Home All Groups Group Topic Archive Search About

Windows Server Active Directory

microsoft.public.windows.server.active_directory
Score AzMan and ADAM Issues
Kreshiv - 19 Jun 2009 9:05 PM - 7 messages
Hi, I am trying to create a WCF that interacts ADAM and AzMan. Can you tell me what is the configuration needed, for a WCF to work successfully. I am using Windows Authentication for my application. I want to use ...
Score Problem with DNS for VPN users
plutoz - 19 Jun 2009 7:14 PM - 7 messages
I've got an Active Directory domain for our department, it was set up before I got here. Everything works just fine and dandy for LAN PCs which are domain members using my AD DC/DNS servers for resolution. The problem comes when users are accessing the network via the Corporate VPN (which I have no control over), they are forced by the VPN software to use the Corporate (unix based) DNS servers. The folks that run our Corporate DNS *refuse* to add any entries for my AD domain name (I'm not even sure it would help if they did?) ...
Score renaming AD to subdomain of same name
robr - 19 Jun 2009 3:17 PM - 4 messages
In the past, I've always set up AD using the same internal name as our external name (company.com) and just used split DNS.  I've recently set up a new domain at this company with the intent of migrating off the old win2k based AD manually as it's a total mess.  I have AD set up, along with Exchange server on another machine (A VM really), SQL server on a third and a 4th with nothing yet.  All running Win2K8 x64. ...
Score List of users logon to AD
spmx43 - 19 Jun 2009 1:51 PM - 5 messages
Can I generate a list or number of users logon to AD ? Just looking for the total number of users. thanks -- spmx43 ------------------------------------------------------------------------ spmx43's Profile: [link] View this thread: [link][link] ...
Score Restricted Groups Propagating to Most but not All Users...
Wes H - 19 Jun 2009 12:28 PM - 4 messages
This is weird, so I created an AD security called LocalAdmin and put a couple people I wanted to give local admin rights to into that group.  I then went into the Default Domain Policy and under computer/security/restricted groups ...
Score Trust between 2003 native and windows NT domain
Andy Mac - 19 Jun 2009 8:32 AM - 3 messages
We have an existing external 2way non-transative trust between a 2003 mixed mode domain and an Windows NT domain. We plan to change the 2003 into Native mode, but would like to know whether this would affect the trust once the change is made ...
Score LDAP over Secure Sockets Layer (SSL) will be unavailable at this t
trnsfrmrsr - 19 Jun 2009 2:07 AM - 6 messages
I"ve got a server 2008 read only domain controller (as well as a server 2008 DC). Running at server 2003 operational level. Recently i've noticed these errors popping up in the logs. LDAP over Secure Sockets Layer (SSL) will be unavailable at this time ...
Score Adm Template - Disable XP tour at first logon
Ezakial - 18 Jun 2009 11:31 PM - 5 messages
Hi, The below adm script basically disable the Windows XP tour at first logon. I've created adm template but looks like it has some issues and unable find the problem. If anyone has idea on adm template please help. ...
Score Win2k to Win2k3 migration
Prahalad Deshpande - 18 Jun 2009 6:40 PM - 5 messages
I am encountering a strange issue while upgrading a Win2k domain to Win2k3 domain. I have 5  Win2k domain controllers in my Win2k enterprise and in the process of upgrading to Win2k3  domainI had to de-commission 3 of them. ...
Score access one folder only
dlw - 18 Jun 2009 1:35 PM - 5 messages
We have a network drive that everyone has full control.  Now I need to set it up so one user is denied access to everything but one folder.  Is there an easy way to do that? Thank you. ...
Score How to block facebook by using security polocies?
Dole Bludger - 18 Jun 2009 1:23 PM - 3 messages
I have  to block access to certain websites such as [link], [link] I have windows sever 2003  and XP in my network. One domain, active directory etc ... I am wondering whether someone could direct me how to do that by using ...
Score Server needs to logon to preferred DC
Amarnath - 18 Jun 2009 12:20 PM - 12 messages
Hi, is it possible to a Server to logon to preferred Domain controller. Server is a (terminal server). Whenever users login to terminal servers, users should authenticate to a specific Domain controller, Is there any registy settings. Help is greatly appreciated. ...
Score Transfer forest root role to another DC?
Raimundas Janusis - 18 Jun 2009 10:52 AM - 8 messages
Currently i have single windows 2003 domain in my organization, there is two domain controllers in domain, first domain controller is physical server, second dc is a virtual machine which is on VMware ESXi host. Physical server which is forest and domain root dc operates with old hardware and i want to ...
Score GP Security Filtering
Yogi - 18 Jun 2009 6:09 AM - 3 messages
We have a very flat OU Structure where in there are ~500 Users in the Users OU. We now have a requirement to apply certain policy settings to 3 users in that OU. For just 3 users is it worth having an another OU or should we just group them and put a security filter on the GPO and link it to users OU? which one is a better option? ...
Score NPS DHCP with NAP
aconti - 18 Jun 2009 4:03 AM - 3 messages
Hello, what could be the reason that a quarantined client is getting a subnet of 255.255.255.0 instead of all 255's I can confirm that it is being quarantined from the security logs on the NPS server. ...
Score Cached Credentials causing problems with shares?
AJ - 18 Jun 2009 2:00 AM - 15 messages
I've never had issues with cached credentials connecting to shares in the past. Recently something has changed and I'm getting some weird messages. This is the error i'm getting in event viewer when trying to connect to ...
Score Create Bindable Object in AD
Norm - 18 Jun 2009 12:26 AM - 10 messages
We have a calendar application which we are currently using with ADAM.  We would like to migrate it to AD, but there is no msDS-BindableObject in AD.  I tried to add the necessary attributes and object class, but got constraint ...
Score WiFi Settings via GPO not working ... - [WP]
WildPacket - 17 Jun 2009 6:57 PM - 6 messages
Hi All: I am testing IAS/RADIUS Windows 2003 user authentication via WiFi Cisco Access Points. Using the User and Machine cetificates using our own CA with WPA2. Test XPSP2 notebooks connects using wifi - no issues at all. Now we have around 300 notebook users whom we want to give wifi access so ...
Score Seven and 2003 AD
Fabrice - 17 Jun 2009 5:37 PM - 3 messages
Hello It will be possible to add seven to a domain based on DC with Windows 2003 SP2 ? What about GPO ? Do we have to add adm files to configure Seven or could we apply the same gpo for Xp windows ? ...
Score newbie: Moving DC to remote location?
geekyguy - 17 Jun 2009 3:27 PM - 6 messages
Hi All: I have two 2008 DCs on a LAN, with some additional member servers, using a non-routable address space (192.168.1/24).  These servers are also running DFS-R with a common folder between them. Eventually I will be moving the entire LAN to a new location, but in the ...
Score IE GPO applied but doesn't work
jclewis - 17 Jun 2009 1:48 PM - 2 messages
We are running Server 2K3 R2 SP2 on our servers and XP Pro SP3 on our workstations. I have modified our default domain policy to create several links in Favorites in IE for each user. After running RSoP, I can see that ...
Score issue with DC replication
millin - 17 Jun 2009 1:15 PM - 35 messages
Dear All, I am having a problem with our live FTP servers. We are running our FTP servers on cluster. Whenever one of the FTP server goes down we have to take that server out from the cluster and point to that to the  other FTP server(passive). ...
Score ldap query with guid
Anonymous - 17 Jun 2009 9:50 AM - 3 messages
How do I specify a ldap query with a filter for a guid? I want to query for the property "msexchmailboxguid", I think this value might be of type "16 bytes array", not "guid", which might make it hard to ...
Score AD Users, Groups to AzMan Roles, Tasks
Kreshiv - 16 Jun 2009 11:34 PM - 2 messages
Hi, I have users and roles defined in AD. Roles and Tasks are defined in AzMan. I am not able to bring AD Groups information into AzMan. I can see only application groups in AzMan.  What are the possiblities of establishing a connection between User's Group ...
Score 2008 Server Standard to 2003 native domain
Troy D - 16 Jun 2009 11:16 PM - 3 messages
Hello everyone, Do I need to extend the schema if I just want to add a 2008 server to a 2003 native level domain and forest?  This server is going to just be a file server. Also, we will be replacing a domain controller (which holds no FSMO ...
Score Dataflow between AD and ADAM
Kreshiv - 16 Jun 2009 8:38 PM - 3 messages
Hi, I have created an ADAM Instance over AD. I am puzzled about the data flow between AD and ADAM. I have created user proxies in ADAM for AD Users. if any changes made in AD, how will it reflect in ADAM. ...
Score finding out a users permissions?
Fred Bloggs - 16 Jun 2009 8:31 PM - 3 messages
Hi, is there an easy way to find out a individual users access permissions? I've walked into a job, and the previous IT staff did not do things by the book, and instead of assigning folder access by groups, they have done it by ...
Score Executable Whitelisting via GPO
Kord - 16 Jun 2009 7:36 PM - 4 messages
I am wondering if anyone has had any experience with whitelisting executables via a GPO. I have not yet tried this and am thinking about moving towards this as an added measure of prevention and security. Any thoughts/comments/real world experience would be great. Also, any links to papers discussing this would help too. -- Kord ------------------------------------------------------------------------ Kord's Profile: [link] View this thread: [link][link] ...
Score DNS Best Practise
Kerry - 16 Jun 2009 5:37 PM - 6 messages
There has always been this question about what is the best practise when it comes to configuring the primary and secndary DNS servers on AD DC's where all DC's are DNS servers. I usually recommend that the Primary DNS on a DC should point to itself (provided its also a DNS Server) and the secondary DNS should be configured to use an upstream DC. ...
Score windows 2008 and windows nt
ALL - 16 Jun 2009 4:56 PM - 4 messages
I want to add a windows 2008 domain controller to our windows 2003 functional level domain, i have already done the schema update. We have one nt server left on our domain (it will be gone in the next 6 ...
Score sid's and sid history
Kevin Gallagher - 16 Jun 2009 4:18 PM - 5 messages
I have recently had a problem with our Sharepoint Service after our content database was disconnected and then re-connected. We encountered problems logging on untill we re-imported the user profile. Our sharepoint developers tried to blame the situation on all the user object sid's in AD being ...
Score Adding Win 2008 Svr to existing Win 2003 svr AD ...
E-Double - 16 Jun 2009 3:21 PM - 4 messages
What would be the process to add a new Win 2008 svr to an existing Win 2003 svr AD (currently single DC/PDC) with the intentions promoting the new Win 2008 svr to PDC and retaining the exististing Win 2003 svr as a DC (demoting ...
Score foresteprep, domain 2008 r2 issues
jrottman - 16 Jun 2009 1:38 PM - 3 messages
I am having issues promoting a 2008 R2 box to a domain controller.  The error I receive is that I need to first prep the domain for 2008 R2. However I already have prepped the domain for 2008 R2 with the 2008 R2 media on the active domain controller.  If I try to do it again, it just tells me that this domain is already prepped for 2008 R2 and that no changes were made.  Below is how I came to this point (the constant promotion/demotion) was for testing purposes.  I have 2 boxes, the original 2003R2 box which remains 2003R2, and the other test box which gets 2008 and 2008R2 installed and reinstalled. ...
Score Format of userParameters for Terminal Services
Michael_Ströder - 16 Jun 2009 11:58 AM - 3 messages
HI! Is there a documentation available for the format of attribute 'userParameters'? When setting data in the tab "Terminal Services Profile" I see some binary blob with ASCII key-words like "CtxCfgPresent" or "CtxWFHomeDirDrive" but I can't figure out the exact ...
Score How to Restrict Access MsPaint
Omar Rodríguez - 16 Jun 2009 11:49 AM - 4 messages
Hello, Could you please give me an idea about how to prevent access to ms paint thru policies. I already have the start menu setted, so the agent can't see the link. But when they open an image they can use right click and edit the image using ...
Score Forest Trust: Restricting access to Domain in logon
Rickd139 - 16 Jun 2009 10:47 AM - 8 messages
I'm researching setting up a one way Windows 2003 forest trust between Domain A and Domain B.. Domain B users will need to access resources in Domain A. Both domains are at Functional level Windows Server 2003. Users will have accounts in both domains ...
Score Personal certifikate
Paco - 16 Jun 2009 9:38 AM - 3 messages
Hi! I am trying to deploy a certifikate (*.pfx) to all the computers in our domain. But I can only get it to show up under trusted root certification with gpo. And I need it to end up in Personal/Certificates instead. ...
Score DC Not Accepting Any Replications from Partners
Charles - 16 Jun 2009 12:21 AM - 3 messages
Hi All: One of our DCs get to the point where it does not accept any replication from its partners.  I can net view \\dc01 and see the netlogon and sysvol shares fine while the problem occurs.  Doesn't help if I restart netlogon but ...
Score Anonymous LDAP queries on one DC?
trnsfrmrsr - 15 Jun 2009 8:57 PM - 5 messages
We've got active directory setup with a functional level of server 2003 and we've got 2 AD DS server 2008 servers along with a handful of server 2003 DCs. We've run into an application which requires anonymous ldap queries for ...
Score disable gpo
Ondrej Sevecek - 15 Jun 2009 7:49 PM - 9 messages
hello, how do I disable application of Group Policy objects on XP 2003 Vista 2008 ? a) there is the DISABLEGPO registry key, but is it really supported? b) the Group Policy Client Service can be disabled only manually in the ...
Score AD merge with exchange 2007 srv, can ADMT do it?
pgartner - 15 Jun 2009 7:35 PM - 8 messages
Our company (AC) was just bought out by T Company and I want to merge our active directories and exchange 2007 servers Our goal is to merge the AD, keeping the users experience (profiles, shares, emails) unchanged as much as possible. Then move the mailboxes ...
Score Homepage set in GPO not working in Win7 w/ IE 8
E-Double - 15 Jun 2009 6:11 PM - 2 messages
For some reason the default hompage for the organization setup in a GPO is not working on a test machine running Windows 7 and IE 8 that has joined the domain.  IE 8 on this new machine just keeps defaulting to MSN, but all of ...
Score A Way to Export Local Policy?
Charles - 15 Jun 2009 3:25 PM - 5 messages
Hi: Is there a way to save off the policies set for a system?  We have a system in the AD that has policies set that were not set via AD GPOs.  Also have a system not in a domain that we want to make a copy of the policies so we can ...
Score GP errors
abckid - 15 Jun 2009 8:08 AM - 14 messages
Hi, We have Win2K3 Domain, Single Forest / Single Domain. There are 2 DCs. The primary DC is fine. In secondary DC i get errors every 5 minutes in the event log as below, &&&&&&&&&&&&&&&&&& ...
Score Problem creating AD zones
Taz1972 - 15 Jun 2009 7:41 AM - 7 messages
Hi, We recently installed a new server 2003 DC at one of our sites in the far east. But when I try to create a new forward zone, I get the message: "The zone cannot be replicated to all DNS servers in the (null) Active ...
Score WSUS 3.0 sp1 is failing to download and synchronise updates
aconti - 15 Jun 2009 6:01 AM - 2 messages
on the application event log on the server whenever I approve a download it fails and in the event log it says: Content file download failed. Reason: Error calling [kernel32.dll]:CreateDirectory(c:\WSUS\WsusContent\6C) Source File: Destination File: ...
Score winxp, vista, 2003
dlee12 - 14 Jun 2009 6:35 PM - 3 messages
hi! I've a win2003 domain env. What access rights or group should a user be in in order to have rights to join winxp machine to the domain without having administrator rights? Thks. ...
Score Slow Application Access after joining the client to Domain
Kerry - 14 Jun 2009 3:48 AM - 7 messages
Hi, We are seeing a strange problem with one of DB2 Application. The DB2 server runs on an AIV Machine and the DB2 clients run in XP Machines. When the XP machines are part of a workgroup, the DB2 client works just fine i.e. when the user clicks on the application the applictaion credentials windows pops up within 2 seconds, however when the same client is joined to the domain, it takes 60-100 Seconds for the application authetication wlindows to pop up. ...
Next » 2 3 4 5 6 7 8 9 10