I was only thinking about replication between two servers and the data
would be small. Maybe 20 mb here and there - as files are updated.
Kind Regards,
Jennifer Fountain
RB Inc
3400 E Walnut Street
Colmar, PA 18915
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL
I have added additional drives and proceeded to move the data using clusterrecorvery
tool. I have been successful in moving all my data except the quorum disk to the new
drive. Attempt to move the data generates an error Failed to switch resource. Any
ideas?
thanks
Nathan
TradeWeb LLC
What's
everyone's opinion of desktop security software solutions like Cisco's ACS,
which every time some application tries to change the registry or a file or
something and it's not part of your pre-configured security template, it pops up
an alert asking you if it's OK? Mgmt is asking for
Weve deployed CSA (Cisco Secure ACS)
on several of our Internet-facing servers and for a few clients. It works
surprisingly well.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ
Sent: Tuesday, May 11, 2004 7:58
PM
To: '[EMAIL PROTECTED]'
Subject:
Title: Message
With
applications like this (also CheckPoint VPN) we've created a batch file that we
run on the local computer which changes the permissions registery and in program
files to allow the user to have read/write to that spacific
folder.
As you
said below becasue it's a adhoc
Hello members of ActiveDir,
I'd like to inform you all of an opportunity for a Senior Microsoft Solution
Architect. Below you'll find the details of the position as well as my
contact information.
Immediate Opening for a Senior Microsoft Solution Architect
Our
But
would you recommend it on an all server and all desktop deployment
solution? Or just internet facing servers and a few select clients?
And why?
-Original Message-From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]On Behalf Of Michael B.
SmithSent: Tuesday, May 11, 2004
Title: Reccomendations Please
Hello All
This may be off topic so please forgive me if it is but I thought I might get some usefull suggestions from the other list members.
Due to a serious shortfall in staffing and increasingly complexity and growth my challenge is to find something we
Title: Message
John,
Good
afternoon, a colleague of mine has used the following software before: http://www.bb4.com and highly recommends it.
Apparently it takes a little bit to set it up but is very stable and works very
well.
Personally I haven't had a look at it yet, but I've seen it
I have always pushed lmhosts and hosts files to the machines...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Carlos Magalhaes
Sent: Monday, May 10, 2004 11:38 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] DNS settings
Nope that's what gets me,
Title: Message
It's
either got to be WINS or Hosts files while using the standard W2K VPN dial-up. I
don't think WINS is a bad solution to be honest unless you want to dig into
your pocket.
If you use a 3rd party, i.e. Checkpoint, then their technology
allows for overlay of your DNS
Title: Message
We havent and still dont use
WINS , this network only uses DNS.
The problem I am having is that the user
logged onto our network can work fine DNS is working etc. The user dialed up to
their own ISPs are being forced to our internal DNS servers, they still
get a valid IP
Title: Message
Sorry
I think I have lost track here somewhere... I probably didn't read your problem
correctly.
I
would actually think that it is better for them to resolve to your internal DNS
servers. I have seen loads of issues with people trying to get it to work the
other way round.
Title: Message
Hey Robert,
Ok there is nothing wrong with the internal
DNS at all, they can resolve everything they want when logged onto the network.
Their problem is when they go home and are
off the network they use their own third party ISP accounts with the default
windows
Title: Message
Hi
I have
tried it on the default domain policy.
Ronen
-Original Message-From: Darren Mar-Elia
[mailto:[EMAIL PROTECTED] On Behalf Of Darren
Mar-EliaSent: Sunday, May 09, 2004 7:05 PMTo:
[EMAIL PROTECTED]Subject: RE: [ActiveDir] Setting
Hello, all
Eric, can you point to the location of such a cool tool like ADPerf?
I've google'd but have got no results...
--
Best regards,
Alex.
- Original Message -
From: Eric Fleischman
To: [EMAIL PROTECTED]
Sent: Sunday, May 09, 2004 5:22 PM
Subject: RE: [ActiveDir] LDAP stress
I also should have probably pointed you to adtest. Adtest can do some
load testing as well but be sure you keep in mind the caveats below.
http://www.microsoft.com/downloads/details.aspx?FamilyID=4814fe3f-92ce-4
871-b8a4-99f98b3f4338DisplayLang=en
Bottom line: nothing is as good as actually perf
Title: Message
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 196.2.45.82
Subnet Mask . . . . . . . . . . . : ispSubnetMask
Default Gateway . . . . . . . . . : ispGateWay
DHCP Server . . . . . . . . . . . :
Title: Message
I take
it that you also use DHCP in your internal networks, i.e. you don't assign
static IP'sto your internal NIC's? As a test could you just disable the
internal NIC and try the dialup again?
Are
all the machine exactly the same, i.e. same model with same
NIC's?
Sorry
if
Title: Message
Well, thats what the intention is
with ISP DHCP, but for some reason its not change JUST the DNS settings for
that connection.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Patrick - IT Department
Sent: Tuesday, May 11, 2004 2:20
PM
To: [EMAIL
Title: Message
Not a problem I might have overlooked something
and thank you for taking the time to help.
Ok
Yes we use DHCP.
No
Static IP addies.
Machines
are all different models and NICs
I
could disable the internal NIC why would that make a diff (just
Title: Message
The problem is that the mobile users are dialed up to the
Internet, say just to surf, and they are holding onto their internal DNS
settings.
Since
its systemic, I'm wondering if its not either a driver issue or a policy issue,
but I can't think of a single good reason for
Title: Message
Have you run a network trace on the PPP adapter while its
logging in?
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
From: Carlos Magalhaes
[mailto:[EMAIL PROTECTED] Sent:
Title: Message
Maybe trying some actions from the cmd line would help such as:
IPCONFIG /release [adapter] Release the IP address for the specified adapter. IPCONFIG /renew [adapter] Renew the IP address for the specified adapter. IPCONFIG /flushdns Purge the DNS Resolver cache.
Title: Message
I tried that and it seems to work. The
problem though is I cant expect the users to do this every time they want to
use their connections, there must be something that is going wacky here.
Dont you agree?
CM
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Nope, wasnt
me maybe my counterpart did though. He knows I subscribe to this list,
so he asked me to post the initial query to this group. He probably wanted to
see what other kinds of rants he could raise J
Thanks for
the advice, as always!
mc
-Original Message-
From:
Title: Message
Good
call
If
that doesn't work then why don't u add some external DNS entries statically to
the PPP adapt and see if they stick.
-Original Message-From: Charlie Kaiser
[mailto:[EMAIL PROTECTED] Sent: 11 May 2004
14:26To: '[EMAIL PROTECTED]'Subject: RE:
Title: Message
Definitely!
I have a similar setup as
you. We use ISP for DNS but our router handles the DHCP. Mixing ISP with
network services has to be the culprit I would think.
-Original
Message-
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Carlos Magalhaes
Title: Message
Hey Charlie,
They have multiple ISPs and all of
the ISPs dial ups have the same symptoms
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . :
196.2.45.82
Subnet Mask . . . . . . . . . . . :
Title: Message
The only VPN clients they have is the
default windows VPN client you create with Add New Connection
there is no third party VPN clients at all.
There are some third party dialers but not
VPN clients. The symptoms are true whether they use a third party dialer or a
windows
Title: Message
So XP is holding onto the old IP
address now that youre on W2k3 AD, but didnt do it before
is that accurate?
Does right-clicking on the dial connection
systray icon and choosing repair fix the problem as well? Thats at
least friendlier than ipconfig but obviously not the
Title: Message
Carlos did you check RSOP on a client to
see if its getting the
Computer Configuration
Administrative Templates Network DNS Client DNS Servers
setting from somewhere?
Warning: The list of the DNS servers defined in
this setting supersedes DNS servers configured
Title: Message
You
can install a DFS root on a DC or member server.
It
should work fine, in terms of splitting down a server and distributing the data
over a number of other servers. I'm assuming you only want to use DFS to make a
central share access hierarchy?
I
would not use the
Title: DFS
DFS can be used for load balancing and redundancy
redundancy. Do not install it on a DC, especially with 1 tb of data. A DFS share
will have at least 2 servers. I would recommend looking into 3rd party software
for this. I have heard the limit for DFS is about 250 to 500 gb
And to think I _was_ a bit sad about missing the Summit ;)
Rich
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mulnick, Al
Sent: Monday, May 10, 2004 8:15 AM
To: '[EMAIL PROTECTED]'
Subject: RE: [ActiveDir][OT] LDAP stress tool for AD 2003
Um. Rick,
Does anyone know how to connect to a remote machine and enumerate the
User Rights that are assigned on it? I'd prefer a VBscript technique
but I could use a command line utility. I already know about
ntrights.exe in the Resource Kit but it only modifies selected rights it
doesn't list what is
I received a development request =
time to check your backups and update your resume J
Sounds like the developers want to fix something they probably dont
understand at all. If so, thats almost like disabling the netlogon
service on all your workstations because theres an LSASS exploit
I'm curious what y'all do with those situations where you have to manage credentials
for 'outsiders' - in other words, users from some business partner, vendor, etc. who
must have access to some resource in your company. For example, say you have some
intranet web app that you make available
I have a question about the best way to separate the
AD DB and AD log files.My standard server build is a Compaq DL380 with six
36GB drives and one Compaq Smart Array 5i Controller.Normally I mirror
the first two HD's for OS and apps use the other fourdisks for RAID5 with
hot spare.For
Essentially, your concern is about disk signatures.
http://support.microsoft.com/default.aspx?scid=kb;en-us;305793 should help
explain about that some.
What I'm curiuos about is why you don't just add disk and move the data over
to it? Expand vs. replace?
Al
-Original Message-
From:
Title: Message
Id be
tempted to setup a reservation in DHCP internally and set different DNS settings
(whatever u like) to a test machine ipconfig/release and renew... see if it
obtains the new settings or still holds the old settings.
-Original Message-From: Rich Milburn
Title: Message
Having a DFS structure would mean that you
would have 4 servers each with 1 TB of information on them because everything
gets replicated to all locations in the DFS. DFS will NOT put 250 GB on one server, 250 GB on
another server and so on.
-Original Message-
I have a question about the best way to separate the
AD DB and AD log files.My standard server build is a Compaq DL380 with six
36GB drives and one Compaq Smart Array 5i Controller.Normally I mirror
the first two HD's for OS and apps use the other fourdisks for RAID5 with
hot spare.For
We don't mix authentication schemes. Internal is internal, and external is
external.
We require VPN access to internal resources- nothing is published
externally. I'd be really leery of doing it any other way.
--
Roger D. Seielstad -
I just bought the Active Directory Cookbook and started looking at some of
the sample scripts posted on the author's website. When I attempt to use
this one it tells me the server is not operational, line 14 character 1.
Can anyone take a look at this and let me know if you see something I
Either of those
configurations would work depending on what performance you would need.
For optimal configuration, you first want to separate the I/O stream for Log
files. That's because they tend to be very write expensive and they are
typically sequential I/O. Separating that to a
Nathan,
My recomendation would be to use 3 mirrors. This would avoid mixing log files with
the OS, or placing log files on a raid5
Denny
-Original Message-
From: Nathan Casey [EMAIL PROTECTED]
Sent: 5/11/04 1:45:33 PM
To: [EMAIL PROTECTED] [EMAIL PROTECTED]
Subject:
Title: Message
Replication of data is optional in DFS, but a domain root
will replicate the configuration to all domain controllers.
--
Roger D. Seielstad -
MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc.
From:
That's a pretty common scenario in many types of business. We all do
business with partners and have to face this at some point. Most businesses
have since they started with EDI, but they security wasn't as high-profile
as it is these days for many of them.
To paraphrase the question, how do
Justin,
I don't think this is correct. With DFS, I can set up different subfolders to point
to different physical locations. These physical locations can be setup a redundant
pairs, but this is not required.
Denny
-Original Message-
From: Salandra, Justin A. [EMAIL PROTECTED]
Did you change the strDomain value to match your environment?
mc
-Original Message-
From: James Payne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 11, 2004 1:41 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Cookbook sample scripts
I just bought the Active Directory Cookbook and
I don't treat a 3rd party account in AD any differently from normal user accounts.
They should be given the least privelege required to do their job, which will
typically mean logon access is restricted to whatever server they are supporting.
One personal annoyance is when admins set up generic
?? Did you modify it? Strdomain looks the same as the default.
Al
-Original Message-
From: James Payne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 11, 2004 1:41 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Cookbook sample scripts
I just bought the Active Directory Cookbook and
strDomain = mydomain.com ' e.g. emea.rallencorp.com
needs to be mydomain.com (minus the )
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of James Payne
Sent: Tuesday, May 11, 2004 1:41 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Cookbook sample
You can try the slightly modified one I use - it writes the roles out to a
text file versus displaying them on the screen
' This VBScript code prints the FSMO role owners for the specified domain.
' ---
' From the book Active Directory
Unless your domain is named mydomain.com, you need to change line 11
-Original Message-
From: James Payne [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 11, 2004 10:41 AM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] Cookbook sample scripts
I just bought the Active Directory Cookbook and
Im
looking for a way to have a 3rd party app call a mapped drive on a
remote server at anytime without any user account being logged on at the Application
server with a persistence drive mapping. The remote server has the file shared
out as well.
The
Application needs to have a drive
Title: DFS
Yes. I use
it for load balancing the file servers which serve MSIs assigned via GP. I have
it running on DCs as well. Works like a charm once you get all your ducks in a
row.
--Brian Desmond
[EMAIL PROTECTED]
Payton on the
Web! Http://www.wpcp.org
v: 773.534.0034
x135
For a
truly high perf situation, youre probably going be best with an OS
Mirror, a RAID5 for the DB, and a mirror for the logs.
How big
is your database and how busy will the DC be? This isnt really relevant/an
issue in smaller/medium size configs
--Brian Desmond
[EMAIL PROTECTED]
The main objective to to remove the single point of failure I have now -
one big file server. If this goes down, we are SOL. From what I
read/tested, DFS will allow you to point a single folder to shares on
different physical locations. (basically, the user sees one server but
in reality I have
Title: Message
Ok (all the
clients are XP ) - In Computer Configuration|Admin Templates|Network|DNS
Client
There is a setting for DNS Servers to our internal
DNS server.
And this would apply to PPP connections???
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf
Well, you could have itcall ascript that
does:
"net use E: \\server\share
/persistent:no"
The next time the user logs in, it will not be there (it is
the same as -not- checking the "Reconnect at login" box in Map Network Drive).
However, until they logout, they will see the E: drive. But
If I understand your question correctly, my thoughts on
this are good luck.
With NT4 you could pull this off, 2K and K3 are tightening
down perms and making cross process/security context access of shared resources
very difficult if not impossible. Using drive letters was never a
Create an AD account for the application to run under and give it full
permission to that share. Then right a script for the app to run every
time it needs to access that share. Seems logical and it is something
we do quite often here.
Julie
Julie A. Wilson
University Network Coordinator
1 TB is too much for DFS to replicate between two servers, not to mention
four. The replication (FRS) in DFS is flawed. Have you looked into shadow
copy or a utility like Robocopy?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jennifer Fountain
Sent:
65 matches
Mail list logo