Forum Replies Created
Re: Domain ug to 2k8r2 gone a little wrong.
A few things to check/modify:
1. Turn off the Firewall (enabled by default on W2k8 r2)
2. Turn off User Account Control (see User Accounts section in Control Panel).
3. Turn on Network discovery, file sharing in the Network Centre
Re: Restore Active Directory from Tapes
I windows 2008 or later, you do not restore just the system state, you normally restore the entire system drive to get it back.
I Windows 2003 you would normally reinstall Windows and then restore the system state.
Re: how to allow install Application???To install applications:
a) Your account must be a member of local administrators account. By default, ‘administrator’ is the local admin (or if a home machine, the first account created). Domain Admins are also by default members of local admins in a domain.
b) Right click the setup.exe program and select ‘Run as’ or ‘Run as administrator’ and enter the username and password of the local admin account
Re: 2000 dc —> 2008 dc????
Yes, if you keeping the same DNS name and Domain name then rights will be the same as before.
As for the FSMO roles, you can transfer them using the AD management consoles:
AD Users and Computers – PDC, Infrastructure, RID master
AD Schema – schema master role
AD Trusts and domain – Domain naming role
You can also use the NTDSUtil tool from the command line to transfer roles.
Re: Linux Domain to new WinServer03 Domain??
1. CLients will be able to login to their existing PC with cached credentials, although they will not be able to login to a PC they have not logged in before and will not be able to change passwords.
2. Once the Windows 2003 domain is built you will need to re-add the PCs to the new domain and setup all the user accounts from scratch (or import them from a CSV file using CSVDE tool).
3. After accounts are set up you need to get user’s to login with their new Win 2003 accounts and make sure they have access to any resources they require.
Also, their old windows profile may need copying across to new account as well.
Re: Multi Domain Setup
No, you do not need to set up a new forest unless your company has changed name or something.
A Second DC is fine by just running DCPromo on a new server and give it time to replicate data across (48 hrs is usually enough).
Re: Migrating from Windows 2003 to 2008
You do not mention if the migration is to new hardware or back to the same hardware?
You will need a fourth server, so that you can swing applications and services to that server so that you can swing them back to the rebuild server.
1. For the DC, all you need to do is run DCPromot.exe and allow it to replicate. Also move the GC and FSMO roles across. I would give it 48 hours to fully replicate before wiping the original.
2. For Exchange you need all roles (mailbox, owa etc) set up on a second server, then move mailboxes, public folders and system folders across before you can decomission the original (uninstall).
Exchange 2003 will NOT work on Windows 2008 x64, it will only work on a 32 bit OS, unless you upgrade to Exchange 2007!
3. SQL is more straight forward. Backup the database and logs. Install SQL on new server, restore database back and setup users and permissions agains and any SQL jobs.
4. WSUS can work just fine as it is.
Re: legal grounds for AD Schema modification
Yes, you do need to have your own ODI number for custom classes and attributes for AD.
A unqiue ODI is requirement to prevent your ODI from conflicting with other ODI by other companies esp. if you plan on selling the solution outside of your organisation as schema changes cannot be removed.
If youe ODI conflicts with another ODI and messes up their AD domain, then I would consider it to be the purchases rights to damages as they would have to restore their AD from scratch – not a thrilling prospect for any organisation.
Getting an ODI is free of charge and only takes a couples of days to complete. I got mine from http://www.iana.org. They call them PEN numbers (Private Enterprise number).
Re: Problem downloading Word attachments
You need to remove all references to the .doc, .xls, .ppt and the .docx, .xlsx file types from registry so that you can save them to disk.
Use a tool called FileTypesMan from http://www.nirsoft.net/utils/file_types_manager.html to make it easy to remove them.
Re: reinstall/repair exchange on sbs2003 r2
Deleting transaction logs is usually NOT a good idea as it makes it harder to get them back into a clean state and you will likely loose recent email.
To repair databases use the ESEUTIL /R log or ESEUTIL /P dbname.edb tool.April 19, 2010 at 12:10 pm in reply to: Push Printer using the Printer Management in Win2008 R2 64 bit #312742
Re: Push Printer using the Printer Management in Win2008 R2 64 bit
You can remove old printer connections from the registry:
using a local Administrator account.March 17, 2010 at 5:08 pm in reply to: Help required for SMTP Server Installation on Win 2008 R2 Standard Edition #312741
Re: Help required for SMTP Server Installation on Win 2008 R2 Standard Edition
It depends what SMTP is for. I would consider locking it down. Turn off Anonymous connections and / or restrict access by IP address so it cannot be used for malicious purposes.
Re: Win 7 in domain, local admin
Yes, I would create a new account and make it a member of the local Administrators group. Give a non-standard name so its hard to guess and use a complex password (Mixed case letter, and at least one digit and symbol).March 14, 2010 at 1:32 pm in reply to: event viewer empty for some logs (file replication service, forwardedevents) #312738
Re: event viewer empty for some logs (file replication service, forwardedevents)
FRS should be enabled on the DCs so that it can replicate the SYSVOL DFS share to other DC servers. It is also used when configuring a user Distributed File Share (DFS).
For Forwarded Events, you need to configure computer:
Re: Adding domain user to local administrator group
You may have a GRoup Policy that is applying ‘Restricted Groups’ which may be overwriting local settings. Check with the administrator of the OU that the user is located in and see if you need either adding to the Group Policy or a domain group that the user needs to be a member of to get local rights.
Re: Restore Active Directory database problem
There is no need to do a non-authoritative restore, you just needed to do an authoritative restore and use ntdsutil to state which part of the domain you need restoring, then that bit of the tree is ‘authoritative’ and should NOT be overwritten.March 6, 2010 at 4:40 pm in reply to: edit disabled: how do I edit the Default Domain Controllers Policy?? #312735
Re: edit disabled: how do I edit the Default Domain Controllers Policy??
MAke sure that you are either a Domain Admin or Enterprise Admin and a member of the GRoup Policy Editor group (or whatever the name is) to edit it.
Re: Windows 7 …a Netbeui problem!
Maybe you are going to from the wrong angle. Maybe you should replace the aging CNC machine with a new one.
Or maybe have one Windows XP machine with Netbeui AND TCPIP installed, then other machines in the office can talk to the XP machine (you can use Remote Desktop or VNC onto it) and leave it just to talk to the CNC machine….
Re: Cannot install net 3.5 framework on vista
Try the solution in this thread:
Re: Missing Files when I logged in.
Three things could have happened.
a) You have logged in with a different account.
b) You have logged in and been given a temporary profile (it will tell you this when you logged in).
c) Your existing profile is missing or it has been corrupted and been given a completely new profile.
Logout of your account. Login with an Administrator account (diff. from your own) and look in C:Users. Check to see if your account profile is still listed or it may have created a second profile e.g. name.domain or name.computername.
Backup the profile(s) to another location e.g. C:Backup and remove the old profile from c:users. Login again as yourself and you will get a new profile. Copy data and settings from AppData that your require from the old profile in c:backup.
Re: Restore registy from DOS
Windows does make a backup of the registry in a folder called c:Windowsrepair (or windowssystem32repair).
You can then copy the SOFTWARE, SYSTEM and possibly SECURITY registry hives back to the c:windowssystem32config folder.
Although this is not necessarily a recommended approach. Best way is to regularly backup the System State and restore that back, to restore registry.
Re: Sysprep with XP Image on HP
On Windows XP, when you extract Sysprep from the Deploy.cab file, you also get a setup manager program which you can create a Sysprep.ini which you can configure your sysprep image, you may also include the Windows XP key so new PCs deployed with the image get it automatically.
Re: prevent Workgroup client get ip address from DHcp
THere are three ways:
1. You can disconnect the workstation from the network completely.
2. You can give the workstation a static ip address via its tcpip properties.
3. You can ‘Reserve’ an IP address in DHCP so that it always gets the same address and not a dynamic address.October 5, 2009 at 4:27 pm in reply to: public folder contents won’t migrate to new server #312727
Re: public folder contents won’t migrate to new server
In Exchange 2003 System Manager, make sure that the new Exchange 2007 security groups have permissions to read/write the public folders on the Exchange 2003 server (see the Security tab), as they may not be set by default.
Also, I sometimes find it easy to force replication by selecting each folder, right click and tell it to replicate items from say 10000 days ago so to include all items.