A problem with @PRIMARYGROUP - KiXtart.org - official site

You are not logged in. [Log In] KiXtart.org website » Forums » KiXtart » Advanced Scripting » A problem with @PRIMARYGROUP

Page 2 of 2

2

Topic Options

#75885 - 2003-07-13 07:46 PM Re: A problem with @PRIMARYGROUP
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	For the domain name you want to use the downlevel or netbios name. You also need to specify the options. Syntax: EnumObject --name Nail --class domain _________________________ Home page: http://www.kixhelp.com/hb/
Top

#75886 - 2003-07-13 08:33 PM Re: A problem with @PRIMARYGROUP
jacks73 jacks73 Getting the hang of it Registered: 2003-04-23 Posts: 58	Les I've only got 140 users so i'm under the limit. I've made a failed user a Domainm admin and the script runs fine. @primarygroup can be defined only when an NT4 upgraded user is a Domain Admin. So a possible solution could be to make Everone a Domain Admin Howard, I will try to run your EnumObject again when I am back at the office in about an hour
Top

#75887 - 2003-07-13 10:10 PM Re: A problem with @PRIMARYGROUP
jacks73 jacks73 Getting the hang of it Registered: 2003-04-23 Posts: 58	Here's a question? Where, on the server, does KiXtart get the group info from. I assume it is somewhere in the Reg, but does anyone know the key?
Top

#75888 - 2003-07-13 10:18 PM Re: A problem with @PRIMARYGROUP
Sealeopard Sealeopard KiX Master Registered: 2001-04-25 Posts: 11165 Loc: Boston, MA, USA	This is not stored in the registry but in AD. However, I have to agree with the other posters, it rather seems to be an AD-problem in that KiXtart cannot retrieve the existing information due to lack of access rights for non-admin users. [ 14. July 2003, 03:42: Message edited by: sealeopard ] _________________________ There are two types of vessels, submarines and targets.
Top

#75889 - 2003-07-14 12:35 AM Re: A problem with @PRIMARYGROUP
Les Les KiX Master Registered: 2001-06-11 Posts: 12734 Loc: fortfrances.on.ca	Jens is right, it is not in the registry. On NT4, the SAM was stored in the reg but in AD it is stored in Sysvol in a file called NTDS.DIT if I recall my MCSE training correctly. _________________________ Give a man a fish and he will be back for more. Slap him with a fish and he will go away forever.
Top

#75890 - 2003-07-14 06:13 AM Re: A problem with @PRIMARYGROUP
jacks73 jacks73 Getting the hang of it Registered: 2003-04-23 Posts: 58	The answer is Pre-Windows 2000 compatible access Security group. Quote "@primarygroup can be defined only when an NT4 upgraded user is a Domain Admin." I added them all to this built-in, and then had to wait for it to get around, but once the domain refreshed the script runs great! My first domain upgrade is a success! Thank you all for your input. KiXtart.org is my hero!
Top

#75891 - 2003-07-14 08:23 AM Re: A problem with @PRIMARYGROUP
Lonkero Lonkero KiX Master Guru Registered: 2001-06-05 Posts: 22346 Loc: OK	hmm... did I understand... you have now like zillion domain admins? not bad _________________________ ! download KiXnet
Top

#75892 - 2003-07-14 09:07 AM Re: A problem with @PRIMARYGROUP
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11628 Loc: CA	http://is-it-true.org/nt/nt2000/atips/atips70.shtml Directory Information Tree (DIT). In NT 4.0, the Security Accounts Manager (SAM) database holds all the user, computer, and group information for a domain. Because the SAM is a Registry hive, the Registry's scalability limits the SAM. On Win2K domain controllers, the DIT replaces the SAM. The DIT is based on Microsoft's Jet database engine and is similar to the Jet engine that Microsoft Exchange Server uses. The file ntds.dit, in the \%systemroot%\ntds directory, is the Win2K equivalent of the SAM file. This file stores the bulk of the directory database. In general, the DIT is larger than the SAM because AD holds more information and types of objects than NT 4.0's directory service holds. Within a domain, the contents of the ntds.dit file replicate to all the domain controllers. You might think that you'll see more replication traffic between domain controllers when you migrate from NT 4.0 to Win2K. However, Win2K uses a completely different model for replicating directory changes than NT 4.0 uses. http://www.netpro.com/forum/messageview.cfm?catid=11&threadid=129 http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/AD/windows2000/maintain/adsize.asp
Top

#75893 - 2003-07-14 09:19 AM Re: A problem with @PRIMARYGROUP
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11628 Loc: CA	Are we mis-understanding? Please tell us you DID NOT make all your users Domain Admins.
Top

#75894 - 2003-07-14 02:55 PM Re: A problem with @PRIMARYGROUP
Sealeopard Sealeopard KiX Master Registered: 2001-04-25 Posts: 11165 Loc: Boston, MA, USA	Also, why do you absolutely need to use @PRIMARYGROUP? Why don't you just use them as regular groups as in code: IF INGROUP('SomePrimaryGroup') map x: '\\server\SomePrimaryGroup\Priv' ENDIF Please justify the exact reason why the @PRIMARYGROUP macro MUST be used. [ 14. July 2003, 18:26: Message edited by: sealeopard ] _________________________ There are two types of vessels, submarines and targets.
Top

#75895 - 2003-07-14 06:14 PM Re: A problem with @PRIMARYGROUP
NTDOC NTDOC Administrator Registered: 2000-07-28 Posts: 11628 Loc: CA	By the way Lonk and Les, I know you don't have to use KIX32.EXE but I don't like the secondary window myself for this kind of testing.
Top

#75896 - 2003-07-16 04:39 AM Re: A problem with @PRIMARYGROUP
jacks73 jacks73 Getting the hang of it Registered: 2003-04-23 Posts: 58	NO NO NO! I Don't have a gazillion Domain Admins!! I was joking that it COULD be a possible solution. My scripts may not be the best, but I'm not stupid. The reason for the @PRIMARYGROUP as the delimiter was to map the group drives of only the department the user is in and not any other %groupname%_PRIV that the user may belong to. If a user needed another department's Drive, they could map the %groupname%_PUB themselves. Thereby giving everyone a "share drive" that is not one big Dump of forgotten information.
Top

#75897 - 2003-07-16 04:43 AM Re: A problem with @PRIMARYGROUP
Sealeopard Sealeopard KiX Master Registered: 2001-04-25 Posts: 11165 Loc: Boston, MA, USA	Then create a couple of groups called "DeptA_Primary", "DeptB_Primary" and so on. Groups are cheap _________________________ There are two types of vessels, submarines and targets.
Top

#75898 - 2003-07-16 04:45 AM Re: A problem with @PRIMARYGROUP
Howard Bullock Howard Bullock KiX Supporter Registered: 2000-09-15 Posts: 5809 Loc: Harrisburg, PA USA	Did you get the dump to work? _________________________ Home page: http://www.kixhelp.com/hb/
Top

#75899 - 2003-07-16 06:00 AM Re: A problem with @PRIMARYGROUP
jacks73 jacks73 Getting the hang of it Registered: 2003-04-23 Posts: 58	Jens, I did create depta_priv depta_pub deptb_priv deptb_pub. And by using @primarygroup to pull the group names a user in dept A gets depta_priv and depta_pub and a user in dept B gets deptb_priv deptb_pub but if "b" user also belongs to the "a" group, but it isn't his actual dept then "b" user can map the depta_pub however "b" will not get the depta_priv drive mapped. Howard, I did get the @primarygroup to work. All of my upgraded NT users needed to be added to the "pre windows 2000 compatible access" built-in group. once I did that The script ran just like it should have.
Top

#75900 - 2003-07-16 04:07 PM Re: A problem with @PRIMARYGROUP
Sealeopard Sealeopard KiX Master Registered: 2001-04-25 Posts: 11165 Loc: Boston, MA, USA	What I meant was to create unique groups that emulate the @PRIMARYGROUP, meaning a user has only ONE of these groups. _________________________ There are two types of vessels, submarines and targets.
Top

Page 2 of 2

2

Previous Topic

Previous Topic View All Topics

View All Topics

Index Next Topic

Next Topic

Moderator: Glenn Barnas, NTDOC, Arend_, Jochen, Radimus, Allen, ShaneEP, Ruud van Velsen, Mart

Hop to:

Shout Box

Who's Online

0 registered and 533 anonymous users online.

Newest Members

M_Moore, BeeEm, min_seow, Audio, Hoschi
17883 Registered Users

Generated in 0.068 seconds in which 0.027 seconds were spent on a total of 12 queries. Zlib compression enabled.

click tracking