Announcement

Collapse
No announcement yet.

Deny specific CN naming scheme

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Deny specific CN naming scheme

    Is it possible to create a policy that would deny a certain computer naming scheme from being joined to the domain? I know you can set permissions for only who can join the computer to the domain...but I want to deny a naming scheme as well.

    Were using server 2003 AD. Thanks to anyone who can help.

  • #2
    Re: Deny specific CN naming scheme

    this may be something you could do in the schema... basically use tyhe schema to say "any object with type=computer must match this string"

    at least, I think you could do this... soemthying for me to research for a while
    Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

    Comment


    • #3
      Re: Deny specific CN naming scheme

      Thanks. What do you mean by "in the schema"? Where would you define this?

      Comment


      • #4
        Re: Deny specific CN naming scheme

        use ADSI Edit.
        i would strongly not recommend you try this, unless you're sure of what you're doing.

        I'm not even sure it's possible. Schema changes can massively mess up your directory, and are irreversible.
        Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

        Comment


        • #5
          Re: Deny specific CN naming scheme

          Oh I see what your saying. Yeah I'm not going to mess with that...

          Comment


          • #6
            Re: Deny specific CN naming scheme

            it merely kicked off an idea in my head.. like "hey that'd be cool if..."
            Please do show your appreciation to those who assist you by leaving Rep Point https://www.petri.com/forums/core/im.../icon_beer.gif

            Comment


            • #7
              Re: Deny specific CN naming scheme

              Originally posted by tehcamel View Post
              it merely kicked off an idea in my head.. like "hey that'd be cool if..."
              Yeah...maybe if someone has a test environment that they can try it in??

              Comment


              • #8
                Re: Deny specific CN naming scheme

                This is something you need to do with policy, not technology. If people can't be trusted to adhere to policy, then they can't be trusted with the privileges necessary to join machines to the domain.
                Gareth Howells

                BSc (Hons), MBCS, MCP, MCDST, ICCE

                Any advice is given in good faith and without warranty.

                Please give reputation points if somebody has helped you.

                "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

                "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.

                Comment

                Working...
                X