioOffice.WorkGroup.Ultra.2009.v11.0.2
CambridgeSoft.ChemBioViz.Ultra.v11.0.1.
CambridgeSoft.ChemOffice.2010.v12
CAMCAD.&.Translator.v4.3.39
CAMCAD4.2
CAMCTO.v2.28
Camio.Studio.Inspect.v4.2
CAMMAN.v4.0.5

Use Ctrl+F to search the program you need.

Anything you need,must can mail Email: If there is your need, please mail me: hunker@bk.ru

 Topic: IAS
IAS [message #560683] Tue, 04 August 2009 22:22
DD[1]  is currently offline DD[1]
Messages: 211
Registered: October 2006
Location: NULL
Senior Member

> We have an IAS running on Win2K DC , we intend to replace the current DC
with
> the new H/W and downgrade existing DC to member server.IAS services will
> still stay on the existing server.
>
> 1) can the IAS running on member server
> 2) any impact of the IAS if we change the existing DC ip address
 Topic: Can't authenticate against the same username (identical usernames) in
Can't authenticate against the same username (identical usernames) in [message #560011] Mon, 03 August 2009 04:55
KevinC[2]  is currently offline KevinC[2]
Messages: 2
Registered: August 2009
Location: NULL
Junior Member

I have a java (JRE 1.6) application in Linux that uses Active
Directory (AD) (on Windows Server 2003 service pack 2) via LDAP to
authenticate users. There are two AD servers: one providing domain
PARENT (parent.local) and the second CHILD (child.parent.local). Both
of these servers have two-way trust with each other.

I have users PARENT\userA, PARENT\userB, CHILD\userB and CHILD\userC.
All users have the same password apart from CHILD\userB whose password
is different to the rest - including PARENT\userB.

My java application can target (make requests to) the PARENT AD server
and successfully authenticate PARENT\userA, PARENT\userB and CHILD
\userC when I provide the correct domain, username and password values/
triples. The application can target the CHILD AD server and
successfully authenticate PARENT\userA, CHILD\userB and CHILD\userC.

But I can not authenticate CHILD\userB when targetting the PARENT
server: PARENT\userB is authenticated against if I provide its
password. And I can not authenticate PARENT\userB when targetting the
CHILD server: CHILD\userB is authenticated against if I provide its
password.

Why do these authentications concerning the same username not work? Is
there anyway of configuring the AD servers so they will work?

Kevin

PS: I use the com.sun.jndi.ldap.LdapCtxFactory context factory code
like this in java:

env.put(Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, ldap_server);

env.put("javax.security.sasl.qop", "auth-conf");
env.put("javax.security.sasl.strength", "high");

env.put(Context.SECURITY_AUTHENTICATION, "DIGEST-MD5");

env.put(Context.SECURITY_PRINCIPAL, userName);

env.put("java.naming.security.sasl.realm", domain);

env.put(Context.SECURITY_CREDENTIALS, password);
.....
Pages (4180): [1  2  3  4  5  6  7  8  9  10  11  12  13  14  15    »]

.:: Home ::.
 
   
  
 
Top Outlook add-ins
Duplicate Email RemoverDuplicate Email Remover

Delete duplicate emails and posts in Outlook and Microsoft Exchange folders.

Duplicates Remover for OutlookDuplicates Remover for Outlook

Delete duplicates in Microsoft Outlook and Microsoft Exchange Server folders.

Mail Merge ToolkitMail Merge Toolkit

Microsoft Office add-in to improve mail merging in Outlook, Word and Publisher.

MAPILab ToolboxMAPILab Toolbox

A set of 18 Microsoft Outlook 2000/XP/2003/2007 add-ins.

Total 189 add-ins for Outlook
in 11 categories.

Latest news

Oct 26, 2009
SecureZIP

Oct 20, 2009
ZideOne Outlook Connector

Oct 15, 2009
Send And Move

Oct 10, 2009
Toltec Connector

more outlook news  News archive...
  

© 2006-2009 Office Assistance LLC