MS Proxy Server IP restriction?

[atanoli]

Hi,

I have win2k server installed with two lan cards 1 for local lan and 2nd one for Internet link. I am using MS proxy server 2. My proble is that when i am going to restrict one of my local computer's ip from "security" button, Peoxy Server says following error:

"Packet filtering cannot be enabled on this server because it does not have an external network interface"

Please help

 

[sixthsense]

hi atanoli
seems like ur external interface ip is in ur proxy's LAT,remove the external Network Interface Card IP(the one that is connected to Internet) from the Local Address Table.
Kapil Technical Director
Infovalley Interwebspiders Pvt. Ltd.
Microsoft Certified System Engineer
visit

http://www.interwebspiders.com

If u find the information provided here useful to u then let me know by clicking on the link below s-)

 

[atanoli]

Thank u Kapil

But still not working......

I have another question for you Kapil i.e:

I would like to move users from one server to the other server. I like to keep all properties i.e. Passwords, Password Never Expire, user group each and every settings and so on. I tried following command:

MY server=MARVI
dc=TANOLI.ABC.CO

ldifde -f Exportuser.ldf -s MARVI -d "dc=TANOLI,dc=ABC,dc=CO" -p subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -l "cn,givenName,objectclass,samAccountName"

And i restored with following command at another server

ldifde -i -f Exportuser.ldf -s MARVI
It worked but not as much as I was needed. It could't restore passwords, maping path, etc. etc., it can just pick up user names and some minor settings.

Do you know the exact method to pick up and restore all the informations of users?

Thanks

 

[atanoli]

Anyone?

 

[jrdebug]

atanoli, based on the command line you entered, you are simply exporting the User Accounts...

ldifde -f Exportuser.ldf -s MARVI -d "dc=TANOLI,dc=ABC,dc=CO" -p subtree -r "(&(objectCategory=person)(objectClass=User)(givenname=*))" -l "cn,givenName,objectclass,samAccountName

if you want to export all the "exportable" (is this english acceptable) objects from your server/domain, you need specify only the following command...

ldfide -f exportuser.ldf

moreover, exporting Passwords and other properties of accounts is not supported for the mere fact that this is a security breach. please take note that the output file is a completely readable text file which can be opened by any text editor. just think of what happens when this file lists all the usernames and passwords and gets misplaced!

finally, when you do import these objects into the target domain/server, passwords are set to blank and the Change Password at Next Logon box is ticked automatically thereby forcing the users to key-in their old passwords.

hope this helps...


Jeffrey Rebong
Computer Engineer/Network Administrator
jrdebug@yahoo.com

 

[atanoli]

Thank you very much Jaffrey Rebong

I read that userexport.ldf and found:

maxPwdAge:
minPwdAge:
minPwdLength:

Any possiblity that i can manualy add passwords of users in this userexport.ldf, whom i know?

 

[sixthsense]

hi atanoli
not tried this myself but hope this could solve ur prob:

The following sample Ldif file (chPwd.ldif) changes a password to newPassword:

dn: CN=TestUser,DC=testdomain,DC=com
changetype: modify
replace: unicodePwd
unicodePwd::IgBuAGUAdwBQAGEAcwBzAHcAbwByAGQAIgA=
-
To import the chPwd.ldif file, use the following command:
ldifde -i -f chPwd.ldif -t 636 -s dcname -b username domain password
Article ID: Q263991 - microsoft knowledgebase
Kapil

Technical Director
Infovalley Interwebspiders Pvt. Ltd.
Microsoft Certified System Engineer
visit

http://www.interwebspiders.com

If u find the information provided here useful to u then let me know by clicking on the link below s-)