Have you looked at competing cloud solutions (e.g. Microsoft OMS, Splunk, etc.)?
Thanks,
Brian
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of David McSpadden
Sent: Friday, January 26, 2018 1:54 PM
To: Benjamin Durham
Subject: [NTSysADM] SIEM devices
I
Pretty much.
I believe Essentials has the same license grant as standard (one guest server
VM) but I wouldn't quote myself on that. You'd have to license additional VMs
beyond that.
Thanks,
Brian
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
-Original Message
om’ –Scope
ForestOrConfigurationSet –Target ‘contoso.com’
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Michael Leone
Sent: Thursday, October 12, 2017 2:08 PM
To
This works too
gwmi Win32_UserProfile | where { $_.Sid -eq
[System.Security.Principal.WindowsIdentity]::GetCurrent().User.Value }
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Michael B
I'd more wonder if the app doesn't have a database that it sticks some bits
about the user in the first time they sign-in and never updates it again.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
-Original Message-
From: listsad...@lists.myitforum.com [mail
Seems unlikely. Are you sure the app isn't caching something locally?
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Kurt Buff
Sent: Friday, September 15, 2017
consulting firm that is
vendor agnostic (and thus doesn’t resell anything) to look at your requirements
and make a set of recommendations.
Thanks,
Brian
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
;mailto:listsad...@lists.myitforum.com>
mailto:listsad...@lists.myitforum.com>> on
behalf of Brian Desmond mailto:br...@briandesmond.com>>
Sent: Saturday, August 12, 2017 5:51 PM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE:
Wouldn't your backup tool be responsible for doing this? This seems very likely
to fail in some way, shape, or form at some point.
Thanks,
Brian
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
B
This approach doesn’t really scale beyond a handful of servers…
Windows is well setup to have updates installed but pending a reboot – the
servicing system is built to support that.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad
You can configure clusters and maintenance windows in SCCM so it will only
reboot a certain percentage of a given population of machines at one point also.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
if ($Graphics -ne $null)
{
$Graphics.Dispose()
}
if ($NewImage -ne $null)
{
$NewImage.Dispose()
}
}
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Sean
Precedence is controlled by the order of the links which you can see in GPMC.
The settings are cumulative but where there’s a conflict the most precedent GPO
will apply.
Given you have three time windows, I think you’ll need three groups and three
GPOs.
Thanks,
Brian Desmond
w – 312.625.1438
handle counts grow
undesirably for the process.
Thanks,
Brian
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Sean Martin
Sent: Friday, June 16, 2017 6:03 PM
To: ntsysadm@lists.myitforum.com
+1
In general, the only time you should be signing in to your domain controllers
is to do things like patch them. Likewise, your domain admin accounts should
essentially only be necessary for managing the DCs and things related to them.
Thanks,
Brian Desmond
w – 312.625.1438 | c
Someone took the easy route and rather than figuring out what access the
account actually needed, they added it to EAs to solve the problem at hand. You
should figure out how to get the ID out of that group.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad
It’s used by the AD PowerShell cmdlets to connect the ADWS. If you wanted to do
PowerShell from Forest A to Forest B, you’ll need that open.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of
MemberOf is a constructed attribute which the cmdlets may not be requesting
correctly or at all. ADUC makes specific calls to AD to get that data.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf
trictions so it covers all cases.
Thanks a lot!
jlc
From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>
mailto:listsad...@lists.myitforum.com>> on
behalf of Brian Desmond mailto:br...@briandesmond.com>>
Sent: Monday, Ap
See my notes below. There is a lot of good content on SID History here -
https://msdn.microsoft.com/en-us/library/ms677982(v=vs.85).aspx
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Joseph L
give them implicit
access via SIDHistory. Everyone else just gets the access via normal group
membership in the DomainA group.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Joseph L. Casale
You can use content controls to do this. You have to turn the Developer tab on
in Word to create them.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of James Rankin
Sent: Monday, March 27, 2017
Yes, you will.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of David McSpadden
Sent: Friday, March 24, 2017 9:33 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: TMG forefront server
This isn't possible. You can selectively replicate certain attributes, but you
can't selectively replicate objects.
What is the replication issue you're having? What does the network connectivity
look like - latency, utilization, bandwidth, etc.?
Thanks,
Brian Desmond
w - 3
Can you not supply the creds to your service or make your service dependent on
another one so that it starts later?
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of James Rankin
Sent: Friday
The Web Application Proxy role in Windows 2012 R2 (although preferably 2016 for
EAS) will do this. If you're looking for an appliance, the Kemp devices are a
good mix of capability and cost.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforu
Every user needs to have an Azure AD account to use any Office 365 service.
Whether that account is mastered in Azure AD (e.g. you create it directly
there), or it's synchronized from your on-premises AD is up to you.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: li
Jon-
You can do this with MIM with a third party connector.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Jon Harris
Sent: Wednesday, February 15, 2017 12:57 PM
To: 'nts
AD will match the most specific subnet so in this case the 10.0.0.0/16 subnet
will match anyone who is 10.0.X.X. IP.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of
Since there’s only two sites, site link bridging won’t help you here. With Site
Link bridging, if you have say A—B--C, by default it’s implied that A can talk
to C. With Bridge All Site Links disabled, A can only talk to B unless you add
the two site links to a bridge.
Thanks,
Brian Desmond
Unless your AD is in List Object Mode (unlikely and not really recommended
usually), the ACL on every single object isn't evaluated before returning
search results.
Deny's also work a little differently in AD than on the file system so this
probably isn't something you want.
need one.
Intune is the platform I deploy for this.
As difficult as Apple is to deal with, the Androids are often an even larger
headache because "Android" doesn't actually mean you'll get any specific
baseline of capabilities unless you go down the Samsung Knox route,
I use www.pipedrive.com<http://www.pipedrive.com> and have been really happy
with it, especially as "simple" goes.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Stefan Jaf
,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Eric Wittersheim
Sent: Thursday, December 8, 2016 11:27 AM
To: ntsysadm@lists.myitforum.com
Subject: Re: [NTSysADM] External trust issue
Melvin,
I'
It currently requires Azure AD at a minimum. On-premises AD is an optional
component.
The best resource for this is the feature PM's blog - he has a handful of posts
that lay out how all the plumbing works in significant detail -
https://jairocadena.com/
Thanks,
Brian
Thanks,
Brian De
For #3, that seems like a discussion around acceptable use and risk for your
attorneys rather than IT. The others I would generally agree with your manager.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Is there a behavior difference whether it's in the local user or local machine
Trusted Publishers store? I haven't done much with this but that comes to mind
as something to check.
Also don't forget to timestamp the signature when you do the signing.
Thanks,
Brian Desmond
w - 3
GPOs I look at whether or not the GPO is referenced in the gpLink attribute of
any OUs. If it is, I also look to see if all of its links are disabled.
Empty GPOs also are candidates to go.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com
Inline
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Christopher Bodnar
Sent: Tuesday, November 15, 2016 10:01 AM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] Kerberos over UDP on
I just looked and I can confirm that the client side default is 0 bytes on a
Win7+ client for the max packet size to fallback to TCP. The server side
default is still 1465 bytes as shown in the screenshot below.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad
.
Thanks,
Brian
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Dave Lum
Sent: Wednesday, November 2, 2016 5:45 PM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] PowerShell He
that point, you
can shutdown the old AAD Connect, and rerun the wizard and take your new one
out of Staging Mode.
You should have practically zero downtime with this approach.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad
If you do a repadmin /showobjmeta on the object, it will give you timestamps
per attribute which would be a good starting point.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Heaton, Joseph
Is the issue that OOF messages aren't sent or that you can't configure it in
Outlook? The latter is indicative of your Exchange Web Services URL being
configured incorrectly.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
-Original Message-
Fro
Mine does this when a whole bunch of mail piles in at once. Otherwise I get
individual toasts.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Kevin Lundy
Sent: Wednesday, August 17, 2016 4:04
F5 and Ping are the two of that list I see frequently, F5 the most. Microsoft
w/ AAD-P also has some interesting capabilities in this space as well.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf
hanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of David McSpadden
Sent: Monday, July 18, 2016 10:43 AM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] Powershell question
I would like to fin
So that you don’t need to support KMS servers? It also requires that all
clients be authenticated, which KMS did not.
If all your clients and apps (Office) are uplevel and support AD activation, I
don’t see any reason to maintain a KMS server…
Thanks,
Brian Desmond
w – 312.625.1438 | c
One of my customers uses a product from a company called Symprex that does
exactly this. It’s very inexpensive and you wouldn’t have to invent anything.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
My thoughts exactly. 1000>5000 isn't much on its own, but, as soon as you raise
this once, you set the precedent for the next thing to come along and insist on
this.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto
You might look at how you could centralize where these certs are installed
(e.g. a load balancer/reverse proxy) so you only have one place to check as
opposed to having things scattered around.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com
m: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Brian Desmond
Sent: Tuesday, May 24, 2016 1:35 PM
To: ntsysadm@lists.myitforum.com
Subject: RE: [NTSysADM] SSL Certificate
A wildcard cert asserts a certain level of assurance that the party on the
other
cert installed thing
than anything else. Ideally it lives in one place - e.g. a load
balancer/reverse proxy - rather than being distributed across a ton of servers.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
-Original Message-
From: listsad...@lists.myitforu
Just keep good track of the wildcard. The downside of losing a single name cert
is somebody can go be foo.contoso.com, when you misplace a wildcard (until it
gets revoked), someone can go be *.contoso.com.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
-Original Message
+1 for the folks at DigiCert
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Ferguson, Chris
Sent: Tuesday, May 24, 2016 9:27 AM
To: ntsysadm@lists.myitforum.com
I agree with Bob. Take the time to patch them to SP2+ before you do this.
Thanks,
Brian Desmond
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Free Jr., Bob
Sent: Friday, May 20, 2016 12:08 PM
To: ntsysadm
would decrement its’ local count.
Thanks,
Brian Desmond
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Christopher Bodnar
Sent: Monday, May 16, 2016 2:05 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM
Chris-
Best way to troubleshoot this (at least to start) is to use Fiddler to get the
actual SAML Request from a browser and then compare it to the settings on the
RP Trust. You want to look at the identifiers tab more than likely.
Thanks,
Brian Desmond
(w) 312.625.1438 | (c) 312.731.3132
So the parent company is willing to give you physical access to a domain
controller (via this copy), but they won’t stand up a trust? That doesn’t seem
logical to me when you look at the two risks. What are they concerned about
with the trust?
Thanks,
Brian Desmond
br...@briandesmond.com
Since these are GPPrefs, have you enabled logging for the drive mapping part of
the CSE? You can have it log verbose data which might point you in the right
direction.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: l
How are you mapping the drives in the GPO?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of David McSpadden
Sent: Tuesday, March 31,
I don't know offhand but it's possible that something failed when they did
adprep /forestprep and it missed that step (I assume that's where it's added).
I would expect you could just add it to the Config NC head and be on your way.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.m
Correct – the claims are part of the user’s Kerb ticket. So even after that
attribute changes, they’ll maintain access for the lifetime of their existing
ticket.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: l
I’d ask the question of why you need a CA for this?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Matthew W. Ross
Sent: Monday, Octo
IIS App Pools
Window Services
Scheduled Tasks
All support them. If you can use them, do it – they solve a gap.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:l
erent audiences and it's
straight to the point. I used to have this 100 page Word Document I always
delivered but I have more or less put that thing in the graveyard.
Thanks,
Brian
Thanks,
Brian Desmond
br...@briandesmond.com
w - 312.625.1438 | c - 312.731.3132
> -Original Messa
I assume under the Cluster key that gets replicated?
Thanks,
Brian Desmond
br...@briandesmond.com
w – 312.625.1438 | c – 312.731.3132
> -Original Message-
> From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
> On Behalf Of Michael Leone
>
I generally won't touch anything - big or small - without an MSA and SOW in
place. The MSA the customer signs once and then each engagement covered by the
MSA has a separate SOW that gets signed.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.6
Have you looked at DFS Consolidation Roots?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Matthew W. Ross
Sent: Friday, July 25, 201
Have you collected a network trace to see what is actually occurring?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Charles F Su
At service start it’s going to logon and get a token.
You can use Process Explorer to look at a process’ security token.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:l
So what are you trying to print out in a sorted fashion? I don't see anything
at the bottom other than some blank space and invalid statuses.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.my
Have you looked at some of the IaaS services? OneLogin I know, for example,
lets users define their own sites (e.g. the bank) and OneLogin will vault the
credential and let them login to a single panel with their corp cred. Azure AD
has that too.
Thanks,
Brian Desmond
br...@briandesmond.com
Aside from Bob's excellent input, the quoted use case in the original message
is what concerns me. What is causing the HR department have a pile of
disjointed passwords rather than a single corporate credential?
Thanks,
Brian Desmond
br...@briandesmond.com
w - 312.625.1438 | c - 312.731
Failure of the guest VM (e.g. an OS problem or something)
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Melvin Backus
Sent: Mond
Right - you need a cluster. It needs a small bit of shared storage for the
spooler service, and a disk based quorum if you're using that, plus you get the
shared name everyone connects to.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.6
Not sure I understand the question. Are you asking what the expected
replication latency is? Perhaps you could describe the topology in a bit more
detail.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: l
ing a full linux box or something is
going to run your power bill up too.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Todd Lemmik
Additional feedback inline
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Michael B. Smith
Sent: Friday, April 11, 2014 7:06
Never had any of these issues with Lync. I use it with a headset as my primary
phone all the time – both at my desk and when I’m traveling with my laptop. I’m
often on VPN as well.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.73
The underlined part is your answer. SA is not a one-off that you can purchase
with anything and get all the SA benefits of another product. You have it over
server licenses but not over your PCs.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.14
people working on this full time then you're looking at 1 - 2
months of time.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of S
This is a services figure or hardware/licensing or?
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Stefan Jafs
Sent: Wednesday, Ma
The wizard runs it for you when you promote the first uplevel DC - the steps
still exist. IIRC the manual process is still available if you want to break it
apart.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: l
It will work just fine.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Christopher Bodnar
Sent: Tuesday, March 18, 2014 9:31
Adding Domain Users is a hammer solution - there's no out for a one off. I'd
create some AD groups for this even if you temporarily nest domain users in the
AD group, you can change who is in scope later without reconfiguring any
images, templates, etc.
Thanks,
Brian
You could do that or make the children point at each other as well - they'll
have forwarders to the parents on them and you might as well replicate the root
domain DNS zone to all DCs also.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.6
Use Process Monitor to get a file system trace when the problem repros and see
what it's looking for - assuming the error isn't completely misleading, which
it could be.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 31
I'd a search on HyperV NLB - there's a bunch of stuff you have to do to make
this work.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.co
You probably want some sort of hosted asset management solution. A cloud based
CMDB with the ability to link tickets to the CIs would work too.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitfor
You have sAMAccountName and userPrincipalName to work with. You can use xxx
for the former, and first.l...@domain.com<mailto:first.l...@domain.com> for the
latter.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
F
ADFS only natively supports AuthN to AD. If you want to do your AuthN with
something else, you have to federate ADFS with an IDP that does that piece for
you. Thinktecture’s (free) IdentityServer is often the tool of choice for that.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto
There’s a button right there on your profile screen in the free version.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Heaton,
Weird. First thing I do when I get a resume or a candidate is look them up on
LinkedIn.
I do like some sort of piece of paper whether it’s a LinkedIn printout or a
resume – I’ve got a whole stack on my desk covered in notes from the hiring
exercise I’m doing right now.
Thanks,
Brian Desmond
If you fill all that stuff in on LinkedIn also, the recruiter tools (I have an
account) let you filter in a really granular manner (as opposed to just keyword
searches). I’ve consistently gotten better candidates off LinkedIn than any of
the legacy job sites.
Thanks,
Brian Desmond
br
and asking
questions – usually doesn’t turn out well for the candidate because spelling a
buzzword != knowing anything about it.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitforum.com [mailto:l
They all look about the same to me. Some people just submit the PDF export from
LinkedIn I’m finding, which works just fine for me.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w – 312.625.1438 | c – 312.731.3132
From: listsad...@lists.myitfor
I would call Dell in this case.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of J- P
Sent: Tuesday, January 7, 2014 2:14 PM
To: nt
only going to give you a
slice of the answer and the data won't be real easy to consume.
Thanks,
Brian Desmond
br...@briandesmond.com<mailto:br...@briandesmond.com>
w - 312.625.1438 | c - 312.731.3132
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
I would find a way to do Option 2 for all your zones.
Thanks,
Brian Desmond
br...@briandesmond.com
w – 312.625.1438 | c – 312.731.3132
-Original Message-
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On
Behalf Of Don Kuhlman
Sent: Monday, October 28
1 - 100 of 154 matches
Mail list logo
