[NTSysADM] RE: 2012 shares?

[Michael B. Smith]

And it is not supported if Exchange is in the AD site.  I just got verification 
on that, as well. (Of course, that's what I care most about. :) )

Regardless, it's a far better way to add an alias than disabling strict name 
checking.  It allows to continue to use SMB3/SMB2 with Kerberos, whereas once 
you disable strict name checking you are throttled to SMB1.

So I'm very appreciative. And yes, I've done some testing on it now and read up 
on it. In the toolbag. :)

From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On 
Behalf Of Free, Bob
Sent: Thursday, July 24, 2014 6:27 PM
To: ntsysadm@lists.myitforum.com
Subject: [NTSysADM] RE: 2012 shares?

> This trick is also part of the "supported" method to safely rename a domain 
> controller, which is how I learned it in the first place.

"Supported" but not "recommended" according to my DSE. YMMV

I had done it in the past (2K3)  and was contemplating doing it again and he 
asked around internally and gave me that answer.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Damien Solodow
Sent: Thursday, July 24, 2014 7:19 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

You're welcome. :)
It was something I was really happy to discover as the 
DisableStrictNameChecking was a headache.

This trick is also part of the "supported" method to safely rename a domain 
controller, which is how I learned it in the first place.

DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, July 24, 2014 10:15 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

Thanks for teaching an old dog a new trick!

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Kennedy, Jim
Sent: Thursday, July 24, 2014 10:08 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

Genius

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Damien Solodow
Sent: Thursday, July 24, 2014 10:08 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

Yes it does.

DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, July 24, 2014 10:02 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

That's very interesting. Does it add an SPN?

(I don't have time to test right now, but I can later. I'm happy to learn 
something new!)

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Damien Solodow
Sent: Thursday, July 24, 2014 9:49 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

There is another (easier) solution that doesn't require a reboot. :)
Skip the DisableNameChecking.
Delete the existing A record for AppServer from the primary DNS server 
configured on ComputerName.
On ComputerName, open an elevated command prompt and run: netdom compuername 
ComputerName /add:addserver.full.dnsname

Done.

DAMIEN SOLODOW
Systems Engineer
317.447.6033 (office)
317.447.6014 (fax)
HARRISON COLLEGE

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Thursday, July 24, 2014 9:43 AM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] RE: 2012 shares?

Ok.
Fair enough.  I would not have thought to google Disable Strick Name Checking.
But doing so brought this one up.
I have added the second reg as well.
About to reboot.
Let everyone know but I am sure this will fix it.
Thanks.

http://www.symantec.com/connect/blogs/why-you-might-disable-strict-name-checking-and-authentication-loopback-enterprise-vault-server<https://urldefense.proofpoint.com/v1/url?u=http://www.symantec.com/connect/blogs/why-you-might-disable-strict-name-checking-and-authentication-loopback-enterprise-vault-server&k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0A&r=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0A&m=azXhaZA3nDsGyzJEARqHj%2FQ959N9DNW6E4ih2%2BmYAB4%3D%0A&s=9134c87bbec27ec82d9efd07240cd981363553753c02b1ed239981f97751d4d6>



From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, July 24, 2014 9:39 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

It's not just a SQL trick. It's a LanMan trick.

That just happened to be the first complete set of directions that popped up 
when I googled it.

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Thursday, July 24, 2014 9:34 AM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] RE: 2012 shares?

Ok MS, why does a SQL trick apply to this situation?
Other than it isn't really a SQL trick is it.
It is a LanManServer trick that they have mangled with a SQL issue as well?
Am I close to understanding .
I am trying this now.
And thank you

From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith
Sent: Thursday, July 24, 2014 9:27 AM
To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com>
Subject: [NTSysADM] RE: 2012 shares?

http://technet.microsoft.com/en-us/library/ff660057(v=ws.10).aspx<https://urldefense.proofpoint.com/v1/url?u=http://technet.microsoft.com/en-us/library/ff660057%28v%3Dws.10%29.aspx&k=4%2BViHuL0UtSJBpVrYi3EdQ%3D%3D%0A&r=Jek3QSvahmIrNAN1nuPfQA%3D%3D%0A&m=azXhaZA3nDsGyzJEARqHj%2FQ959N9DNW6E4ih2%2BmYAB4%3D%0A&s=838ff01a95b4c06aaee48ad777337dd2c6819a29c1a67a494311b808a1b9f256>


From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> 
[mailto:listsad...@lists.myitforum.com] On Behalf Of David McSpadden
Sent: Thursday, July 24, 2014 9:20 AM
To: 'ntsysadm@lists.myitforum.com'
Subject: [NTSysADM] 2012 shares?

I have member server standard 2012.
I have a file share of Files and it shows up as 
\\Computername\Files<file:///\\Computername\Files>
I have a DNS A record for this as appserver and would like to access the share 
as \\AppServer\Files<file:///\\AppServer\Files> but get access denied?
What tree should I be barking up?
AppServerUser has full on the folder permissions and share permission and I 
have turned UAC off for now trying to trouble shoot?
Why can I not access the A record \ share name???
Thanks

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

This e-mail and any files transmitted with it are property of Indiana Members 
Credit Union, are confidential, and are intended solely for the use of the 
individual or entity to whom this e-mail is addressed. If you are not one of 
the named recipient(s) or otherwise have reason to believe that you have 
received this message in error, please notify the sender and delete this 
message immediately from your computer. Any other use, retention, 
dissemination, forwarding, printing, or copying of this email is strictly 
prohibited.


Please consider the environment before printing this email.

________________________________
PG&E is committed to protecting our customers' privacy.
To learn more, please visit http://www.pge.com/about/company/privacy/customer/
________________________________