Location: Home

Welcome

Welcome

You may have noticed that we've added a few changes to the site.  Yes a complete site re-write!  Hopefully the site navigation still appear somewhat similar to the old site.  If you need a hand in figuring where everything went then worry no more, just visit our site map.

If you notice anything we have missed during our migration, or may be a broken link then please get in touch, either through the mailing list or using the feedback form on the about page.

ActiveDir.org is the home of the Active Directory Discussions Mailing List which was started in January 2001 with the aim of providing a forum for discussing various aspects of Microsoft's Active Directory technology. Since then the list has grown to a membership of over 1000 subscribers and 3000 site members.  The list has become extremely active, and includes many of the foremost experts in Active Directory.

The focus here at ActiveDir.org is the mailing list, but we now also offer a range of useful resources (see left navigation options).

You can also share your knowledge and experience with the wider community by creating your own articles using the site's Wiki-style functionality.  Click here for more information.

Here's what's happening on our Mailing List...

Here's what's happening on our Mailing List...

  • CrawfordS just posted 'RE: [ActiveDir] Local Admin Rights Question'

    The administrator account can be renamed without changing its SID. I'd expect they're looking for a particular SID. ________________________________ From: ActiveDir-owner@mail.activedir.org on behalf of Anthony Kimmons Sent: Thu 5/8/2008 5:29...

  • robertsingers just posted 'RE: [ActiveDir] userenv.log and scriptPath logon scripts?'

    Just some more info. I've packaged up BGinfo as an MSI for distribution by GPSI. The 'corporate' backgrounds are packaged and distributed seperately (so I could rebrand the entire org on April Fools if I wanted). A start up\logon script copies ...

  • jw1 just posted 'RE: [ActiveDir] userenv.log and scriptPath logon scripts?'

    Good idea. We already have it log an event for some level of detail (just looking for something additional client-side, for times when it DOESN'T run correctly). From: ActiveDir-owner@mail.activedir.org [mailto:ActiveDir-owner@mail.ac...

  • darren just posted 'RE: [ActiveDir] userenv.log and scriptPath logon scripts?'

    James- I don't believe that type of logon script run gets logged in userenv but you should see an event in the Application event log of source "Userinit" when it runs. Darren **** Darren Mar-Elia CTO & Founder SDM S...

  • robertsingers just posted 'RE: [ActiveDir] userenv.log and scriptPath logon scripts?'

    Here's a bit of a tangential thing. You could use BGInfo and tattoo the desktop with the Logon Server details. Or have the log on script set an environment variable to %logonserver% as in http://support.microsoft.com/kb/183495 _______________...

  • TG just posted 'RE: [ActiveDir] Local Admin Rights Question'

    it may not be looking for the name. Checking if it is the "500" account will do just that. People that code that in, should be put in front of the firing squad, though. Thank you, Tony. Tony Gordon Windows 2003 & 2000 MCSE, Windows 2...

  • robertsingers just posted 'RE: [ActiveDir] Local Admin Rights Question'

    The user needs modify access to somewhere like c:\program files\oracle\Jinitiatorx.x.x.xx\lib\security and one of the registry keys that they don't have by defualt. I'm trying to make sense of my Advanced Installer project file for repacking Ji...

  • jw1 just posted '[ActiveDir] userenv.log and scriptPath logon scripts?'

    Does anyone know if there are supposed to be any entries in userenv.log (debug setting) for a logon script called via the scriptPath property on a user object? I'm not looking for anything too granular...just an indication of whether or not the scri...

  • akimmons just posted 'RE: [ActiveDir] Local Admin Rights Question'

    I think ya'll are arguing a moot point. The local administrator accounts on the boxes in question are all renamed.... Administrator does not get you anywhere.... (Of course the local profile is saved under docs and settings using the term "A...

  • CrawfordS just posted 'RE: [ActiveDir] Local Admin Rights Question'

    I respectfully disagree with your disagreement "We use a Web based software application that requires a java plug in (jinitiator). . . . If I run the app logged in as a local administrator created on the local machine with no domain rights...

Join in the fun by subscribing here

New Stuff

New Stuff

List Avatars... did you know... - Thursday, January 24, 2008

If you are feeling particularly expressive you can assign a picture to be displayed next to each post you make to the mailing list.  How?  Login to the site, visit the List Archives tab, hit 'My Profile', at the bottom of the page hit 'Edit Profile' and there you can either upload a picture or link to an existing picture of yourself and however you want to be represented.

 
Search the Archives is now available - Monday, January 14, 2008

Yes we finally got around to it.  It's now possible to search the archives.  Its fully text indexed so you should be able to find what it is you are looking for.

To access the search function, click on Advanced Search beneath the normal Site Search button.  (You must have javascript enabled in your browser to Search).

 read more ...
Latest Articles

Latest Articles

How to delete corrupt mail items with MFCMAPI
Author: Alexei Segundo :: Date: Tuesday, April 22, 2008 12:58 AM
Categories: Exchange
I recently encountered a situation where Outlook could not open two emails within a mailbox located within an Exchange mail store. Not only could I not open the items, I couldn’t move or delete them either. It was frustrating as it was causing some problems for an email archiving product. 
 
I eventually managed to delete the two emails using the MFCMAPI tool. This article explains the method used and provides screenshots to guide you through the process.
Tracking LDAP Searches with Windows Server 2008 Reliability and Performance Monitor
Author: Tony Murray :: Date: Tuesday, February 26, 2008 4:39 PM
Categories: Active Directory, Windows Server

Windows Server 2008 ships with the Reliability and Performance Monitor (RPM) snap-in.  On DCs, RPM incorporates an Active Directory Diagnostics feature that includes the abilility to track LDAP searches against a DC.  The amount of information captured can be very useful when troubleshooting LDAP issues.

This article provides a step by step guide on how to use RPM to track LDAP searches.

Making bulk changes to Active Directory users with ADModify.NET
Author: SuperUser Account :: Date: Tuesday, December 18, 2007 5:09 PM
Categories: Active Directory

Provides a step-by-step tutorial of how to make bulk changes using the ADModify tool

ADMT v3 sets the "User must change password at next logon flag" on migrated user objects
Author: SuperUser Account :: Date: Tuesday, December 18, 2007 5:03 PM
Categories: Active Directory

This article describes an unexpected behaviour of ADMT v3 and how to work around it.

How to authenticate to Active Directory from Cisco IOS
Author: SuperUser Account :: Date: Tuesday, December 18, 2007 5:00 PM

This article describes the steps necessary to setup authentication and authorization to Active Directory from a Cisco device running IOS.

How to remove the Shared Folders feature of VMWare Tools
Author: SuperUser Account :: Date: Tuesday, December 18, 2007 4:54 PM
Categories: Active Directory

There are known problems with performing certain Active Directory tasks with DCs running on VMWare, such as DC promotion and trust establishment. This article provides instructions on how to remove the shared folder feature, which is part of VMWare Tools.

Logging LDAP searches: AD and ADAM
Author: SuperUser Account :: Date: Tuesday, December 18, 2007 4:43 PM
Categories: Active Directory

Have you ever wanted to log all LDAP searches against a Domain Controller or an ADAM instance? This article describes how to do this.

Enabling change notification for inter-site links
Author: Tony Murray :: Date: Tuesday, December 18, 2007 4:37 PM
Categories: Active Directory

If you have more than one AD site you may find that account lockouts and unlocks take some time to replicate to the remote site(s). This article explains why this can happen and shows how to enable change notification on inter-site links to allow the urgent replication of account lockout status.

Fun with Linked Attributes
Author: SuperUser Account :: Date: Tuesday, December 18, 2007 11:04 AM

Explains the concept of linked attributes, provides examples and shows where and how to find them in AD.

Moving FSMO roles from one DC to another DC
Author: SuperUser Account :: Date: Tuesday, December 18, 2007 11:02 AM
Categories: Active Directory

The article provides information about moving (transfering or seizing) FSMO roles from one DC to another DC

Friends

Friends

Namescape
Your Home Page ..

Your Home Page ..

Site Articles:

Add to Google

Add to My Yahoo!

Mail List Posts:

Add to Google

Add to My Yahoo!

Ads

Ads

ScriptLogic
AdventNet Banner
Copyright 2008 ActiveDir.org
Terms Of Use