Marcus-
The answer to your question is yes. Basically, if a slow link is
detected, the various Client Side Extensions for stuff like Software
Installation and Folder Redirection will simply not fire, even if the
bits (e.g. MSI package) are on a fast link. One way around this is to
use Admin.
Perhaps one for Joe and Co here. Is there a tool that can be used to
calculate the amount of traffic that will be generated by AD replication
? Ideally something that would let me do what if scenarios (I love
what if scenarios) where I can chuck in additional users or sites etc.
Olly
List info
I remember having seen this `tool` with the CD incuded with the book
`Building Enterprise Active Directory Services notes from the field`. It
consists of an excel sheet that `does the job`. My experiences with these
numbers is that they are not too bad. However, this is only an indication
... Make
I believe NETPRO sells a tool for AD planning as well. It takes all the
available network information and models the AD design. I am not sure how
much it has changed since it's 1.0 release. The 1.0 release required all
the data to be imported in manually. Gil could comment on it much better.
I believe that the Slow link detection uses ICMP, so if you have turn that
off on your internal network you will see issues.
I am currently reviewing JM new GPO book. I think the scenario's you
mention are a worthy mention in his book. I will see if he wants to discuss
them either in his
We use standard.
Todd
-Original Message-
From: Charlie Kaiser [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 30, 2003 12:44 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] OT: Windows Standard Server 2003 or Enterprise Se
rver 2003 as DCs
Yeah; enterprise version is nice, but
Title: RE: [ActiveDir] Calculating AD replication traffic
How can one get a hold of admapper
It will definitely be helpful for future use.
Regards,
Yusuf
__
Title: RE: [ActiveDir] Calculating AD replication traffic
http://www.windows-servers.info/active_directory.htm
Scroll close to the bottom and you will
see "Free Tools, Utilities and Downloads"
F"FreeEFREE Tools, Utilities Tools,
-Original Message-
From: Mayet, Yusuf Y
I posted my solution to this type of problem before because we also deal
with the dreaded firewall problem as well.
Here is a synthesis.
1. You should identify each site as a group of networks that are behind the
same firewall.
2. Most firewalls support NTDS or AD replication now so use that
Hi,
I'm integrating an open-source application using openldap with Active directory. I
know openldap doesn't support pagination with RFC2696, So I can't manage more than
1000 result but it's enought.
My problem is that I failed to avoid the message SIZELIMIT_EXCEEDED even if the
openldap
Yes, it is taking full advantage of the hyperthreading.
Keep in mind that hyperthreading IS NOT two separate processors. It is a
parallel execution path within the processor, which can't always be
leveraged. Some applications can and some can't - but there's no definitive
way to say an app can or
Yes, I had cleared the local PC cache as well. I was trying to rule it out as well.
---
Miles Holt, MCP
Network Engineer
Summit Marketing
[EMAIL PROTECTED]
770-303-0426
---
Show me a completely smooth operation and I'll show you someone who's covering
I did consider that. Even after repeated retries for the mx records of aol.com to the
Windows 2003 DNS they still timed out. After that I changed the
timeout to 15 seconds for testing. Same results.
If I clear the cache on the Windows 2000 DNS, it will give me a time out on the first
attempt,
Don't know about anyone else, but I cant even get ADMapper to get past
the username/password/domain box. Tried about 10 accounts, even created
a new one with full enterprise rights, and still it wont log on :(
-Original Message-
From: Ellis, Debbie [mailto:[EMAIL PROTECTED]
Sent: 30
I'm thinking along the lines of authentication to get on
the network, yes. It's not a Windows function that I'm thinking of
necessarily.
Al
From: Marcus Oh [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 29, 2003 8:44 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Cached
Todd-
The issue with ICMP has been documented well recently. MS has a KB
article and fix related to this
(http://support.microsoft.com/default.aspx?scid=kb;en-us;816045) and
there was a good thread on NTBugtraq that talks about some workarounds
I am currently erdesigning our OU structure and was wondering:
Has anyone done an OU structure that accounts for server function i.e. file and print, web, database?
Was it useful? What other computer structures have you use successfully?
Michael Parent MCSE MCT
Analyst I - Web Services
ITOS -
Title: Message
I have
used this design before. They were generically under a server OU.
Under that, they were separated out by server functions.
Pros
Apply
generic server hotfixes (SUS), Service Packs (GPOs), or configs to
servers.
Since
each function of computer generally has
Some good questions to ask when thinking about creating an
OU structure are:
1. Will the delegation of administration be different
for thevarious computers?
2. Will the application of group policy be different
for the various computers?
If the answer to either of these is yes, then you
I
don't remember the exact command, but I know it has to be done in order to
upgrade a Windows 2000 domain to a Windows 2003 domain. Read the
documentation to find the exact command.
Kenneth W. (Ken) Adams, MCSA, MCSE
-Original Message-From: Santhosh Sivarajan
[mailto:[EMAIL
adprep.
From: Adams, Kenneth W (Ken)
[mailto:[EMAIL PROTECTED] Sent: Thursday, October 30, 2003 2:25
PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir]
Windows 2003 domain in Windows 2000
I
don't remember the exact command, but I know it has to be done in order to
upgrade a Windows 2000
Yes you are right. There is command called Adprep/forestprep.
That will upgrade the schema to window 2003 schema. But I dont have any
plan to upgrade forest domain (ABC.COM) to windows 2003. I would like to keep
Windows 2000 as my forest domain. Is that going to be an issue?
Weve got the root 2000\ child 2003 forest
running in our environment. No issues so
far. One division was on the early adopters
program, but we could get the other divisions to agree to upgrade the
root.
You can upgrade the Schema with the
Forestprep and Domainprep utilities that are
ADPrep
utility will update the schema in a 2000 domain to support the 2003
schema.
-Original Message-From: Adams, Kenneth W (Ken)
[mailto:[EMAIL PROTECTED]Sent: Thursday, October 30, 2003 2:25
PMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] Windows 2003 domain in Windows
Heh, yeah I understand those are the 2 primary criteria for creating OUs. Let me try again :-)
Here's the thing, I am not sure delegation of computer objects buys you much for servers, so that leaves us with GPO.
On the surface there seems to be a case to dividing them up for this purpose, but
Weve got the root 2000\ child 2003
forest running in our environment.
No issues so far. One
division was on the early adopters program, but we couldnt
get the other divisions to agree to upgrade the root.
You can upgrade the Schema with the
Forestprep and Domainprep utilities that are
You have to upgrade forest schema prior to
introducing Windows Server 2003 child domains. See http://support.microsoft.com/default.aspx?scid=KB;EN-US;325379for
the steps. This applies to upgrading DC's, but it is the same except you dont
upgrade DC.
You basicaly need to run adprep
You
have to upgrade your Windows 2000 forest schema to include the Windows 2003
schema additions for any child domain to be Windows 2003. That should be
the only issue, but, again, I've not worked with it yet.
If you
don't have a lab in which to test this, just get a few PCs (2 or 3 should
If your internal machines are configured to use only one internal DNS,
then if that one is not available, you will NOT get any name resolution,
the service will simply not be there, regardless of any settings further
down the pipe.
To prevent that from happening, you could add as a secondary DNS
Hi All,
Just curious if anyone has heard of, or is using Ecora Parch Manager and/or
Ecora Enterprise Auditor. My company is looking at these tools and was
wondering what feedback everyone might have.
Thanks,
Raymond McClinnis
List info : http://www.activedir.org/mail_list.htm
List FAQ:
We use it, it's pretty good, the support is not the best but I do like the product.
Ryan McDonald
Systems Administrator
The Bankers Bank
Raymond McClinnis [EMAIL PROTECTED]
Sent by: [EMAIL PROTECTED]
10/30/2003 04:17 PM
Please respond to ActiveDir
To:[EMAIL PROTECTED]
Try it on a test AD.
Todd Myrick
-Original Message-
From: Oliver Marshall [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 30, 2003 10:09 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Calculating AD replication traffic
Don't know about anyone else, but I cant even get ADMapper to
I run a multi domain forest. During our Site Optimization I had some
subnets associated to the wrong site without DC coverage it appears and it
cause GPO's to not process on XP boxes.
The solution, associate the Subnet to the correct site. Whola it works.
Todd Myrick
-Original
Title: Message
My
rule is OU's should be created to facilitate delegation, and GPO
application. In that order. Not reverse. Don't create OUs to
link GPO's to only.
If you
aren't going to delegate specific access to the GPO to other groups, then leave
the machines ina singleOU, and link a
Title: Message
Nice
response Tony.
Todd
Myrick
-Original Message-From: Tony Murray
[mailto:[EMAIL PROTECTED] Sent: Thursday, October 30, 2003
2:11 PMTo: [EMAIL PROTECTED]Subject: RE:
[ActiveDir] OUs by server function?
Some good questions to ask when thinking about
There is acompany in the UK called NTSim that has a pretty cool product that
does simulations of AD operations and tells you how much traffic, CPU, disk
IO, etc a DC will generate. See http://www.ntsim.com/.
This is the product that we (NetPro) originally sold under the name
DirectorySim.
-gil
Oliver,
I had the same problem until I realized that I had fatfingered the FQDN of
the GC server and then it worked like a charm, both installed from a DC and
from a member XP workstation. The DC doesn't have Visio installed but the
XP box does so that didn't appear to be an issue -- just
You still need to extend the schema regardless of
functionality level if you introduce a 2003 DC to the forest. You can
still keep 2000 functionality level however, so no it's not a problem as long as
you update the schema.
From: Santhosh Sivarajan
[mailto:[EMAIL PROTECTED] Sent:
Thanks for the feedback, Robbie. Not precisely certain about the
situation. I'd have to do more investigation on it. Provided a
sufficiently long period of time, it would probably be okay. I was
looking to trim at a 30 day time frame. During some of the searches, I
did note some active
Hey
all,
Last
night,
My exchange box blue
screened on me with a Stop Error 0X00017 and
CID_HANDLE_DELETION.
Microsoft and Google
were unhelpfull.
Anyone seen this
before?
Thanks.
John Parker, MCSE IS Admin. Senior Technical SpecialistDigital
Display Systems.
UPS finally delivered my copy of the Active Directory
Cookbook.
After a hundred pages, I must agree, Robbie Allen has a best
seller here. I would love to find a way to put this book in binder and
stick in at my desk. Sort of camouflage it so it looks like a regular
notes bonder. I know
Matjaz!
You finally made it over here. Welcome and good to have you. Your
expertise will be a very welcome addition.
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL
42 matches
Mail list logo