Home All Groups Group Topic Archive Search About

Windows Server Active Directory

microsoft.public.windows.server.active_directory
Score Slow file access at remote site
who - 22 Nov 2008 1:44 PM - 2 messages
Ok, here's a good one. We have 3 sites Site 1 is the main office. Site 2 is a remote office Site 3 is the owners house All 3 sites have domain controllers and global catalogs Site 1 and 2 have dedicated file servers, site 3 uses the domain controller ...
Score NetDiag Default Gateway Error -->DcDiag Advertising Error
Zalewa - 22 Nov 2008 9:36 AM - 8 messages
Hi Guys, I'm having problems with time sync in my AD. Server which should be time server for my domain doesn't advertise himself. After investigation and netdiag I found that server can't pass Default Gateway test. Below output ...
Score Cant receive external email
Connie - 22 Nov 2008 1:31 AM - 2 messages
Hi.. We are running windows 2003 exchange server with MS Outlook email. I recently added a user in the Active directory with a domain login-in in our server. He logs in ok to our domain ok..receives internal email from other users in ...
Score DS replication error
Andrea - 21 Nov 2008 10:38 PM - 9 messages
Hi, I've promote 2008 server in a 2003 domain, after promote when i run repadmin /showreps it shows me this error at DFS replication: ==== INBOUND NEIGHBORS ====================================== DC=sincosald,DC=lan      Nome-predefinito-primo-sito\SINCOSRV via RPC ...
Score Dsget group members SID
Jeremy Smith - 21 Nov 2008 9:26 PM - 4 messages
When I run Dsget on a group to get is members, all of the users that are from a trusted domain show as SIDs.  I like to get the disaply name like I do for users that are local to the domain.  If I pull the ...
Score "This server is the last domain controller in the domain"
Massimo - 21 Nov 2008 7:36 PM - 10 messages
I've always wondered what this checkbox is for in DCPROMO. Shouldn't Active Directory be able to figure on its own how many domain controllers are left for a given domain? If I'm actually demoting the last domain controller, the domain will not ...
Score AdsiEdit Error when trying to view data of type "DN Binary"
Powerled - 21 Nov 2008 5:28 PM - 6 messages
Hi! I have Installed Windows server 2008 Standard x32 with AD DS role - single domain. When I open Adsiedit, pick the default naming context -> Attribute editor and try to view the sttribute "wellKnownObjects" I get an error: There is no editor registered to handle this attribute type. ...
Score DC W2K substitution with other one W2K3: same hostname, same IP: feasible?
SubAdmin - 21 Nov 2008 2:18 PM - 4 messages
============================== ----- CURRENT SITUATION  ----- ============================== Windows 2000 mixed domain (compatibility mode) "DC1" Windows 2000 in site "A" with the following services: 1) FileServer 2) IAS (RADIUS for authentication from Cisco PIX) 3) FTP Server (a dozen virtual folder on IIS, which are folders of ...
Score How to remove the DC in AD user and Computer when old DC down
Zero Warrior - 21 Nov 2008 8:00 AM - 5 messages
I tried to using ntdsutil to remove old DC and that DC already down. I follow the attached guide to remove it, but the AD User and computer still show that one old DC, May I know how to remove it? Thanks! ...
Score Network time issue
Clubsprint - 21 Nov 2008 1:23 AM - 2 messages
G'day I've a single domain and about 9 DCs accross six sites. I found that our time was a few minutes fast. I defined the time settings and listed some external time sources on myPDC as per the Knmowledgebase articles. I also ...
Score The requested object has a non-unique identifier and cannot be ...
Gerhard - 20 Nov 2008 11:10 PM - 5 messages
When editing email properties for users in active directory users i.e. trying to add a smtp email address for a user I get: The requested object has a non-unique identifier and cannot be retrieved Facility: Win32 ID. no: c007219d ...
Score Active Directory User Membership limit
DP133091 - 20 Nov 2008 4:05 PM - 11 messages
I am trying to find out the membership limit of a user in Active Directory. I have researched it and have not found an answer. I did find KBs and white papers that talk about it but all the answers varied. ...
Score ADMTv3.1 create SID-mapping-File
Sabine Putz - 20 Nov 2008 11:36 AM - 3 messages
Hi, can anybody show me the right syntax to create a SID-mapping-File for ADMT V3.1? The KB article  "How to use a SID mapping file with the ADMT tool to perform a resource domain migration to Windows Server 2003" doesn't work. ...
Score Domain admin rights across domains using 1 account
Micka - 20 Nov 2008 5:18 AM - 16 messages
In our setup we have 3 domains - INT(root), IDD(sub) & SVC(sub). The SVC domain contains our admin accounts and we need to be domain admins over both SVC & IDD. I've added our accounts as members of domain admins for SVC and delegated full control permissions over IDD domain but we still do not receive full domain admin rights. ...
Score profilepath - User Profile
shawnm - 20 Nov 2008 12:42 AM - 15 messages
Working with an extremely large active directory population and we are trying to identify certain user object types. We thought those included all objects that did not have a profilepath. However we noticed that we were capturing objects we did not want.  ...
Score *prevent* ldap enumeration for domain user
scubaal - 19 Nov 2008 10:56 PM - 7 messages
We have a VERY specific requirement to have a domain user with *really* locked down capabilities. This includes that user undertaking LDAP enumeration. Is that possible? Is it possible to have a working AD account that is *prevented* from enumerating ldap? (windows 2003 AD). ...
Score Default theme for basic user
Fadi - 19 Nov 2008 10:26 PM - 2 messages
Hi all, first of all i dont know if this is the right place for this question. my problem is that i configured a win 2k3 domain controller after adding i users and groups i tried to use a user account to login to one of my domain computers (witch ...
Score 2008 AD server in a 2003 LAN
Jim Helfer - 19 Nov 2008 10:19 PM - 3 messages
We are experiencing delays in people logging on to our Win2003 domain, and I am adding a test server that will be dedicated to AD (DNS/DHCP/Radius). Our current 2 AD servers are also the print server, and the file server, so the hypothesis is that these are too heavily ...
Score DNS not updating after DC replacement
Tim Miller - 19 Nov 2008 9:55 PM - 5 messages
Windows 2003 SE I have a domain controller, not the master, that died hard (couldn't be demoted) and had to be rebuilt from scratch. I did a dcpromo and it did get a copy of AD, but I'm stuck with errors in ...
Score in-place upgrade vs migration
skip - 19 Nov 2008 9:26 PM - 5 messages
Hello I am trying to find the best solution to get my AD forest upgraded to 2008. Currently the forest is at 2003 native and so is the domain. We have a forest root domain and a child domain, we also have 3 AD sites, each site has 3 DC's ...
Score configure LDAP between Windows Active Directory and Apache
Ricky - 19 Nov 2008 8:36 PM - 3 messages
Hi, I've been trying to figure this out but so far no success.  We're running Windows 2003(just one domain  "yourdomain.local") and wish to setup LDAP for Apache(version 2.2.3) to authenticate in Windows Active Directory.  On the ...
Score join computer to domain
southpaw - 19 Nov 2008 8:10 PM - 5 messages
Hi All. I removed a computer from domain (disjoin) and delete the computer account. Then when I add the computer back to the doamin with the same computer name and  reboot I am unable to logon. error message (The system cannot log you ...
Score Implementing Address Book/GAL
LilDeb - 19 Nov 2008 7:51 PM - 2 messages
Hi There, I have been tasked with implementing a companywide address book. Currently we have two individuals that keep all employees phone and contact info in an Access database which they export and convert to pdf to then post on the ...
Score Disabled account + locked computer
Eduardo Nazato - 19 Nov 2008 7:18 PM - 8 messages
Hi all, The scenario: the user locked his computer, and goes away for a coffee. We disable his (user) account as the HR dept. requested. The user realizes it, goes back to his computer, tries to unlock it... and it works! ...
Score Remove Delegation Tab on user object
WDNV - 19 Nov 2008 7:16 PM - 5 messages
Hello I inherited a domain which was upgraded to 2003 from 2000. Looking around I've noticed that one single user has in it AD USER object, a TAB called Delegation. This tab is also shown on the administrator account. ...
Score DNS and AD issues on Child Domain
HbooGz - 19 Nov 2008 6:44 PM - 5 messages
I'm running Windows 2003 R2 across all my DC's. single root consists of 2 domain controllers. child domain consists of 1 domain controller. In the child domain, the DC has DNS pointing to itself as the preffered DNS and nothing else. ...
Score Retire a 2003 Domain Controller?
MyGposts - 19 Nov 2008 4:24 PM - 17 messages
Can you just shut it down or is there any benefit to demoting it to a member server first? ...
Score 2 domains in 2 different forests...How to make one Forest?
Thierry Pon - 19 Nov 2008 4:03 PM - 4 messages
Hi, It's been a while that I created 2 different domains @ different times. I Just realized that I ended up with 2 different forests. The two domains are on the same subnet and I have created full trusts between them. Sometimes there are some communication glitches between ...
Score Cannot join the domain using VPN connection
Ami - 19 Nov 2008 3:00 PM - 7 messages
Hi All,    I have a DC + Exchange 2003+ DNS + AD on single box which is available using VPN connection only. After connecting through VPN from another Windows 2003 machine which gets the dynamic address using DHCP (which happens to be on different subnet), I try to join the domain ...
Score DSADD - Computer Name (Pre-Windows 2000)
Holger - 19 Nov 2008 11:27 AM - 5 messages
Hello to everybody, I moved with the DSADD-Command Computers from Domain A to Domain B. In Domain A the Pre-Windows 2000 Computer Name ist 15 Signs long. But when the Computer has moved, in Domain B the Pre-Windows 2000 Computer ...
Score machines can't update their machine account passwords
Brandon McCombs - 19 Nov 2008 5:12 AM - 8 messages
Hi, Okay, I'm trying this once again to see if anyone can provide a useful answer. I have 2 DCs setup using Win2k3 Enterprise Edition. There are about 15 member servers. All servers have been running fine for about 5 ...
Score Migrating local profiles to AD profile
pali - 19 Nov 2008 3:46 AM - 7 messages
Using Windows 2003 Servers for DC, XP, 2000,& Vista Clients We are migrating from a non-AD configuration to an AD configuration for hundreds of users. To ease the transition for our users we would like to move local account files & settings to the new AD profile on ...
Score Netdom
Kathy - 19 Nov 2008 2:53 AM - 5 messages
Which version of Netdom file should be used to create and verify trust relationship in Windows Nt 4.0? Is this available as free download? Regards ...
Score CurrentProject.AccessConnection
mak2008 - 19 Nov 2008 1:41 AM - 2 messages
I am using MS Access 2003. I have a linked table that links to the SharePoint system.  I created a button that will make a query using CurrentProject.AccessConnection.execute. That worked fine for the first time.  When an users enter new data in the ...
Score The server has encounter a critical error from the Active Director
Kelvin Ng - 19 Nov 2008 12:48 AM - 2 messages
Hi, i have a Win2003 DC with SP2 installed at site office, recently DNS & DHCP not functioning pn this server with below event log; The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error ...
Score Auditing User Logon/Logoff
Steve - 18 Nov 2008 9:26 PM - 8 messages
What is the best auditing to use to audit user logon/logoff the domain. I assume that this goes to the DC security log..but what is the best way to compile this data with multiple DCs? Thanks. Steve ...
Score Local Printer
Pat - 18 Nov 2008 9:01 PM - 6 messages
Hello, I want to be able to allow non administrator users to add local print drivers on thier computers. I thought this was possible but I am not able to find the settings in Group Policy. Thanks in advance ...
Score Scripted Drives
Dennis Backherms - 18 Nov 2008 6:36 PM - 8 messages
I use a startup script to map drives to users in AD. I have been experiencing some weird phenomena lately where one department's mapped drive will switch to another department's mapped drive. The only thing I have changed recently is the GPO Editor to the new editor from MS. I ...
Score Service Connection Point (SCP) Best Practices
gregp - 18 Nov 2008 5:40 PM - 4 messages
We're are deploying a product which uses an SCP, and we were wondering if it is generally acceptable for a service to create its own SCP automatically at startup if it does not exist, without customer knowledge.  I see in the documentation for Service DIscovery, that it is specifically ...
Score Disabled Account / Email issue
Kelly Armitage - 18 Nov 2008 4:46 PM - 6 messages
Sorry if this is posted in the wrong area I am not sure where the best place to post this one would be. To begin we have Active Directory and Exchange 2003.  We have a corporate policy that states we must disabled accounts of employees within 48 hours.  ...
Score GPPrep in Windows 2008
Luiz - 18 Nov 2008 4:30 PM - 9 messages
Hi, I have a Windows 2003 Domain/Forest and I want to upgrade to Windows 2008 Domain/Forest. I would like to know if I mus run adprep /gprep beasides /forestprep and /domainprep. Thanks for while. Luiz ...
Score Preventing GP from being pushed down to a selective machine
Scrivnet78 - 18 Nov 2008 1:04 PM - 10 messages
I have several machines that I need on my domain, but I need to prevent ALL policies from being pushed down, including the default. Is there a way to do this? I made a different OU, moved the computers into them and made a new generic ...
Score Discarding Root Domain and promoting ADC to Root Domain.. ??
Jaz.. - 18 Nov 2008 12:45 PM - 10 messages
Dear All, I have Root domain and two ADC and one runs as a physical other one runs on Windows Virtual Server 2005 Sp1. I need to make Virtual ADC to be Root Domain. I took copy of virtual HD and isolated on separate network and seized the ...
Score Log shared folder activity?
memon_boys - 18 Nov 2008 9:24 AM - 4 messages
What would be the best way to log data for files in a shared directory (and sub-directories) on a server?  The type of information needed would be something like this: - File accessed - By whom the file was accessed ...
Score Software Installation from Local DCs and not from remote sites
JJ - 18 Nov 2008 4:39 AM - 7 messages
Hi, We are installing a software using UNC path \\xyz.com\path\software.exe unfortunately this is coming back to our main office to pull the software for installation which is causing heavy network bandwidth. We would like to have this install from the local domain controller and not from remote ...
Score Add 'Account Operator' to Local Workstation Administrators Group?
Scott Townsend - 18 Nov 2008 12:23 AM - 10 messages
So When you ad a Machine to a Domain, the Domain Admin Group is added to the Local workstation's Administrators group. I want my Jr Admin to be able to Manage the machines too, though I don't want to give them Domain Admin rights. ...
Score SystemLog Issues on Win 2003 DC Box
RG - 17 Nov 2008 11:03 PM - 3 messages
I getting the following failure when running dcdiag.  Looking at eventlog, I didn't find event id below. The reason why I looked at this is because the 2007 exchange server residing on win 2008 failed to start it's services due ...
Score Changing User Home Folder
Bobson - 17 Nov 2008 10:57 PM - 14 messages
Hi everyone, thank you for your help in advance. We need to replace a new file server with an old one for one department. We will have to give a new name to the new file server. Currently, we have about 130 users in Active Directory. And each user's home ...
Score Odd PDC Browser problems
Mark Z. - 17 Nov 2008 9:59 PM - 5 messages
2003 domain and having problem on my PDC role holder (32-bit 2003 w/SP2 fully patched). Seems to be a cycle of Server service errors, then a browser master is elected, then errors turn into browser errors, then back to the server ...
Score Delegate Control... Reset Passwords
Otto - 17 Nov 2008 8:53 PM - 14 messages
I have a group of admins that are able to reset passwords for users in selected OU's, but not all.  Security settings appear the same on all OU's, but these admins all receive the message "Access Denied" when trying to reset ...
Score Upgrade 2003 enterprise root CA
skip - 17 Nov 2008 7:56 PM - 3 messages
Hello Currently my enterprise root CA is runnin windows 2003 sp2 and it is a DC. The domain and forest fucntional levels are set to windows 2003 native mode. I am going to do an in place upgrade of this DC to windows 2008. Any issues ...
Score Systemlog Errors on win 2003 dc box
RG - 17 Nov 2008 7:05 PM - 6 messages
I getting the following failure when running dcdiag.  Looking at eventlog, I didn't find event id below. The reason why I looked at this is because the 2007 exchange server residing on win 2008 failed to start it's services due ...
Score migrate to 2008 AD
skip - 17 Nov 2008 7:00 PM - 9 messages
Hello I am planning the migration to AD 2008. The current AD is windows 2003 native mode, we have one child domain and one forest root domain. My plan is to update the current AD to support 2008 /adprep then introduce new hardware ...
Score Easiest way to refresh AD permission cache without logoff / logon
rilecode - 17 Nov 2008 6:43 PM - 5 messages
We are constantly updating AD permissions to give this user or that user new permissions, is there a way to access their new permissions without logoff / logon, or waiting for the cache to refersh?  There must be a simple cmd that will refresh AD cache, but I couldn't find ...
Score read-only access to all drives
Greg Stigers - 17 Nov 2008 6:22 PM - 2 messages
We've been asked to provide read-only access to all server drives to a group of "auditors" in another trusted domain (one-way external trust). No official answer is forthcoming on whether the auditors can have broader access. We would rather not touch each drive on each server. What are some ...
Score LDAP single point of failure
barrycuda72 - 17 Nov 2008 6:10 PM - 6 messages
Situation:  Have AD 2003 running on multiple domain controllers.  We have a 3rd party application that uses Ldap to authenticate.                   This works just fine with the exception that you can only ...
Score Remove AD DRM role
Dave Rees - 17 Nov 2008 3:07 PM - 6 messages
Hi Is there away to manually uninstall the DRM server from win 2008. The role can not be reinstalled or uninstalled via the server manager. The role uninstall fails with the following : Active Directory Rights Management Services Active Directory Rights Management Services: Removal failed ...
Score Tracking "lost" Object In Active Directory
newbie007 - 17 Nov 2008 3:06 PM - 3 messages
Hi Somehow a computer (server) account was removed from active directory which meant that the server could no longer log in, although when we re-attached the server everything was OK I would like to learn from this so.... I can see the computer in the deleted containter when I examine the domain ...
Score Remove 2008 AD from 2000-2003 domain - domaindnszones/forestdnszon
Steven Cools - 17 Nov 2008 1:30 PM - 9 messages
hello, i want to remove a win 2K8 server DC from our domain (since we face too many problems with software we'd like to run on it.) when running dcpromo i get the notification that "this domain controller holds the last replica of the following application ...
Score XP Client Authentication - [WP]
WildPacket - 17 Nov 2008 1:08 PM - 9 messages
XP Clients have DCs in their sites but they get authenticated from DCs in the other sites ...same tend to happens with the clients in the HO too. We have 4 DCs in the HO and 3 are GCs/DNS.  ...
Score Failed P2V - Active Directory USN rollback issue
cyacomini - 17 Nov 2008 12:39 PM - 18 messages
Hi all, Could someone please put my mind to rest - this has been driving me mad since last week. Last Tuesday whilst I was out of the office, my IT Manager attempted a P2V conversion of our last physical Active Directory server. The P2V conversion ...
Score Showing Time server as different than PDC
Laljeev - 17 Nov 2008 12:00 PM - 7 messages
Hi We have 4 DCs (2 in HO other 2 in different sites) and we have only one domain. But when I check the time source using net time it's showing one of the DCs in another site and not showing the PDC server. How can I correct ...
Score In Active directory, create for all user's a shortcut to a dial-up or vpn connection on the desktop
MSH - 17 Nov 2008 11:55 AM - 4 messages
hello, in AD, How can  create for all user's a shortcut to a dial-up or vpn connection on the desktop. MSH Thanks ...
Score Can a Windows 2008 be a DC ?
Patrick - 17 Nov 2008 10:39 AM - 2 messages
We are migrating from Novell to Windows 2003 Active Directory. We are going to deploy a number of Windows 2008 Server in the near future. We would like to know whether it is possible for one of them (Windows 2008) ...
Score subnets or supernets in Sites and Services?
Stefan 'Birdie' Vogel - 17 Nov 2008 8:19 AM - 2 messages
Hi together, we sometime experience issues with clients that do not login to the local DC, but to a DC in a different site. We are using eg. 10.165.1.0/24 10.165.2.0/24 .... 10.165.200.0/24 ...
Score Renamed AD user - still shows with previous username
gbug - 17 Nov 2008 6:09 AM - 5 messages
Hi all, I have a user who has gotten married, and has requested their username and display name, etc, to be changed. We have done this, including right clicking the user name, changing all names in there, adding a new SMTP address, etc ...
Score Logon scripts can't access network home drive
Jessica Hamilton - 16 Nov 2008 8:08 PM - 3 messages
Hi, I have a problem trying to set up user logon/logoff scripts using GPO. I'm using the User Cfg > Windows Settings > Logon/Logoff scripts settings, and putting my scripts in here. The problem is that the user's home drive doesn't appear to be mapped during ...
Score Delegated Permissions
Fahad - 16 Nov 2008 7:41 PM - 2 messages
Dear I have windows server 2003 AD service. I delegated the following tasks to our help desk team using the Delegate control wizard. - Create, delete, and manage user accounts - Reset user passwords and force password change at next logon - Read all user information ...
Score KDC failing during Domain Controller Shutdown
Howard Wilkinson - 16 Nov 2008 6:16 PM - 2 messages
I have a pair of DC's with one of them hosting Exchange Server 2003. When this server is shutting down the KDC keeps on responding to requests but errors all requests with KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN. As the server takes 20+ minutes to shut down we have an otuage on our systems where logins are ...
Score Users can not access server has 2 NIC
mahmoudmga - 16 Nov 2008 11:15 AM - 8 messages
Hi I have one server (ERP server) with win2003 enterprise  that joint to Domain. This computer has 2 NIC that first NIC connected to lan for (internal users)  and another connected to internet (Valid  IP) for ERP ...
Score Active Directory Authentication and DMZ server
Sukhwinder Singh - 16 Nov 2008 8:24 AM - 3 messages
Dear All, We have a requirement in our organisation that all the application and internet facing servers in the organisation should be the part of Active Directory Domain. We have many servers in DMZ zones and the Domain controllers are there in LAN zone. We need to have all the DMZ servers to be ...
Next » 2 3 4 5 6 7 8 9 10