RE: [ActiveDir] DNS Scavenging

Wright, T. MR NSSB Sent: Tuesday, June 28, 2005 9:12 AM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] DNS Scavenging Ok, so if using the default DHCP lease time of 8 days, I should have both the refresh and no-refresh set to 7 days. Once I identify my static records and I manually age

RE: [ActiveDir] DNS Scavenging

eriod, and the period within the lease duration a client tries to update its lease is 87,5% of it. In short: no-refresh value = refresh value refresh value = 87,5% DHCP lease duration Cheers, #JORGE# ____ From: Wright, T. MR NSSB [mailto:[EMAIL PROTECTED] Sent: Tue 6

RE: [ActiveDir] DNS Scavenging

n't. This will be simplified if you have a standard naming convention... --- "Wright, T. MR NSSB" <[EMAIL PROTECTED]> wrote: > All, > I am not 100% sure, but it appears that I may be > having some issues > with scavenging old records. I have a Win2003 > dom

[ActiveDir] DNS Scavenging

All,     I am not 100% sure, but it appears that I may be having some issues with scavenging old records.  I have a Win2003 domain with 5 DC's running 2003 functional level.  All of the DC's run DNS and on one of them I enabled scavening at the server level and configured all zones to have a

RE: [ActiveDir] Slightly OT: File Copy of Death

We moved about 4TB of data incrementally using the Robocopy.bat file mentioned in this article http://www.windowsitpro.com/Articles/Print.cfm?ArticleID=20134 There are switches in there that allow you to do a dry run (without physically copying the files), to check on permissions etc. -Tim -

RE: [ActiveDir] Possibly OT: Application Authentication Issues with Win2003

come up with much.  Was it a good idea to change the domaindnszones entry or should I have left this alone and waited for the DC to come back online in the remote site? -Tim      From: Wright, T. MR NSSB Sent: Thursday, July 08, 2004 2:36 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir

RE: [ActiveDir] Possibly OT: Application Authentication Issues with Win2003

Authentication Issues with Win2003   It sounds like you need to change the policy to send unencrypted passwords to down-level / SMB devices.   Kenneth W. (Ken) Adams, MCSA, MCSE -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wright, T. MR NSSB Sent

RE: [ActiveDir] disable_outbound_repl

Graham, We just went through this about two weeks ago. When we did our testing we found that the repadmin /disable_outbound_repl command only stops inter-site replication, it does NOT disable intra-site replication. After running that command run /showreps and you will see that all of it'

[ActiveDir] Possibly OT: Application Authentication Issues with Win2003

All,     We are in the process of upgrading our AD domain from Win2k SP4 to Win 2003.  We have a single forest with 2 domains with an empty mgmt root domain.  We have been swapping out the Win2k DC’s with freshly built Win2k3 DC’s one at a time.  We completed the empty root domain

RE: [ActiveDir] Uninstallation

Just boot into the PERC configuration tool during boot up. I think it's CTRL + M, then just delete the container information, which should blow away your RAID configs and the data that is on them. -Tim -Original Message- From: Charlie Kaiser [mailto:[EMAIL PROTECTED] Sent: Tuesday, June

RE: [ActiveDir] Root Hints question

Aric is dead on. I had the same problem as Russ with my AD Integrated Zones. Russ, if you open ADUC and do View--> Advanced Features, under the System Folder, there should be a folder called MicrosoftDNS. You will find the Root Hints in there, once you delete them from there they won't come back

RE: [ActiveDir] DDNS Registration Problem

blem   When you say no error, are you seeing any errors on the DNS servers?  Have you checked the routing tables on these machines?  Have you checked to see what is bound to the nic(s) to see if RRAS is getting in the way?   Al   From: Wright, T. MR NSSB [mailto:[EMAIL PROTECTED]

[ActiveDir] DDNS Registration Problem

Hello All,     I have this problem with a handful of machines, they refuse to dynamically register in the AD DNS.  The machines were registering at one point in time, but at some point they stopped doing so.  I stumbled upon this because I was working on one of these machines and w

RE: [ActiveDir] DNS - zone delegation questions

Daniel, In your example you would do the delegation on the parent.com DNS server.  You would run the delegation wizard on dc1.parent.com and delegate control of the child1.parent.com domain to dc1.child1.parent.com.  The delegation of control wizard should create the NS and Glue record for

RE: [ActiveDir] Delegation of Dial-In Tab???

Title: Message While we’re on the topic…  How do I make this tab available to my OU Administrators in a Win2k SP4 domain?  When their using ADUC they don’t even see the Dial-In tab?  Is the same hotfix available for Win2k?  TIA.   -Tim   From: GRILLENMEIER,GUIDO (HP-Germany,ex1)

RE: [ActiveDir] win XP shows no AD node in MNP

I think this is what you are looking for... To restore the Directory icon: Copy the dsfolder.dll from a Windows 2000 (SP2 or later) machine to the Windows XP machines (It is in the SYSTEM32 folder under the WINNT folder on Windows 2000 (by default) and needs to go into the SYSTEM32 folder usually

RE: [ActiveDir] Windows 2000 startup screen

Title: Message James,     That is an interesting approach to the problem.  The only thing I see in Russ’s case is that if the execs don’t like having to click ok to the Legal notice, then they must surely have had him disable the CTRL + ALT + DELETE requirement since that is 3 time

RE: [ActiveDir] Computer Migration Issues with ADMT - FIXED :- )

Santosh/Mike, We successfully migrated about 6000 computers using ADMT ver.2 set to reboot 1 min. after completion. Santosh, I'm not sure where you are getting the 7 min. from. ADMT issues a message to the workstation to start ADMTagent.exe, immediately after you click the close button

RE: [ActiveDir] Unorthodox NT4 -> W2k3 Migration Plan???

Eric, Have you looked at ADMT. We are using it for our NT4 to Win2k AD migration and although our NetBIOS names are not the same as in your case, ADMT uses the NetBIOS name of our NT4 domain as the "Source" and the FQDN of our AD domain as the Destination. It may not offer some of the be

[ActiveDir] Password Complexity Patch

Has anybody tried this…  This seems like something that should have been done a long time ago…   Improved Password Complexity Message    Windows Server 2003 and Windows 2000 Server let an administrator enforce complex passwords. When a user changes his or her password and the complexity

RE: [ActiveDir] OT: SUS Question

Title: Message I just jumped on the SUS bandwagon, we have also been using update expert but have a lot of laptops that go off the network quite frequently.  So I have setup SUS and it’s running fine, I would like to use the option to just download and apply the patch no questions asked and

RE: [ActiveDir] Possibly OT: Cisco VPN and AD

something here helps …   Dave         From: Wright, T. MR [mailto:[EMAIL PROTECTED] Sent: Thursday, September 04, 2003 11:52 AMTo: [EMAIL PROTECTED]Subject: [ActiveDir] Possibly OT: Cisco VPN and AD   We have an issue with our VPN concentrator.  It seems that it allows some AD users to authenticate,

[ActiveDir] Possibly OT: Cisco VPN and AD

We have an issue with our VPN concentrator.  It seems that it allows some AD users to authenticate, while others can not.  We can find no pattern to explain why the users that are able to authenticate are allowed to do so and why the users that can't authenticate can not.  An example is that

RE: [ActiveDir] Local Admin

Title: Message   This is the approach that we took...  The problem we had to work around is that you need to be an admin to be able to add an admin.     Our Kix logon script sends the IP and username of the user when he logs onto his machine and appends it to a text file that sits on one o

[ActiveDir] Last Logon Script

Does anyone have a script that will query an OU and tell me when the users last logged on? Or for that matter?  If they have logged on at all.   Thanks,   -Tim

RE: [ActiveDir] Locking Down User Information Fields in AD

d I not?   Rick Kingslan  MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone  From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Wright, T. MR NSSBSent: Wednesday, July 16, 2003 9:27 PMTo: '[EMAIL PROTECTED]

[ActiveDir] Locking Down User Information Fields in AD

Just curious how I would go about stopping a user from being able to update their address, website, etc under their own account. AD... Basically I want them only to be able to update their own phone # and nothing else and I would also like to force it to be strictly a numeric only field (wh

RE: [ActiveDir] AD DNS/DHCP issue/question

he active leases to see what's happening. -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message-From: Wright, T. MR NSSB [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 15, 2003 12:38 PMTo: '[EMAIL PROTECTED]'Subject: RE: [Ac

RE: [ActiveDir] Adding machines to OU directly

Title: Message If the OU Admin creates the computer acct. in his or her OU prior to actually adding the machine to the domain, when they physically add it, it will end up where they created the acct.   -Tim From: Chris Flesher [mailto:[EMAIL PROTECTED] Sent: Wednesday, July 16, 2003 10:33

[ActiveDir] Locking Down User Information Fields in AD

Just curious how I would go about stopping a user from being able to update their address, website, etc under their own account. AD... Basically I want them only to be able to update their own phone # and nothing else and I would also like to force it to be strictly a numeric only field (wh

RE: [ActiveDir] AD DNS/DHCP issue/question

renew their leases or get a different lease.   Here is a different way of doing it.  Shorten your leases to a couple of hours.  The clients will update at the 50% time mark and register their new name.  Tell me if it works -----Original Message-From: Wright, T. MR NSSB [mailto:

RE: [ActiveDir] AD DNS/DHCP issue/question

Is DNS set for Secure Updates only?   Roger -- Roger D. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc. -----Original Message-From: Wright, T. MR NSSB [mailto:[EMAIL PROTECTED] Sent: Tuesday, July

RE: [ActiveDir] AD DNS/DHCP issue/question

esday, July 15, 2003 10:08 AMTo: [EMAIL PROTECTED] You might want to run a post setup job to run ipconfig /registerdns -Original Message-----From: Wright, T. MR NSSB [mailto:[EMAIL PROTECTED]Sent: Tuesday, July 15, 2003 8:46 AMTo: '[EMAIL PROTECTED]'Subject: [ActiveDir]

[ActiveDir] AD DNS/DHCP issue/question

Gonna try and keep this short and sweet   I have 1200 clients that I am adding to the network.  They get their new machine with our ghost image called 'image'  they plug it into the network, when they bring it up they are asked a few questions (name, username etc.) this info is passed into

RE: [ActiveDir] admt 2.0 - nt4 computer migration

I may be chiming in a little late on this thread... We ran into an issue when we were testing ADMT where the agent wouldn't install. The way we got around this was adding a line to our users logon script that added the acct. that ADMT is using to run to the local admin group on the clients workst

RE: DNS toasty (was: [ActiveDir] Trying to run DCPromo and getting er ror 5171)

Title: Message Daniel,     This may or may not be of any help to you, but there is an interesting new utility available from MS to help troubleshoot DNS errors.  DNSLint.exe is available here  http://support.microsoft.com/?kbid=321045 I used the /ad switch and it solved all of my replication i

RE: [ActiveDir] DNS Replication

20, 2003 12:59 PMTo: [EMAIL PROTECTED] have you tried? http://eventid.net/display.asp?eventid=1265&source= - Original Message - From: Wright, T. MR NSSB To: '[EMAIL PROTECTED]' Sent: Friday, June 20, 2003 11:19 Subject: RE: [ActiveDir] DNS Replica

RE: [ActiveDir] DNS Replication

Title: Message I am setting up a new AD domain and I am seeing a slew of errors which I believe are DNS related, reading this thread has confused me somewhat...   Here's my situation..  Empty forest root domain with 4 DC's with the Roles spread across them, all running AD integrated DNS.  I t

RE: [ActiveDir] bogus DNS entries

I actually have the same exact problem with a Dell PE server... I tried disabling the DRAC during boot as I thought that may be the cause and that was no help. I also tried disabling Dynamic DNS registration on that interface after I read this KB article http://support.microsoft.com/default.aspx