[ActiveDir] Granular permissions : user objects
MessageHi, all. Active Directory, Windows 2000, SP3, no exchange prep. Please restrain yourselves from asking *why* do you want to do this?. If you'd like to know, give me a shout offlist. I need to grant permissions for SELF to change the First Name and Last Name (givenName, sn in LDAP notation) attributes in AD. My worry is that in the granular permissions settings for a user object, I can't see any reference to Last Name (nor Surname, nor or any other aliases I am familiar with). I can see and set (amongst the numerous other permissions settings) Read First Name Write First Name Read Middle Name Write Middle Name ... even the oh-so-useful ... Read/Write International ISDN number (others) ... but try as I might, I can't find the switch for the Last Name field. I can presumably work around it by giving SELF permissions to Write Personal Information, and then denying the things which I don't want them to be able to change, but that doesn't seem very elegant or intuitive. Is that the way it should be? I've looked in vain for documenation and can't find anything. I've looked in a couple of other domains and the situation is the same, even when including Exchange Schema extensions. The way I'm getting to the permisisons is via the AD UC plugin for MMC. Right click user object - properties security tab advanced... add... SELF properties tab If anyone knows what happened to the Last Name switch, or whether its simply not supposed to be there, please let me know! All the best, Andy List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Granular permissions : user objects
Not every property of an object is listed in the Active Directory Users and Computers interface. The number of properties is quite large so the interface only displays those that are commonly used for controlling access. This makes the list easier to manage. The list of filtered object types and properties is kept in the file, %systemroot%\System32\Dssec.dat You can modify the behavior of the filter by changing the values associated with the properties. For example, if you wanted to delegate the right to unlock accounts you first need to change the value of the lockoutTime entry in the [user] section of the file from lockoutTime=7 to lockoutTime=0. To make the last name property visible, I believe you need to change the value of sn in the [user] section of the file from 7 to 0. I have not tested this however. You have the following choices to specify values: Property=7: The property is not included. Property=6: Read property is included. Property=5: Write property is included. Property=0: Both Read property and Write property are included. The property is not included in DSSec.Dat: Both Read property and Write property are included. You must modify the Dssec.dat file on the computer on which you are running ADUC. It is a good idea to make a copy of the file first before making any changes. For further reading on this, please see the following Microsoft documents: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/AD/windows2000/deploy/confeat/securead.asp http://support.microsoft.com/default.aspx?scid=kb;EN-US;q294952 Tony -- Original Message -- From: Andy Grafton [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: Tue, 12 Nov 2002 10:27:17 +0100 MessageHi, all. Active Directory, Windows 2000, SP3, no exchange prep. Please restrain yourselves from asking *why* do you want to do this?. If you'd like to know, give me a shout offlist. I need to grant permissions for SELF to change the First Name and Last Name (givenName, sn in LDAP notation) attributes in AD. My worry is that in the granular permissions settings for a user object, I can't see any reference to Last Name (nor Surname, nor or any other aliases I am familiar with). I can see and set (amongst the numerous other permissions settings) Read First Name Write First Name Read Middle Name Write Middle Name ... even the oh-so-useful ... Read/Write International ISDN number (others) ... but try as I might, I can't find the switch for the Last Name field. I can presumably work around it by giving SELF permissions to Write Personal Information, and then denying the things which I don't want them to be able to change, but that doesn't seem very elegant or intuitive. Is that the way it should be? I've looked in vain for documenation and can't find anything. I've looked in a couple of other domains and the situation is the same, even when including Exchange Schema extensions. The way I'm getting to the permisisons is via the AD UC plugin for MMC. Right click user object - properties security tab advanced... add... SELF properties tab If anyone knows what happened to the Last Name switch, or whether its simply not supposed to be there, please let me know! All the best, Andy List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Granular permissions : user objects
Last name is sn for Surname. You can use a script with PutEx for this, I think. Amit Zinman Systems Consultant Integrity Systems [EMAIL PROTECTED] 03-7522424 058-326753 -Original Message- From: Andy Grafton [mailto:orangerover;hotmail.com] Sent: Tuesday, November 12, 2002 11:27 AM To: [EMAIL PROTECTED] Subject: [ActiveDir] Granular permissions : user objects MessageHi, all. Active Directory, Windows 2000, SP3, no exchange prep. Please restrain yourselves from asking *why* do you want to do this?. If you'd like to know, give me a shout offlist. I need to grant permissions for SELF to change the First Name and Last Name (givenName, sn in LDAP notation) attributes in AD. My worry is that in the granular permissions settings for a user object, I can't see any reference to Last Name (nor Surname, nor or any other aliases I am familiar with). I can see and set (amongst the numerous other permissions settings) Read First Name Write First Name Read Middle Name Write Middle Name ... even the oh-so-useful ... Read/Write International ISDN number (others) ... but try as I might, I can't find the switch for the Last Name field. I can presumably work around it by giving SELF permissions to Write Personal Information, and then denying the things which I don't want them to be able to change, but that doesn't seem very elegant or intuitive. Is that the way it should be? I've looked in vain for documenation and can't find anything. I've looked in a couple of other domains and the situation is the same, even when including Exchange Schema extensions. The way I'm getting to the permisisons is via the AD UC plugin for MMC. Right click user object - properties security tab advanced... add... SELF properties tab If anyone knows what happened to the Last Name switch, or whether its simply not supposed to be there, please let me know! All the best, Andy List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] OT: Exchange -1018 Error
Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
So let's see. You call PSS, and then argue with what they're telling you to do.. Hmmm.. -1018 errors are database corruption, and the only fix it to go back to tape before the corruption. Sounds pretty logical to me. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
I had a somewhat similar situation. The difference being that my backups were not working correctly (another story). So restoring a good backup of the exchange db was not possible. I ended resolving the issue by ESEUTIL /P to repair the db errors and later running ISINTEG -fix a couple of times to remove any leftover db corruption from the hard repair process (ie ESEUTIL). That worked. But it was a very long night before I got the database mounted correctly again. Needless to say, ensuring that backups are running correctly, and even performing a test restore, are EXTREMELY important. good luck Luis Aguilera IT Manager BaseSix -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Tuesday, November 12, 2002 9:06 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error So let's see. You call PSS, and then argue with what they're telling you to do.. Hmmm.. -1018 errors are database corruption, and the only fix it to go back to tape before the corruption. Sounds pretty logical to me. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Granular permissions : user objects
Tony your advice was spot on. Changing the values as suggested got me what I wanted. Now I can add anything I like to the Permissions list in the dialogue box (and, in fact, remove those I don't like!), which means that we can stick with a standard and easily understandable interface. Many thanks, Andy - Original Message - From: Tony Murray [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, November 12, 2002 10:59 AM Subject: Re: [ActiveDir] Granular permissions : user objects Not every property of an object is listed in the Active Directory Users and Computers interface. The number of properties is quite large so the interface only displays those that are commonly used for controlling access. This makes the list easier to manage. The list of filtered object types and properties is kept in the file, %systemroot%\System32\Dssec.dat You can modify the behavior of the filter by changing the values associated with the properties. For example, if you wanted to delegate the right to unlock accounts you first need to change the value of the lockoutTime entry in the [user] section of the file from lockoutTime=7 to lockoutTime=0. To make the last name property visible, I believe you need to change the value of sn in the [user] section of the file from 7 to 0. I have not tested this however. You have the following choices to specify values: Property=7: The property is not included. Property=6: Read property is included. Property=5: Write property is included. Property=0: Both Read property and Write property are included. The property is not included in DSSec.Dat: Both Read property and Write property are included. You must modify the Dssec.dat file on the computer on which you are running ADUC. It is a good idea to make a copy of the file first before making any changes. For further reading on this, please see the following Microsoft documents: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechn ol/AD/windows2000/deploy/confeat/securead.asp http://support.microsoft.com/default.aspx?scid=kb;EN-US;q294952 Tony -- Original Message -- From: Andy Grafton [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] Date: Tue, 12 Nov 2002 10:27:17 +0100 MessageHi, all. Active Directory, Windows 2000, SP3, no exchange prep. Please restrain yourselves from asking *why* do you want to do this?. If you'd like to know, give me a shout offlist. I need to grant permissions for SELF to change the First Name and Last Name (givenName, sn in LDAP notation) attributes in AD. My worry is that in the granular permissions settings for a user object, I can't see any reference to Last Name (nor Surname, nor or any other aliases I am familiar with). I can see and set (amongst the numerous other permissions settings) Read First Name Write First Name Read Middle Name Write Middle Name ... even the oh-so-useful ... Read/Write International ISDN number (others) ... but try as I might, I can't find the switch for the Last Name field. I can presumably work around it by giving SELF permissions to Write Personal Information, and then denying the things which I don't want them to be able to change, but that doesn't seem very elegant or intuitive. Is that the way it should be? I've looked in vain for documenation and can't find anything. I've looked in a couple of other domains and the situation is the same, even when including Exchange Schema extensions. The way I'm getting to the permisisons is via the AD UC plugin for MMC. Right click user object - properties security tab advanced... add... SELF properties tab If anyone knows what happened to the Last Name switch, or whether its simply not supposed to be there, please let me know! All the best, Andy List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Monitoring AD
Well following on from this I'll mention Big Brother - we use it on 100 plus servers, Windows and Unix. Its Open Source and its free. There's a fairly rich set of scripts that have been developed and shared by the user community to cater for those things not monitored by the basic product. dave -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: 12 November 2002 14:24 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well, you beat me to my response to Roger about the big Framework providers. In order to get true cross platform monitoring you'll need to look at BMC, Tivoli, CA or HPOV. NetIQ is quickly moving into that arena, but I am not aware of any plans for them to monitor the OS/390 or ZOS. What do all four of the big monitoring products have in common? They all stink. All four have spent a great deal of time and money trying to be all things to all people that they've failed horribly to do any actual monitoring. While they may tout their flexibility to monitor everything, they've sacrificed ease of deployment. BMC, Tivoli and CA are especially guilty of this. Industry analysts [1] estimate that the actual cost of deployment is 4-6 times the cost of the product and these products aren't cheap. They also require a great deal of development time and expertise to get working properly. Two of my favorite quotes about Tivoli are: Tivoli, everything is just a script away. You of course have to write your own script. and Tivoli sells you a product and tell you it's a beautiful house. Then they hand you some acorns and a pile of sh!t and expect you to build it yourself. I think you've got the right idea Marco. The so called niche players in the field have done a much better job gathering detailed performance and pro-active monitoring. This data can be used by the people running the servers. I don't need a ping test to tell me if the server is down. A mail server goes out and my phone is ringing before the alert gets to me. The critical errors or failures get fed up to the framework. Here's where the framework folks need to do their job by correlating events. Mail server in site A is down. Is it the server, the network, or another service that has failed? The frameworks (with a ton of work) can take the information fed to it from down level monitoring applications and correlate that information to let you know where the problem is. If you get real good at this stuff, you can even get into the predictive failure business. For those companies that decide that you can do everything with one vendor, they are severely mistaken. -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Monday, November 11, 2002 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does anyone have experience in implementing AD monitoring using Tivoli and NetIQ? What we're planning to do is use NetIQ for the first layer (pro-active monitoring, performance, etc.) of AD monitoring and get NetIQ to forward alerts of certain categories (service impact events) to Tivoli. I'd appreciate if someone with experience in this kind of environment could exchange some information regarding counters/components to monitor and thresholds. I believe this could also be useful for this original posting. Marco Bombardi -Original Message- From: Abbiss, Mark [mailto:Mark.Abbiss;eads.net] Sent: Monday, November 11, 2002 6:54 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Check out eQ by Heroix (www.heroix.com) Bloody good product, bloody excellent support and a fraction of the prce of its bloated competitiors. Mark Abbiss -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Montag, 11. November 2002 15:01 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Do you actually *read* posts before pimping Sunbelt products? Well, MOM's out as our mandate is to have a monitoring product that is cross platform (we also have various flavors of UNIX and some big iron). To hit this kind of scope, you have to look at probably BMC Patrol, HP OpenView, Tivoli TME or CompAss Unicenter. I don't believe that NetIQ can cover mainframes, although last I checked they do cover some Unix stuff. I'd agree, however, that just straight ping testing isn't enough for most environments. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Saturday, November 09, 2002 10:02 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Monitoring AD http://www.sunbelt-software.com/search_category.cfm#ADI -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Mike Baudino Sent:
RE: [ActiveDir] Monitoring AD
Agreed, except that it is not free for commercial use. -Original Message- From: Thornley, Dave H [mailto:D.H.Thornley;shu.ac.uk] Sent: Tuesday, November 12, 2002 4:02 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well following on from this I'll mention Big Brother - we use it on 100 plus servers, Windows and Unix. Its Open Source and its free. There's a fairly rich set of scripts that have been developed and shared by the user community to cater for those things not monitored by the basic product. dave -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: 12 November 2002 14:24 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well, you beat me to my response to Roger about the big Framework providers. In order to get true cross platform monitoring you'll need to look at BMC, Tivoli, CA or HPOV. NetIQ is quickly moving into that arena, but I am not aware of any plans for them to monitor the OS/390 or ZOS. What do all four of the big monitoring products have in common? They all stink. All four have spent a great deal of time and money trying to be all things to all people that they've failed horribly to do any actual monitoring. While they may tout their flexibility to monitor everything, they've sacrificed ease of deployment. BMC, Tivoli and CA are especially guilty of this. Industry analysts [1] estimate that the actual cost of deployment is 4-6 times the cost of the product and these products aren't cheap.. They also require a great deal of development time and expertise to get working properly. Two of my favorite quotes about Tivoli are: Tivoli, everything is just a script away. You of course have to write your own script. and Tivoli sells you a product and tell you it's a beautiful house. Then they hand you some acorns and a pile of sh!t and expect you to build it yourself. I think you've got the right idea Marco. The so called niche players in the field have done a much better job gathering detailed performance and pro-active monitoring. This data can be used by the people running the servers. I don't need a ping test to tell me if the server is down. A mail server goes out and my phone is ringing before the alert gets to me. The critical errors or failures get fed up to the framework. Here's where the framework folks need to do their job by correlating events. Mail server in site A is down. Is it the server, the network, or another service that has failed? The frameworks (with a ton of work) can take the information fed to it from down level monitoring applications and correlate that information to let you know where the problem is. If you get real good at this stuff, you can even get into the predictive failure business. For those companies that decide that you can do everything with one vendor, they are severely mistaken. -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Monday, November 11, 2002 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does anyone have experience in implementing AD monitoring using Tivoli and NetIQ? What we're planning to do is use NetIQ for the first layer (pro-active monitoring, performance, etc.) of AD monitoring and get NetIQ to forward alerts of certain categories (service impact events) to Tivoli. I'd appreciate if someone with experience in this kind of environment could exchange some information regarding counters/components to monitor and thresholds. I believe this could also be useful for this original posting. Marco Bombardi -Original Message- From: Abbiss, Mark [mailto:Mark.Abbiss;eads.net] Sent: Monday, November 11, 2002 6:54 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Check out eQ by Heroix (www.heroix.com) Bloody good product, bloody excellent support and a fraction of the prce of its bloated competitiors. Mark Abbiss -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Montag, 11. November 2002 15:01 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Do you actually *read* posts before pimping Sunbelt products? Well, MOM's out as our mandate is to have a monitoring product that is cross platform (we also have various flavors of UNIX and some big iron). To hit this kind of scope, you have to look at probably BMC Patrol, HP OpenView, Tivoli TME or CompAss Unicenter. I don't believe that NetIQ can cover mainframes, although last I checked they do cover some Unix stuff. I'd agree, however, that just straight ping testing isn't enough for most environments. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Saturday, November 09, 2002 10:02 AM To:
RE: [ActiveDir] OT: Exchange -1018 Error
Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
Well of course, once the logs fill up and crash the drive, your users will have problems then :0 I would definitely stick with PSS on this. Just curious however, have you attempted a full online backup with plain ol NTBACKUP? -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive:
RE: [ActiveDir] OT: Exchange -1018 Error
No I haven't -Original Message- From: Andy David [mailto:DavidA;veronissuhler.com] Sent: Tuesday, November 12, 2002 10:21 AM To: '[EMAIL PROTECTED]' Subject:RE: [ActiveDir] OT: Exchange -1018 Error Well of course, once the logs fill up and crash the drive, your users will have problems then :0 I would definitely stick with PSS on this. Just curious however, have you attempted a full online backup with plain ol NTBACKUP? -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm
RE: [ActiveDir] LDAP Display Name for Security Properties
Title: Message This is an example of why it would be nice if the object GUID of the security principal that performed the write was included in the metadata for themodified object. I mentioned this to one of the AD developers during the MEC AD Community session, and he said he would take it back to the AD team. On arelated note, if the object GUID of the writer was included in the metadata, then all that would be needed to have a complete change log history of objects stored in the metadata would be the before and after valuesofmodified attributes. Granted, this could greatly increase the size of the DIT, especially over time, but I think it would be cool to have as an option ;-) And yes some of this can be done with the dirsync control and change notifications, but it would be nice if it was stored directly in AD. Robbie Allen -Original Message-From: Rick Kingslan [mailto:[EMAIL PROTECTED]] Sent: Monday, November 11, 2002 3:02 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] LDAP Display Name for Security Properties Rick, Unfortunately, if we are talking about the same dialog box with the ACL and the ACE's (in advance view) these are Security Principals with permissions that they have on this object. It's likely that one of these objects DID join it to the domain, but if it was the Domain Administrators group, and there are 5 members, which member performed the join of the computer? Maybe someone esle can provide better or more complete information, but I don't believe that there is any information that will tell you which Security Principal actually joined a computer to the domain. This is even compunded further by the fact that BY DEFAULT any user can join up to 10 machines to the domain, IIRC. Now, the problem gets even more difficult to track. Auditing is the only way to confirm who did what - but that, again, assumes that auditing was on, configured, and the logs are available. Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jones, Rick J.(Desktop Engineering)Sent: Monday, November 11, 2002 1:50 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] LDAP Display Name for Security Properties Anyone know the LDAP Display Name for the security properties on a Computer Account? When I open Active Directory Computers and Users and right click on a computer account, click on security (with advanced options turned on) I get a list of accounts. One of those is the account name that was used to join the computer to the domain (I believe), what I need to do is be able to query that information so we can find out who joined these computers to the domain. Rick J. Jones
RE: [ActiveDir] Monitoring AD
Oops - one of the benefits of working for a university Their 'Better then Free' licence might still exempt you from paying for all copies you install though dave -Original Message- From: Andries Thijssen [mailto:Andries.Thijssen;infopulse.nl] Sent: 12 November 2002 15:18 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Agreed, except that it is not free for commercial use. -Original Message- From: Thornley, Dave H [mailto:D.H.Thornley;shu.ac.uk] Sent: Tuesday, November 12, 2002 4:02 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well following on from this I'll mention Big Brother - we use it on 100 plus servers, Windows and Unix. Its Open Source and its free. There's a fairly rich set of scripts that have been developed and shared by the user community to cater for those things not monitored by the basic product. dave -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: 12 November 2002 14:24 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well, you beat me to my response to Roger about the big Framework providers. In order to get true cross platform monitoring you'll need to look at BMC, Tivoli, CA or HPOV. NetIQ is quickly moving into that arena, but I am not aware of any plans for them to monitor the OS/390 or ZOS. What do all four of the big monitoring products have in common? They all stink. All four have spent a great deal of time and money trying to be all things to all people that they've failed horribly to do any actual monitoring. While they may tout their flexibility to monitor everything, they've sacrificed ease of deployment. BMC, Tivoli and CA are especially guilty of this. Industry analysts [1] estimate that the actual cost of deployment is 4-6 times the cost of the product and these products aren't cheap.. They also require a great deal of development time and expertise to get working properly. Two of my favorite quotes about Tivoli are: Tivoli, everything is just a script away. You of course have to write your own script. and Tivoli sells you a product and tell you it's a beautiful house. Then they hand you some acorns and a pile of sh!t and expect you to build it yourself. I think you've got the right idea Marco. The so called niche players in the field have done a much better job gathering detailed performance and pro-active monitoring. This data can be used by the people running the servers. I don't need a ping test to tell me if the server is down. A mail server goes out and my phone is ringing before the alert gets to me. The critical errors or failures get fed up to the framework. Here's where the framework folks need to do their job by correlating events. Mail server in site A is down. Is it the server, the network, or another service that has failed? The frameworks (with a ton of work) can take the information fed to it from down level monitoring applications and correlate that information to let you know where the problem is. If you get real good at this stuff, you can even get into the predictive failure business. For those companies that decide that you can do everything with one vendor, they are severely mistaken. -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Monday, November 11, 2002 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does anyone have experience in implementing AD monitoring using Tivoli and NetIQ? What we're planning to do is use NetIQ for the first layer (pro-active monitoring, performance, etc.) of AD monitoring and get NetIQ to forward alerts of certain categories (service impact events) to Tivoli. I'd appreciate if someone with experience in this kind of environment could exchange some information regarding counters/components to monitor and thresholds. I believe this could also be useful for this original posting. Marco Bombardi -Original Message- From: Abbiss, Mark [mailto:Mark.Abbiss;eads.net] Sent: Monday, November 11, 2002 6:54 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Check out eQ by Heroix (www.heroix.com) Bloody good product, bloody excellent support and a fraction of the prce of its bloated competitiors. Mark Abbiss -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Montag, 11. November 2002 15:01 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Do you actually *read* posts before pimping Sunbelt products? Well, MOM's out as our mandate is to have a monitoring product that is cross platform (we also have various flavors of UNIX and some big iron). To hit this kind of scope, you have to look at probably BMC Patrol, HP OpenView, Tivoli TME or CompAss Unicenter. I don't believe that NetIQ can cover mainframes, although last I checked they do cover some Unix stuff. I'd agree, however, that just straight ping
RE: [ActiveDir] OT: Exchange -1018 Error
Title: RE: [ActiveDir] OT: Exchange -1018 Error Having been through this myself I'm only going to add my condolences. One of our administrators was using her Deleted Items folder to store all the stuff she wanted to keep. It was a classic from the CDW commercialsFred? Where do you put all the e-mail I delete? Unfortunately, our DLT system had never been tested and our first good backup was a week old. Poor planning on our part. I found myself spending the night in the NOC doing eseutil commands on a 16Gb database and it was taking 6 hours for any successful manipulation. (Copy over network to working drive, perform ese..., recopy back to production drive, test for completeness, etc, etc) I have a 3 inch binder of MS Knowledgebase Articles about recovering Exch5.5. It's been well-thumbed and marked in the margins. Good Luck. Al A small community college in California. -Original Message- From: Burns, Clyde [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 7:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
That is correct - logs don't get flushed unless you do a full backup, not a differential. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error What backup product are you using? Backup Exec gave us this problem. We had to set up a separate backup job for Exchange specifying a Full backup and commit logs. When Exchange was part of a differential backup, even though the Exchange portion of the backup job was specified as a full backup and commit logs, the logs were not committed. -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info
RE: [ActiveDir] OT: Exchange -1018 Error
8.5 and Exchange 2000 -Original Message- From: Andy David [mailto:DavidA;veronissuhler.com] Sent: Tuesday, November 12, 2002 12:47 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error What version are using? I run differential file backups every weekday along with full Exchange backups in the same job w/o issue. -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error What backup product are you using? Backup Exec gave us this problem. We had to set up a separate backup job for Exchange specifying a Full backup and commit logs. When Exchange was part of a differential backup, even though the Exchange portion of the backup job was specified as a full backup and commit logs, the logs were not committed. -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm
RE: [ActiveDir] OT: Exchange -1018 Error
Thanks for the info, I have asked MS by e-mail if I could do a eseutil /mh priv.mdb output.txt, if they say yes I will do it tonight. Also I do not have circular logging enabled. -Original Message- From: Burns, Clyde [mailto:Clyde.Burns;nortonhealthcare.org] Sent: Tuesday, November 12, 2002 10:19 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
You may want to upgrade to 8.6 + latest build. Whether that is an issue with 8.5, I do not know, but there are a heck of a lot of fixes in 8.6 -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 1:00 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error 8.5 and Exchange 2000 -Original Message- From: Andy David [mailto:DavidA;veronissuhler.com] Sent: Tuesday, November 12, 2002 12:47 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error What version are using? I run differential file backups every weekday along with full Exchange backups in the same job w/o issue. -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error What backup product are you using? Backup Exec gave us this problem. We had to set up a separate backup job for Exchange specifying a Full backup and commit logs. When Exchange was part of a differential backup, even though the Exchange portion of the backup job was specified as a full backup and commit logs, the logs were not committed. -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go?
RE: [ActiveDir] OT: Exchange -1018 Error
Title: RE: [ActiveDir] OT: Exchange -1018 Error When you went through it did you have your users working with out problems. My users are currently experiencing no problems -Original Message- From: Al Garrett [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 11:16 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error Having been through this myself I'm only going to add my condolences. One of our administrators was using her Deleted Items folder to store all the stuff she wanted to keep. It was a classic from the CDW commercialsFred? Where do you put all the e-mail I delete? Unfortunately, our DLT system had never been tested and our first good backup was a week old. Poor planning on our part. I found myself spending the night in the NOC doing eseutil commands on a 16Gb database and it was taking 6 hours for any successful manipulation. (Copy over network to working drive, perform ese..., recopy back to production drive, test for completeness, etc, etc) I have a 3 inch binder of MS Knowledgebase Articles about recovering Exch5.5. It's been well-thumbed and marked in the margins. Good Luck. Al A small community college in California. -Original Message- From: Burns, Clyde [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 7:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
RE: [ActiveDir] OT: Exchange -1018 Error
Roger, I don't think you read the last message completely. Exchange was set to do a Full backup and Flush the logs, but that job specification was part of a file system differential job. -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Tuesday, November 12, 2002 12:51 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error That is correct - logs don't get flushed unless you do a full backup, not a differential. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error What backup product are you using? Backup Exec gave us this problem. We had to set up a separate backup job for Exchange specifying a Full backup and commit logs. When Exchange was part of a differential backup, even though the Exchange portion of the backup job was specified as a full backup and commit logs, the logs were not committed. -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of
RE: [ActiveDir] OT: Exchange -1018 Error
Which can't work. Especially with ArcServe. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 1:01 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Roger, I don't think you read the last message completely. Exchange was set to do a Full backup and Flush the logs, but that job specification was part of a file system differential job. -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Tuesday, November 12, 2002 12:51 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error That is correct - logs don't get flushed unless you do a full backup, not a differential. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 10:05 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error What backup product are you using? Backup Exec gave us this problem. We had to set up a separate backup job for Exchange specifying a Full backup and commit logs. When Exchange was part of a differential backup, even though the Exchange portion of the backup job was specified as a full backup and commit logs, the logs were not committed. -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database
RE: [ActiveDir] Monitoring AD
Sounds good to me. Thank you for your message. Marco Bombardi Globe Center AMS Infrastructure Technology [EMAIL PROTECTED] Office: +1 818 549.6153 -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: Tuesday, November 12, 2002 6:24 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well, you beat me to my response to Roger about the big Framework providers. In order to get true cross platform monitoring you'll need to look at BMC, Tivoli, CA or HPOV. NetIQ is quickly moving into that arena, but I am not aware of any plans for them to monitor the OS/390 or ZOS. What do all four of the big monitoring products have in common? They all stink. All four have spent a great deal of time and money trying to be all things to all people that they've failed horribly to do any actual monitoring. While they may tout their flexibility to monitor everything, they've sacrificed ease of deployment. BMC, Tivoli and CA are especially guilty of this. Industry analysts [1] estimate that the actual cost of deployment is 4-6 times the cost of the product and these products aren't cheap. They also require a great deal of development time and expertise to get working properly. Two of my favorite quotes about Tivoli are: Tivoli, everything is just a script away. You of course have to write your own script. and Tivoli sells you a product and tell you it's a beautiful house. Then they hand you some acorns and a pile of sh!t and expect you to build it yourself. I think you've got the right idea Marco. The so called niche players in the field have done a much better job gathering detailed performance and pro-active monitoring. This data can be used by the people running the servers. I don't need a ping test to tell me if the server is down. A mail server goes out and my phone is ringing before the alert gets to me. The critical errors or failures get fed up to the framework. Here's where the framework folks need to do their job by correlating events. Mail server in site A is down. Is it the server, the network, or another service that has failed? The frameworks (with a ton of work) can take the information fed to it from down level monitoring applications and correlate that information to let you know where the problem is. If you get real good at this stuff, you can even get into the predictive failure business. For those companies that decide that you can do everything with one vendor, they are severely mistaken. -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Monday, November 11, 2002 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does anyone have experience in implementing AD monitoring using Tivoli and NetIQ? What we're planning to do is use NetIQ for the first layer (pro-active monitoring, performance, etc.) of AD monitoring and get NetIQ to forward alerts of certain categories (service impact events) to Tivoli. I'd appreciate if someone with experience in this kind of environment could exchange some information regarding counters/components to monitor and thresholds. I believe this could also be useful for this original posting. Marco Bombardi -Original Message- From: Abbiss, Mark [mailto:Mark.Abbiss;eads.net] Sent: Monday, November 11, 2002 6:54 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Check out eQ by Heroix (www.heroix.com) Bloody good product, bloody excellent support and a fraction of the prce of its bloated competitiors. Mark Abbiss -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Montag, 11. November 2002 15:01 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Do you actually *read* posts before pimping Sunbelt products? Well, MOM's out as our mandate is to have a monitoring product that is cross platform (we also have various flavors of UNIX and some big iron). To hit this kind of scope, you have to look at probably BMC Patrol, HP OpenView, Tivoli TME or CompAss Unicenter. I don't believe that NetIQ can cover mainframes, although last I checked they do cover some Unix stuff. I'd agree, however, that just straight ping testing isn't enough for most environments. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Saturday, November 09, 2002 10:02 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Monitoring AD http://www.sunbelt-software.com/search_category.cfm#ADI -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Mike Baudino Sent: Saturday, November 09, 2002 09:52 To: [EMAIL PROTECTED] Subject: [ActiveDir] Monitoring AD All, I've been asked recently to come up with monitoring
RE: [ActiveDir] OT: Exchange -1018 Error
We are using ARCServe, and will be making the switch to Backup Exec 8.6 next year -Original Message- From: [EMAIL PROTECTED] [mailto:Shawn.Hayes;compass.net] Sent: Tuesday, November 12, 2002 10:05 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error What backup product are you using? Backup Exec gave us this problem. We had to set up a separate backup job for Exchange specifying a Full backup and commit logs. When Exchange was part of a differential backup, even though the Exchange portion of the backup job was specified as a full backup and commit logs, the logs were not committed. -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 10:01 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error This is the wiered thing, all users are working fine and no one is having any problems. The only thing that is not working correctly is that the full backups of the server are not committing the logs to the database. -Original Message- From: Rick Kingslan [mailto:rkingsla;cox.net] Sent: Tuesday, November 12, 2002 9:37 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Justin, I want to go on record as saying that no, SP3 did NOT cause these errors - at least in my experience with our farm of Exchange 2k servers and Exchange 5.5 servers. The only time that we have seen this has been due to a severe corruption of the database (specifically .edb) and a restore to another system and reset of profiles on the user end was the quickest way to resolve. However, I am with Roger - we may be smart folks who give good advice, but I have believe you have a number of folks greatly impacted by this outage. Why would one spend money with PSS (or get the advice for free, even) then wait to implement the fix. This, given the fact that every one of the error messages led to the same conclusion and fix? I'd get your most recent GOOD backup and start restoring. Your users are going to appreciate it. Rick Kingslan MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 8:25 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error David I have already looked at these but thank you -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Tuesday, November 12, 2002 9:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error http://www.eventid.net/display.asp?eventid=116source= http://www.eventid.net/display.asp?eventid=118source= http://www.eventid.net/display.asp?eventid=200source= -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Salandra, Justin A. Sent: Tuesday, November 12, 2002 08:59 To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] mailto:jasalandra;chcsnet.org List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir% 40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive:
RE: [ActiveDir] OT: Exchange -1018 Error
Title: Message No offense Justin, but what are you waiting for? 1018s are bad news and the sooner you get to work on this and follow PSS's recommendations the better. It will bite you in the a$$ if you attempt to work around this. -Original Message-From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 12:50 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT: Exchange -1018 Error When you went through it did you have your users working with out problems. My users are currently experiencing no problems -Original Message-From: Al Garrett [mailto:[EMAIL PROTECTED]]Sent: Tuesday, November 12, 2002 11:16 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT: Exchange -1018 Error Having been through this myself I'm only going to add my condolences. One of our administrators was using her Deleted Items folder to store all the stuff she wanted to keep. It was a classic from the CDW commercials"Fred? Where do you put all the e-mail I delete?" Unfortunately, our DLT system had never been tested and our first good backup was a week old. Poor planning on our part. I found myself spending the night in the NOC doing eseutil commands on a 16Gb database and it was taking 6 hours for any successful manipulation. (Copy over network to working drive, perform ese..., recopy back to production drive, test for completeness, etc, etc) I have a 3 inch binder of MS Knowledgebase Articles about recovering Exch5.5. It's been well-thumbed and marked in the margins. Good Luck. Al A small community college in California. -Original Message- From: Burns, Clyde [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 7:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the "State:" line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the
[ActiveDir] Question about Active Directory
Can AD become corrupted? If so, can it be fixed with anything other than restoring from backup? Eric Etheredge, MCDBA Systems Manager Office of the Standing Trustee Walter O'Cheskey, Trustee Lubbock, Texas Trustee's Website: www.ch13-12westtex.org Case Information Website: www.trustee13.com This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Question about Active Directory
Yes it can. It is sometimes possible to repair it with ntdsutil or esentutl. see http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q315131 and http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q305500 Tim Hines, MCSA, MCSE (2000 NT4) MVP - Active Directory - Original Message - From: Eric [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, November 12, 2002 2:29 PM Subject: [ActiveDir] Question about Active Directory Can AD become corrupted? If so, can it be fixed with anything other than restoring from backup? Eric Etheredge, MCDBA Systems Manager Office of the Standing Trustee Walter O'Cheskey, Trustee Lubbock, Texas Trustee's Website: www.ch13-12westtex.org Case Information Website: www.trustee13.com This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Question about Active Directory
Very early in our AD deployment we had one server reporting AD corruption. The other servers were OK. We simply demoted the server, waited for replication so that the server was removed from AD and re-promoted the server. At this point it got a new copy of the database and problem solved. Not that this would work for everyone due to band width, etc, but seemed to work for us. Diane -Original Message- From: Tim HInes [mailto:nupe009;carolina.rr.com] Sent: Tuesday, November 12, 2002 11:42 AM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Question about Active Directory Yes it can. It is sometimes possible to repair it with ntdsutil or esentutl. see http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q315131 and http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q305500 Tim Hines, MCSA, MCSE (2000 NT4) MVP - Active Directory - Original Message - From: Eric [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, November 12, 2002 2:29 PM Subject: [ActiveDir] Question about Active Directory Can AD become corrupted? If so, can it be fixed with anything other than restoring from backup? Eric Etheredge, MCDBA Systems Manager Office of the Standing Trustee Walter O'Cheskey, Trustee Lubbock, Texas Trustee's Website: www.ch13-12westtex.org Case Information Website: www.trustee13.com This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
Hi Justin, I've experienced exactly what you describe (certain cr@p array controllers not doing their job), and restoring the LAST GOOD backup and replaying the logs is exactly the way to go IF your logs are on a separate spindle set. If not, there is a good chance that one or more of the log files are corrupt as well, in which case you will only be able to recover to the point of the last good backup (meaning you will lose everything since the last good backup). If your logs are on a separate spindle set, and you aren't using circular logging, then this is a no-brainer. Restore! It's much faster and easier then attempting to repair the database. ESEUtil can cause loss of data, so I would only use this as a last resort. BTW, even if the logs are on the same array, I'd try the restore anyway. If you do what MS and everyone else have suggested (which is to copy all DBs and logs first), you can always get back to where you are today and then attempt ESEUtil. HTH, Linton -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 12:49 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error Thanks for the info, I have asked MS by e-mail if I could do a eseutil /mh priv.mdb output.txt, if they say yes I will do it tonight. Also I do not have circular logging enabled. -Original Message- From: Burns, Clyde [mailto:Clyde.Burns;nortonhealthcare.org] Sent: Tuesday, November 12, 2002 10:19 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200) And now ArcServe cannot backup the database fully and commit the logs to the database so I now have 500 log files in my mdbdata directory. MS Support wants me to restore from the day the HD failed after I rename the mdbdata directory and create a new one. Then they want me to copy in all the log files and wait for the log files to replay into the database. The only other option is to do a eseutil or build a new server and migrate everyone over. Have any of you done what MS is recommending? Do any of you feel that this is the way to go? Does anyone know what would of caused these errors, was it SP3 or was it the HD Failure? Any help is appreciated Justin
RE: [ActiveDir] OT: Exchange -1018 Error
Title: Message The reason I am waiting on this is because this server is my forest root, my Exchange server, my DNS server to the Internet, my WINS server and my Intranet Server all in one. If I could find a way to fix the problem quickly while fixing the server online I would avoid down time of all these services. Next years budget allows me to break apart these services -Original Message- From: Andy David [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 1:40 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error No offense Justin, but what are you waiting for? 1018s are bad news and the sooner you get to work on this and follow PSS's recommendations the better. It will bite you in the a$$ if you attempt to work around this. -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 12:50 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error When you went through it did you have your users working with out problems. My users are currently experiencing no problems -Original Message- From: Al Garrett [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 11:16 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error Having been through this myself I'm only going to add my condolences. One of our administrators was using her Deleted Items folder to store all the stuff she wanted to keep. It was a classic from the CDW commercialsFred? Where do you put all the e-mail I delete? Unfortunately, our DLT system had never been tested and our first good backup was a week old. Poor planning on our part. I found myself spending the night in the NOC doing eseutil commands on a 16Gb database and it was taking 6 hours for any successful manipulation. (Copy over network to working drive, perform ese..., recopy back to production drive, test for completeness, etc, etc) I have a 3 inch binder of MS Knowledgebase Articles about recovering Exch5.5. It's been well-thumbed and marked in the margins. Good Luck. Al A small community college in California. -Original Message- From: Burns, Clyde [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 7:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online
[ActiveDir] Monitoring with HP OpenView
[Regarding the monitoring comparison] I got a response from HP that I should send this URL to you guys. http://www.openview.hp.com/products/smartplugins/spis/Documents/Product_ HTML-516.asp Regards, /Jimmy -- Jimmy Andersson, Q Advice AB Microsoft MVP - Active Directoryv Whistler Tech Beta Program Member Windows Pre-release Community Member List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] Question about Active Directory
Diane did this server have any FSMOs you had to move or was it a Global Catalog Server? -Original Message- From: Ayers, Diane [mailto:DMA8;pge.com] Sent: Tuesday, November 12, 2002 2:58 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Question about Active Directory Very early in our AD deployment we had one server reporting AD corruption. The other servers were OK. We simply demoted the server, waited for replication so that the server was removed from AD and re-promoted the server. At this point it got a new copy of the database and problem solved. Not that this would work for everyone due to band width, etc, but seemed to work for us. Diane -Original Message- From: Tim HInes [mailto:nupe009;carolina.rr.com] Sent: Tuesday, November 12, 2002 11:42 AM To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] Question about Active Directory Yes it can. It is sometimes possible to repair it with ntdsutil or esentutl. see http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q315131 and http://support.microsoft.com/default.aspx?scid=kb;EN-US;Q305500 Tim Hines, MCSA, MCSE (2000 NT4) MVP - Active Directory - Original Message - From: Eric [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, November 12, 2002 2:29 PM Subject: [ActiveDir] Question about Active Directory Can AD become corrupted? If so, can it be fixed with anything other than restoring from backup? Eric Etheredge, MCDBA Systems Manager Office of the Standing Trustee Walter O'Cheskey, Trustee Lubbock, Texas Trustee's Website: www.ch13-12westtex.org Case Information Website: www.trustee13.com This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
I have just learned that the company that does my backups may have overwritten my most recent good backup with a bad one. This will be confirmed for me tomorrow morning by the actual person responsible since he was out today. Since I may not have a good backup, I think I may just have to do the eseutil. God help me! Justin A. Salandra, MCSE Senior Network Engineer Catholic Healthcare System 914.681.8117 office 646.483.3325 cell [EMAIL PROTECTED] -Original Message- From: Linton Smith (WBTQ) [mailto:GWLLES;Weston.ca] Sent: Tuesday, November 12, 2002 3:05 PM To: '[EMAIL PROTECTED]' Subject:RE: [ActiveDir] OT: Exchange -1018 Error Hi Justin, I've experienced exactly what you describe (certain cr@p array controllers not doing their job), and restoring the LAST GOOD backup and replaying the logs is exactly the way to go IF your logs are on a separate spindle set. If not, there is a good chance that one or more of the log files are corrupt as well, in which case you will only be able to recover to the point of the last good backup (meaning you will lose everything since the last good backup). If your logs are on a separate spindle set, and you aren't using circular logging, then this is a no-brainer. Restore! It's much faster and easier then attempting to repair the database. ESEUtil can cause loss of data, so I would only use this as a last resort. BTW, even if the logs are on the same array, I'd try the restore anyway. If you do what MS and everyone else have suggested (which is to copy all DBs and logs first), you can always get back to where you are today and then attempt ESEUtil. HTH, Linton -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 12:49 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error Thanks for the info, I have asked MS by e-mail if I could do a eseutil /mh priv.mdb output.txt, if they say yes I will do it tonight. Also I do not have circular logging enabled. -Original Message- From: Burns, Clyde [mailto:Clyde.Burns;nortonhealthcare.org] Sent: Tuesday, November 12, 2002 10:19 AM To: [EMAIL PROTECTED] Subject:RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not confortable.) Clyde Burns -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 8:59 AM To: ActiveDir (E-mail) Subject: [ActiveDir] OT: Exchange -1018 Error Hello everyone, I know this is off topic but you guys and girls always give good advice. I have been getting event Ids 116, 118 and 200 a lot in my application log. The chain of events went like this I installed SP3 for W2K The next day the Exchange Database went through some type of conversion and logged Event ID 174 hundreds of times (Table/Column/Index Definintions) On that same day one of my Hard Drives in my RAID 5 Config failed, I replaced it 3 days later Since then every time the online maintenance on the exchange database ran it logged a Database Page Cache error (Event ID 116 and 118 and 200)
RE: [ActiveDir] Monitoring AD
Does this mean I get a free bar of chocolate? g -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Tuesday, November 12, 2002 1:38 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Sounds good to me. Thank you for your message. Marco Bombardi Globe Center AMS Infrastructure Technology [EMAIL PROTECTED] Office: +1 818 549.6153 -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: Tuesday, November 12, 2002 6:24 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well, you beat me to my response to Roger about the big Framework providers. In order to get true cross platform monitoring you'll need to look at BMC, Tivoli, CA or HPOV. NetIQ is quickly moving into that arena, but I am not aware of any plans for them to monitor the OS/390 or ZOS. What do all four of the big monitoring products have in common? They all stink. All four have spent a great deal of time and money trying to be all things to all people that they've failed horribly to do any actual monitoring. While they may tout their flexibility to monitor everything, they've sacrificed ease of deployment. BMC, Tivoli and CA are especially guilty of this. Industry analysts [1] estimate that the actual cost of deployment is 4-6 times the cost of the product and these products aren't cheap. They also require a great deal of development time and expertise to get working properly. Two of my favorite quotes about Tivoli are: Tivoli, everything is just a script away. You of course have to write your own script. and Tivoli sells you a product and tell you it's a beautiful house. Then they hand you some acorns and a pile of sh!t and expect you to build it yourself. I think you've got the right idea Marco. The so called niche players in the field have done a much better job gathering detailed performance and pro-active monitoring. This data can be used by the people running the servers. I don't need a ping test to tell me if the server is down. A mail server goes out and my phone is ringing before the alert gets to me. The critical errors or failures get fed up to the framework. Here's where the framework folks need to do their job by correlating events. Mail server in site A is down. Is it the server, the network, or another service that has failed? The frameworks (with a ton of work) can take the information fed to it from down level monitoring applications and correlate that information to let you know where the problem is. If you get real good at this stuff, you can even get into the predictive failure business. For those companies that decide that you can do everything with one vendor, they are severely mistaken. -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Monday, November 11, 2002 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does anyone have experience in implementing AD monitoring using Tivoli and NetIQ? What we're planning to do is use NetIQ for the first layer (pro-active monitoring, performance, etc.) of AD monitoring and get NetIQ to forward alerts of certain categories (service impact events) to Tivoli. I'd appreciate if someone with experience in this kind of environment could exchange some information regarding counters/components to monitor and thresholds. I believe this could also be useful for this original posting. Marco Bombardi -Original Message- From: Abbiss, Mark [mailto:Mark.Abbiss;eads.net] Sent: Monday, November 11, 2002 6:54 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Check out eQ by Heroix (www.heroix.com) Bloody good product, bloody excellent support and a fraction of the prce of its bloated competitiors. Mark Abbiss -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Montag, 11. November 2002 15:01 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Do you actually *read* posts before pimping Sunbelt products? Well, MOM's out as our mandate is to have a monitoring product that is cross platform (we also have various flavors of UNIX and some big iron). To hit this kind of scope, you have to look at probably BMC Patrol, HP OpenView, Tivoli TME or CompAss Unicenter. I don't believe that NetIQ can cover mainframes, although last I checked they do cover some Unix stuff. I'd agree, however, that just straight ping testing isn't enough for most environments. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA -Original Message- From: David N. Precht [mailto:discussions;entrysecurity.com] Sent: Saturday, November 09, 2002 10:02 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Monitoring AD http://www.sunbelt-software.com/search_category.cfm#ADI -Original Message-
RE: [ActiveDir] OT: Exchange -1018 Error
Title: Message Do you have another machine you can install Exchange on that would hold your store? If so I would recommend adding another machine to your site and moving stuff off of this machine as soon as possible. If you do not have this ability then I would let management know how bad the situation really is and cover your A$$ in case something bad does happen.. This is just my 2 cents... Joshua -Original Message-From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 2:52 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT: Exchange -1018 Error The reason I am waiting on this is because this server is my forest root, my Exchange server, my DNS server to the Internet, my WINS server and my Intranet Server all in one. If I could find a way to fix the problem quickly while fixing the server online I would avoid down time of all these services. Next years budget allows me to break apart these services -Original Message-From: Andy David [mailto:[EMAIL PROTECTED]]Sent: Tuesday, November 12, 2002 1:40 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT: Exchange -1018 Error No offense Justin, but what are you waiting for? 1018s are bad news and the sooner you get to work on this and follow PSS's recommendations the better. It will bite you in the a$$ if you attempt to work around this. -Original Message-From: Salandra, Justin A. [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 12:50 PMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT: Exchange -1018 Error When you went through it did you have your users working with out problems. My users are currently experiencing no problems -Original Message-From: Al Garrett [mailto:[EMAIL PROTECTED]]Sent: Tuesday, November 12, 2002 11:16 AMTo: '[EMAIL PROTECTED]'Subject: RE: [ActiveDir] OT: Exchange -1018 Error Having been through this myself I'm only going to add my condolences. One of our administrators was using her Deleted Items folder to store all the stuff she wanted to keep. It was a classic from the CDW commercials"Fred? Where do you put all the e-mail I delete?" Unfortunately, our DLT system had never been tested and our first good backup was a week old. Poor planning on our part. I found myself spending the night in the NOC doing eseutil commands on a 16Gb database and it was taking 6 hours for any successful manipulation. (Copy over network to working drive, perform ese..., recopy back to production drive, test for completeness, etc, etc) I have a 3 inch binder of MS Knowledgebase Articles about recovering Exch5.5. It's been well-thumbed and marked in the margins. Good Luck. Al A small community college in California. -Original Message- From: Burns, Clyde [mailto:[EMAIL PROTECTED]] Sent: Tuesday, November 12, 2002 7:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the "State:" line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata
RE: [ActiveDir] Monitoring with HP OpenView
I've yet to do a real product comparison between the NMS vendors. From my initial observations I felt that HP was the best at doing the actual monitoring across multiple platforms. They don't have the ability to monitor the mainframe systems either. My real issue comes down to how these products were developed. Most of the big NMS providers were originally designed for either *nix or mainframe. They've purchased or licensed what they've needed to get cross platform integration. Did you know that Tivoli now OEM's Heroix Robomon to monitor Exchange and SQL? The issue there is that some of these folks try to treat it just like they were still monitoring a *nix machine. That just doesn't always work out for the best. I don't think there really is the silver bullet in a large or complex environment despite what the vendors tell you. I look at it as a tiered approach. At the very top is the framework. Network, OS (be it NT, *nix, OS/390) and applications that are monitored plug into the framework to give it information on systems issues. After that I'll look at each service that I want to provide and prioritize its importance and monitor accordingly. If my messaging servers are critical for my organization, I'd rather spend the money on the best of breed product to get me all the functionality that I require. A generic monitoring application means that I am spending time and resources on something that is not my core service. The other part I look at in the service means that messaging doesn't just mean Exchange. OWA, conferencing services, mobile messaging and non-Exchange mail servers may be part of that mix. I'll need to have a product that can monitor those functions and provide my messaging admins with the information that they need to look at the system as a whole as well as getting into the details. I personally don't think HP is there yet. I don't think Tivoli, CA or BMC will ever get there, they are too monolithic in their structure. They will have to redesign first. My 2 cents. -Original Message- From: Jimmy Andersson [mailto:jimmy;mvps.org] Sent: Tuesday, November 12, 2002 3:11 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Monitoring with HP OpenView [Regarding the monitoring comparison] I got a response from HP that I should send this URL to you guys. http://www.openview.hp.com/products/smartplugins/spis/Documents/Product_HTML -516.asp Regards, /Jimmy -- Jimmy Andersson, Q Advice AB Microsoft MVP - Active Directoryv Whistler Tech Beta Program Member Windows Pre-release Community Member List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] OT: Exchange -1018 Error
Hi Justin, A restore will only stop Exchange services while the restore is happening. Running ESEUtil only requires that Exchange services be stopped, so you can leave the other services running, serving your users while you are fixing your Exchange problem. Sorry to hear about your last good backup. The next time you experience any indication of corruption, the first thing you will want to secure is your last good backup. This holds true for any transactional database application. Linton -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 2:52 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error The reason I am waiting on this is because this server is my forest root, my Exchange server, my DNS server to the Internet, my WINS server and my Intranet Server all in one. If I could find a way to fix the problem quickly while fixing the server online I would avoid down time of all these services. Next years budget allows me to break apart these services -Original Message- From: Andy David [mailto:DavidA;veronissuhler.com] Sent: Tuesday, November 12, 2002 1:40 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error No offense Justin, but what are you waiting for? 1018s are bad news and the sooner you get to work on this and follow PSS's recommendations the better. It will bite you in the a$$ if you attempt to work around this. -Original Message- From: Salandra, Justin A. [mailto:jasalandra;chcsnet.org] Sent: Tuesday, November 12, 2002 12:50 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error When you went through it did you have your users working with out problems. My users are currently experiencing no problems -Original Message- From: Al Garrett [mailto:agarrett;SWC.CC.CA.US] Sent: Tuesday, November 12, 2002 11:16 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] OT: Exchange -1018 Error Having been through this myself I'm only going to add my condolences. One of our administrators was using her Deleted Items folder to store all the stuff she wanted to keep. It was a classic from the CDW commercialsFred? Where do you put all the e-mail I delete? Unfortunately, our DLT system had never been tested and our first good backup was a week old. Poor planning on our part. I found myself spending the night in the NOC doing eseutil commands on a 16Gb database and it was taking 6 hours for any successful manipulation. (Copy over network to working drive, perform ese..., recopy back to production drive, test for completeness, etc, etc) I have a 3 inch binder of MS Knowledgebase Articles about recovering Exch5.5. It's been well-thumbed and marked in the margins. Good Luck. Al A small community college in California. -Original Message- From: Burns, Clyde [ mailto:Clyde.Burns;nortonhealthcare.org mailto:Clyde.Burns;nortonhealthcare.org ] Sent: Tuesday, November 12, 2002 7:19 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] OT: Exchange -1018 Error Id go with what MS is recommending. Ive gone both ways (with regards to Exchange 5.5) in restoring a known good database and replaying the transaction logs and having to recover a corrupted database. I would just make sure to copy off all the contents of your exchsrvr\mdbdata contents somewhere else before trying the restore. Worst case then is you can get Exchange back to its current state with a copy of your priv, pub, and log files. Some things to check first though. Go into the advanced tab under the server properties in the 5.5 admin program. (Org - site - configuration - server) See if you have circular logging turned on or off. Ifs its off your ok with restoring the database from tape and replaying the logs. If its on you may lose data by restoring an older priv and pub.edb (though it don't sound like it if you have 500+ separate log files) One other thing to check should you decide to go the 'repair what you have' route. Shut down all your exchange services on the server. Find the path for the following 3 files. Dir.edb pub.edb and priv.edb. Open a command prompt on the server and go the directory where each of those files are at and use the following command eseutil /mh priv.mdb output.txt Just replace priv.mdb with pub and dir. Open the output.txt file and look about 17 lines down for the State: line. If all 3 say Consistent you don't have to worry about the transaction logs. They have been committed to the database. When Exchange 5.5 information store service is shut down it commits the contents of the logs to the database. If the logs are not committed to the database for whatever reason the header dump will show the database to be in an Inconsistent state. Short answer is you could either move all of the edb*.log files out of your mdbdata directory or do away with them manually (definately talk to MS PSS before doing this yourself if your not
RE: [ActiveDir] Monitoring AD
I'm still new here... :-) Marco Bombardi Globe Center AMS Infrastructure Technology [EMAIL PROTECTED] Office: +1 818 549.6153 -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: Tuesday, November 12, 2002 12:21 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does this mean I get a free bar of chocolate? g -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Tuesday, November 12, 2002 1:38 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Sounds good to me. Thank you for your message. Marco Bombardi Globe Center AMS Infrastructure Technology [EMAIL PROTECTED] Office: +1 818 549.6153 -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: Tuesday, November 12, 2002 6:24 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well, you beat me to my response to Roger about the big Framework providers. In order to get true cross platform monitoring you'll need to look at BMC, Tivoli, CA or HPOV. NetIQ is quickly moving into that arena, but I am not aware of any plans for them to monitor the OS/390 or ZOS. What do all four of the big monitoring products have in common? They all stink. All four have spent a great deal of time and money trying to be all things to all people that they've failed horribly to do any actual monitoring. While they may tout their flexibility to monitor everything, they've sacrificed ease of deployment. BMC, Tivoli and CA are especially guilty of this. Industry analysts [1] estimate that the actual cost of deployment is 4-6 times the cost of the product and these products aren't cheap. They also require a great deal of development time and expertise to get working properly. Two of my favorite quotes about Tivoli are: Tivoli, everything is just a script away. You of course have to write your own script. and Tivoli sells you a product and tell you it's a beautiful house. Then they hand you some acorns and a pile of sh!t and expect you to build it yourself. I think you've got the right idea Marco. The so called niche players in the field have done a much better job gathering detailed performance and pro-active monitoring. This data can be used by the people running the servers. I don't need a ping test to tell me if the server is down. A mail server goes out and my phone is ringing before the alert gets to me. The critical errors or failures get fed up to the framework. Here's where the framework folks need to do their job by correlating events. Mail server in site A is down. Is it the server, the network, or another service that has failed? The frameworks (with a ton of work) can take the information fed to it from down level monitoring applications and correlate that information to let you know where the problem is. If you get real good at this stuff, you can even get into the predictive failure business. For those companies that decide that you can do everything with one vendor, they are severely mistaken. -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Monday, November 11, 2002 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does anyone have experience in implementing AD monitoring using Tivoli and NetIQ? What we're planning to do is use NetIQ for the first layer (pro-active monitoring, performance, etc.) of AD monitoring and get NetIQ to forward alerts of certain categories (service impact events) to Tivoli. I'd appreciate if someone with experience in this kind of environment could exchange some information regarding counters/components to monitor and thresholds. I believe this could also be useful for this original posting. Marco Bombardi -Original Message- From: Abbiss, Mark [mailto:Mark.Abbiss;eads.net] Sent: Monday, November 11, 2002 6:54 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Check out eQ by Heroix (www.heroix.com) Bloody good product, bloody excellent support and a fraction of the prce of its bloated competitiors. Mark Abbiss -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Montag, 11. November 2002 15:01 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Do you actually *read* posts before pimping Sunbelt products? Well, MOM's out as our mandate is to have a monitoring product that is cross platform (we also have various flavors of UNIX and some big iron). To hit this kind of scope, you have to look at probably BMC Patrol, HP OpenView, Tivoli TME or CompAss Unicenter. I don't believe that NetIQ can cover mainframes, although last I checked they do cover some Unix stuff. I'd agree, however, that just straight ping testing isn't enough for most environments. -- Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger
RE: [ActiveDir] Question about Active Directory
Try http://www.sunbelt-software.com/product.cfm?id=785 ActiveAdministrator -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Eric Sent: Tuesday, November 12, 2002 14:29 To: [EMAIL PROTECTED] Subject: [ActiveDir] Question about Active Directory Can AD become corrupted? If so, can it be fixed with anything other than restoring from backup? Eric Etheredge, MCDBA Systems Manager Office of the Standing Trustee Walter O'Cheskey, Trustee Lubbock, Texas Trustee's Website: www.ch13-12westtex.org Case Information Website: www.trustee13.com This transmission may contain information that is privileged, confidential and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. Thank you. List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ: http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
RE: [ActiveDir] LDAP Display Name for Security Properties
Title: Message Robbie - I agree 100%, and will voice that same opinion the next time I'm able to. The fact that the auditing mechanism is the only way to find out what happened is inadequate, for the reasons that I stated (group membership, built-in users, etc.) and more, to be sure. I would not mind having a DIT that would grow - and being able to set the retention period. I'm sure that I'd want a configurable time to retain the data (though, as soon as one sets a time limit, something happens to make you wish it was different) and have it dynamically purge or remove theentries from the database. I, like the Rick who posted the original question, have often wanted this type of information. Seeing as how the "Longhorn" server release has been axed to concentrate on Blackcomb, we may have more time to get these types of needed changes in place. They aren't there for Whistler, to say the least. Longhorn axed : http://entmag.com/news/article.asp?EditorialsID=5585 Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Robbie AllenSent: Tuesday, November 12, 2002 9:35 AMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] LDAP Display Name for Security Properties This is an example of why it would be nice if the object GUID of the security principal that performed the write was included in the metadata for themodified object. I mentioned this to one of the AD developers during the MEC AD Community session, and he said he would take it back to the AD team. On arelated note, if the object GUID of the writer was included in the metadata, then all that would be needed to have a complete change log history of objects stored in the metadata would be the before and after valuesofmodified attributes. Granted, this could greatly increase the size of the DIT, especially over time, but I think it would be cool to have as an option ;-) And yes some of this can be done with the dirsync control and change notifications, but it would be nice if it was stored directly in AD. Robbie Allen -Original Message-From: Rick Kingslan [mailto:[EMAIL PROTECTED]] Sent: Monday, November 11, 2002 3:02 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] LDAP Display Name for Security Properties Rick, Unfortunately, if we are talking about the same dialog box with the ACL and the ACE's (in advance view) these are Security Principals with permissions that they have on this object. It's likely that one of these objects DID join it to the domain, but if it was the Domain Administrators group, and there are 5 members, which member performed the join of the computer? Maybe someone esle can provide better or more complete information, but I don't believe that there is any information that will tell you which Security Principal actually joined a computer to the domain. This is even compunded further by the fact that BY DEFAULT any user can join up to 10 machines to the domain, IIRC. Now, the problem gets even more difficult to track. Auditing is the only way to confirm who did what - but that, again, assumes that auditing was on, configured, and the logs are available. Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active DirectoryAssociate ExpertExpert Zone - www.microsoft.com/windowsxp/expertzone -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Jones, Rick J.(Desktop Engineering)Sent: Monday, November 11, 2002 1:50 PMTo: [EMAIL PROTECTED]Subject: RE: [ActiveDir] LDAP Display Name for Security Properties Anyone know the LDAP Display Name for the security properties on a Computer Account? When I open Active Directory Computers and Users and right click on a computer account, click on security (with advanced options turned on) I get a list of accounts. One of those is the account name that was used to join the computer to the domain (I believe), what I need to do is be able to query that information so we can find out who joined these computers to the domain. Rick J. Jones
RE: [ActiveDir] Monitoring AD
Just don't tell Dave's Legal Dept that. -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir-owner;mail.activedir.org] On Behalf Of Andries Thijssen Sent: Tuesday, November 12, 2002 10:18 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Agreed, except that it is not free for commercial use. -Original Message- From: Thornley, Dave H [mailto:D.H.Thornley;shu.ac.uk] Sent: Tuesday, November 12, 2002 4:02 PM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well following on from this I'll mention Big Brother - we use it on 100 plus servers, Windows and Unix. Its Open Source and its free. There's a fairly rich set of scripts that have been developed and shared by the user community to cater for those things not monitored by the basic product. dave -Original Message- From: Schwartz, Jim [mailto:JSchwartz;BBandT.com] Sent: 12 November 2002 14:24 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Well, you beat me to my response to Roger about the big Framework providers. In order to get true cross platform monitoring you'll need to look at BMC, Tivoli, CA or HPOV. NetIQ is quickly moving into that arena, but I am not aware of any plans for them to monitor the OS/390 or ZOS. What do all four of the big monitoring products have in common? They all stink. All four have spent a great deal of time and money trying to be all things to all people that they've failed horribly to do any actual monitoring. While they may tout their flexibility to monitor everything, they've sacrificed ease of deployment. BMC, Tivoli and CA are especially guilty of this. Industry analysts [1] estimate that the actual cost of deployment is 4-6 times the cost of the product and these products aren't cheap.. They also require a great deal of development time and expertise to get working properly. Two of my favorite quotes about Tivoli are: Tivoli, everything is just a script away. You of course have to write your own script. and Tivoli sells you a product and tell you it's a beautiful house. Then they hand you some acorns and a pile of sh!t and expect you to build it yourself. I think you've got the right idea Marco. The so called niche players in the field have done a much better job gathering detailed performance and pro-active monitoring. This data can be used by the people running the servers. I don't need a ping test to tell me if the server is down. A mail server goes out and my phone is ringing before the alert gets to me. The critical errors or failures get fed up to the framework. Here's where the framework folks need to do their job by correlating events. Mail server in site A is down. Is it the server, the network, or another service that has failed? The frameworks (with a ton of work) can take the information fed to it from down level monitoring applications and correlate that information to let you know where the problem is. If you get real good at this stuff, you can even get into the predictive failure business. For those companies that decide that you can do everything with one vendor, they are severely mistaken. -Original Message- From: Bombardi,Marco,GLENDALE,GC AMS - eMAD [mailto:Marco.Bombardi;us.nestle.com] Sent: Monday, November 11, 2002 11:38 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Does anyone have experience in implementing AD monitoring using Tivoli and NetIQ? What we're planning to do is use NetIQ for the first layer (pro-active monitoring, performance, etc.) of AD monitoring and get NetIQ to forward alerts of certain categories (service impact events) to Tivoli. I'd appreciate if someone with experience in this kind of environment could exchange some information regarding counters/components to monitor and thresholds. I believe this could also be useful for this original posting. Marco Bombardi -Original Message- From: Abbiss, Mark [mailto:Mark.Abbiss;eads.net] Sent: Monday, November 11, 2002 6:54 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Check out eQ by Heroix (www.heroix.com) Bloody good product, bloody excellent support and a fraction of the prce of its bloated competitiors. Mark Abbiss -Original Message- From: Roger Seielstad [mailto:roger.seielstad;inovis.com] Sent: Montag, 11. November 2002 15:01 To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Monitoring AD Do you actually *read* posts before pimping Sunbelt products? Well, MOM's out as our mandate is to have a monitoring product that is cross platform (we also have various flavors of UNIX and some big iron). To hit this kind of scope, you have to look at probably BMC Patrol, HP OpenView, Tivoli TME or CompAss Unicenter. I don't believe that NetIQ can cover mainframes, although last I checked they do cover some Unix stuff. I'd agree, however, that just straight ping testing isn't enough for most environments. -- Roger D.
[ActiveDir] AD Integrated DNS Name Servers After Demotion
Last weekend, we demoted 233 DCs. We went from a branch deployment to a region deployment of DCs. I noticed to today that although the DCs demoted, removed the computer accounts from the DC OU, removed the entry in the SYSTEM folder under the SYSVOL FRS volumes, the demoted DCs did not remove themselves as Name Servers for the AD Integrated zones. The demoted DCs are still running DNS, but do not have any zones. Why are these servers still listed in the properties of the zones as Name Servers when they do not have the zones in their DNS server service? John F. Hann, MCP BancorpSouth Network Services - Administration Infrastructure Management 662.678.7179 attachment: winmail.dat