Never miss a chance, do you Susan? ;)
For those interested, I am in China at the moment, doing a meet and
greet/reccy on our sister companies there and preparing for connecting
them to our regional domain - then our region will be migrated to the
corporate global domain as a part of the
Hello everybody,
I got this problem: I am trying to resize a partition on fileserver running on
Windows 2003 Enterprise . I got 1TB in raid 5, and my system partition is
40GB and I have 500 GB for storage. So is there a way to resize this 500 GB
partition and extend it with the rest
Diskpart.exe
Thank you and have a splendid day!
Kind Regards,
Freddy Hartono
Group Support Engineer
InternationalSOS Pte Ltd
mail: [EMAIL PROTECTED]
phone: (+65) 6330-9785
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Boris Demirov
Sent:
Christine,
John does have a fix but do realize that once users given elevated
privileges, their boxes will become the source for malware entry points.
In my firm, we install the apps that needed admin attention and
specifically modify the ACLs/DACLs so that user will not encounter
launching the
I knew there was a firewall between some
of the clients at remote sites and the DCs, but what I didnt realize is that
the clients at the same physical site as the DCs were also going through the
firewall. I assumed (incorrectly) that they were on the same layer-2 network
and that there
Darren,
RPC connects initially on 135 and then the
DC tells the client to establish a new connection on one of the free high
ports. They start at 1024 and move up from there, so if there are already 2
clients connected starting at 1024, then the next client would be told to
connect to
If you have to open high ports than what are the reasons of having a
firewall in the first place?
-Z.V.
Clay, Justin (ITS) wrote:
Darren,
RPC connects
initially on 135 and then the
DC tells the client to establish a new connection on one of the free
high
ports. They start
Thanks Jose,
This is just going to affect the private
IPs in the cluster so no name resolution issues will come into play.
This helped a lot. It lead me to http://support.microsoft.com/kb/241828/
which is pretty clear. Im looking at some downtime on the cluster and
thats what I needed
Z,
I think the firewall was supposedly between the
clients and the DC which invalidated the machine accounts after updates. There
might be more than a single firewall (internal and
external).
-Shariff
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Za
VueSent: Monday,
I wonder if they do work? or if some of them don't because only the first 20 chars are being looked at/returned by the api's that consume them?
Interesting. That variable is a 20 char variable so I don't see why a loophole of 64 is allowed? Any thoughts?
On 6/4/06, Joe Kaplan [EMAIL PROTECTED]
Hi Mike,
I am not sure what
your project involves and you fail to mention why you are doing this. Are you
moving the cluster to a new switch? Replacing the Router? Why are you making
this change?
It will take several
minutes for your ARP table on the router or routers to be updated
Thanks Justin. I know how RPC works. I was asking where you
had the firewall and what RPC services were identified as using those.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Clay, Justin
(ITS)Sent: Monday, June 05, 2006 6:21 AMTo:
ActiveDir@mail.activedir.orgSubject:
How do I test that? I'd love to change all of these to
match the samaccountname to the objectcn = as its showing half complete on the
samaccountname for those adc created objects and is not
neat...
Thank you and have a splendid
day!
Kind Regards,
Freddy Hartono
Group Support
Engineer
I may be missing something basic during
this discussion. Please help me with understanding.
Generally, it makes sense that an
inability to access domain resources will cause a lengthy and error-filled
login process.
Question 1:
Why doesnt it happen all of the
time to off-site
Thanks this helps
Justin A. Salandra
MCSE Windows 2000 2003
Network and Technology Services Manager
Catholic Healthcare System
646.505.3681 - office
917.455.0110 - cell
[EMAIL PROTECTED]
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of joe
Sent:
I meant active directory itself.
Justin A. Salandra
MCSE Windows 2000 2003
Network and Technology Services Manager
Catholic Healthcare System
646.505.3681 - office
917.455.0110 - cell
[EMAIL PROTECTED]
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
What is your ADC configuraiton?
Santhosh Sivarajan | MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA
Houston, TX
From: [EMAIL PROTECTED] on behalf of Ajay Kumar
Sent: Sun 6/4/2006 10:00 PM
To: ActiveDir@mail.activedir.org
Subject: [ActiveDir] DC and ADC
Hey Jose,
I need to change the IP on the two network
cards that the servers use to monitor the heartbeat between them. Each server
in the cluster has two NICs in them, one for monitoring the heartbeat between
them (private), and one for the internal LAN.
We have just added an office
I'm receiving this error on subtree searches of the Config
NC, on a French version of Windows 2003 SP1. Anyone have any
ideas?
(From LDP)
ldap_search_s(ld, "CN=Configuration,DC=francais,DC=local",
2, "(objectclass=*)", attrList, 0, msg)Error: Search: Erreur
d'opération. 1Server error:
Title: User Logon Hour
Hi everybody.
How can I change user logon hours making bind directly to user object. Is this possible? I know that is possible using another object user as template.
Thank´s
Atila Firmino
Essa mensagem é destinada exclusivamente ao seu destinatário e pode
Answers in-line
On 6/5/06, Richard Kline [EMAIL PROTECTED] wrote:
I may be missing something basic during this discussion. Please help me with understanding.
Generally, it makes sense that an inability to access domain resources will cause a lengthy and error-filled login process.
Question
I am reposting this reply. I do not
recall receiving the email back from the list server the first time I posted
it. My apologies if you are receiving this a second time.
Jose
From: Medeiros, Jose
Sent: Monday, June 05, 2006 7:58
AM
To: 'ActiveDir@mail.activedir.org'
Cc:
That's a good question. Ambiguity is what I'd be concerned about in this case so I think that most of the noticeable errors would occur in messaging (Exchange DG's) and administration efforts. Since everything relies on sid's, it wouldn't be in the form of logging on, but rather when you search
Hi Mike,
My apologies, I did
not realize that you were only changing the heartbeat IP ( I should have caught
that when you stated private ). Here at Intel, we run Microsoft Network Load
Balancing, NLBS. The NLBS interface is called private ( How the clients connect
), and the internal
This means there is a physical corruption in the AD database. Does this
domain have replicas? If yes, just repromote another replica and then
demote this guy. If no, sometimes a offline defrag can save the
database. Otherwise, what is the backup situation for this domain? Don't
be tempted to
http://www.microsoft.com/downloads/details.aspx?familyid=b1218d8c-e8b3-48fb-9208-6f75707870c2displaylang=en
http://www.microsoft.com/downloads/details.aspx?familyid=b1218d8c-e8b3-48fb-9208-6f75707870c2displaylang=en
This guide explains how to deploy and configure Intelligent Message
Filter in
Whats the version of ldp? Are there any issues using ADAM sp1's ldp from the english version? I assume other ldap cliients are fine? other than this ldp? Wire traces show anything weird?Just my $0.02M@
On 6/5/06, Gil Kirkpatrick [EMAIL PROTECTED] wrote:
I'm receiving this error on subtree
Who knew he spoke French... I'm impressed.
(feel free to throw something at me.. )
Susan
Brett Shirley wrote:
This means there is a physical corruption in the AD database. Does this
domain have replicas? If yes, just repromote another replica and then
demote this guy. If no, sometimes a
Start your own thread :)
Joe blogged about this DSID thingy a while back, and it was a very
informative piece. I suggest you start from there. This may require you
peeking into the source code.
Sincerely,
_
(, / | /) /) /)
Man I regret trying to even answer that. I didnt look at the name of
the poster for crying out loud!
Note to self a fool is not known until he opens his mouth /Note to self
Sorry Gil. Wont happen again.
M@
On 6/5/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
Start your own thread :)
Joe
With 3 major exceptions. - every word that ends tion and sion in French is the
same in English. So only Erreur to translate and that's not rocket science.
Not taking anything away from Brett though.
M.
-Original Message-
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] [EMAIL
Single DC, single member, running under VS 2005 R2, 32-bit. DCPROMO and other
activities all seemed to work normally, so the corruption thing is a surprise.
Hey Brett, if I consider the hardware suspect, does that mean I have to file
a bug with the VS team?
I'll kill it and rebuild and see
Just read and followBrett's response... That error is
being thrown by a fairly low-level part of AD (from the DSID)anda
low value negative number like thatis almost always an ESE error. The
combination of those pieces of info aligned with Brett responding saying it is
physical corruption
Very interesting.
Can we see the VHD before you blow it away? I can set up a place for you to
upload it to. Please let me now how large it isjust ping me offline and we
can coordinate.
~Eric
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gil
Note that in that DSID message, the ESE error is the one in
DATA section.
Here is the ESE error decode...
http://windowssdk.msdn.microsoft.com/library/default.asp?url="">
JET_errReadVerifyFailure -1018
There is a checksum error on a database page.
From: [EMAIL PROTECTED]
[mailto:[EMAIL
Okay. I'll ask the question that everyone else is afraid to why 91 and not 90?
Cheers
On 5/31/06, joe [EMAIL PROTECTED] wrote:
:o)
I can imagine
Something I like to recommend to folks is to monitor password changes. Depending on how big you are you may even want to do it daily. It
I've blown the image away already, but I have a backup. I'll check to see if
the backup exhibits the same behavior. Send me an email with the upload
particulars. It's a differencing disk, and the total will be in the 3-4GB
range, uncompressed. It may be that throughput over the FedEx network
The schema defines rangeUpper for sAMAccountName at 64. Where are you
getting a field size of 20?
All I can say is that they do seem to work fine in our environment and the
DS does not reject them, although I am pretty sure the DS rejects requests
to create users with sAMAccountName 20
Interesting. The online version I see says rangeupper is 256. Not sure how important that is, but...
http://msdn.microsoft.com/library/default.asp?url=""
Given the purpose of samaccountname I have a hard time believing something doesn't rely on that being 20 chars. Not to say that they haven't
Nah, I think joe's just lazy and doesn't want to type it again. And again. And again. And ag.
http://groups.google.com/group/microsoft.public.win2000.active_directory/browse_thread/thread/639b5262e419fac8/0bbc9401b9d8a473?lnk=stq=joe+91+days+policyrnum=1hl=en#0bbc9401b9d8a473
On 6/5/06,
Sure enough, rangeUpper is 256. I'm not sure where I got that 64 thing, but
I'm guessing it was from memory and that was not up to the task again.
Anyone else? Is it safe or not for groups to have a sAMAccountName 20
characters but = 64? I'm going to assume that users definitely need to be
Hi all
I have to move an Enterprise CA from one DC
to another. The following article appears to show the required steps.
How to move a certification
authority to another server
http://support.microsoft.com/?kbid=298138
For those of you that have done this, is
the process as
Guard Dog:
http://blogs.technet.com/guarddog/default.aspx
Test 1… 2… 3 … Hello Cleveland!
Welcome to Guard Dog! GD is a blog run by Microsoft Support Engineers.
It covers authentication, authorization, account lockouts, auditing,
interactive logon, Kerberos, NTLM, and just about anything
Hi Jim,
Looks like your post never made it to the Active Dir list. If I recall
Exchange 2000 clustered still had dependencies on Wins, and I was told at a
Microsoft Technet event that Exchange 2003 clustered no longer had this
requirement, until I saw the Microsoft article that I pointed out
Title: Speaking of SamAccountName...
Guys, I have a dumb question.. A 3rd party app that uses LDAP for authentication... What attribute should be utilized for username? SamAccountName is the pre-Windows 2000 name. DistinguishedName is the long form OU/CN gobbledygook. So what is
Hi Jim,
Are you sure that holds true on a clustered Exchange 2000 server? I recall
from my Microsoft 2000 server clustering class at Quickstart Intelligence
back in 2001,
http://www.quickstart.com/courses/course.asp?cat=Windowstype=88course=2087
that the instructor stated that both Exchange
46 matches
Mail list logo
