Not much info.. small shop, few users. I'm looking at Ipsec. -----Original Message----- From: Craig Cerino [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 03, 2004 12:32 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Moving Schema Master
How much info are we talking about Frank? That is going to come into play when you're talking about "how long" it will take. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Frank Buechler Sent: Tuesday, February 03, 2004 12:21 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Moving Schema Master Well, taking that machine out of the DMZ is going to have a few repurcussions. Not only will it down OWA, but the corporate web site is also being hosted there. Opening ports is last resort stuff.. If I did bring that machine inside, how long would it take to move the Schema Master role to the second server? Are there any gotchas involved in doing that, then simply placing the machine back in the DMZ? -----Original Message----- From: Adams, Kenneth W (Ken) [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 03, 2004 11:56 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Moving Schema Master Either take the current Schema Master out of the DMZ or (shudder) open the appropriate ports through the interior firewall and point them explicitly to the server you want to become the Schema Master. Kenneth W. (Ken) Adams, MCSA, MCSE -----Original Message----- From: Frank Buechler [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 03, 2004 11:08 AM To: ActiveDir (E-mail) Subject: [ActiveDir] Moving Schema Master Good Morning Folks I'm having a bit of a problem and I'm wondering if one of you fine people can help me out. First, let me give you a outline of the structure here. I have (2) 2000 servers, one in the DMZ (Exchange Server, our clients rely heavily on OWA), and the other sitting in trusted. The Operations Master is the server sitting on the inside, the Schema Master is the server sitting in the DMZ. I have been called here to upgrade everything to 2003 Server. Here's where I'm at: I have placed a 2003 server (brand new box) on the network. This box is currently sitting in trusted, but it will eventually be the new Exchange server. I want to run ADPREP /FORESTPREP on the Schema Master to bring the 2003 server into the AD. Since I really don't want to take the Exchange server off the network to do this, and since that box will be getting demoted anyway, I thought I would move the Schema Master role to the server currently sitting in trusted, and run ADPREP against it. However, when I attempt to do this, I get an error; "The current FSMO holder could not be contacted". Does the Exchange server (Schema Master) need to come out of the DMZ? TIA! -Frank List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
