Here's a tool that neither one of my AD classes or anything I had read mentioned: Admodify.
Excellent for bulk changes, I used it to add the appropriate UPN suffix to several hundred accounts that were missing it. I've also used it to modify the display name.
MSExchange.org has a nice write-up on it.
You can download it from Microsoft here. The .NET version is the latest.
Friday, March 18, 2005
Monday, March 14, 2005
Passed 70-294!
Woo Hoo! I passed the 70-294 exam for "Planning, Implementing and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure" this Saturday.
Here's a rip from MCSE World on my thoughts:
OUTSIDE READING IMHO is a must for this exam.
I took the Microsoft 2269 class, used the ExamCram2 book and used the Self Test practice software and still failed the first time.
You absolutely must read up on:
COM+ Partitions
COM+ Partition sets
Certificates
Terminal Servers and GPO Software installs
Don't focus on these 100%, that's what the main objectives are for, but do except a question to two.
I even had a good ol' fashioned disk quota question.
I also found Mike Meyers' Passport book on the 70-294 helpful, and in some ways a better overview than the ExamCram2 book
Here's a rip from MCSE World on my thoughts:
OUTSIDE READING IMHO is a must for this exam.
I took the Microsoft 2269 class, used the ExamCram2 book and used the Self Test practice software and still failed the first time.
You absolutely must read up on:
COM+ Partitions
COM+ Partition sets
Certificates
Terminal Servers and GPO Software installs
Don't focus on these 100%, that's what the main objectives are for, but do except a question to two.
I even had a good ol' fashioned disk quota question.
I also found Mike Meyers' Passport book on the 70-294 helpful, and in some ways a better overview than the ExamCram2 book
Sunday, March 13, 2005
Another DirXML tweak
Turns out I still needed to tweak DirXML further for my environment. The templates used by administrators to create new users in eDirectory were creating a "Other User" name that would become the "user name" in AD.
Check out the Novell TID here.
Check out the Novell TID here.
Wednesday, March 09, 2005
Worst week ever or "So you want to use DirXML?"
Have you ever heard of the VH1 show Best Week Ever ? Well, that definitely wasn't my last week. Whew! I thought getting DirXML to work and staying on top of participating in a slew of job interviews and Sarbanes Oxley meetings was going to kill me.
I survived and thought I'd share a few of the oddities I hit in my endeavors.
Still being a hybrid Novell NDS/eDirectory and Microsoft AD shop, we were wanting a way to sync the passwords since the pace of our Exchange 2003 migration is preventing our Desktop support to join the PC's to the domain. If Outlook 2003 would behave consistently for us on password changes for non-domain PC's, it would be a non-issue. Microsoft's solution appears to be their PEWA tool from the Exchange 2003 Resource Kit. Neither MIIS, nor Microsoft's tool from their Services for NetWare is an option, as we wanted to password sync to also work from NDS/eDirectory to AD. Leaving the Novell DirXML Starter Pack the only option.
Tricky to setup with all the caveats, but it can work in a 2003 AD environment , but must be installed on a 2000 member server. Also, it doesn't handle UPN's out of the box either, you must add a stylesheet. Another one that caught me off guard was that even though I had the sync set to one-way from NDS to AD, a delete in AD would delete the NDS object. Further points of interest were that NMAS must be disabled on the Novell Client. Contrary to the Novell DirXML documentation, I found that changing the password from ConsoleOne would change the password in AD, with the exception being the initial account creation. Lastly, I manually manipulated placement rules to handle the fact that the NDS/eDirectory environment had two high level Organization (O's) that contained multiple Organizational Units (OU's) that I wanted to sync to AD. Whew!
Oh yeah, I changed the blog name. It's pretty cheesy, but at least more accurately reflects where this thing is headed I think.
I survived and thought I'd share a few of the oddities I hit in my endeavors.
Still being a hybrid Novell NDS/eDirectory and Microsoft AD shop, we were wanting a way to sync the passwords since the pace of our Exchange 2003 migration is preventing our Desktop support to join the PC's to the domain. If Outlook 2003 would behave consistently for us on password changes for non-domain PC's, it would be a non-issue. Microsoft's solution appears to be their PEWA tool from the Exchange 2003 Resource Kit. Neither MIIS, nor Microsoft's tool from their Services for NetWare is an option, as we wanted to password sync to also work from NDS/eDirectory to AD. Leaving the Novell DirXML Starter Pack the only option.
Tricky to setup with all the caveats, but it can work in a 2003 AD environment , but must be installed on a 2000 member server. Also, it doesn't handle UPN's out of the box either, you must add a stylesheet. Another one that caught me off guard was that even though I had the sync set to one-way from NDS to AD, a delete in AD would delete the NDS object. Further points of interest were that NMAS must be disabled on the Novell Client. Contrary to the Novell DirXML documentation, I found that changing the password from ConsoleOne would change the password in AD, with the exception being the initial account creation. Lastly, I manually manipulated placement rules to handle the fact that the NDS/eDirectory environment had two high level Organization (O's) that contained multiple Organizational Units (OU's) that I wanted to sync to AD. Whew!
Oh yeah, I changed the blog name. It's pretty cheesy, but at least more accurately reflects where this thing is headed I think.
Monday, February 21, 2005
Lapse in time.
Okay, so it's been a while since my last post. Between work and trying to move a household of my mom's stuff into an apartment I've been pretty busy.
In trying to reschedule the 70-294 exam I had the joy of finding that Prometric had not used my exisiting MCP ID, rather they created a new one. Now I'm going through the pains of trying to get Microsoft to merge them so I can re-schedule the exam and get going again.
I'm also learning the joys of Microsoft hot fixes, as I came to find out after setting up a new Active Directory site on our production forest. Several dcdiag /e tests later and I was wondering what the heck happend. Turns out it's a known bug in a 2003 functional forest (KB832628). (If you are not one of the lucky one's with a way to obtain the fix, leave a message in the blog and I'll help you out.)
In trying to reschedule the 70-294 exam I had the joy of finding that Prometric had not used my exisiting MCP ID, rather they created a new one. Now I'm going through the pains of trying to get Microsoft to merge them so I can re-schedule the exam and get going again.
I'm also learning the joys of Microsoft hot fixes, as I came to find out after setting up a new Active Directory site on our production forest. Several dcdiag /e tests later and I was wondering what the heck happend. Turns out it's a known bug in a 2003 functional forest (KB832628). (If you are not one of the lucky one's with a way to obtain the fix, leave a message in the blog and I'll help you out.)
Saturday, February 05, 2005
Delayed trendy
Okay, so I go out to study with my wife at the local coffee shop and lug the laptop along so of course I connect to the internet since they have a free wireless hotspot and of course I come here to update my blog.
Damn I sure do feel kinda cheesey sitting here composing. It's actually kind of interesting though to conversation drop on those around me, especially if they are drinking. ;-)
Well, so far I'm at least trying to update this blog frequently, but I don't feel like I'm making much of a useful contribution since this blog lacks any real focus. For now I think I'll keep updating and see where it goes.
In the end I may just try for an IT Professional blog or a MCSE blog.
I will add some more url's I found that have been helpful in studying:
GP Answers.com
MCSE World
Damn I sure do feel kinda cheesey sitting here composing. It's actually kind of interesting though to conversation drop on those around me, especially if they are drinking. ;-)
Well, so far I'm at least trying to update this blog frequently, but I don't feel like I'm making much of a useful contribution since this blog lacks any real focus. For now I think I'll keep updating and see where it goes.
In the end I may just try for an IT Professional blog or a MCSE blog.
I will add some more url's I found that have been helpful in studying:
GP Answers.com
MCSE World
Friday, February 04, 2005
Towel over your head
'K, so I've been pondering exactly what I'm doing with this blog. I was inspired by the Microsoft product-related blogs I stumbed across.
Active Directory Cookbook Blog
MS Exchange Blog
However, I still don't know if this is going to be a bunch of personal stuff, purely an IT professional blog or some hybrid.
Maybe it's purely a distraction from the work grind and something to occupy the last 20 minutes of the work day on a Friday. Heck I haven't even tried to point any friends or colleagues to this link.
Active Directory Cookbook Blog
MS Exchange Blog
However, I still don't know if this is going to be a bunch of personal stuff, purely an IT professional blog or some hybrid.
Maybe it's purely a distraction from the work grind and something to occupy the last 20 minutes of the work day on a Friday. Heck I haven't even tried to point any friends or colleagues to this link.
Thursday, February 03, 2005
Sunk it!
Well, I was tired of waiting on taking the Microsoft 70-294 exam so I jumped in head first only to sink. I won't say my score, but to me it was well off the mark.
I found the situations in the exam to be much more complex than those that were presented in examples in the Microsoft class, ExamCram2 books or the Selftest study software I used.
I'm going back to the books now, but it may take a while for me to get my confidence back up.
I found the situations in the exam to be much more complex than those that were presented in examples in the Microsoft class, ExamCram2 books or the Selftest study software I used.
I'm going back to the books now, but it may take a while for me to get my confidence back up.
Wednesday, February 02, 2005
Are ya Blackberry'n Yet?!?
After being asked 5 times a day by everyone at work, the Blackberry Enterprise server is up and running. Neat device, especially with products such as sonicadmin out there to handle remote server administration. I can really see though how this could just become a toy or a status symbol for certain users.
Time wil tell.
Time wil tell.
Thursday, January 27, 2005
First Bloggin'
Okay it's been a lousy day for me, but one more closer to Friday. I've been taking a class on Exchange 2003 all week and trying to study for the 70-294 exam at the same time. *whew* I'm ready for a break.
So what do I do? Start a blog .. uh, okay.
So what do I do? Start a blog .. uh, okay.
Subscribe to:
Posts (Atom)
Posts
