Home All Groups Group Topic Archive Search About

Windows Server Active Directory

microsoft.public.windows.server.active_directory
Score How To Set This Users Right Access ?
Eng Teng - 13 Jun 2009 1:49 PM - 5 messages
How do I create a folder (USERS) with read only to everyone, in USERS folder have one folder call USER A with change control to User A but no access to anyone. C:\USERS\     {Everyone Read only} ...
Score Active Directory - Internet Access Control
mroweh123 - 13 Jun 2009 7:01 AM - 10 messages
Hello everybody, I have a windows 2000 active directory enviroment, usual configuration, nothing fancy. I have three types of users: those who can access any site, those who should not access any site, and those who have access only to a fews sites. All three kinds of users will use the same computer at different times, so I need to do the restriction on the user level not on the machine. ON the machine IE , firefox and Chrome are all installed, so IE specific solutions will not do the job. How can control the internet access level for each user as described above? ...
Score DHCP server not working
aconti - 13 Jun 2009 4:04 AM - 4 messages
DHCP server shows with a red cross and in the details it says; Cannot find DHCP server The dhcp server you specified cannot be located. The dhcp server might be down, there might be network problems, or the dhcp service might not be installed. ...
Score subinacl to remove unknown sids
study - 12 Jun 2009 7:22 PM - 12 messages
After the domain migration, I'd like to remove the dead sids that are left from the folder/files after decommissioning the old domain. What would be the actual subinacl command to remove dead sids (old domain's local groups like old domain/domain users, old domain/domain admins) ...
Score Retiring Domain Controllers and DNS
Joe - 12 Jun 2009 6:47 PM - 4 messages
Greetings all, We are in the process of refreshing our servers, which six of these servers happen to be the first  domain controllers and domain name servers (DNS). So of course every member server is pointing to one the six domain ...
Score Re: Disabling password expiration
jaredhenry - 12 Jun 2009 6:22 PM - 2 messages
They are all correct. Set the expiration to 0. If you are having issues please be sure to open up your command prompt and update the group policy on the domain by: gpupdate /force. I hope this helps. Jared Henry [link] -- jaredhenry ------------------------------------------------------------------------ jaredhenry's Profile: [link] View this thread: [link][link] ...
Score User to UserProxy failed in some users
Kreshiv - 12 Jun 2009 4:38 PM - 10 messages
Hi, I am trying to bind AD to ADAM. [link](WS.10).aspx I was able to create sync and then I followed this link and tried to change Users to Proxy Users in my ADAM Instances. I has changed some users to ...
Score Unable to SSO to TS
McDavid - 12 Jun 2009 2:14 PM - 10 messages
I am unable to use SSO to connect to any of my Terminal Servers.  I am always prompted to logon to the server even though the RDP client says "your windows logon credentials will be used to connect". - Terminal Server ...
Score Windows 2008 transition
southpaw - 12 Jun 2009 12:35 PM - 3 messages
Hi , Most of my remote site DCs are running Win2003 SP1 except the hub site running Win2003 SP2. My question is do I need to install SP2 on all DCs in my forest before extending the schema to Win2008 and adding a new  DC ...
Score Domain Name Renaming
Jaz.. - 12 Jun 2009 7:57 AM - 7 messages
Hi All, We do have a setup in house AD and OCS 2007 but not OCS 2007 R2 and windows OS is windows 2003 servers. We need to change the domain name since we implemented the name in such not recommended way. ...
Score where to look for delegate in Active Directorey
Gaurav Bhardwaj - 12 Jun 2009 7:43 AM - 9 messages
is there a way to look for Delegates  on all Container or  in a particular container in windows server 2003 active directory and what rights have been delegated that user... ...
Score new server
StevenLouie - 12 Jun 2009 7:21 AM - 2 messages
Hi, got a couple of basic qutestions here. planing to upgrade from win 2000 AD to 2008 and exchange 2000 to 2007.  we have a dell poweredge server 2900 with RAID 1 and RAID5 (partitioned to two logical drives).  it is compatiable with 64-bit and all that. ...
Score DC question
RC - 11 Jun 2009 7:22 PM - 10 messages
I have a situation where I have a site with 1 DC. The current OS is 2003. I have the hardware to build a new DC for this site and want to use 2008 but I need to retain the old IP address. Any thoughts towards ...
Score w2k3 post sp2 updated needed for dcs
susang - 11 Jun 2009 7:10 PM - 4 messages
does anyone know what specific post sp2 updates/fixes are needed specifically for domain controllers (e.g., 940925).  thanks. ...
Score Can you help please
Mathieu - 11 Jun 2009 7:05 PM - 3 messages
Hello! I install Windows Server 2003 server with nntp. I installed the server configuration with nntp "moderation messages. I configure the server so that each post message, a file .aod is created. But how to take them into account to validate the file .mod created by ...
Score Power Option
Rajnish - 11 Jun 2009 5:52 PM - 3 messages
I've a windows 2003 domain and want to set up power option on desktops/laptops having winxp as OS..How can i perform it..can anyone details the process... ...
Score Bridgehead DC
Kerry - 11 Jun 2009 5:18 PM - 5 messages
Our AD Forest consists of an Empty Root and a Single Child Domain. We have a Hub and Spoke Model Replication Model, where we have both the Root and Child Domain DC's in the Hub Site and spoke sites have child domain DC's. One of the Child Domain DC is configured as a BH of the Hub Site. We are seeing errors in DCDIAG taken from a Root DC in the hub site like the one shown below: ...
Score Clients hanging, file share browsing slows, logins take minutes
cjhaugen - 11 Jun 2009 2:25 PM - 13 messages
I have been dealing with some strange issues ever since I moved from a Win2003 DC w/ File and Print to a new 2008 DC w/ File and Print.  What happens is periodically client machines just start "slowing down".  ...
Score Bulk remove orphaned SID
dfw63 - 11 Jun 2009 2:23 PM - 8 messages
I would like to bulk remove an orphaned SID that was granted Send As rights to many accounts in our domain.  What is the best way to do this? ...
Score DNS conditional forwarding
aconti - 11 Jun 2009 2:45 AM - 8 messages
Hello, if I have a headquarter and a branch office which host active directory for example headq.test.com and bra1.test.com and I use conditional forwarding to forward all bra1.test.com queries to the branch office dns server and vice versa how will I be able to browse the remote internal network since internal computers will still have an ip address of 192.168......  and not external ips ...
Score Functional Levels
TSAM - 11 Jun 2009 2:16 AM - 7 messages
Hello, I have a Windows 2003 domain with all 2003 domain controllers. We run Exchange 2003, SQL 2003/ 2005 etc. We have some Windows 2000 member servers hosting some custom applications. I am planning to install Windows 2008 additional domain controllers in our ...
Score Cross Domain privialges for Domain Admins
blankmonkey - 11 Jun 2009 12:26 AM - 11 messages
2008 native Domain setup (no 2003 or older)                             /----Domain-Child1 (Users) Domain-Parent--- ...
Score Restoring a particular GPO
study - 11 Jun 2009 12:16 AM - 6 messages
Is it possible to restore a particular GPO using a system state backup? Assuming that the GPOs by themselves weren't backed up separately by using GPMC and right clicking and backup method. Thanks ...
Score Linking GPO from another domain
study - 11 Jun 2009 12:14 AM - 3 messages
Does linking a GPO that exists on another domain but within the same forest work? Let's say we have domains A, B, and C. Domain B has a GPO named "enable terminal services". Can I link this same GPO "enable terminal services" to domain A's OU and ...
Score AcceptSecurityContext and Service Accounts
neelsmail - 10 Jun 2009 8:07 PM - 3 messages
Hi, I have a service running on one of the servers in domain. As long as it runs in context of Local Service Account,  I can use SSPI (GSSAPI) to authenticate to it. But as soon as the service is run in context of ...
Score ADAM - Migration of Replica from Workgroup to Domain question
Ted Wagner - 10 Jun 2009 7:59 PM - 15 messages
I'm currently involved in a project where we had two ADAM instances set up... one on two unique servers.  One was a replica of the other.  Our new application that will be using ADAM will be using AzMan and we will be adding ...
Score Policie not running exe file
Omar Rodríguez - 10 Jun 2009 7:54 PM - 8 messages
Hello, I have a policie that run a vbs file (logon.vbs), the policie execute all the commands but not run any exec files, do you have any idea about how can I fix it? These are the lines that I am using: ...
Score Workstations hang on running startup script due to GPO
Ike - 10 Jun 2009 7:15 PM - 3 messages
Hi All, I really appreciate your comments on this. We have setup Mandatory user profiles to lock down some kiosk PCs. We got hit badly by a trojan virus. after cleaning the virus, the PC freezes on runnin startup scripts for 10 ...
Score creating a FOREST ROOT DOMAIN
JR - 10 Jun 2009 6:43 PM - 4 messages
I have a windows 2003 domain (20 DC’s).  Our goal is to rename the Domain. However, we have decided its too risky to run the domain rename tool. We have decide to do a migration. We also acquisition multiple companies and migrate ...
Score GPO-Based Removal of Registry Entries
PM - 10 Jun 2009 6:35 PM - 2 messages
I need to remove some registry values from a very large batch of PCs on a network that I support. I'd like to use a GPO to remove these values.  My question is:  Is there a particular GPO setting I can use, or should it somehow be scripted?  I'd love ...
Score Query LDAP to get user Telephone
Omar Rodríguez - 10 Jun 2009 1:02 PM - 2 messages
Hello, Could you please send me a sample script, about how get the user telephone field from active directory? We have Windows 2003 and the users are using XP. We need the user telefhone number from active directory in order to ...
Score Secondary AD question - Urgent
Luiz - 10 Jun 2009 12:36 PM - 7 messages
Hi, I have a question about Additional AD and if anyone can help me I appreciate: - I have an AD 2003 environment wiht one Primary AD that is holding all 5 FSMO´s and several Additional AD sites. ...
Score Windows File Server Resource manager - notifications
Zeno - 10 Jun 2009 11:14 AM - 2 messages
I have a query I'd like to clarify. For the Win2k3 File Server Resource Manager "quota" implementation if I set an email alert at 80% usage does that mean it sends an alert when I reach 80%. Does it keep sending email alerts everytime I write to the share or ...
Score site active directory brandwidth
slardy - 10 Jun 2009 10:03 AM - 3 messages
Hello, I'm french student and I don't wrote english very nice. Sorry. I saw in several documentation (technet, book...), site Active directory are used for low and expensive connection. I would like to know the pourcent rate of impact of the replication to the ...
Score Bande passante site active directory
slardy - 10 Jun 2009 9:49 AM - 2 messages
Bonjour, Dans les diverses documentations Active Directory (technet, livres...), les sites AD sont (souvent) utilisés lors de liaisons distante coûteuses, faibles, etc... J'aimerais savoir quel est la "fourchette"  de vitesse de liaisons, de bande ...
Score Moving domain and exchange
Chris Hill - 10 Jun 2009 5:24 AM - 7 messages
We have a project where we have an existing machine which is a domain controller and a machine which is an exchange 2007 server. i believe the exchange server is running on server 2003 x64. We need to go to new equipment which will run server 2008 and and keep ...
Score DNS Scavenging
Kerry - 10 Jun 2009 5:02 AM - 4 messages
We are planning to turn on DNS Scavenging (default values 7 days) and are currently doing a risk assessment. Would like to know if there is any way that we can know what all records will be deleted when scavenged is enabled? ...
Score Mixed forest Authentication issue - Active Directory netbios name
Todd - 10 Jun 2009 2:07 AM - 6 messages
Hi, I'm new to newsgroups and thought I'd start by posting a problem that has me completely stumped. I work for a company that has 2 forests and multiple domains.  Forest A has only 1 domain and exclusively uses W2K servers. A new W2K8 domain has built ...
Score multiple User logon name?
vdz - 10 Jun 2009 1:53 AM - 7 messages
Hi All, Is it possible to have multiple user logon name? such as user John Smith, could he have either jsmith or john.smith? The reason being is that we are merging with another company. Our user logon name is jsmith but they have john.smith. So to avoid confusion, once I get ...
Score List printer in active directory on other side of VPN
Gerry - 10 Jun 2009 1:12 AM - 6 messages
Sorry if this is in the wrong group. We are running Windows Server 2003 with AD. We have a remote office that is connected to the main office via a VPN. The main office uses a network address range of ...
Score Allow Terminal Server RDP Access to Servers via Group Policy
Wes H - 9 Jun 2009 8:41 PM - 8 messages
Ok, this is a weird one.  I have created a new user called netadmin and then put it into our AD 2003 builtin group called Remote Desktop Users.  I then went to AD and default domain policy and enabled two things: ...
Score Issue while setting user password in ADAM using JAVA
VinodMaladkar - 9 Jun 2009 7:06 PM - 6 messages
Hi, I running into some issues while creating a user record in ADAM using java. I have customized ADAM schema. If I add, "msDS-UserAccountDisabled", "FALSE" in java code it fails. I have couple of questions... 1) When I created user using ADAM EDSI tool, in which attribute the password value will be stored. I tried unicodePwd and userpassword, but they are empty. ...
Score Help moving a single user from a child to a parent domain
Little Help Please... - 9 Jun 2009 7:03 PM - 6 messages
Hello, I have sent some questions before, but maybe didnt explain myself.  I appreciate all that have sent info. I have a user who has had a lateral transfer.  The new dept. is in the parent domain.  Their old dept was in the child domain. ...
Score 2 DC's in single domain with 2 Vlans
maki - 9 Jun 2009 6:38 PM - 4 messages
I've got a question about this scenario: same company, two different staff groups: Staff A and Staff B.  Each one is separated by different vlans. So one is on for instance 172.16.a.b network and the other is on a 192.168.16.a ...
Score Movetree User, local profile issue Windows cannot log you on because your profile cannot be loaded..
Little Help Please... - 9 Jun 2009 5:09 PM - 7 messages
Hello, Ran movetree to move a user from a child domain to a parent domain.  The account moved successfully.   Now when the user tried to log on to their laptop to the new domain, they get a profile error,  Windows cannot log you ...
Score Manual selecting bridgehead server in ADAM site
Alexander - 9 Jun 2009 2:16 PM - 2 messages
Good day all! I've got 5 adam instanses in 4 sites. Each instanse are on dedicated server. One of sites consists of 2 instances. I configured sitelinks in full mesh topology. But there is one problem: In site with 2 servers only on of them are aviable from other server in ...
Score KDC certificate
Kevin Gallagher - 9 Jun 2009 10:07 AM - 5 messages
I am getting the following warning. Is there a problem with my PKI  and if so what should I do? "The currently selected KDC certificate was once valid, but now is invalid and no suitable replacement was found.  Smartcard logon may not function ...
Score DHCP Reservation (active)/(inactive)
Zeno - 9 Jun 2009 6:50 AM - 6 messages
Hi, We have a Win2k3 DHCP Server with some static reservations based on MAC address within the DHCP range. What we've found recently is under the Leases were getting some reservations showing Reservation(active) Reservation(inactive) for the "Reservation(active)" ones actually for some the PC is already ...
Score Moving a user from a child domain to a parent domain.
Little Help Please... - 8 Jun 2009 9:23 PM - 6 messages
Hello, figured out how to use movetree to move a user from a child domain to the parent domain.   My concerns are, if I do this, will it affect their email, or will everything move accordingly and when they log on again to the new ...
Score INSTALL PROGRAM.EXE FROM AD POLICY WIN2003 SP2
Francisco Rugamas - 8 Jun 2009 9:02 PM - 4 messages
Hello MVP guys, I need to install a program.exe from group policy, how can I do, some ona hava a script if I needed, or pleasee helpme to find some instructions to develop this task. Thank you to all again! ...
Score Joining a PC to domain
ray3d84 - 8 Jun 2009 5:59 PM - 6 messages
How can you tell which PDC actually joined a pc to the domain? ...
Score Re: Migration from 2003 DC to 2008 DC
KPurchase - 8 Jun 2009 5:17 PM - 6 messages
I am also migrating our Domain Controller from Windows Server 2003 to Windows Server 2008. What is the best way to manage roaming profiles during this upgrade? One of our Terminal Servers is running Windows Server 2008 and when our client log into the terminal server a 'Username.V2' folder is created on the network share that houses the roaming profiles. I have been trying to setup folder redirection but it seems like all that does is create a shared folder to store user data on. I need to set this up so that a user can go back and forth between Windows XP and Windows Server 2008 and have the roaming profile loaded in each. Is this possible with folder redirection or is there another better solution that is available. Any help is greatly appreciated. -- KPurchase ------------------------------------------------------------------------ KPurchase's Profile: [link] View this thread: [link][link] ...
Score Changing the IP address on a new Domain Controller
NoeO - 8 Jun 2009 5:14 PM - 4 messages
I am planning on adding two new Domain Controllers (DC3 & DC4) and demoting my current two domain controllers (DC1 & DC2).  I would like to use the same IP address as the old DCs.  I will be doing this one DC at a time. ...
Score Language change on PDC
ray3d84 - 8 Jun 2009 4:04 PM - 7 messages
I work for a company that are headquarters in England; I am in New York where we have a PDC. The PDC in New York is setup for English UK. I would like to change the Language to English US but do not want this to updated to the all ...
Score Schema Upgrade - Windows 2003 to Windows 2003 R2
Mark W - 8 Jun 2009 3:17 PM - 6 messages
Hello, I have a domain with 5 Windows 2003 domain controllers.  I would like to take advantage of the ability to deploy printers with group policy, which requires an upgrade of our schema to 2003 R2. I am not well versed in active directory, schema, etc. ...
Score creating one way trust
dkblee - 8 Jun 2009 3:16 PM - 27 messages
hi! I'm testing on a one way trust between 2 different domain. When configuring that, i got the message the domain can't be contacted. The DC is running on win2003svr stdn r2. Is there any port that i need to open in the ...
Score Server Roles & Office Split
Ryan Laurie - 8 Jun 2009 2:05 PM - 3 messages
Hello, I currently have a company that is sharing a Windows 2003 Server domain controller and would like to split their network in half.  They have 2 buildings and have a bad and slow connection in the one building to the other ...
Score dcdiag failed ncsecdesc
Johnsp - 8 Jun 2009 2:00 PM - 3 messages
error builtin\administrators doesnt have replicating directory changes replicating directory changes all access rights for the naming context dc=forestdnszones where do  I go to enable? ...
Score dns in a child domain
Johnsp - 8 Jun 2009 1:35 PM - 5 messages
Hello I have a child domain with a screwed up dns server. the soa only lists the server name not the FQDN. Whenever i change it it always changes back to just the server name. i.e dc1 instead of ...
Score Bulk create new security groups
smc2005 - 8 Jun 2009 10:55 AM - 2 messages
Hi guys, I have over 200 new security groups to create and wonder if there is a way to create these from a csv file as I have them all in a spreadsheet. If this is something that can be done using csvde then please let me know. An example ...
Score Deploy printer in active directory not working
aconti - 8 Jun 2009 4:31 AM - 4 messages
I have deployed a printer in the default GPO but none of the clients is getting it installed automatically even when I restarted them including the server. From the default GPO I can see the printer listed under both user and computer configuration. If from a client pc I browse to the UNC path I can see the shared printer to the server and connect to it and print ok but none of the clients is installing it automatically through GPO. ...
Score Restrict PST creation
Ezakial - 7 Jun 2009 8:57 PM - 3 messages
How to restrict users creation of PST file on MS outlook 2007. I've added outlk12.adm template, but could not find the exact GPO setting. Please let me know if this is possible. Thanks ...
Score Group policies
ADVILE - 7 Jun 2009 12:27 PM - 3 messages
Hi Gents, Got a question with regards to Link order in Group policies. I have an OU with 10 GPO's Linked directly. Group policies are applying fine. One day by mistake one deletes the GPT (sysvol) from one of the 10 ...
Score Read only access to AD
Matt - 7 Jun 2009 10:11 AM - 5 messages
Hi Is it possible to give someone read only access to active directory from their workstation. thanks ...
Next » 2 3 4 5 6 7 8 9 10