All,
AD GPO issues. Have the dreaded Event ID 1030
1058 issues. DC's Windows 2003 and clients XPSP1. DC's had the
issue but I was able to resolve this using: dfsutil /PurgeMupCache, have been
clean for a week now...XPSP1 clients however still have the error messages
and I have done the
all events were logged on a single server (which as i think might be relevant is the
PDCE ?)
there were entries for all the DC's in the domain
and i suppose all these must be related to the NT4 trust as wouldnt they have secure
channel to a DC belonging to the domain with which trust was lost
Guido, i appreciate this is going into what seem to be the murky depths of AD but
would you be able to expand on this concept of version number - it must relate
somehow to replication which i thought to be based on USN's ?
GT
- Original Message -
From: Grillenmeier, Guido [EMAIL
All,
Further development, it is not a DNS/DFS
issue seems as though some attribute in my XP Workstation Baseline GPO is causing
this issue, other workstations in the domain can access the \\FQDN\Sysvol. Will
try and nut it out further...
James
From:
[EMAIL PROTECTED]
Well, first GT, below I think you're thinking of version numbers, not USNs
like Guido said.
Both are used in replication, but for different purposes. USNs are
strictly used for determining _what to replicate_, never _what wins in a
replication conflict_. Replication conflicts are decided by
I am using this to distribute a
screensaver also (machine startup vbs script).
I am having a problem however. I think I
know what it is, but I am not sure how to fix it.
I have the screensaver sitting in the
NETLOGON folder of my DC, and I am trying to copy from that location to the
I am new to this mailing list and I am definitely a novice in
comparison so forgive my ignorance. I am receiving tons of 13508,
13562, and 3034 event log errors on one of my domain controllers. I
found that I was receiving access denied errors when trying to
replicate by using dcdiag or one
Hi All,
Sorry, I know this is off topic and Im in a
hurry to get a resolution to an issue in driving me mad. I have little
experience with TS so stick with me :O)
A user logs on to Terminal Server 2003 and her local
printer on her own desktop is not reflected in the Terminal Server
Do you have "Connect Client Printers at logon" checked in
the "Environment" Tab in ADUC?
Paul
Cotter
Microsoft MVP -
MIIS 2003
~nodisc.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Robert
RutherfordSent: Wednesday, August 18, 2004 9:21 AMTo:
[EMAIL
When I tested this a while back, the scripts extension will
impersonate the machine account to get access to network resources--so the
machine account (or authenticated users will work) will need at least read
access to the Netlogon share (which they should have, btw). Can you verify that
Using VBScript, I would like to pull
the domain and forest functional levels in a mixed 2000 and 2003 forest.
What attributes am I looking for?
Thanks
Mark Hocraffer
RockwellCollins
The script is running, as I have it also
distributing a GPC.DAT file from a virus server (I am changing parent servers
on Symantec). The files in that subroutine distribute ok.
I am at a loss as to why it is not
distributing the scr. I have the error submerge commented out. I will
Hi Rob,
In order for the printer to be visible on
the TS server for the client, you need to install the print driver on the TS
server for that specific printer. On the TS server go to Start, Printers
Faxes, File, Server Properties, Drivers. Install the print driver for that
specific
To
determine the DFL
Attribute
nTMixedDomain of the domain-object (blabla.com) DC=BLABLA,DC=COM
Attribute
msDS-Behavior-Version of the domain-object (blabla.com) DC=BLABLA,DC=COM
If
nTMixedDomain = 1 And msDS-Behavior-Version = 0 Then DFL
= Windows 2000 Mixed (DEFAULT INSTALL VALUE)
thanks Brett for the confirmation and clarification
If we set meta-data elements for all attributes for unset attributes
just to get a delete of the attribute to win (remember there are
100s
of unset attributes) you could experience like 5k+ bloat per object.
Administrators would be very
Have you tried it with the samaccountname attribute (the pre-windows2000
name of the account which won't have spaces) and received the same results?
As for the reasons of replication problems, what drove you to reset the
computer account? Can you give us a background on the steps taken to date
One minor recommendation - use the partitions
container's crossRef objects to determine the domain functional level as it
allows you (in a multi-domain forest) to retrieve everything from a single DC
(no GC requirement or purpose here). For the most up-to-date dom. func.
level, use the PDC
Title: Re: [ActiveDir] GPO to copy a file to all machines
If you have a copy of Wise or some other MSI packager, you could just create a simple msi package that writes the .scr file to %systemroot% and install it via machine GPO.
Just something to consider.
From: DL.ActiveDirectory [EMAIL
It has been my experience that you do not need to
install the printer drivers on the TS server with TS
2003. If you use the latest Remote Desktop client,
the printers should be visible automatically.
Download it here, install it on the client and try
again:
Thanks All... It was working without the drivers.
I did however load the drivers again and all is working now.
Group Hug x
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steve Johnston
Sent: 18 August 2004 16:54
To: [EMAIL PROTECTED]
Subject: RE:
thanks 2 from me
i have to say i am indebted to this mail list for this level of documentation of this
beast called active directory that we have come to love
GT
- Original Message -
From: Grillenmeier, Guido [EMAIL PROTECTED]
Date: Wed, 18 Aug 2004 17:32:58 +0200
To: [EMAIL
Ah stupid me. Found the simple file not
found problem and fixed.
Thanks all
Thank you,
Mitchell D. Lawrence
Director, Network Administrator
ITS Department
North Bay Hospital
1711 W. Wheeler Ave
Aransas Pass, TX 78336
ph: (361) 758-0580
fx: (361) 758-0581
pg: (361)
I can't find anything about the cause of this on the net. I am getting
Event ID 7050 in the DNS logs (2003 AD integrated). Error says The DNS
server recv() function failed. The event data contains the error.
Nothing seems to be affected by it (at least not as far as I can tell),
but you know how
If you do find any vulnerability, don't forget to let everyone know.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Schaefer
Sent: Tuesday, August 17, 2004 10:34 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] OT: IISadmpwd security
HI all,
I need to hide a field from AD (windows 2003/exchange 2003) from
displaying in the GAL from exchange. Ideally, I could block all students from
seeing one or two fields and allow all staff to view that field. (company name
or company number as an example)
I tried to set
Rick,
Would this happen to be for
compliance to FERPA?
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gasper, Rick
Sent: Wednesday, August 18, 2004
1:59 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] hiding a
field from global catalog
HI all,
I need
That is part of it
Rick Gasper
Manager, Network
Services
King's College
133 N. River St
Wilkes-Barre
PA 18711
PH: 570-208-5845
Fax: 570-208-6072
Cell:
570-760-0335
[EMAIL PROTECTED]
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Douglas M. Long
You can create separate Address Lists and set the
permissions for these. I believe this is an approach used by some
ISPs.
http://support.microsoft.com/default.aspx?scid=kb;EN-US;319213#8
Tony
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gasper,
RickSent: Mittwoch, 18.
Well, the problem with only hiding the GAL
is that information still exists if anyone does an ldap query. Since I dont
have an answer to your question, I will just tell you what we are doing.
If a student elects to exercise either
FERPA or the Buckley amendment, there name is nowhere
I am looking at this one.
Rick Gasper
Manager, Network
Services
King's College
133 N. River St
Wilkes-Barre
PA 18711
PH: 570-208-5845
Fax: 570-208-6072
Cell:
570-760-0335
[EMAIL PROTECTED]
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray
I understand where you are coming from,
but that doesnt quite get what I need.
If I can hide a couple of fields that are available
from the global catalog and give permissions to the people who need to view
them, it makes my life a whole lot easier.
For example: we have a student
Title: DFS on Domain Controllers
Is it a bad idea to make DFS Root Targets on Domain Controllers? If I browse to my AD 2003 domain \\example.com I see the two folders: Netlogon Sysvol. But if I browse to \\example.com\DFS-Root I see my Links which point to shares on file servers
Can anyone provide me with good documentation on RIS and
software deployment through GPO?
We currently use MS ADS and I dont like it and I
believe it to be the cause of problems. Aside from that, I think that I
can benefit more from RIS if my plan goes through well. I am not
interested
Title: DFS on Domain Controllers
I wasn't going to have any real files on the DCs just
the DFS root and links the point to real shares on file servers.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bruce
ClingamanSent: Wednesday, August 18, 2004 3:44 PMTo:
Got to love one day requirements and deadlines, need some help
formatting an output file from DSQuery. I need to export all users one
OU (All objects are contacts) with their CN and mailNickName attributes
ONLY. The export file doesn't appear to have a delimiter when using
DSQuery, I'm needing
Dear all,
I will really appreciate if someone can share some information to enhance my Knowledge
about AD Restoration in a different hardware.
Problem is i want to Restore my AD to a different harware. But i m unable to do it. Is
it Possible to Do so?
Kindly show me the way out...
Thanking
Always provide your current syntax, it's immensely useful in assisting with
outlining your problem. That said, post what you've got so far ... this
sounds quite doable.
Deano
--
Dean Wells
MSEtechnology
* Email: [EMAIL PROTECTED]
http://msetechnology.com
-Original Message-
From:
dsquery * OU=My Email Contacts,OU=EmailOU,DC=Steve,DC=Schofield,DC=com
-limit 4 -attr mailNickName cn c1.txt
Is the syntax I'm using, apologize for not posting at first. Hard to
troubleshoot when not saying here is the error or code.
Thanks
Steve
[EMAIL PROTECTED] 08/18/04 06:17PM
I was able to take this output as a .csv file, then open it in excel, and
use the text-to-columns feature and fixed-width rather than delimited, and
then save it. It produced a comma-delimited file that accurately separated
the two fields.
If you can't figure out a way to create the appropriate
39 matches
Mail list logo