Home All Groups Group Topic Archive Search About

Windows Server Active Directory

microsoft.public.windows.server.active_directory
Score Want to remove Active Directory
create_share - 6 Jun 2009 3:01 PM - 9 messages
Hi! I have a little windows 2003 Std server that i was using for testing purposes. I installed Active Directory on it and now i want to remove it. Unfortunately i forgot the admin password but i am able to log in thorugh ...
Score Unable to mount snapshot with dsamain
Peter Van Eeckhoutte - 6 Jun 2009 9:16 AM - 4 messages
Hi, I'm trying to mount an AD snapshot with dsamain, but it does not seem to work This is what I do 1. create snapshot : - - - - - - - - - - - - - C:\Windows\System32>ntdsutil sn "ac i ntds" create q q ntdsutil: sn ...
Score LSASS.EXE high CPU Utilization in Domain Controller
Pierre - 5 Jun 2009 9:29 PM - 3 messages
This process is utilizing close to 80-90% CPU utilzation - this just started happening a couple weeks back - can anyone point to any tools to troubleshoot this? ...
Score What Write to AD Failed
Charles - 5 Jun 2009 8:13 PM - 5 messages
Is there a way to display the contents of a unit of replication?  Let's say one changes an attribute value on an object on DC1.  DC2 doesn't get it but the other DCs do.  Although DC2 doesn't get that ...
Score gpupdate error with event id userenv 1041
shrikant - 5 Jun 2009 1:34 PM - 7 messages
i am working in windows client-server enviorment. i am getting error whren i go for gpupdate, the error as Event Type:    Error Event Source:    Userenv Event Category:    None Event ID:    1041 ...
Score unable to logon to server 2003
Taz1972 - 5 Jun 2009 12:58 PM - 5 messages
Hi, We recently installed a new 2003 server to act as a DC in one of our sites. But once dcpromo was done and a reboot was required, we now cannot logon and get the following error: 'unable to logon because of an account restriction' ...
Score AD transition from w2k3 std to w2k3 std R2
Mike - 5 Jun 2009 11:18 AM - 20 messages
Hello, I want to make transition of AD from old hardware to new hardware - from w2k3 std SP2 to w2k3 std SP2 R2. FSMO roles are still on the old hardware. What was done till now:   1.. schema upgrade from 30 to 31 ...
Score Backup policy
DD - 5 Jun 2009 9:12 AM - 27 messages
I would like to backup the sysvol\policy\ file out to another drive, may i know which services should I stop first in order to copy the file out from the policy folder. ...
Score Lacoste Womens Solid Stretch Polo - Cheap
tanvon19 - 5 Jun 2009 4:53 AM - 2 messages
Want to buy high quality New Lacoste Womens Solid Stretch Polo Shirts,please view our store ([link]) Our goods are the fine quality. You can check them here: [link] ...
Score Automatic enrollment failed
Johnsp - 5 Jun 2009 1:00 AM - 3 messages
Hello How do i fix this? Automatic certificate enrollment for local system failed to enroll for one Domain Controller certificate (0x80070005).  Access is denied. ...
Score how to populate custom attributes
Chris - 4 Jun 2009 9:00 PM - 4 messages
We need to add some information such as employment #, office stop # in AD for all users and plan to use those pre-defined custom attributes (1-15).  HR will provide the information.  How can I import them properly?  I guess I ...
Score publish printers
cptkirkh - 4 Jun 2009 8:05 PM - 3 messages
I moved my print server off of one of my DCs and put it on a member server.  Now when i add a printer it won't publish it in AD.  I have checked the list in directory option on the share tab.  When i add a ...
Score How to auto copy files when login to windows server 2003 ?
Derek Yim - 4 Jun 2009 4:50 PM - 3 messages
Hi, My site have 50 users and I  want user workstation auto copy the files located at server folder during first login to server. use login script ? how to code ? Please advise. Thanks. Derek Yim ...
Score Group Policy
Kerry - 4 Jun 2009 4:03 PM - 4 messages
We have a requirement where certain group needs to be added into administrators group of all computers in the domain. Tried using the restricted groups, however this GP setting will remove all the users and groups which are pre-exisiting in the local Administrators group on all computers. This can be really fatal, as we might have special business application requirements where there will be some domain or local users/groups that have been already added to the local administrators group, which will be removed by setting this policy. If we decide to identify the list of users/groups that are present today in the administrators group on computers and include that in the restricted GP, it will give admin previlges for everyone in that group which is not the objective. ...
Score Why "DOMAIN.LOCAL\Administrator"?
Pazuzu - 4 Jun 2009 3:08 PM - 9 messages
Recently I installed a Windows 2008 server and joined it to our windows 2003-domain. The problem is that I cannot login with just "administrator", I have to use "DOMAIN.LOCAL\Administrator", i.e fqdn in caps plus the big A. ...
Score Re: Active Directory Migration Tool
Peter - 4 Jun 2009 2:43 PM - 4 messages
Hi I have now re-started the process from scratch but still the same error. This is what I have done. Installed ADMT on the targer DC I have changed the default dc policy on the target I have added the everyone group to the built in pre-windows 2000 access ...
Score 1 of 2 domain controllers down and users cannot login to the domai
D Smith - 4 Jun 2009 2:35 PM - 12 messages
We have 2 windows 2003 domain controllers here in our domain. One of them is quite old and used to be the only domain controller. The other is much newer and was installed only about a year ago. I transferred all the FSMO roles ...
Score granting admin access to windows services
Scott - 4 Jun 2009 1:44 PM - 7 messages
Hi, I need to grant a couple of users permission to access a servers  window services and be able to start/ restart or stop any windows service. We do not want them to use RDP, we don't want to give them local admin access or ...
Score Disabled IPv6 on DCs
MarioC - 4 Jun 2009 11:16 AM - 3 messages
Hi, Are there any known issues when disabling IPv6 on Win2008 DCs ? (I mean disabling via reg key "disabledcomponents = ffffffff" thanks, mario ...
Score EARN MORE THAN 18000$ WITH CJ JOBS
pinky.mona6@gmail.com - 4 Jun 2009 10:27 AM - 2 messages
EARN MORE THAN 18000$  WITH CJ JOBS [link] ...
Score RPC Dunamic Ports
Venkat - 4 Jun 2009 7:00 AM - 8 messages
We have decided to limit the RPC Ports to 50000 - 50200 and want to out the registry keys as mentioned in KB154596, however i want to know if adding the below registry key and values can be automated using Group Policy, so that it ...
Score Move the CA to a server with the same name or different name?
jprstokato - 4 Jun 2009 1:55 AM - 5 messages
In Technet article [link] on performing a CA migration, in the section  ‘Option A: Migrate the CA to a New Host’, the article states that “the computer name of the target computer ...
Score Partial AD Migration from Windows 2000 to Windows 2008
robmiles71 - 4 Jun 2009 12:43 AM - 13 messages
Hello all. In the next few weeks, I'll be tasked with the migration of our company's Windows 2000-based domain infrastructure to a bunch of new, 2008-based servers. The new servers don't need to provide any new ...
Score ADSI files, ADSI download
Malakie - 3 Jun 2009 11:46 PM - 3 messages
Does anyone have a copy or can anyone tell me where I can download the ADSIa.exe or ADSIi.exe files?   They are NOT available on Microsoft's websites and I need them due to older developed software that requires ...
Score Folder Redirection/Offline Files for Users not in GPO
Lawson Poling - 3 Jun 2009 9:24 PM - 4 messages
Greetings all. I recently set up a folder redirection GPO. The GPO is linked to an OU which contains a User Security Group, which contains all of the Users for a particular office. We tested and everything is lovely. Now that ...
Score Re: Roaming profiles - Desktop Wallpaper doesn't load initially
dwarmbier - 3 Jun 2009 8:55 PM - 3 messages
I had the same problem, but the solution was much more simple. Just manually copy the Local Settings folder to the location on the server and Viola! Perfect roaming profiles! -- dwarmbier ------------------------------------------------------------------------ dwarmbier's Profile: [link] View this thread: [link][link] ...
Score Remove old NT4 Domain Controller from Win2k3 AD
Caryn Condon - 3 Jun 2009 7:52 PM - 5 messages
We recently upgraded from NT4 domain to Win2k3 AD. We have several old NT4 domain controllers still listed as domain controllers. I would like to clean up the list of DC's but I am unsure the best method to do so. ...
Score Time Service issue and time replication accross the domain.
Ricus - 3 Jun 2009 6:47 PM - 11 messages
I have 2 questions relating to time in ad I would please like answered. 1st QUESTION We have the following network setup 2x WIN2K3X64R2 root forrest dc's and 2x WIN2K3X64R2 child domain/sub domain dc's. As such the root of the ad forrest is the pdc emulator dc on the root ...
Score Ad GP and regional settings
Ricus - 3 Jun 2009 6:36 PM - 6 messages
Is there a way though group policy to force certain default regional settings and setups? i.e. date format from being the standard ms MM/DD/YYYY being changed to DD/MM/YYYY as well as the time zone and default language ...
Score SSL LDAP intermittent failure to bind
apex52 - 3 Jun 2009 3:10 PM - 8 messages
I have four 2008 Domain Controllers in a single domain and a 2008 CA. I am connecting from a linux machine to ldap over ssl using a Domain Controller Certificate issued by the CA. I can connect with no failures over 389, but ...
Score Schema Update Exchagne 2007 .
Bad Beagle - 3 Jun 2009 2:47 PM - 3 messages
What is the best practice for doing a schema update?  I have a Windows 2008 domain with 2 domain controllers and I need to update the schema to transition from Exchange 2003 to Exchange 2007.  Is it best that this is ...
Score Schema Update
Bad Beagle - 3 Jun 2009 2:26 PM - 2 messages
What is the best practice for doing a schema update?  I have a Windows 2008 domain with 2 domain controllers and I need to update the schema to transition from Exchange 2003 to Exchange 2007.  Is it best that this is ...
Score GPO-related question
Eugen - 3 Jun 2009 1:54 PM - 5 messages
Dear AD Exoerts, We have a GPO which set-up the IE configuration for users. These users are connecting to few servers which are in a separate OU. The problem we face is that users are getting their IE settings on these ...
Score Password Change
Steve - 3 Jun 2009 11:58 AM - 5 messages
Hi, im trying to change my user account password via Windows Security (ctrl-alt-del) but keep receiving an error stating that my password doesnt meet complexity requirements. I do have password complexity enabled and i know im entering strong passwords, ive tried loads ! My colleagues have same ...
Score Group Policy logon script not applied if connected by WiFi
Alister - 3 Jun 2009 10:09 AM - 9 messages
Hi, I have an issue with a couple of Vista laptops not running a Group Policy logon script when they are connected by WiFi. If these same machines are connected to the domain by physical ethernet there is no problem. ...
Score Running Domain controller on Vmware
Domon - 3 Jun 2009 8:25 AM - 12 messages
Hi Guys Does anyone run all their domain controllers on Vmware before? Heard that some says that it is not recommeded to do so.  Thus, I am looking for some advise.. Will there be issues if I do so? ...
Score How to migrate existing domain controler
Alexfoo - 3 Jun 2009 8:22 AM - 7 messages
Hello, I'm lookin for a best practices that is the closest from my needed. I got two domain controllers on old hardware servers that I need to migrate to knew hardware servers. These two DCs are also DNS, DHCP. ...
Score cannot create a new namespace using dfsutil.exe
aconti - 3 Jun 2009 1:24 AM - 2 messages
Hello, this is the command I am typing and the error I am having... C:\Users\Administrator>dfsutil root addDom \\dcsrv1\DomainNameSpace1 Could not execute the command successfully SYSTEM ERROR - This shared resource does not exist. I can create namespace successfully using the GUI -- aconti ------------------------------------------------------------------------ aconti's Profile: [link] View this thread: [link][link] ...
Score Default Domain Policy - Password Policy
Davidi - 2 Jun 2009 10:58 PM - 9 messages
So I'm planning to change maxium password age in the default domain policy.  This setting has always been set to 0 so when I change it I understand that it will kick in for every user account that doesn't have the Password does ...
Score Unknown SID in ForeignSecurityPrincipals...
Claude Lachapelle - 2 Jun 2009 8:41 PM - 2 messages
Hi! I identified a lot of SID contained in the ForeignSecurityPrincipals (from others trusted domains), but I have somes for which I could not find them, do they could came from other than "trusted" domains? If not, could we delete them without problem? ...
Score How to I copy a users roaming profile?
Jim in Cleveland - 2 Jun 2009 5:01 PM - 3 messages
I have a user profile that I would like to copy to a test user's profile.  We're in a Server 2003 environment using Active directory.  The profile that I wat to copy is located in a directory called Roaming Profiles.  It is a ...
Score Determine actual number of groups a user belongs to
Johnsp - 2 Jun 2009 4:15 PM - 5 messages
Hello How do i determine for a specific user: # of domain local groups # of universal Groups # of securty groups ...
Score Lab
Kerry - 2 Jun 2009 3:04 PM - 3 messages
In order to build a lab which is identical to my production domain, I can take a Backup of my root and child domain and restore that in my isolated lab and seize the FSMO role and i am good to go isnt it? ...
Score Replication Issue
Kerry - 2 Jun 2009 2:26 PM - 8 messages
We have 4 DC's in our central site, off which one DC is designated as Bridgehead Server to handle the replication. There are approximately 20 other remote AD site which connect into this site for replication. The replication (repadmin /showreps) shows no erros on the bridgehead server, however the repadmin /showreps output in the other central site DC (non Bridgehead DC) we are seeing the below messages in : ...
Score Computer Browser Service Register chinage in Windows 2008
liyong - 2 Jun 2009 1:52 PM - 2 messages
hello,     In Windows 2003,        the register key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Browser\Parameters         has a subkey 'IsDomainMaster'     but in Windows 2008, it don't exists. ...
Score Multiple Domains on a single physical LAN
Jay - 2 Jun 2009 11:40 AM - 6 messages
While I know it is technically possible, what are the postive/negatives of sharing a commnon physical LAN on multiple domains. I have a company that wants to build a second domain onto an existing address space, 172.19.10.0/24.  The assigned and reserved address would be a ...
Score Need site/subnet configuration examples
Tao Lei - 2 Jun 2009 10:35 AM - 6 messages
Hello. I am in a puzzle about how to use sites and subnets. I think I need an practical example about site/subnet configuration. Could anyone give some relavant hyperlinks, please? Thanks. ...
Score Active Directory Migration Tool
Peter - 2 Jun 2009 8:51 AM - 4 messages
I am trying to migrate a user from one forest to another there is a 2 way trust between them. I can migrate a user account without a problem but cannot migrate the user password I get the error message:unable to establish a ...
Score large files in SYSVOL - multiple physical Sites
Cary Shultz - 2 Jun 2009 6:32 AM - 3 messages
Good morning, All! Just a quick question:  is there any problem putting in 100MB files in the SYSVOL shared folder? Many of the environments that we support have multiple physical locations (corresponding Sites in AD) with Domain Controllers in those physical ...
Score 03 server cerificate
Gerardo - 2 Jun 2009 2:48 AM - 11 messages
Hi... I've a problem... Im running 2003 server std edition, server is set to give user certificates, which will be used for email encryption, when this certificates are handled they are good for 1 year only... I need to make them good for more time, I tried modifying the User ...
Score oops there goes my Domain controller
flyfishing - 1 Jun 2009 11:48 PM - 13 messages
my helpdesk added a workstation with the same computer name as my 2000 DC, now it will not sync or replicate. any ideas? ...
Score how to distribute/trust a certificate throughout the whole domain
Doug P - 1 Jun 2009 8:37 PM - 2 messages
Running Server 2003 SP2 and XP Pro SP3 I have installed the certificate authority on my domain controller. I have generated a code signing certificate. I have used this certificate to sign a Word .dot file in order to trust the ...
Score AD Replication issues
Toni Rantanen - 1 Jun 2009 7:51 PM - 16 messages
Hi, My client is having two different Active Directory replication issues in same domain. At least I believe that these are two separete issues. I just wanted to report these in same message because I'm not sure if these problems ...
Score dcpromo a DC that does not know is a DC
naguaramipana - 1 Jun 2009 7:13 PM - 12 messages
Hi gurus I have a DC that I haave to rebuild the AD as I did have some DNS problems, when I try to dcpromo the DC I have no option to depromote the DC, is like the DCpromo does not not this server is a domain controler even though is ...
Score Sonicwall SSLVPN, Active Directory, password changes & LDAP / TLS ?
Lanwench [MVP - Exchange] - 1 Jun 2009 5:42 PM - 3 messages
Hi all - I have a client with a W2003 AD domain and we've recently implemented a password policy. However, it's causing grief for remote users who access Terminal Services via a Sonicwall SSL-VPN appliance. I'm trying to allow password changes (forced "..on next login" as well as ...
Score Cannot join to domain after sysprep (XP SP2)
Barkley Bees - 1 Jun 2009 4:19 PM - 7 messages
I completed an updated XP SP2 build of our internal image and performed sysprep -reseal -mini. The system drivers get detected and correctly installed but I am having a problem with the system joining the domain. When the Mini-setup wizard is about to complete it correctly asks me if I ...
Score dns copy
naguaramipana - 1 Jun 2009 4:06 PM - 8 messages
Hi gurus I have the following problem I have two DC, DCA and DCB, DCA is my OEM and DCB is my secundary, for some reason I lost the DNS on DCB, is all blank, I need to copy everything that is ...
Score The only domain admin had been disable, how to re-enable?
arkle - 1 Jun 2009 3:58 PM - 8 messages
hi, My server 2003 have ad, and days ago, I applied a gpo to disable the admin. When I try to logon to the system, it says that the admin account have been disable. The system have the only admin, and I do remember the password. And other account have no access to logon to the system. ...
Score Importing standalone domain into new forest root
Sean - 1 Jun 2009 2:53 PM - 3 messages
Hey everyone, I've been scratching my head on this one for a while now.  I thought I'd post here for some enlightenment.  As you might gather from my email address, I'm more a Unix guy than Windows.  (I know, I know...) ...
Score Openings for Security Admin at DC
Aniket - 1 Jun 2009 2:31 PM - 3 messages
Subject: Urgently Need Security Admin for 2-3 Years project in Washington, DC Hi , This is Aniket M from Techclique Inc. With reference to your resume online, client is hiring Security Admin. having over 5 years of IT experience for their Washington, DC office. Below is the job ...
Score Multihomed domain.
DavidIT - 1 Jun 2009 1:09 PM - 18 messages
Hi everyone, I know that a multihomed domain is not recommanded but we have no choice, it's there and I can't change it. So here's the situation : We have a win2003 domain with VPN server, so first NIC is physical and second is virtual VPN for secured data. I've followed the guide at [link] (Meinolf Webe's post). ...
Score GPO deleted by mistake need help
Kashif - 31 May 2009 11:16 PM - 7 messages
I deleted the GPO by mistake from the following Folder on my primary DC1. C:\WINDOWS\SYSVOL\sysvol\nustep.com\Policies All network computers are reporting this error now: Windows cannot query for the list of Group Policy objects. Check the event ...
Score Security Failure Audit Account Logon Event ID 675
Kashif - 31 May 2009 10:25 PM - 2 messages
I'm sorry for posting this here, I couldn't locate the proper group to post it. My Primary Domain controller is Filling this Failure Audit EVENT" every few minutes. Source: Security Event ID 675 NT AUTHORITY\SYSTEM Computer DC! ...
Next » 2 3 4 5 6 7 8 9 10