|
Problems running DCPROM when adding 2nd AD Server
I'm try to add a second AD server (AD2) to my current enviroment (adding 2k3
to 2k).
I have performed the following
I. Prepare the Second Domain Controller
II. Join the SOI.IRS Domain
III. Install the DNS Service on the Second Domain Controller
The problem areices when I attempt to Promote the secon Domanin Controller
Ok - To start the Active Directory Installation Wizard, click...
|
1 |
12/30/2008 6:55:01 PM |
|
|
Referrals with 2 ADAM Instances
I have created two ADAM instances on two different servers and would
like to create a referral from the first to the second. The DN of the
first instance is ou=NorthEast,ou=Customers,o=Company,dc=com and the
DN of the second instance is
ou=NorthWest,ou=Customers,o=Company,dc=com.
How do I create a referral to it from the first? I tried to create a
crossRef object in the Partition of the ...
|
8 |
12/30/2008 6:47:00 PM |
|
|
ADAM Security Logging
The applications in our location that use our ADAM directories should
return a limited number (less than 20) of entries per query. We would
like to log every query that exceeds that amount. By changing the
Field Engineering Diagnostics setting to 5 and adding a Expensive
Search Results Threshold Parameter, I was able to log the query
information. This works great when an AD account ran the...
|
7 |
12/30/2008 6:39:34 PM |
|
|
Override time sync on a few workstations
We have a domain in which we need a few workstations to be able to set their
clocks to the day before on a regular basis. They do this to ease data entry
to an accounting application in which they are always several days behind.
When they change the time on the desktop it reverts back automatically every
hour or so.
I realize the best practice is for time to be synced to domain, however...
|
3 |
12/30/2008 6:36:42 PM |
|
|
rpc servser not available
Hi,
I recently created a new subdomain for my company. The creation part of the
subdomain went fine, but now when I attempt to connect to the DC of the new
subdomain I get the following message:
error 1722 rpc service not available
My root domain has an internal address range of 172.x.x.x and the subdomain
is 192.168.x.x.
I can ping both the hostname and ip address of any machine...
|
10 |
12/30/2008 6:28:05 PM |
|
|
LDS 2008 questions for 2003 AD and 2008 AD forest trust
We currently are trying to put a solution in place that will allow a single
sign in for SAP and other applications between two AD Forests with a trust.
This is basically a break away from the original 2003 domain and then
migrating users to the new trusted 2008 domain. The trust is at the Forest
root.
Now SAP uses an LDAP lookup to AD for user authentication and in order to
break aw...
|
1 |
12/30/2008 5:06:01 PM |
|
|
AD issues
Hi,
Welcome me to this forum..The reason I joined this forum is to solve my
issues or probably setting up my first AD.
I have a server running Win2K3..One forest..One domain concept.
To this server I will be connecting 25 computers, in which 20 run with
XP and remaining running with Vista.
As of now, the senior management will connect to this server but no
policies on effect, there is...
|
4 |
12/30/2008 4:20:00 PM |
|
|
Deny Login Locally To Servers
We have 30 servers, how can I allow each technician to login to their servers
only (that they manage) and not to the others…
Do I have to make multiple OU’s assign different GPO’s to it and add those
servers to each OU? I’m not sure how to accomplish this.
Any help is greatly appreciated
...
|
1 |
12/30/2008 4:09:02 PM |
|
|
Help denying "EVERYONE" access to change one AD field for users within specific security group
Hi there
[Windows 2003 domain]
Have been attempting to deny access to administrators of the domain to
one specific field within AD. Reasons for this are relating to
security; and even low-level admins can change that specific field. It
is within the Address tab for a user - postofficebox.
Have been able to do this for a user by itself - by opening the
object, selecting Security, adding th...
|
8 |
12/30/2008 3:42:50 PM |
|
|
Server unresponsive / LDAP delays
We have a 2003 domain with roughly 65K users. This domain also has a mixed
2003 / 2007 Exchange Org. At our site there are 3 domain controllers that
are 64 bit and have 32 GB of memory to cache the entire directory. Now MOM
and another product NetQOS, are reporting constantly that many of our DC / GC
are unresponsive and usually to LDAP queries on port 389. These DC are
running Virus...
|
1 |
12/30/2008 2:35:00 PM |
|
|
SID not resolving to Username
We've recently started migrating users from our legacy domain to our
newly created domain.
There is a two way trust between the domains, and several servers have
been migrated with no issue.
One particular server is giving me headaches, however. Once migrated
to the new domain, this server does not show users in local groups,
but rather their SIDs.
When I add new users to the group, regar...
|
6 |
12/30/2008 1:16:18 PM |
|
|
Slow login into Windows 2000 domain (
I am in progres to move from WinNT domain to Win2000 AD.
But each Windows 2000 pro and Windows XP clients are very slow loged into
Windows2000 AD (in mixed mode) - around 3-4 min.
I have another WinNT domain that trust Win2000 AD.
Others clients WinNT and Vista are loged fast to Windows2000 AD.
I will stop WinNT domain after mooving each client to new Win2000 Active
directory. Will ...
|
5 |
12/30/2008 12:02:02 PM |
|
|
Login problem when WAN link is down
Hi,
We have Windows 2003 server domain controller available locally (i.e.
in LAN) to our computers. When there is a WAN link outage and users
try to login to their (domain) computers, login process takes about
2-3 hours to complete. If I disconnect the network (LAN) cable from
the computer and then ask the user to login, login works fine.
Is there any other solution to avoid such a long lo...
|
5 |
12/30/2008 9:43:42 AM |
|
|
Cannot join domain
Cannot join domain
I have a computer setup as a domain controller with a primary DNS zone and
this is the configuration of the network cards installed in it:
Ethernet adapter PRIVATE:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : 3Com 3C900TPO-based Ethernet Adapter
(Gen
eric)
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . ...
|
4 |
12/30/2008 9:41:02 AM |
|
|
Migrating Active Directory Issues
My company just bought a second server, because our first one is dying. Both
are running Server 2003 Enterprise. I got the new server up and running,
joined it to the domain and made it a domain controller and a global catalog
server. I waited a few hours for all the settings and everything to
propegate over to the new server (we only have 15 users). I then migrated
the Exchange info...
|
9 |
12/30/2008 9:37:42 AM |
|
|
Forest to Forest Trust Problem
I went through and created a Forest to Forest trust to start the migration of
Active Directory to the new domain from the old domain. When I go into the
Domain Admins group to try to add Administrator of the opposite domain then I
get an error saying Administrator is not a correct name for an account on the
domain. If I do a search for accounts on the opposite server I get an error
sta...
|
5 |
12/30/2008 9:33:10 AM |
|
|
migrate from windows 2003 sbs to windows 2003
I have join a std windows 2003 server a dc to my sbs domain i like make it
hte primarary domain how what steps do I need to take
Thanks
...
|
3 |
12/30/2008 9:28:06 AM |
|
|
File replication problems with two domain contollers in 2 time zones
Hi, I have 2 domain controllers, 1 in the Eastern Standard Time (EST) time
zone and 1 in the Mountain Standard Time (MST) time zone. A 2 hour
difference.
I can replicate changes from EST to MST but I can't replicate changes from
MST to EST. There's no error reported when I run 'replicate now' only the
below message.
"One or more of these Active Directory connections are between dom...
|
4 |
12/30/2008 9:21:46 AM |
|
|
slow logon
We have a native 2000 AD environment with a mixture of Win 2000 and 2003 DCs.
2003 are the majority. DNS is AD integrated and we have dhcp servers serving
the clients. All clients are XP pro sp2.
We have a Start up script and a login script for users as well as folder
redirection for My Documents.
We have in house programs that the programmer designed and he setup the
start up script in...
|
2 |
12/30/2008 9:20:41 AM |
|
|
Question regarding how many domain controllers in a WAN config
Let me pose a scenario and please tell me your opinions as to the best
configuration.
We have a number of sites. a main site has about 100+ systems with 2 domain
controllers
we have another site that is the head quarters of a subsidiary with 60+ systems
and also has 2 domain controllers
we have 2 remote sites with 10 and 20 systems respectively each with their own
DC
it has been m...
|
6 |
12/29/2008 6:24:30 PM |
|
|
2 AD
We have 2 AD , one run in windows 2K and another one run in windows 2003,
Windows 2K hold the 5 FSMO Roles. Can the client login to the AD if the
windows 2k down ? do I need to trasfer the 5 fsmo roles to the windows 2003
AD if the windows 2K down ?
What happend to the question we post after 23rd Dec, I didn't appear .
...
|
4 |
12/29/2008 10:07:02 AM |
|
|
Standardising Desktop background
We are looking at standardising a sektop background accross all our users.
The way I have found for doing it does not quite meet my criteria.
Currently I have a GP that uses user config-admin templates-desktop-active
desktop to do this as a test to a single OU.
However I do not want the dekstop wallpaper to be active desktop based but
rather a BMP that gets set.
Also how can I handel...
|
1 |
12/29/2008 8:14:01 AM |
|
|
Legacy WDS
I was wondering if anyone on here knows if a simple tool has been developed
to allow additional NIC's to be added RIS / WDS legacy images?
I refer to Q315279 in regards to the question.
I'm asking fellow Windows users this question, if those at Microsoft have
not developed anything in the three and a half years since this article was
published, then I don't believe anything will be don...
|
2 |
12/29/2008 4:45:15 AM |
|
|
Can't Access Server
A year ago I set up server S1 as the company's new Active Directory/Exchange
Server (Windows 2003 x64 R2 , Exchange Server 2007 sp1). Later in the year I
set up another server named S2, also running Windows 2003 R2 x64. It's
primary function was to run the network backup software. I decided to add S2
as another domain controller, so I would have a backup one. I also installed
the certifi...
|
3 |
12/29/2008 3:11:15 AM |
|
|
Retaining NTFS Permissions on Files Once System Is Removed From Domain
MarkPL@nospam.nospam
I have a DC that I'll be demoting and repromoting. In the event that
it is not a graceful demotion and it needs to go into a workgroup,
will it retain the NTFS permissions from the Domain or will I need to
restore them from a backup via BackupExec with the option to only
restore security on the files?
Thanks,
Mark...
|
2 |
12/28/2008 7:54:41 PM |