Home All Groups Group Topic Archive Search About

Windows Server Active Directory

microsoft.public.windows.server.active_directory
Score User Account Properties
create_share - 21 Mar 2009 6:58 AM - 3 messages
Hi! In Windows 2000 server if we double click on any user account it will open the properties window of that user but in windows 2003 if we double click it, it will go to the left pane and will not open the properties window. Is it ...
Score GPO to allow Active X, Java FLash
Kim K - 21 Mar 2009 12:18 AM - 6 messages
I have a new server (08) and the businesses website uses Active X, adn flash, they cannot see their site.  I am asusming that this is because they were recently joined to the domain and have not accepted the install of the Active ...
Score Logon script change
Candace - 20 Mar 2009 11:58 PM - 3 messages
I have a group policy that includes a logon script. I need to add another mapped drive to my logon script which is a .BAT file. I attempted to locate and edit the appropriate .BAT file by doing the following in the Group Policy ...
Score DNS/DHCP problem while migrating computers using ADMT
Steve Kadish - 20 Mar 2009 9:25 PM - 5 messages
Hi all, We recently merged with another company and we are trying to merge their users and computers into our forest using the Active Directory Migration Tool.  So far the testing has mostly gone smoothly, but I had one problem ...
Score DC fails when isolated from network
Mark Z. - 20 Mar 2009 4:48 PM - 4 messages
My 2003 R2 DC is a global catalog, and points to itself for DNS (via its own static IP and has all the AD forest-integrated zones w/records). It does not hold any FSMO roles. When it is shut down, disconnected from the production ...
Score GPO Version mismatch in Sysvol
Kevin Gallagher - 20 Mar 2009 4:43 PM - 6 messages
I am getting a Version mismatch error from gpotool telling me that the DS version number for a GPO is different to the Sysvol number. In fact the DS version number is higher. My AD and FRS replication is ok as I have used ADST ...
Score Group Domain Admins cannot be found
SteveB - 20 Mar 2009 12:39 PM - 7 messages
I am trying to add a group (Global Security group) I have created in the Users container to the Domain Admins group which is is in the same container, but when I try to add it on the "Member of" tab, Check names is unable to find the group Domain Admins.  The group definitely exists. Object types it is looking for are Groups or Built in security principals.  Location is BLAHBLAH.dom.  I have tried changing the Location all the way down the tree to the actual Users container and it still cannot find the group. ...
Score Logon issue in a 2 domain trust - Win 2003
kgangulw - 20 Mar 2009 10:16 AM - 7 messages
Hello, I have two Windows 2003 DCs. named them as below for example: DC1: abc.com DC2: xyz.com Trust between the two has been created (Two way) and that went through fine. however the problem is this I'm trying to log into DC1 (abc.com) with a user created in (xyz.com) ...
Score Web server issue
samanderson123 via WinServerKB.com - 20 Mar 2009 7:42 AM - 3 messages
How do I forward port 80 to allow requests to my web server? ...
Score Help with mapped drives - Group policy
Dane Beko - 20 Mar 2009 2:53 AM - 4 messages
We're running Server 2003 R2.  We already have a group policy configured to run some VBS scripts to map network drives to drive letters for all users. What I'm now needing is a way to map a network drive to a ...
Score IE7 Trusted Sites Disabled
Dude - 19 Mar 2009 8:03 PM - 7 messages
We have Windows 2008 Server and all workstation have IE7. We need to set some Trusted Sites in IE7. Wanted to use group policy to set in all workstations. The option is greyed out every workstation and in group policy ...
Score What am I missing?
John - 19 Mar 2009 7:00 PM - 10 messages
I am duplicating production envir. to my test environment. In my production envir. we have one forest with empty root domain and one child domain.  All servers and users are sitting in the child domain. (windows 2003 R2 envir.) ...
Score Folder Redirection Issuese
Toby - 19 Mar 2009 5:21 PM - 3 messages
Last night we had to rebuild a File/Print server at our Corporate office.   We have setup all of the end users in this building to have my document folder redirection to their specific home share.   ...
Score How to change TMP directoy
ed - 19 Mar 2009 5:19 PM - 3 messages
Hi all, If I want to move the TEMP variable to path E:\TEMP by following [link] Do I have to create the folder TEMP path first and then change the TEMP to ...
Score Folder Redirection Run Amok
Daniel P. Cayea - 19 Mar 2009 3:44 PM - 4 messages
Is there anyway other than using the group policy management console to adjust folder redirection for individual user accounts?  The problem in this case being is that in the beginning of time, the entire domain was configured for romaing everything; with app data, desktop data, ...
Score Domain Trust issue
woisch - 19 Mar 2009 2:38 PM - 8 messages
Hi, i`ve a problem creating a external trust between two domains. 1st: Windows Server 2003 (Windows Server 2003 SP2) 2nd: Windows 200 native (Windows Server 2003 R2 SP2) DNS is configured with conditional dns and the dns resolution is not the ...
Score Domain Trust "The specified user already exist"
woisch - 19 Mar 2009 2:38 PM - 2 messages
Hi, i`ve a problem creating a external trust between two domains. 1st: Windows Server 2003 (Windows Server 2003 SP2) 2nd: Windows 200 native (Windows Server 2003 R2 SP2) DNS is configured with conditional dns and the dns resolution is not the ...
Score IE 6 Temporary Internet Files -- IE Preferences Mode
Bart Perrier - 19 Mar 2009 2:05 PM - 3 messages
We run a 2003 AD in 2003 functional mode with GPOs applying IE Preferences mode and I'm running into a problem. The target workstations I am working with are XP SP2 with IE6, fully patched. I need to set the Temporary Internet Files to 300 MB but the Corporate ...
Score problem reading gpt.ini
argie01 - 19 Mar 2009 1:23 PM - 8 messages
Hello, one of my Active Directory server W2003 Standard R2 SP2 is giving a lot of this errors (id=1058): Windows no puede obtener acceso al archivo gpt.ini para GPO cn={31B2F340-016D-11D2-945F-00C04FB984F9},cn=policies,cn=system,DC=cpd,DC=com. El archivo debe estar presente en la ubicación <\\cpd.com\sysvol\cpd.com\Policies\{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini>. (Acceso denegado. ). Se ha anulado el proceso de Directiva de grupo. ...
Score Active Directory and local Firewalls
Niklas Ramstedt - 19 Mar 2009 8:48 AM - 4 messages
I have a problem at work with some machines that have F-Secure Client Security installed and the firewall engine running. It seems like the machines refuse to talk to the domain with the FW activated. I think I accidentally might have blocked some processes or ports within the program. ...
Score ADAM Proxy user object failes to be created.
svengine - 19 Mar 2009 8:37 AM - 2 messages
HI there, I was given the unenviable task to get a ADAM server running on our Network.The part where I am completely stuck is the creation of the proxy user. I have manage to copy all my Users from AD to adam, but when I add the ...
Score Kerberos Tickets Renewal
Domon - 19 Mar 2009 6:37 AM - 9 messages
Hi guys I understand that for Kerberos authentication in a 2k3 domain, when a user successfully authenticated himself to the AD, the KDC will issue him a TGT and a session ticket. He will then use them to request for sevice tickets to access server resources. ...
Score How to Switch domains without having admin rights?
ghurty - 19 Mar 2009 1:57 AM - 9 messages
Hi, I have a computer that was part of a domain. The administrator had limited login to the domain only, no local login. I have an account that has regular user rights, no administrator rights. I want to connect the workstation to a new domain. But I cant change the ...
Score How to Switch domains without having admin rights?
ghurty - 19 Mar 2009 1:56 AM - 2 messages
Hi, I have a computer that was part of a domain. The administrator had limited login to the domain only, no local login. I have an account that has regular user rights, no administrator rights. I want to connect the workstation to a new domain. But I cant change the ...
Score problem with NIS and AD user attributes
seth - 18 Mar 2009 10:21 PM - 7 messages
I still have an issue with my NIS management console and have had no success in trying to resolve that.  However, there is a separate issue that i need help with. It seems that on my linux boxes when it tries to get user info from NIS it ...
Score Problem After Defining Static RPC Port
Baboon - 18 Mar 2009 9:45 PM - 4 messages
We have had 4 DCs behind a firewall in a particular subnet for a few years.  RPC communcation from clients always seems to go to port 1025 even though a static port isn't set in the servers' Registry.  For ...
Score Infrastructure FSMO role owner attibute not correct in root domain
Beamer - 18 Mar 2009 9:18 PM - 11 messages
Hi Guys I recieve the following error in my OpsMgr2007 which indicates that my root domain has a problem AD Replication Monitoring : encountered a runtime error. Failed to obtain the InfrastructureMaster using a well known GUID. The error returned was: 'Failed to get the 'fSMORoleOwner' attribute from ...
Score Error message: During a logon attempt, the user's security context
Carpenter - 18 Mar 2009 9:03 PM - 6 messages
The problem is that some of our users experienced a problem during log on getting this message:Error message: During a logon attempt, the user's security context accumulated too many security IDs. Have read some articles about the problem we've got to understanding that it ...
Score servers loooking for group policy on dead server
Rick Holland - 18 Mar 2009 7:48 PM - 5 messages
Hello everyone, we recently lost a dc and replaced it...had to do the whole seize the fsmo roles and everything...Anyway we recently discovered that all the servers are looking for the gpt.ini file on the dead server....Does anyone know how to ...
Score What am I doing wrong? (Want to use Server 2003 R2 for Domain Cont
J.R. Raith - 18 Mar 2009 6:14 PM - 14 messages
Hi everyone, This is going to be extremely newbie-ish and probably long-winded. Sorry for both in advance. I have a server that used to be Server NT 4 running as a Domain Controller *purely* to manage user access to some computers. These computers run Win98, ...
Score lsass.exe error Directory services could not start
KT - 18 Mar 2009 5:24 PM - 2 messages
Hi. SBS 2003 SP2 with Exchange and SQL running. History: I have a spare server that is set aside to use in case of disaster. The live server in use was swing migrated from this one, so server name, AD, etc. are ...
Score Deny GPO for one machine
coolguy123 - 18 Mar 2009 4:12 PM - 5 messages
Hi All, We have a group policy set to our server OU that allows only domain admins to shutdown  the server. But i dont want to apply this GPO to one or two machines in the same OU. I created a security group and added these machines and denied it from applying policy. But when i run the gpresult I can the policy applied to these machines. ...
Score Problem that has never been resolved, Mapped home directory
GJarvie756 - 18 Mar 2009 3:08 PM - 4 messages
I have posted this question a few times and lots of responses with the same problem. I am using 2003 R2 Server with Active Directory. When I set up the students and staff when I create their profile and Active directory I map ...
Score offline KB 810859
Steven - 18 Mar 2009 1:46 PM - 14 messages
I found the KB article 810859 and it sounded perfect for my issue however after testing this is 3 different environments it still does not work. 1.) I downloaded the hotfix but my existing version was higher so it did not ...
Score Roamin Profiles
Tony L - 18 Mar 2009 1:16 PM - 5 messages
I work in a school so consequently roaming profiles are a must. over the last few weeks some users are not getting their profiles loaded on startup, they get a message saying that the profile on server cannot be found when clearly ...
Score Quick question about two-way trust.
zerodayz - 18 Mar 2009 12:02 PM - 6 messages
Pretty simple, just need to check. domainX sets up two-way trust with domainY DomainY is higher in the alphabet than domainX (EA* vs ED*) Will my domainX users have to change the 'Logon To' dropdown and select their usual domain after I create the trust. ...
Score Enterprise CA Deployment- need advise
ADSadmins - 18 Mar 2009 10:44 AM - 2 messages
Hi Group: We have 12 child domains and one forest root on a WAN environment. AD is based on Windows 2003 functional level. We have a requirement to deploy enterise CA to facilitate certificate distribution to clients; incorporate to an IAS. ...
Score The Security Account Manager failed a KDC request
Kevin Gallagher - 18 Mar 2009 10:33 AM - 3 messages
I have just built a new Windows 2003 SP2 R2 DC and upon reboot I got the following error. I have recently seen this error appear on another DC in my forest again after a reboot. It doesn't appear any other time. Can anyone ...
Score certificate server
David Fernandez - 18 Mar 2009 10:33 AM - 4 messages
Hi, We have a windows 2003 active directory, with an exchange 2003 organization. We had a certificate server which was also a DC. It had an unrecoverable error some months ago. We could have domain working as we have more DCs, but ...
Score Home directory
SuperSlueth - 17 Mar 2009 10:17 PM - 12 messages
Im trying to update a home directory through a users profile. I get the error      home folder was not created because you do not have create access on the server. I am logged in as administrator and the server (2003)  has all the latest ...
Score Move Workstations around OU's via script.
net1994 - 17 Mar 2009 9:12 PM - 3 messages
Hi All, We have many PC's in  'Workstations' container in AD that no longer exist.  This is due to poor house cleaning on our part and now we need to move them to the 'Disabled Workstations' OU.  Is there a way to automate the process to ...
Score duplicate SPN's
David Alge - 17 Mar 2009 7:50 PM - 4 messages
We have been getting duplicate SPN's with event 11 KDC and running a script, we are getting the following: Microsoft (R) Windows Script Host Version 5.6 Copyright (C) Microsoft Corporation 1996-2001. All rights reserved. CN=SQL Server Admin,OU=Admin Accounts,OU=Users,OU=Information ...
Score User dis-join from domain, how to re-join again
Newbie - 17 Mar 2009 6:49 PM - 7 messages
I have had instances where users disjoin their laptops from the work domain when they try to set up whatever at home, then they have to wait till getting back to the office to rejoin.  Our VPN allows rejoining the laptop ...
Score Unexplained time changes
David W - 17 Mar 2009 4:24 PM - 5 messages
We are experiencing a problem where the time is getting changed to 120.8 days in the past on all of our 2003 domain controllers.  Has anyone else experienced this problem?  We are not sure if it is a hacker or a virus that ...
Score Domain renaming
Newbie - 17 Mar 2009 3:54 PM - 7 messages
Hi, I'd like to know how complex it would be if we had to rename our AD domain name?  Long time ago when we promoted Windows from NT4 to 2003 domain, we chose to use this name for FQDN: hq.company.com.  Now, we'd like to get rid ...
Score Single Sign On
MarineGeek - 17 Mar 2009 3:25 PM - 6 messages
I have a user who is having single sign on issues.  Here is what I have found so far: 1.  If anyone else logs into her PC, the single sign on works fine. 2.  If she go to someone else's PC, the single sign on works fine. ...
Score particular users I want to block CDROM and USB access
Ramana - 17 Mar 2009 3:10 PM - 4 messages
Thanks for reply,  I found template that Disable USB fine, but this will apply all users, if i want allow few uers to access how can do that (means certain times some users want access UCB how can i do this condition?) ?  can you help me in this. ...
Score Lingering objects
Simon - 17 Mar 2009 2:56 PM - 5 messages
Hi I have the following error in my event viewer Source DC (Transport-specific network address): ecbfdde9-fe73-41b1-9d65-8d8c500a5a0e._msdcs.xxx.com Object: CN=52-GF-ADM-02903-HP DesignJet 500 24_HPGL2 Card\0ADEL:f6550dc9-daf3-48ad-b279-1de4ca25dbfa,CN=Deleted ...
Score applying computer settings
Dooma - 17 Mar 2009 2:45 PM - 8 messages
The power went out few times. The server was not on UPS. and now when I logon it says "applying computer settings". It has been like this for almost 24 hours. I did a dirty shutdown twice with the same results. The server is ...
Score AD replication accross the internet
Hal - 17 Mar 2009 11:24 AM - 4 messages
Help I have 2 servers located in different cities.  The remote office has a server which acts like the local DC.  When I attempt to replicate the AD via VPN I get errors with regard to latency.  The remote site does not have a ...
Score How to search for non universal mail groups?
Gonzo - 17 Mar 2009 11:19 AM - 4 messages
Hi, Is there a way to search for non universal mail groups in ADUC?  I need to find these and bulk change these to universal. Thanks ...
Score add exchange tabs to AD consol
Dooma - 16 Mar 2009 10:26 PM - 15 messages
It has been a while since I have done this.  want to add the exchange tabs to my AD users and computers consol  on another server. Can you advice how? I am using 2003 AD and Exchange. thanks, ...
Score Virtualized a child DC - need to recover due to USN rollback
Troy Thompson - 16 Mar 2009 9:22 PM - 13 messages
I now realize that converting a DC from a physical machine to a virtual machine has its own set of caveats. That said: I need to recover from a USN rollback situation. Scenario: - Parent PDC Zeus is Windows 2000 Server (corporate.com) ...
Score Event ID 1669
Steven L Chan - 16 Mar 2009 9:19 PM - 13 messages
Event ID 1669 Source NTDS General Type Warning Description The group membership cache refresh task has reached the maximum number of users for the local domain controller. Maximum number of users: 500 User Action Consider increasing the maximum limit by changing the following registry ...
Score local policy
franku - 16 Mar 2009 8:42 PM - 7 messages
I have one user who has locked down his pc. We about to let him go very quitely but before I want to change his local admin password. It seems no matter what I try he locked out the domain admin even from ads I ...
Score User Account Lockout
josephr38@hotmail.com - 16 Mar 2009 6:51 PM - 7 messages
I have never seen this before, so maybe someone can shed some light on this for me.  I have a user in a Windows Server 2003 / Citrix environment.  I unlocked the user's account and have been watching his account pretty ...
Score AD newbie Question
Thomas R Grassi Jr - 16 Mar 2009 5:49 PM - 6 messages
I have a Windows 2003 R2 Standard DS server SP2 Windows XP Pro SP3 workstations Also have HP Color Laserjet 4550N network printer Can I add this printer to active directory so that users can select it from the directory? If so how do I do that? ...
Score Need help how to setup IAS
FaLLouT - 16 Mar 2009 2:31 PM - 3 messages
INTERNET AUTHENTICATION SERVICES (IAS) Heard a lot about it but dont know how to set it up? can anyone help me out here? Thanks Grazie Merci ...
Score Question on policy for user creation in AD
Andersen @ DK - 16 Mar 2009 1:26 PM - 3 messages
Hi Is it possible to make a policy that forces, the administrator to fill out specific fields when creating a new user in AD. ex. "IP Phone" must be filled out / can't be empty.?? Thanks in advance regards Andersen ...
Score monitoring non interactive log ons
Scott - 16 Mar 2009 12:26 PM - 2 messages
Hi, I need to monitor all log ons that occur in our corporate domain. there are numerous tools that i have to monitor interactive log ons, however, i am at a loss on how to monitor 'non -interactive' log ons used by various service ...
Score seemingly simple question: Customized Signature in MS Outlook 2007
Cary Shultz - 16 Mar 2009 11:22 AM - 26 messages
Good morning, All! We have a client (SBS2003 / MS Office 2007 running on Windows XP SP3 machines) who has a request that we provide a customized signature that pulls specific information from AD (First Name, Last Name, Company, Address, Title, image) so that everyone in the office will have essentially the same ...
Score Domain PC can block all authentication against a certain server
Al - 16 Mar 2009 10:50 AM - 2 messages
Hi, We've got a very strange issue. We have a Win2003 server, running SQL Server and Reporting Services 2005, and sometimes it starts to refuse (new) connections to these 2 services (integrated authentication). We have tracked the issue down to 1 particualr PC (WinXP SP3), which is ...
Score Adding some inventory information in for computers to ADS
Bill Bradley - 15 Mar 2009 2:45 PM - 3 messages
We had previously used KB 884402 to add the Location field into ADUC, so that users could easily tell the location of a computer object (and, we could change our naming convention from including the location in the name), but, ...
Score New AD installation issue
Norm - 15 Mar 2009 6:50 AM - 6 messages
Hello, I am not a pro in AD so the following problem is greek to me but may be a simple/obvious fix. A colleague has created a new domain for a new application's requirements. Then a second (DB) server was added to the domain. The ...
Next » 2 3 4 5 6 7 8 9 10