Great stuff. Any chance of someone acting as a 'distribution point' for
Europe?!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Tony Murray
Sent: 13 April 2002 20:09
To: [EMAIL PROTECTED]
Subject: [ActiveDir] List Archives on CD
It looks like there is
Andy,
In the situation you describe your 'evil beasts' could only effect and
damage the 'Configuration' partition in AD. Remember - this is the only
common partition in AD that is spread across a whole forest. Corruption of a
child domain would be limited to it's own objects and policies
The cha
jcl,
First double check to make sure the sysvol and netlogon shares exist. Try
doing a NET SHARE from a command box. If they are present then I'd say you
have nothing to worry about. DCDIAG does some checking of the eventlog while
processing the various tests - should you of cleared down the FRS
MS produced a utility for migrating scopes between NT4 and W2K. Can't
remember the name of it - I'll have a hunt around
It was available on their website a few months ago. Trying having a search
Best...
Neil
- Original Message -
From: "Flanagan, Kevin" <[EMAIL PROTECTED]>
To: <[E
Hi all,
I have a small country based domain (1200 users)
which spans 18 sites. Each site contains a DC, some sites the DC is also
flagged as GC - depending on the number of users / travelling users visiting
these sites etc. These sites are connected via varying different WAN
circuits - 19.
www.openldap.org
A reasonable source for scripting &
mailing list...
- Original Message -
From:
Rogers, Michael
J.
To: ActiveDir
Sent: Thursday, December 13, 2001 2:17
PM
Subject: [ActiveDir] Scripting
Does anyone know of a good
newsgroup or websi
Seyi,
Have a look at Q238394 using the 'movetree' utility from the Support Tools
kit. This will move most object types between different domains / forests.
Neil
- Original Message -
From: "Seyi Owoeye" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, November 30, 2001 7:39 AM
Rob -
MS describe this as a feature :-) I believe they are working on a fix for
this and the ability to change the DNS TTL setting.
You could disable the 'Register this connection's addessses in DNS' setting
on the DNS properties page of the heartbeat network card and use a 'hosts'
file with an
Come on, let's stop messing around here! Get a
network trace from the client
- Original Message -
From:
Chris
Green
To: [EMAIL PROTECTED]
Sent: Wednesday, November 14, 2001 3:58
PM
Subject: Re: [ActiveDir] References
mentioning DNS requirements
Read a
Do you have any other protocol's loaded on the problem client machines? Such
as IPX or worse ?!
Depending on the binding order (for the protocols) the client will try and
emunerate all connections using the first protocol. If IPX is top of the
binding order this will have to timeout before trying
Seyi,
Check to make sure the fsmo roles were transferred succesfully to your
remaining DC now the other machine has been demoted to a member server. You
can use the User and Computer mmc for this - Right Click on the Domain name
and select Operations Masters. The existing DC should hold all these
I hate to p1ss on everyone's fire here, but 1500
users on one machine strikes me as 'all my eggs in one basket' routine. Yes W2K
can handle this number of users yet -
If you have 1 DC in a child domain this is
unlikely to be a GC because you haven't split the infrastructure master fsmo
ont
to be master of
operations..
-Default first names
-Servers
-PDC2
NTDS Settings
Server PDC2 replicates from PDC
-PDC
Echange Settings
ADS settings
NTDS Settings
Server Auto generated Replicate
from PDC2
Thanks this is driving me crazy, I wish I knew what was done to get it
to this point.
Thanks all fo
Bryan,
Ok, so the KCC is unable to create a rep. link between the two machines -
underlying problem is that PDC is unable to contact PDC2 using RPC. Have you
checked the dns setup on both machines? By this I mean, does the dns server
that your PDC machine is registering with contain the correct r
If your client (172.16.1.24) is a workstation check it's machine account in
the domain and possibly reset this via the Users and Computers MMC. Find the
computer object, right click, Reset Account.
Should the above (172.16.1.24) be another DC check it's trust relationship
with the domain (both wa
All sounds like name resolution to me... Get hold of the latest version of
dcdiag from the MS Support site (Dated 6/9/2000). The updated version has a
DCPROMO option which will test for connectiveity - dns records -> ldap,
kerberos, and other records etc. This should help you find the root cause o
Read MS Article Q263821 for the fix
- Original Message -
From: "Bjelke John A Contr AFRL/VSIO" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, October 17, 2001 4:19 PM
Subject: RE: [ActiveDir] Account Lockouts in mixed mode
Actually, we have seen similar issues in our mixed
Does anyone have the url for a complete listing of
W2K event ids?
MS use to produce a spreadsheet with this
information but I'm unable to find the file / link anymore
Thx in advance
- Original Message -
From: "FullArmor eBook" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 30, 2001 2:36 PM
Subject: Group Policy eBook Chapter 6 Available!
As a registered subscriber to the free eBook "The Definitive Guide to
Windows 2000 Group Policy", we want to
Title: RE: [ActiveDir] Have to reinstall Win2k Pro after 2K server rolloutwhy ??
All sounds like drastic action to me! This could be
related to the old problem of W2KP switching itself into NTLM mode (While your
still using NT on the backend) and not switching to using Kerberos when W2K
s
As a registered subscriber to the free eBook "The
Definitive Guide to Windows 2000 Group Policy", we want to inform you that
Chapter 2: Group Policy Structure and Interaction with AD is now available for
download!Please login at http://www.fullarmor.com/ebook/read/read.cfm
to access the Ch
Are Interesting paper on Microsoft's Internal IT Active Directory design.
you putting off that upgrade to Windows 2000 because you dread
having to design an Active Directory structure to be migrated to from
your far-flung NT 4 domain structure?
Suppose you had an IT organization of 2,500 people
Jennifer,
Whoever mentioned about installing W2KP clients and authenticating them to
AD, then you have a situation where you need this type of client to talk
downlevel - NT4 Domain / NTLM was right that you will get problems.
To save everyones Inbox I posed a similar question the other week ( Ch
om the Windows 2000
Support Tools to do this via the command line. Haven't tried this myself.
Tony
-Original Message-
From: Neil Smith [mailto:[EMAIL PROTECTED]]
Sent: Mittwoch, 28. Februar 2001 14:27
To: [EMAIL PROTECTED]
Subject: [ActiveDir] W2KP NTLM / Kerberos problem
Basica
Pete,
Welcome! I agree with your observations - Especially that planning is way
down the priority list of a W2K project. It seems this is a hangover from
the NT4 days with the existing skills out there thinking AD is a domain on
steriods Nice thought although the reality is quite different.
Basically, here is the problem and the situation where you can meet this!
Imagine that you have a NT 4.0 Domain with all workstations running W2KPRO.
Let's say that's a scenario where you upgraded the clients before the
infrastructure. No problem. Everything is fine, W2KPRO tries to authenticate
The wait is over! Microsoft release Active Directory Client Extension for
NT4.0 (aka NT4.0 DS Client) to the web.
It may take a few more days to prop to microsoft.com live servers. The the
download link can be found on
http://www.microsoft.com/windows2000/adclients (again, you may have to wait
co
IMPLEMENTING DIRECTORY SERVICES
By Archie Reed
$55.00
711 pages
Published by McGraw-Hill, October 1999
ISBN 0-07-134408X
Many technical reference books focus very well on the technical elements
of their subject, but they don't cover the "softer" issues surrounding a
technology's implementation, w
28 matches
Mail list logo