Recent content by TravisM

The LDAP query would like kind of like select memberof FROM 'GC://rootDSE' where sAMAccountname='Username' I would just use kixtart though, personally.

I know you said that there's nothign in the ACL that should prevent the reply but have you tried taking the ACL's off for a second and testing it that way?

To resolve the NetBIOS names... WINS could do this, or entries in an LMHOSTS file, if the IP's are static.

There are a couple of things that could happen I guess - depending on your environment and what you want to do. The first thing to examine would be your switches. If you have Layer 3 or "routing" switches, then all you need to do is configure a new logical subnet and start adding people to a...

To use OWA the users must have "Log on Locally" rights to the Mail server hosting OWA. Make a group that explicitly denies that right, then stick all the people who you don't want to use it in the group, or take away the right and add a people you want to use it to a group that has the right.

I woudl suggest using RIS instead, or at least PXE for booting. You could have the PC set to boot from PXE to start with, but shut down the back end of the service during the week, then when you want it to ghost the machines, just turn bootp and the PXE params on, the machine will reboot...

The access list looks correct. Can you get VNC access without the ACL on? What OS is this? Have you checked to make sure that the service is listening on port 5900? Try netstat -a if it's a windows box.

ip access-list 101 permit tcp any host aa.bb.cc.dd eq 143 aa.bb.cc.dd is the ip address of the imap4 machine. If you go into the config for the access list it will just be permit tcp any host aa.bb.cc.dd eq 143 That should be it.

I just went digging a bit and this looks like a tall order, but I may be a little doom and gloom. The good new is the settings is deffinetly in the registry, the bad news is you will probably have to enumerate all of HKLM\System\currentcontrolset\control\class to find which key is actaully the...

Nope, the ACL won't auto-apply as far as anything I know. IF you wanted to put an ACL on an interface it would look like ip access-group 1 in or ip access-group 1 out depending on how you wanted it to function, and you don't have anything like that. It's remotely possible that it's some wonky...

You took these out ip nat inside source static tcp 10.0.0.2 110 interface Ethernet0 110 ip nat inside source static tcp 10.0.0.2 25 interface Ethernet0 25 ip nat inside source static tcp 10.0.0.2 22 interface Ethernet0 22 and it killed your internet browsing? Your nat should look nearly...

All the commands redirecting stuff from eth0 need to go then. Make sure that in the config for the serial interface you see this line ip nat outside and on the ethernet interface you see ip nat inside The command that you want to redirect mail will be ip nat inside source static tcp...

I see Serial0 and Ethernet0, I'm going to take a shot in the dark and say that Serial0 is your external interface? Is 10.0.0.2 your internal mail server address, if I can ask? The way the translation is set up right now anything going to your ethernet0 interface on port 25 is getting...

Not sure exactly what you're asking for here. Is the Cisco doing nat? Does the mail server have an internal or external address? If the mail server has a private address and your ISP is sending you a net block then I'd say just give the mail server an IP from that block via nat, set up an ACL...

That's just it, you don't have an ACL applied to any of the interfaces. The only control I see here is the ACL 1 which is making sure that only IP's in the 192.168.0.0 subnet are aloud out on NAT, but other than that you're wide open. Anything at all can pass through there, and of course some...