As for FRS replication
ntfrsutl forcerepl [computer] /r SetName /p DnsName
= Force FRS to start a replication cycle ignoring the schedule
.
= Specify the SetName and DnsName.
computer = talk to the NtFrs service on this machine.
SetName
Hi,
I planned to use a startup script to populate a global group to a local group onseries of Windows 2003 Servers in a single w2k3 domain so that any new Servers which are built other than myself will be automatically populatedwith this group. The Servers are placed in an sub OU.
My colleague
oh yes they do... however only when the server is starting the startup script
will run. while the server is running then the startup script will not run
Sam applies for shutdown scripts, logon scripts and logoff scripts - only when
resp. shutdown, logon, or logoff occurs
What you want to use
Thanks Jorge,
I only want this script to run at Startup, it's for new servers that are built, as soon as they logon I want the group to populate to the local group so that our Ops team have access. The existing servers already have been done via a previous script.
My knowledge of Restricted
using the memberof option will preserve existing members in the target group
using the member option will NOT preserve existing members in the target group
(if I'm correct the administrator account is not removed form the
administrators group)
The fun part with restricted groups feature is
Not sure what you mean by "as soon as they logon". Who
would the "they" be?In other words, if you need to
populate a global group into a computer local group as a one time operation, how
about putting it into your build script after the machine joins the domain? You
can certainly use
'They' is referring to my colleagues, I have 14 colleagues scattered over the country, what I mean when I say "as soon as they logon"really means once when theyhave built a w2k3 member server and it's joined to the domain, on the restart, I want the startup script torun and add the global group to
You can also look at NetIQs
Security Manager which will write the entries to a secure SQL server from
multiple servers.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rick Kingslan
Sent: 27 July 2005 06:57
To: ActiveDir@mail.activedir.org
Subject: RE:
Title: RE: [ActiveDir] OT: Windows 2003 Cluster
All,
The cluster is now operational. The problem had to do
with a series of events that unfolded to make this a complex troubleshooting
issue. The security applied by our higher set the STORE LM HASH value in
the security template to enabled.
Title: RE: [ActiveDir] OT: Windows 2003 Cluster
I am using a script to pull all
ofmy event logs from all of my servers (both local and remote) and saving
them off as .evt files at my location. I was wondering if anyone has a
script that I can use to go through these files to pull only the
Title: RE: [ActiveDir] OT: Windows 2003 Cluster
Is
there a place I can download that script or is one you wrote. I have been
wanting to gather all of my logs in one spot also..
Mike
-Original Message-From: Carerros, Charles
[mailto:[EMAIL PROTECTED]Sent: Wednesday, July 27,
Title: RE: [ActiveDir] OT: Windows 2003 Cluster
I'll
send it to you offline.
Charlie
-Original Message-From: Mike Williams
[mailto:[EMAIL PROTECTED]Sent: Wednesday, July 27,
2005 8:49 AMTo: ActiveDir@mail.activedir.orgSubject: RE:
[ActiveDir] Event Log Question
Is
Lots of options here but one that i have been fond of is logparser.
The latest version is 2.2.10 and get be DL'd from:
http://www.microsoft.com/downloads/details.aspx?FamilyID=890cd06b-abf8-4c25-91b2-f8d975cf8c07displaylang=en
The support forum at www.logparser.com is great - the author chimes
That looks like it is exactly what I need.
Thanks.
Charlie
-Original Message-
From: John Singler [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 27, 2005 8:55 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] Event Log Question
Lots of options here but one that i have been
LogParser is a wicked cool utility. I think it got tossed into a
Resource Kit as an afterthought, and then people realized what it could
do and started dancing in the streets.
I second the nod for logparser.com - Mike Gunderloy has put up quite the
useful repository. There's also a section of
With the number of people who have asked for this script, I'll post it on a
web server late tonight and send out its link tomorrow.
Charlie
-Original Message-
From: Carerros, Charles [mailto:[EMAIL PROTECTED]
Sent: Wednesday, July 27, 2005 9:00 AM
To: 'ActiveDir@mail.activedir.org'
Every time I have looked at MOM it just seemed like a large beast and I
haven't had that much time to work with it. It is something that is on my
list of things to look at in detail, but right now I'm swamped with little
Priority projects that need to be done.
I was also looking to avoid using
I use an app called dumpevt. It grabs the logs on a machine and pulls
them to a central location and stores them. I then use Windows Grep to
search for error, failure, or warning (or whatever text) in the logs. It
then displays all the lines containing that desired text. I can find one
or two
I use psLogList to capture the files as text files.
http://www.ultratech-llc.com/KB/?File=EventLog.TXT
But I agree that LogParser is way cool...
-ASB
FAST, CHEAP, SECURE: Pick Any TWO
http://www.ultratech-llc.com/KB/
On 7/27/05, Carerros, Charles [EMAIL PROTECTED] wrote:
I am using a
Anybody used the security config agent and had any issues with it on Domain
Controllers... Or any recommendations?
Thanks,
--
Matt Brown [EMAIL PROTECTED]
Consultant for Student Technology Fee
website: http://techfee.ewu.edu/
+--+
| 509.359.6972 ph. -
Security Config Agent Not sure on that. Do you mean the Security
Config Wizard? If so - nope - none at all.
Rick
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Matt Brown
Sent: Wednesday, July 27, 2005 10:42 AM
To: ActiveDir@mail.activedir.org
I think the machine that kept being elected as master browser was a windows
2000 SP4 workstation that had been up for 68 days.
I changed the PDC emulator to the DC that has the IP helper pointed to it
and that became the browser master.
I think that will fix the problem.
Thanks,jb
Is there a _vbscript_ out there that I can run in a GPO to
add a domain user to the Administrators group on every local PCs
in a domain?
Sorta like this:
http://www.microsoft.com/technet/scriptcenter/scripts/ad/groups/adgpvb03.mspx
Devon Harding
Windows
better exists use the restricted groups feature of a GPO where you can
dictate who the MEMBERS are of a group or where you can define to which group a
user or a group is a MEMBER OF
Works great!
Cheers
#JORGE#
From: [EMAIL PROTECTED] on behalf of
IPHelper is enabled on your routers, which is allowing broadcasts. If
that's the case, then yes - this should help to resolve the issue. It might
be the end-all, but it's certainly in the right direction.
Rick
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
I put a script on my WIKI that may be a big help for you
http://intelliem.editme.com/vbsadmingroupstartup
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Almeida Pinto,
Jorge de
Sent: Wednesday, July 27, 2005 12:07 PM
To: ActiveDir@mail.activedir.org;
I have looked high and low trying to find the setting in GP to change
where Internet Explorer stores its Temporary Internet Files. Can someone
please help me? TIA
List info : http://www.activedir.org/List.aspx
List FAQ: http://www.activedir.org/ListFAQ.aspx
List archive:
Hi Brenda
If it's not part of the standard policy options, you could create your
template and modify the location of the Temporary Internet Files using
registry keys as described in this article.
http://windows.about.com/od/tipsarchive/l/bltip182.htm
See Matty's Group Policy FAQs for
Ya, I mean the security config wizard. I've normally never had any firewall
stuff on my domain controllers... But was thinking it might be possible with
2003 SP1.
Anybody have any recommendations?
Thanks,
--
Matt Brown [EMAIL PROTECTED]
Consultant for Student Technology Fee
website:
Hi,
Is anyone using this on a production DC yet?
Just like to get some comments first.. :-)
--start snip snip--
HP today unveiled newly developed software which it claims can quickly control
the spread of viruses across corporate networks, and reduce the damage caused
during an
SCW does more than just configure the Windows firewall. It can change service
startup settings, configure registry keys around what auth types are used,
configure your local security policy settings (SMB signing, auditing etc),
and do an IIS lockdown. And it supports roll-back, so it's worth
Hello:
A few weeks ago, I demoted a DC at one of our sites. The demotion
appeared to work correctly, and the server no longer appears as a DC
under the ADUC. Also, while there is an A record for the server, it has
been removed from the _msdcs, _sites, etc. The server was then
completely shut
That usually works with no problems...
-gil
From: [EMAIL PROTECTED] on behalf of Your Name
Sent: Wed 7/27/2005 7:02 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Demoted DC Lives On
Hello:
A few weeks ago, I demoted a DC at one of our sites. The
For licenselogging issue, open your sites and services, choose the SITE, under
the Licensing Site Settings - point the licensing computer to the new DC.
That should do it.
Thank you and have a splendid day!
Kind Regards,
Freddy Hartono
Windows Administrator (ADSM/NT Security)
Spherion
Title: [ActiveDir] Demoted DC Lives On
What version of the OS are you
running? I believe replmon and the Config Container are simply showing a
replication connection object that is in a stay of execution, these go away
normally after 15 days. To see if this is it simply run repadmin
35 matches
Mail list logo
