Is there any way I can know where a specific security group is being used?
IOW, if it is used in 7 different directories, 9 files and 3 public folders
that I would get  a list with such info.
Thanks.

After installing on my Windows 2003 Server the following update:
Windows Malicious Software Removal Tool - May 2005 (KB890830)
My Norton Real Time Scan alerted me to have found a virus:
Scan type: Realtime Protection Scan

I have had to read some old NT4 EVT logs and noticed a lot of 528 Logons
followed in about 2-3 minutes by a 538 logoff... This appears to be fairly
consistant over several hundred pairs for most individuals...
Question:

We solved this by deleting the pre-AD group and creating a new one but I
thought I'd share what happened.
We tried to apply a permission for a group (all allowed except Full Control)
to an entire folder tree but afterwards the child folders would list the

On a Windows 2003 native domain we have setup an Enterprise CA that emits
EFS v2 Certificates through auto-enrollment. We want users to be able to
encrypt on their computers, but NOT on network shares.
Here is the test:

I'm looking to see if something is even possible. I have a user, and I want
to give them admin privileges to an AD Domain Controler, but I don't want
them to be able make changes in the domain (add users, delete users, grant
user rights...)

I have installed XP Pro eng. on a computer. The computer connected the
network via workgroup type.. I don't understant why but the computer can
access everywhere even servers' resources. Normally the computers are
connected the server with domain model but if these computers connect ...

Is there a way to enable a user on the domain to restart a certain service
on the windows 2003 domain controller - but not do anything else?
Thanks,
Grant

The other morning I dcpromo'd our internal web server (Win2003 Server,
IIS6), and after I did this my IIS6 sites all began requiring
authentication since the anonymous account failed, giving me 401.1
errors. Two messages appear in my application event log:

is it possible to issue a logon or user certificate using Enterprise CA in
Windows 2003, which is secondary on the smart card. The smart card already
have primary certificates and possibly other secondary certificates that
should *not* be removed.

since the default share permission for the group "Everyone" is set to "Read"
in win2003server, i would like to change it back to the
win2000server-setting "Full Access". but how and where? where can i find the
group or object "Everyone", for a start? (same for the group/object

I have a service written in ATL which is accessed via the exposed COM
objects. How can I restrict access to these COM objects to certain users?
regards,
Achim

Is it possible to re-initialize a smart card, i.e. erase all certificates and
generate new keys, using Enterprise CA on Window 2003 Server?
Best regards

Is there a way of recovering a deleted user account on a pure Windows NT4
domain.
There may be the possibility of a backup tape existing, but can it be done
without having to restore back to a point in time.

The recent rend for critical patches for win 2003 to require rebooting the
server is USELESS!!!
Win 2003 is a SEVER, it cannot be continually rebooted and offer any Server
level to its users.