RE: [ActiveDir] AD synchronization
Title: Message David - yes, your conclusion two messages down is correct. Cheers, - Stuart [This posting is provided "AS IS" with no warranties, and confers no rights.] -Original Message-From: Sullivan, Kevin [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 12:02 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] AD synchronization Partial Attribute Set -Original Message-From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 2:50 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] AD synchronization PAS? -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. -Original Message-From: Fugleberg, David A [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 1:48 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] AD synchronization I like Roger's description of the GC in a single domain as 'single-instance storage'. That's a good way to think of it. One question that hasn't been completely addressed (although maybe implied) is what happens to replication if an attribute is added to the PAS in a single-domain environment. My guess would be that since all DCs contain the entire directory already, the only additional replication would bethe fact that the attribute should be part of the PAS and therefore available via a GC query. I would hope it would not cause a full replication of the PAS, since all the attributes are already there. True ? Dave -Original Message-From: Marc Zukerman [mailto:[EMAIL PROTECTED]Sent: Wednesday, March 26, 2003 12:14 PMTo: [EMAIL PROTECTED]Subject: Re: [ActiveDir] AD synchronization Got it, thanks. Hey Don, has this discussion helped at all??? Marc Zukerman Senior Network Engineer Greenwich Technology Partners - Original Message - From: Roger Seielstad To: '[EMAIL PROTECTED]' Sent: Wednesday, March 26, 2003 12:31 PM Subject: RE: [ActiveDir] AD synchronization Because the Global Catalog data is already present in the .DIT file for the domain for which the server is a DC. Its in effect single instance storage - its not going to duplicate the data that's already there. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. -Original Message-From: Marc Zukerman [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 11:36 AMTo: [EMAIL PROTECTED]Subject: Re: [ActiveDir] AD synchronization OK, that makes sense and is consistent with everything else. That actually goes back to another conversation a few weeks ago when someone was asking about the true advantages/disadvantages of a dedicated forest root vs. single domain. The single domain would have a smaller GC (only one to manage). One thing it doesn't answer is why the size of the dit file doesn't change if a system is not a GC. In one case, a system was temporarily made a GC and then "demoted" again to just a DC. However there are other DCs that were never GCs at any time. Every one of them is approximately 250MB (within 2 MB in either direction depending on the DC). Marc Zukerman Senior Network Engineer Greenwich Technology Partners - Original Message - From: Sullivan, Kevin To: [EMAIL PROTECTED] Sent: Wednesday, March 26, 2003 10:17 AM Subject: RE: [ActiveDir] AD synchronization Since you are one domain the sizes should be the same. The GC contains the partial attribute set from all domains in the forest. Since you only have one domain you don't have anything additional added. Also, yes the GC is a subset of all attributes for the domains which the DC is not a member. So again, since you are
[ActiveDir] Removing sites and servers from AD
Title: Removing sites and servers from AD Hello, My current setup is one domain, three sites in AD. All on their own subnet and all connected by t1's. Each site has a server in it that is a GC. The first DC and forest root server in my domain is in my location, Camarillo, and the other sites are Tustin and San Diego. All is working well but now my company is getting rid of all the sites but Camarillo so I need to remove the Tustin and San Diego sites and servers. One of the sites, Vista, is already shut down and the server for that site is turned off and sitting in my server room here in Camarillo. Do I just delete the servers, then the sites or is there a specific way I need to delete these sites? I have never done this so ANY advice is appreciated. I don't want to do this incorrectly and mess up AD in my Camarillo site. Thank you, Mike.
[ActiveDir] Mixed to Native and Exchange 2000
I had a beef fillet marinade in Guinness this weekend, it was actually kind of sweet tasting. So I recommend that or a nice piece of buffalo filet marinade in Guinness for you AD Native Mode celebration. We converted to Native Mode last year on many of our AD Domains. Now is the pain of ADCing and In-place upgrading to Exchange 2000. Just for the record, how many of you all in-place upgraded your Exchange 5.5 Servers and org to Exchange 2000. I am really concerned about us doing this because we have Exchange 5.5 Servers with IS's in the 60 to 100 Gig range, and I feel if we have a problem doing an in-place upgrade on a server, we would have to do a disaster recovery of the server in a limited time window. In addition it will take us some time to get all the servers upgraded to 2000, and we will have some server consolidations to contend with. What has everyone elses experiences been doing this? Has in-place upgrading Exchange 5.5 servers with large IS been pretty non-eventful? I have heard from some people are doing the following when moving from Exchange 5.5 to 2000. 1. Setting up the RUS first, then standing up pure Windows 2000 Exchange 2000 servers in the site, and moving the mailboxes from the Exchange 5.5 servers to the Exchange 2000 servers. Tedious, but is easier to roll back a failed move. Takes forever to get to pure front-end/back-end solution. 2. doing Inter-org migrations by creating a New Exchange 2000 org, and migrating the accounts out of the Exchange 5.5 org into the new 2000 ORG. Allows the New Org to start out in Native Mode, and allows for refresh of Exchange Hardware. Problem seems to be third-party add-ins for Exchange like FAX Services, Blackberry, and Secure E-mail. There are workarounds for this though. Todd Myrick -Original Message- From: Sullivan, Kevin [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:26 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Mixed to Native Always a good Guinness! Easy! -Original Message- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:06 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Mixed to Native The worst part of the mixed to native mode conversion is picking which refreshing beverage you're going to enjoy when its done. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 5:49 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Mixed to Native Hi All, I've finally migrated my last remote office into my 2000 domain. All of my NT BDCs are gone and I'm 100% 2000 on the DCs I still have a couple offices on NT workstations. It's been some time since I've focussed on 2000 and can't remember if there are any gotchas with the move from mixed to native? I've read back through all my documentation/notes, but that no substitute to real worl experience... Can anyone offer some guidance? Thanks and BR, Rob Robert Rutherford MIS Department - DEK +44 (0)1305 208232 +44 (0)7970 122362 This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Removing sites and servers from AD
Do I just delete the servers, then the sites or is there a specific way I need to delete these sites? Assuming you no longer need the servers as domain controllers: The best thing to do make the final IT act at the site to demote the server (transfer all FSMO roles off first if you prefer, but demotion would do that automatically), then remove from the domain if appropriate, and delete the site from the directory with AD Sites and Services. If you are keeping the DC, change the site it belongs to with AD Sites and Services, then turn it off, ship it back to Camarillo, turn it on, change IP addressing, and pluf it in. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] dynamic disks
Anyone know of some secret voodoo that will allow me to dynamically change the partition size of my system partition without rebuilding the server? I need to make the drive bigger... Joe Pelle Systems Administrator Information Technology Valassis / Targeted Print Media Solutions 35955 Schoolcraft Rd. Livonia, MI 48150 Tel 734.632.3753 Fax 734.632.6240 [EMAIL PROTECTED] http://www.valassis.com/ This message may have included proprietary or protected information. This message and the information contained herein are not to be further communicated without my express written consent.
RE: [ActiveDir] dynamic disks
Title: Message You can use server magic. Make sure to have a backup. Use it at your own risk though. -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Pelle, JoeSent: Monday, March 31, 2003 2:50 PMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir] dynamic disks Anyone know of some secret voodoo that will allow me to dynamically change the partition size of my system partition without rebuilding the server? I need to make the drive bigger... Joe Pelle Systems Administrator Information Technology Valassis / Targeted Print Media Solutions 35955 Schoolcraft Rd. Livonia, MI 48150 Tel 734.632.3753 Fax 734.632.6240 [EMAIL PROTECTED] http://www.valassis.com/ This message may have included proprietary or protected information. This message and the information contained herein are not to be further communicated without my express written consent.
Re: [ActiveDir] dynamic disks
VolumeManager from PowerQuest - works great (backup anyway). John WitasickProject Manager - Windows Networking Services Group - Original Message - From: Pelle, Joe To: '[EMAIL PROTECTED]' Sent: Monday, March 31, 2003 5:50 PM Subject: [ActiveDir] dynamic disks Anyone know of some secret voodoo that will allow me to dynamically change the partition size of my system partition without rebuilding the server? I need to make the drive bigger... Joe Pelle Systems Administrator Information Technology Valassis / Targeted Print Media Solutions 35955 Schoolcraft Rd. Livonia, MI 48150 Tel 734.632.3753 Fax 734.632.6240 [EMAIL PROTECTED] http://www.valassis.com/ This message may have included proprietary or protected information. This message and the information contained herein are not to be further communicated without my express written consent. This E-mail, including any attachments, may be intended solely for the personal and confidential use of the sender and recipient (s) named above. This message may include advisory, consultative and/or deliberative material and, as such, would be privileged and confidential and not a public document. Any Information in this e-mail identifying a client of the department of Human Services is confidential. If you have received this e-mail in error, you must not review, transmit, convert to hard copy, copy, use or disseminate this e-mail or any attachments to it and you must delete this message. You are requested to notify the sender by return e-mail.
RE: [ActiveDir] Mixed to Native and Exchange 2000
Todd, FWIW, we did Option 1, or what is commonly referred to as the 'leap-frog' method. For those who don't know, the leap-frog comes from the fact that you put in a new, pristine server, move the mailboxes to the IS, then once box A has had all mailbox data moved off of it and all clean-up has been done - it's scrubbed and put in place as the next 'clean, pristine' server for the next mailbox move. The porcess continues until you're completed - leaving you with one extra box (usually to be the new box in your Exchange front or back end). Good luck! Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd (NIH/CIT) Sent: Monday, March 31, 2003 1:55 PM To: '[EMAIL PROTECTED]' I had a beef fillet marinade in Guinness this weekend, it was actually kind of sweet tasting. So I recommend that or a nice piece of buffalo filet marinade in Guinness for you AD Native Mode celebration. We converted to Native Mode last year on many of our AD Domains. Now is the pain of ADCing and In-place upgrading to Exchange 2000. Just for the record, how many of you all in-place upgraded your Exchange 5.5 Servers and org to Exchange 2000. I am really concerned about us doing this because we have Exchange 5.5 Servers with IS's in the 60 to 100 Gig range, and I feel if we have a problem doing an in-place upgrade on a server, we would have to do a disaster recovery of the server in a limited time window. In addition it will take us some time to get all the servers upgraded to 2000, and we will have some server consolidations to contend with. What has everyone elses experiences been doing this? Has in-place upgrading Exchange 5.5 servers with large IS been pretty non-eventful? I have heard from some people are doing the following when moving from Exchange 5.5 to 2000. 1. Setting up the RUS first, then standing up pure Windows 2000 Exchange 2000 servers in the site, and moving the mailboxes from the Exchange 5.5 servers to the Exchange 2000 servers. Tedious, but is easier to roll back a failed move. Takes forever to get to pure front-end/back-end solution. 2. doing Inter-org migrations by creating a New Exchange 2000 org, and migrating the accounts out of the Exchange 5.5 org into the new 2000 ORG. Allows the New Org to start out in Native Mode, and allows for refresh of Exchange Hardware. Problem seems to be third-party add-ins for Exchange like FAX Services, Blackberry, and Secure E-mail. There are workarounds for this though. Todd Myrick -Original Message- From: Sullivan, Kevin [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:26 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Mixed to Native Always a good Guinness! Easy! -Original Message- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:06 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Mixed to Native The worst part of the mixed to native mode conversion is picking which refreshing beverage you're going to enjoy when its done. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 5:49 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Mixed to Native Hi All, I've finally migrated my last remote office into my 2000 domain. All of my NT BDCs are gone and I'm 100% 2000 on the DCs I still have a couple offices on NT workstations. It's been some time since I've focussed on 2000 and can't remember if there are any gotchas with the move from mixed to native? I've read back through all my documentation/notes, but that no substitute to real worl experience... Can anyone offer some guidance? Thanks and BR, Rob Robert Rutherford MIS Department - DEK +44 (0)1305 208232 +44 (0)7970 122362 This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info
RE: [ActiveDir] dynamic disks
Title: Message Paragon Hard Disk Manager. NT4 will want reboots. 2K and higher will simply resize on the fly and then give you dumb looks. Never had an issue with it. Great piece of gear IMHO. John Weber Consultant Centerlogic, Inc www.centerlogic.com 503-262-0490 x249 -Original Message-From: Pelle, Joe [mailto:[EMAIL PROTECTED] Sent: Monday, March 31, 2003 2:50 PMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir] dynamic disks Anyone know of some secret voodoo that will allow me to dynamically change the partition size of my system partition without rebuilding the server? I need to make the drive bigger... Joe Pelle Systems Administrator Information Technology Valassis / Targeted Print Media Solutions 35955 Schoolcraft Rd. Livonia, MI 48150 Tel 734.632.3753 Fax 734.632.6240 [EMAIL PROTECTED] http://www.valassis.com/ This message may have included proprietary or protected information. This message and the information contained herein are not to be further communicated without my express written consent. �
Re: [ActiveDir] Mixed to Native and Exchange 2000
I'd go with option 1 - the moving train (or whatever it's called these days). Tony Redmond write an article about this a few years ago that should be available in the archies of www.winnetmag.com somewhere. I do a lot of migrations, and this is the method we choose most of the time. Missy Koslosky - Original Message - From: Myrick, Todd (NIH/CIT) [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 31, 2003 2:55 PM Subject: [ActiveDir] Mixed to Native and Exchange 2000 I had a beef fillet marinade in Guinness this weekend, it was actually kind of sweet tasting. So I recommend that or a nice piece of buffalo filet marinade in Guinness for you AD Native Mode celebration. We converted to Native Mode last year on many of our AD Domains. Now is the pain of ADCing and In-place upgrading to Exchange 2000. Just for the record, how many of you all in-place upgraded your Exchange 5.5 Servers and org to Exchange 2000. I am really concerned about us doing this because we have Exchange 5.5 Servers with IS's in the 60 to 100 Gig range, and I feel if we have a problem doing an in-place upgrade on a server, we would have to do a disaster recovery of the server in a limited time window. In addition it will take us some time to get all the servers upgraded to 2000, and we will have some server consolidations to contend with. What has everyone elses experiences been doing this? Has in-place upgrading Exchange 5.5 servers with large IS been pretty non-eventful? I have heard from some people are doing the following when moving from Exchange 5.5 to 2000. 1. Setting up the RUS first, then standing up pure Windows 2000 Exchange 2000 servers in the site, and moving the mailboxes from the Exchange 5.5 servers to the Exchange 2000 servers. Tedious, but is easier to roll back a failed move. Takes forever to get to pure front-end/back-end solution. 2. doing Inter-org migrations by creating a New Exchange 2000 org, and migrating the accounts out of the Exchange 5.5 org into the new 2000 ORG. Allows the New Org to start out in Native Mode, and allows for refresh of Exchange Hardware. Problem seems to be third-party add-ins for Exchange like FAX Services, Blackberry, and Secure E-mail. There are workarounds for this though. Todd Myrick -Original Message- From: Sullivan, Kevin [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:26 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Mixed to Native Always a good Guinness! Easy! -Original Message- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 7:06 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Mixed to Native The worst part of the mixed to native mode conversion is picking which refreshing beverage you're going to enjoy when its done. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis Inc. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, March 27, 2003 5:49 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Mixed to Native Hi All, I've finally migrated my last remote office into my 2000 domain. All of my NT BDCs are gone and I'm 100% 2000 on the DCs I still have a couple offices on NT workstations. It's been some time since I've focussed on 2000 and can't remember if there are any gotchas with the move from mixed to native? I've read back through all my documentation/notes, but that no substitute to real worl experience... Can anyone offer some guidance? Thanks and BR, Rob Robert Rutherford MIS Department - DEK +44 (0)1305 208232 +44 (0)7970 122362 This E-mail and any files transmitted with it are in commercial confidence and intended solely for the use of the individual or entity to whom they are addressed. If you have received this E-mail in error please notify the Administrator by E-mail ([EMAIL PROTECTED]). Any views or opinions expressed are solely those of the author and do not necessarily represent those of DEK International., or its affiliates. This footnote signifies that this message has been checked for viruses by MailswpUK1 List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List
Re: [ActiveDir] Nt4 domain controller upgrade to Windows 2000
Sounds like you're making something fairly simple into something rather convoluted. I'd simply rebuild the boxes and join them to the new domain. Missy Koslosky - Original Message - From: Graham Turner To: [EMAIL PROTECTED] Sent: Friday, March 28, 2003 8:57 AM Subject: [ActiveDir] Nt4 domain controller upgrade to Windows 2000 Apologies if this one has been around before but ..as subject i am looking to acheive the upgrade of a whole load of NT4 backupdomain controllers to Windows 2000.it is preferable to use an upgrade method (as opposed to new install) -based on a number of installed applications / services (dhcp, wins, lprserver).it is also intended to change the domain membership of these DC's in thesame process. the observed behaviour is that the Windows 2000 setup routinedetects its configuration as a DC and generates a "red" warning in a systemcompatibility report stating that the PDC should be upgraded first.presumably the setup routine must do some sort of query against the PDC todetermine its OS version ??the domain from which these DC's are intended to be migrated is in fact aNT4 domain, and this seems to be critical to the continuance of the setuproutine.is it correct that there is no option for the existing domain membership tobe modified in this setup routine ??it seemed to me that the dcpromo routine that initiates at first logon whenWindows 2000 starts would be flexible enough that if the administrator sodecided to remove any exsiting security information from the original NT4domain and replace it with the information from an administrator specifieddomain ??if this is the case then the available options (given that the upgrade ofthe PDC to a production domain is by far the least preferable) need to beevaluated;is it a "supported" operation to take the BDC offline from the network,promote it to PDC (merely to allow the setup routine to proceed) whichpresumably would complete given that the system would not detect any - thisbegs the question as to the checks that a BDC promotion goes through tocomplete - is it merely the non-detection of an exsiting PDC or is there abit more sophistication ??from here then once the system is running Windows 2000, the dcpromo processcan be stopped, and reinitiated once the computer is joined to the networkonce again as a Windows 2000 member server, and joined to a new domain ?otheriwse it seems to me that the only way of proceeding is to use the"clean installation" method and reinstall all applications / services.on this tack, it seems to me potential issues with the restore of a DHCPserver configuration (backed up by taking a copy of the relevant NT4registry key) to a Windows 2000 DHCP server - is this a supported operation.I will be very appreciative of input from the newsgroup on this oneGT
