Home All Groups Group Topic Archive Search About

Windows Server Active Directory

microsoft.public.windows.server.active_directory
Score Clarification on computer object migration
Ezakial - 13 Dec 2008 6:40 PM - 8 messages
Hi, I'm performing computer migration(ADMT3.0) from windows 2000 to 2003(intraforest). I have more than more than 4000 domain local and global groups in the source domain which has computers and users as members of it. I ...
Score Folder redirection policy set with Windows Server 2008 does not work on my Windows XP client machine
Donald - 13 Dec 2008 6:03 PM - 3 messages
Hi there, Thanks for your help in advance. I am testing a Windows Server 2008 trial on the folder redirection policies. I can make it work on the server if I log on with affected users but not on a Windows XP client machine. However, the ...
Score ADMT password change
Ezakial - 13 Dec 2008 4:07 PM - 4 messages
Hi, After the post migration of user accounts, ADMT3.0 forces the users to change the password. I do not want the users to change the password during the first logon(post-migration). Is there any script to bulk disable the ...
Score Active Directory authorization
faanyan - 13 Dec 2008 2:26 AM - 2 messages
Hi, I'm doing a project about single authentication and authorization using Web Service and Active Directory. The main idea is that any application in an organization should adapt themselves for using my Web Service in parts of authentication to use only one users' identity for a user for every applications. ...
Score Password hashes
Dan - 12 Dec 2008 7:11 PM - 7 messages
Hello,   I know AD passwords are not stored and readily available in MD5 or SHA-1 by default (or atleast that's what I'm seeing); but I've heard it's possible to use/create another LDAP field and have the passwords ported to that field ...
Score Problems with adamsync between one AD LDS and two AD DS services
drederick - 12 Dec 2008 7:08 PM - 4 messages
I am trying to use adamsync to sync user data from two separate ad forests into a single AD LDS instance. I need all the user data to be in the same partition because I want to add those users to groups within that same ...
Score Script to convert the group type from Domain local to Universal
Ezakial - 12 Dec 2008 3:11 PM - 4 messages
Hi, I have more than 500 Domain local groups groups and I need to convert it to Universal group before migrating it to the target domain. Anyone has a script or tool to bulk convert the group type to universal. Thanks ...
Score Ad Schema
dkumar - 12 Dec 2008 9:44 AM - 6 messages
Hi All - Better to have clear the doubt before i'll screw My AD schema ( AD 2003 ) As per source - Source - kb/241594 There are certain parts of Active Directory that cannot or should not be restored in an authoritative manner: ...
Score my documents
David Fernandez - 12 Dec 2008 9:21 AM - 6 messages
hi, we are working with an windows 2003 active directory. We had my documents folders pointing to a folder in a server, and we´d like to move to another. With some users I have been able to set the new folder, but with other ones ...
Score Replace hot server through restored server for some hours
Gerhard Kiessling - 12 Dec 2008 8:52 AM - 9 messages
Hello Newsgroup, I'd like to ask a backup/restore question concerning AD before getting problems. Some facts on what we do at the moment : Environment is a domain with 3 DCs (all W2K3). As backup solution we are using Acronis True Image Enterprise ...
Score Windows 2003 server not responding (hang-up)
Eugene Espinosa - 12 Dec 2008 6:36 AM - 3 messages
Hi All, Please help! My server always hang-up. The server is not responding, it not responding to keyboard even you press crtl+alt+del keys. what i do when the server hang-up is power off by hard reset. we are using HP proliant M5. ...
Score Need help determining where the problem is in my AD replicas
Jason Hand - 12 Dec 2008 1:37 AM - 8 messages
I have been trying to figure out which of the two DC on my domain has the corruption in it's AD database and what to do to fix it.  Any ideas would be very helpful.  Here is what errors are being reported in Directory Services ...
Score VLV searching a subtree
bspencer - 11 Dec 2008 8:21 PM - 3 messages
We are trying to use VLV to search a directory of users in an ADAM (and also LDS), but are hitting all sorts of problems.  Maybe someone here can offer some help.  We have multiple support incidences in ...
Score change local administrator rights to a user rights
savvasn - 11 Dec 2008 7:44 PM - 4 messages
Hi Dear all I have a problem I HAVE A NETWORK WITH 20 PC. EACH USER HAS ADMINISTRATIVE RIGHTS ON THE PC. IS THERE ANY BATCH FILE THAT CAN CHANGE THE USER RIGHT FROM ADMINISTRATOR TO A USER? If not, how can I do it from the group policy from the active directory? Is there any simple tutorial? ...
Score Exclude Admin account from Account Locked out policy
RayRogers - 11 Dec 2008 7:08 PM - 20 messages
Hello, I have windows 2003 domain. I have domain policies applied on domain level, such as lockout policy. There are a few accounts have domain admin right. How do I exclude these admin accounts from Account Locked out policy or other ...
Score Changing the IP of our 2 DC's a problem?
Cyborg - 11 Dec 2008 4:43 PM - 6 messages
Hi, I have 2 DC's and have just installed another 2, I will eventually decommision the old 2 DC's.  Anyway I need to make the 2 new DC's have the IP's of the old 2 DC's (swap them), can I just do this and all will be ok? ...
Score AD design for two companies that need to share resources..
funkyd - 11 Dec 2008 3:43 PM - 9 messages
I have two companies in different continents that fall under the same group. They are both separate legal entities. Sometimes staff from company A travel to company B and need access to the network to print, access email etc. They want to join the infrastructure between the two companies so that staff ...
Score SQL service accounts
Family - 11 Dec 2008 2:52 PM - 6 messages
Hello all The environment is Windows 2003 sp2 native mode. We have one AD forest with two domains, three AD sites and an AD non transitivie one way trust to another AD 2003 native mode forest.We have around 300 servers, of which 100 ...
Score Account creation date
JeffH - 11 Dec 2008 2:12 PM - 7 messages
Hi, Is it possible to find out when a user account was created in Active Directory? Thanks in advance, JeffH ...
Score Search for AD Tools (generate tests issues)
Job - 11 Dec 2008 12:34 PM - 5 messages
Dear All, I wonder if there is a tools which can generate issues (test) on AD environment because I monitor DCs and would like to know if issues like replication, dns, role, etc... are kept by my monitor platform. Thanks for your help. ...
Score Extract user group membership details
Ezakial - 11 Dec 2008 11:56 AM - 6 messages
Hi, I looking for tool or script which can extract user belonging to which group precisely user group membership details. Please let me know if anyone has come across script or tool. thanks ...
Score Group policy / WSUS problem.
ChrisR - 11 Dec 2008 11:50 AM - 3 messages
Hi there, I wonder if anyone has come across this problem before? I have a Group policy object for controlling Windows Update which specifies the following settings: * Specify intranet Microsoft update service location: enabled * Set the intranet update service for detecting updates: http://ip address ...
Score Add domain user\group to local admin group problem
DangerMaus - 10 Dec 2008 11:54 PM - 14 messages
I have two Windows Server 2008 servers. One is a DC and the other is a member server. I created a global security group in AD and tried to add it as a member of the local Administrators group of the member server. I am able to ...
Score Export msRTCSIP-UserEnabled to excel
newsgroups.jd - 10 Dec 2008 11:08 PM - 5 messages
rtcenabled = objMember.msRTCSIP-UserEnabled I have an VBS script that I use to export various attributes of AD to excel.  I am trying to export the value of the msRTCSIP-UserEnabled attribute to see if it is TRUE so that I know ...
Score SAP and AD-more DC/GCs to handle the load?
Steve - 10 Dec 2008 10:34 PM - 2 messages
Our company is implementing AD, and I have started reading the about the SAP/Microsoft alliance (single sign on, etc.). We have 7 fairly new domain controllers (dual quad core, 32bit and 64bit, 8gb ram each). Should we consider getting more DC/GCs since we are implementing SAP? any help is ...
Score consolidating sites
Dudley - 10 Dec 2008 9:02 PM - 7 messages
I have 10 buildings in my organization. In the NT4 days, they were connected with T-1 lines and AD Sites & Services had a site for each of them. Each building had at least one DC in it. We are now running Server 2003 on all DCs ...
Score staging a DC install
N - 10 Dec 2008 7:57 PM - 7 messages
I have a question about creating a secondary domain controller for a remote site.  I currently have a soon to be secondary domain controller in my office where we have our Domain A.  This new DC is going to be a secondary ...
Score File Server Management and Print Server
SEgerton - 10 Dec 2008 7:52 PM - 5 messages
We are currently running Windows 2003 Standard Edition SP2 for both our file server and our print server. Our file server is just joined to the domain and the print server is also a Domain Controller. I just recently discover management tools for "File Screening" and "Print ...
Score AD replication error on new DC
Saic@SWN - 10 Dec 2008 7:31 PM - 7 messages
I recently installed a new in our location running Server 2003 R2, MAIN-FS01. It's set up to be a fileserver and DC. The main site has 2 other DCs, one an old file server MAIN-2K1 (DNS and DHCP) and MAIN-EX, running ...
Score Site with multiple DC's
Zeno - 10 Dec 2008 5:58 PM - 6 messages
Hi, I have a query I'd like to clarify, we have various satelite sites in our environment at one of our satelite sites we have 2 DC's sitting on a server VLAN and we have various WinXP clients seperated on various ...
Score How to limit concurrent connections in active directory
User - 10 Dec 2008 5:06 PM - 5 messages
How to limit users to 1 concurrent connection in Windows Server 2003 R2 Std? Can this be done via Group Policy? TIA ...
Score Account Operators Permissions
Baboon - 10 Dec 2008 4:59 PM - 6 messages
In order to allow users to add computers to or move them from specific containers, or to delete them, we need to add the users to a group and give that group permissions to the containers similar to: On "This object and all child objects" - "Create Computer Objects" + "Delete ...
Score What should a DC's NIC DNS settings be?
Cyborg - 10 Dec 2008 4:17 PM - 8 messages
Hi, I have 4 DC's, DC 1 has all the FSMO roles, but I'm just wondering what the DNS servers should be on the DC's NIC settings. Because DC1, points to itself as the primary DNS server it takes for ever to ...
Score XP Laptop Security Solution
Sbrown95 - 10 Dec 2008 3:36 PM - 6 messages
Environment:  100% Windows XP Professional, Windows Server 2003 Active Directory.  All users have Standard limited User Accounts. NO we do not use windows Vista, YES i WISH we did, but it will take at least another year of testing for it to get approved for onsite use. ...
Score Cleanup (successfully) demoted DC's
gscanga - 10 Dec 2008 3:15 PM - 5 messages
I have a forest with several demoted dc's. All were demoted successfully so I don't see where "metadata cleanup" will help me. But when I run "repadmin /showutdvec"  I see guid's (no hostnames) along with the active dc's. ...
Score windows 2008 rodc and writable DC ports
chua - 10 Dec 2008 3:11 PM - 12 messages
hi, whats is the ports communication required between Windows 2008 in LAN and Windows 2008 RODC in DMZ? steve ...
Score Securing Remote Desktop - Help needed
NickNew - 10 Dec 2008 12:35 PM - 7 messages
I need help on the following issue: PC1 == Internet == PC2 == LAN == Server I have enabled PC1 to connect to PC2 via VPN and remote desktop. The administrator logon via remote was disabled on PC2. Now I want to disable that a user that is logged on via remotedesktop on PC2 can open another remotedesktop session and logon to the server. I only want to allow users that are logged on locally to connect to the server. ...
Score Replication problems
Simon - 10 Dec 2008 10:00 AM - 9 messages
Hi I hope someone is able to help I get the following error when trying to manually replicate between to 2 servers on site: The following error occured during the attempt to synchronize naming contect xxx.com from doamin controller xxx to domain controller xxx ...
Score Several Folders need map in AD users ( AS File Server)
Pradeep - 10 Dec 2008 9:15 AM - 3 messages
hi I need map Shared Folders Likes X: Y: Z: Like Defrent Department I tray  out so many Thing but it’s not Working Can Any one help me Thanks Pradeep I try out several loging scrept In ou level ...
Score duplicate username
Ramon - 10 Dec 2008 8:24 AM - 5 messages
Hi, Today i stumbled into a strange problem. We manage ad networks for several customers. Some with a sbs server  and some with normal windows 2003 servers. If I have a username jane doe on the sbs server with accountname j.doe, i ...
Score Online Teaching and call handling offer
Raju4 - 10 Dec 2008 7:37 AM - 2 messages
Hi Business Associates, Greetings!! I am Subbaraju,  working as a TEst Lead with leading MNC at Hyd. I have 12+ years of Faculty exp and 6+ years of Software testing. I am offerng global teaching through my website with minimum cost, all the ...
Score Online Teaching and call handling offer
Raju4 - 10 Dec 2008 7:36 AM - 3 messages
Hi Business Associates, Greetings!! I am Subbaraju,  working as a TEst Lead with leading MNC at Hyd. I have 12+ years of Faculty exp and 6+ years of Software testing. I am offerng global teaching through my website with minimum cost, all the ...
Score DC not authenticating local users
Sneakie - 10 Dec 2008 6:11 AM - 10 messages
I have a WAN between 2 remote sites. The primary site has the MO and 2 DC's and the remote site has 1 DC. When the link between the 2 sites goes down, the DC at the remote site fails to authenticate the local users at that ...
Score 2000 to 2003 AD upgrade questions- bridgehead order, Hyper-V
doc - 9 Dec 2008 11:47 PM - 9 messages
I'm getting ready to start testing an upgrade plan for a forest of 30 domain controllers with 6 sites and have a few questions: After the FSMO role holders are upgraded, is it preferred to upgrade the bridgehead servers or other DCs in any order? ...
Score Connect Copier/Scanner to LDAP Server
Beyuduzz - 9 Dec 2008 8:04 PM - 3 messages
I have a Ricoh MP2550 and need to setup the scan to email feature.  It can connect to an LDAP server, but when I enter the configuration I get the following two entries in my DC's Event Log. ...
Score LDAP - problem entry
Meigs - 9 Dec 2008 6:48 PM - 3 messages
I get the following error message in our exchange server Application event log. The server in the error message has been removed from the domain and if I run dsquery computer -name svr2 I get no reply. ***** Event Type:    Error ...
Score Application permissions
KKwias - 9 Dec 2008 6:29 PM - 2 messages
I have a W03R2 network- Users, desktop are locked down via AD. I have some applications that require elevated access for the apps to run on the client desktop. Speciffcally, apps needs temp folders, and system folder access. Is there anyway to grant this for a specific application without granting ...
Score joining domain RPC server unavailable
Andre - 9 Dec 2008 5:05 PM - 3 messages
have a vista business with sp1 (Just installed) I get an error that the RPC server is unavailable when i try to Join the pc to the domain. Things I have tried: Reset the Ipstack Checked dns on the server nslookup ect= no errors ...
Score Are the schema updates for Office Communications Server 2007 included with Exchange
Cmor - 9 Dec 2008 3:39 PM - 2 messages
We will be deploying both Exchange 2007 and Office Communications Server 2007 this month.  Both require Schema updates.  Are the Office Communications Server 2007 schema updates part of the Exchange 2007 schema updates, or are they completely different? ...
Score Error creating users via web page
Jennifer S - 9 Dec 2008 1:53 PM - 2 messages
I have a .NET assembly which has its own username and password in AD that allows it to create, update, and delete users.  When I call this from a Windows form, I have no problems with my Create, Update, or ...
Score LDAPS setup
Anthony - 9 Dec 2008 12:41 PM - 3 messages
Hi, I am trying to get LDAPS working on our Windows 2003 SBS server without success, at present I have obtained a certificate from thawte and as far as I can tell installed it correctly ( It works ok for OWA). ...
Score VBscript to extract userlogon to Workstations
Ezakial - 9 Dec 2008 10:30 AM - 11 messages
Hi, I'm looking for VBScript script which should be able to extract information of 1) SAMaccount 2) Firtname and Lastname 3) Logon - Workstation/Desktop/Server hostname If the script can output in CSV format would be excellent. Thanks ...
Score Change the expiration date
MCS - 9 Dec 2008 10:23 AM - 5 messages
I have a ADAM with a lot of users and i need do a script to change the expiration date of all the users passwords. I discover i need modify this attribute: AccountExpires The problem is the value i need put to this attribute is not a date ...
Score Data collection
Toxic - 9 Dec 2008 8:20 AM - 3 messages
I have Windows 2000, DHCP is active, ISA 2000 and have AD running Basically Iwant a script that will match machine name to ip or mac address. Any ideas this might even be posted in the wrong place Thanks Brett ...
Score Completely restoring two domains in the same forest
Massimo - 9 Dec 2008 6:20 AM - 27 messages
I have an Active Directory forest (2003 functional level) composed of a root domain and a child domain; each domain has two domain controllers, and all the DCs are global catalogs. I need to completely re-create this forest in a test lab, and I'm planning ...
Score How often to backup system state of all Server 2003 DCs?
MyGposts - 9 Dec 2008 6:16 AM - 4 messages
I remember reading somewhere that it is recommended to backup the system state of domain controllers several times a day. I searched and can't find where I originally read that. If that's true, do you have to use third party backup tools?  I don't ...
Score azameDisaster recovery of domain after an actual disaster?
MyGposts - 9 Dec 2008 5:42 AM - 8 messages
Suppose all servers are damaged beyond repair due to fire or other reasons and are the same hardware is longer available for repurchase due to being discontinued models? Can you restore active directory tape backups of domain controllers to all new hardware that isn't very ...
Score Joining imaged workstations with dup SIDs to AD. Effects?
Rich - 9 Dec 2008 5:19 AM - 6 messages
I have this issue where workstations appear to not be properly joined to the domain.  They were at some point working but eventually they stopped running logon scripts or cannot map shares. That is because we replaced domain controllers and file servers which at that point they cannot access the ...
Score Whats Need to Done to Become An MVP
Rajesh J S - 9 Dec 2008 4:33 AM - 3 messages
Dear all MVPs, My dream in to become an MVP in directory service. so whats needs to done to become an MVP. I have completed MCSA, and done MCP. I am posting the solution in the directory service community. What else to be done. Please inform me. So that i can become an MVP. ...
Score Unable to join AD domain from DMZ network
Mugen - 9 Dec 2008 2:04 AM - 12 messages
Hi, We are running Windows 2003 AD Domain and now like to allow user account authentication from DMZ to 2003 AD internal network. However, when we try to join AD domain from the server in DMZ. We got an error message 'The RPC ...
Score NSlookup script?
Dan - 9 Dec 2008 12:48 AM - 2 messages
Hey all,   Anyone got a little script or a good idea on how I can use nslookup in a batch file to grab spf records for specific domains and compare them against an existing list?  I can do most of the stuff but what I'm having issues with ...
Score Looking for detailed GPO refresh process details
mike h - 8 Dec 2008 6:52 PM - 6 messages
Problem I have a very large GPO set that clamps down hard on the user and machine environment. I also have a set that relaxes specific aspects of this to allow user and machine activities. In the end this is a very large GPO set. ...
Score Group Policy Registry
TaylorGaffney - 8 Dec 2008 4:51 PM - 4 messages
- <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/ event"> - <System>   <Provider Name="Group Policy Registry" />   <EventID Qualifiers="34305">8194</EventID>   <Level>2</Level> ...
Score Integrated DNS
Dan - 8 Dec 2008 3:39 PM - 4 messages
Can you install DNS on a non domain controller and have it act as an active directory integrated DNS server? I'd like to do this and point clients to it as thier primary DNS server. Thanks ...
Score Searching SamAccountName in all trusted Domains
Shayne D. Swann - 8 Dec 2008 1:16 PM - 2 messages
Im looking for a way to search a sam account name attribute in all of my domains trusted domains. I.E. when I search a name I want to search to be performed on all of my trusted domains (even outside of my forest). I have ...
Score How To assess the quality of my AD
Meigs - 8 Dec 2008 9:40 AM - 4 messages
We've been using our domain for several years. About 7 years. We're now running both our servers on Server 2003, with plans to upgrade to Server 2008 and exchange 2007 from 2003. Things have happened over the years that I've repaired, Servers have been ...
Score GPO
Paco - 8 Dec 2008 8:52 AM - 4 messages
Hi! Is there a way to set the send/recive time for Outlook 2007 in a group policy? We are using Windows 2003 R2 sp2 with AD, Outlook 2007 and Alt-N Mdaemon Pro ...
Score Restore FSMO role holder
Dudley - 7 Dec 2008 10:34 PM - 11 messages
Is it better to restore a FSMO role host or to seize the role to another DC and remove the failed DC from Active Directory? ...
Score Email limits report
Cmnsol - 7 Dec 2008 3:35 AM - 4 messages
I have printed this before, but cannot remember where or how.  I need to print a list of all users' email limits to compare to their current mailbox size.  How can I print this report? Thanks Carmen ...
Next » 2 3 4 5 6 7 8 9 10