RE: Importing VM HELP!

[Carl Houseman]

Have you tried simply creating a new VM using the VHD('s) that came from the
R2 server (instead of importing)?

 

At the very least, a little googling suggests that the integration services
(from R2) should removed and then re-installed from the non-R2 server.  But
if the hardware is available, I'd just install the free Hyper-V R2 on said
hardware to get things up and running.

 

Carl

 

From: James Kerr [mailto:cluster...@gmail.com] 
Sent: Wednesday, June 01, 2011 2:13 PM
To: NT System Admin Issues
Subject: Re: Importing VM HELP!

 

I can't find anything about this with Google. If needed, can I do a standing
upgrade of a production server from Windows 2008 to R2 without causing a
bunch of issues, I could always do that this evening after hours.

On Wed, Jun 1, 2011 at 1:41 PM, James Kerr  wrote:

I'm having trouble importing a VM created and exported on a machine running
2008R2 to a machine running 2008. Do I need to upgrade Hyper-V manager on
the 2008 machine or something? Of course this is a matter of utmost urgency.

James

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: How to change IP address of a DC/DNS server?

[Mike Leone]

On 6/1/2011 6:16 PM, Brian Desmond wrote:
> That's what I would do. Obviously you'll need to repoint clients using the 
> machine for DNS, etc. 

HUH. OK ... haven't set up any clients yet. Changing the IP address (so
it's a different subnet from production, even tho already isolated, is
the last step in setting up the 2 DCs (one parent domain DC, one child
domain DC)).

I will change the IP address of the parent DC, reboot, wait a bit (15
min?), change the IP address of the child DC, reboot, cross fingers,
pray, hold my breath and hope. :-)

I will give that a shot tomorrow. Thanks so much!

> 
> Thanks,
> Brian Desmond
> br...@briandesmond.com
> 
> c   - 312.731.3132
> 
> 
> -Original Message-
> From: Mike Leone [mailto:oozerd...@gmail.com] 
> Sent: Wednesday, June 01, 2011 5:12 PM
> To: NT System Admin Issues
> Subject: Re: How to change IP address of a DC/DNS server?
> 
> On 6/1/2011 5:22 PM, Brian Desmond wrote:
>> *You don't need to do either of the first two. Worst case just bounce 
>> the box when you're done.*
> 
> So .. just change the IP address in the NIC properties of this DC (including 
> changing the DNS server settings to point to the new IP address you are using 
> for this DC), and just reboot?
> 
> (since this is an isolated lab, this DC is the only DNS server in the domain, 
> so I have to set the DNS settings of the NIC to point to itself)
> 
> I don't understand how to set the secondary IP address, as ASB suggests.
> 
>>
>> * *
>>
>> *Thanks,*
>>
>> *Brian Desmond*
>>
>> *br...@briandesmond.com* **
>>
>> * *
>>
>> *c   - 312.731.3132*
>>
>> * *
>>
>> *From:*Andrew S. Baker [mailto:asbz...@gmail.com]
>> *Sent:* Wednesday, June 01, 2011 3:59 PM
>> *To:* NT System Admin Issues
>> *Subject:* Re: How to change IP address of a DC/DNS server?
>>
>>  
>>
>> You will want to do at least the following:
>>
>> * Create new A records for the DCs using the new IPs
>> * Create new reverse entries for the DCs
>> * Ensure that your DNS service is listening on the new IP
>>
>> I usually change the IP address on each box, making the old IP the
>> secondary IP, then reboot.   After going through all the DCs in this
>> fashion, I make the bulleted changes above, one at at time, and then 
>> remove the old IP.
>>
>>  
>>
>> You can do it all at once, but I find the two-step approach more 
>> appealing for me.
>>
>>  
>>
>> *ASB *(Professional Bio )
>> *Harnessing the Advantages of Technology for the SMB market...**
>> *
>> * *
>>
>>
>>
>> On Wed, Jun 1, 2011 at 4:44 PM, Mike Leone > > wrote:
>>
>> I need to change the static IP of a couple of my DCs (which of course 
>> are DNS servers, too). Searching around, it seems that I should just 
>> be able to change the static IP address the same way you change any 
>> Windows static IP.
>>
>> Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME 
>> records". And I still find references to the old IP address in DNS.
>>
>> So what do I need to do, to change the IP address? Is there some 
>> special set of step-by-steps that I just haven't found?
>>
>> (I am setting up a lab version of my domains, so I want these 2 DCs to 
>> be on a completely different number private subnet .. even tho they 
>> are on a virtual switch which completely isolates them from the 
>> production LANs, I want to make doubly sure ...)
>>
>> Thanks for any help
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>>   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> 
>> with the body: unsubscribe ntsysadmin
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>>   ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> 
>> with the body: unsubscribe ntsysadmin
>>
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 


~ Finally, powerful endpoint security that 

RE: How to change IP address of a DC/DNS server?

[Brian Desmond]

That's what I would do. Obviously you'll need to repoint clients using the 
machine for DNS, etc. 

Thanks,
Brian Desmond
br...@briandesmond.com

c   - 312.731.3132


-Original Message-
From: Mike Leone [mailto:oozerd...@gmail.com] 
Sent: Wednesday, June 01, 2011 5:12 PM
To: NT System Admin Issues
Subject: Re: How to change IP address of a DC/DNS server?

On 6/1/2011 5:22 PM, Brian Desmond wrote:
> *You don't need to do either of the first two. Worst case just bounce 
> the box when you're done.*

So .. just change the IP address in the NIC properties of this DC (including 
changing the DNS server settings to point to the new IP address you are using 
for this DC), and just reboot?

(since this is an isolated lab, this DC is the only DNS server in the domain, 
so I have to set the DNS settings of the NIC to point to itself)

I don't understand how to set the secondary IP address, as ASB suggests.

> 
> * *
> 
> *Thanks,*
> 
> *Brian Desmond*
> 
> *br...@briandesmond.com* **
> 
> * *
> 
> *c   - 312.731.3132*
> 
> * *
> 
> *From:*Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Wednesday, June 01, 2011 3:59 PM
> *To:* NT System Admin Issues
> *Subject:* Re: How to change IP address of a DC/DNS server?
> 
>  
> 
> You will want to do at least the following:
> 
> * Create new A records for the DCs using the new IPs
> * Create new reverse entries for the DCs
> * Ensure that your DNS service is listening on the new IP
> 
> I usually change the IP address on each box, making the old IP the
> secondary IP, then reboot.   After going through all the DCs in this
> fashion, I make the bulleted changes above, one at at time, and then 
> remove the old IP.
> 
>  
> 
> You can do it all at once, but I find the two-step approach more 
> appealing for me.
> 
>  
> 
> *ASB *(Professional Bio )
> *Harnessing the Advantages of Technology for the SMB market...**
> *
> * *
> 
> 
> 
> On Wed, Jun 1, 2011 at 4:44 PM, Mike Leone  > wrote:
> 
> I need to change the static IP of a couple of my DCs (which of course 
> are DNS servers, too). Searching around, it seems that I should just 
> be able to change the static IP address the same way you change any 
> Windows static IP.
> 
> Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME 
> records". And I still find references to the old IP address in DNS.
> 
> So what do I need to do, to change the IP address? Is there some 
> special set of step-by-steps that I just haven't found?
> 
> (I am setting up a lab version of my domains, so I want these 2 DCs to 
> be on a completely different number private subnet .. even tho they 
> are on a virtual switch which completely isolates them from the 
> production LANs, I want to make doubly sure ...)
> 
> Thanks for any help
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> 
> with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> 
> with the body: unsubscribe ntsysadmin
> 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: How to change IP address of a DC/DNS server?

[Mike Leone]

On 6/1/2011 5:22 PM, Brian Desmond wrote:
> *You don’t need to do either of the first two. Worst case just bounce
> the box when you’re done.*

So .. just change the IP address in the NIC properties of this DC
(including changing the DNS server settings to point to the new IP
address you are using for this DC), and just reboot?

(since this is an isolated lab, this DC is the only DNS server in the
domain, so I have to set the DNS settings of the NIC to point to itself)

I don't understand how to set the secondary IP address, as ASB suggests.

> 
> * *
> 
> *Thanks,*
> 
> *Brian Desmond*
> 
> *br...@briandesmond.com* **
> 
> * *
> 
> *c   – 312.731.3132*
> 
> * *
> 
> *From:*Andrew S. Baker [mailto:asbz...@gmail.com]
> *Sent:* Wednesday, June 01, 2011 3:59 PM
> *To:* NT System Admin Issues
> *Subject:* Re: How to change IP address of a DC/DNS server?
> 
>  
> 
> You will want to do at least the following:
> 
> * Create new A records for the DCs using the new IPs
> * Create new reverse entries for the DCs
> * Ensure that your DNS service is listening on the new IP
> 
> I usually change the IP address on each box, making the old IP the
> secondary IP, then reboot.   After going through all the DCs in this
> fashion, I make the bulleted changes above, one at at time, and then
> remove the old IP.
> 
>  
> 
> You can do it all at once, but I find the two-step approach more
> appealing for me. 
> 
>  
> 
> *ASB *(Professional Bio )
> *Harnessing the Advantages of Technology for the SMB market...**
> *
> * *
> 
> 
> 
> On Wed, Jun 1, 2011 at 4:44 PM, Mike Leone  > wrote:
> 
> I need to change the static IP of a couple of my DCs (which of course
> are DNS servers, too). Searching around, it seems that I should just be
> able to change the static IP address the same way you change any Windows
> static IP.
> 
> Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME
> records". And I still find references to the old IP address in DNS.
> 
> So what do I need to do, to change the IP address? Is there some special
> set of step-by-steps that I just haven't found?
> 
> (I am setting up a lab version of my domains, so I want these 2 DCs to
> be on a completely different number private subnet .. even tho they are
> on a virtual switch which completely isolates them from the production
> LANs, I want to make doubly sure ...)
> 
> Thanks for any help
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> 
> with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> 
> with the body: unsubscribe ntsysadmin
> 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: How to change IP address of a DC/DNS server?

[Mike Leone]

On 6/1/2011 5:12 PM, John Aldrich wrote:
> Umm... when you say " I should just be able to change the static IP address
> the same way you change any Windows
> static IP" are you meaning going into the NIC properties and changing them
> there? 

Correct.



To change the static IP address of a domain controller
Log on locally to the domain controller whose IP address you want to change.

Click Start, point to Administrative Tools, click Server Manager, and
then click View Network Connections.

In the Network Connections dialog box, right-click the appropriate
connection, and then click Properties.

In the Connection Properties dialog box, double-click Internet Protocol
Version 4 (TCP/IPv4) or Internet Protocol Version 6 (TCP/IPv6).

In IP address, type the new address.

In Subnet mask, type the new subnet mask if it has changed.

In Default gateway, type the new default gateway.

In Preferred DNS server, type the address of the Domain Name System
(DNS) server that this computer contacts if it has changed.

In Alternate DNS server, type the address of the DNS server that this
computer contacts if the preferred server is unavailable.

If this domain controller uses WINS servers, click Advanced, and then,
in the Advanced TCP/IP Settings dialog box, click the WINS tab.

If an address in the list is no longer appropriate, click the address,
and then click Edit.

In the TCP/IP WINS Server dialog box, type the new address, and then
click OK.

> What about the DNS records, I'm no expert, but wouldn't you want to
> update those as well or is that what you mean by "change any Windows static
> IP"???

>From what that webpage I linked above seems to indicate, the DNS server
should (mostly) update itself (besides Forwarders and DNS delegation).

> Maybe I ought to keep my mouth shut as I really have no idea what I'm
> talking about, but it seems as if you might want to update DNS as well,
> especially if these are DNS servers. :)

They are DNS servers, yes.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: How to change IP address of a DC/DNS server?

[Brian Desmond]

Dynamic registration will take care of this. 

Thanks,
Brian Desmond
br...@briandesmond.com

c   - 312.731.3132


-Original Message-
From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] 
Sent: Wednesday, June 01, 2011 4:13 PM
To: NT System Admin Issues
Subject: RE: How to change IP address of a DC/DNS server?

Umm... when you say " I should just be able to change the static IP address the 
same way you change any Windows static IP" are you meaning going into the NIC 
properties and changing them there? What about the DNS records, I'm no expert, 
but wouldn't you want to update those as well or is that what you mean by 
"change any Windows static IP"???

Maybe I ought to keep my mouth shut as I really have no idea what I'm talking 
about, but it seems as if you might want to update DNS as well, especially if 
these are DNS servers. :)




-Original Message-
From: Mike Leone [mailto:oozerd...@gmail.com]
Sent: Wednesday, June 01, 2011 4:45 PM
To: NT System Admin Issues
Subject: How to change IP address of a DC/DNS server?

I need to change the static IP of a couple of my DCs (which of course are DNS 
servers, too). Searching around, it seems that I should just be able to change 
the static IP address the same way you change any Windows static IP.

Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME records". 
And I still find references to the old IP address in DNS.

So what do I need to do, to change the IP address? Is there some special set of 
step-by-steps that I just haven't found?

(I am setting up a lab version of my domains, so I want these 2 DCs to be on a 
completely different number private subnet .. even tho they are on a virtual 
switch which completely isolates them from the production LANs, I want to make 
doubly sure ...)

Thanks for any help

~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: How to change IP address of a DC/DNS server?

[Brian Desmond]

You don't need to do either of the first two. Worst case just bounce the box 
when you're done.

Thanks,
Brian Desmond
br...@briandesmond.com

c   - 312.731.3132

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Wednesday, June 01, 2011 3:59 PM
To: NT System Admin Issues
Subject: Re: How to change IP address of a DC/DNS server?

You will want to do at least the following:

  *   Create new A records for the DCs using the new IPs
  *   Create new reverse entries for the DCs
  *   Ensure that your DNS service is listening on the new IP
I usually change the IP address on each box, making the old IP the secondary 
IP, then reboot.   After going through all the DCs in this fashion, I make the 
bulleted changes above, one at at time, and then remove the old IP.

You can do it all at once, but I find the two-step approach more appealing for 
me.



ASB (Professional Bio)
Harnessing the Advantages of Technology for the SMB market...




On Wed, Jun 1, 2011 at 4:44 PM, Mike Leone 
mailto:oozerd...@gmail.com>> wrote:
I need to change the static IP of a couple of my DCs (which of course
are DNS servers, too). Searching around, it seems that I should just be
able to change the static IP address the same way you change any Windows
static IP.

Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME
records". And I still find references to the old IP address in DNS.

So what do I need to do, to change the IP address? Is there some special
set of step-by-steps that I just haven't found?

(I am setting up a lab version of my domains, so I want these 2 DCs to
be on a completely different number private subnet .. even tho they are
on a virtual switch which completely isolates them from the production
LANs, I want to make doubly sure ...)

Thanks for any help

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: How to change IP address of a DC/DNS server?

[John Aldrich]

Umm... when you say " I should just be able to change the static IP address
the same way you change any Windows
static IP" are you meaning going into the NIC properties and changing them
there? What about the DNS records, I'm no expert, but wouldn't you want to
update those as well or is that what you mean by "change any Windows static
IP"???

Maybe I ought to keep my mouth shut as I really have no idea what I'm
talking about, but it seems as if you might want to update DNS as well,
especially if these are DNS servers. :)




-Original Message-
From: Mike Leone [mailto:oozerd...@gmail.com] 
Sent: Wednesday, June 01, 2011 4:45 PM
To: NT System Admin Issues
Subject: How to change IP address of a DC/DNS server?

I need to change the static IP of a couple of my DCs (which of course
are DNS servers, too). Searching around, it seems that I should just be
able to change the static IP address the same way you change any Windows
static IP.

Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME
records". And I still find references to the old IP address in DNS.

So what do I need to do, to change the IP address? Is there some special
set of step-by-steps that I just haven't found?

(I am setting up a lab version of my domains, so I want these 2 DCs to
be on a completely different number private subnet .. even tho they are
on a virtual switch which completely isolates them from the production
LANs, I want to make doubly sure ...)

Thanks for any help

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: How to change IP address of a DC/DNS server?

[Andrew S. Baker]

You will want to do at least the following:

   - Create new A records for the DCs using the new IPs
   - Create new reverse entries for the DCs
   - Ensure that your DNS service is listening on the new IP

I usually change the IP address on each box, making the old IP the secondary
IP, then reboot.   After going through all the DCs in this fashion, I make
the bulleted changes above, one at at time, and then remove the old IP.

You can do it all at once, but I find the two-step approach more appealing
for me.



*ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, Jun 1, 2011 at 4:44 PM, Mike Leone  wrote:

> I need to change the static IP of a couple of my DCs (which of course
> are DNS servers, too). Searching around, it seems that I should just be
> able to change the static IP address the same way you change any Windows
> static IP.
>
> Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME
> records". And I still find references to the old IP address in DNS.
>
> So what do I need to do, to change the IP address? Is there some special
> set of step-by-steps that I just haven't found?
>
> (I am setting up a lab version of my domains, so I want these 2 DCs to
> be on a completely different number private subnet .. even tho they are
> on a virtual switch which completely isolates them from the production
> LANs, I want to make doubly sure ...)
>
> Thanks for any help
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

How to change IP address of a DC/DNS server?

[Mike Leone]

I need to change the static IP of a couple of my DCs (which of course
are DNS servers, too). Searching around, it seems that I should just be
able to change the static IP address the same way you change any Windows
static IP.

Yet when I do that, my DNS breaks. dnslint reports "No matching CNAME
records". And I still find references to the old IP address in DNS.

So what do I need to do, to change the IP address? Is there some special
set of step-by-steps that I just haven't found?

(I am setting up a lab version of my domains, so I want these 2 DCs to
be on a completely different number private subnet .. even tho they are
on a virtual switch which completely isolates them from the production
LANs, I want to make doubly sure ...)

Thanks for any help

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: VM's in AD

[Kim Longenbaugh]

We're virtually all virtual, and our VMs are managed the same as the few 
physical Windows server we have.

From: Ziots, Edward [mailto:ezi...@lifespan.org]
Sent: Wednesday, June 01, 2011 3:27 PM
To: NT System Admin Issues
Subject: RE: VM's in AD

We are about 60-70% Virtual, and heading towards a goal of 90% + Virtual in the 
near future.

Z

Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505

From: Andrew S. Baker [mailto:asbz...@gmail.com]
Sent: Wednesday, June 01, 2011 2:12 PM
To: NT System Admin Issues
Subject: Re: VM's in AD

No, we treat VMs very similarly to physical systems for the most part...

About 20% of our production environment and 50% of our development environment 
is virtual.



ASB (Professional Bio)
Harnessing the Advantages of Technology for the SMB market...



On Wed, Jun 1, 2011 at 12:05 PM, David Lum 
mailto:david@nwea.org>> wrote:
Do you guys treat VM's any differently than a physical machine? In my 
environment we are starting to get several of our Mac developers having WinOS 
VM's running on them.
David Lum
Systems Engineer // NWEATM
Office 503.548.5229 // Mobile 503.267.9764




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: VM's in AD

[Ziots, Edward]

We are about 60-70% Virtual, and heading towards a goal of 90% + Virtual
in the near future. 

 

Z

 

Edward E. Ziots

CISSP, Network +, Security +

Security Engineer

Lifespan Organization

Email:ezi...@lifespan.org

Cell:401-639-3505

 

From: Andrew S. Baker [mailto:asbz...@gmail.com] 
Sent: Wednesday, June 01, 2011 2:12 PM
To: NT System Admin Issues
Subject: Re: VM's in AD

 

No, we treat VMs very similarly to physical systems for the most part...

 

About 20% of our production environment and 50% of our development
environment is virtual.


 

ASB (Professional Bio  ) 
Harnessing the Advantages of Technology for the SMB market...

 





On Wed, Jun 1, 2011 at 12:05 PM, David Lum  wrote:

Do you guys treat VM's any differently than a physical machine? In my
environment we are starting to get several of our Mac developers having
WinOS VM's running on them.

David Lum 
Systems Engineer // NWEATM
Office 503.548.5229 // Mobile 503.267.9764

 

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Importing VM HELP!

[Andrew S. Baker]

*>>If needed, can I do a standing upgrade of a production server from
Windows 2008 to R2 without causing a bunch of issues, I could always do that
this evening after hours.*

2008 R2 is 64-bit only.  If your 2008 instance is 64-bit, then the answer is
"yes".  I've done it a half-dozen times or so.



*ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, Jun 1, 2011 at 2:13 PM, James Kerr  wrote:

> I can't find anything about this with Google. If needed, can I do a
> standing upgrade of a production server from Windows 2008 to R2 without
> causing a bunch of issues, I could always do that this evening after hours.
>
> On Wed, Jun 1, 2011 at 1:41 PM, James Kerr  wrote:
>
>> I'm having trouble importing a VM created and exported on a machine
>> running 2008R2 to a machine running 2008. Do I need to upgrade Hyper-V
>> manager on the 2008 machine or something? Of course this is a matter of
>> utmost urgency.
>>
>> James
>>
>>
>>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: VM's in AD

[John Leto]

We run a production MS SQL DB at just over 300gb on a VM just fine. The key is 
making sure that you have the proper hardware.
We've ran this for over a year just fine.

-Original Message-
From: Mike Leone [mailto:oozerd...@gmail.com] 
Sent: Wednesday, June 01, 2011 2:43 PM
To: NT System Admin Issues
Subject: Re: VM's in AD

On 6/1/2011 3:35 PM, Joseph Heaton wrote:
> We're about 95% virtualized here.  The only things that aren't 
> virtual, really, are our SQL boxes.

Yeah, we rarely, if ever, run SQL on virtual boxes. Except for really small 
DBs, maybe. And certainly not the larger production DBs, which are up around 
the 300G mark these days ...


~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[Mike Leone]

On 6/1/2011 3:35 PM, Joseph Heaton wrote:
> We're about 95% virtualized here.  The only things that aren't virtual,
> really, are our SQL boxes.

Yeah, we rarely, if ever, run SQL on virtual boxes. Except for really
small DBs, maybe. And certainly not the larger production DBs, which are
up around the 300G mark these days ...


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[Joseph Heaton]

We're about 95% virtualized here.  The only things that aren't virtual,
really, are our SQL boxes.

>>> "Andrew S. Baker"  6/1/2011 11:12 AM >>>
No, we treat VMs very similarly to physical systems for the most
part...

About 20% of our production environment and 50% of our development
environment is virtual.



 *ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, Jun 1, 2011 at 12:05 PM, David Lum  wrote:

> Do you guys treat VM’s any differently than a physical machine? In
my
> environment we are starting to get several of our Mac developers
having
> WinOS VM’s running on them.
>
> *David Lum*
> Systems Engineer // NWEATM
> Office 503.548.5229 //* *Mobile 503.267.9764
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/ 
or send an email to listmana...@lyris.sunbeltsoftware.com 
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862 - SOLVED

[Miller Bonnie L .]

Whew--glad it's all working for you!

-Original Message-
From: Mike Leone [mailto:oozerd...@gmail.com] 
Sent: Wednesday, June 01, 2011 12:05 PM
To: NT System Admin Issues
Subject: Re: DC fails "VerifyReferences" after cleaning up removed DCs - 
Q312862 - SOLVED

Got it! We were using an old version of DCDIAG (dated 2007-02-17, file
version 5.2.3790.3959), that I guess was installed from a Win2003
Support Tools pack. When I run the DCDIAG dated 2010-11-20, file version
6.1.7601.17514, in the \WINDOWS\SYSTEM32 folder, everything works and
all tests pass.

So it was all a false alarm. Production is fine (and the other 2 DCs
only had the later version of this tool, not the older one, which was
why they showed no errors). And my cloned DCsare all passing their tests
now, too.

So I think I am ready to go!

Thanks for the help.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862 - SOLVED

[Mike Leone]

Got it! We were using an old version of DCDIAG (dated 2007-02-17, file
version 5.2.3790.3959), that I guess was installed from a Win2003
Support Tools pack. When I run the DCDIAG dated 2010-11-20, file version
6.1.7601.17514, in the \WINDOWS\SYSTEM32 folder, everything works and
all tests pass.

So it was all a false alarm. Production is fine (and the other 2 DCs
only had the later version of this tool, not the older one, which was
why they showed no errors). And my cloned DCsare all passing their tests
now, too.

So I think I am ready to go!

Thanks for the help.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[Steven Peck]

We're about 80% virtual.

On Wed, Jun 1, 2011 at 11:12 AM, Andrew S. Baker  wrote:

> No, we treat VMs very similarly to physical systems for the most part...
>
> About 20% of our production environment and 50% of our development
> environment is virtual.
>
>
>
>  *ASB *(Professional Bio )
>  *Harnessing the Advantages of Technology for the SMB market...
>
>  *
>
>
>
> On Wed, Jun 1, 2011 at 12:05 PM, David Lum  wrote:
>
>> Do you guys treat VM’s any differently than a physical machine? In my
>> environment we are starting to get several of our Mac developers having
>> WinOS VM’s running on them.
>>
>> *David Lum*
>> Systems Engineer // NWEATM
>> Office 503.548.5229 //* *Mobile 503.267.9764
>>
>>
>>
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862

[Mike Leone]

On 6/1/2011 2:11 PM, Miller Bonnie L. wrote:
> I hadn't seen your second reply before sending, but have you ever removed a 
> DC from your production domain?  You might have a lingering object somewhere.

We've removed DCs before, sure. But they've all been graceful removals,
with DCPROMO. (for example, when we upgraded from AD 2003 to 2008, we
did it by adding a new 2008 machine, and then installing AD onto it.
Later, we removed this temporary DC.

And I don't see any DC references anyway (using ADSIedit) except the
current ones. In fact, I see the problematic DC listed under the
DFSR-Global Settings (as it should).

When I run DCDIAG on DC #1, pointing at DC #3 (the one showing the
error), it does not show the error. It knows it's supposed to use DFSR,
and not NTFRS.

It's only when I run DCDIAG *on* DC #3 that I see that error. Not when I
run DCDIAG on #1 or #2, and not when I do a DCDIAG /S "DC #3" from DC #1
or DC #2.

Time to try the classic MS fix ... a reboot. :-) We'll run Windows
Updates, and bounce the box, and see what happens ...

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862

[Miller Bonnie L .]

I hadn't seen your second reply before sending, but have you ever removed a DC 
from your production domain?  You might have a lingering object somewhere.

-Original Message-
From: Mike Leone [mailto:oozerd...@gmail.com] 
Sent: Wednesday, June 01, 2011 10:44 AM
To: NT System Admin Issues
Subject: Re: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862

On 6/1/2011 1:11 PM, Miller Bonnie L. wrote:
> Sounds like you just have some extra NTFRS or DFS replication objects that 
> have been missed--take a look at http://support.microsoft.com/kb/216498.
> 
> -Bonnie

Well, I'm seeing this error in my production domain, too (see my later
message). So this procedure for removing orphaned DCs has not been run
on the production domain, so I don't know how it could miss something I
haven't told it to do. :-)

But I'll go looking, anyway. Thanks.

> 
> -Original Message-
> From: Mike Leone [mailto:oozerd...@gmail.com] 
> Sent: Wednesday, June 01, 2011 9:57 AM
> To: NT System Admin Issues
> Subject: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862
> 
> OK. I have a Win2008 AD in a parent/child configuration. I am trying to
> set up a "testing" version of it, using VMware. (I have a VM DC of both
> the parent and child domains). We want a lab version of our domain, to
> test proposed changes to OUs, GPOs, etc.
> 
> So I cloned both DCs, and set them on a private vswitch that is assigned
> to no physical adapters (so the only things they could talk to was each
> other).
> 
> I went and seized roles, and they seized fine (using
> . In the parent I seized all 5
> roles, and on the child I seized the 3 roles for the child (PDC, RID,
> Infrastructure).
> 
> I then went to clean up the metadata (<
> http://technet.microsoft.com/en-us/library/cc816907(WS.10).aspx>). I
> deleted the 2 missing DCs in the parent domain from AD U&C, and also the
> same 2 server objects from that site in Sites and Services. All seemed fine.
> 
> In the child DC, I deleted the 5 missing DCs there the same way. Again,
> all seemed fine.
> 
> I cleaned up DNS by deleting every record I could find that mentioned
> the missing DCs - removed them form the Nameservers tab on each zone
> name (including reverses), and every record in all the sub-areas -
> _msdcs, _sites, _tcp, _udp, DomainDnsZones, ForestDnsZones. Did the same
> on the child DC.
> 
> DNSLint came up clean. DCDiag did not ...
> 
> parent DC: says  service "NtFrs is stopped". It also says that it has
> problems in "VerifyRefernces". The system object references
> (serverRefernce) and backlink are correct. Says there is a Missing
> Expected Value in the object "SYSVOL FRS Member Object:, and to see
> Q312862. Same message for "VerifyEnterpriseReferences".
> 
> And I don't understand Q312862 at all. :-(
> 
> 
> I am not seeing Event ID: 13562 in the logs."ntfrsutl ds computer" comes up
> 
> ERROR - Cannot bind w/authentication to computer, computer; 06ba (1722)
> ERROR - Cannot bind w/o authentication to computer, computer; 06ba
> (1722)
> ERROR - Cannot RPC to computer, computer; 06ba (1722)
> 
> I can't "net start ntfrs"; says it's disabled or has no enabled devices.
> 
> So: what did I do wrong? How can I fix it? The MS KB is making no sense
> to me, and I'm not seeing what it describes.
> 
> And would it be easier to start over, but this time don't do $WHATEVER
> BAD THING I DID LAST TIME$?
> 
> 
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Importing VM HELP!

[James Kerr]

I can't find anything about this with Google. If needed, can I do a standing
upgrade of a production server from Windows 2008 to R2 without causing a
bunch of issues, I could always do that this evening after hours.

On Wed, Jun 1, 2011 at 1:41 PM, James Kerr  wrote:

> I'm having trouble importing a VM created and exported on a machine running
> 2008R2 to a machine running 2008. Do I need to upgrade Hyper-V manager on
> the 2008 machine or something? Of course this is a matter of utmost urgency.
>
> James
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[Andrew S. Baker]

No, we treat VMs very similarly to physical systems for the most part...

About 20% of our production environment and 50% of our development
environment is virtual.



 *ASB *(Professional Bio )
 *Harnessing the Advantages of Technology for the SMB market...

 *



On Wed, Jun 1, 2011 at 12:05 PM, David Lum  wrote:

> Do you guys treat VM’s any differently than a physical machine? In my
> environment we are starting to get several of our Mac developers having
> WinOS VM’s running on them.
>
> *David Lum*
> Systems Engineer // NWEATM
> Office 503.548.5229 //* *Mobile 503.267.9764
>
>
>
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[Steven Peck]

We have a few hundred in virtual environments.  We do not name them
differently and treat them the same pretty muh.

On Wed, Jun 1, 2011 at 10:08 AM, Mike Leone  wrote:

> On 6/1/2011 12:05 PM, David Lum wrote:
> > Do you guys treat VM’s any differently than a physical machine? In my
> > environment we are starting to get several of our Mac developers having
> > WinOS VM’s running on them.
>
> No. In fact, I have 2 DCs that are VMs in VMware ESX 4.1.
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862

[Mike Leone]

On 6/1/2011 1:11 PM, Miller Bonnie L. wrote:
> Sounds like you just have some extra NTFRS or DFS replication objects that 
> have been missed--take a look at http://support.microsoft.com/kb/216498.
> 
> -Bonnie

Well, I'm seeing this error in my production domain, too (see my later
message). So this procedure for removing orphaned DCs has not been run
on the production domain, so I don't know how it could miss something I
haven't told it to do. :-)

But I'll go looking, anyway. Thanks.

> 
> -Original Message-
> From: Mike Leone [mailto:oozerd...@gmail.com] 
> Sent: Wednesday, June 01, 2011 9:57 AM
> To: NT System Admin Issues
> Subject: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862
> 
> OK. I have a Win2008 AD in a parent/child configuration. I am trying to
> set up a "testing" version of it, using VMware. (I have a VM DC of both
> the parent and child domains). We want a lab version of our domain, to
> test proposed changes to OUs, GPOs, etc.
> 
> So I cloned both DCs, and set them on a private vswitch that is assigned
> to no physical adapters (so the only things they could talk to was each
> other).
> 
> I went and seized roles, and they seized fine (using
> . In the parent I seized all 5
> roles, and on the child I seized the 3 roles for the child (PDC, RID,
> Infrastructure).
> 
> I then went to clean up the metadata (<
> http://technet.microsoft.com/en-us/library/cc816907(WS.10).aspx>). I
> deleted the 2 missing DCs in the parent domain from AD U&C, and also the
> same 2 server objects from that site in Sites and Services. All seemed fine.
> 
> In the child DC, I deleted the 5 missing DCs there the same way. Again,
> all seemed fine.
> 
> I cleaned up DNS by deleting every record I could find that mentioned
> the missing DCs - removed them form the Nameservers tab on each zone
> name (including reverses), and every record in all the sub-areas -
> _msdcs, _sites, _tcp, _udp, DomainDnsZones, ForestDnsZones. Did the same
> on the child DC.
> 
> DNSLint came up clean. DCDiag did not ...
> 
> parent DC: says  service "NtFrs is stopped". It also says that it has
> problems in "VerifyRefernces". The system object references
> (serverRefernce) and backlink are correct. Says there is a Missing
> Expected Value in the object "SYSVOL FRS Member Object:, and to see
> Q312862. Same message for "VerifyEnterpriseReferences".
> 
> And I don't understand Q312862 at all. :-(
> 
> 
> I am not seeing Event ID: 13562 in the logs."ntfrsutl ds computer" comes up
> 
> ERROR - Cannot bind w/authentication to computer, computer; 06ba (1722)
> ERROR - Cannot bind w/o authentication to computer, computer; 06ba
> (1722)
> ERROR - Cannot RPC to computer, computer; 06ba (1722)
> 
> I can't "net start ntfrs"; says it's disabled or has no enabled devices.
> 
> So: what did I do wrong? How can I fix it? The MS KB is making no sense
> to me, and I'm not seeing what it describes.
> 
> And would it be easier to start over, but this time don't do $WHATEVER
> BAD THING I DID LAST TIME$?
> 
> 
> 
> 
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
> 
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
> 


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Importing VM

[James Kerr]

I'm having trouble importing a VM created and exported on a machine running
2008R2 to a machine running 2008. Do I need to upgrade Hyper-V manager on
the 2008 machine or something? Of course this is a matter of utmost urgency.

James

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862

[Miller Bonnie L .]

Sounds like you just have some extra NTFRS or DFS replication objects that have 
been missed--take a look at http://support.microsoft.com/kb/216498.

-Bonnie

-Original Message-
From: Mike Leone [mailto:oozerd...@gmail.com] 
Sent: Wednesday, June 01, 2011 9:57 AM
To: NT System Admin Issues
Subject: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862

OK. I have a Win2008 AD in a parent/child configuration. I am trying to
set up a "testing" version of it, using VMware. (I have a VM DC of both
the parent and child domains). We want a lab version of our domain, to
test proposed changes to OUs, GPOs, etc.

So I cloned both DCs, and set them on a private vswitch that is assigned
to no physical adapters (so the only things they could talk to was each
other).

I went and seized roles, and they seized fine (using
. In the parent I seized all 5
roles, and on the child I seized the 3 roles for the child (PDC, RID,
Infrastructure).

I then went to clean up the metadata (<
http://technet.microsoft.com/en-us/library/cc816907(WS.10).aspx>). I
deleted the 2 missing DCs in the parent domain from AD U&C, and also the
same 2 server objects from that site in Sites and Services. All seemed fine.

In the child DC, I deleted the 5 missing DCs there the same way. Again,
all seemed fine.

I cleaned up DNS by deleting every record I could find that mentioned
the missing DCs - removed them form the Nameservers tab on each zone
name (including reverses), and every record in all the sub-areas -
_msdcs, _sites, _tcp, _udp, DomainDnsZones, ForestDnsZones. Did the same
on the child DC.

DNSLint came up clean. DCDiag did not ...

parent DC: says  service "NtFrs is stopped". It also says that it has
problems in "VerifyRefernces". The system object references
(serverRefernce) and backlink are correct. Says there is a Missing
Expected Value in the object "SYSVOL FRS Member Object:, and to see
Q312862. Same message for "VerifyEnterpriseReferences".

And I don't understand Q312862 at all. :-(


I am not seeing Event ID: 13562 in the logs."ntfrsutl ds computer" comes up

ERROR - Cannot bind w/authentication to computer, computer; 06ba (1722)
ERROR - Cannot bind w/o authentication to computer, computer; 06ba
(1722)
ERROR - Cannot RPC to computer, computer; 06ba (1722)

I can't "net start ntfrs"; says it's disabled or has no enabled devices.

So: what did I do wrong? How can I fix it? The MS KB is making no sense
to me, and I'm not seeing what it describes.

And would it be easier to start over, but this time don't do $WHATEVER
BAD THING I DID LAST TIME$?





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[Mike Leone]

On 6/1/2011 12:05 PM, David Lum wrote:
> Do you guys treat VM’s any differently than a physical machine? In my
> environment we are starting to get several of our Mac developers having
> WinOS VM’s running on them.

No. In fact, I have 2 DCs that are VMs in VMware ESX 4.1.


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: DC fails "VerifyReferences" after cleaning up removed DCs - Q312862 - MORE

[Mike Leone]

OK. I just found out that I have this error in my production domain.
(so at least that means I didn't screw up my cleanup). I did a "DCDIAG
/C /V" on the production parent DC, and got the same error). We use DFS
replication now (I'm told); perhaps that's why this test fails?

SO:

> parent DC: says  service "NtFrs is stopped". It also says that it has
> problems in "VerifyRefernces". The system object references
> (serverRefernce) and backlink are correct. Says there is a Missing
> Expected Value in the object "SYSVOL FRS Member Object:, and to see
> Q312862. Same message for "VerifyEnterpriseReferences".
> 
> And I don't understand Q312862 at all. :-(
> 
> 
> I am not seeing Event ID: 13562 in the logs."ntfrsutl ds computer" comes up
> 
> ERROR - Cannot bind w/authentication to computer, computer; 06ba (1722)
> ERROR - Cannot bind w/o authentication to computer, computer; 06ba
> (1722)
> ERROR - Cannot RPC to computer, computer; 06ba (1722)
> 
> I can't "net start ntfrs"; says it's disabled or has no enabled devices.
> 
> So: How can I fix it? The MS KB is making no sense
> to me, and I'm not seeing what it describes.
> 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Extending 2003r2 domain to 2008r2

[Damien Solodow]

I've done ours; schema is 2008 R2 + Exchange 2010 but all the DCs are 2003.
No issues at this stage.
--
Sent using BlackBerry


From: Senter, John [mailto:john.sen...@etrade.com]
Sent: Wednesday, June 01, 2011 01:02 PM
To: NT System Admin Issues 
Subject: Extending 2003r2 domain to 2008r2

We are currently running 2003r2 domain controllers and the company is wanting 
to be able to upload user pictures so they appear in Outlook 2010.  One of the 
requirements is to extend the schema to 2008/2008r2.  We have a ways to go 
before we can put up any 2008 domain controllers because of some older apps 
that may not work well.  So the question is has anyone done the forestprep to 
extend the schema to 2008, but not bring up any 2008 domain controllers?  If 
so, any issues short term or long term?

Thanks
js


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to 
listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

DC fails "VerifyReferences" after cleaning up removed DCs - Q312862

[Mike Leone]

OK. I have a Win2008 AD in a parent/child configuration. I am trying to
set up a "testing" version of it, using VMware. (I have a VM DC of both
the parent and child domains). We want a lab version of our domain, to
test proposed changes to OUs, GPOs, etc.

So I cloned both DCs, and set them on a private vswitch that is assigned
to no physical adapters (so the only things they could talk to was each
other).

I went and seized roles, and they seized fine (using
. In the parent I seized all 5
roles, and on the child I seized the 3 roles for the child (PDC, RID,
Infrastructure).

I then went to clean up the metadata (<
http://technet.microsoft.com/en-us/library/cc816907(WS.10).aspx>). I
deleted the 2 missing DCs in the parent domain from AD U&C, and also the
same 2 server objects from that site in Sites and Services. All seemed fine.

In the child DC, I deleted the 5 missing DCs there the same way. Again,
all seemed fine.

I cleaned up DNS by deleting every record I could find that mentioned
the missing DCs - removed them form the Nameservers tab on each zone
name (including reverses), and every record in all the sub-areas -
_msdcs, _sites, _tcp, _udp, DomainDnsZones, ForestDnsZones. Did the same
on the child DC.

DNSLint came up clean. DCDiag did not ...

parent DC: says  service "NtFrs is stopped". It also says that it has
problems in "VerifyRefernces". The system object references
(serverRefernce) and backlink are correct. Says there is a Missing
Expected Value in the object "SYSVOL FRS Member Object:, and to see
Q312862. Same message for "VerifyEnterpriseReferences".

And I don't understand Q312862 at all. :-(


I am not seeing Event ID: 13562 in the logs."ntfrsutl ds computer" comes up

ERROR - Cannot bind w/authentication to computer, computer; 06ba (1722)
ERROR - Cannot bind w/o authentication to computer, computer; 06ba
(1722)
ERROR - Cannot RPC to computer, computer; 06ba (1722)

I can't "net start ntfrs"; says it's disabled or has no enabled devices.

So: what did I do wrong? How can I fix it? The MS KB is making no sense
to me, and I'm not seeing what it describes.

And would it be easier to start over, but this time don't do $WHATEVER
BAD THING I DID LAST TIME$?





~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[S Powell]

Our hardware machines are identified by their property tag # our VMs are
named after characters in Lord of the Rings.




-
Who'd you rather be, the Beatles or the Rolling Stones?


On Wed, Jun 1, 2011 at 09:16, Sam Cayze  wrote:

> Since they are not servers per se, I just label them appropriately via
> prefixing the computer name by ‘VM-‘ (Since all my physical computers name
> are the serial numbers).
>
> If I had a lot, I’d probably dump them in their own OU.
>
>
>
> Other than that, they get all the same GPs and WSUS settings as physical
> machines.
>
>
>
> Sam
>
>
>
> *From:* David Lum [mailto:david@nwea.org]
> *Sent:* Wednesday, June 01, 2011 11:06 AM
> *To:* NT System Admin Issues
> *Subject:* VM's in AD
>
>
>
> Do you guys treat VM’s any differently than a physical machine? In my
> environment we are starting to get several of our Mac developers having
> WinOS VM’s running on them.
>
> *David Lum*
> Systems Engineer // NWEATM
> Office 503.548.5229 //* *Mobile 503.267.9764
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: VM's in AD

[Sam Cayze]

Since they are not servers per se, I just label them appropriately via
prefixing the computer name by 'VM-' (Since all my physical computers name
are the serial numbers).

If I had a lot, I'd probably dump them in their own OU.

 

Other than that, they get all the same GPs and WSUS settings as physical
machines.

 

Sam

 

From: David Lum [mailto:david@nwea.org] 
Sent: Wednesday, June 01, 2011 11:06 AM
To: NT System Admin Issues
Subject: VM's in AD

 

Do you guys treat VM's any differently than a physical machine? In my
environment we are starting to get several of our Mac developers having
WinOS VM's running on them.

David Lum 
Systems Engineer // NWEATM
Office 503.548.5229 // Mobile 503.267.9764

 

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: VM's in AD

[James Rankin]

Other than not requiring a hardware contract, they pretty much behave the
same, with the same management needs.

In order to keep VM sprawl down, it's sometimes necessary to implement
stricter commissioning procedures for new servers and workstations, and/or
restrict admin rights. I'm assuming your Mac developers know that Windows
VMs need antivirus, because we all know their Macs don't (or didn't) :-)

On 1 June 2011 17:05, David Lum  wrote:

> Do you guys treat VM’s any differently than a physical machine? In my
> environment we are starting to get several of our Mac developers having
> WinOS VM’s running on them.
>
> *David Lum*
> Systems Engineer // NWEATM
> Office 503.548.5229 //* *Mobile 503.267.9764
>
>
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>



-- 
"On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
the machine wrong figures, will the right answers come out?' I am not able
rightly to apprehend the kind of confusion of ideas that could provoke such
a question."

*IMPORTANT: The information in this email is CONFIDENTIAL. If its contents
are disclosed in any way my lawyers will swoop down from black helicopters
like Seal Team Six and drag you away with a black bag over your head. They
will then take you to a secret prison and make you fight to the death with
other people who dared to share this email. You will be given a large bowie
knife and a supply of methamphetamines while I watch the said deathmatch and
wager vast sums of money on who will be the winner. If the fight becomes
boring or there is a stalemate, I will release rabid dogs and my two-stone
cat into the arena to liven things up a bit. If these animals become in any
way docile, I will squirt them with water pistols until they become a bit
more temperamental.*

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Accessing multiple Exchange 2003 accounts

[Sam Cayze]

Or even the more simpler:  'Open other folder' option.  This way doesn't add
them to your folder list.

This doc highlights both methods quite nicely:
http://kb.iu.edu/data/agny.html

I'd still recommend my first method if the mailboxes are accessed
frequently.

 

Sam

 

 

 

From: Sam Cayze [mailto:sca...@gmail.com] 
Sent: Wednesday, June 01, 2011 10:06 AM
To: NT System Admin Issues
Subject: RE: Accessing multiple Exchange 2003 accounts

 

For all our employees, we have general purpose accounts added to our Outlook
profile and it doesn't cause any issues.  

It doesn't 'sync' them per se, and it doesn't even seem to query the folder
data until that folder is actually 'clicked' on, or viewed, in Outlook.
Therefore alleviating any slow Outlook startups.

 

Most of our users work offsite.

 

It's easy enough to test, I'd try it and I think you might be pleased.

 

-Sam

 

 

 

From: Eric Brouwer [mailto:ithelp.e...@gmail.com] 
Sent: Wednesday, June 01, 2011 9:12 AM
To: NT System Admin Issues
Subject: Accessing multiple Exchange 2003 accounts

 

Greetings!

We currently run Exchange 2003.  The owner of the company would like to be
able to access various mail accounts to review.  These are mainly our
general purpose mailboxes.  Currently he does this through OWA, but it's
clunky.  Is there a better way to access them?  He generally works off site,
and connects via VPN so I don't want to add all the accounts to his profile.
I fear this would be extremely slow on start up.  Is there a way to add
accounts to Outlook 2007 and sort of "view on demand"?  In other words, they
wouldn't sync data unless accessed?

Any other ideas?

Thank you,

Eric

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Accessing multiple Exchange 2003 accounts

[Sam Cayze]

For all our employees, we have general purpose accounts added to our Outlook
profile and it doesn't cause any issues.  

It doesn't 'sync' them per se, and it doesn't even seem to query the folder
data until that folder is actually 'clicked' on, or viewed, in Outlook.
Therefore alleviating any slow Outlook startups.

 

Most of our users work offsite.

 

It's easy enough to test, I'd try it and I think you might be pleased.

 

-Sam

 

 

 

From: Eric Brouwer [mailto:ithelp.e...@gmail.com] 
Sent: Wednesday, June 01, 2011 9:12 AM
To: NT System Admin Issues
Subject: Accessing multiple Exchange 2003 accounts

 

Greetings!

We currently run Exchange 2003.  The owner of the company would like to be
able to access various mail accounts to review.  These are mainly our
general purpose mailboxes.  Currently he does this through OWA, but it's
clunky.  Is there a better way to access them?  He generally works off site,
and connects via VPN so I don't want to add all the accounts to his profile.
I fear this would be extremely slow on start up.  Is there a way to add
accounts to Outlook 2007 and sort of "view on demand"?  In other words, they
wouldn't sync data unless accessed?

Any other ideas?

Thank you,

Eric

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RDP through ISA Array

[Jay Dale]

Hey all,

I have a client who is using 2 ISA 2006 servers in an array.  ISA 1 is for the 
internal clients with a subnet of 192.168.0.0 and ISA 2 is the external access 
with a WAN IP and DMZ.  The WAN IP is bound to the NIC along with a block of 
secondary IP's.  They use a web application that, upon clicking a hyperlink 
launches a window that in turn launches an RDP connection to one of the WAN 
links that then runs a Terminal Server application on a 2008 Enterprise server. 
 The problem they're having is that external users can run the application just 
fine, but users on the internal network can't RDP to the WAN address.  They say 
it used to work, but either a patch broke it or something has changed and they 
can no longer access it.  When they click on the hyperlink, a white window 
comes up and then the RDP warning window regarding using the Clipboard comes 
up, but then nothing.

I've tried RDP'ing directly to the WAN address from inside the network and it 
fails.  I try RDP'ing directly to the private IP that it's supposed to point to 
and it works fine.  I've looked in the ISA's and there is a policy that allows 
RDP listening on that WAN IP to forward to the right server, so settings-wise 
it appears to be right, but it doesn't work.  I haven't worked with ISA in 
years and I'm not sure where to go from here - I've tried disabling the RPC 
filter and such but to no avail.

Can anyone point me in the right direction?

Thanks,

Jay


Jay Dale
Senior Systems Administrator
Unetek, Inc.
Phone: 281.574.2414
Email:jd...@unetek.com

Confidentiality Notice: This e-mail, including any attached files, may contain 
confidential and/or privileged information for the sole use of the intended 
recipient. If you are not the intended recipient, you are hereby notified that 
any review, dissemination or copying of this e-mail and attachments, if any, or 
the information contained herein, is strictly prohibited. If you are not the 
intended recipient (or authorized to receive information for the intended 
recipient), please contact the sender by reply e-mail and delete all copies of 
this message.




~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Malware Heads Up targeted attacks Heads up

[Ziots, Edward]

Yeah seen the Fed Ex's already have those blackholed, I guess USPS was
on the list also. Had a few users that fell for the attack therefore had
to do a little bit of Incident Response yesterday (FUN FUN!)

Ran across another cool blog from Larry Zelster about PDF malware
analysis, that is very interesting. 

http://blog.zeltser.com/post/5567384219/online-tools-for-malicious-pdf-a
nalysis

Some good tools for Windows/Unix, to use to analyze threats in PDF's. 

Sincerely,
EZ


Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


-Original Message-
From: David Lum [mailto:david@nwea.org] 
Sent: Tuesday, May 31, 2011 5:57 PM
To: NT System Admin Issues
Subject: RE: Malware Heads Up targeted attacks Heads up

Old news dude, I've been seeing those for about a year, maybe more. Some
are UPS, other USPS, others FedEx.

Dave

-Original Message-
From: Ziots, Edward [mailto:ezi...@lifespan.org] 
Sent: Tuesday, May 31, 2011 11:15 AM
To: NT System Admin Issues
Subject: Malware Heads Up targeted attacks Heads up

Just seen this one today, (IE Don't click on the link)

This is the known bad webpage: 
http://www.usps.com.track05.com/shipping/trackandconfirm.php?navigation=
1&respLang=Eng&resp=493092049503922

IP Origin is: 2 IP Addresses, could be the start of a possible Fast Flux
Domain. 
> www.usps.com.track05.com

Non-authoritative answer:
Name:p8p.geo.mf0.yahoodns.net
Addresses:  67.195.145.141
  67.195.145.142
Aliases:  www.usps.com.track05.com

Hostname  p8p-a.geo.vip.sp1.yahoo.com ISP  Yahoo  
  Continent North America Flag   
  Country United States Country Code US (USA)  
  Region CaliforniaLocal time* 31 May 2011 11:10  
  Metropolis*  San Francisco-Oakland-San Jose Postal Code 94089  
  City Sunnyvale Latitude 37.4249  
  IP Address  67.195.145.141Longitude -122.0074  



Dear Customer, 

We attempted to deliver your item at 1:37 pm on May 30, 2011 and a
notice was left. You may arrange redelivery by clicking the link below
or pick up the item at the Post Office indicated on the notice. If this
item is unclaimed after 15 days then it will be returned to the sender. 

Label/Receipt Number: 0464 5675 5443 4424 3456
Expected Delivery Date: May 30, 2011
Class: Package Services
Service(s): Delivery Confirmation
Status: Notice Left 

To check on the delivery status of your mailing or arrange redelivery
please visit our website:
http://www.usps.com.track05.com/shipping/trackandconfirm.php?navigation=
1&respLang=Eng&resp=493092049503922 

Please make sure to print out your invoice in order to collect your
package at our Post Office:
http://www.usps.com.track05.com/shipping/invoice.php?navigation=1&respLa
ng=Eng&resp=39039194833849 

We're here to help. Call 1-800-ASK-USPS! 


Edward E. Ziots
CISSP, Network +, Security +
Security Engineer
Lifespan Organization
Email:ezi...@lifespan.org
Cell:401-639-3505


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here:
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin