can you do a backup of one of your existing DC's
and then DR it to a new (already offline) machine ??
G.
- Original Message -
From:
Simpsen,
Paul A. (HSC)
To: [EMAIL PROTECTED]
Sent: Friday, July 04, 2003 7:31 AM
Subject: [ActiveDir] Taking DC
Offline
Title: Message
Shouldn't be a problem. Just make sure the DC doesn't hold any FSMO roles
when you pull it. After that, use NTDSUTIL to clean up the metadata, and be sure
to delete the related DNS records as well. There are at least a couple of KB
articles on doing this. http://support.microso
Title: RE: [ActiveDir] Password Complexity
Cathy, thanks for confirming that I’m
not totally losing it! Roger was the one I was thinking of also. And Tony
thanks for your response.
Paul
-Original Message-
From: O'Brien, Cathy
[mailto:[EMAIL PROTECTED]
Sent: Monday, June 30
Our Security Director has requested that we build a
temporary DC for his group. They want to take it offline and audit the current
password complexity and strength. This DC will never return to the domain so I
will have to manually remove the replication connections in the NTDS settings
for
Title: Message
Yusuf-
With
respect to your Default Domain Policy problems, recopying the SYSVOL files
should have been enough if that's all that was damaged on your GPOs. Keep in
mind that a GPO has two parts--the part in SYSVOL and the part in AD under
\System\Policies. Its possible that th
Thanks Everyone for the great information. We have already begun patching
the systems as a result of the information from the list.
Todd Myrick
-Original Message-
From: Robert Moir [mailto:[EMAIL PROTECTED]
Sent: Thursday, July 03, 2003 8:53 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveD
All,
We are in the process of redefining our
Internet-enabled applications with a view to a centralised customer/client
database. There has been quite a bit of discussion regarding using AD as
this "customer store", since AD will already be in this
environment.
I'm a bit hesitant to rec
Title: Missing Sysvol and Netlogon
Yusuf,
Minimal time, so this will be quick - I'll let the other
good folks fill in more detail.
1. Domain Admin and above to delete the
files
2. It's one step in the process, but may not be
enough - it sure isn't going to hurt in a crisis
3. Lots of F
I'd certainly concur with the idea of using the hotfix before rushing
SP4 out of the door without the usual acceptance testing but it might be
worth remembering that someone who is posting from an educational
establishment is in an environment where malicious attacks from within
the network are not
Title: Message
I had
just manually recreated the contents of _msdcs and ran dnslint. It reported no
errors (even though the rest of the DNS entries were not completed). Ran netdiag
/v /fix /test:dns and same thing. Output of that command:
Gathering IPX configuration
information. Que
Title: Missing Sysvol and Netlogon
I am hoping that you guys could share some light on the following problem I encountered.
Doing my usual Administrative Task I had to disable an option in the Domain Policy and I experienced errors opening the policies.
Had a look at the "sysvol and netlog
Given that this vulnerability can generally only be exploited through malicious use
from *within* the network (at least for most organisations), you may want to hold off
on SP4. This will depend on your assessment of the threat in your environment. SP4
was only released last week and it is usu
I received notification about a vulnerability in AD this morning - details are at
http://support.microsoft.com/default.aspx?kbid=319709
It looks like the recommended fix is to upgrade my DCs to SP4.
I was planning to wait a lot longer before I inflict SP4 on any machines that I care
abou
To minimise impact, consider the following approach:
1. Upgrade the schema
2. Upgrade the Domain Naming Master
3. Upgrade a DC hosting no FSMO roles (or one hosting roles which can be unavailable
for a period of time e.g. RID master)
4. Move the PDC role to the DC upgraded in 3.
5. Upgrade th
14 matches
Mail list logo
