James - don't thank me yet - you still have the problem and I don't
think I helped too much! ;)
themolk.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Thursday, 11 January 2007 4:07 PM
To: ActiveDir@mail.activedir.org
It would also be interesting to know what the event log has in it regarding
the startup of w32time. If this fix doesn't resolve it anyway.
-ajm
On 1/10/07, WATSON, BEN [EMAIL PROTECTED] wrote:
Try the command...
w32tm /resync /rediscover
See if that helps the client figure out where it
Dear collective,
I am at a site where somebody has panicked, and all 5 roles have been
seized in the last month, and have then been transferred back to the
DCs they were previously on.
I had thought that certain roles (RID, Schema and possibly Domain
Naming) being seized meant you had to wipe
Also see:
http://blogs.dirteam.com/blogs/jorge/archive/2006/01/05/373.aspx
from: http://support.microsoft.com/?id=255504
A domain controller whose FSMO roles have been seized should not be
permitted to communicate with existing domain controllers in the forest.
In this scenario, you should
On 11/01/07, Almeida Pinto, Jorge de
[EMAIL PROTECTED] wrote:
Also see:
http://blogs.dirteam.com/blogs/jorge/archive/2006/01/05/373.aspx
from: http://support.microsoft.com/?id=255504
Thanks Jorge,
Nothing about three days of darkness or locusts or the massacre of
first-borns, but I think it
You don't need to re-install windows. Forced demotion (offline) (using
out-of-band management solution) and promotion of the DCs is enough with
a metadata cleanup before the promotion however as the DCs have
already been online you might as well use a normal demotion. After that
MAKE SURE all
I'm having a hard time installing the IIS. It said that it can copy files.
Other then bad CD what could be keeping it from installing? Is there a GP
setting that I'm not aware of that will keep the IIS from installing?
Antonio
List info : http://www.activedir.org/List.aspx
List FAQ:
As of w2k3 there is a setting that prevents the installation of IIS,
when enabled of course...
Computer configuration\Administrative Templates\Windows
Components\Internet Information Services\Prevent IIS Installation =
[ENABLED | DISABLED]
-Original Message-
From: [EMAIL PROTECTED]
Russ-
In my experience recent versions of W32time will not correct an offset
that large ( 5 minutes) and will issue the exact message you quoted. By
far the easiset thing to do is a net time /set /yes to the closest DC.
Once the clock is pulled in within W32time's sanity checking parameters
it
I posted before on how to debug the Windows time service, which will
write a debug.log file in a location of your choice. This is quite
helpful in tracking down client-time issues.
EZ
Edward E. Ziots
Network Engineer
Lifespan Organization
MCSE,MCSA,MCP+I,M.E,CCA,Network+, Security +
Guys,
I am trying to add the Remote Desktop Users group (Builtin Domain Local
Group) to the Power Users group on my Windows 2000 Server SP4 Terminal
Server.
I can't. I can't navigate to it, I can't see it. Would anyone be able to
tell me why?
I would be grateful.
http://blogs.technet.com/james/archive/2007/01/11/daylight-saving-partner-webcast.aspx
Further to my recent post about Daylight Saving updates to Microsoft
products, partners are encouraged to join the webcast on this very
subject.
You can sign up for the webcast here:
You can't use it Rocky.
You hit the nail on the head with built-in. It has a well known SID
(S-1-5-32-555) which has no domain affinity so adding that to a member
machine is useless as the member machine would not be able to chase it back
to anything. I.E. If you have a forest with 4 domains and
joe,
YMYMYM
Thanks.
RH
__
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of joe
Sent: 11 January, 2007 2:11 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] Win 2000 Remote Desktop Users
You can't use it Rocky.
Joe got an idea on how to use Adfind and Admod to do this one.
I have a group with an _ in it, that I cant seem to dump the members
from the group with the dsget group and dsmod group commands.
The syntax of the command I am using is such, and I have tried it with
other groups with _ and it
I can't find an explanation and thought some of this august body might
know or can point me to some resource...
When viewing sessions in the Shared Folders MMC snap-in for an AD member
file server, there is a column labeled Idle Time.
What events reset this timer? I sometimes see very
Office autorecover will write to the share fairly frequently...
Thanks,
Brian Desmond
[EMAIL PROTECTED]
c - 312.731.3132
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Michael Miller
Sent: Thursday, January 11, 2007 4:45 PM
To:
lol, n/p
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rocky Habeeb
Sent: Thursday, January 11, 2007 2:27 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir]
AdMod will not populate membership that way currently unfortunately. You
could populate a list of groups with a single member or export membership
for a group to a CSV file, change the DN on the group and then use AdMod to
import. It is something that I think about occasionally on how to get it in
Am I the only one that would suggest escorting the consultant out the door?
Asking for domain admin level privs to access two servers is WAY over the
top IMHO. Heck, just to read and report and make suggestions (consultants
tend to do that from what I recall) the consultant doesn't need
Hopefully the guy means the person needs administrator rights over the two
servers. Not sure how you would give domain admin rights over two servers
and even what that would buy you. At the member level a domain admin isn't
any more powerful than a local admin. The domain powers come in with the
I've seen consultants ask for that level of access before to gain access to
the local machine. They reason that because the domain admins are added to
the local administrators group that they'll have full access to the
machine. They also are not aware of the rights needed to view or otherwise
22 matches
Mail list logo
