Home All Groups Group Topic Archive Search About

Windows Server Active Directory

microsoft.public.windows.server.active_directory
Score GPO and trusted website
Johnsp - 27 Mar 2009 2:29 AM - 2 messages
I am wanting to creat a gpo to add a web page as a trusted site in my corporate domain my questions are 1. what are the risks by doing this by gpo 2. is this a minor or major implementation ...
Score Adding a new DC - win2k3 R2
Kyle BLake - 26 Mar 2009 10:38 PM - 4 messages
Very easy question. I have a domain working just fine but I want to add a new DC. I just run dcpromo from the start menu on my new server and that should do it? It won't serve as anything but an 2nd authentication server at our corporate ...
Score Shadow Copy
RayRogers - 26 Mar 2009 9:38 PM - 2 messages
hello, I enabled the shadow copy on windows server, is there a way to restrict and select certain user to access previous version feature? Thanks in advance ...
Score Add User to group through comparison to other user's memberships
SecurityGuy - 26 Mar 2009 7:56 PM - 3 messages
I have a "New User" script which is very complex and handles adding most AD properties upon creation, address tab, phones, profile tab, organisation tab, etc. It also will use any existing user as a template for group membership addition.  I was using the WinNT method in this script, and am now changing that to the LDAP method since the WinNT method doesn't pick up distribution groups.  However, I am now getting a "bad path" error when I try to add the groups to the new user.  Can someone assist me here please.  I will paste the pertinent section in here, as the original script is nearly 1000 lines of code ...
Score How to Identify Root DCs
Charles - 26 Mar 2009 6:43 PM - 2 messages
Hi: We have an empty root.  I just started working with this company and i need to know how to figure out which DCs are in the root domain of the forest. Thanks! Charles ...
Score Replmon Not Loading/Running
Charles - 26 Mar 2009 4:38 PM - 3 messages
Hi: When I double click on replmon from the support tools, it does not load.  Anyone have any ideas?  I need it so that I can deliver a report to my manager showing that replication is working fine. ...
Score RODC no prp
skip - 26 Mar 2009 3:48 PM - 3 messages
Hello Does it make sense to setup a RODC in a remote office if there is no password replication policy in place? it seems like if there is no prp, then the RODC doesnt really do much accept pass authentication requests back to a ...
Score User authenticates, skips logon script
MC Murphy - 26 Mar 2009 2:29 PM - 7 messages
Server 2003 AD domain; GPO governs user logon; GPO includes a logon script.  I have a user, not sure if it's the only user, who today does not execute the logon script (drives aren't mapped, the log file the script writes to is not ...
Score Restrict admins from creating user accounts
Pierre - 26 Mar 2009 2:28 PM - 4 messages
We use a user provisioning system and want to disallow all domain admins from creating user accounts except for a few any ideas on easily accomplishing this? I did manipulate the rights for a newly created group and set myself up in it but no success. ...
Score Errors from dcdiag
Johnsp - 26 Mar 2009 2:05 PM - 4 messages
Hello I m seeking advice on the follwong errors 1. A recent replication attempt failed:             From x to y             Naming Context: DC=ForestDnsZones,DC=    ...
Score DSADD creating shared filders
00HaZiE - 26 Mar 2009 12:17 PM - 2 messages
hey guys i need help with a prob i need to create a file on my domain at tafe that will have sub folders created for every user i add to my other domain eg: user StuartH has been added to the Black server using an batch file(wich i can already do) ...
Score Not Pulling an IP
Dave - 26 Mar 2009 10:21 AM - 10 messages
NEWBIE ALERT Yes I'm new at this.  I just setup a 2008 server running AD.  I just joined my first machine to the domain that was originally pulling an IP from the router.  It joined successfully.  After rebooting though ...
Score Recovery GPOs
Edu - 26 Mar 2009 1:31 AM - 4 messages
Hello, a little doubt, Can I rebuild the GPOs which are allocated in the sysvol folder? I want to load some GPO in ADUC having only an old copy of sysvol folder off another domain. Thanks, Eduardo Argentina - Buenos Aires ...
Score VB Script returns all group memberships for a user EXCEPT Exchange Dist groups
SecurityGuy - 25 Mar 2009 6:48 PM - 9 messages
I have a VB script which queries AD and returns all the groups a user is a member of.  This works great, except as it turns out, it is only returning the groups which are "security" groups, and not "distribution" groups.  Not sure what the difference here would be from the investigations I've done using LDIFDE. ...
Score redirected start menu not working
samotech - 25 Mar 2009 4:56 PM - 4 messages
hello, i have a issue, we have 2 XP labs here at the site where i work,and we also have 300+ 2k machines, well i have redirected start menu for both, i am running loop back processong on the labs for the redirecting of the start menu. Here the issue, certain students login and the redirected SM is crossing over OU policy, my question is any body have good tips on where to start trouble shooting? -- samotech ------------------------------------------------------------------------ samotech's Profile: [link] View this thread: [link][link] ...
Score Re: IE7 Group Policies
rorteg56 - 25 Mar 2009 3:45 PM - 3 messages
Hi everyone. Has anyone found a fix for this? I am having the same problem and have tried all the same fixes listed here but no luck. I would really appreciate it if someone who knew how to fix this could let me know how. Please!! ...
Score AD Container
naguaramipana - 25 Mar 2009 1:38 PM - 10 messages
Hi gurus Here is my problem, I have two containers on my AD, one name computers and the other one named workstation. workstation has a GPO attached to it, no matter who the user is , when logged into a computer that is within this container a bunch of policy ...
Score disabling 3g modems that connect to PCs via usb and pcmcia
inenewbl - 25 Mar 2009 9:38 AM - 5 messages
Hi all. I would like to know if it is possible to use group policy to disable all 3g modems that connect to PCs via usb or pcmcia. The reason for this is because i do not want my users to connect to the internet while connected to ...
Score Set password length for windows system programmaticaly
pradyumna.litu - 25 Mar 2009 8:08 AM - 2 messages
Hi,   I've tested out through a TEST.exe the method "NetUserChangePassword ()" and it is taking '63' as the maximum password length for both Standalone & Domain connected systems. If the password is more than 63 then we get error as ---- ...
Score Move AD Logs Database To Different Partition
Tim Shoemaker - 24 Mar 2009 11:57 PM - 3 messages
I installed and deployed a domain controller onto a server with multiple partions, each a RAID-1; Windows Server Core 2008 Standard operating system. C - OS, D - Data, L - Logs I forgot to put the location for the Active Directory log files when I ...
Score Samba to AD
Rafael Malheiros - 24 Mar 2009 3:00 PM - 2 messages
Hi, My company uses Windows XP Pro but the servers are Linux. I want to migrate to Windows Server 2008 to better manage the domain. The domaing manager is Samba and I want to know if there is how bring the ...
Score How to learn about ADFS, RMS, LDS?
KayZer SoZe - 24 Mar 2009 2:36 PM - 2 messages
I´m preparing to teach the 6424 and 6426 Official Courses and the MOC KIt is a total crap, with no content and  have to learn using other sources. There is a good book specifically to learn FS, LDS and RMS? ...
Score Demotion doesn't properly remove server from DNS
net_admin - 24 Mar 2009 8:51 AM - 5 messages
Hi, here the problem. After a successful demotion, DCs' names are not removed from the DNS AD-Integrated zones (Name Servers Tab). I've waited days to see if it was replication-related, but it doesn't seem to be. Also, I've checked that the ...
Score Best way to give local admin rights only across the domain
compu - 24 Mar 2009 4:49 AM - 5 messages
What is the best way to give a user admin rights on any workstation they will login to but not admin rights on the domain? I am thinking about putting them in group administrators, but I am afraid that will give them admin rights on the domain. ...
Score DNS during Domain Controller demotion
ShrikeAttack - 23 Mar 2009 9:05 PM - 7 messages
Windows Server 2003.  Does DNS get removed by the dcpromo wizard when demoting a domain contoller.  This is just one of many domain controllers in a domain. ...
Score Delegate ad workstations to domain
skip - 23 Mar 2009 6:11 PM - 5 messages
Hello all i am running in a windows 2003 native mode domain, all DC's are windows 2008 except for one, i have 4 DC's. I have configured the default domain GPO so the help desk staff can add workstations to the domain, and i have also ...
Score changing domain name
dkblee - 23 Mar 2009 4:40 PM - 11 messages
hi! How do i change my domain name in a Win2003 AD environment? What will the effect be in the dns and dhcp svrs? For those dhcp that's not an AD (no dcpromo, only joined domain), can i just ...
Score DC's not Replicating
griffinwindows - 23 Mar 2009 3:38 PM - 7 messages
Hi I have 3 Dc's on my site and at the moment i cannot get the one server(Gamma) to replcate to the PDC (Beta) When i try to force the replciation i get the following error the following error occurred during the attempt to synchronize naming context Griffin.local from Domain Controller BETA to Domain Controller GAMMA ...
Score Is this the last step we need to do?
ed - 23 Mar 2009 2:50 PM - 9 messages
Hi all, Finally, we demote all windows 2000 domain controllers and we have all windows 2003 domain controllers running.  We introduced windows 2003 DCs to windows 2000 envir.  Now, according to KB817470( [link])  Do I ...
Score ADAM UserProxy Authentication (Which Domain Controller?)
Marc - 23 Mar 2009 1:46 PM - 5 messages
Hello all, I'm using an ADAM LDAP server populated with userProxyFull objects for a number of web applications and I wanted to know how to know which of the many DCs in my company's system the ADAM server is using for ...
Score Do Child DC's need unrestricted IP access to Root DC's?
michan318 - 23 Mar 2009 11:44 AM - 11 messages
Hello, Do all child DC's need unrestricted IP access to all root DC's for AD replication to work successfully?  I ask because I have a scenario in which a child DC isn't trying to replicate-in the "ForstDNS" parition from another ...
Score How to add an offline printer object in Active Directory
Kent - 23 Mar 2009 10:57 AM - 3 messages
Hi there, I would like to know whether is there any way to add an offline printer object in Active Directory? The solutions from Microsoft website requires all printers to be active before it can be publish in Active Directory. ...
Score Transfering/seizig of PDC role
Domon - 23 Mar 2009 9:04 AM - 6 messages
Hi guys Let's say I have two DC, DC1 and DC2, running in a domain. DC1 is holding the PDC role and is configured to sync it's time with a extenal time source. If we transfer the PDC role to DC2, what else we will need to do to complete the process? We will need to configure DC2 to sync the time with the extenal time source rite? Then how about DC1? Do we need to do any NTP related configuration on DC1? ...
Score Best way for remote support (WAN) for multiple computers on domain
ghurty - 23 Mar 2009 6:38 AM - 4 messages
Which is the best way to provide remote support and desktop viewing (from WAN) for multiple computers on a Domain? Thanks ...
Score Way to set using Active Directory, which ports for remote desktop?
ghurty - 23 Mar 2009 6:36 AM - 6 messages
Is there a way to set using Active Directory, which ports individual computers should use for Remote Desktop? Or even a VNC software? Thanks ...
Score Way to enable a username w/o admin rights? Figure out who is admin
ghurty - 23 Mar 2009 6:34 AM - 2 messages
We had an issue with a domain admin having to be fired due to illegal activity. We did not have any domain admin passwords, but all was not lost due to the help from here: [link] ...
Score Validation for 2000 to 2003 upgrade
Guillaume Genest - 23 Mar 2009 3:08 AM - 5 messages
Hi,     Here is our situation, we have a windows 2000 Mixed mode Active Directory, on 4 physical site. We also have Microsoft Exchange 2000 but it is no longer use, we use Lotus Domino. The 5 FSMO role are on 2 DC located in ...
Score Re: How to reset/change the SID?
Eliranj - 22 Mar 2009 9:58 PM - 2 messages
It can be easily done by Duplicate Sid's product of Smart-X [link] -- Eliranj ------------------------------------------------------------------------ Eliranj's Profile: [link] View this thread: [link][link] ...
Score Re: net logon service not running
csocci - 22 Mar 2009 9:37 PM - 4 messages
I'm having the same issue on Windows XP 64. Like Greg: I can't log in. I can't get an RPC or RDP connection. Therefore: I can't check logs - I can't get to services. Last Known Good is NOT an option because I successfully reach MS GINA - which *IS* the "last known good" in Window's terms... ...
Score Manually removing cert server from AD
MBernal - 22 Mar 2009 3:01 AM - 5 messages
Ok, so I have a simple AD 2003 network with 2 domain controller and 2 Terminal 2003 servers. I have inherited this AD environment and found that one of my domain controller has numerous Event ID 13 - AutoEnrollment errors (Automatic certification enrollment for local system failed to enroll for one ...
Score After 2000 to 2003 upgrade sysvol is not accessable
whosmatt - 22 Mar 2009 2:48 AM - 9 messages
I did an upgrade of AD from windows 2000 to 2003.  There were 2 windows 2000 domain controllers in the domain and I first demoted one of them, then ran adprep on the other and upgraded it to 2003.  ...
Next » 2 3 4 5 6 7 8 9 10