Can I run active directory 2012r2 and 2008r2 mixed with ADFS 3.0?
We have 8 DCs in our school district, and I'm looking at installing ADFS. I'm under the impression that I will need to use 2012 R2in order to get ADFS 3.0, and that requires active directory at 2012R2 level for GMSA accounts, is that right?
If I upgrade three of our DCs right now to 2012R2, I won't be able to promote 2012R2 functionality until they are all 2012R2 - but will I be able to create GMSA accounts and use ADFS 3.0 on 2012R2 if there are 2012R2 Active Directory DCs online, but not promoted
to that level of AD service?
Thanks!
Hi,
As I have replied to the other post of yours, yes you are right that if there is one (or more) Windows 2012 R2 Domain Controller online, you can use ADFS 3.0 and create GMSA (without upgrading all Domain Controllers and
raising the functional level to Windows Server 2012 R2).
Regards,
Amy
Similar Messages
-
Windows 2008 Server - Cannot run Active Directory Users and Computers
Hi,
I am running Windows 2008 Server with latest windows updates installed. Directory Services Role also.
I attempt to open Active Directory Users and Computers tool and I get a;
Microsoft Visual C++ Runtime Library error;
"The Application has requested the runtime to terminate it in a unusual way. Please contact the application's support team for more information"
I click ok, then get the following debug info;
Problem signature:
Problem Event Name: APPCRASH
Application Name: mmc.exe
Application Version: 6.0.6001.18000
Application Timestamp: 47919524
Fault Module Name: msvcrt.dll
Fault Module Version: 7.0.6001.18000
Fault Module Timestamp: 4791ad6b
Exception Code: 40000015
Exception Offset: 0000000000029b06
OS Version: 6.0.6001.2.1.0.272.7
Locale ID: 3081
Additional Information 1: 43aa
Additional Information 2: cf3a46656318492c1997480001b6b0e0
Additional Information 3: 3837
Additional Information 4: 92f72e0d0589ff77cef51e0a413aeff6
Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409
If someone could please assist, it would be very much appreciated.
Regards
B
Hi,
To solidly troubleshoot this kind of issue, we need to debug dump file. A suggestion would be to contact Microsoft Customer Service and Support (CSS) via telephone so that a dedicated Support Professional can assist with your request.
To obtain the phone numbers for specific technology request please take a look at the web site listed below:
http://support.microsoft.com/default.aspx?scid=fh;EN-US;OfferProPhone#faq607
However, I am also glad to share my research.
Some third party applications may lead to this error. Please check if you install other third party applications on Windows server 2008?
Also, please follow the article below to perform necessary steps to see how it's going?
FIX: You receive an "invalid page fault in module MSVCRT.DLL" error message after you install the run-time libraries from Visual C++ 6.0
http://support.microsoft.com/kb/190536/en-us
Hope this helps.
Best wishes
Morgan Che -
Can not open Active Directory Users and Computers
Problem Reported:
Out of the blue this has started happening:
When I go to "Active Directory Users and Computers" I get this message.
"MMC cannot open the file C:\WINDOWS\system32\dsa.msc.
This may be because the file does not exist, is not an MMC console, or was created by a later version of MMC. This may also be because you do not have sufficient access rights to the file.
Additional information:
This is a server that has been in use for 2+ years with active directory users that can and do login everyday.
As far as I know the system has no backup.
dsa.msc IS located in the system32 folder
I am using the administrator account.
OS:
Microsoft Windows Server 2003 R2
Standard x64 Edition
Service Pack 2
Please help with detail. Thank you.Have you tried to uninstall ADUC administrative tool and re-install it again? If no, please give a try.
This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Get Active Directory User Last Logon
Create an Active Directory test domain similar to the production one
Management of test accounts in an Active Directory production domain - Part I
Management of test accounts in an Active Directory production domain - Part II
Management of test accounts in an Active Directory production domain - Part III
Reset Active Directory user password -
Not able to open active directory user and computer in windows server 2008r2
Hi All techies,
i would like to know one issue which i am facing mostly, i have created 5 virtual machine all with window server2008r2 and one windows 7 on vm-ware now when ever i start my virtual machines everything going rite but when i try to open active directory user/
computer or domain and trust i get a following error "data from active directory user and computers is not available from dc(null) bcoz unspecified error" even when i chk in events log its give me no help, and after 15-30 min everything works good
Please let me know the cause of it and really appreciate it .
Thanks
AtulYou need to ensure that
1. group policy that says "wait for network before logon" is applied to all computers including servers and workstations is applied
2. DNS record exists for all DCs in DNS
3. If there are multiple Domain Controllers in Forests, then they point them as secondary DNS server. This way they will be able to resolve IPs if local DNS server service takes time to start.
As Chris mentioned, you need to start all DCs first, give a time of 5 minutes and then start member servers and workstations for successful logon.
- Sarvesh Goel - Enterprise Messaging Administrator -
How to create "folders" in Active Directory Users and Computers?
Hello Community
In Windows Server 2008R2 when you go to Active Directory Users and Computer
you will see icons of folders such as:
- Builtin has a folder icon
- Computers has a folder icon
- ForeignSecurityPrinicpals has a folder icon
- Domain Controller as a folder icon
- Managed Service Accounts has a folder icon
- Users has a folder icon
All of the above folders are visually identical.
If you right click and select “File” – “New”
on any of the selections the icon
will not look like the folder icon they have their own icons which look different
from the "Folder" icon.
I would like to create a “Folder” that looks just visually exactly like the ones
mentioned above, how can I create those types of Folders in Active Directory User
and Computers?
Note: I would like to put users in the folders.
Thank you
ShabeautHi,
you should use OUs (an OU is they type of object (folder) that is available for you to easily create.
The object type you are asking about is a "container", and there are various reasons why an OU is more flexible (applying GPO, etc).
Refer: Delegating Administration by Using OU Objects
http://technet.microsoft.com/en-us/library/cc780779(v=ws.10).aspx
and the sub-articles:
Administration of Default Containers and OUs
http://technet.microsoft.com/en-us/library/cc728418(v=ws.10).aspx
Delegating Administration of Account and Resource OUs
http://technet.microsoft.com/en-us/library/cc784406(v=ws.10).aspx
Also: http://technet.microsoft.com/en-us/library/cc961764.aspx
Don
(Please take a moment to "Vote as Helpful" and/or "Mark as Answer", where applicable.
This helps the community, keeps the forums tidy, and recognises useful contributions. Thanks!) -
Active directory users and computers wont start on a dc, "the server is not operational"
In our environment, we have 3 dc's
two which run server 2008 (they work perfectly)
and one never off branch dc that runs server 2008 r2.
We have been having some problems where we feel the replication isnt up too speed(stuff could take up to 24 hours to replicate) and now when i tried opening active directory users and computers i am met with this error window:
We have a third party DNS solution.
How do i troubleshoot this issue?dc01 (which replicates perfectly with dc02, and vise versa)
dcdiag /test:dns
C:\Users\adminuser>dcdiag /test:dns
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: Hostingpartner\ourdc01
Starting test: Connectivity
......................... ourDC01 passed test Connectivity
Doing primary tests
Testing server: Hostingpartner\ourdc01
DNS Tests are running and not hung. Please wait a few minutes...
Running partition tests on : ForestDnsZones
Running partition tests on : DomainDnsZones
Running partition tests on : Schema
Running partition tests on : Configuration
Running partition tests on : int
Running enterprise tests on : int.domain.com
Starting test: DNS
Test results for domain controllers:
DC: ourdc01.int.domain.com
Domain: int.domain.com
TEST: Delegations (Del)
Error: DNS server: ourdc02.int.domain.com. IP:xx.xx.xx.32 [Broken delegated domain domaindnszones.int.domain.com.]
Error: DNS server: ourdc02.int.domain.com. IP:xx.xx.xx.32 [Broken delegated domain forestdnszones.int.domain.com.]
Summary of test results for DNS servers used by the above domain controllers:
DNS server: xx.xx.xx.32 (ourdc02.int.domain.com.)
2 test failures on this DNS server
Delegation is broken for the domain domaindnszones.int.domain.com. on the DNS server xx.xx.xx.32
Delegation is broken for the domain forestdnszones.int.domain.com. on the DNS server xx.xx.xx.32
Summary of DNS test results:
Auth Basc Forw Del Dyn RReg Ext
Domain: int.domain.com
ourdc01 PASS PASS PASS FAIL n/a PASS n/a
......................... int.domain.com failed test DNS
dcdiag on dc01(which can replicate with dc02)
C:\Users\adminuser>dcdiag
Domain Controller Diagnosis
Performing initial setup:
Done gathering initial info.
Doing initial required tests
Testing server: hostingpartner\ourdc01
Starting test: Connectivity
......................... OURDC01 passed test Connectivity
Doing primary tests
Testing server: hostingpartner\ourdc01
Starting test: Replications
[Replications Check,OURDC01] DsReplicaGetInfoW(PENDING_OPS) failed with error 8453,
Win32 Error 8453.
......................... OURDC01 failed test Replications
Starting test: NCSecDesc
......................... OURDC01 passed test NCSecDesc
Starting test: NetLogons
[OURDC01] User credentials does not have permission to perform this operation.
The account used for this test must have network logon privileges
for this machine's domain.
......................... OURDC01 failed test NetLogons
Starting test: Advertising
......................... OURDC01 passed test Advertising
Starting test: KnowsOfRoleHolders
......................... OURDC01 passed test KnowsOfRoleHolders
Starting test: RidManager
......................... OURDC01 passed test RidManager
Starting test: MachineAccount
......................... OURDC01 passed test MachineAccount
Starting test: Services
......................... OURDC01 passed test Services
Starting test: ObjectsReplicated
......................... OURDC01 passed test ObjectsReplicated
Starting test: frssysvol
......................... OURDC01 passed test frssysvol
Starting test: frsevent
......................... OURDC01 passed test frsevent
Starting test: kccevent
......................... OURDC01 passed test kccevent
Starting test: systemlog
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:04:29
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:04:50
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:10:56
(Event String could not be retrieved)
An Error Event occured. EventID: 0xC0002719
Time Generated: 04/04/2013 15:11:17
(Event String could not be retrieved)
......................... OURDC01 failed test systemlog
Starting test: VerifyReferences
......................... OURDC01 passed test VerifyReferences
Running partition tests on : ForestDnsZones
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Running partition tests on : DomainDnsZones
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Running partition tests on : Schema
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Running partition tests on : Configuration
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Running partition tests on : int
Starting test: CrossRefValidation
......................... int passed test CrossRefValidation
Starting test: CheckSDRefDom
......................... int passed test CheckSDRefDom
Running enterprise tests on : int.domain.com
Starting test: Intersite
......................... int.domain.com passed test Intersite
Starting test: FsmoCheck
......................... int.domain.com passed test FsmoCheck
The problematic dc03:
Dcdiag gives the same output as dcdiag /test:dns
C:\Users\adminuser>dcdiag
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
Home Server = OURDC03
Ldap search capabality attribute search failed on server NTSDC03, return
value = 81
We have an infoblox dns server on ip address xxx.y.y.251.
first error in event logs on dc03:
error 1863
This is the replication status for the following directory partition on this directory server.
Directory partition:
CN=Configuration,DC=int,DC=domain,DC=com
This directory server has not received replication information from a number of directory servers within the configured latency interval.
Latency Interval (Hours):
24
Number of directory servers in all sites:
2
Number of directory servers in this site:
2
The latency interval can be modified with the following registry key.
Registry Key:
HKLM\System\CurrentControlSet\Services\NTDS\Parameters\Replicator latency error interval (hours)
To identify the directory servers by name, use the dcdiag.exe tool.
You can also use the support tool repadmin.exe to display the replication latencies of the directory servers. The command is "repadmin /showvector /latency <partition-dn>".
i have also go several warning 2088, 2093, 2087.
And errors 1863 pointing to different directory partitions like schema/configuration/domaindnszones/forestdnszones -
Active Directory Users and Computer not displaying column data?
I am running Windows 8.1 Enterprise with RSAT installed. My Domain controllers are Server 2008 R2.
I am having and issue with Active Directory Users and Computers. Typically I will turn on Advanced Features and then add Columns for Email address and Display Name. This for example allows me to easily export lists of users and there email
addresses among other things.
The issue is that on my Windows 8.1 client, the columns for Email and Display Name are empty. It simply will not display this information. It only displays Name, TYpe and Description.
If I use a Windows 7 client, the information displays correctly.
Has anyone run into this issue or heard of this problem when using ADUC on Windows 8.1?ADUC is an AD tool that is no longer being improved, with Microsoft now focusing on ADAC (Administrative Center). In 8.1, it has improved quite a bit since 7. You can also just try using the
ActiveDirectory PowerShell Module, which is easy to use and fairly powerful. It can be simple to export lists, and the module for AD is included with RSAT tools.
Example:
Import-Module ActiveDirectory
Get-ADUser -Filter {Manager -eq "John.Smith"} -Properties DisplayName,Mail | Export-Csv dump.csv -NoTypeInformation
So, recommendation: either use ADAC, or PowerShell -- ADUC is part of the wave of deprecation. -
Route mail and Active Directory Sites and Services configuration
Folks,
I have a problem in the internal email routing. My network is spread across various regions and the branch offices are connected together in a mpls network (full mesh). Every region has its own Exchange Server with all roles installed and the smtp connection
to the outside world is linked to two Exchange servers in the headquarter server farm.
The problem is that internally I often see emails going across the Exchange Servers in the branch offices where there is low bandwidth (from 3 to 5 Mbps), thus email are sent first to these servers instead of going immediately to the Exchange hosting
the mailboxes of the intended recipients. This happens also with inbound emails.
This causes slowness in the email system and sometimes also the network with these branch offices suffers from packet loss or very high latency.
I know that Exchange is a site-aware application and uses the Active Directory topology for message routing and to communicate with the services that are running on other Exchange 2013 computers. For this reason I have checked the Active Directory Sites
and Services and surprisingly I have found that there are no sites, no subnets, nothing has been defined but the default settings, included the Inter-Sites transport which contains the default DEFAULTIPSITELINK.
Apart from the fact that clients use logon servers which are not supposed to use in the far remote offices, I am concerned of changing the Exchange Infrastructure whilst the email system is running and I would like to ask your opinion about my next steps:
1) Create subnets for every office
2) Create sites and then link them to the subnets done in point 1
3) Delete the DEFAULTIPSITELINK and create new site links based on the costs (network speed) in order to determine the best routing server. I have 5 remote offices with 5 different network bandwidth, so I'll have to create 5 IP site links: high cost for
link with slow network, low cost for fast network.
4) (Optional) Configure the Exchange-specific cost using the Set-AdSiteLink cmdlet to the AD IP site links created previously
Apart from the valid questions on why the previous Exchange Administrator have forgotten to set up the Active Directory (Topology) Sites and Services...
...And why have chosen to install all Exchange Roles to each server when there was no reason to do that (there are two servers connected to the external smtp gateways in the headquarter, so in my opinion the Exchange Servers in the remote branch offices
should have had only the mailbox and the cas role)...
As a matter of fact, my idea is to go further and create the sites,subnets and the ip site link. If I still notice a wrong email flow, I can configure an ad-hoc Exchange-specific cost using the Set-AdSiteLink cmdlet. Does this sound reasonable to you guys
or I am taking the wrong decisions?
ThanksThank you very much for your link. This is exactly the page I have read just before posting my question here. It is not easy for me to understand why this has been setup this way by a Microsoft certified engineer.
There are specific rules to follow when Active Directory and Exchange are located in multiple sites and I am not a skilled Exchange Administrator... he keeps saying that it is correct and also tells that if I go forward with my ideas there is the
risk to increase the level of complexity. I prefer more complexity than default setting, and as a consequence of that, connectivity problems!
Hopefully everything goes well. I will post my results here once I have done the changes
Regards -
I have a user that all of a sudden was not able to open 70% of her files located on a file server, Windows Server 2003 running Active Directory, from her laptop. The same user can access all the same files from a different machine, logging on with the same
credentials. Just looking for a point in the right direction and a possible theory as what could cause this problem, an why all of a sudden. I did go back through the logs but nothing sticks out. For the most part the logs on the server and the laptop are
pretty clean.
Both machines are Latitude E5420s running Windows 7 Enterprise Service Pack 1. Both machines are 64bit and connect to the network via hard-wire, not wireless.
Thanks in advanced.
GrajekI would recommend proceeding that way:
Check that your DCs are in a healthy state and AD replication is fine: It might be that the user is member of security groups and the membership is not getting replicated properly which can cause this random behavior. You can use
dcdiag and repadmin for checks and you can refer to my recommendations here: http://social.technet.microsoft.com/wiki/contents/articles/18513.active-directory-replication-issues-basic-troubleshooting-steps-single-ad-domain-in-a-single-ad-forest.aspx
Make sure that the file server is reachable from the user client computer. Start with
ping and nslookup. Also, you need to make sure that the traffic between the client and the server is not blocked or filtered. You might want to temporary disable security software for testing
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
My MacBook Pro is running slowly. I run Mountain Lion on it. I received the following report from Etrecheck. Can someone help me decipher it and provide me with steps to fix the slow speed?
Problem description:
slow computer
EtreCheck version: 2.0.11 (98)
Report generated November 15, 2014 2:57:16 PM EST
Hardware Information: ℹ️
MacBook Pro (15-inch, Mid 2012) (Verified)
MacBook Pro - model: MacBookPro9,1
1 2.3 GHz Intel Core i7 CPU: 4-core
4 GB RAM
BANK 0/DIMM0
2 GB DDR3 1600 MHz ok
BANK 1/DIMM0
2 GB DDR3 1600 MHz ok
Bluetooth: Good - Handoff/Airdrop2 supported
Wireless: en1: 802.11 a/b/g/n
Video Information: ℹ️
Intel HD Graphics 4000 - VRAM: 384 MB
NVIDIA GeForce GT 650M - VRAM: 512 MB
Color LCD 1440 x 900
System Software: ℹ️
OS X 10.8.5 (12F45) - Uptime: 6 days 7:45:47
Disk Information: ℹ️
TOSHIBA MK5065GSXF disk0 : (500.11 GB)
S.M.A.R.T. Status: Verified
disk0s1 (disk0s1) <not mounted> : 210 MB
Macintosh HD (disk0s2) / [Startup]: 499.25 GB (25.67 GB free)
Recovery HD (disk0s3) <not mounted> [Recovery]: 650 MB
HL-DT-ST DVDRW GS31N
USB Information: ℹ️
Apple Inc. FaceTime HD Camera (Built-in)
Apple Inc. BRCM20702 Hub
Apple Inc. Bluetooth USB Host Controller
Apple Computer, Inc. IR Receiver
Apple Inc. Apple Internal Keyboard / Trackpad
Thunderbolt Information: ℹ️
Apple Inc. thunderbolt_bus
Gatekeeper: ℹ️
Mac App Store and identified developers
Kernel Extensions: ℹ️
/Applications/Rowmote Helper.app
[loaded] com.regularrateandrhythm.driver.RowmoteIREmu (1.0 - SDK 10.8) Support
/System/Library/Extensions
[not loaded] com.smarttech.iokit.SMARTBoard (11) Support
[not loaded] com.tectona.driver.PL2303 (1.3.0) Support
[loaded] com.webroot.driver.WebrootSecureAnywhere (54 - SDK 10.7) Support
Problem System Launch Agents: ℹ️
[failed] com.apple.accountsd.plist
[failed] com.apple.AirPlayUIAgent.plist
[failed] com.apple.coreservices.appleid.authentication.plist
[failed] com.apple.lookupd.plist
[failed] com.apple.printtool.agent.plist
[failed] com.apple.scopedbookmarkagent.xpc.plist
Problem System Launch Daemons: ℹ️
[failed] com.apple.coresymbolicationd.plist
[failed] com.apple.wdhelper.plist
Launch Agents: ℹ️
[loaded] com.oracle.java.Java-Updater.plist Support
[running] com.smarttech.boardservice.plist Support
[running] com.smarttech.floatingtools.plist Support
[running] com.smarttech.ink.plist Support
[running] com.smarttech.SBWDKService.plist Support
[running] com.smarttech.smartnotification.plist Support
[running] com.smarttech.systemtrayicon.plist Support
[running] com.webroot.WRMacApp.plist Support
[running] com.webroot.WRMacBackNSync.plist Support
Launch Daemons: ℹ️
[loaded] com.adobe.fpsaud.plist Support
[loaded] com.microsoft.office.licensing.helper.plist Support
[loaded] com.oracle.java.Helper-Tool.plist Support
[running] com.regularrateandrhythm.rowmotehelperaide.plist Support
[running] com.webroot.security.mac.plist Support
[running] com.webroot.webfilter.mac.plist Support
User Launch Agents: ℹ️
[loaded] com.google.keystone.agent.plist Support
[running] com.spotify.webhelper.plist Support
User Login Items: ℹ️
Garmin Express Service UNKNOWN (missing value)
iTunesHelper ApplicationHidden (/Applications/iTunes.app/Contents/MacOS/iTunesHelper.app)
Dropbox Application (/Applications/Dropbox.app)
Spotify Application (/Applications/Spotify.app)
Google Chrome ApplicationHidden (/Applications/Google Chrome.app)
Rowmote Helper Application (/Applications/Rowmote Helper.app)
Internet Plug-ins: ℹ️
Flip4Mac WMV Plugin: Version: 3.2.0.16 - SDK 10.8 Support
FlashPlayer-10.6: Version: 15.0.0.223 - SDK 10.6 Support
npwebroot: Version: 2.0.15 Support
AdobePDFViewerNPAPI: Version: 11.0.06 - SDK 10.6 Support
Flash Player: Version: 15.0.0.223 - SDK 10.6 Support
AdobePDFViewer: Version: 11.0.06 - SDK 10.6 Support
QuickTime Plugin: Version: 7.7.1
SharePointBrowserPlugin: Version: 14.4.5 - SDK 10.6 Support
Unity Web Player: Version: UnityPlayer version 4.5.1f3 - SDK 10.6 Support
Silverlight: Version: 5.1.20513.0 - SDK 10.6 Support
JavaAppletPlugin: Version: Java 7 Update 51 Check version
Safari Extensions: ℹ️
Password Manager
webfilter
3rd Party Preference Panes: ℹ️
Flash Player Support
Flip4Mac WMV Support
Java Support
SMART Board Support
Time Machine: ℹ️
Time Machine not configured!
Top Processes by CPU: ℹ️
3% WindowServer
2% iPhoto
2% mds
2% mdworker
1% Google Chrome
Top Processes by Memory: ℹ️
382 MB Mail
275 MB WebProcess
107 MB Google Chrome
103 MB WindowServer
99 MB Google Chrome Helper
Virtual Memory Information: ℹ️
270 MB Free RAM
1.50 GB Active RAM
1.30 GB Inactive RAM
1.22 GB Wired RAM
20.97 GB Page-ins
8.64 GB Page-outsHi Linc
I hope this is what you were after. Looking forward to hearing your feedback.
Thanks, Susanna.
11/16/14 12:36:02.738 PM com.apple.XType.FontHelper[91728]: FontHelper: message received. (<dictionary: 0x7fbb9b606ce0> { count = 2, contents =
"query" => <string: 0x7fbb9b605720> { length = 109, contents = "com_apple_ats_name_postscript == "Roboto-Regular" && kMDItemContentTypeTree != com.adobe.postscript-lwfn-font" }
"restricted" => <bool: 0x7fff7912f320>: true
11/16/14 12:36:02.738 PM com.apple.XType.FontHelper[91728]: AutoActivation: scopes (
"/Library/Application Support/Apple/Fonts"
11/16/14 12:36:02.878 PM com.apple.XType.FontHelper[91728]: FontHelper: message received. (<dictionary: 0x7fbb9a41d950> { count = 2, contents =
"query" => <string: 0x7fbb9a41d2e0> { length = 108, contents = "com_apple_ats_name_postscript == "Roboto-Medium" && kMDItemContentTypeTree != com.adobe.postscript-lwfn-font" }
"restricted" => <bool: 0x7fff7912f320>: true
11/16/14 12:36:02.878 PM com.apple.XType.FontHelper[91728]: AutoActivation: scopes (
"/Library/Application Support/Apple/Fonts"
11/16/14 12:36:02.889 PM com.apple.XType.FontHelper[91728]: FontHelper: message received. (<dictionary: 0x7fbb9b102580> { count = 2, contents =
"query" => <string: 0x7fbb9b100580> { length = 107, contents = "com_apple_ats_name_postscript == "Roboto-Light" && kMDItemContentTypeTree != com.adobe.postscript-lwfn-font" }
"restricted" => <bool: 0x7fff7912f320>: true
11/16/14 12:36:02.889 PM com.apple.XType.FontHelper[91728]: AutoActivation: scopes (
"/Library/Application Support/Apple/Fonts"
11/16/14 12:36:02.898 PM com.apple.XType.FontHelper[91728]: FontHelper: message received. (<dictionary: 0x7fbb9a41d1d0> { count = 2, contents =
"query" => <string: 0x7fbb9a41d2e0> { length = 106, contents = "com_apple_ats_name_postscript == "Roboto-Bold" && kMDItemContentTypeTree != com.adobe.postscript-lwfn-font" }
"restricted" => <bool: 0x7fff7912f320>: true
11/16/14 12:36:02.898 PM com.apple.XType.FontHelper[91728]: AutoActivation: scopes (
"/Library/Application Support/Apple/Fonts"
11/16/14 12:36:03.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91723 [cfprefsd]
11/16/14 12:36:03.784 PM com.apple.launchd[1]: (com.apple.sleepservicesd[91721]) Exited: Killed: 9
11/16/14 12:36:03.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91721 [SleepServicesD]
11/16/14 12:36:08.471 PM com.apple.launchd.peruser.501[159]: (com.apple.tccd[91730]) Exited: Killed: 9
11/16/14 12:36:08.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91730 [tccd]
11/16/14 12:36:09.592 PM com.apple.launchd[1]: (com.apple.xpcd.F5010000-0000-0000-0000-000000000000[91727]) Exited: Killed: 9
11/16/14 12:36:09.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91727 [xpcd]
11/16/14 12:36:13.129 PM com.apple.launchd[1]: (com.apple.XType.FontHelper[91728]) Exited: Killed: 9
11/16/14 12:36:13.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91728 [XType.FontHelper]
11/16/14 12:36:14.996 PM com.apple.launchd[1]: (com.apple.sleepservicesd[91739]) Exited: Killed: 9
11/16/14 12:36:14.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91739 [SleepServicesD]
11/16/14 12:36:20.120 PM com.apple.launchd[1]: (com.apple.cfprefsd.xpc.daemon[76618]) Exited: Killed: 9
11/16/14 12:36:20.000 PM kernel[0]: memorystatus_thread: idle exiting pid 76618 [cfprefsd]
11/16/14 12:36:23.433 PM com.apple.launchd.peruser.501[159]: (com.apple.cfprefsd.xpc.agent[76616]) Exited: Killed: 9
11/16/14 12:36:23.000 PM kernel[0]: memorystatus_thread: idle exiting pid 76616 [cfprefsd]
11/16/14 12:36:26.261 PM com.apple.launchd[1]: (com.apple.sleepservicesd[91752]) Exited: Killed: 9
11/16/14 12:36:26.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91752 [SleepServicesD]
11/16/14 12:36:37.691 PM com.apple.launchd[1]: (com.apple.sleepservicesd[91764]) Exited: Killed: 9
11/16/14 12:36:38.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91764 [SleepServicesD]
11/16/14 12:36:48.938 PM com.apple.launchd[1]: (com.apple.sleepservicesd[91777]) Exited: Killed: 9
11/16/14 12:36:49.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91777 [SleepServicesD]
11/16/14 12:37:01.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91788 [SleepServicesD]
11/16/14 12:37:00.821 PM com.apple.launchd[1]: (com.apple.sleepservicesd[91788]) Exited: Killed: 9
11/16/14 12:37:04.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91706 [distnoted]
11/16/14 12:37:15.656 PM com.apple.launchd[1]: (com.apple.sleepservicesd[91795]) Exited: Killed: 9
11/16/14 12:37:15.000 PM kernel[0]: memorystatus_thread: idle exiting pid 91795 [SleepServicesD]
11/16/14 12:37:27.016 PM ReportCrash[91819]: Failed to create CSSymbolicatorRef for Webroot SecureAnywhere[264]
11/16/14 12:37:27.125 PM ReportCrash[91819]: Failed to create dSYM-less CSSymbolicatorRef for Webroot SecureAnywhere[264]
11/16/14 12:37:27.487 PM com.apple.launchd.peruser.501[159]: (com.webroot.WRMacApp[264]) Job appears to have crashed: Segmentation fault: 11
11/16/14 12:37:30.336 PM com.apple.launchd[1]: (WSDaemon[61]) Exited abnormally: Broken pipe: 13
11/16/14 12:37:34.295 PM WindowServer[79]: CGXDisableUpdate: UI updates were forcibly disabled by application "iPhoto" for over 1.00 seconds. Server has re-enabled them.
11/16/14 12:37:34.594 PM WindowServer[79]: reenable_update_for_connection: UI updates were finally reenabled by application "iPhoto" after 1.30 seconds (server forcibly re-enabled them after 1.00 seconds)
11/16/14 12:37:37.648 PM ReportCrash[91819]: Saved crash report for Webroot SecureAnywhere[264] version 8.0.7.78 (8.0.7.78) to /Users/landerson/Library/Logs/DiagnosticReports/Webroot SecureAnywhere_2014-11-16-123737_lukes-MacBook-Pro.crash
11/16/14 12:37:42.660 PM WindowServer[79]: CGXDisableUpdate: UI updates were forcibly disabled by application "iPhoto" for over 1.00 seconds. Server has re-enabled them.
11/16/14 12:37:43.632 PM WindowServer[79]: reenable_update_for_connection: UI updates were finally reenabled by application "iPhoto" after 1.97 seconds (server forcibly re-enabled them after 1.00 seconds)
11/16/14 12:37:50.783 PM WSDaemon[91822]: CGSRegisterConnectionNotifyProc called with invalid connection
11/16/14 12:38:09.909 PM Problem Reporter[91853]: launch_msg returned m -
Hide all except one object in Active Directory Users and Computers.
Hello,
I have a question.. I need to allow to one group of "administrators" creating users in one OU and adding computers to the domain, nothing else. I allowed them to log on DC using the GPO "Allow log on locally", because I don't want to give
them administrator rights, I allowed them to do these operations on one OU through delegation wizard and now I need to make all OUs, groups etc. invisible to them except this OU. What is the best way how to achieve this? Thank you...
d.I would disable the ability to allow them to login. I suggest to create a Computers OU that you can delegate to the "admins" to add computers, and don't use the default Computers container.
I assume the admins are using Windows 7 or newer. You can customize an RSAT installation to just provide the ADAC.
Description of Remote Server Administration Tools for Windows 7:
http://support.microsoft.com/default.aspx/kb/958830
Remote Server Administration Tools for Windows 7:
http://technet.microsoft.com/en-us/library/ee449475(WS.10).aspx
Remote Server Administration Tools for Windows 7
http://www.microsoft.com/downloads/details.aspx?FamilyID=7D2F6AD7-656B-4313-A005-4E344E43997D&displaylang=en
Customizing - Installing Remote Server Administration Tools (RSAT) for Windows 7
http://www.petri.co.il/remote-server-administration-tools-for-windows-7.htm
Or if you want to chop it down and control it further, create a custom ADUC with just that OU you've delegated. I've done this in the past and worked fine for my customer:
Delegate an Organizational Unit (OU) in Active Directory Users and Computers (ADUC), then create a custom MMC or customized RSAT
http://blogs.msmvps.com/acefekay/2014/09/04/delegate-an-organizational-unit-ou-in-active-directory-users-and-computers-aduc-then-create-a-custom-mmc-or-customized-rsat/
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights. -
Active Directory Access and Synchronization with R/3
Dear All,
What I have understood till now about users being maintained in Active Directory is: there are no Roles in Active Directory, users are to be assigned to Groups in the Active Directory.
My requirement is: I have to maintain the users in Active Directory, and ensure they are in sync with my BW system CUA.
First question is: Can we maintain users and roles in CUA?
If I want to synchronize between Active Directory and CUA, do I always need the EP to play a part? If not, what are my alternatives?
My second requirement is: I have to get the users and roles ( partly from Active Directory via LDAP Connector, and partly from BW CUA ), the challenge being, I am getting users from the Active Directory, how will I determine the role it is assigned to in CUA?
I will have the group of the user from Active Directory, where and how do I determine what is the role assigned to this user?
Please suggest.
Regards,
Prosenjit.Prosenjit,
My apologies, I didnt really understand your scenario.
For your query -- I have to fetch the users from AD, check their roles, and display some relevant data.
You create the role in portal as assign it to the group (group can be anything either AD Groups, CUA Roles which would be groups on the portal or simple portal groups). Now the role will display the reports as links in the TLN and Detail level navigation however it would only be the authorizations which control what data will be visible to the end user.
Syncronization between AD - ABAP (CUA) would allow you to sync the user details between both the data sources roles dont come into the pitcure as far as I know and have seen (might be wrong also)
How will I conclude to which role the user is entitles in the BW side, just by getting the group?
I suppose you must have developed and then published reports on the portal. You will have to create a user - report matrix and then assign users to approproate groups.
Do clarify the requirement in further detail if this doesnt solve your issue. -
How to Takes Active directory backup and Restore in different Hardware
Hi
how to takes Active directory backup and Restore in different Hardware in Windows server 2003 R2 standard Edition.You can give a look to that: https://support.microsoft.com/kb/249694/?wa=wsignin1.0
This posting is provided AS IS with no warranties or guarantees , and confers no rights.
Ahmed MALEK
My Website Link
My Linkedin Profile
My MVP Profile -
Can I run the Photoshop CC and Lightroom with Windows XP professional as the operating system?
Can I run the Photoshop CC and Lightroom with Windows XP professional as the operating system?
The tech specs for Phtoshop CC and Lightroom indicate Windows 7 with SP 1 is required as a minimum, so XP would not be sufficient to run them. Here's the Photoshop specs:
Windows
Intel® Pentium® 4 or AMD Athlon® 64 processor (2GHz or faster)
Windows 7 with Service Pack 1, Windows 8, or Windows 8.1*
1GB of RAM
2.5GB of available hard-disk space for installation; additional free space required during installation (cannot install on removable flash storage devices)
1024x768 display (1280x800 recommended) with OpenGL® 2.0, 16-bit color, and 512MB of VRAM (1GB recommended)†
Internet connection and registration are necessary for required software activation, membership validation, and access to online services.‡ -
RSAT - Active Directory Users and Computers
After installing build 9879, I cannot open Active Directory Users and Computers. I get error message: MMC could not create the snap in. I do not see KB2693643 under installed updates anymore. I've tried to reinstall KB2693643
but I get error code 0x8024001d. Any help would be appreciated.Hi readabook,
To resolve windows update error 0x8024001d, please rename Software Distribution folder:
1. Click on Start, choose run type in CMD and click OK.
2. Type NET STOP WUAUSERV and press Enter. (leave this window open for later use)
3. Open My Computer
4. Find the folder c:\Windows\SoftwareDistribution
5. Right mouse click on SoftwareDistribution and choose rename call the folder "SDold"
6. Return to the black Window that opened in step 1 type NET START WUAUSERV and click enter
Alex Zhao
TechNet Community Support
Maybe you are looking for
-
Excise duty document with error code-15- table /BEV2/EDMSE after posting.
Hi Experts, is created in STO process Hi, We are facing the problem in stock transport from plant to plant regarding Excise duty document which can be seen in table /BEV2/EDMSE after posting. Steps involved in process 1) Creation of PO(STO) ME21N- 2)
-
Creation of a .dtsx package in order to execute a custom made logic functio
Hi I have created some allocation logic, which now i am executing from the default pad in the Finance application. But i need to execute it through the data manger package. Can you please tell me how to proceed with the above situation. thanks krish
-
How do I move bookmarks from my list or in a folder to the Favorites connection in my Start menu
I have a folder in my start menu named Favorites. When I click on it, it takes me to the list of bookmarked folders. When I open the folder I want, it shows some, but not all of the bookmarked sites in the folders. How do I add bookmarked sites to th
-
hello everyone, Is there anyone who can explain to me, how to import only recently datas from other database to mine oracle 10g database. I wanto update only the newest datas to my database. Best regards Tony
-
hi....I like so many of your personas I would like to know if it possible to select 3 or 4 personas and then have them appear randomly when you open firefox. Thank you Kay