I think I'd create a web page which uses WMI to query the logs and
displays (say) the last half hour's data or asks for a username and then
shows the data relevant to that user - a quick google gives
http://www.eggheadcafe.com/articles/20010614a.asp which looks like a
good starting point.
Steve
Just wondering if anyone else has encountered this problem.
We have just installed a small external office with some new clients. They
authenticate with the AD across a 512Mb fixed line. There are the usual
encryption/firewall devices between the two sites.
When logging on in the office with an
When we were moving roles around recently for Windows 2003
upgrade we scripted:
netdom query /server:dcname fmso
to check consistency. As some roles are stored as attributes
on the schema and configuration containers changes (KB 223787)
may take longer to replicate than those stored as
First thoughts are:
-Roaming profiles aren't very quick ever, especially if the server storing
them is on a different network
-There could be a problem with the MTU sizes involved across the VPN
concentrators. Do a search on Technet for PMTU and see if you can set a
client's MTU size in the
On point two below, I will say that we have had a problem before. If a
script has an error and prompts for something (or just keeps trying a
task), it will do so until the timeout you have set for Group Policy
elapses. The default is set to 600 seconds (10 minutes), but we changed
ours to 6
Do you have ADSI in your logon scripts? We suffered with an issue where
the ADSI call in the logon script was forcing the Active Directory
sub-schema to be downloaded (approx 600KB in our case) at every logon.
This wouldn't explain 25 minute logon time but every little helps :-)
Paul Marsh
Actually make one change: netdom query /server:dcname fsmo
-Original Message-
From: Flight, L. [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 25, 2003 6:38 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DSQuery shows wrong DC as holding role
When we were moving roles around
I just ran this query:
Netdom query /server:dc1 fsmo
and
Netdom query /server:dc2 fsmo
Both show DC2 as the Infrastructure owner. My assumption now is that
there is something wrong with the version of DSQuery I have. I only say
this because every other tool suggested (netdom, adsiedit,
Probably the follow-up question to ask is when will the MUA (Outlook)
support Kerberos? That would help in a multi-domain impelementation :)
Al
-Original Message-
From: William Lefkovics [mailto:[EMAIL PROTECTED]
Sent: Wednesday, September 24, 2003 4:56 PM
To: [EMAIL PROTECTED]
I read something that Outlook 2003 will support kerberos authentication to
the Exchange 2003 servers. Is this true?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Thursday, September 25, 2003 9:45 AM
To: '[EMAIL PROTECTED]'
Subject: RE:
Yes.
- Original Message -
From: Chris Flesher [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Thursday, September 25, 2003 11:44 AM
Subject: RE: [ActiveDir] OT:Exchange 2000 and Kerberos
I read something that Outlook 2003 will support kerberos authentication to
the Exchange 2003
Title: Message
http://de.samba.org/samba/whatsnew/samba-3.0.0.html
Anyone try it out
yet?
Toddler
Title: Message
I just jumped on the SUS bandwagon, we
have also been using update expert but have a lot of laptops that go off the network
quite frequently. So I have setup SUS and its running fine, I would
like to use the option to just download and apply the patch no questions asked
and
Do the same users log on to both NT systems and windows 2000 systems?
If so I have seen the following problem create very long logons due to
profile problems - Q271518
Ken
-Original Message-
From: Darren Mar-Elia [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 25, 2003 1:38 PM
To:
Title: Bind or Microsoft DNS
Hi, we are planning the upgrade from NT to Win2k 2003. Currently we use Unix DNS, the question is should I keep it just make sure it supports NDR records or replace it with Microsoft DNS.
Any pros and cons?
Thanks,
Juan
Title: Bind or Microsoft DNS
If you are
planning on implementing AD, I would suggest using MS DNS. Just to save you a
few headaches.
On the other
hand, I have never heard of Win2k 2003, so I am talking out my ass here.
Thank you,
Mitchell
D. Lawrence
**Good|Cheap|Fast
(Pick
Title: Windows 2003 AD
Any issues with having a Windows 2003 child domain below a Windows 2000 root?
Title: Message
Here's what we
did (names changed to protect the guilty):
Our main DNS
domain is acme.com.
NT domain:
ACME
We dcpromo'd
creating forest/domain acme.acme.com. Now, our unix/bind DNS handles acme.com
and AD domain controllers handle acme.acme.com. The unix serveris a
Title: Message
Has to
support dynamic updates. Either MS DNS or Unixas long as supports
dynamic updates.
We use
Unix DNS on outside of firewall and MS DNS on inside.
My 2
cents.
Samantha
-Original Message-From: Juan Ibarra
[mailto:[EMAIL PROTECTED] Sent: Thursday,
Title: Message
OK. I
meant windows 2003 AD
-Original Message-From: Lawrence,
Mitchell [mailto:[EMAIL PROTECTED] Sent: Thursday,
September 25, 2003 12:02 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Bind or
Microsoft DNS
If you are
planning on implementing
Title: Windows 2003 AD
It depends on what functional level you have your forest
set to...
-=B=-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Sent: Thursday, September 25, 2003
2:14 PMTo: [EMAIL PROTECTED]Subject:
[ActiveDir] Windows 2003 AD
Any issues with having a Windows 2003
There are no blocking issues when you want to add a W2003 child dom below a
W2000 root. You should however prepare the schema (forestprep) of your W2000
forest.
You won't be able to increase the forest functional level to W2003 as long
as the forest contains W2000 DCs. But you can increase the
Consider using some of the tools in AlTools.exe in stead of giving access to
the sec.log.
(http://www.microsoft.com/downloads/details.aspx?FamilyId=7AF2E69C-91F3-4E63
-8629-B999ADDE0B9Edisplaylang=en) This contains tools that assist you in
managing accounts and in troubleshooting account lockouts.
How hasn't ;-)?
There are some possible issues that can cause you a lot of headache when you
do not treat your SysVOL good. The main cause is that the SysVOL contains
junction points. Copying the SysVOL and then deleting the copy of the SysVOL
actually makes all the sysVOL on all your DCs
I've seen this happening several times. A network trace using a good network
sniffer did the job most of the times for troubleshooting these kind of
issues.
Verify that is has nothing to do with files getting locked when multiple
users logging on. You could also try logging on using a XP client
can someone explain to me what devolution is?
Very basically, if DNS resolution to my.foo.bar.com failed the DNS
client devolves the primary DNS suffix (drops the left label), and
submits a query to foo.bar.com and attempt resolution
From: [EMAIL PROTECTED]
Oops, I left in one too many foos :-{
What I meant to say was-- if DNS resolution to my.foo.bar.com failed
the DNS client devolves the primary DNS suffix (drops the left label),
and submits a query to bar.com and attempt resolution
It is late and my typing is fubar :-0
-Original
27 matches
Mail list logo