|
From Howard's post links (thanks) it appears Ruud made this change as a point of design. What we are seeing, though, is not only that the group membership is coming from the token (and not SAM) but also there are sometimes inconsitencies between ENUMGROUP output between 3.62 and 4.02. Howard, what was your ultimate solution to map groups, or did I miss it from the posts?
To stay on 4.02 I am already finishing up a VBSCRIPT that KIX will call whenever my ingroup drive mappings happen. I will also have to probably do the same thing for any major registry/icon routines in my script.
This ingroup issue is disheartening because our KIX script is huge now and does tons of things for us and has been our "5th Beatle" for our particular network and IT staff.
To Brian TX Our DC replication has been optimized via the netlogon reg entries, and I do trigger syncs when I changed the groups a lot during my testing. So I think we're okay there.
| 
