Gentlemen, thanks to all for your contributions to this.
will be going to customer site later this week to do some exhaustive testing
on this issue
(assuming of course that the computers have not melted in the ridiculously
warm weather we are having here !)
any other things that you can add
Title: Message
Technically, we have 1 person. But he's a Director level, so he has some
weight. It helps that he's also spent a lot of time with the sysadmin lead (me)
and the network engineer (sits next to me). One of the best aspects of our
company is that we've all worked together for a
Title: Message
Sorry for the confusionbut just
for clarification...you are saying that you use a single forest (empty
root) for all your domains including your DMZ/Internet?
-Original Message-
From: Rick Kingslan
[mailto:[EMAIL PROTECTED]
Sent: Friday, July 11, 2003 6:33
Title: Message
When configuring an
AD Integrated DNS zone, at least one DC in each site should be running
DNS? Or all DCs should be running DNS? Would it matter either
way?
Title: Message
I
always configure every DC as a DNS server. I consider that if a location
requires a DC, it also requires local DNS.
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
Title: Message
Wow really - - I only hae one of my DCs as a DNS server
- - all other DNS boxes are not DCs - - too much
going on
-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED]
Sent: Monday, July 14, 2003 10:58
AM
To: '[EMAIL PROTECTED]'
Subject: RE:
Title: Message
Isnt the information replicated anyway via
AD? I guess if they were all in the same site more than two would certainly
be overkill.
-Original Message-
From: Craig Cerino
[mailto:[EMAIL PROTECTED]
Sent: Monday, July
14, 2003 11:09 AM
To: [EMAIL PROTECTED]
Title: Message
I see
no reason to separate DNS from AD, except in extreme circumstances. AD and DNS
are both core infrastructure, so there's no reason not to colocate them. It
works well for both our 500 user company and the 4500 user company prior to
that.
My
DC/DNS servers here are
Here ya' go. You will probably enjoy managing with Tivoli's current
products. I'm monitoring our entire W2k3/AD lab environment with Tivoli.
I think they've gotten it right this time (with customization).
http://publib-b.boulder.ibm.com/Redbooks.nsf/Portals/TivoliTME10MailingList
Eric
Title: OT: Tivoli
FaqShop.com also has some cooperation with the Tivoli folks
to republish material, and add FAQ type of answers.
www.faqshop.com
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Duncan,
LarrySent: Monday, July 14, 2003 11:54 AMTo:
'[EMAIL
But, at what cost?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Monday, July 14, 2003 12:03 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] OT: Tivoli
Here ya' go. You will probably enjoy managing with Tivoli's current
Title: Message
Thats really what I am talking
about - - same site too much chatter.
-Original Message-
From: Rogers, Brian
[mailto:[EMAIL PROTECTED]
Sent: Monday, July 14, 2003 11:16
AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Quick AD
integrated DNS question :)
I've talked with folks over the years who have tried to implement Tivoli
100%. 100% doesn't seem attainable. Tivoli implementations generally last
2-4 years before they give up and find another product. There's quite a bit
of development involved in getting it to work in each environment, which
Title: Message
No - we have a completely separate forest for the
Extranet. Pardon for any confusion.
Rick Kingslan MCSE, MCSA, MCTMicrosoft MVP - Active
DirectoryAssociate ExpertExpert Zone -
www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Title: Message
We backed up on the DNS issue. When first deployed,
it was DNS with DC - always. We have since done exhaustive studies that
show that the traffic on the ATMwas not worth the added headaches in a 30+
remote site (Branch office - with some office locations exceeding 1000 seats)
Title: Message
I
believe you are correct. Additionally, though, I don't think DNS replication
traffic is all that considerable. The worst data hog in DNS is the resolver
cache, which isn't replicated.
--
Roger D. Seielstad -
MTS
Title: Message
To
date, the only issues which I am experiencing are related to the cache on my
primary DNS server corrupting. Other than that, its been rock
solid.
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems
Title: Message
Well say we are talking perhaps 20 remote
offices of a hundred or so systems per office.
Isnt the DNS information replicated anyway
to all DCs within AD even if the DC isn't a DNS Server? Or am I missing
something?
-Original Message-
From: Rick Kingslan
Title: Message
That's ok...Its what I thought
you said. I just wanted to make sure I was reading it correctly.
Thanks!
-Original Message-
From: Rick Kingslan
[mailto:[EMAIL PROTECTED]
Sent: Monday, July
14, 2003 1:17 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] what
Title: Message
So what is the impact of placing DNS
servers at each remote location? Significant? Or minimal? (given connections
are all greater than 256k frame)
-Original Message-
From: Roger Seielstad
[mailto:[EMAIL PROTECTED]
Sent: Monday, July
14, 2003 1:26 PM
To: '[EMAIL
Title: Message
This would be correct. But, remember that in the
replication strategy for Win2k - data goes to every DC regardless if it's a DNS
server or not - because once it's DNS-integrated, it's now a part of the AD
data. This trend is broken in Win2k3, where application partitions can
Title: Message
We
only run 2 DC's per site, except for those sites where we have a root DC as
well.
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: Craig Cerino
Title: Message
WoahI musta missed that
document. AD integrated DNS can now be separated from regular replication?
Gotta link? Book? Paper? Smokesignal? Morse?
J
-Original Message-
From: Rick Kingslan
[mailto:[EMAIL PROTECTED]
Sent: Monday, July 14, 2003 1:28
PM
To:
Title: Message
Nevermind..I found some MASSIVE nt4 -
2k3 document that seems to cover it. Man that's alotta reading :/
-Original Message-
From: Rogers, Brian [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 14, 2003 2:54
PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Quick
Tivoli today is not nearly as horrible on the Windows Server Platform as it
may have been before. Reference the following article...starting at about
paragraph 7:
http://www.informationweek.com/story/showArticle.jhtml?articleID=6502661
IBM's IBM Tivoli Monitoring products are nearly
Title: RE: [ActiveDir] OT: Tivoli
Funny...we heard nearly the exact same comments about JD Edwards
Wasn't true of course...but the comments were the same :D
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 14, 2003 3:39 PM
To: [EMAIL
Yes, you did indeed miss it. So, go find it. Yourself, this time with no help.
Hint:
Application partition is the new partion in E2K3 which, in addtion to The Domain,
Configuration and Schema Partitions now make up the AD database in E2K3.
It is this change that makes it possible now to
Title: Message
I'd
expect it to be minimal, although I don't have a lot of emperical data to prove
it.
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
-Original Message-From: Rogers,
There's still that question of cost. Not just product price (which is
generally out of sight), but the cost of training, additional hardware
resources, consultants, IBM's insistence on implementing their other
add-ons, and IBM's ultimate plan of selling their services so IT can be
outsourced.
Hi All:
Our DNS guy has a concern (minor?) about a previous fix being in the latest
dns.exe rolled into W2K/SP4. I don't want to take the chance of using an expensive
trouble ticket to allay his concern. Is there a specific discussion group he might
ask his question or is this one
Does anyone have any good references on how to develop packages to install
through a GPO? I am currently doing some research on Technet. Thanks
Justin A. Salandra, MCSE
Senior Network Engineer
Catholic Healthcare System
212.752.7300 - office
917.455.0110 - cell
[EMAIL PROTECTED] mailto:[EMAIL
Title: Message
Would
think it would decrease traffic in the long run because of users at that end on
the WAN pipe can retrieve locally cached lookups.
Shawn
-Original Message-From: Roger Seielstad
[mailto:[EMAIL PROTECTED] Sent: Monday, July 14, 2003
4:20 PMTo: '[EMAIL
We just installed SP4 on a DC because of two previous DNS issues we were
having. It did indeed fix Q811314 Q329258. The version in SP4 is
5.00.2195.6715 which is newer than both the previous hotfix version.
-Original Message-
From: Thommes, Michael M. [mailto:[EMAIL PROTECTED]
Sent:
Title: Message
All
the zone data is replicated with the domain (unless you're using application
partitions in WS2K3), so there is nothing "extra". Traffic depends on if
youstore client A and PTR records. If you do, the replication traffic can
be substantial depending on lease times,
Unless you want to mess around with .Zap files, GPO needs MSI (Windows
Installer) installations. You can use Wise Solutions or InstallShield to
generate MSI's for apps that don't already conform to this standard. But,
most apps already come in MSI format. You just need to know the proper
Title: Message
I may
have missed something,but the snotty tone seems
inappropriate...
In any
case, to reduce the apparent confusion:
GC-less sites have always been possible with AD since W2K.The
facility iscalled site coverage.
GC-less logon is new in WS2K3 and occurs because DCs can
Title: Message
Nah..you didn't miss anything..he
was just being a D1ck J
Thanks for the info!
-Original Message-
From: Gil Kirkpatrick
[mailto:[EMAIL PROTECTED]
Sent: Monday, July
14, 2003 5:50 PM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir] Quick AD
integrated DNS
Title: Message
One question on that. Dealing with the
GC-Less sites.
I know that Exchange2k relies heavily on
GCs during their day to day processes. Would perhaps E2k3 be more suited to
this environment than E2k? Or has this reliance on a local GC followed on to
E2k3
Heh..I
That's consistent with my experience as well. Consulting $$$ often get out
of control, and complete implementation is rarely achieved. A statistic I
recall from last year was that approx 30% of all Tivoli sales concluded with
a successful deployment within the first year. 70%... didn't
-gil
Has anyone wrote a script to connect a user to a shared printer on the
network when the log in? Is this possible?
List info : http://www.activedir.org/mail_list.htm
List FAQ: http://www.activedir.org/list_faq.htm
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
There is one on the Microsoft site at
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/scriptcenter/printing/ScrPrn01.asp
.
You can configure this to run from a group policy.
Tim Hines, MCSA, MCSE (2000 NT4)
MVP - Active Directory
- Original Message -
From: Richard
There are a few articles on the Win2k site. I've pasted the links below.
http://www.microsoft.com/windows2000/techinfo/howitworks/management/apdplymgt.asp
http://www.microsoft.com/windows2000/techinfo/planning/management/swinstall.asp
I guess it's my time to say Woah
Gil, my response was not in any way directed at you. It was directed at Brian and, if
anything, it was an attempt at levity, not snottiness. So, where did the slam come
from?
I'd think that if anything is snotty, it would be Brian's increduluos
This should work:
Set WshNetwork = CreateObject(WScript.Network)
WshNetwork.AddWindowsPrinterConnection \\YourPrintServer\PrinterName
WshNetwork.SetDefaultPrinter \\YourPrintServer\PrinterName
Set WshNetwork = Nothing
If you put that in a login script.
Sincerely,
Dèjì Akómöláfé, MCSE MCSA
Title: Message
Woa was my comment about my
completely missing something obviously very pertinent to my discussion here.
As in "holy crap" or "Damn
where did that come from" or "Wow...I completely missed that"
Incredulous? Lolyou need to lay
off the coffee J
Coffee? How did you know? My reputation preceded me again :)
In any case, I went back and read my original post. Flippant? maybe. Snotty,
definitely not. As to Gil taking umbrage at it... I still don't get it.
Make that double espresso, please. No milk.
Sincerely,
Dèjì Akómöláfé, MCSE
Title: Message
Deji,
I took
the comment: "Yes, you did indeed
miss it. So, go find it. Yourself, this time with no help. " as being snotty,
and it seems that wasn't intended.
Mea culpa (Latin for "my bad").
My comment re: DC-less sites was to distinguish
between "GC-less sites", which
Title: Message
I
didn't take it as snotty towards myself, but towards another list member (Brian
in this case). As I said before, my bad.
And I
think we've used up enough bits on this topic. Agreed?
-g
-Original Message-From: deji Agba
[mailto:[EMAIL PROTECTED] Sent:
Deji,
I might suggest that the attempt at levity include liberal smiley faces in
the future. Gil got the jump before I did, because, given your posts in the
past - this one seemed quite out of character. I really wasn't sure if you
were having a bad day or if Brian had just really 'hit the
I tried that and it didn't work. I took it out of the bat file and
tried it manually and I got this error...
-
C:\Documents and SettingsSet WshNetwork =
CreateObject(WScript.Network)
C:\Documents and
Save it as .vbs
-Original Message-
From: Richard Sumilang [mailto:[EMAIL PROTECTED]
Sent: Monday, July 14, 2003 9:17 PM
To: [EMAIL PROTECTED]
Subject: Re: [ActiveDir] Printer Script
I tried that and it didn't work. I took it out of the bat file and
tried it manually and I got this
Hey Deji, slap a smiley face on that post or a disclaimer about sarcasm and
email not mixing like beer and liquor or something that. :o)
I am confused by the app partition making it possible to do GC-less remote
sites... I could take that a couple of ways but app partitions wouldn't have
Bingo! ;-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Bryan Schlegel
Sent: Monday, July 14, 2003 8:21 PM
To:
Title: Message
No sweatI apologize for my
comments as well.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Monday, July
14, 2003 8:01 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Quick AD
integrated DNS question :)
Coffee?
How did
Title: Message
Good info there...answered one of a
number of questions I also had...although you did add a few more. J
-Original Message-
From: Joe
[mailto:[EMAIL PROTECTED]
Sent: Monday, July
14, 2003 9:22 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] Quick AD
You need to put that in a .vbs file, not a .bat or .cmd file
It's a vbscript. Just copy the exact text I sent. Paste it into Notepad, modify it to
reflect the name of your print server and printer. Save it as printmapper.vbs and put
it in the same location where you currently have your login
If I save it as a .vbs how can I have a login script and visual basic
script run during login?
On Monday, July 14, 2003, at 06:42 PM, Rick Kingslan wrote:
Bingo! ;-)
Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone -
57 matches
Mail list logo