Good Morning Friends Free download software and watch software

Tutorials Win: Microsoft Windows Forum

- Previous
  - 1
    - see my web. very interesting Dear friend, Please visit my website. it is very interesting if u feel free. www.goodspots5.blogspot.com www.goodspots5.blogspot.com Thanks msv Tag: Good Morning Friends Free download software and watch software Tag: 132274
  - 2
    - New DC not sharing sysvol after dcpromo in domain with 1 other unhealthy dc I can't replace my old unhealthy DC with my new healthy DC. When I try sysvol does not replicate. Event log tells me that replication canno find the domain. But i don't understand why because I can ping th domain, and the dc's, and all users can log on and retrieve g settings. I tried deleting the old DC once before I realized the new DC i ha promoted wasn't sharing sysvol. Now my network is a mess. Because tried to delete the old DC before it's replacement was full operational, DNS got screwed up. I tried to manually rebuild dns ms-kb, but as you'll see from the dcdiag output, there must still b more to do. Please. any help. I am going crazy. _DCDIAG_/V_/C_/E_/s:server-room_: (full log attached) Starting test: NCSecDesc * Security Permissions check for all NC's on DC SERVER-ROOM. The forest is not ready for RODC. Will skip checking EROD ACEs. * Security Permissions Check for DC=ForestDnsZones,DC=MYDOMAIN,DC=local (NDNC,Version 3) Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=ForestDnsZones,DC=MYDOMAIN,DC=local * Security Permissions Check for DC=DomainDnsZones,DC=MYDOMAIN,DC=local (NDNC,Version 3) Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have Replicating Directory Changes In Filtered Set access rights for the naming context: DC=DomainDnsZones,DC=MYDOMAIN,DC=local * Security Permissions Check for CN=Schema,CN=Configuration,DC=MYDOMAIN,DC=local (Schema,Version 3) * Security Permissions Check for CN=Configuration,DC=MYDOMAIN,DC=local (Configuration,Version 3) * Security Permissions Check for DC=MYDOMAIN,DC=local (Domain,Version 3) ........................ SERVER-ROOM failed test NCSecDesc Starting test: NetLogons * Network Logons Privileges Check Unable to connect to the NETLOGON share (\\SERVER-ROOM\netlogon) [SERVER-ROOM] An net use or LsaPolicy operation failed wit error 67, Win32 Error 67. ........................ SERVER-ROOM failed test NetLogons Starting test: DNS Test results for domain controllers: DC: server-room.MYDOMAIN.local Domain: MYDOMAIN.local TEST: Authentication (Auth) Authentication test: Successfully completed TEST: Basic (Basc) Microsoft(R) Windows(R) Server 2003, Enterpris Edition (Servi ce Pack level: 2.0) is supported NETLOGON service is running kdc service is running DNSCACHE service is running DNS service is running DC is a DNS server Network adapters information: Adapter [00000001] 3Com 3C920 Integrated Fast Etherne Controller (3C9 05C-TX Compatible): MAC address is 00:B0:D0:24:D4:57 IP Address is static IP address: 192.168.2.16 DNS servers: 192.168.2.16 (SERVER-ROOM) [Valid] The A host record(s) for this DC was found Warning: The AAAA record for this DC was not found [Error details: 9501 (Type: Win32 - Description: N records fo und for given DNS query.) - MYDOMAIN.local] The SOA record for the Active Directory zone wa found The Active Directory zone on this DC/DNS server wa found prim ary Root zone on this DC/DNS server was not found TEST: Forwarders/Root hints (Forw) Recursion is enabled Forwarders are not configured on this DNS server Root hint Information: Name: a.root-servers.net. IP: 198.41.0.4 [Valid] Name: a.root-servers.net. IP: 2001:503:ba3e::2:3 [Invalid (unreachable)] Error: Root hints list has invalid root hin server: a.root-servers.net. (2001:503:ba3e::2:30) Name: b.root-servers.net. IP: 192.228.79.20 [Valid] Name: c.root-servers.net. IP: 192.33.4.12 [Valid] Name: d.root-servers.net. IP: 128.8.10.90 [Valid] Name: e.root-servers.net. IP: 192.203.230.1 [Valid] Name: f.root-servers.net. IP: 192.5.5.241 [Valid] Name: f.root-servers.net. IP: 2001:500:2f:: [Invalid (unre achable)] Error: Root hints list has invalid root hin server: f.root-servers.net. (2001:500:2f::f) Name: g.root-servers.net. IP: 192.112.36. [Valid] Name: h.root-servers.net. IP: 128.63.2.53 [Valid] Name: i.root-servers.net. IP: 192.36.148.1 [Valid] Name: j.root-servers.net. IP: 192.58.128.3 [Valid] Name: k.root-servers.net. IP: 193.0.14.129 [Valid] Name: l.root-servers.net. IP: 199.7.83.42 [Valid] Name: m.root-servers.net. IP: 202.12.27.33 [Valid] TEST: Delegations (Del) No delegations were found in this zone on this DNS server TEST: Dynamic update (Dyn) Test record _dcdiag_test_record added successfully in zone amb utrans.local Test record _dcdiag_test_record deleted successfully in zone a mbutrans.local TEST: Records registration (RReg) Network Adapter [00000001] 3Com 3C920 Integrated Fast Ethernet Controller (3C9 05C-TX Compatible): Matching CNAME record found at DNS server 192.168.2.16: 41245e5d-fa39-4149-a23c-c9d75d923139._msdcs.MYDOMAIN.local Matching A record found at DNS server 192.168.2.16: server-room.MYDOMAIN.local Warning: Missing AAAA record at DNS server 192.168.2.16: server-room.MYDOMAIN.local [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)] Matching SRV record found at DNS server 192.168.2.16: _ldap._tcp.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _ldap._tcp.7dda59b8-27ac-4fa2-8b46-6e034fa2adb9.domains._ms dcs.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _kerberos._tcp.dc._msdcs.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _ldap._tcp.dc._msdcs.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _kerberos._tcp.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _kerberos._udp.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _kpasswd._tcp.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _ldap._tcp.Default-First-Site-Name._sites.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _kerberos._tcp.Default-First-Site-Name._sites.dc._msdcs.amb utrans.local Matching SRV record found at DNS server 192.168.2.16: _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ambutra ns.local Matching SRV record found at DNS server 192.168.2.16: _kerberos._tcp.Default-First-Site-Name._sites.MYDOMAIN.loc al Matching SRV record found at DNS server 192.168.2.16: _ldap._tcp.gc._msdcs.MYDOMAIN.local Matching A record found at DNS server 192.168.2.16: gc._msdcs.MYDOMAIN.local Warning: Missing AAAA record at DNS server 192.168.2.16: gc._msdcs.MYDOMAIN.local [Error details: 9501 (Type: Win32 - Description: No records found for given DNS query.)] Matching SRV record found at DNS server 192.168.2.16: _gc._tcp.Default-First-Site-Name._sites.MYDOMAIN.local Matching SRV record found at DNS server 192.168.2.16: _ldap._tcp.Default-First-Site-Name._sites.gc._msdcs.ambutra ns.local Error: Missing SRV record at DNS server 192.168.2.16: _ldap._tcp.pdc._msdcs.MYDOMAIN.local [Error details: 9003 (Type: Win32 - Description: DNS name d oes not exist.)] Warning: Record Registrations not found in some network adapters Summary of test results for DNS servers used by the above domain controllers: DNS server: 2001:500:2f::f (f.root-servers.net.) 1 test failure on this DNS server PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:500:2f::f [Error details: 1460 (Type: Win32 - Description: This operation returned because the timeout period expired.)] DNS server: 2001:503:ba3e::2:30 (a.root-servers.net.) 1 test failure on this DNS server PTR record query for the 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0. 0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa failed on the DNS server 2001:503:ba3e::2:30 [Error details: 1460 (Type: Win32 - Description: This operation retu rned because the timeout period expired.)] DNS server: 128.63.2.53 (h.root-servers.net.) All tests passed on this DNS server DNS server: 128.8.10.90 (d.root-servers.net.) All tests passed on this DNS server DNS server: 192.112.36.4 (g.root-servers.net.) All tests passed on this DNS server DNS server: 192.168.2.16 (SERVER-ROOM) All tests passed on this DNS server Name resolution is functional._ldap._tcp SRV record for the fores t root domain is registered DNS server: 192.203.230.10 (e.root-servers.net.) All tests passed on this DNS server DNS server: 192.228.79.201 (b.root-servers.net.) All tests passed on this DNS server DNS server: 192.33.4.12 (c.root-servers.net.) All tests passed on this DNS server DNS server: 192.36.148.17 (i.root-servers.net.) All tests passed on this DNS server DNS server: 192.5.5.241 (f.root-servers.net.) All tests passed on this DNS server DNS server: 192.58.128.30 (j.root-servers.net.) All tests passed on this DNS server DNS server: 193.0.14.129 (k.root-servers.net.) All tests passed on this DNS server DNS server: 198.41.0.4 (a.root-servers.net.) All tests passed on this DNS server DNS server: 199.7.83.42 (l.root-servers.net.) All tests passed on this DNS server DNS server: 202.12.27.33 (m.root-servers.net.) All tests passed on this DNS server Summary of DNS test results: Auth Basc Forw Del Dyn RReg Ext _________________________________________________________________ Domain: MYDOMAIN.local server-room PASS WARN FAIL PASS PASS WARN n/a ........................ MYDOMAIN.local failed test DNS +-------------------------------------------------------------------+ |Filename: dcdiagdump.txt | |Download: http://forums.techarena.in/attachment.php?attachmentid=7033| +-------------------------------------------------------------------+ -- tripoli ------------------------------------------------------------------------ tripoli's Profile: http://forums.techarena.in/member.php?u=52918 View this thread: http://forums.techarena.in/showthread.php?t=999736 http://forums.techarena.in Tag: Good Morning Friends Free download software and watch software Tag: 132268
  - 3
    - roomNumber attribute - Type Mismatch? I use AD Explorer to add values to the roomNumber attribute of users. When I read these later using VBScript, I get Type Mismatch errors whenever there is a value present... it's a Unicode string, yet it doesn't act like a string! Always errors out when I attempt to read it. Example: Dim objComm, objRecordSet, strDNSDomain, objConn Dim strQuery, strFilter set objComm = CreateObject("ADODB.Connection") objComm.Provider = "ADsDSOObject" objComm.Open "Active Directory Provider" Set objRootDSE = GetObject("LDAP://RootDSE") strDNSDomain = objRootDSE.Get("defaultNamingContext") set objConn = CreateObject("ADODB.Command") objConn.ActiveConnection = objComm objConn.Properties("Page Size") = 10 strFilter = "(&(objectClass=person)(objectClass=user)(objectCategory=Person))" objConn.CommandText = "<LDAP://DC=corp,DC=mydomain,DC=net>;" & strFilter & ";cn,sAMAccountName,roomNumber,distinguishedName;subtree" Set objRecordset = objConn.Execute(strQuery) objRecordset.MoveFirst While Not objRecordSet.EOF WScript.Echo objRecordSet.Fields("roomNumber") objRecordSet.MoveNext Wend Tag: Good Morning Friends Free download software and watch software Tag: 132265
  - 4
    - Disabling User Accounts After Inactivity Is there a feature in Active Directory that can be set to disable user accounts after an account has been inactive for a certain amount of time? Currently we run scripts to identify accounts true last logon date and then we disable them. Can this be set up automatically through Active Directory Tag: Good Morning Friends Free download software and watch software Tag: 132257
  - 5
    - Would Active directory application mode work in this scenario? We have a situation where our organization is represented as an OU in the overall corporate directory. We have our own admins for the OU, however the Enterprise Admins for the corporate AD reside elsewhere( in a diff country). For some reason we are not comfortable with the EA's and do not want them to be messing around with the users and groups within our OU. However I understand that in AD, forest is a security boundary and there is no way one can prevent EA's within that forest. Moving out of the corporate forest and creating one AD forest for ourselves is not an option with us due to the expense involved. The issue is that we have a certain application which we want to guard and donot want any other to launch it except one of those within our OU. At present AD users would simply launch this app, it would check whether that user belongs to one of the groups in our OU , if yes it will run under the context of the user and perfrom its work. Here is the EA's can create a user and add it to one of our groups and gain access to our application. Also this application unfortunatley needs windows tokens to work i.e. an ADAM logon token wont work. We are thinking of using ADAM ( inexpensive to maintain ) and exporting all our users and groups from our OU in AD to within ADAM. The user name and passwords of ADAM users will be known to our ppl only and being a diff boundary the corporate directory EA's wont be able to get in. We can then require the users to launch an application x whcih would authenticate against ADAM , if successful that application would lauch our application but it does so in a manner that the second application gets launched under the context of a AD user. That is the first application x verifies the user name and password against the ldap store in ADAM , if successful some kind of programming converts this to the AD logon token of a respective user in our OU in the AD and then launches the hidden application under the creds of AD user. I dont know whether the above made any sence but any help is appreciated. Tag: Good Morning Friends Free download software and watch software Tag: 132255
  - 6
    - 802.1x, Computers, Wired Security Howdy, I am trying to setup 802.1x using HP's IDM and W2K3 IAS. I am able to get the user to authenticate to IAS once they have logged on to Windows. The problem is I cannot get the computer to authenticate which is an issue because none of the GPO's will be refreshed at boot up. I've exported my CA's root certificate and have imported it into a GPO so that I can see it listed under Trusted Root Certification Authorities on the client so I'm not sure what I am missing. Does the client computer need to have a cert? Here is my setup and the error from the IAS server is below... DC1 - AD/DNS/DHCP/IAS Primary/IDM Agent DC2 - AD/DNS/DHCP/IAS Secondary/IDM Agent/Enterprise Root CA Event Type: Warning Event Source: IAS Event Category: None Event ID: 2 Date: 7/11/2008 Time: 9:13:50 AM User: N/A Computer: DC1 Description: User host/stations20dcnb.domain.com was denied access. Fully-Qualified-User-Name = DOMAIN\STATIONS20DCNB$ NAS-IP-Address = 192.168.73.2 NAS-Identifier = CORE2 Called-Station-Identifier = 00-17-08-cc-2f-00 Calling-Station-Identifier = 00-17-a4-d7-6b-45 Client-Friendly-Name = CORE2 Client-IP-Address = 192.168.73.2 NAS-Port-Type = Ethernet NAS-Port = 93 Proxy-Policy-Name = Use Windows authentication for all users Authentication-Provider = Windows Authentication-Server = <undetermined> Policy-Name = <undetermined> Authentication-Type = Extension EAP-Type = <undetermined> Reason-Code = 21 Reason = The request was rejected by a third-party extension DLL file. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: 00 00 00 00 .... Thanks ! Tag: Good Morning Friends Free download software and watch software Tag: 132250
  - 7
    - Merging active directory + NT4 domain I am part of of a large government organisation which has recentl merged with another much smaller organisation. Our organisation is stil running an NT4 domain with Exchange 5.5 - however the smalle organisation already has an active directory installed, but n centralised email system. We are planning to set up a new Active Directory for the entire ne organisation, however there is a very strong push to give the smalle organisation access to Exchange before this takes place. Managements current idea is to set-up a separate Exchange server in the Exchange 5. site and then grant access to the smaller orgs AD via a domain trust. I feel that they are going about this the wrong way and that we shoul migrate/merge as follows: 1) upgrade the NT4 domain to AD (still running Ex5.5) 2) install an Ex2003 into the new AD 3) do an AD migration of the smaller org into the new AD and give thes users accounts on the Ex2003 server 4) migrate the Ex5.5 users to Ex2003 Does anyone have any ideas/recommendations? Thanks Rya -- Rhynova ----------------------------------------------------------------------- Rhynovan's Profile: http://forums.techarena.in/member.php?u=5290 View this thread: http://forums.techarena.in/showthread.php?t=99949 http://forums.techarena.i Tag: Good Morning Friends Free download software and watch software Tag: 132245
  - 8
    - AD user account Security modified automatically? OK, I have a good one for all AD guru's... Domain Windows 2003 (SP2), SINGLE DC I have an account (I admit, MINE, the network admin) wich for some reason, when I add an account (a Blackberry related, so SEND AS is enabled) to the security tab, it keeps disapearing away at interval (have not look at exactly, so I suspect it is a default AD review time), even if that Blackberry account is also propagated to all the other users in the same OU I am a member. I tried auditing, I am uncertain exactly WHAT I should auti to find the reason behind this. I can't think of any kind of exceptions or Group policies that could cause that Blackbery account to be removed from my security Anyone with an idea or troubleshooting steps? Or more so, how to force whatever event is removing the account so I can more easily find it in the security event log? Thank you in advance! Tag: Good Morning Friends Free download software and watch software Tag: 132243
  - 9
    - watch actress profile and photo watch actress priyamani photo watch actress profile and photo watch actress priyamani photo http://priyamaniforyou.blogspot.com/ Tag: Good Morning Friends Free download software and watch software Tag: 132241
  - 10
    - A HOT NEWS FOR MICROSOFT USERS............ It's really a hot news for everyone http://polticsinfs.blogspot.com/ Tag: Good Morning Friends Free download software and watch software Tag: 132239
  - 11
    - watch actress profile and photo watch actress priyamani photo watch actress profile and photo watch actress priyamani photo http://priyamaniforyou.blogspot.com/ Tag: Good Morning Friends Free download software and watch software Tag: 132234
  - 12
    - DC failure Hi What will be the impact to the member servers if my DC is down. Let' say all my DC are down. We are trying to find out how the member server will be affected if the DCs are down. We have cluster servers and membe servers. Can someone advise us on this? Thank -- Domo ----------------------------------------------------------------------- Domon's Profile: http://forums.techarena.in/member.php?u=4809 View this thread: http://forums.techarena.in/showthread.php?t=99940 http://forums.techarena.i Tag: Good Morning Friends Free download software and watch software Tag: 132229
  - 13
    - Prestage computer account and Windows Deployment Hi I would like to know how I can prestage a computer account in our AD so I can use it with our Windows Deployment server? /Lasse Tag: Good Morning Friends Free download software and watch software Tag: 132228
  - 14
    - rendom, ADSIEdit, and GPUpdate issues I appear to have the problem indicated in: http://support.microsoft.com/kb/896983/en-us 1. The "link below" to "rendom.exe" doesn't exist in that link. 2. Using ADSIEdit a) I don't see the rootTrust or trustParent attributes and b) I don't see how you would add or remove an attribute even if I found it. 3. The only cross-ref object I'm seeing is under Schema. Am I even close? Tag: Good Morning Friends Free download software and watch software Tag: 132219
  - 15
    - Where is Admin account being used? Hello, I am working with a domain where the main Administrator account has been (stupidly) used as a service account somewhere on the nework. The password has been changed for this, and now i am seeing many many events where the administrator account has attempted to logon, but cannot as the password is wrong. As this is the main admin account, it is not locked out, but i would like to know how to find out where the account is being used from. This would be handy to audit other accounts floating on the network also. Cheers. Tag: Good Morning Friends Free download software and watch software Tag: 132218
  - 16
    - AD Administrator account - where is it being used? Hello, I am working with a domain where the main Administrator account has been (stupidly) used as a service account somewhere on the nework. The password has been changed for this, and now i am seeing many many events where the administrator account has attempted to logon, but cannot as the password is wrong. As this is the main admin account, it is not locked out, but i would like to know how to find out where the account is being used from. This would be handy to audit other accounts floating on the network also. Cheers. Tag: Good Morning Friends Free download software and watch software Tag: 132217
  - 17
    - We, www.chinadvdwholesaler.com, located in China, are specialized in Dear Sir or Madam. 1.What we are: We, www.chinadvdwholesaler.com, located in China, are specialized in the wholesaling and distributing of varies of DVD, VCD, MOVIE, TV SHOW, etc with high quality and competitive price. 4. Our Products: Nearly all the popular titles are available in our store, recently we have Sopranos, Stargate, Star trek, Star War, CSI,Baby Einstein, La Femme Nikita,007,West Wing, Friends, Sex and the City, Desperated Housewives etc on sell. All DVDs are Chinese original release, region free and NTSC/PAL format compatible, will play on all region code DVD players with original English audio. Please feel free contact us for the details 5. Contact : E-mail : sales@chinadvdwholesaler.com Website : www.chinadvdwholesaler.com Tag: Good Morning Friends Free download software and watch software Tag: 132216
  - 18
    - Creating Subdomains and routing emails Hello, We have Windows 2003 domain called abc.com. I want to create a subdomain caled marketing.abc.com. We need to create users with address name@marketing.abc.com under AD. What is the best way of approaching this? We also run Exchange 2003 at this primary site. What needs to be configured for routing mails addressed to this subdomain? Also, will this cause issues to current root domain, meaning user@abc.com? Thanks much Tag: Good Morning Friends Free download software and watch software Tag: 132215
  - 19
    - 2008 DCPromo OS Compatibility Warning "Some operations on clients running versions of Windows earlier than Vista with Service Pack 1 are also impacted, including domain join operations performed by the Active Directory Migration Tool..." We actually want to use ADMT to take a bunch of XP SP2 boxes and migrate them to the 2008 domain. Are we sunk? Will SP3 take care of this? What other 2008 AD compatibility issues could we face? Tag: Good Morning Friends Free download software and watch software Tag: 132211
  - 20
    - Date format on server and client Hi, We are deploying active directory on windows server 2003 R2 SP2 and windows XP Pro SP2 and SP3 clients. It seems on rare occasions, the date format used on the client computer changes to the one that is used on the server. We are in Canada so the date format should be dd/mm/aaaa but on the server it was set to aaaa/mm/dd. The client computer has the right settings localy, but sometimes it picks up this odd date format. I was wondering if there is a way for me to change this. I tried changing the date format on the server, but it didnt change anything on the client, after the gpupdate or a new session. If i open a session locally on the client, the date format is ok, but connected to the domain, it's wrong. It seems also i dont see this happening on every station. Any hint ? If you need more info, let me know. Thanks for your time. Bertrand Tag: Good Morning Friends Free download software and watch software Tag: 132209
  - 21
    - Group Policy Hi We want to setup a policy in our domain where screensavers will come on and lockout after a certain amount of time. The problem is we don't want all workstations/servers to have the screensaver policy. We would like to have two different groups. One with the policy of screen savers and one without. I thought creating another GPO would be key but I'm not sure how to proceed. I am kinda new but I do have GPMC installed and I can edit my default domain policy and it works fine. Thanks for anyone who can help me out. Tag: Good Morning Friends Free download software and watch software Tag: 132206
  - 22
    - "List in the Directory" permission How can I only assign a certain custom security group that I have created "Printer Publishers" the "list in the directory" right/permission? Right now it seems any user can clikc "List In The Directory" for any shared printer and it show up in my list of printers in active directory... don't want that, only want the group to be able to publish printers. Tag: Good Morning Friends Free download software and watch software Tag: 132197
  - 23
    - Docs Redirect and Administrator permissions Hi all, I want to make sure I've done this right. I am working on a server in which redirects were applied for My Documents. The option in Group Policy to make access Exclusive was checked. I needed to setup a robocopy script to move files nightly to another folder for backup redundancy. (It's a temporary measure.) I followed the instructions here: http://support.microsoft.com/kb/q288991/ I allowed a particular account in and given them full control. (In my case, the parent folder I applied the permissions to is D:\Redirects) In order to reapply permissions on all objects, I had to take ownership of the files and folders. Subfolders (the user folders) are not inheriting permissions from D:\Redirects) Here's where I'm confused: Creator Owner is set to Full Control on D:\Redirects, but even though I've reapplied ownership for each user on those objects in their folders, Effective Permissions doesn't show them to have full control on the objects. My goal: Allow Administrators FC to ALL user's redirected folders and their contacts and to allow each uesr FC access to their own folder and objects. Cheers, Mike.... Tag: Good Morning Friends Free download software and watch software Tag: 132194
  - 24
    - Merge / consolidate GPO's Hi, I need to consolidate multiple group policies into one. However I would like to avoid having to do this manually and was wondering if a tool existed which could merge policy settings. The import functionality within GPMC doesn't do it, it just overwrites any existing settings. I've looked into powershell scripts and 3rd party tools and cannot fins anything. Any help would be greatly appreciated. Regards, Dunc. Tag: Good Morning Friends Free download software and watch software Tag: 132186
  - 25
    - watch actress profile and photo watch actress priyamani photo watch actress profile and photo watch actress priyamani photo http://priyamaniforyou.blogspot.com/ Tag: Good Morning Friends Free download software and watch software Tag: 132183
- Next
  - 1
    - Outlook office 2003 + Group policy I need my users to use the same signature fomart. I have been able to disable the the signatures but now to link the required signature to the GP is the problem -- Any job can always be better done, when pple share ideas Tag: Good Morning Friends Free download software and watch software Tag: 132181
  - 2
    - A SHOCKING NEWS from Microsoft....... It's really a hot news for everyone http://polticsinfs.blogspot.com/ Tag: Good Morning Friends Free download software and watch software Tag: 132180
  - 3
    - watch actress sexy photo from movie clips and watch actress profile watch actress sexy photo from movie clips and watch actress profile http://priyamaniforyou.blogspot.com/ Tag: Good Morning Friends Free download software and watch software Tag: 132173
  - 4
    - finding out client name for a user logging in to a remote server I have a requirement to display last successful logon for an account and the location from which that logon occurred. When a user logs on to a workstation the location would of course be the hostname of that workstation. I'm using Visual Basic Scripting to do this. It was working fine until today while I was of course showing it to our security person. Even though I took into account when the user logs on to a workstation and the %CLIENTNAME% environment variable is not set, it seems that for some reason when logging onto a server %CLIENTNAME% can be set to "console" sometimes. This is strange considering I'm not asking for the Session Name which can be "console". I'm asking for the Client Name. When %CLIENTNAME% equals "console" when running my script or when running the 'set' command, if I look at the Users tab in Task Manager the Client Name is still the hostname of the maching I'm using to remote into the server. Strangely, I thought that on the Users tab the Session Name would be listed as "console" when I use Remote Desktop to logon to the console of the server. I'm using Win2k3 R2. The Session name is always a RDP session # whether I connect to the console or not. But that's not something I'm worrying about at the moment. Can anyone explain to me the circumstances that cause %CLIENTNAME% to be set to "console" as opposed to the user's workstation? I could test for it in my script if I knew the conditions under which it occurs. I'm currently using the following to grab the variable: strFromHost = objShell.ExpandEnvironmentStrings("%CLIENTNAME%") Thanks Brandon Tag: Good Morning Friends Free download software and watch software Tag: 132167
  - 5
    - Windows XP Mini-Setup not joining computers to existing account in We have a Win XP SP2 standard image we deploy onto a lot of our computers. The image has been sysprep'd and when booted, it goes through XP's Mini Setup using sysprep.inf to answer all questions except Computer Name. What we've tried doing is creating machine accounts in Active Directory (2003 Mixed Mode) in the OUs that we want the computers to end up in, and then (days later) booted the machines and allowed them to join the domain during Mini Setup. However, instead of joining the existing accounts, Mini Setup is creating a NEW account in the Computers OU in the root of AD. So now I have two machine accounts in AD with the same name. I have to track down the other account, delete it, and move the computer into that container a few minutes later after replication has finished. As far as I'm aware, this isn't the way its meant to work, is it? In Windows XP, if you join a computer to the domain by hand (outside of Mini Setup), it joins the existing account. Shouldn't the same happen in Mini Setup, or is there something I'm missing? TIA Tag: Good Morning Friends Free download software and watch software Tag: 132166
  - 6
    - Loggin on in determinate DC Hi, I have 3 Domain Controllers. Two in Site A and one in Site B. Is ther possible set a numeber of users to log on in a DC of Site A, being that users from Site B? Thanks. Luiz Tag: Good Morning Friends Free download software and watch software Tag: 132158
  - 7
    - Setting File -- Open Dialog box to a default location All, How can I through GP setting the default location for the File -- Open Dialog box to My Computer? We restricted C drive, it it defaults to that, so everytime they go to file -- Open, it gives them an error saying that its restricted. Thanks! Tag: Good Morning Friends Free download software and watch software Tag: 132152
  - 8
    - Certificate Help Hello, I've just installed our first Enterprise Root CA on one of our DC's running W2K3 Standard SP2. On another DC I'm trying to request a computer certificate, but am having trouble. When I go to the web page to request an advanced cert I am given the option of Administrator/Basic EFS/EFS Recovery Agent/User/Subordinate CA/Web Server. Am I missing something? I need a computer certificate becuase this DC is also my RADIUS server and I need a cert inorder to setup PEAP. Thanks! Tag: Good Morning Friends Free download software and watch software Tag: 132150
  - 9
    - AD Replication Monitor I ran the AD Replication Monitor. Under Current Transitive Replication Partner Status I am showing 7 "Partner Name: **DELETED SERVER #7". What exactly is this telling me? Is this a previous dc that didn't get deleted properly? I am fairly new to this organization so I don't have a lot of history on this domain. Thanks! Tag: Good Morning Friends Free download software and watch software Tag: 132149
  - 10
    - Adding Domain Controller Hi. I'm adding an additional domain controller (2k3) to an existing domain, which has only one DC that is also a 2k3 server. I ran dc promo on the new server and chose to copy active directory from an an existing DC. I received an error stating the forest was not ready, and to run adprep against the existing DC. I checked the functional level of the domain and forest in the existing DC and found it was set to 2000 level. I raised it to 2003 and thought that would help. It didn't. I also got an errors when trying to run adprep against the existing DC. I didn't think adprep was necessary when there weren't any 2000 servers on the domain. Any ideas? thanks Tag: Good Morning Friends Free download software and watch software Tag: 132134
  - 11
    - Moving FSMO roles I plan to install a new DC w/gc on new hardware and transfer all the FSMO roles from the existing DC. What are the best practices for moving them? Is there a certain order, waiting period between moving roles, etc.? Very simple environment - 2 dc's, default site config, 1 domain. The old and new servers will be in the same vlan, same physical location. The other dc (not a gc) will be in a different office (25mi.) - GigE 100Mb WAN connection. Thank you! Tag: Good Morning Friends Free download software and watch software Tag: 132133
  - 12
    - Event ID 1030's I'm seeing a number of 1030's on the clients, and this in GPMC: Group Policy Infrastructure failed due to the error listed below. Overlapped I/O operation is in progress. Note: Due to the GP Core failure, none of the other Group Policy components processed their policy. Consequently, status information for the other components is not available I've verified the admin name and passowrd in DHCP manager, and checked for cached passwords to the server on the clients, and still no luck. Any other ideas? Tag: Good Morning Friends Free download software and watch software Tag: 132128
  - 13
    - repadmin /removelingeringobjects Hi, i'm getting an error message on a mailserver. event id 2042 "it has been too long since this machine last replicated with the named source machine etc etc. looking at the dates mention further down the message, the tally up to a date when a previous DC failed and was removed from the domain. hardware failed from within the DC and dcpromo was never run to remove it from the domain, and as a result a lot of messages have been appearing around the servers relating to the missing dc. The 2042 message gives 3 options, and the only relvant one refers to using repadmin to clear up any residue following the servers demise. my question is that reading up on repadmin, I'm being told that 2003 server needs to be running on "both" servers....the problem is that only one server is running and i want to clear up the mess following the server dying in the first place. Or is it just a case of repadmin actually being able to determine what and where the issue is and clearing it automatically? cheers Tag: Good Morning Friends Free download software and watch software Tag: 132127
  - 14
    - Setting the home page for all users Hi, I have the IE7 AD template installed on our DC's and am trying to set the home page, but the users IE7 is having none of it! I have gone to User Configuration > Administrative Templates > Windows Explorer > Disable changing home page settings > enable http://intranet DC - gpupdate /force User - gpupdate /force No http://intranet page any ideas? Tag: Good Morning Friends Free download software and watch software Tag: 132126
  - 15
    - Policy (GPO) Order Hi, one question about Policy (GPO) Order applying: - I have 3 policies: one enabled, the second disabled and the third disabled. The disabled policy will predominate, ok? Thanks. Luiz Tag: Good Morning Friends Free download software and watch software Tag: 132120
  - 16
    - Creating New Domain Tree in Existing Forest We just bought a company that I have to integrate into our active directory. They currently have Windows 2000 AD and I have Windows 2003 AD. How do I bring their Windows 2000 AD into my AD as a domain tree without losing their users? If you could point me to instructions on how to make this possible I would appreciate it. thanks -- dee Tag: Good Morning Friends Free download software and watch software Tag: 132117
  - 17
    - problems with single level dns name (domain) Hi a new customer has a w2k3 server on location vienna with a single level domain "intern" and no "intern.local" as normally used. we have to install a second AD-Controller an location linz (connected with vienna via a 2 MBit VPN-Tunnel). after using KB 300684 we could move the second server in the domain as member. then we installed AD on the sec. server, tested dns with nslookup, all works fine. Our problem: the user locally in linz cann't access to the local shares on the sec. AD-Controller, they get the message access denied. when i remove the AD on the second server and chance the dns entry to the vienna dns-server all works fine. workstation systemlog: source: BROWSER, err: 8021, no list from Browser, source: BROWSER, err: 8032, read fails, applicationlog: source: userenv, err: 1058, gpt.ini access denied can you help me ? Tag: Good Morning Friends Free download software and watch software Tag: 132111
  - 18
    - problem with steadystate and restricting rights from administrator I have a domain Active directory on a windows 2000 Server and I moved the rights I made on a pc with steadystate to the server with the active directory with SCTSettings.adm. Then I did some changes in the group policy at the All Windows Steadystate restrictions hopping that this will affect only to users that also have Steadystate restricting the right click on desktop, the access on C:\, and in all windows programs but this affected on the privilages of the administrator rights too!!! Now I can't have access to c:\, not to administrative programs not even right click to the workspace!!! Is there other way to have access to the gpedit (group policy editor) to change the policy again ? cause even the administrator doesn't have any rights now and... I think... this is a HUGE bug!!!! nomater what administrator shouldn't affect on any change of GROUP policy... Pls I need help imidiatly not to setup the server again cause I have 200 users to put again in active directory one by one... Tag: Good Morning Friends Free download software and watch software Tag: 132110
  - 19
    - Re: Site link configuration question.. again my bad... this should be: adfind -config -rb "CN=IP,CN=Inter-Site Transports,CN=Sites" -f "objectCategory=siteLink" siteList have not had coffee yet ;-( -- Cheers, (HOPEFULLY THIS INFORMATION HELPS YOU!) # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services # BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx ------------------------------------------------------------------------------------------ * How to ask a question --> http://support.microsoft.com/?id=555375 ------------------------------------------------------------------------------------------ * This posting is provided "AS IS" with no warranties and confers no rights! * Always test ANY suggestion in a test environment before implementing! ------------------------------------------------------------------------------------------ ################################################# ################################################# ------------------------------------------------------------------------------------------ "Jorge de Almeida Pinto [MVP - DS]" <SubstituteThisWithMyFullNameSeparatedByDots@gmail.com> wrote in message news:... > my bad... > > this should be: > adfind -config -rb "CN=IP,CN=Inter-Site Transports,CN=Sites" -f > "objectCategory=siteLink" siteObjectBL > > -- > > Cheers, > (HOPEFULLY THIS INFORMATION HELPS YOU!) > > # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services # > > BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx > BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx > ------------------------------------------------------------------------------------------ > * How to ask a question --> http://support.microsoft.com/?id=555375 > ------------------------------------------------------------------------------------------ > * This posting is provided "AS IS" with no warranties and confers no > rights! > * Always test ANY suggestion in a test environment before implementing! > ------------------------------------------------------------------------------------------ > ################################################# > ################################################# > ------------------------------------------------------------------------------------------ > "Kent" <Kent@discussions.microsoft.com> wrote in message > news:7278BC24-A71C-4CFF-8533-48BF0FC49AD3@microsoft.com... >> post the IP of the client you used >> ---------------------------------- >> 192.168.1.22 >> >> >> post NLTEST /DSGETSITE >> ---------------------- >> C:\Documents and Settings\administrator>nltest /dsgetsite >> Client >> The command completed successfully >> >> >> post NLTEST /DSGETDC:<DOMAIN> >> ----------------------------- >> C:\Documents and Settings\administrator>nltest /dsgetdc:contoso.com >> DC: \\hq-con-dc-03.contoso.com >> Address: \\192.100.0.2 >> Dom Guid: 6de92f82-4b65-4711-9abc-2e86c0ade8ed >> Dom Name: contoso.com >> Forest Name: contoso.com >> Dc Site Name: AsiaPacific >> Our Site Name: Client >> Flags: GC DS LDAP KDC TIMESERV WRITABLE DNS_DC DNS_DOMAIN >> DNS_FOREST >> CLO >> SE_SITE >> The command completed successfully >> >> >> post NLTEST /DSGETSITECOV >> ------------------------- >> C:\AdFind>nltest /dsgetsitecov >> DsGetDcSiteCoverage failed: Status = 50 0x32 ERROR_NOT_SUPPORTED >> >> >> adfind -config -rb "CN=Sites" -f "objectCategory=Site" siteObjectBL >> ------------------------------------------------------------------- >> C:\AdFind>adfind -config -rb "CN=Sites" -f "objectCategory=Site" >> siteobjectBL >> >> AdFind V01.37.00cpp Joe Richards (joe@joeware.net) June 2007 >> >> Using server: hq-con-dc-01.contoso.com:389 >> Directory: Windows Server 2003 >> Base DN: CN=Sites,CN=Configuration,DC=contoso,DC=com >> >> dn:CN=Europe,CN=Sites,CN=Configuration,DC=contoso,DC=com >>>siteObjectBL: >>>CN=10.0.0.0/8,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso,DC= >> com >> >> dn:CN=AsiaPacific,CN=Sites,CN=Configuration,DC=contoso,DC=com >>>siteObjectBL: >>>CN=192.100.0.0/24,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso >> ,DC=com >> >> dn:CN=America,CN=Sites,CN=Configuration,DC=contoso,DC=com >>>siteObjectBL: >>>CN=138.169.0.0/16,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso >> ,DC=com >> >> dn:CN=Client,CN=Sites,CN=Configuration,DC=contoso,DC=com >>>siteObjectBL: >>>CN=192.168.1.0/24,CN=Subnets,CN=Sites,CN=Configuration,DC=contoso >> ,DC=com >> >> 4 Objects returned >> >> >> adfind -config -rb "CN=IP,CN=Inter-Site Transports,CN=Sites" -f >> "objectCategory=Site" siteObjectBL >> -------------------------------------------------------------------------------------------------- >> C:\AdFind>adfind -config -rb "CN=IP,CN=Inter-Site Transports,CN=Sites" -f >> "objec >> tCategory=Site" siteobjectBL >> >> AdFind V01.37.00cpp Joe Richards (joe@joeware.net) June 2007 >> >> Using server: hq-con-dc-01.contoso.com:389 >> Directory: Windows Server 2003 >> Base DN: CN=IP,CN=Inter-Site >> Transports,CN=Sites,CN=Configuration,DC=contoso,DC= >> com >> >> 0 Objects returned >> >> "Jorge de Almeida Pinto [MVP - DS]" wrote: >> >>> >>> >>> * post the IP of the client you used >>> * post NLTEST /DSGETSITE >>> * post NLTEST /DSGETDC:<DOMAIN> >>> * post NLTEST /DSGETSITECOV >>> * adfind -config -rb "CN=Sites" -f "objectCategory=Site" siteObjectBL >>> * adfind -config -rb "CN=IP,CN=Inter-Site Transports,CN=Sites" -f >>> "objectCategory=Site" siteObjectBL >>> >>> ADFIND can be downloaded from joeware.net >>> >>> -- >>> >>> Cheers, >>> (HOPEFULLY THIS INFORMATION HELPS YOU!) >>> >>> # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services # >>> >>> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx >>> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx >>> ------------------------------------------------------------------------------------------ >>> * How to ask a question --> http://support.microsoft.com/?id=555375 >>> ------------------------------------------------------------------------------------------ >>> * This posting is provided "AS IS" with no warranties and confers no >>> rights! >>> * Always test ANY suggestion in a test environment before implementing! >>> ------------------------------------------------------------------------------------------ >>> ################################################# >>> ################################################# >>> ------------------------------------------------------------------------------------------ >>> "Kent" <Kent@discussions.microsoft.com> wrote in message >>> news:7A167365-80B5-4300-8246-D8326440E443@microsoft.com... >>> > Yes, there are currently 2 site links configured. >>> > >>> > First Site Link with the cost of 50 are configured to contain 2 HUB >>> > sites >>> > (SITEA & SITEB). >>> > Second Site Link with the cost of 80 is configured to contain 1 BO >>> > (SITEC) >>> > & >>> > 1 nearest HUB site (SITEB). >>> > >>> > I've tried with nltest and set command, the logon server for a client >>> > at >>> > SITEC is going to DC at SITEA & SITEC randomly. By right, it should >>> > only >>> > goes >>> > to DC at SITEB right as there is already a Site Link configured? >>> > >>> > Thanks. >>> > >>> > >>> > "Jorge de Almeida Pinto [MVP - DS]" wrote: >>> > >>> >> it should not matter what the costs is because the site link between >>> >> the >>> >> BO >>> >> and the HUB is always the cheapest!. Do you have other site links >>> >> configured? >>> >> use can also use NLTEST on both the client and the DC to test >>> >> configurations >>> >> >>> >> -- >>> >> >>> >> Cheers, >>> >> (HOPEFULLY THIS INFORMATION HELPS YOU!) >>> >> >>> >> # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services >>> >> # >>> >> >>> >> BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx >>> >> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx >>> >> ------------------------------------------------------------------------------------------ >>> >> * How to ask a question --> http://support.microsoft.com/?id=555375 >>> >> ------------------------------------------------------------------------------------------ >>> >> * This posting is provided "AS IS" with no warranties and confers no >>> >> rights! >>> >> * Always test ANY suggestion in a test environment before >>> >> implementing! >>> >> ------------------------------------------------------------------------------------------ >>> >> ################################################# >>> >> ################################################# >>> >> ------------------------------------------------------------------------------------------ >>> >> "Kent" <Kent@discussions.microsoft.com> wrote in message >>> >> news:B7DFA04D-45B2-4E35-9FB6-D6C3574E2DE6@microsoft.com... >>> >> > Hi Jorge, >>> >> > Thanks for your advice below. >>> >> > >>> >> > I've tested out the 1st solution in virtual environment (without >>> >> > site >>> >> > aware >>> >> > apps), and it's working perfectly. >>> >> > >>> >> > However, when i test out the 2nd solution it seems that the >>> >> > authentication >>> >> > is not consistent. Let me brief you on my virtual setup. >>> >> > >>> >> > - 3 sites = SiteA (with 1 domain controller), SiteB (with 1 domain >>> >> > controller), SiteC (clients without domain controller) >>> >> > - SiteA & SiteB is in the same Site Link with a cost of 20 >>> >> > - SiteB & SiteC is in the same Site Link with a cost of 50 >>> >> > >>> >> > When a XP machine from SiteC is logging on to the domain, it should >>> >> > be >>> >> > authenticating to domain controller at SiteB but sometimes it's >>> >> > going >>> >> > to >>> >> > domain controller at SiteA. >>> >> > >>> >> > But when changing the Site Link cost of 50 to 15 (SiteB & SiteC), >>> >> > authentication is constantly going to domain controller at SiteB >>> >> > (which >>> >> > is >>> >> > what i want). So, my question is whether is it correct to have >>> >> > lower >>> >> > cost >>> >> > between Branch and HUB than HUB to HUB? >>> >> > >>> >> > Appreciate your advice on this. >>> >> > Thanks again. >>> >> > >>> >> > >>> >> > "Jorge de Almeida Pinto [MVP - DS]" wrote: >>> >> > >>> >> >> in that case I would: >>> >> >> * create an AD site for each HUB >>> >> >> * create an AD site link and put the HUBs in it >>> >> >> * create an AD subnet for each subnet at one HUB and link it to >>> >> >> the AD >>> >> >> site >>> >> >> of the corresponding HUB >>> >> >> * create an AD subnet for each subnet at the branch offices and >>> >> >> link >>> >> >> it >>> >> >> to >>> >> >> the AD site of the nearest HUB >>> >> >> >>> >> >> this way client at a branch office will use the nearest HUB >>> >> >> >>> >> >> if you were to have site aware apps in the branch office site I >>> >> >> would: >>> >> >> * create an AD site for each HUB >>> >> >> * create an AD site for each branch office (BO) >>> >> >> * create an AD subnet for each subnet at one HUB and link it to >>> >> >> the AD >>> >> >> site >>> >> >> of the corresponding HUB >>> >> >> * create an AD subnet for each subnet at one BO and link it to the >>> >> >> AD >>> >> >> site >>> >> >> of the corresponding BO >>> >> >> * create an AD site link for each BO and its nearest HUB >>> >> >> in this last scenario the DCs in the HUB will register SRV records >>> >> >> in >>> >> >> the >>> >> >> linked BOs and therefore service those BOs as you want >>> >> >> >>> >> >> -- >>> >> >> >>> >> >> Cheers, >>> >> >> (HOPEFULLY THIS INFORMATION HELPS YOU!) >>> >> >> >>> >> >> # Jorge de Almeida Pinto # MVP Identity & Access - Directory >>> >> >> Services >>> >> >> # >>> >> >> >>> >> >> BLOG (WEB-BASED)--> >>> >> >> http://blogs.dirteam.com/blogs/jorge/default.aspx >>> >> >> BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx >>> >> >> ------------------------------------------------------------------------------------------ >>> >> >> * How to ask a question --> >>> >> >> http://support.microsoft.com/?id=555375 >>> >> >> ------------------------------------------------------------------------------------------ >>> >> >> * This posting is provided "AS IS" with no warranties and confers >>> >> >> no >>> >> >> rights! >>> >> >> * Always test ANY suggestion in a test environment before >>> >> >> implementing! >>> >> >> ------------------------------------------------------------------------------------------ >>> >> >> ################################################# >>> >> >> ################################################# >>> >> >> ------------------------------------------------------------------------------------------ >>> >> >> "Kent" <Kent@discussions.microsoft.com> wrote in message >>> >> >> news:4CC9443D-62AC-4307-AF6B-B71ADBEB8539@microsoft.com... >>> >> >> > Hello, >>> >> >> > Yes, subnets are defined correctly and linked to the correct >>> >> >> > sites. >>> >> >> > Branch sites does not have any DC and no apps like DFS, MSMQ, >>> >> >> > etc is >>> >> >> > installed. >>> >> >> > >>> >> >> > So are there any good ideas for me get the logon authentication >>> >> >> > to >>> >> >> > work >>> >> >> > correctly? >>> >> >> > Thanks >>> >> >> > >>> >> >> > >>> >> >> > "dave m" wrote: >>> >> >> > >>> >> >> >> I assume, and hate to, that there is only a single domain >>> >> >> >> involved >>> >> >> >> here. >>> >> >> >> >>> >> >> >> dave Admin >>> >> >> >> >>> >> >> >> >>> >> >> >> "Kent" <Kent@discussions.microsoft.com> wrote in message >>> >> >> >> news:1CCC2FC3-6F2E-4F58-92B3-7A858F054CFC@microsoft.com... >>> >> >> >> > Hi All, >>> >> >> >> > I would like to seek some opinions from AD experts regarding >>> >> >> >> > my >>> >> >> >> > scenario >>> >> >> >> > below: >>> >> >> >> > >>> >> >> >> > Scenario: >>> >> >> >> > --------- >>> >> >> >> > 1. Active Directory contains 8 domain controllers (all >>> >> >> >> > configured >>> >> >> >> > as >>> >> >> >> > GC), >>> >> >> >> > 4 >>> >> >> >> > located at UK data centre and 4 more located at Singpapore >>> >> >> >> > data >>> >> >> >> > centre. >>> >> >> >> > 2. There are around 20 sites created on AD which are located >>> >> >> >> > at >>> >> >> >> > Asia >>> >> >> >> > Pacific >>> >> >> >> > region and around 40 sites created on AD which are located at >>> >> >> >> > Europe >>> >> >> >> > & >>> >> >> >> > America region. >>> >> >> >> > 3. I want to ensure computers at sites located at Asia >>> >> >> >> > Pacific >>> >> >> >> > will >>> >> >> >> > authenticate to domain controllers at Singapore data centre >>> >> >> >> > and >>> >> >> >> > computers >>> >> >> >> > at >>> >> >> >> > sites located at Europe/America to authenticate to domain >>> >> >> >> > controllers >>> >> >> >> > at >>> >> >> >> > UK >>> >> >> >> > data centre. >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > Current setup: >>> >> >> >> > -------------- >>> >> >> >> > 1. Site link between Singapore DC and UK DC is having a cost >>> >> >> >> > of >>> >> >> >> > 10. >>> >> >> >> > 2. A site link is configured to contain multiple sites from >>> >> >> >> > Asia >>> >> >> >> > Pacific >>> >> >> >> > to >>> >> >> >> > Singapore DC with a cost of 50. This is the same to >>> >> >> >> > Europe/America >>> >> >> >> > site >>> >> >> >> > link >>> >> >> >> > but it's configured to UK DC instead of Singapore one (with a >>> >> >> >> > cost >>> >> >> >> > of >>> >> >> >> > 50 >>> >> >> >> > as >>> >> >> >> > well). >>> >> >> >> > 3. The problem with this setup is users are authenticating to >>> >> >> >> > different >>> >> >> >> > domain controllers, sometime to Singapore then UK. >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > My suggestion is to: >>> >> >> >> > -------------------- >>> >> >> >> > 1. Configure 2 site links for 1 site with different costing. >>> >> >> >> > Example: >>> >> >> >> > Site >>> >> >> >> > A >>> >> >> >> > is located at Asia Pacific, computers at Site A must >>> >> >> >> > authenticate >>> >> >> >> > to >>> >> >> >> > domain >>> >> >> >> > controllers at Singapore data centre so i will create a Site >>> >> >> >> > Link >>> >> >> >> > to >>> >> >> >> > Singapore DC site with cost of 40 and another Site Link to UK >>> >> >> >> > site >>> >> >> >> > with >>> >> >> >> > cost >>> >> >> >> > of 80. This would ensure the logon authentication will go to >>> >> >> >> > the >>> >> >> >> > correct >>> >> >> >> > domain controllers. >>> >> >> >> > 2. Site Link betwenn Singapore DC and UK DC will have a cost >>> >> >> >> > of >>> >> >> >> > 10. >>> >> >> >> > >>> >> >> >> > >>> >> >> >> > But i'm not sure whether is this solution practical because >>> >> >> >> > it'll >>> >> >> >> > create >>> >> >> >> > alot of Site Links on Active Directory. >>> >> >> >> > Anyone can give some suggestions? >>> >> >> >> > >>> >> >> >> > Thanks in advance. >>> >> >> >> > >>> >> >> >> > >>> >> >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >>> >> >> >>> >> >>> >> >>> >>> > Tag: Good Morning Friends Free download software and watch software Tag: 132108
  - 20
    - watch actress sexy photo from movie clips and watch actress profile watch actress sexy photo from movie clips and watch actress profile http://priyamaniforyou.blogspot.com/ Tag: Good Morning Friends Free download software and watch software Tag: 132100
  - 21
    - How to remove\add workstation from\to domain remotely? How to remove\add workstation from\to domain remotely? Tag: Good Morning Friends Free download software and watch software Tag: 132098
  - 22
    - Unable to create Domain on Server 2008 When running 'dcpromo' I receive the following error: 'The new domain cannot be created because the local Administrator account password does not meet requirements.' I have tried multiple passwords using 6 or more Upper case, Lower case, & Special characters. This is a new server setup with no existing domains. Tag: Good Morning Friends Free download software and watch software Tag: 132094
  - 23
    - Restricting Trusted Domain user login hour Hi there, I was wondering if there is anyway to limit user's logon hour by configuring AD Domain A while the user account is in a trusted Domain B please? What I have got is a computer lab with all computers and network resources belonging to Domain A. Domain A trusted Domain B (with the same forest), hence users from Domain B can log onto computers in the lab. Now we want to limit users from using the lab after hour. I know I can set the logon hours for the users in AD User and Computer in Domain B but I only want to limit their access to computers in Domain A, not the entire organization/AD forest. Is there a way to control that within Domain A please? Thanks, Edmond. Tag: Good Morning Friends Free download software and watch software Tag: 132093
  - 24
    - Password policy We have Windows 2003 domain and we are in the process of implementing password policy across the domain. What will be the suggested/ recommended pathway to exclude administrator/ special purpose admin related accouts from this password policy? Thanks Tag: Good Morning Friends Free download software and watch software Tag: 132078
  - 25
    - Automate home directory for a new user All, How can I automate the creation of a users home directory, when the user is created in AD? I am not wanting to use the my documents folder redirection, but rather still with standard drive mappings. Thanks! Tag: Good Morning Friends Free download software and watch software Tag: 132077

Good Morning Friends
Free download software and
watch software profile

http://priyamaniforyou.blogspot.com/

Top