Overlapping AD Subnet Boundarieshello,
just to stop the troll...
Do you understand my others post about your network ?
Is you DC set up on its network interface with a 255.255.0.0 netmask ?
Your setup will work fine from an AD point of view (dssite.msc) , but not an IP
routing point of view if
Hi,
We have a server A in US. We has a Server BC in India.
Global catalog servers are Server A B.
FSMO Roles are with the server B.
Right now we are having Citrix member server D in US. When users are logging
on the Citrix server, it takes logon authentication from Server B.
Have you configured your AD Sites properly in AD Sites and Services MMC?
Cheers
Ken
From: [EMAIL PROTECTED] on behalf of senthil Kumar
Sent: Sun 28/01/2007 9:32 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] Changing Logon server authentication !!
Yes. We have configured separate sites. Both sites have separate GC in each
site.
Regards,
Senthil
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer
Sent: Sunday, January 28, 2007 4:50 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
check the SITES and SUBNETS configuration...make sure the subnet of the Citrix
servers in defined in AD and assigned to the correct site.
also make sure the server (DC) B has not registered service records for the
site of the Citrix servers. This can happen when that site initially does not
Sorry - that should be AD Sites and Subnets...
Cheers
Ken
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer
Sent: Sunday, 28 January 2007 10:20 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Changing Logon server authentication !!
Have you
Hi Senthil,
Are Clients taking authentication from US office Server?
I faced this same issue while configuring SSL Explorer. Client
authentication was happening from India server. Check the DNS entry, this
did the trick for me.
Regards,
Jaspreet Singh Jolly
_
From:
My advice would have been to start with a 255.255.255.0 netmask (/24) - it's
better for creating more subnets and hosts. 255.255.0.0 (/16) is more limiting
if that is what the person is using, no matter what IP class is being used.
But if not selected initially it's too late to easily go
I think that someone knowing this wouldn't have post the question.
I don't agree with this part. A lot of people don't think you can supernet
AD subnets. In fact I have had people tell me outright it is impossible to
do that in AD even when I tell them it has been my standard practice since
I agree that MIIS could be convenient but only if it is already there or you
have other plans for it. If this was the only reason for it I would be more
apt to put something else together that had a far lower bar of entry such as
some basic scripts that are scheduled through task scheduler or made
Coming from more of a networking background than an AD background I
wouldn't have immediately thought of super-netting out right, myself. So
the point is well taken. If given this problem with no other background
I'd probably think more in terms of 'brouting' (bridged routing) or using
Server
You probably also want to specify the attribute ntsecuritydescriptor so you
don't have to see the other attributes, but maybe you do want to see them,
obviously each person will be different.
You can also have that put into CSV format if wanted so it could be imported
into Excel or Access or
I agree with Joe. I think it's a two fold problem. 1) People don't know
that you can assign a block more than once and 2) they just don't seem
to understand CIDR notation.
I'm responsible for adding those addresses in our enterprise and I get
requests all the time formatted like below and
What? Like simplesync?
I was beginning to wonder if anyone was going to bring up perl for this
particular application. It strikes me as the common glue for this
particular application that doesn't require the gnotes client software to be
installed. i.e. self-sustaining.
I think if I were
Nowhere does the OP say he's assigned a /16 mask to any interface.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mathieu CHATEAU
Sent: Sunday, January 28, 2007 4:02 AM
To: ActiveDir@mail.activedir.org
Subject: Re:
Going with a /24 when you're laying out a network just because its common and
small doesn't really help anymore than picking a /16 out of the blue in the
long run.
Migrating machines into new subnets is actually not that difficult if properly
planned - I've been around that circuit quite a few
Yeah personally I'd have written some little .net contraption doing it in the
background if it was something as simple as this.
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe
Sent: Sunday, January 28, 2007 10:04 AM
Sorry for how long it took me to respond to the lure... :) I am completely
swamped anymore. Just got back from a weeklong customer visit. Good visit,
the tech people at that company are very good, still I dislike going on the
road for anything.
I agree with what the folks said and Hunter's
Oh I am always about perl... TIMTOWTDI baby! ;o)
Perl is installed on my machines even before reskit and support tools. I
can't count the number of months it has saved me nor the number of $$$ on
third party tools. I know for a fact that there are enterprise level
companies out there still
Just an FYI, I kept reading in the responses about move... This doesn't
move the mailbox, it creates a new one at the new HomeMDB URL location and
the old mailbox is sitting there disconnected in the old store location.
This is something that can be done for normal users to get dialtone back
Was wondering what other folks use for naming site links. A point to point link
is obvious to me SiteA - SiteB or something like that. What about a link with
three or four sites in it (e.g. SiteA, SiteB, SiteC, etc)?
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
21 matches
Mail list logo
