Setting disk quota on Mac server for Active Directory users

I'm having trouble setting disk quotas for Active Directory users with home folders on our Mac server.
I've enabled disk quotas on the disk I'm putting home folders on, and I can set disk quotas for local users on the server just fine. But it doesn't seem to work for Active Directory users. I've tried setting disk quotas via Workgroup Manager and via the command line using edquota. But when I use the repquota command there is no quota entry for the AD user. I've run quotacheck and that didn't help either.
I also understand there's a setquota command but there's no man page on how that works.
Has anyone got disk quota for AD users working.
Better still has someone got a shell or perl script for setting quotas they could post.
Thanks
- Cameron

sorry.. I am soooooo stupid... I have to activate "File Sharing" as well.. for the user everything was already pre-activated, not for the AD users, I just saw the Time Machine checkbox grayed out ...

Similar Messages

  • Activating TimeMachine Server for Active Directory Users

    Currently we'd like to switch to Active Directory and I tried it out with our Test environment, setuped an Active Directory Server and joined a OSX Mavericks Server. So far so good I can manage all my AD users, but when I click on "Edit Access to Services" I can activate anything for my AD user BUT not Time Machine!
    Does anyone knows why and if there is any workaround to make it work? For other Network (Open Directory) and Local Users I can activate it.

    sorry.. I am soooooo stupid... I have to activate "File Sharing" as well.. for the user everything was already pre-activated, not for the AD users, I just saw the Time Machine checkbox grayed out ...

  • SMB access for Active Directory users

    Hi there,
    My server is an OD Master bound to AD for authentication and my institution's Kerberos realm.
    When I try to share files from the server via SMB and connect as an Active Directory user I get the following error in the logs:
    [2009/06/11 12:02:27, 1, pid=5308] /SourceCache/samba/samba-187.8/samba/source/libads/kerberosverify.c:ads_verifyticket(428)
    adsverifyticket: smbkrb5_parse_name(myserver$) failed (Configuration file does not specify default realm)
    [2009/06/11 12:02:27, 1, pid=5308] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:replyspnegokerberos(340)
    Failed to verify incoming ticket with error NTSTATUS_LOGONFAILURE!
    I've read something vague about having to Kerberize the SMB service seperately so I'm not sure if that's the problem.
    My smb.conf file is as follows:
    ; Configuration file for the Samba software suite.
    ; ============================================================================
    ; For the format of this file and comprehensive descriptions of all the
    ; configuration option, please refer to the man page for smb.conf(5).
    ; The following configuration should suit most systems for basic usage and
    ; initial testing. It gives all clients access to their home directories and
    ; allows access to all printers specified in /etc/printcap.
    ; BEGIN required configuration
    ; Parameters inside the required configuration block should not be altered.
    ; They may be changed at any time by upgrades or other automated processes.
    ; Site-specific customizations will only be preserved if they are done
    ; outside this block. If you choose to make customizations, it is your
    ; own responsibility to verify that they work correctly with the supported
    ; configuration tools.
    [global]
    debug pid = yes
    log level = 1
    server string = Mac OS X
    printcap name = cups
    printing = cups
    encrypt passwords = yes
    use spnego = yes
    passdb backend = odsam
    idmap domains = default
    idmap config default: default = yes
    idmap config default: backend = odsam
    idmap alloc backend = odsam
    idmap negative cache time = 5
    map to guest = Bad User
    guest account = nobody
    unix charset = UTF-8-MAC
    display charset = UTF-8-MAC
    dos charset = 437
    vfs objects = darwinacl,darwin_streams
    ; Don't become a master browser unless absolutely necessary.
    os level = 2
    domain master = no
    ; For performance reasons, set the transmit buffer size
    ; to the maximum and enable sendfile support.
    max xmit = 131072
    use sendfile = yes
    ; The darwin_streams module gives us named streams support.
    stream support = yes
    ea support = yes
    ; Enable locking coherency with AFP.
    darwin_streams:brlm = yes
    ; Core files are invariably disabled system-wide, but attempting to
    ; dump core will trigger a crash report, so we still want to try.
    enable core files = yes
    ; Configure usershares for use by the synchronize-shares tool.
    usershare max shares = 1000
    usershare path = /var/samba/shares
    usershare owner only = no
    usershare allow guests = yes
    usershare allow full config = yes
    ; Filter inaccessible shares from the browse list.
    com.apple:filter shares by access = yes
    ; Check in with PAM to enforce SACL access policy.
    obey pam restrictions = yes
    ; Don't be trying to enforce ACLs in userspace.
    acl check permissions = no
    ; Make sure that we resolve unqualified names as NetBIOS before DNS.
    name resolve order = lmhosts wins bcast host
    ; Pull in system-wide preference settings. These are managed by
    ; synchronize-preferences tool.
    include = /var/db/smb.conf
    [printers]
    comment = All Printers
    path = /tmp
    printable = yes
    guest ok = no
    create mode = 0700
    writeable = no
    browseable = no
    ; Site-specific parameters can be added below this comment.
    ; END required configuration.
    Any help would be much appreciated!!
    Thanks.

    I am now having the same problem - a Windows server trying to access a file share on the Mac Server is presented with the same error message in the log files:
    [2009/06/29 21:34:56, 2, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:setupnew_vcsession(1260)
    setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
    [2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/libads/kerberosverify.c:ads_verifyticket(428)
    adsverifyticket: smbkrb5_parsename(vifile$) failed (Configuration file does not specify default realm)
    [2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:replyspnegokerberos(340)
    Failed to verify incoming ticket with error NTSTATUS_LOGONFAILURE!
    Workgroup manager can read from Active Directory - seems to be jiving correctly - my server (SMB) is in Domain Member mode...
    When I try to access system from \\UNC command, I am presented with username/password prompt and nothing works.
    Not feeling the Mac OS X love tonight.
    Bill
    System is bound to active directory - green light in Directory Utility

  • Outlook 2003 mail delivery failed for Active Directory user

    Server 2003/Exchange2003
    We are using an outside company (Integra) to handle our email and only use Exchange for shared archived email.
    When configuring active directory users the wizard automatically sets up email entries in the format: [email protected]
    When responding to a meeting invite from outlook to a local AD user, all users receive undeliverable messages for the accounts in the format [email protected] as below...
    The example below was a bounce back when I accepted the invite.  The invite shows up on my calendar just fine.
    This message was created automatically by mail delivery software.
    A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
      [email protected]
        Unrouteable address
    ------ This is a copy of the message, including all the headers. ------
    Return-path: <[email protected]>
    Received: from wsip-70-166-120-183.ph.ph.cox.net ([70.166.120.183] helo=PK01)
        by arelay1 with esmtpa (Exim 4.72)
        (envelope-from <[email protected]>)
        id 1W8D9b-0001kB-24
        for [email protected]; Tue, 28 Jan 2014 10:12:56 -0800
    From: "Kevin Simmons" <[email protected]>
    To: "miguel saucedo" <[email protected]>
    Subject: Accepted: Miguel Chaperone School
    Date: Tue, 28 Jan 2014 11:13:05 -0700
    Message-ID: <398EA47278F54C9FA9CFFB725FD6C079@PK01>
    MIME-Version: 1.0
    Content-Type: text/calendar; method=REPLY;
        charset="utf-8"
    Content-Transfer-Encoding: 7bit
    X-Mailer: Microsoft Office Outlook 11
    Thread-Index: Ac8cSpjUhKBGTbBKQt+PScNbb6MWwAABfTJgAABJyYAAALiiEA==
    X-MimeOLE: Produced By Microsoft MimeOLE V6.3.9600.16384
    BEGIN:VCALENDAR
    PRODID:-//Microsoft Corporation//Outlook 11.0 MIMEDIR//EN VERSION:2.0 METHOD:REPLY BEGIN:VEVENT ORGANIZER:MAILTO:/o=PKArchitects/ou=First Administrative
      Group/cn=Recipients/cn=miguel
    DTSTART:20140206T070000Z
    DTEND:20140208T070000Z
    LOCATION:Flagstaff
    TRANSP:OPAQUE
    SEQUENCE:3
    UID:040000008200E00074C5B7101A82E00800000000102573EC0F1CCF010000000000000000100
     0000037C3D09157000340AA5D3F23F6A60078
    DTSTAMP:20140128T181305Z
    SUMMARY:Accepted: Miguel Chaperone School
    PRIORITY:5
    X-MICROSOFT-CDO-IMPORTANCE:1
    CLASS:PUBLIC
    ATTENDEE;PARTSTAT=ACCEPTED:MAILTO:[email protected]
    END:VEVENT
    END:VCALENDAR

    Well it looks like none of our outlook installations actually are accessing the exchange email, nor are we able to send to those email addresses even though they exist.  I have 2 email inboxes in Outlook, 1 is the Integra inbox - works fine.  The
    other is called Mailbox - UserName - populated with folder that are and always have been empty.  If I send an email to myself at [email protected]  I get the following bounce back.
    This message was created automatically by mail delivery software.
    A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:
      [email protected]
        Unrouteable address
    ------ This is a copy of the message, including all the headers. ------
    Return-path: <[email protected]>
    Received: from wsip-70-166-120-183.ph.ph.cox.net ([70.166.120.183] helo=PK01)
        by arelay2.integra.engr with esmtpa (Exim 4.72)
        (envelope-from <[email protected]>)
        id 1WBtMM-0005N1-Gr
        for [email protected]; Fri, 07 Feb 2014 13:53:18 -0800
    Reply-To: <[email protected]>
    From: "Kevin Simmons" <[email protected]>
    To: <[email protected]>
    Subject: test
    Date: Fri, 7 Feb 2014 14:53:18 -0700
    Message-ID: <F708D49EB6A64BE69891BF9C7B528529@PK01>
    MIME-Version: 1.0
    Content-Type: multipart/related;
        boundary="----=_NextPart_000_0050_01CF2414.572804A0"
    X-Mailer: Microsoft Office Outlook 11
    Thread-Index: Ac8kTwKRc8hlRKNXSlye9E4r5UyfJQ==
    X-MimeOLE: Produced By Microsoft MimeOLE V6.3.9600.16384
    This is a multi-part message in MIME format.
    ------=_NextPart_000_0050_01CF2414.572804A0
    Content-Type: multipart/alternative;
        boundary="----=_NextPart_001_0051_01CF2414.572804A0"
    ------=_NextPart_001_0051_01CF2414.572804A0
    Content-Type: text/plain;
        charset="us-ascii"
    Content-Transfer-Encoding: 7bit
    test
    Thanks!
    Kevin Simmons
    Project Manager
    4515 S McClintock Dr. Suite 206
    Tempe, Arizona 85282
    p 602 283 1620
    f 602 283 1621
    c 480 702 9687
    [email protected]
    ------=_NextPart_001_0051_01CF2414.572804A0
    Content-Type: text/html;
        charset="us-ascii"
    Content-Transfer-Encoding: quoted-printable
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Dus-ascii" = http-equiv=3DContent-Type> <META name=3DGENERATOR content=3D"MSHTML 11.00.9600.16476"></HEAD> <BODY>
    <DIV><FONT size=3D2 face=3DArial><SPAN=20 class=3D831025321-07022014>test</SPAN></FONT></DIV>
    <DIV>&nbsp;</DIV><?xml:namespace prefix =3D "o" ns =3D=20 "urn:schemas-microsoft-com:office:office" /><o:SmartTagType=20 namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
    name=3D"PostalCode"></o:SmartTagType><o:SmartTagType=20
    namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
    name=3D"State"></o:SmartTagType><o:SmartTagType=20
    namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
    name=3D"City"></o:SmartTagType><o:SmartTagType=20
    namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
    name=3D"place"></o:SmartTagType><o:SmartTagType=20
    namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
    name=3D"Street"></o:SmartTagType><o:SmartTagType=20
    namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"=20
    name=3D"address"></o:SmartTagType>
    <STYLE>@page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.25in 1.0in = 1.25in; mso-header-margin: .5in; mso-footer-margin: .5in; =
    mso-paper-source: 0; }
    P.MsoNormal {
        FONT-SIZE: 12pt; FONT-FAMILY: "Times New Roman"; MARGIN: 0in 0in 0pt; =
    mso-style-parent: ""; mso-pagination: widow-orphan; =
    mso-fareast-font-family: "Times New Roman"
    LI.MsoNormal {
        FONT-SIZE: 12pt; FONT-FAMILY: "Times New Roman"; MARGIN: 0in 0in 0pt; =
    mso-style-parent: ""; mso-pagination: widow-orphan; =
    mso-fareast-font-family: "Times New Roman"
    DIV.MsoNormal {
        FONT-SIZE: 12pt; FONT-FAMILY: "Times New Roman"; MARGIN: 0in 0in 0pt; =
    mso-style-parent: ""; mso-pagination: widow-orphan; =
    mso-fareast-font-family: "Times New Roman"
    SPAN.GramE {
        mso-style-name: ""; mso-gram-e: yes
    DIV.Section1 {
        page: Section1
    </STYLE>
    <DIV class=3DSection1>
    <P class=3DMsoNormal align=3Dleft><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">Thanks!</SPAN></P> <P class=3DMsoNormal>&nbsp;</P> <P class=3DMsoNormal><SPAN style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">Kevin=20 Simmons</SPAN></P> <P
    class=3DMsoNormal><SPAN style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">Project=20 Manager</SPAN></P> <P class=3DMsoNormal><o:p>&nbsp;</o:p></P>
    <P class=3DMsoNormal><IMG src=3D"cid:831025321@07022014-2937" = width=3D130 height=3D130=20 v:shapes=3D"_x0000_i1025"></P> <P class=3DMsoNormal><?xml:namespace prefix =3D "st1" ns =3D=20 "urn:schemas-microsoft-com:office:smarttags"
    /><st1:Street=20 w:st=3D"on"><st1:address w:st=3D"on"><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">4515 S McClintock Dr. = Suite=20 206</SPAN></st1:address></st1:Street></P>
    <P class=3DMsoNormal><st1:place w:st=3D"on"><st1:City w:st=3D"on"><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">Tempe</SPAN></st1:City><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">, <st1:State=20 w:st=3D"on">Arizona</st1:State> <st1:PostalCode=20 w:st=3D"on">85282</st1:PostalCode></SPAN></st1:place></P>
    <P class=3DMsoNormal><SPAN class=3DGramE><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">p</SPAN></SPAN><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"> 602 283 1620</SPAN></P> <P class=3DMsoNormal><SPAN class=3DGramE><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">f</SPAN></SPAN><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"> 602 283 1621</SPAN></P> <P class=3DMsoNormal><SPAN class=3DGramE><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial">c</SPAN></SPAN><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: Arial"> 480 702 9687</SPAN></P> <P class=3DMsoNormal><SPAN=20
    style=3D"FONT-SIZE: 10pt; FONT-FAMILY: = Arial">[email protected]</SPAN></P></DIV>
    <DIV>&nbsp;</DIV></BODY></HTML>
    ------=_NextPart_001_0051_01CF2414.572804A0--
    ------=_NextPart_000_0050_01CF2414.572804A0
    Content-Type: image/jpeg;
        name="image002.jpg"
    Content-Transfer-Encoding: base64
    Content-ID: <831025321@07022014-2937>
    /9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0a
    HBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIy
    MjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCACCAIIDASIA
    AhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQA
    AAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3
    ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWm
    p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QA
    p6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+HwEA
    AwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSEx
    BhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElK
    U1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3
    uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD3
    uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3++iii
    gAooooAKKKKACq97dGzg81bae4O4DZAoLfXkjirFFAHltr8ZNKtPtNteadrU00V1OhZbdCABIwA+
    +OgwPwqf/hdmg/8AQI13/wABk/8Ai68juv8AkL6t/wBhG5/9GtTKxdVp2PKqY+cJuKS0PfvB
    +Xiwe
    JdNFylnqHlyXE4WaeNVVVEjYU4bqBgdO1dZXA/Bz/knsP/X5c/8Ao1q76tkepF3SYUUUUDCiiigA
    ooooAKKy9S1yz017ZZJ4B5twIWLzKuzIJyc/T9ak/t3R/wDoK2P/AIEJ/jQBoUVjXfibTLc2yxX1
    nM006Q4W4XKhu/XtWvHIkqB43V1PdTkUAOoqhqWqRad9nDFC0s6QkFwpUMcZq6jpIu5GVh6g5oAd
    RRRQB8sXX/IX1b/sI3P/AKNamU+6/wCQvq3/AGEbn/0a1Mrkl8TPnK/8WXqz2z4Of8k9h/6/Ln/0
    a1d9XA/Bz/knsP8A1+XP/o1q76upbH0MPhQUUUEgDJOAKZQUVU0/UYNTt2uLUs0O8qshXAkx/Evq
    voe+OKG1G3GqLpysz3JjMjKi5Ea9ix7Z7euD6GgC3RRRQB5X8atNsF8N2EosbYSy6pH5jiJd
    voe+z5R8
    5OOa8g/s2x/58rf/AL9L/hXtPxs/5FXS/wDsKRf+gSV4vPMfMECZyeWK9ceg9/ft+VYVdzyce5e0
    ST6EKCHT9Rsbuy06zlmtrlJNskYEZx/C2Oo9q3L7Xtd1NDHdarNFbEki0sP9GgXPbamCfxJrHkiY
    JEC21RIoCJwB+PWtbQfDq+I9Ua0zJFaRY+0SwjdK7HlYogf4yASSeFHJ7VMXJ6IypTqztTgz
    JEC21RIoCJwB+PWtbQfDq+I9Ua0zJFaRY+nbyD
    SYHQTi3Ehdc+Y2Wx+JzV6yjht2FxplxLav2ls7hoz+amvZZfh/aaZZWRtlXSzLdQx+TaHd/F
    SYHQTi3Ehdc+Y2Wx+JzV6yjht2FxplxLav2ls7hoz+96R2
    yXb3GB9etUPFPw2sLiALa2NppusAn7NdQKVt7xv+ecqnO1j2Jzz0J6Vp7N9Gdbwc0rxm7nPa
    yXb3GB9etUPFPw2sLiALa2NppusAn7NdQKVt7xv+F8Tv
    E2hsqXzjW7MdVmwlwo/2XAw30YfjXsvhvxRpXivTftulXBdVO2WJxtkhb+669j/PtmvmaONWVsxy
    W8qMUkjPDRupwykeoIIq3pesal4a1ePV9OkC3CYVweEuE/55yD09G7GlGo07MzoYyUZclUS6/wCQ
    vq3/AGEbn/0a1MqG3vV1GS7vVjaIXF3PL5b9U3SMcH3GamrKXxM4K/8AFl6s9s+Dn/JPYf8Ar8uf
    /RrV31cD8HP+Sew/9flz/wCjWrvWZUUsxCqBkknAArqWx9DD4UDMqKWYhVAySTgAV8/eNvFv9uX0
    1hoWo6iukgss9x9sc/aieqoCeIx69+3HW98QPiA/ieSXR9HlZNEUlZ7hDg3hHVVP/PP1P8X068no
    +j6h4i1aPR9HjUzkAyysP3dtH/eb+i96zlN35YnFiMRJy9lR3J9Gi8U+INVi0bRtd1nztoMk
    +hv5P
    LtY+m5sH8l7/AEr3bRPB1pokMQTUNUuJwyyTTTXjkzuMfM4zg5wOOmOKn8K+FdO8I6OthYKW
    LtY+Zjvn
    uH5knfuzH+nQDgVuVcVZanVSpuEbSd2FFFFUanmfxvcR+EdOdui6nGT/AN8SV4zaRMkW+Ufv
    uH5knfuzH+nQDgVuVcVZanVSpuEbSd2FFFFUanmfxvcR+pPmf
    2J7fhXsnxvCS+E9MTcP+QrETg+ivXkeR6isKu55OYv30vIr3sqwQCZ/uowY/QV7r8KfDDaL4
    2J7fhXsnxvCS+E9MTcP+QrETg+Ttb2
    9jxqN6puHDDmMPg7frjbn6Adq8JvIBdi2te091DEfozgH+dfUt1fpZ3FhAqqVuZjDndjYAjN
    9jxqN6puHDDmMPg7frjbn6Adq8JvIBdi2te091DEfozgH+n/x3
    H41VJaXNcuguRyK3iD/V6d/2EIP/AEKtK5toby2kt7iMSQyLtZT3FZfiB0MenfOv/H/B3/2quajq
    K2MEcoCvvnihxuxje4XP4ZzWp6J4B4+06TR/HMsUuSbuISFz/wAtSvAf6suAfVkY96wSARgj
    K2MEcoCvvnihxuxje4XP4ZzWp6J4B4+Ir0z
    44WUZTw7qiFfMju2tmweSroT+hX9a8zyPUVz1V7x4mPhy1brqZcGbLWXt+fJuU8xP95eo/LH
    44WUZTw7qiFfMju2tmweSroT+hX9a8zyPUVz1V7x4mPhy1brqZcGbLWXt+5VqV
    Q1PC/ZJ/4orhOfZvlP8AOrryLGAzfdzgn0+tQ9Tmn7yUj234PMqfDuNmIVRd3JJJwAPNauJ+IHxA
    bxNJJo+kTFNFVik9wpwbwjqqn/nn6n+L6deStPE2oXPg1PDcG6200XE73Mit811ukYhBjomO
    bxNJJo+vr06
    daNxGWg8qNQCcBT2T0P4VrKelkejXxfLFU4PXq+xoaPo+oeItWj0fR41M5AMsrD93bR/3m/o
    daNxGWg8qNQCcBT2T0P4VrKelkejXxfLFU4PXq+xoaPo+vevo
    Twr4V07wjo62FgpZmO+e4fmSd+7Mf6dAOBXL/By50h/CLWtlAIdSt5MakGO55JT0kJ7qw6en
    Twr4V07wjo62FgpZmO+e4fmSd+I7V6
    JVwikjqw1CNKGmrfUKKKKs6QooooA8n+M+laZZ+G9PuYrC2ilk1WMPIkQDNlXzk98mvKPs0H
    JVwikjqw1CNKGmrfUKKKKs6QooooA8n+M+laZZ+/PGP
    /vkV7F8cE8zwjpyZxnU4xn0+SSvHLaYzQgtgSL8rj0Ydawq7nk5hfnTXYjljtoJ7KV4YvLS8gL5U
    Y2+Yuc+2K+k73wlpM11p8kOk6eEhnLyjyFG5fLdcdOeSp/CvmzUYRc2hgPHmELn0zX0J8N/E
    Y2+Yuc+2K+x8Q+
    EbE3T/6fDEEmB6vtO0t+YIPuPpVUnpY2y+d4OJNrvh3RY47DZpNku6+hU4gUZBbp0qzqnhLSrm2i
    S20iwV1uIXb9yo+VZFLdvQGrXiD/AFenf9hCD/0KtZ3WNGd2CqoyWJwAPWtT0Dxr4z2Ok2Nt
    S20iwV1uIXb9yo+4fs7
    SxtIJ571pG8uJVJRIznoOmWFebfZoP8AnjH/AN8iul+Imqtr3jwT5PkWdsEhQjoHOQT7sPm+jLXP
    1z1X7x4uPnerZdDM1OGER20SxIGluEUYXsDk/oKvPbxPEYtoEZPzKvAPsaoA/bdcRwcw2qEj0LNw
    D+Wf8mtSoZzTbikvmUtPFxDAi3ETJFM8ptZD0lVXKsM+qnqPQg1dr0fwp4Th8X/B1bPcsV7D
    D+Wf8mtSoZzTbikvmUtPFxDAi3ETJFM8ptZD0lVXKsM+e3Mt
    ncEf6uUStjP+yehHoa83AmjklguYWguoHMU8LdY3HUf4HuMVU421N8VQ5LTWz/MvaHrl34X1
    ncEf6uUStjP+6DWr
    NWfyxsuYFP8Ar4SeV/3h1X3HvX0npuo2ur6bb6hYzLNa3EYkjkXoQa+X67b4YeLf+Ef1caHeyY0v
    UJM27MeILg/w+yv+jfWqpz6M3wOIt+6l8j3Siiitz1QooooA81+Nn/Iq6X/2FIv/AECSvF5YzHJ5
    yHbnhj2+p9q9o+Nn/Iq6X/2FIv8A0CSvH6wq7nkZg7VF6FWaYARCQGM+YvXofoa6Pwj4ki8N
    yHbnhj2+p9q9o+6o32
    qd4dOuH3/aYvmazlxjeV/ijYAB19ge1c89tcyXFpbWMPnyz3CRxwbgu5j0AJ4H48U65VLG6NtqNo
    9hdA8xXcXlt+GeD9QTUxutUY0XOnapBaHuur+LrNbfTRevGWN3DKk1mfPimUHOV25I+jD6E1
    9hdA8xXcXlt+GeD9QTUxutUY0XOnapBaHuur+LrNbfTRevGWN3DKk1mfPimUHOV25I+R8Ye
    OLO004PcPFI8mfsukxzK0lw3ZpypwkY6kd+5P3a8UWJbbDWM89qHlUsLWdowxzwcKQM+9NMW
    OLO004PcPFI8mfsukxzK0lw3ZpypwkY6kd+5P3a8UWJbbDWM89qHlUsLWdowxzwcKQM+n2YZ
    pPIQsdzvKwLMfUk8k1o6qtodkswjy+6ncsPdNJPNcXlyJ7y5kaadxyXduuAO3YDsAKakN5qN
    pPIQsdzvKwLMfUk8k1o6qtodkswjy+1BY2
    ls8tzcvsht1+9Kff+6o6k+laug+Gtc8TOq6JpjC3Y4N7cIYoFHqCRl/oor2/wX4C0/whA0oc
    ls8tzcvsht1+9Kff+6o6k+laug+3mqT
    DE97IoDEf3UH8K+w/HNTGDbuzGjhZ1Jc9TT8z53srOWx+1W1wyPcRXMscrp0Zlcrx7cce1Wq
    DE97IoDEf3UH8K+fdf8
    hfVv+wjc/wDo1qZWct2cdf8Aiy9T2z4Of8k9h/6/Ln/0a1Y3xa8IEqfFmnREywoF1GJBzJEO
    hfVv+kgH9
    5O/qv0FbPwc/5J7D/wBflz/6Nau9ZQ6lWAKkYII4IrptdWPe5FOnyy2aPlUEMoZSCpGQR3FNliSe
    JopBlWGDXR+N/CZ8HeIPKgQ/2RfMz2Tdom6tCfp1X247Vz9c0k4ux4NWnKjPlZ7Z8MPGT+IN
    JopBlWGDXR+LbSt
    Sl3avYKA7HrcRdFl+vZvf6iu+r5bsr+80fVLXVtOYLe2jbkBOFkU/ejb2Yce3B7V9IeHdes/
    Sl3avYKA7HrcRdFl+vZvf6iu+r5bsr+Euh2
    2q2LHypl5RvvRsOGRvQg5FdEJcyPZwuI9tDXdGpRRRVnUea/Gz/kVdL/AOwpF/6BJXj9ewfGz/kV
    dL/7CkX/AKBJXj9YVdzx8x/iL0Lug/8AI4eHf+wpB/OvpW8sbTUIDBe2sFzCesc0YdT+Br5q0H/k
    cPDv/YUg/nX07V0vhOrL/wCF8ziNV+FvhO7MDW/h3T42FwjS7E8vKZ+YfLWvp/gXwppcgksvD2mx
    SDo/2dSw/EjNHh3xpovim/1Sy0u4eSbTZfKnDJtGckZX1GVPNc3qfxq8IaRqt5pt098J7SVoZdls
    SoZTg856Vodx6IAAMAYAqte2n22DyvtFxB8wO+B9jfTPpWLN478OQeEU8UPqSf2TIPklAOWb
    SoZTg856Vodx6IAAMAYAqte2n22DyvtFxB8wO+ONoX
    ruyCMexql4X+JnhvxdNc2+nTzpdW8Zle3uItjlB/EB3HT86AMG2+Dei3P2i4vbnWI55bqZyF
    ruyCMexql4X+JnhvxdNc2+vOCD
    IxB6dxg/jU//AApXw1/z/a1/4G//AFq6K08daLe+CpfFkLTnS4ldmJiw+Fbafl+oqtd/Ejw/Zm3E
    rXWZ9M/tVNsJP7jGf++valZEOnB6tIk8G+Eo/DVgIIri/Ecc85SGW43qVaRtrEY6kYP1rqq81tfj
    n4Nu7yK1ibUDLK6xqDanqTgZ5qfVPjT4R0jVrzTLlr/7RaTNDLstiwDKcHBzTLOh8SeDNO8U2k9v
    qE975cuGVUuGCxuPusq9AQea5Sw+DWgSWaG+/tSO5GVkCagxViDjcPY9cdRnFdDe/Efw5p3h
    qE975cuGVUuGCxuPusq9AQea5Sw+DWgSWaG+Oz8S
    XVzLFZXv/HvGYz5spyRgJ+H0qnY/FjwrqPh7UdZgnuPK07b9pgaEiZAzBQdvcZPUGlZEuMXuin/w
    pbwr/wA9tW/8Dnq3pXw+tvDN6i6Rdap9huWJuYvtzAq+OJPfptI+h7Gqel/Gvwjq+q2um2rX5uLm
    ZYYw1qQNzHAyc8danv8A4x+DtO1+TSJrycyRTCCa4SEmGJ84IZvY9SMiiyBRitkd9RSAhlDK
    ZYYw1qQNzHAyc8danv8A4x+DtO1+QQRk
    Ed6KZR5t8bP+RV0v/sKRf+gSV4/XsvxK0TXvENjYWEB02NDqSNC0jyZOFfG7C+npXH/8Kh8Y
    Ed6KZR5t8bP+f8/e
    hf8Afyb/AOJrKpByeh52Mw9SrNOC6HL6D/yOHh3/ALCkH86998ca8PDPgrVtW3ASQQN5We8jfKn/
    AI8RXlUPw28U6LrWjX9xcaM6xahCwWOSXJbPHVelem+JPCbeMtHtLDWbjyEhuluJY7Q5SYLn
    AI8RXlUPw28U6LrWjX9xcaM6xahCwWOSXJbPHVelem+CksM
    455qqaaVmb4SlKnT5Zb3PD/hdr+h6J458ORabePLJqdi1pqgdGUC5LF1OT15IXI9PerMniHxX4a1
    Lx/qGiaZp91pqatILuS4Qu0RJIBCgjK888GvafFHgjTPE2n21uf9BltrlLmG4to1Do6dO3TmjSfB
    Gn6Y3iHfLJdRa7O81zHKBtG4EFRjtyas6jyWDQrXSofhZpst3DqGm3N9NdSSqP3UkrbWQAHsM4wf
    f6V6pq1v4VXxfFNOLdfExsJBbDcQ7RYbPA4P8XXnrWbB8J9JXwR/wi11fXlzaxTm4tJ2KrLat/sE
    D1J6+pqTwt8MNP8ADmoXWp3Gp3+q6pPCYBd3sm5o4z2X/GgDxrSZPHQ+B90lpBpJ8M+VNvdy
    D1J6+pqTwt8MNP8ADmoXWp3Gp3+ftG3
    ed2OcZznHFdt4cAPxL8CgjI/4RJP5Gu4sfh5Y2Hw6m8GJe3LWkqSIZ2C+YN7Fj2x3qWw8B2Wn+IN
    H1dLy4aXS9MGmxowXa6D+I8daAOd8Hov/C7PHo2rgR2mOOnyVy3h0eOD4w8bf8IpForwf2vJ
    H1dLy4aXS9MGmxowXa6D+5x1D
    du3ZONu3tivV9L8J22leLta8RR3Mzz6qsQkibG1Ni4GO/wCdcjffBuC61rUdTtvFWuWDX9w1xLFa
    zBF3E57devegCldx3dx8ZPBcPiOO1NxHpMsgSIZh+0/Nu2A+gAI+grtrS28KJ48v3thbjxK9
    zBF3E57devegCldx3dx8ZPBcPiOO1NxHpMsgSIZh+qv2p
    VJ3mLIwSOn93nr0rM1L4Y6fq3hjTdKu9T1F7zTWZ7XVfN/0lGJyfm7jp+Qq14L+H2n+DZby7S7u9
    Q1O8x9ovbt90jAdB7D/PYUAYPw2Rf+E3+IXyjjVFxx04auM+y6p4e0rXLzRBpPinwJPdS3F7bsds
    0YyC4zwcqMc89M4r2DQPClt4f1fXNRguJpZNXuRcSq4GEIzwuO3PeuRv/grpF3qt1PBq+qWenXk3
    nXemQTbYZWzkjHYH9O2KAPQtLmtrjSbOazXbayQI8K4xhCoKj8sUVYhhjt4I4YUCRRqERR0UAYAo
    oAcVVsblBwcjI6GloooARlVsblBwcjI6GloooAKKKKACiiigAooooAKKKKACiiigAooooAKKKKAP
    /9k=
    ------=_NextPart_000_0050_01CF2414.572804A0--
    beyond that - the Global Address Book does not update!

  • 10.7.4 Web Access for Active Directory Users

    Does anyone know how to permantly set the AuthType in Web Services to Basic ?
    The reason I ask is I have a web site I want to protect and allow active directory users access to it.
    I have added the users to a local group, added the group to the Who Can Access option.
    Local users can log in but not Active Directory.  If I edit the conf file for the site in /etc/apache2/sites and change the AuthType from Digist to Basic it works fine until I change something in the server app then the conf file gets rewritten.
    Dan

    I am now having the same problem - a Windows server trying to access a file share on the Mac Server is presented with the same error message in the log files:
    [2009/06/29 21:34:56, 2, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:setupnew_vcsession(1260)
    setupnew_vcsession: New VC == 0, if NT4.x compatible we would close all old resources.
    [2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/libads/kerberosverify.c:ads_verifyticket(428)
    adsverifyticket: smbkrb5_parsename(vifile$) failed (Configuration file does not specify default realm)
    [2009/06/29 21:34:56, 1, pid=485] /SourceCache/samba/samba-187.8/samba/source/smbd/sesssetup.c:replyspnegokerberos(340)
    Failed to verify incoming ticket with error NTSTATUS_LOGONFAILURE!
    Workgroup manager can read from Active Directory - seems to be jiving correctly - my server (SMB) is in Domain Member mode...
    When I try to access system from \\UNC command, I am presented with username/password prompt and nothing works.
    Not feeling the Mac OS X love tonight.
    Bill
    System is bound to active directory - green light in Directory Utility

  • Best practice for Active Directory User Templates regarding Distribution Lists

    Hello All
    I am looking to implement Active Directory User templates for each department in the company to make the process of creating user accounts for new employees easier. Currently when a user is created a current user's Active directory account is copied, but
    this has led to problems with new employees being added to groups which they should not be a part of.
    I have attempted to implement this in the past but ran into an issue regarding Distribution Lists. I would like to set up template users with all group memberships that are needed for the department, including distribution lists. Previously I set this up
    but received complaints from users who would send e-mail to distribution lists the template accounts were members of.
    When sending an e-mail to the distribution list with a member template user, users received an error because the template account does not have an e-mail address.
    What is the best practice regarding template user accounts as it pertains to distribution lists? It seems like I will have to create a mailbox for each template user but I can't help but feel there is a better way to avoid this problem. If a mailbox is created
    for each template user, it will prevent the error messages users were receiving, but messages will simply build up in these mailboxes. I could set a rule for each one that deletes messages, but again I feel like there is a better way which I haven't thought
    of.
    Has anyone come up with a better method of doing this?
    Thank you

    You can just add arbitrary email (not a mailbox) to all your templates and it should solve the problem with errors when sending emails to distribution lists.
    If you want to further simplify your user creation process you can have a look at Adaxes (consider it's a third-party app). If you want to use templates, it gives you a slightly better way to do that (http://www.adaxes.com/tutorials_WebInterfaceCustomization_AllowUsingTemplatesForUserCreation.htm)
    and it also can automatically perform tasks such as mailbox creation for newly created users (http://www.adaxes.com/tutorials_AutomatingDailyTasks_AutomateExchangeMailboxesCreationForNewUsers.htm).
    Alternatively you can abandon templates at all and use customizable condition-based rules to automatically perform all the needed tasks on user creation such as OU allocation, group membership assignment, mailbox creation, home folder creation, etc. based on
    the factors you predefine for them.

  • Different privelege level for Active directory users

    Hi,
    We have integrated Acs 4.1se with windows active directory.now we need to give certain users full privige to some client devices and only show level privilege to some devices.what is the neccessary steps required in ACS and ACS clients.Also how much time the dynamic users will remain in ACSthanks in advance

    Hi,
    If you are using command authorization then privilage doesn't matter.
    Best way to set it up is to give all user priv lvl 15 and then define what all commands user can execute.
    Note : Having priv 15 does not mean that user will able to issue all commands.
    We will set up command authorization on acs to have control on users.
    This is how your config should look,
    aaa authentication login default group tacacs+ local
    aaa authorization exec default group tacacs+ if-authenticated
    aaa authorization commands 1 default group tacacs+ if-authenticated
    aaa authorization commands 15 default group tacacs+ if-authenticated
    aaa authorization config-commands
    aaa accounting commands 1 default start-stop group tacacs+
    aaa accounting commands 15 default start-stop group tacacs+
    Check out this link
    http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_configuration_example09186a00808d9138.shtml
    Regards,
    ~JG

  • Exporting Active directory users to excel with conditions

    I'm trying to export AD users with selected fields out to a spreadsheet, with the condition that the employeeid field is greater than 99999.    I found a VBScript elsewhere on this site that does everything i need, even filtering on the employeeid
    field except that when it export to the spreadsheet the employeeid field comes back as if it's blank.  But i know it's not as it will do the filtering correctly.  Below is the script i've been using.   As i said it will correctly list all users
    with employeeid greated than 5 digits but it just won't export the actual employeeid field
    Dim ObjWb 
    Dim ObjExcel 
    Dim x, zz 
    Set objRoot = GetObject("LDAP://RootDSE") 
    strDNC = objRoot.Get("DefaultNamingContext") 
    Set objDomain = GetObject("LDAP://" & strDNC) ' Bind to the top of the Domain using LDAP using ROotDSE 
    Call ExcelSetup("Sheet1") ' Sub to make Excel Document 
    x = 1 
    Call enummembers(objDomain) 
    Sub enumMembers(objDomain) 
    On Error Resume Next 
    Dim Secondary(20) ' Variable to store the Array of 2ndary email alias's 
    For Each objMember In objDomain ' go through the collection 
    if ObjMember.EmployeeID > 199999 Then  'if employee id greater than 199999 then add to spreadsheet (meaning physician)
    x = x +1 ' counter used to increment the cells in Excel 
    ' I set AD properties to variables so if needed you could do Null checks or add if/then's to this code 
    ' this was done so the script could be modified easier. 
    SamAccountName = ObjMember.samAccountName 
    FirstName = objMember.GivenName 
    LastName = objMember.sn 
    EmployeeID = ojbMember.employeeID
    EmailAddr = objMember.mail 
    Addr1 = objMember.streetAddress 
    Title = ObjMember.Title 
    Department = objMember.Department
    ' Write the values to Excel, using the X counter to increment the rows. 
    objwb.Cells(x, 1).Value = EmployeeID
    objwb.Cells(x, 2).Value = SamAccountName 
    objwb.Cells(x, 3).Value = FirstName 
    objwb.Cells(x, 4).Value = LastName 
    objwb.Cells(x, 5).Value = EmailAddr
    objwb.Cells(x, 6).Value = Addr1 
    objwb.Cells(x, 7).Value = Title 
    objwb.Cells(x, 8).Value = Department 
    ' Write out the Array for the 2ndary email addresses. 
    For ll = 1 To 20 
    objwb.Cells(x,26+ll).Value = Secondary(ll) 
    Next 
    ' Blank out Variables in case the next object doesn't have a value for the property 
    EmployeeID = "-"
    SamAccountName = "-" 
    FirstName = "-" 
    LastName = "-" 
    EmailAddr = "-" 
    Addr1 = "-" 
    Title = "-" 
    Department = "-" 
    For ll = 1 To 20 
    Secondary(ll) = "" 
    Next 
    End If 
    ' If the AD enumeration runs into an OU object, call the Sub again to itinerate 
    If objMember.Class = "organizationalUnit" or OBjMember.Class = "container" Then 
    enumMembers (objMember) 
    End If 
    Next 
    End Sub 
    Sub ExcelSetup(shtName) ' This sub creates an Excel worksheet and adds Column heads to the 1st row 
    Set objExcel = CreateObject("Excel.Application") 
    Set objwb = objExcel.Workbooks.Add 
    Set objwb = objExcel.ActiveWorkbook.Worksheets(shtName) 
    Objwb.Name = "Active Directory Users" ' name the sheet 
    objwb.Activate 
    objExcel.Visible = True 
    objwb.Cells(1, 1).Value = "EmployeeID"
    objwb.Cells(1, 2).Value = "SAMAccountName"
    objwb.Cells(1, 3).Value = "FirstName" 
    objwb.Cells(1, 4).Value = "LastName"  
    objwb.Cells(1, 5).Value = "Email" 
    objwb.Cells(1, 6).Value = "Addr1" 
    objwb.Cells(1, 7).Value = "Title" 
    objwb.Cells(1, 8).Value = "Department" 
    End Sub 
    MsgBox "User dump has completed.", 64, "AD Dump" ' show that script is complete

    Here is a test version
    Set xl = CreateObject("Excel.Application")
    xl.Visible = True
    Set wb = xl.Workbooks.Add()
    Set sheet = wb.Worksheets("sheet1")
    sheet.Name = "Active Directory Users"
    i = 1
    With sheet
    .Cells(i, 1).Value = "EmployeeID"
    .Cells(i, 2).Value = "SAMAccountName"
    .Cells(i, 3).Value = "FirstName"
    .Cells(i, 4).Value = "LastName"
    .Cells(i, 5).Value = "Email"
    .Cells(i, 6).Value = "Addr1"
    .Cells(i, 7).Value = "Title"
    .Cells(i, 8).Value = "Department"
    End With
    Set users = GetADUsers()
    While Not users.EOF
    i = i + 1
    With sheet
    .Cells(i, 1).Value = users("employeeID")
    .Cells(i, 2).Value = users("samAccountName")
    .Cells(i, 3).Value = users("GivenName")
    .Cells(i, 4).Value = users("sn")
    .Cells(i, 5).Value = users("mail")
    .Cells(i, 6).Value = users("streetAddress")
    .Cells(i, 7).Value = users("Title")
    .Cells(i, 8).Value = users("Department")
    End With
    users.MoveNext
    Wend
    Function GetADUsers()
    Set rootDSE = GetObject("LDAP://RootDSE")
    base = "<LDAP://" & rootDSE.Get("defaultNamingContext") & ">"
    filt = "(&(objectClass=user)(objectCategory=Person))"
    attr = "employeeid,SAMAccountName,mail,GivenName,sn,streetAddress,Title,Department"
    scope = "subtree"
    Set conn = CreateObject("ADODB.Connection")
    conn.Provider = "ADsDSOObject"
    conn.Open "Active Directory Provider"
    Set cmd = CreateObject("ADODB.Command")
    Set cmd.ActiveConnection = conn
    cmd.CommandText = base & ";" & filt & ";" & attr & ";" & scope
    Set GetADUsers = cmd.Execute()
    End Function
    ¯\_(ツ)_/¯

  • ThumbnailPhoto Attribute Active Directory Users & Computers

    Hi, I have successfully imported user pictures within the AD in respect of the thumbnailphoto attribute and this is being replicated as part of the GC.  Does anyone know of any extensions for Active Directory Users & Computers so that an administrator
    can view the photo in the way of an extra tab etc.  The Domain and Forest are currently 2012 functional mode. Any help of viewing the photos within AD users & Computers would be great. 
    Carl Smith MCITP-EA

    Below thread might be helpful,
    http://social.technet.microsoft.com/Forums/scriptcenter/en-US/c9f7385f-8d34-47a6-a789-6d240541b5da/ad-user-properties-tab?forum=
    Regards,
    Gopi
    JiJi
    Technologies

  • How to enable disk quotas in Lion Server (OS X 10.7.5)?

    Hello, all.  I am having an impossible time trying to set disk quotas in Lion Sever (OS X 10.7.5) and have searched these (and many other) forums to no avail.  Basically, as my network will have mixed PC and Mac users I have set the primary home share folder to SMB.  I understand that quotas should be enabled without a hitch under AFP, but this will not suffice for PC clients.  I have set quotas in WGM but when I check from a remote connection it shows folder capactiy as the volume's total capacity where the home folder resides.
    As the latest version of Server Admin does not have a file share section, how can I do this?  I understand it may be possible from the terminal, but having little experience with terminal I would prefer not set it myself (man quotaon was less than helpful).
    Thank you in advance for any help.

    Not 100% sure, but i think "password change" feature requires Open Directory and SSL encryption for Web.
    Has you enabled OD?
    Did you try at least a self-signed SSL certificate for Web?

  • About disk quota in win2008r2 server(AD)

    Hi,everyone:
          I have a question for help. In win2008r2 domain server, I want to set disk quota on each domain users.
    In default, when a user created, it belongs to Domain Users group, and disk quota applied. But if I add the user into Domain Admins group, disk quota does not apply, so is a user as administrator role is whom disk
    quota does not apply in AD?
    Also I have tested in local computer, administrator account(not "Administrator"), such as "admin", could
    be applied also. It seems that all users except Administrator account could be set disk quota limit. Why Domain Admins not? Thanks a lot.

    Hi,
    What is the meaning about “disk quota does not apply”? Do you mean that disk quota cannot apply to users who member of administrators group? I have done a test, add a user to domain admin group, then disk quota can still apply to the user.
    In additional, quota limits are not applied to the Administrators local group.
    Managing Disk Quotas
    http://technet.microsoft.com/en-us/library/dd277427.aspx
    Regards,
    Mandy
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

  • What Is The Domain Name System for Active Directory on My Computer a Mac OS X

    When I try to bind my mac to an active directory domain I get the error message (“An invalid Domain and Forest combination was specified.  You should enter a fully qualified DNS name for the domain and forest”). I have tried so many things,nothing works
    Any suggestions?

    In general, the domain name you use must be correctly looked up (both backward AND forward) by the Domain Name Server you are using or using Active Directory or Open Directory will not work properly.
    In general, the first-listed DNS Address for each workstation must be one that contains the Active Directory or Open Directory names.
    You can use Network Utility "Lookup" function to test whether the names and the IP Addresses are looked up correctly. Both symbolic (e.g., mydomain.com) and numeric (e.g., 192.168.2.22) addresses of the Active directory server MUST lookup to the other.
    In MacOS X Server installations with private, non-Internet-visible Domain names, this problem can be solved by providing a local DNS Server, and populating the DNS Server with the Active Directory or Open Directory names and IP Addresses set for forward and reverse lookup.
    If the above is gibberish to you, you will need to contact your Active Directory Administrator for guidance.

  • Mac OS X Server and Active Directory Replica

    Hello,
    Has anyone ever encountered any problems when making a Mac OS X Leopard server an Active Directory Replica? We're working on this project and we want to make sure that we don't mess up our primary AD server when we configure this.
    Thanks so much,
    Mac man of the Bay

    Hi
    Not sure what you mean by Active Directory Replica? If you mean you want your Mac Server to be the BDC to a Windows-based PDC then no it won't happen. OSX Server can only perform as a Domain Member when a Windows Server is the PDC. Neither can you have a Windows Server as the BDC when the PDC is an OD Master - as far as I know.
    Have you downloaded and read the manual?
    http://images.apple.com/server/macosx/docs/OpenDirectory_Admin_v10.5_2ndEd.pdf
    Briefly: OD Master/Replica relationship can also be PDC/BDC only if both boxes are OSX.
    Tony

  • Require list of all events for Windows Server 2008 Active Directory

    Hi all,
    I require list of all events for Windows Server 2008 Active Directory. Event Log name for Active Directory log is "Directory Service".
    Regards,
    SR

    Hi,
    Thanks for your posting.
    Do you mean you want to list all Active Directory logs into one file named “Directory Services”?
    If that, it’s hard to achieve. There are kinds of Active Directory logs stored in different locations and they have different file formats. It’s hard
    to collect them into one file.
    Active directory records events in the directory services log in Event Viewer. By default, Active Directory records only critical error events. To instruct Active
    Directory to record other events in the directory services log, we need to modify registry.
    For more information please refer to following MS articles:
    Active Directory Diagnostic Logging
    http://technet.microsoft.com/en-us/library/cc961809.aspx
    How to configure Active Directory diagnostic event log
    http://support.microsoft.com/kb/314980
    Lawrence
    TechNet Community Support

  • How to set up the "incoming Mail server" for google apss account

    how to set up the "incoming Mail server" for google apss account

    The settings are not generic for all webmail accounts, only your office IT department would know what the server address is for their outgoing email server.  You'll have to ask them about it.

Maybe you are looking for

  • Wav vs. ID3 = nobody can solve this problem !

    Hi. I have a big quesion for you guys. Check it out. I have almost 800 wav files on my external drive #1. I have entered the information for every tracks in iTunes (quite an big big big job!). The thing is, i know the wav files does not keep this inf

  • Can not use scroll mouse in html tab when open pdf file in new tab with middle button but will avaliable only after switch to pdf tab and switch back to html

    When I open a "pdf" file in new tab with middle mouse click. After few second my mouse will not able to scroll in page that I read. But it will be able to scroll only after I click to any opened pdf tab and click on pdf document and click back on pre

  • Custom item does not appear on Hotsync Menu

    I have a Sprint Treo 700p.  My work email was converted to Outlook from GroupWise.  I am able to sync successfully, but received a message about changing profiles and conduits.  I tried to do this by clicking the Hotsync icon in system tray.  The men

  • Microsoft Push Missing

    It usually works well, but like today, if it misses a few times which is really important and long awaiting emails, it's really frustrating. Hey, I don't care the decent applications, but fix these essential bugs. I'm disappointed at a buggy iPhone 3

  • PES event id 1101

    Hi, I would like to use the new ADMT/PES v3.2 enable for Windows 2012 R2. I created a new controller in each domain and a standalone server. The three with Windows 2012 R2. I installed ADMT and PES. A user account migration works fine but a password