Wright, T. MR
NSSB
Sent: Tuesday, June 28, 2005 9:12 AM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] DNS Scavenging
Ok, so if using the default DHCP lease time of 8 days, I should have
both the refresh and no-refresh set to 7 days. Once I identify my
static records and I manually age
eriod, and the period within the
lease duration a client tries to update its lease is 87,5% of it.
In short:
no-refresh value = refresh value
refresh value = 87,5% DHCP lease duration
Cheers,
#JORGE#
____
From: Wright, T. MR NSSB [mailto:[EMAIL PROTECTED]
Sent: Tue 6
n't. This will be simplified if you have a
standard naming convention...
--- "Wright, T. MR NSSB" <[EMAIL PROTECTED]>
wrote:
> All,
> I am not 100% sure, but it appears that I may be
> having some issues
> with scavenging old records. I have a Win2003
> dom
All,
I
am not 100% sure, but it appears that I may be having some issues with
scavenging old records. I have a Win2003 domain with 5 DC's running 2003
functional level. All of the DC's run DNS and on one of them I enabled
scavening at the server level and configured all zones to have a
We moved about 4TB of data incrementally using the Robocopy.bat file
mentioned in this article
http://www.windowsitpro.com/Articles/Print.cfm?ArticleID=20134
There are switches in there that allow you to do a dry run (without
physically copying the files), to check on permissions etc.
-Tim
-
come up with much. Was it a good idea to change the domaindnszones entry or should I have left this alone and waited for the DC to come back online in the remote site? -Tim
From: Wright, T. MR
NSSB
Sent: Thursday, July 08, 2004 2:36 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir
Authentication Issues with Win2003
It sounds like you need to change the
policy to send unencrypted passwords to down-level / SMB devices.
Kenneth
W. (Ken) Adams, MCSA, MCSE
-Original Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wright, T. MR NSSB
Sent
Graham,
We just went through this about two weeks ago. When we did our
testing we found that the repadmin /disable_outbound_repl command only
stops inter-site replication, it does NOT disable intra-site
replication. After running that command run /showreps and you will see
that all of it'
All,
We
are in the process of upgrading our AD domain from Win2k SP4 to Win 2003.
We have a single forest with 2 domains with an empty mgmt root domain. We
have been swapping out the Win2k DC’s with freshly built Win2k3 DC’s
one at a time. We completed the empty root domain
Just boot into the PERC configuration tool during boot up. I think it's
CTRL + M, then just delete the container information, which should blow
away your RAID configs and the data that is on them.
-Tim
-Original Message-
From: Charlie Kaiser [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June
Aric is dead on. I had the same problem as Russ with my AD Integrated
Zones. Russ, if you open ADUC and do View--> Advanced Features, under
the System Folder, there should be a folder called MicrosoftDNS. You
will find the Root Hints in there, once you delete them from there they
won't come back
blem
When you say no error, are you seeing any
errors on the DNS servers? Have you checked the routing tables on these
machines? Have you checked to see what is bound to the nic(s) to see if
RRAS is getting in the way?
Al
From: Wright,
T. MR NSSB [mailto:[EMAIL PROTECTED]
Hello All,
I
have this problem with a handful of machines, they refuse to dynamically
register in the AD DNS. The machines were registering at one point in
time, but at some point they stopped doing so. I stumbled upon this because
I was working on one of these machines and w
Daniel,
In your example you would do the delegation on the parent.com DNS
server. You would run the delegation wizard on dc1.parent.com and
delegate control of the child1.parent.com domain to dc1.child1.parent.com.
The delegation of control wizard should create the NS and Glue record for
Title: Message
While we’re on the topic… How
do I make this tab available to my OU Administrators in a Win2k SP4 domain?
When their using ADUC they don’t even see the Dial-In tab? Is the same
hotfix available for Win2k? TIA.
-Tim
From:
GRILLENMEIER,GUIDO (HP-Germany,ex1)
I think this is what you are looking for...
To restore the Directory icon:
Copy the dsfolder.dll from a Windows 2000 (SP2 or later) machine to the
Windows XP machines (It is in the SYSTEM32 folder under the WINNT folder
on Windows 2000 (by default) and needs to go into the SYSTEM32 folder
usually
Title: Message
James,
That is an interesting
approach to the problem. The only thing I see in Russ’s case is that if
the execs don’t like having to click ok to the Legal notice, then they
must surely have had him disable the CTRL + ALT + DELETE requirement since that
is 3 time
Santosh/Mike,
We successfully migrated about 6000 computers using ADMT ver.2 set to reboot 1
min. after completion. Santosh, I'm not sure where you are getting the 7 min. from.
ADMT issues a message to the workstation to start ADMTagent.exe, immediately after you
click the close button
Eric,
Have you looked at ADMT. We are using it for our NT4 to Win2k
AD migration and although our NetBIOS names are not the same as in your
case, ADMT uses the NetBIOS name of our NT4 domain as the "Source" and
the FQDN of our AD domain as the Destination. It may not offer some of
the be
Has anybody tried this… This seems like
something that should have been done a long time ago…
Improved
Password Complexity Message
Windows Server 2003 and Windows 2000 Server let an administrator enforce
complex passwords. When a user changes his or her password and the complexity
Title: Message
I just jumped on the SUS bandwagon, we
have also been using update expert but have a lot of laptops that go off the network
quite frequently. So I have setup SUS and it’s running fine, I would
like to use the option to just download and apply the patch no questions asked
and
something here
helps …
Dave
From: Wright,
T. MR [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04,
2003 11:52
AMTo:
[EMAIL PROTECTED]Subject: [ActiveDir] Possibly OT: Cisco VPN
and AD
We have an issue with our VPN
concentrator. It seems that it allows some AD users to authenticate,
We have an issue
with our VPN concentrator. It seems that it allows some AD users to
authenticate, while others can not. We can find no pattern to explain why
the users that are able to authenticate are allowed to do so and why the users
that can't authenticate can not. An example is that
Title: Message
This is the approach that we
took...
The problem we had to work around is that you need to be an admin to be
able to add an admin.
Our Kix logon script sends the IP and username of the
user when he logs onto his machine and appends it to a text file that sits on
one o
Does
anyone have a script that will query an OU and tell me when the users last
logged on? Or for that matter? If they have logged on at
all.
Thanks,
-Tim
d I not?
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Wright, T. MR
NSSBSent: Wednesday, July 16, 2003 9:27 PMTo:
'[EMAIL PROTECTED]
Just
curious how I would go about stopping a user from being able to update their
address, website, etc under their own
account. AD...
Basically
I want them only to be able to update their own phone # and nothing else and I
would also like to force it to be strictly a numeric only field (wh
he active leases to see what's happening.
-- Roger D. Seielstad -
MTS MCSE MS-MVP
Sr. Systems
Administrator
Inovis
Inc.
-----Original
Message-From: Wright, T.
MR NSSB [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 15, 2003 12:38
PMTo:
'[EMAIL PROTECTED]'Subject: RE: [Ac
Title: Message
If the OU Admin creates the computer acct. in his or her OU prior to
actually adding the machine to the domain, when they physically add it, it will
end up where they created the acct.
-Tim
From: Chris Flesher
[mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 10:33
Just
curious how I would go about stopping a user from being able to update their
address, website, etc under their own
account. AD...
Basically
I want them only to be able to update their own phone # and nothing else and I
would also like to force it to be strictly a numeric only field (wh
renew their leases or
get a different lease. Here is a different way of doing it.
Shorten your leases to a couple of hours. The clients will update at the
50% time mark and register their new name. Tell me if it
works
-----Original Message-From: Wright, T. MR NSSB
[mailto:
Is DNS set for Secure Updates
only?
Roger
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-----Original Message-From: Wright, T. MR
NSSB [mailto:[EMAIL PROTECTED] Sent: Tuesday, July
esday, July 15, 2003
10:08 AMTo: [EMAIL PROTECTED]
You might want to run a post setup job to run ipconfig
/registerdns
-Original Message-----From: Wright, T. MR NSSB
[mailto:[EMAIL PROTECTED]Sent: Tuesday, July 15, 2003 8:46
AMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir]
Gonna try
and keep this short and sweet
I have
1200 clients that I am adding to the network. They get their new machine
with our ghost image called 'image' they plug it into the network, when
they bring it up they are asked a few questions (name, username etc.) this info
is passed into
I may be chiming in a little late on this thread... We ran into an issue
when we were testing ADMT where the agent wouldn't install. The way we got
around this was adding a line to our users logon script that added the acct.
that ADMT is using to run to the local admin group on the clients
workst
Title: Message
Daniel,
This may or may not be of any help to
you, but there is an interesting new utility available from MS to help
troubleshoot DNS errors. DNSLint.exe is available here http://support.microsoft.com/?kbid=321045
I used the /ad switch and it solved all of my replication i
20, 2003
12:59 PMTo: [EMAIL PROTECTED]
have you tried?
http://eventid.net/display.asp?eventid=1265&source=
- Original Message -
From:
Wright,
T. MR NSSB
To: '[EMAIL PROTECTED]'
Sent: Friday, June 20, 2003 11:19
Subject: RE: [ActiveDir] DNS
Replica
Title: Message
I am setting up a new AD domain and I am seeing a slew of errors
which I believe are DNS related, reading this thread has confused me
somewhat...
Here's my situation.. Empty forest root domain with 4 DC's with the
Roles spread across them, all running AD integrated DNS. I t
I actually have the same exact problem with a Dell PE server... I tried
disabling the DRAC during boot as I thought that may be the cause and that
was no help. I also tried disabling Dynamic DNS registration on that
interface after I read this KB article
http://support.microsoft.com/default.aspx
39 matches
Mail list logo