Objects showing from another forest\domain ...

Hello Community
    On Windows 2008 Server when I go to Windows Explorer, under "Network"
in the right pane there are 4 columns:
Name               Category              WorkGroup            
Network Location
    It is here that I see my server's names under "Name", Computers under
"Category", NetBios name under "Workgroup" and FQDN\Forest name under
"Network Location" which is fine.
    However in addition to my own objects that I see in the right pane of
Windows Explorer I also see objects from another domain the exists in
a totally separate forest, how can I see or how could those objects reside
or be displayed in my forest\domain (unless someone else put them there)?
    Thank you
    Shabeaut

Hello Susie Long
    There is only one network.
    There are 2 separate forests.
    Each forests has has separate domains.
    Under "Network" not all of the objects from the other domain 
in the other forest are being displayed, only some of the objects 
from the other domain in the other forest are being displayed under "Network"
in this forest.
    That is what is puzzling, are you saying that all of the objects from
the other domain in the other forest should be visible in this forest and if
so why aren't all of the objects visible (I was under the impression that
only the objects in this domain in this forest should be visible under "Network"
in this forest)?
    Thank you
    Shabeaut

Similar Messages

  • How to use an Object Type from Another Database

    Hi,
    I have this requirement that I need to call a stored procedure from another DB (db1) but I am having a problem with this because one of the input parameters uses an object type defined in that DB (db1). Is it possible to use an object type from another database? TIA!

    Sven W. wrote:
    At least for queries, but I think also for procedure arguments..You (both) probably missed my post?
    We can't use a remote type as procedure argument, even with the same OID.
    It's OK for query on a remote object column though :
    SQL> conn remote_user@remote_db
    Entrez le mot de passe :
    Connecté.
    SQL> create type mytype oid '19A57209ECB73F91E03400400B40BBE3'
      2  as object (att1 number);
      3  /
    Type créé.
    SQL> create table mytable (col1 mytype);
    Table créée.
    SQL> insert into mytable values (mytype(777));
    1 ligne créée.
    SQL> create or replace function myfunc (p_in in mytype) return number
      2  is
      3  begin
      4   return p_in.att1;
      5  end;
      6  /
    Fonction créée.
    SQL> disconn
    Déconnecté de Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
    With the Partitioning, OLAP, Data Mining and Real Application Testing options
    SQL>
    SQL>
    SQL>
    SQL>
    SQL>
    SQL> conn my_user@local_db
    Entrez le mot de passe :
    Connecté.
    SQL> create type mytype oid '19A57209ECB73F91E03400400B40BBE3'
      2  as object (att1 number);
      3  /
    Type créé.
    SQL> select * from mytable@test_dbl;
    COL1(ATT1)
    MYTYPE(777)
    SQL> declare
      2   res number;
      3  begin
      4   res := myfunc@test_dbl(mytype@test_dbl(777));
      5  end;
      6  /
    res := myfunc@test_dbl(mytype@test_dbl(777));
    ERREUR à la ligne 4 :
    ORA-06550: Ligne 4, colonne 26 :
    PLS-00331: référence non valide à REMOTE_USER.MYTYPE@TEST_DBL.WORLD
    ORA-06550: Ligne 4, colonne 2 :
    PL/SQL: Statement ignored
    SQL> declare
      2   res number;
      3  begin
      4   res := myfunc@test_dbl(mytype(777));
      5  end;
      6  /
    res := myfunc@test_dbl(mytype(777));
    ERREUR à la ligne 4 :
    ORA-06550: Ligne 4, colonne 9 :
    PLS-00306: numéro ou types d'arguments erronés dans appel à 'MYFUNC'
    ORA-06550: Ligne 4, colonne 2 :
    PL/SQL: Statement ignored

  • [SCCM 2012 R2] - IBCM - Authenticate computers on TMG from another forest

    Hi All,
    There is no article on TechNet that describe client certificate requirements for computers in another forest.
    Scenario:
    We have Domain A [aaa.bbb.ccc] and Domain B [111.222.333] and those domains are in different forest. There is "Forest" trust between forests.
    TMG and IBCM site server are in Domain A and computers authenticate successfully from Internet to TMG using SSL client authentication. Problem are computers from Domain B that cannot authenticate to TMG.
    We used old documentation
    https://technet.microsoft.com/en-us/library/cc707697.aspx#AppendixA for SCCM 2007 and ISA without success. I created certificate for computers in Domain B with custom
    SAN:upn=<hostname>$@<domain.tld> and TMG still cannot authenticate computers from Domain B.
    Please help.
    Thank you in advance.
    Regards,

    There's no difference -- ConfigMgr does *not* care about forests, domain, or trusts for client authentication and neither does certificate based authentication.
    The certs in use, both the client auth and server auth certs, must of course be trusted by the site systems and the clients and in this case the TMG server -- that's simply how certs work though and has nothing to do with ConfigMgr. Additionally, the CRLs
    for the certs in use must be accessible to the clients and servers via an accessible CRL DP but that is also simply how certs work.
    For what you've described above, does TMG trust the certs issued to the clients? In other words, does it trust the CA that issued those certs and can it access a CRL for that CA?
    Jason | http://blog.configmgrftw.com | @jasonsandys

  • Issuing certificates for user and clients from different forest/domain

    Hello,
    at first I would like to say that I have made some researches on this forum and in the Internet overall.
    I have AD Forest with ~10 sites all over the Europe, DFL and FFL is 2008 R2, right now we are migrating site by site from old domain (samba) to AD.
    Last time I have deployed PKI based on offline root CA and 2 Enterprise acting as 2-node Failover Cluster.
    Everything in my AD Forest is OK, I mean, autoenrollment works perfect for users and computers from my forest, 
    now I need to deploy a certificate (for test) to one web-based pbx server in samba domain, there are no trusts etc. Samba domain as well as AD Forest are working on the same network, with routeable subnets in each site, so there is no problem with connectivity,
    What are possible way to achieve this goal? I mean to issue cert to client from different forest, so that this client is able to validate it, validate certificate chain and renew it when needed?
    I have Installed and Configured CE Web Service and CE Policy Web Service. Now I have configured Enrollment Policies on my virtual machine (being part of different domain), I selected username/password authentication, I am able to request certificate, I can
    see all templates which I should see, but when I try to enroll I got an error:
    (translated from my language)A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider
    My root CA cert is added to trusted publishers for computer and user node as well.
    What could be wrong? If you have any ideas or questions, please share or ask. 
    Thank you in advance.

    Everything is clear, I have Certificate Enrollment Web Services installed and configured,
    problem is what i get from certutil - TCAInfo
    ================================================================
    CA Name: COMPANY-HATADCS002-ISSUING-CA
    Machine Name: COMPANYClustGenSvc
    DS Location: CN=COMPANY-HATADCS002-ISSUING-CA,CN=Enrollment Services,CN=Public Key Services,CN=Services,CN=Configuration,DC=COMPANY,DC=COM
    Cert DN: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
    CA Registry Validity Period: 2 Years -- 2016-03-04 12:20
     NotAfter: 2019-02-14 12:44
    Connecting to COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA ...
    Server "COMPANY-HATADCS002-ISSUING-CA" ICertRequest2 interface is alive (1078ms)
      Enterprise Subordinate CA
    dwFlags = CA_VERIFY_FLAGS_NT_AUTH (0x10)
    dwFlags = CA_VERIFY_FLAGS_CONSOLE_TRACE (0x20000000)
    dwFlags = CA_VERIFY_FLAGS_DUMP_CHAIN (0x40000000)
    ChainFlags = CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT (0x40000000)
    HCCE_LOCAL_MACHINE
    CERT_CHAIN_POLICY_NT_AUTH
    -------- CERT_CHAIN_CONTEXT --------
    ChainContext.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    ChainContext.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
    SimpleChain.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
    SimpleChain.dwRevocationFreshnessTime: 18 Days, 4 Minutes, 1 Seconds
    CertContext[0][0]: dwInfoStatus=102 dwErrorStatus=0
      Issuer: CN=HATADCS001-COMPANY-ROOT-CA
      NotBefore: 2014-02-14 12:34
      NotAfter: 2019-02-14 12:44
      Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
      Serial: 618f3506000000000002
      Template: SubCA
      9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
      Element.dwInfoStatus = CERT_TRUST_HAS_KEY_MATCH_ISSUER (0x2)
      Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
        CRL 02:
        Issuer: CN=HATADCS001-COMPANY-ROOT-CA
        ThisUpdate: 2014-02-14 12:16
        NextUpdate: 2024-02-15 00:36
        d7bafb666702565cae940a389eaffef9c919f07a
      Issuance[0] = 1.2.3.4.1455.67.89.5 
    CertContext[0][1]: dwInfoStatus=10c dwErrorStatus=0
      Issuer: CN=HATADCS001-COMPANY-ROOT-CA
      NotBefore: 2014-02-14 11:55
      NotAfter: 2024-02-14 12:05
      Subject: CN=HATADCS001-COMPANY-ROOT-CA
      Serial: 18517ac8a4695aa74ec0c61b475426a8
      b19b85e0e145da17fc673dfe251b0e2a3aeb05e9
      Element.dwInfoStatus = CERT_TRUST_HAS_NAME_MATCH_ISSUER (0x4)
      Element.dwInfoStatus = CERT_TRUST_IS_SELF_SIGNED (0x8)
      Element.dwInfoStatus = CERT_TRUST_HAS_PREFERRED_ISSUER (0x100)
      Issuance[0] = 1.2.3.4.1455.67.89.5 
    Exclude leaf cert:
      5b309c67a8b47c50966088a4d701c8526072c9ac
    Full chain:
      413b91896ba541d252fc9801437dcfbb21d37d91
      Issuer: CN=HATADCS001-COMPANY-ROOT-CA
      NotBefore: 2014-02-14 12:34
      NotAfter: 2019-02-14 12:44
      Subject: CN=COMPANY-HATADCS002-ISSUING-CA, DC=COMPANY, DC=COM
      Serial: 618f3506000000000002
      Template: SubCA
      9e1bea4ffa648e5fe3e9f8c4be3c604c49af04e9
    A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
    Supported Certificate Templates:
    Cert Type[0]: COMPANYOnlineResponder (COMPANY Online Responder) -- No Access!
    Cert Type[1]: COMPANYWebServer(SSL) (COMPANY WebServer (SSL))
    Cert Type[2]: COMPANYUser(Autoenrollment) (COMPANY User (Autoenrollment))
    Cert Type[3]: COMPANYKeyRecoveryAgents (COMPANY Key Recovery Agents)
    Cert Type[4]: COMPANYEnrollmentAgent(Computer) (COMPANY Enrollment Agent (Computer))
    Cert Type[5]: COMPANYEnrollmentAgent (COMPANY Enrollment Agent)
    Cert Type[6]: COMPANYComputer(Autoenrollment) (COMPANY Computer (Autoenrollment)) -- No Access!
    Validated Cert Types: 7
    ================================================================
    COMPANYClustGenSvc\COMPANY-HATADCS002-ISSUING-CA:
      Enterprise Subordinate CA
      A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)
      Online
    CertUtil: -TCAInfo command completed successfully.
    please put some light on it because it's driving me crazy :/
    Thanks in advance
    one remark: certutil -tcainfo performed on CA directly is 100% OK, no errors regarding 
    "A certification chain processed correctly, but one of the CA certificates is not trusted by the policy provider. 0x800b0112 (-2146762478 CERT_E_UNTRUSTEDCA)"

  • How do you know the object is from another database through db link

    I have a table named a2z_people. I searched dba_objects, I found this is a public synonym.
    How can I know the real table name in the another database. Where is this table come from? In another words, what's the source database?
    Thanks!

    In DBA_SYNONYMS, there is a DB_LINK column that names the database link being used (assuming the real object is on a remote database). Is that what you're looking for?
    Justin

  • Adding external data from another forest?

    Hello Community
        The following 2 scenarios are how data is entered and stored in a non-Sharepoint environment: 
        Scenario a) C# ASP.Net or C# Windows applications are used to enter data that gets stored
    into SQL Server databases on a network.
        Scenario b) Users create Word applications, Excel Spreadsheets, PDF's, etc and the data is
    stored in folders on servers on a network.
        In the future a Sharepoint 2013 Server farm is created in a domain in a separate forest.
        The question(s) is:
            #1) How do you add those servers that contain the data in the pre-existing
                 SQL Server databased to the Sharepoint 2013 farm?
            #2) How do you add those servers that contain the data in the pre-existing
                 Word documents, Excel spreadsheets, PDF's, etc into the Sharepoint 2013 farm?
            #3) If it exists, what 3rd party software stated in either #1 and/or #2 above can
                 add those servers or import that data on those servers into the Sharepoint 2013 farm?
        Note: If BCS can be used does each client need to have Microsoft Office 2013 installed
              on each client computer?
        Thank you
        Shabeaut

    SharePoint won't be able to manage documents in those custom/3rd party databases. If this is a 3rd party database, there may be a solution to migrate the information into SharePoint. If it is custom/in-house, then you'll need to build migration utilities
    yourself.
    Ideally, those documents should reside within Document Libraries in SharePoint to have full management over those documents.
    As for BCS, it is meant more for display List-style data, not documents. But clients do not have to have any components installed to leverage BCS, as BCS is a service on SharePoint.
    Trevor Seward
    Follow or contact me at...
    &nbsp&nbsp
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

  • Transfer Video/TV shows from another computer

    I was on a trip in LA and downloaded TVshows to my husband's computer who does not have an IPOD and I could not transfer the videos to my IPOD? What do I do?
    Windows   Windows XP  

    Hi and welcome...
    Connect your iPad to your Mac. In the iTunes window under the Summary tab, select, "Manually manage music and videos" just below Options.
    Select the TV shows.
    Then drag the the shows directly to your iPad under Devices on the left side of the iTunes window.
    *Before you disconnect your iPad*, right or control click to Eject the device.
    Carolyn

  • How to edit an objects propertys from another VI

    Hi,
    I am running my main vi. I have a preferences.vi window that opens.
    The preferenecs.vi opens using an invoke node.
    the preferences.vi needs to be able to fill up the menu items for a Ring control that lives in the main.vi
    Normally I would you a property node, but as this object is in a different vi how do I communicate with it.
    I realise that a global variable only seems to be able to pass values between object, and not change the behavoiur of objects.
    Can any one help please!
    Many thanks, Alec
    Solved!
    Go to Solution.

    It should look like this.
    Tim
    Johnson Controls
    Holland Michigan
    Attachments:
    Mian VI.vi ‏6 KB
    Sub VI.vi ‏6 KB

  • Read group membership for a user object and populate every group with matching user from another domain

    I have LON\JSmith in LON domain and DEL\JimSmith in DEL domain
    I would like to extract group memberships of LON\JSmith in LON domain and append matching by email (i.e. DEL\JimSmith) user object in every group in LON domain.
    for instance
    LON\JSmith and DEL\JimSmith is the same person and has same email address [email protected]
    LON\JSmith belongs to 3 groups - LON\localadmingroup;LON\univdesktop;LON\globalsurvey
    The outcome of the script should be
    LON\JSmith; DEL\JimSmith    should be in 3 groups - LON\localadmingroup;LON\univdesktop;LON\globalsurvey.
    How can i do it?
    Navgup

    Hi Navgup,
    Please refer to the script below, to query users in other domain by specifying the parameter "-Server" in the cmdlet "get-aduser", and also note I haven't tested the script below:
    import-module activedirectory
    get-adgroupmember "group"|foreach{
    $email=(get-aduser $_.samaccountname -properties *).EmailAddress#get the user email
    Get-ADUser -filter {EmailAddress -eq $email} -properties * -server DomainB.company.com|select samaccountname, memberof}#filter user name and group with the email in other domain
    To get users across domain, please also refer this blog:
    Adding/removing members from another forest or domain to groups in Active Directory:
    http://blogs.msdn.com/b/adpowershell/archive/2010/01/20/adding-removing-members-from-another-forest-or-domain-to-groups-in-active-directory.aspx?Redirected=true
    I hope this helps.

  • Active Directory Cross Forest Domain Migration

    Dear All,
    We are in the process to rebuild new Active Directory infrastructure. Multiple single forest domains in organization which needs to be consolidated/migrated on single Active Directory Domain. For this consolidation, have some queries to be addressed before
    going to start consolidation.
    What is the best practices and what tool should we use for domain migration/consolidation
    Active directory is on Windows 2003, forest and domain level is on Windows 2003, this will support to Windows 2012 R2 forest and domain functional level, will be migrated
    directly from windows 2003 to windows 2012?
    When move users to new domain, how will they access the other resources on the network. For e.g. Printer, File server, local web base application
    After moving some computers to new domain would be possible to access remaining computers on old domain?
    How the file server data will be moved? Best practices with NTFS folder permissions and users rights?
    Is there any policy to register network printers on new Active Directory domain?
    How users would be access web base application on new domain as their FQDN would be define with old domain name? Any option to change old domain FQDN with new domain that would be describe with any URL link?
    Kindly give your valuable input to meet the desire result.
    Thanks in Advance.

    Dear Lucky,
     Ya you can Migrate contents from multiple forest domain. Using ADMT (Active Directory Migration Tool)is the best way to migrate AD content. But you can't migrate from Windows Server 2003 to Windows Server 2012 R2, cause in Windwos Server 2012 R2 don't
    have the supportebility of Windows Sever 2003.And not only users you can also migrate all others info (i.e. Computer object info, groups info, Exchange mailbox info, security info).You can migrate users face by face, means which peoples are in old domain they
    can access old domain and new users are in new domain.For more info please follow the given link:
    http://technet.microsoft.com/en-us/library/cc974332(v=WS.10).aspx
    Mithun Dey Web: http://cloudmithun.wordpress.com If this may give your necessary resolution please mark it as Answre.

  • How to use CSACS 3.3 to authenticate users from multiple windows domain?

    Can Cisco Secure ACS 3.3 be used to authenticate users from another Windows domain that is not a child nor a trusted domain???
    hello, here is my scenario:
    ACS 3.3 was installed on a member server on domain1. I need to authenticate and ultimately populate the users into ACS from another domain. The service already works perfect on just domain1, but now I need to authenticate users from another domain.
    And adding those domains as trusted domains in domain1 is not an option.
    Is Generic LDAP my only other option? Any config guides that you guys know with regard to doing this?
    Any input is much appreciated.

    Hi Betcy,
    I am not familiar with sharepoint solutions, but as you mentioned about windows credentials I believe it refers to kerberos tokens. On this case you can take advantage of SPNego authentication.
    You can find more details on following SAP note:
    #[1488409|https://service.sap.com/sap/support/notes/1488409] - New SPNego Implementation
    I hope it helps.
    Kind regards,
    Lisandro Magnus

  • Can you purchase something from another countries itune store and use it on the US itunes?, if you have a US store account, can you purchase something from another countries itune store and use it on the US itunes?

    Would like purchase movies and some tv shows from another countries itunes store, but not sure if they will work on my US itunes account.
    Keith

    You cannot purchase from any other country's iTunes Store. The content owners will not allow cross-border sales.
    Regards.

  • Move domain to another forest (forest trust)

    Hello
    I have a forest with many domains , and other forest with a domain. They include a trust set up and working . I would like to have only one forest, but it would need to move that single domain in additional forest, and would like to know if it is possible then
    moving a domain from one forest to another forest in forest trust ?
    Thanks also suggestions stop solve my problem

    You're asking to move the domain itself? No, you can't move the domain. You can create a new domain in the forest you want to consolidate to, and then migrate users and groups to that forest. You'll have to migrate workstations and users and repoint
    applications as well, if needed. And then, you're not really moving them, you are creating new ones and copying properties of those objects. You mentioned a forest trust but all the forest trust allows you to do is to assign/use permissions from one forest
    in another. People speak of moving objects but like I said, for users and groups you're simply creating new ones with the same names, and copying properties over. Computers/servers are joined to the new domain, but it's a new computer account, not one that
    gets moved over.
    You'll need a migration tool to do this smoothly. As Malek mentioned ADMT, yes this is one tool that can do this. It's not necessarily the best or easiest tool, but it's free from Microsoft. There are also other third party tools such as Dell/Quest
    Migration Manager for AD and BinaryTree also has similar tool (there are others out there too). Those two latter tools have the ability to add permissions (ACL entries) to new domain objects, based on the old ACLs from the source domain. This can be a huge
    help for servers and workstations (allows the users to continue to use their same profile after their computer is migrated, and they are using their new user account. Otherwise Windows would just create a new profile when the user logged in with his/her new
    domain account.
    Depending on the size of the domain you want to move (how many objects), this could be a pretty big project. There's a lot going on in a migration, and based on your question, I'd recommend finding help with it if you can. There are a number of companies
    and consultants who specialize in AD migrations, even some consultation for planning could help tremendously.

  • Can the SidHistory attribute be moved from one User account to a different User account in the same Forest/Domain?

    Hello,
    Can the SidHistory attribute be moved from one User account to a different User account in the same Forest/Domain manually with  Active Directory Users and Computers or with something like Powershell?  it would seem to me this is a safe operation.
    Thanks for your help! SdeDot

    Hi,
    In addition, please also take a look at the below thread:
    copy SIDHistory from one account to another in the same domain
    http://social.technet.microsoft.com/Forums/en-US/2ca8727c-b3fd-4ef8-9747-99295f0cd61c/copy-sidhistory-from-one-account-to-another-in-the-same-domain?forum=winserverDS
    Hope this helps
    Best regards
    Michael
    If you have any feedback on our support, please click
    here.
    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

  • Set Default Value based on Field from another table for a custom object

    I'm trying to set the default value on a custom object field to the value of an account field. I have tried the syntax 50 different ways, and just am getting no where. The account field label displays as DBA, the integration tag is ltDBA_ACCT, and it shows up in reporting fx area as Account.Text_22.
    The custom object field I'm triying to update is also called DBA, which was originally the "NAME" required field. Does the table name, Account, have to be included? Do I need a function in front of the field?
    I have been updating the external ID using the row ID with syntex <ID> (Less than ID greater than) so I know it is possible to set the Default Value, but <DBA>, <ltDBA_ACCT>, "Account"."DBA", and so on just don't not work.
    If anyone knows how to enter this I'd really appreciate the help.

    Ok, so if you want to default a field to the value from another object, you have to use the JoinFieldValue function. I think you understand that, based on your original post, but I want to be sure that you do.
    Next, this will only work as a default if the record is created from the object that you wish to join on because a default works at record creation and the ID needs to be available for it to work properly. It will not work if you choose the related object record after the custom object record is created. You could set the value as a post-default, but that does not seem to meet your requirements.
    The syntax for the Default Value would be as follows: JoinFieldValue(ref_record_type, foreign_key, field_name).
    In your case, ref_record_type is '<Account>', foreign_key is &#91;<AccountId>&#93;, and field_name is '<YourFieldName>'. The best way to determine what the field name is would be to create a new workflow for Account and use the Workflow Rule Condition expression builder to pick your field ("DBA") from the list. The value that is returned by the expression builder should be placed in the field_name variable in the JoinFieldValue function (minus the brackets and in single quotes).
    Give this a shot and let me know how you do.
    Thom

Maybe you are looking for