[ActiveDir] What is Websence
Is it a box or software driven web filtering. Please provide some info on this. -- Thanks, RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
[ActiveDir] Anonymous Access to Virtual Directory or Web Site...
Hi, I want to configure anonymous access to virtual directory. But when i try to configure the same it gives me access denied error. but when i do a mixed auth it askes me for username and password and works fine. But thats what i dont want. i dont want it to ask me user name and password when opening the page. Please help!!! -- RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir@mail.activedir.org/
Re: [ActiveDir] Problem with Active Sync
Hi, Sync seems to be working with GPRS but using local LAN or DSL connection i am not able to sync my mailbox i am getting Error Code 0x85010001 and there is not much mentioned in http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php Can anyone please suggest what can be done in this case? Thanks Ravi Dogra On 9/29/06, Ravi Dogra [EMAIL PROTECTED] wrote: Yes it was working fine till 4 days ago. Suddently it stopped responding and gave some valid reasons which were rectified. Now i am not getting any errors. it keeps on looking for sync but nothing happens. No error, nothing. Device is a windows Mobile device. Antivirus is Sophos. But i dont think this will be an issue. since it was there when eveything was good. On 9/29/06, Molkentin, Steve [EMAIL PROTECTED] wrote: Ravi, Was it ever working? What version of ActiveSync are you using, and what of the devices (what OS)? The reason I ask is that we have an issue with ActiveSync v4.2 and Trend OfficeScan where they DO NOT play together with Windows Mobile 5.0 devices. No fix from Trend until later next year!!! Same (or at least similar) error to what you report. My $0.02 inc GST. themolk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Friday, 29 September 2006 7:15 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Problem with Active Sync in this case how i can be sure if everything is good with my exchange configuration and nothing is wrong with OMA/OWA/ Active Sync. Is it possible to verify is my server configuration is ok or not. A few days back when users reported me this problem i looked at the error and that was authentication method problem. Which was later on rectified. in addition to that after resolving auth problem i was able to see items when i tried http://mail.domain.com/oma Domain\Username Password When this if fixed. do i need to check something else to make active sync work. Thanks!!! Ravi Dogra On 9/29/06, Bruyere, Michel [EMAIL PROTECTED] wrote: Hi, Last time i had this, I had to pin point the culprit by removing all the items and then re add them 1 by 1 synching between each item. It turned out to be a note that was corrupted I deleted it and then re added the notes to the sync and all went well after that. My 0.02$ (also, make sure your device is not connected to the pc when you boot the pc. When windows detect the device before active sync is started it screws things up a bit...) -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: September 28, 2006 3:17 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Problem with Active Sync Hi All, I am facing problems while trying to sync my PPC. I receive error stating syncronization failed and support code is 80004004. I was facing some other problems with my active sync and oma which were rectified by changing authentication methods to not allowing anonymous and enabling Windows integrated and basic authentication. However i am doubting on my Active Sync. I think there is something wrong with it and i have no clue... This is really urgent -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] Problem with Active Sync
Hi All, I am facing problems while trying to sync my PPC. I receive error stating syncronization failed and support code is 80004004. I was facing some other problems with my active sync and oma which were rectified by changing authentication methods to not allowing anonymous and enabling Windows integrated and basic authentication. However i am doubting on my Active Sync. I think there is something wrong with it and i have no clue... This is really urgent -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Problem with Active Sync
in this case how i can be sure if everything is good with my exchange configuration and nothing is wrong with OMA/OWA/ Active Sync. Is it possible to verify is my server configuration is ok or not. A few days back when users reported me this problem i looked at the error and that was authentication method problem. Which was later on rectified. in addition to that after resolving auth problem i was able to see items when i tried http://mail.domain.com/oma Domain\Username Password When this if fixed. do i need to check something else to make active sync work. Thanks!!! Ravi Dogra On 9/29/06, Bruyere, Michel [EMAIL PROTECTED] wrote: Hi, Last time i had this, I had to pin point the culprit by removing all the items and then re add them 1 by 1 synching between each item. It turned out to be a note that was corrupted I deleted it and then re added the notes to the sync and all went well after that. My 0.02$ (also, make sure your device is not connected to the pc when you boot the pc. When windows detect the device before active sync is started it screws things up a bit...) -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: September 28, 2006 3:17 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Problem with Active Sync Hi All, I am facing problems while trying to sync my PPC. I receive error stating syncronization failed and support code is 80004004. I was facing some other problems with my active sync and oma which were rectified by changing authentication methods to not allowing anonymous and enabling Windows integrated and basic authentication. However i am doubting on my Active Sync. I think there is something wrong with it and i have no clue... This is really urgent -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Problem with Active Sync
Yes it was working fine till 4 days ago. Suddently it stopped responding and gave some valid reasons which were rectified. Now i am not getting any errors. it keeps on looking for sync but nothing happens. No error, nothing. Device is a windows Mobile device. Antivirus is Sophos. But i dont think this will be an issue. since it was there when eveything was good. On 9/29/06, Molkentin, Steve [EMAIL PROTECTED] wrote: Ravi, Was it ever working? What version of ActiveSync are you using, and what of the devices (what OS)? The reason I ask is that we have an issue with ActiveSync v4.2 and Trend OfficeScan where they DO NOT play together with Windows Mobile 5.0 devices. No fix from Trend until later next year!!! Same (or at least similar) error to what you report. My $0.02 inc GST. themolk. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Friday, 29 September 2006 7:15 AM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Problem with Active Sync in this case how i can be sure if everything is good with my exchange configuration and nothing is wrong with OMA/OWA/ Active Sync. Is it possible to verify is my server configuration is ok or not. A few days back when users reported me this problem i looked at the error and that was authentication method problem. Which was later on rectified. in addition to that after resolving auth problem i was able to see items when i tried http://mail.domain.com/oma Domain\Username Password When this if fixed. do i need to check something else to make active sync work. Thanks!!! Ravi Dogra On 9/29/06, Bruyere, Michel [EMAIL PROTECTED] wrote: Hi, Last time i had this, I had to pin point the culprit by removing all the items and then re add them 1 by 1 synching between each item. It turned out to be a note that was corrupted I deleted it and then re added the notes to the sync and all went well after that. My 0.02$ (also, make sure your device is not connected to the pc when you boot the pc. When windows detect the device before active sync is started it screws things up a bit...) -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: September 28, 2006 3:17 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Problem with Active Sync Hi All, I am facing problems while trying to sync my PPC. I receive error stating syncronization failed and support code is 80004004. I was facing some other problems with my active sync and oma which were rectified by changing authentication methods to not allowing anonymous and enabling Windows integrated and basic authentication. However i am doubting on my Active Sync. I think there is something wrong with it and i have no clue... This is really urgent -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] Activesync and OMA not working
Hi, Day before yesterday everything was working fine with OMA and Activesync. Users were able to sync from inside and outside site premises. But suddenly it is not working. There were no changes made. only change made was FBA. and its been a week now. I have one FE and 2 BE. Situation is when user is putting in the IP Address of BE instead of FE it works fine in his PPC. But the moment he does it to FE it stops working. Please suggest -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Activesync and OMA not working
I was able to see Event ID's 1501, 1502 and 1503 on FE. This has something to do with SSL. Just because when i does http://mail.domain.com/oma it prompts me to use https. another thing is i have redirected my home directory to /exchange url. On 9/26/06, Brian Desmond [EMAIL PROTECTED] wrote: Sounds like a communication issue between the frontends and the backends, frontends and global catalogs, etc... Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Monday, September 25, 2006 6:13 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Activesync and OMA not working Hi, Day before yesterday everything was working fine with OMA and Activesync. Users were able to sync from inside and outside site premises. But suddenly it is not working. There were no changes made. only change made was FBA. and its been a week now. I have one FE and 2 BE. Situation is when user is putting in the IP Address of BE instead of FE it works fine in his PPC. But the moment he does it to FE it stops working. Please suggest -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Activesync and OMA not working
support code 85010004 Your account does not have permission to sync with your current settings. Contact your Microsoft Exchange administrator. On 9/26/06, Tony Murray [EMAIL PROTECTED] wrote: What error code do you see on the mobile device with ActiveSync? I've found this table to be helpful in the past. http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php Tony -- Original Message -- From: Ravi Dogra [EMAIL PROTECTED] Reply-To: ActiveDir@mail.activedir.org Date: Tue, 26 Sep 2006 05:02:35 +0530 I was able to see Event ID's 1501, 1502 and 1503 on FE. This has something to do with SSL. Just because when i does http://mail.domain.com/oma it prompts me to use https. another thing is i have redirected my home directory to /exchange url. On 9/26/06, Brian Desmond [EMAIL PROTECTED] wrote: Sounds like a communication issue between the frontends and the backends, frontends and global catalogs, etc... Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Monday, September 25, 2006 6:13 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Activesync and OMA not working Hi, Day before yesterday everything was working fine with OMA and Activesync. Users were able to sync from inside and outside site premises. But suddenly it is not working. There were no changes made. only change made was FBA. and its been a week now. I have one FE and 2 BE. Situation is when user is putting in the IP Address of BE instead of FE it works fine in his PPC. But the moment he does it to FE it stops working. Please suggest -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx Sent via the WebMail system at mail.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] Activesync and OMA not working
Hi, I dont have PPC with me right now. But i have an update for you. I am able to access http://mail.domain.com/oma from my desktop but only for mailbox on my BE2 not BE1. I dont know why. What should i do:- Should i ask user to check the box This Server Uses an SSL Connection and also ask him to install certificate. Or should i try to make my OMA Available without SSL. What do you suggest. On 9/26/06, Tony Murray [EMAIL PROTECTED] wrote: Did you try the suggestions that correspond to the error from the link I sent earlier? 1. a. On your Pocket PC 2003-based device, click Start, ActiveSync, Tools, Options, Server and check the box This server uses an SSL connection. 2. On your Smartphone 2003-based device, click Start, ActiveSync, Menu, Options, Server Settings, Connection and check the box This server uses an SSL connection. 3. Verify that host headers are configured correctly. Cheers Tony -- Original Message -- From: Ravi Dogra [EMAIL PROTECTED] Reply-To: ActiveDir@mail.activedir.org Date: Tue, 26 Sep 2006 06:11:53 +0530 support code 85010004 Your account does not have permission to sync with your current settings. Contact your Microsoft Exchange administrator. On 9/26/06, Tony Murray [EMAIL PROTECTED] wrote: What error code do you see on the mobile device with ActiveSync? I've found this table to be helpful in the past. http://www.pocketpcfaq.com/faqs/activesync/exchange_errors.php Tony -- Original Message -- From: Ravi Dogra [EMAIL PROTECTED] Reply-To: ActiveDir@mail.activedir.org Date: Tue, 26 Sep 2006 05:02:35 +0530 I was able to see Event ID's 1501, 1502 and 1503 on FE. This has something to do with SSL. Just because when i does http://mail.domain.com/oma it prompts me to use https. another thing is i have redirected my home directory to /exchange url. On 9/26/06, Brian Desmond [EMAIL PROTECTED] wrote: Sounds like a communication issue between the frontends and the backends, frontends and global catalogs, etc... Thanks, Brian Desmond [EMAIL PROTECTED] c - 312.731.3132 -Original Message- From: [EMAIL PROTECTED] [mailto:ActiveDir- [EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Monday, September 25, 2006 6:13 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Activesync and OMA not working Hi, Day before yesterday everything was working fine with OMA and Activesync. Users were able to sync from inside and outside site premises. But suddenly it is not working. There were no changes made. only change made was FBA. and its been a week now. I have one FE and 2 BE. Situation is when user is putting in the IP Address of BE instead of FE it works fine in his PPC. But the moment he does it to FE it stops working. Please suggest -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx Sent via the WebMail system at mail.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx Sent via the WebMail system at mail.activedir.org List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] RPC Over HTTPS Problem....
Hi, I am facing a weird problem here is some required information. Frontend - Backend Structure. Exchange with SP2 on Win2k3 SP1 on all Servers. FE1 and BE1 is on a different site, BE2 is on my Site. Configured RPC Over Https on Frontend Server. OWA (SSL) is working fine. Now here is the situation:- I have configured my client for RPC over Https. When client machine tries to establish connection with my Exchange Server it prompts me for User Name and Password. When i am providing my credentials it is not accepting and keeps me prompting for same. Also while doing this when i use Ctrl + Right click on Outlook icon on rightside of taskbar and then selecting connection it never shows me established. It remains on Connecting and tries to connect my BE2 server where my mailbox resides. What could be the possible reason for this? If any other information is required please let me know. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] RPC Over HTTPS Problem....
Hi Bob, Can you please explain how it should be. because i think i have something wrong here related to certificate. Thanks Ravi Dogra On 9/16/06, Robert Rutherford [EMAIL PROTECTED] wrote: The usual issue with that is that the url u r connecting to matches the name on the cert. This must match on internal and external, i.e. u must use split brain or you must config ur firewall to accept that connection on the WAN interface. Rob Robert Rutherford QuoStar Solutions Limited T:+44 (0) 8456 440 331 F:+44 (0) 8456 440 332 M:+44 (0) 7974 249 494 E:[EMAIL PROTECTED] W:www.quostar.com -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: 16 September 2006 00:00 To: ActiveDir@mail.activedir.org Subject: [ActiveDir] RPC Over HTTPS Problem Hi, I am facing a weird problem here is some required information. Frontend - Backend Structure. Exchange with SP2 on Win2k3 SP1 on all Servers. FE1 and BE1 is on a different site, BE2 is on my Site. Configured RPC Over Https on Frontend Server. OWA (SSL) is working fine. Now here is the situation:- I have configured my client for RPC over Https. When client machine tries to establish connection with my Exchange Server it prompts me for User Name and Password. When i am providing my credentials it is not accepting and keeps me prompting for same. Also while doing this when i use Ctrl + Right click on Outlook icon on rightside of taskbar and then selecting connection it never shows me established. It remains on Connecting and tries to connect my BE2 server where my mailbox resides. What could be the possible reason for this? If any other information is required please let me know. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] DNS Entries --Laptop Users--
No, Laptop Users are getting IP Addresses from my VPN Box and when they are on site its DHCP. On machines Register in DNS option Is checked, hence machines are attempting to register its own records in DNS. Although i have made my LAN DHCP to register only its Clients in DNS. Credentials used are abviously my Administrator Account. But Al, The Issue we had is laptop users are using LAN DHCP as well as using VPN Connection from home. Both are getting registered in My DNS with different IP. Which is obvious. But the thing is SOPHOS gave us this as one of the reasons for my laptop machines not showing in Sophos Enterprise Console because it uses DNS to build existing machines list. Now everything is working fine and this reason was totally not applicable. but still there are other machines which are only in our network using only my LAN DHCP and are not showing up in EC. Sophos Support team is working on this. Thanks and Regards Ravi Dogra On 9/13/06, Al Mulnick [EMAIL PROTECTED] wrote: I swear this is the last question and then I'll make a suggestion. :) Is the DHCP server that the remote clients are getting their ip addr's from the same as the one that you are using for lan connected clients? You are obviously allowing the user's machine to update it's own records, but is that consistent or is the DHCP server on the lan registering the records for you possibly under a different set of credentials or in a different zone? On 9/11/06, Ravi Dogra [EMAIL PROTECTED] wrote: yes its correct. No we have mobile users.. On 9/11/06, Al Mulnick [EMAIL PROTECTED] wrote: Besides the obvious of telling Sophos to adjust their management to deal with this, here's what I understand of your problem to date. VPN clients that are also trusted network clients (i.e. mobile users that traverse both trusted and non-trusted networks can end up with seemingly duplicate entries for the same device but different ip addresses. This confuses some antivirus management applications and presumably some management applications such as SMS or similar class of app, that rely on reverse name resolution. Is that correct? Do you have workers that are remote-based only? Al On 9/8/06, Ravi Dogra [EMAIL PROTECTED] wrote: According to Sophos Support if one host has 2 DNS Entries, Sophos Enterprise Manager might not be able to detect this Host and auto update will also dont work. As you know jolly;- We are in process of migration from Trend to Sophos as our Antivirus Solution. Working on a solution will update soon. Thanks Ravi Dogra On 9/8/06, Jaspreet Singh [EMAIL PROTECTED] wrote: Ravi, As Rob said, If your VPN box is forwarding requests to your internal network the your DNS will automatically update the records according to the new IP which in your case is x.x.5.x. Can you explain exactly what is the problem that you are facing due to this? Regards, Jaspreet Singh Jolly On 9/7/06, Al Mulnick [EMAIL PROTECTED] wrote: 1. I Didnt understand what exactly u r asking? 2. Yes DHCP Is configured properly. That's not what I asked. I asked if it's updating the records for the device or is it letting the devices update their own? Al On 9/6/06, Ravi Dogra [EMAIL PROTECTED] wrote: 1. I Didnt understand what exactly u r asking? 2. Yes DHCP Is configured properly. 3. Yes it is running on DC 4. No, not running any other credential. 5. VPN Machine is entirely a different BOX on other site. 6. It doesnt register in my DNS. (Will extract other information from Site B Admin) update you very soon... Thanks RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Regards, Jaspreet Singh Jolly -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any
Re: [ActiveDir] DNS Entries --Laptop Users--
Al this in not a priority for us now. Earlier i was unaware of our VPN Box settings thats why i was a bit confuse about why these machines are registring there own records in my DNS. Also i am not going to uncheck Register in DNS check box on Client machine as this is not required as if now. I have already set lease period as per our organizational requirement so, again i will not do any change unless it is a must required thing to do. Al i would surely want to have a look on KB you refered to. If possible, do me this favor. Thanks for all your help!!! Ravi Dogra On 9/14/06, Al Mulnick [EMAIL PROTECTED] wrote: Personally, for a shop with more than 30 machines I wouldn't recommend this approach. DHCP half-life registrations would start to fly all over the place. That and the DHCP server is not registering for the remote users. On 9/13/06, Matt Hargraves [EMAIL PROTECTED] wrote: I'm not s huge DNS geek, so I'm not sure whether you can do this, but can't you just set the DHCP to have a short expiration (1 hour?) and it will unregister the 'old' entry for a machine? There would be a small amount of vulnerability, but it would go away after the client's reservation expires. On 9/13/06, Ravi Dogra [EMAIL PROTECTED] wrote: No, Laptop Users are getting IP Addresses from my VPN Box and when they are on site its DHCP. On machines Register in DNS option Is checked, hence machines are attempting to register its own records in DNS. Although i have made my LAN DHCP to register only its Clients in DNS. Credentials used are abviously my Administrator Account. But Al, The Issue we had is laptop users are using LAN DHCP as well as using VPN Connection from home. Both are getting registered in My DNS with different IP. Which is obvious. But the thing is SOPHOS gave us this as one of the reasons for my laptop machines not showing in Sophos Enterprise Console because it uses DNS to build existing machines list. Now everything is working fine and this reason was totally not applicable. but still there are other machines which are only in our network using only my LAN DHCP and are not showing up in EC. Sophos Support team is working on this. Thanks and Regards Ravi Dogra On 9/13/06, Al Mulnick [EMAIL PROTECTED] wrote: I swear this is the last question and then I'll make a suggestion. :) Is the DHCP server that the remote clients are getting their ip addr's from the same as the one that you are using for lan connected clients? You are obviously allowing the user's machine to update it's own records, but is that consistent or is the DHCP server on the lan registering the records for you possibly under a different set of credentials or in a different zone? On 9/11/06, Ravi Dogra [EMAIL PROTECTED] wrote: yes its correct. No we have mobile users.. On 9/11/06, Al Mulnick [EMAIL PROTECTED] wrote: Besides the obvious of telling Sophos to adjust their management to deal with this, here's what I understand of your problem to date. VPN clients that are also trusted network clients (i.e. mobile users that traverse both trusted and non-trusted networks can end up with seemingly duplicate entries for the same device but different ip addresses. This confuses some antivirus management applications and presumably some management applications such as SMS or similar class of app, that rely on reverse name resolution. Is that correct? Do you have workers that are remote-based only? Al On 9/8/06, Ravi Dogra [EMAIL PROTECTED] wrote: According to Sophos Support if one host has 2 DNS Entries, Sophos Enterprise Manager might not be able to detect this Host and auto update will also dont work. As you know jolly;- We are in process of migration from Trend to Sophos as our Antivirus Solution. Working on a solution will update soon. Thanks Ravi Dogra On 9/8/06, Jaspreet Singh [EMAIL PROTECTED] wrote: Ravi, As Rob said, If your VPN box is forwarding requests to your internal network the your DNS will automatically update the records according to the new IP which in your case is x.x.5.x. Can you explain exactly what is the problem that you are facing due to this? Regards, Jaspreet Singh Jolly On 9/7/06, Al Mulnick [EMAIL PROTECTED] wrote: 1. I Didnt understand what exactly u r asking? 2. Yes DHCP Is configured properly. That's not what I asked. I asked if it's updating the records for the device or is it letting the devices update their own? Al On 9/6/06, Ravi Dogra [EMAIL
Re: [ActiveDir] DNS Entries --Laptop Users--
yes its correct. No we have mobile users.. On 9/11/06, Al Mulnick [EMAIL PROTECTED] wrote: Besides the obvious of telling Sophos to adjust their management to deal with this, here's what I understand of your problem to date. VPN clients that are also trusted network clients (i.e. mobile users that traverse both trusted and non-trusted networks can end up with seemingly duplicate entries for the same device but different ip addresses. This confuses some antivirus management applications and presumably some management applications such as SMS or similar class of app, that rely on reverse name resolution. Is that correct? Do you have workers that are remote-based only? Al On 9/8/06, Ravi Dogra [EMAIL PROTECTED] wrote: According to Sophos Support if one host has 2 DNS Entries, Sophos Enterprise Manager might not be able to detect this Host and auto update will also dont work. As you know jolly;- We are in process of migration from Trend to Sophos as our Antivirus Solution. Working on a solution will update soon. Thanks Ravi Dogra On 9/8/06, Jaspreet Singh [EMAIL PROTECTED] wrote: Ravi, As Rob said, If your VPN box is forwarding requests to your internal network the your DNS will automatically update the records according to the new IP which in your case is x.x.5.x. Can you explain exactly what is the problem that you are facing due to this? Regards, Jaspreet Singh Jolly On 9/7/06, Al Mulnick [EMAIL PROTECTED] wrote: 1. I Didnt understand what exactly u r asking? 2. Yes DHCP Is configured properly. That's not what I asked. I asked if it's updating the records for the device or is it letting the devices update their own? Al On 9/6/06, Ravi Dogra [EMAIL PROTECTED] wrote: 1. I Didnt understand what exactly u r asking? 2. Yes DHCP Is configured properly. 3. Yes it is running on DC 4. No, not running any other credential. 5. VPN Machine is entirely a different BOX on other site. 6. It doesnt register in my DNS. (Will extract other information from Site B Admin) update you very soon... Thanks RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Regards, Jaspreet Singh Jolly -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] DNS Entries --Laptop Users--
Jolly, I was not sure abt how VPN Box was configured and as i had a word with Prashant boss, it is not configured for updating records to our DNS. I will talk to Prashant boss abt ths. But the thing is i can see 2 DNS records for one host. One is for VPN and the other one is for Wireless IP Address for the Host. Al, It is letting the device update their own record to DNS. Thanks Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] DNS Entries --Laptop Users--
1. I Didnt understand what exactly u r asking? 2. Yes DHCP Is configured properly. 3. Yes it is running on DC 4. No, not running any other credential. 5. VPN Machine is entirely a different BOX on other site. 6. It doesnt register in my DNS. (Will extract other information from Site B Admin) update you very soon... Thanks RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] DNS Entries --Laptop Users--
Hi, Problem is i have 2 different records of each laptop (Using VPN Connection) in my DNS. I have secure updates configured in my DNS Conf. we are using DHCP. Laptop users getting a specific VLAN IP Address for there wireless connection which is getting registered in my DNS. This is good. But the Problem is that when these Laptop users login from home using VPN, they get a new IP Address from my VPN Box which is also getting registered in my DNS. I have no clue why this is happening. i m suspecting on DNS conf on local machine under Advanced Tcp Ip settings. I am not sure i am heading right way or not. here is the snapshot attached for same. -- RD attachment: DNS.JPG
Re: [ActiveDir] All Accounts Locket Out -- Including Domain Admin
Hi, No - not exactly but something else misfired. U Know better. Thanks Ravi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] All Accounts Locket Out -- Including Domain Admin
Hi Nitin / Jolly, I have reviewed event logs then and there when problem arised. I found very vital information and problem was resolved before i left for the day this morning. Nice to hear from both of you. This is a precious mail for me now. Jolly, You are always very helpful and this time there are no scripts misfiring :-) you know i run scripts when you were in shift. LOL :-) Nitin keep writing me. Everyone here is doing gr8. Thanks List for the best support. Thanks and Regards Ravi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] All Accounts Locket Out -- Including Domain Admin
Hi, I have a critical situation here. Suddenly all domain accounts locked out including domain admins account. What should i do? Is there any information which could be helpful. Thanks -- Ravi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] All Accounts Locket Out -- Including Domain Admin
Hi, Some how i was able to login using Enterprise admin account. But situation is still same. I have a few querries Is it possible that i am under attack? I have only those users locked out who were logged in. Thanks List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] All Accounts Locket Out -- Including Domain Admin
Hi, As of now everything is working fine. Checking security logs. Will update on the list. Thanks Ravi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] Event ID 20 :: KDC Certificate Error ::
Hi All, I am getting Event ID 20 :: KDC Error :: The currently selected KDC certificate was once valid, but now is invalid and no suitable replacement was found. Smartcard logon may not function correctly if this problem is not remedied. Have the system administrator check on the state of the domain's public key infrastructure. The chain status is in the error data. I dont know how this is affecting or will affect as these are warning messages. What is the impact? I can see my Certificate is still valid. What could be the possible reason. I have installed a Enterprise CA a long time back and since then i can see this error every approx. 10 hours. (I think i did something wrong) Should id delete the previous Certificate and then issue a new certificate. I am a bit confused. (Thinking of doing it in a test enviornment first) Sure i dont want to ignore these errors and Fix them ASAP. Kindly Suggest how can i get rid of this. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
Re: [ActiveDir] RDP Over SSL (No Security tab in Client)
Thanks, I have acheived by making a copy of mstsc.exe and mstscax.dll from windows2k3 sp1 box and placing it in a different folder of client other than system32. Registered the dll and this fixed the problem. Thanks Again, Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.activedir.org/ml/threads.aspx
[ActiveDir] DCQuery + Remote Site
Hi, I have one DC and 2 ADC's. 1. DC 2. 1ADC 3. 2ADC DC and 1ADC exists on my local network. whereas 2ADC is on remote site. My DC has all 5 Roles + DNS + DHCP. Now issue is that when i am running DSQuery for any thing it gives me answere from 2ADC. Which is ofcourse time consuming. All connections during this query are TCP. My question is Why is it querying 2ADC when i have DC and 1ADC at my local site? At times my MMC Snap in for ADUC takes a lot of time. I can understand that. also this is now a performance and network bandwidth utilization issue for us. Kindly suggest what i can do to resolve the issue. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Can We configure Romaing Profiles using Script
Hi Champs, Can we configure Roaming Profiles using Script. I am in need of this because we are migrating to ThinClient and want all our users to have a Roaming Profile. Kindly update if there is a way out. i have 3 days with me to comeup with a solution. I Know someone there has a solution. We have Win2k3 DC's and Windows XP Embedded (ThinClients). -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] logging users out
Ulf is correct. Just create a logon script and you can do what you want to. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Can We configure Romaing Profiles using Script
Hi Ulf, I want to minimize the effort to accomplish this task. i dont want to configure it for each and every user one by one. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Can We configure Romaing Profiles using Script
One more Question i have is related to Thinclient deployment. We are using Wyse. and have windows xp embedded. now the problem is when user logs on to the thin client and tries to open Microsoft Document Imaging it starts configuring which is unsuccessfull as users dont have priviledges. and then the error is ignored. User can now use Document Imaging to view Tiff files. but the thing is that whenever he logs off and logs back in this happens again. i know its just because its not getting configured as users profile gets flushed back at the time of logoff. so nothing is saved for him or anybody accept administrator as he have a local profile on machine saved. I think there is some problem with the Image we have. XP Embedded. Kindly Update. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Can We configure Romaing Profiles using Script
Thanks, i am already in touch with concerned people. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] 1025/tcp open NFS-or-IIS
Hi, I will preffer not to play with this one. Actually what i was doing is to restrict a server to open only the required ports as per its role. and in this case i was not so sure about this Port. Actually i have been given the task to harden the servers we have. :: Kinldy update me if you have any suggestions to harden the servers. what all topics i should cover? etc. Thanks and Regards Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] 1025/tcp open NFS-or-IIS
Hi, Just wanted to know what is this and how disabling or enabling it can affect my DC? -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] LDAP and Global Catalog
Hi all, Please update me that on which port communication between LDAP and Global Catalog takes place. -- RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] LDAP and Global Catalog
Please explain... Wht abt port 389 and 636. and GC at 3268. i m a bit confused here -- RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] USB Detection in my Network
Hi All, Is thr any way by which i can check for USB Enabled PCs in my Network. I have been given a task to generate a report for any kind of Vulnerability. Thanks in advance. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] WinXP activation problem
Thanks Amit, I remember it was You who created those images and used sysprep and all. thanks for revealing the usage of 30 day trial version installation. Hope, will get some more such expert comments from your side. Thanks and Regards Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] ID Locket Out when Accessing DC
I have a situation, where i am using my enterprise admin id to access my DC through UNC Path. But everytime i try to do so this enterprise admin id gets locked out. Wht could be the possible reason for this. I have win2k3 enviornment. -- RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] securing win2k3 servers
Hi, kindly suggest what should i do to secure my windows 2k3 servers. DC and Member servers. I want to know that how can i make my win2k3 servers more secure. -- RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] securing win2k3 servers
And do i only need to run MBSA for analysing security. Should i do some thing else also. -- RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Disable inactive accounts
Hi All, Kindly suggest a way out to disable incative user accounts in my domain. I have been given a task to automate disabling of domain user accouts not used past 4 weeks. Thanks RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Disable inactive accounts
I have Win2k3 servers with latest updates. i have no worry about that. Yes offcourse i will exclude service accounts and my external users from such list. i have some such clients too. But the thing is that how can i do this? Is there anyone who has succesfully automated the process of disabling inactive accounts. can any one help with that. Thanks RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Disable inactive accounts
Joe tool is the best one. Thanks to tomasz and all. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Disable inactive accounts
yes sure. sem you can mail this to me. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Browser Election on Network.
I have already pushed a policy for disabling browser service on all my desktops. I have windows 2003 server as my DC and windows 2000 and XP as my clients. now how is it possible for a xp or 2k machine to override server 2k3 browser master. Please suggest what should be done to resolve the issue. Thanks Ravi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] NTP response for peer ERROR
This belongs to windows 2000/xp client machine. Also please update me on how ideally NTP works in a domain. Thanks Ravi List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Browser Election on Network.
Hi, I am getting this information on my server. and also some same errors in which another machine is mentioned which is a part of my network. I dont understand what is it. This information is on my domain event log. The browser has forced an election on network \Device\NetBT_Tcpip_{D33D619B-DFF0-44EB-9296-4391B16FC1DA} because a Windows Server (or domain master) browser is started. What should i do about this. Also i have some other logs but will discuss them later. Thanks RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] NTP response for peer ERROR
Hi, Please suggest what should i do to avoid such type of warnings. The time provider NtpServer encountered an error while digitally signing the NTP response for peer NID.NID.NID.HOST:. NtpServer cannot provide secure (signed) time to the client and will ignore the request. The error was: The specified user does not exist. (0x80070525) Thanks in advance RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] NTP response for peer ERROR
No i have till now 8 such machines. I have a DC installed in my organiation with windows 2000 and xp clients. i have seen out of 8 machines 6 machines are windows 2000 clients and only 2 are windows xp client. Suggest what should i do. I have no idea about about setting them to point to the server for their time sync? Is it required in my domain environment. If yes, Kindly explain. Thanks RD List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Browser Election on Network.
Yes event id is 8015. Yes this Box is a DC in my Network. That is what makes me worry. why would a client machine win an election for Network Browser master. Here is another log where test2k machine is mentioned which is a part of my network but not a domain. The browser service was unable to retrieve a list of servers from the browser master \\TEST2K on the network \Device\NetBT_Tcpip_{7EBB45F1-FC6F-4892-94AE-EB8C6755B373}. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] NTP response for peer ERROR
But for now how could i resolve the issue should i disjoin the machines and rejoin them to my domain. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] DNS Problem please help
Hi All, Need your help for troubleshooting my DNS Server which is also my DC. I have an ADC also which is working fine but unfortunately DNS is not updated. Current scenario is :- Nslookup says:-primary dns non existance domain. Event Viewer says:- replication is not working for me. Please help what should i check to resolve the issue. if any further information is required please revert ASAP. RD
Re: [ActiveDir] DNS Problem please help
Yes forward zone is created for my domain and all folders are there. stopping netlogon is also not resolving the issue.
Re: [ActiveDir] user log on to only one workstation at a time
Hey steve, Thanks but here is a short discription what i want. By shadow i mean that can i take control on a users session. For say if i want to take control of a user facing some problem which can be resolved if i can see his desktop on my workstation. i just wanted to shadow or take control on users SESSION. notusing IP with VNC or Dameware. Thanks and Regards Ravi Dogra On 9/30/05, Steve Linehan [EMAIL PROTECTED] wrote: As far as success there are many enterprise customers leveraging this utility and it went through several rounds of beta testing before being released. It was written to replace the resource kit utility cconect.exe as a more reliable and scalable tool. As far as administration the tool has a nice MMC console. I am not sure what you mean by shadow in this context so I can not answer that question. Thanks, -Steve From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ravi DograSent: Friday, September 30, 2005 7:41 PMTo: ActiveDir@mail.activedir.orgSubject: Re: [ActiveDir] user log on to only one workstation at a time Hey Steve, Thanks dear but please help me out and tell me the scope of success when using this utility. is this reliable? what about administration, is it easy or will become hard? is it possible that i can shadow any user in organization? Thanks again! On 9/29/05, Steve Linehan [EMAIL PROTECTED] wrote: Take a look at limitlogon that is described in this article: http://www.microsoft.com/technet/technetmag/issues/2005/05/UtilitySpotlight/default.aspx. It also has a link to download the tool. Thanks, -Steve From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ravi DograSent: Thursday, September 29, 2005 8:31 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] user log on to only one workstation at a time How can i restrict some or all domainUsers to Log on toonly one (any one) workstation at a time. Thanks in advance guys -- Ravi Dogra9899647200This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. -- Ravi Dogra9899647200This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. -- Ravi Dogra9899647200This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person.
Re: [ActiveDir] user log on to only one workstation at a time
Hey Steve, Thanks dear but please help me out and tell me the scope of success when using this utility. is this reliable? what about administration, is it easy or will become hard? is it possible that i can shadow any user in organization? Thanks again! On 9/29/05, Steve Linehan [EMAIL PROTECTED] wrote: Take a look at limitlogon that is described in this article: http://www.microsoft.com/technet/technetmag/issues/2005/05/UtilitySpotlight/default.aspx. It also has a link to download the tool. Thanks, -Steve From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Ravi DograSent: Thursday, September 29, 2005 8:31 PMTo: ActiveDir@mail.activedir.orgSubject: [ActiveDir] user log on to only one workstation at a time How can i restrict some or all domainUsers to Log on toonly one (any one) workstation at a time. Thanks in advance guys -- Ravi Dogra9899647200This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. -- Ravi Dogra9899647200This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person.
[ActiveDir] user log on to only one workstation at a time
How can i restrict some or all domainUsers to Log on toonly one (any one) workstation at a time. Thanks in advance guys -- Ravi Dogra9899647200This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person.
[ActiveDir] Child Domain
Hi, Here is the situation:I have 2 different domains all together. No Trustingnnothing, except ISDN connection. Physical network connectivity only. Now what management wants is to make the domain 2 a child of domain 1. Please suggest a better idea for them or a solution..!!! what basically they want is to be able to manage both site users from a single point and can do it effectively. Thanks in advance... -- RD
Re: [ActiveDir] Child Domain
I will go with option 2 Jorge. But can u explain the effect on User Local Profiles for users on domain 2 when they are migrated to child domain. I am new to this organisation and i have no idea about why they have 2 AD's. Regards RD
Re: [ActiveDir] Child Domain
Since domain2 is on remote site and we have not desktop support over there i dont want to mess up with user profiles. Please suggest. Thanks to you all.. -- RD
Re: [ActiveDir] RDP
I don't think anybody will be against it. But the thing is that you can make such connections more secure by modifying Registry and configuring it to work on some other port. using default port is an open invitation for bad guys. Well i am taking all benefits out of it. Rest is up to you. On 8/16/05, Tom Kern [EMAIL PROTECTED] wrote: Does anyone know of any articles from MS that advise for or againsthaving term services kept on a win2k3 DC? Does anyone on this list turn it off on DC's?Should I leave it on?thanksList info : http://www.activedir.org/List.aspxList FAQ: http://www.activedir.org/ListFAQ.aspxList archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] RRAS pptp issue
Hi Please check your ADSL equipment. There may be some issue with this equipment. you can check it by using this equipment on some other user or you can swap this equipment with any other working equipment. -- DR
[ActiveDir] Proxy Problem
Hi All,I was told to edit GPO for an OU so that users should not be able to access any of the websites accept 2 which are required. I provided a 172.0.0.1 ip and port 80 as proxy address and just bypass the address of those 2 required websites.But here is when i faced a problem. Both sites are opening for the users but when theytry to login (which is a secured link), user gets an error message. the link is https://.xxx/login.jsp This VLAN is totally open for Internet. I did a solution but i am not satisfied with that. that allows other such sites also.Kindly Suggest.-- DR
Re: [ActiveDir] Windows 2000 DC Hardening
Thanks Guys, Lets see how much i can gain out of this. -- DR On 6/14/05, Rick Kingslan [EMAIL PROTECTED] wrote: Though I know that there will be as many opinions as people on this list as to the subject, my preference is from Microsoft themselves. They have developed a very comprehensive Security Configuration guide which includes templates that mimic the best practices from the guide, as well as other job aids to help you get the job done. Find the guides here: http://www.microsoft.com/technet/security/prodtech/windowsserver2003.mspx http://www.microsoft.com/technet/security/prodtech/windows2000.mspx Or, for the whole set, look here under Security Products and Technologies http://www.microsoft.com/technet/Security/default.mspx Make no mistake - I won't take away from the NSA guides, SANS, or any of the other very reputable sources for guidance in this subject. However, I've had complete success with the above referenced guides. Rick -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Monday, June 13, 2005 8:15 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Windows 2000 DC Hardening Hi List, I have been doing my part of job without hardning my servers till now (I know thats very bad). But i realise that server hardning is must and will definately inhance my profile. I just need a quick help on it. if someone can guide me on the same. i have some documentations also but i need expert comments on this topic. -- DR List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Last Logon attempts
Hi, Can we have a last logon consolidated report for all my users. I need collective information about last logons of all my users. Can anyone suggest any easy way. -- DR List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Last Logon attempts
Hi Tony, What i need is a consolidated report for all users, not a single user. If there is a third party solution then let it be. -- DR On 6/15/05, Tony Murray [EMAIL PROTECTED] wrote: Hi Ravi There's a good explanation and script (using lastLogonTimeStamp) shown here: http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon.mspx Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Wednesday, 15 June 2005 11:39 a.m. To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Last Logon attempts Hi, Can we have a last logon consolidated report for all my users. I need collective information about last logons of all my users. Can anyone suggest any easy way. -- DR List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail message has been scanned for Viruses and Content and cleared by NetIQ MailMarshal at Gen-i Limited # This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank You. Please note that this communication does not designate an information system for the purposes of the NZ Electronic Transactions Act 2002. This email was scanned and cleared by NetIQ MailMarshal at Gen-i Limited. # List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Last Logon attempts
Thanks Joe, I got the message. will deffinately try to avoid any such machanish which is not healthy. -- DR On 6/15/05, joe [EMAIL PROTECTED] wrote: Tony pointed you to a lesson on fishing. Once you understand how to get the info for one user, you can expand it to get all. I haven't looked at that article closely but hopefully it talks about some of the shortcomings. Short and sweet there is no guaranteed mechanism to perfectly get last logon report for users. There are multiple mechanisms to try and get the data but nothing is completely full proof, some logons don't get get tracked (such as LDAP Simple Binds) and some mechanisms require you to query every single DC for every single user and some mechanisms can be as much as a week out of date for the last logon. The easiest mechanism is the lastLogonTimeStamp mechanism available in Windows Server 2003. It is 7 days out of date at worst by default because it doesn't track every logon for every user, only specific logons and of those it only updates the values every 7 days (again by default). It is though, by far the easiest mechanism and only requires querying one DC per domain. You can get the output like this (all one line) adfind -b dc=domain,dc=com -tdc -f (objectcategory=person)(lastlogontimestamp=*) lastlogontimestamp Any other mechanism will require querying every DC in a domain and collecting info for every user OR doing something with logon scripts. They will all have their issues and again, none of the mechanisms are foolproof so keep that in mind. The mechanisms behind logon/authentication is a bit different in the Windows world than it is in some of the other Oses. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Tuesday, June 14, 2005 8:09 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] Last Logon attempts Hi Tony, What i need is a consolidated report for all users, not a single user. If there is a third party solution then let it be. -- DR On 6/15/05, Tony Murray [EMAIL PROTECTED] wrote: Hi Ravi There's a good explanation and script (using lastLogonTimeStamp) shown here: http://www.microsoft.com/technet/scriptcenter/topics/win2003/lastlogon .mspx Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Wednesday, 15 June 2005 11:39 a.m. To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Last Logon attempts Hi, Can we have a last logon consolidated report for all my users. I need collective information about last logons of all my users. Can anyone suggest any easy way. -- DR List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ ## ## This e-mail message has been scanned for Viruses and Content and cleared by NetIQ MailMarshal at Gen-i Limited ## ## ## ### This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank You. Please note that this communication does not designate an information system for the purposes of the NZ Electronic Transactions Act 2002. This email was scanned and cleared by NetIQ MailMarshal at Gen-i Limited. # List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail
[ActiveDir] Windows 2000 DC Hardening
Hi List, I have been doing my part of job without hardning my servers till now (I know thats very bad). But i realise that server hardning is must and will definately inhance my profile. I just need a quick help on it. if someone can guide me on the same. i have some documentations also but i need expert comments on this topic. -- DR List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Server Image Pushing Using Ghost Cast Server and DHCP
Hi All, I have a question? Can i have an ghost image for my server and if in a situation of server crash i can rebuild it using ghost image. But this all is to be done remotely, so i dont have any physical access to the server. Can i have another server configured as dhcp so that i can run this image through PXE boot. and the some how i can run ghost cast server to push image to this machine. I am a little confused. But i am sure if it works than recovering a server will be less time consuming job for me. I have this as a backup option which i have to plan for our new site. -- DR List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Time Synchronization IST and PST
Hi All, I have been told to configure Time Synchronization of machines with IST or PST on basis of user logon. and i dont have any clue from where to start. Help Required -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Reading BIOS Information
Hi senthil, Give me a call. I think we have some more topics to discuss. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] DFS and Bandwidth
Hi All. I have a question about DFS. Does DFS will use maximum of my bandwidth? If it is so, than how can i take benifit of DFS without Compromising bandwidth utilization. (also what can i do about DFS Replication for best network performance) I have over 50 shares. Kindly Suggest. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] DFS and Bandwidth
Thanks This means DFS should work fine for me. I Need not to think much as i have no big requirements of shares on my network the data is hardly 55GB. and an assumption is that my shared data is updated by around 5% everyday (approx 25mb). On 6/7/05, Joe Pochedley [EMAIL PROTECTED] wrote: 50 shares means nothing... How much data do you have to replicate and how much data do you expect to change for each replication cycle? How many DFS partners and what size pipe(s) do you have between them? What type of data do you wish to replicate and how often? There's a big difference, say if you have 100GB and 50% changes on a daily basis or if you have 1,000GB where .1% changes on a daily basis. Joe Pochedley A computer terminal is not some clunky old television with a typewriter in front of it. It is an interface where the mind and body can connect with the universe and move bits of it about. -Douglas Adams -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Monday, June 06, 2005 3:33 PM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] DFS and Bandwidth Hi All. I have a question about DFS. Does DFS will use maximum of my bandwidth? If it is so, than how can i take benifit of DFS without Compromising bandwidth utilization. (also what can i do about DFS Replication for best network performance) I have over 50 shares. Kindly Suggest. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Background Intelligent Transfer Service (BITS) service doesn't start
Hi All, I have a very specific problem I need help with. Automatic updating is partly working: the critical updates are recognized, but never downloaded, because the Background Intelligent Transfer Service (BITS) service won't start on this PC. When I try to start it, I get this error message: Windows could not start the Background Intelligent Transfer Service on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code -2147024893. When I look in the Event Log, I see this error message from the Service Control Manager: The Background Intelligent Transfer Service service terminated with service-specific error 2147942403. And as a result i am unable to install adminpack for windows2000 server. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: [ActiveDir] Background Intelligent Transfer Service (BITS) se rvice doesn't start
Hi Tony, Thanks a Ton its working fine Now. -- Ravi Dogra On 6/7/05, Tony Murray [EMAIL PROTECTED] wrote: Hi Ravi From the microsoft.public.windows.backgroundtransfer newsgroup: It appears that you do not have the following directory on your machine: %ALLUSERPROFILE%\Application Data\Microsoft\Network Create this directory and then do a 'net starts bits'. Tony -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ravi Dogra Sent: Tuesday, 7 June 2005 10:27 a.m. To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Background Intelligent Transfer Service (BITS) service doesn't start Hi All, I have a very specific problem I need help with. Automatic updating is partly working: the critical updates are recognized, but never downloaded, because the Background Intelligent Transfer Service (BITS) service won't start on this PC. When I try to start it, I get this error message: Windows could not start the Background Intelligent Transfer Service on Local Computer. For more information, review the System Event Log. If this is a non-Microsoft service, contact the service vendor, and refer to service-specific error code -2147024893. When I look in the Event Log, I see this error message from the Service Control Manager: The Background Intelligent Transfer Service service terminated with service-specific error 2147942403. And as a result i am unable to install adminpack for windows2000 server. -- Ravi Dogra List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail message has been scanned for Viruses and Content and cleared by NetIQ MailMarshal at Gen-i Limited # This communication, including any attachments, is confidential. If you are not the intended recipient, you should not read it - please contact me immediately, destroy it, and do not copy or use any part of this communication or disclose anything about it. Thank You. Please note that this communication does not designate an information system for the purposes of the NZ Electronic Transactions Act 2002. This email was scanned and cleared by NetIQ MailMarshal at Gen-i Limited. # List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ -- Ravi Dogra 9899647200 This e-mail, together with any attachments, is confidential. It may be read, copied and used only by the intended recipient. If you have received it in error, please notify the sender immediately by e-mail or telephone. Please then delete it from your computer without making any copies or disclosing it to any other person. List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
[ActiveDir] Accounts Locked
I faced a big problem last night my all user accounts including administrator account was locked out and nothing was happening. But after some time everything was working fine. What could be the possible reason for this? Suggest List info : http://www.activedir.org/List.aspx List FAQ: http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Re: FW: RE: [ActiveDir] AD Rep Mon TOOL
Yes Thanks, i will confirm n see what he wanted to ask. Thanks Again. Ravi On Sun, 31 Oct 2004 Robert Rutherford wrote : From: Robert Rutherford Sent: Sat 30/10/2004 22:39 To: Ravi Dogra Subject: RE: RE: [ActiveDir] AD Rep Mon TOOL His question doesn't really make sense. I would only ever link transport medium in IT to something like data comms, i.e. fiber and copper are transport mediums. Perhaps he is unclear and means IP ports? I don't know, perhaps you should ask him to elaborate. In what context did he ask you? BR Rob From: Ravi Dogra [mailto:[EMAIL PROTECTED] Sent: Sat 30/10/2004 22:33 To: [EMAIL PROTECTED] Cc: Robert Rutherford Subject: Re: RE: [ActiveDir] AD Rep Mon TOOL Yes Rob, Thats what is confusing me. Somebody asked me about this and i was really thinking just like u. any guess about what the gentelman wanted to ask me this is the same phrase which he used. Ravi On Sun, 31 Oct 2004 Robert Rutherford wrote : Hi Ravi, Where are you coming from with this? Could you rephrase the question? BR Rob From: [EMAIL PROTECTED] on behalf of Ravi Dogra Sent: Sat 30/10/2004 22:18 To: [EMAIL PROTECTED] Subject: [ActiveDir] AD Rep Mon TOOL Hi All, I want to know about is there anything like :- Active Directory Replication Monitoring Tool Transport Medium??? I am a bit confused Thanks in advance. Ravi Dogra http://clients.rediff.com/signature/track_sig.asp http://clients.rediff.com/signature/track_sig.asp
[ActiveDir] AD Rep Mon TOOL
Hi All, I want to know about is there anything like :- Active Directory Replication Monitoring Tool Transport Medium??? I am a bit confused Thanks in advance. Ravi Dogra
Re: RE: [ActiveDir] AD Rep Mon TOOL
Yes Rob, Thats what is confusing me. Somebody asked me about this and i was really thinking just like u. any guess about what the gentelman wanted to ask me this is the same phrase which he used. Ravi On Sun, 31 Oct 2004 Robert Rutherford wrote : Hi Ravi, Where are you coming from with this? Could you rephrase the question? BR Rob From: [EMAIL PROTECTED] on behalf of Ravi Dogra Sent: Sat 30/10/2004 22:18 To: [EMAIL PROTECTED] Subject: [ActiveDir] AD Rep Mon TOOL Hi All, I want to know about is there anything like :- Active Directory Replication Monitoring Tool Transport Medium??? I am a bit confused Thanks in advance. Ravi Dogra http://clients.rediff.com/signature/track_sig.asp
Re: RE: [ActiveDir] AD Restoring In Different Hardware.
Dear R/Bill Thanks for your help. sorry for a delayed reply. I was also trying it on a test bed. well, delay is because of my accident. Your co-operation was Awesome thanking you all. Ravi Dogra On Thu, 19 Aug 2004 Brown,Bill[contractor] wrote : Ravi, I am by no means an expert as compared to some others on this list - but the below process has worked in test bed: The scenario described here does a full restore of a COMPAQ server to a Dell PC. The typical problem in this scenario is that after the basic build, the PC is subjected to a non-authoritative restore, which will attempt to load drivers present for the COMPAQ server that was originally backed up. The drivers do not have the appropriate hardware to talk to and the re-boot process will hang. 1. build Dell PC with W2K standalone server and SP4 on a C:\ partition that is equal to or greater than the original partition of the backed up server. 2. boot into recovery mode and do a non-authoritative restore. NT Backup or Backup Exec will work just fine, depending on the location of the files/tapes to be used in the restore process. 3. if attempting to run NTDSUTIL and set as authoritative, an error will most likely occur. 4. re-boot into safe mode with no network [full boot or directory recovery boot will hang]. 5. use the W2K CD and do an in-place upgrade 6. re-boot all the way up 7. re-boot into the directory recovery mode 8. run NTDSUTIL and set as authoritative 9. re-boot into normal mode 10.re-apply previous service pack Some of the problems [not all inclusive] that may be encountered during this process are the lack of proper recovery for the TCP/IP stack and File Replication Services with respect to the linked directories supporting SYSVOL. If the server recovered exhibits a failed TCP/IP stack, the procedures in http://support.microsoft.com/?id=329871 Describe how to remove the failed stack and re-apply. If the server recovered exhibits linked directory issues with file replication, the Server Resource Kit tool LINKD.exe may be employed to create, delete, update, and view the links that stored in the junction points. R/Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Ravi Dogra Sent: Wednesday, August 18, 2004 6:23 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] AD Restoring In Different Hardware. Dear all, I will really appreciate if someone can share some information to enhance my Knowledge about AD Restoration in a different hardware. Problem is i want to Restore my AD to a different harware. But i m unable to do it. Is it Possible to Do so? Kindly show me the way out... Thanking You All. Ravi Dogra. http://clients.rediff.com/signature/track_sig.asp
[ActiveDir] AD Restoring In Different Hardware.
Dear all, I will really appreciate if someone can share some information to enhance my Knowledge about AD Restoration in a different hardware. Problem is i want to Restore my AD to a different harware. But i m unable to do it. Is it Possible to Do so? Kindly show me the way out... Thanking You All. Ravi Dogra.