Thanks Lou. This was informative and reinforces the concept to: a) get the dbms onto its own machine, and b) don't put the dbms on a domain controller, because a domain controller should be on its own machine if there are more than one machine (servers) in the domain. Goes to show you how "black-box" programming sucks, because noone ever knows why things go wrong nor how to fix them. :-) Thanks again, Bill
_____ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lou Perez Sent: Monday, February 25, 2008 10:15 AM To: [email protected] Subject: RE: [U2] UD and SBS Server Bill, Our clients have run into this multiple times with UniData and Windows 2003 servers that are Domain controllers. It is always an issue when the machine was a fresh install and not an upgrade from Windows 2000. The problem most likely isn't that you're trying to do this with SBS, it is the fact that SBS is also an Active Directory Domain controller. Contact with IBM support has not helped since they claim this is a Microsoft Windows security problem easily confirmed by the fact that Admin's can telnet in. Many of our clients IT staff have found themselves having to become Active Directory experts to figure out how to allow non-Admin user's telnet access to a domain controller. If you think about it, why would you let any non administrator telnet access to a server anyway? Of course if you are not running System Builder you wouldn't, but we are and need to. Many Google searches finally resulted in these Microsoft Articles (again focusing on the Domain Controller aspect, not the SBS). http://support.microsoft.com/kb/917791 (new article, might be why the next one didn't always work) http://support.microsoft.com/kb/292536 This one details how to prevent access, so use reverse engineering to figure out how to allow. I found this note in the article helpful: NOTE: When there is a TelnetClients group, only users who are members of this group have Telnet access to the domain controllers in the domain, unless those users are administrators of the domain. Members of the Administrators group always have access by using Telnet even if they are not members of the TelnetClients group. I am not convinced that following these instruction fixes the problem. Some cases it does other cases it has not, but might give you an idea why. Sorry to not have a more conclusive solution, but we try hard to convince people not to run the database on their Domain Controller. In the case of SBS, the idea is to get everything on one box. Good luck. -------------------- Louis Perez System Administrator F.W. Davison and Company, Inc. REGARDING E-MAIL MESSAGES FROM F.W. DAVISON AND COMPANY, INC.: In an effort to conserve our natural resources, and to be sure time-sensitive information reaches our customers as quickly as possible, F.W. Davison & Company distributes notices and other important information mainly through e-mail. To be sure these notices are received by the appropriate people in your office, please forward this e-mail if necessary. You can update your e-mail address by logging into the Customer Resource Center at www.fwdco.com and proceeding to Account Information > Update Account Information. CONFIDENTIALITY NOTICE: This e-mail message, and any accompanying documents, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, distribution or copying is prohibited. If you are not the intended recipient, please contact our office by e-mail or by telephone at (508) 747-7261 and immediately destroy all copies of the original message. ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/ ------- u2-users mailing list [email protected] To unsubscribe please visit http://listserver.u2ug.org/
