Exchange 2010 SP3 Active Directory update - can I do this 2 or 3 weeks in advance of SP3 Install?

Similar Messages

• Exchange 2010 and Active Directory connector

  Has anyone managed to provision an exchange 2010 mailbox with the dotnet connector bundle in the latest patch OW8.1.1.1/145769-01? ActiveDirectory.Connector-1.0.0.5143.zip and Exchange.Connector-1.0.0.5757.zip.
  Provisioning the Active Directory account works fine but as soon as I add an exchange attribute I get an error: java.lang.RuntimeException: The specified directory service attribute or value does not exist. (Exception from HRESULT: 0x8007200A)
  I checked everything I could think of. Either I'm missing something obvious or it does not work.
  Greetings,
  Marijke

  Have you had any luck with this?
  /hydrazine

• Forefront for exchange 2010 setup wizard preinstall update request

  I'm trying to install FPE, but even before I install and after the extraction of the files im getting the following error message on both my CAS servers.
  I have the following roles installed on this Client Access Server im using for the initial install of Forefront.
  Do I need to install active directory domain services before I continue.

  Hi,
  Firstly, please refer to the similar thread below:
  FSEMachinePrep.exe
  fails saying Server Unavailable
  Based on my research,
  Microsoft Forefront Protection 2010 for Exchange Server (FPE) can be deployed on Exchange Edge Transport, Hub Transport, Mailbox server, or combined
  Hub/Mailbox roles.
  Exchange 2010 requires Active Directory to be in place except for the Exchange 2010 Edge role (for DMZ) which can be deployed in a workgroup with Active Directory Lightweight
  Directory Services. Both Exchange (Mailbox, HUB and CAS role) and therefore FPE requires an Active Directory on site.
  Did you set up a domain environment for exchange server? If yes, please check the group membership of the user and make sure that it is a member of the Organization
  Management role group. In addition, please also make sure that you can connect to the primary domain controller on the CAS servers.
  More information:
  Microsoft Exchange Server 2010: Exchange Server and Active Directory
  Best regards,
  Susie

• TFS 2010 with Active Directory 2012 R2

  Are there any known problems using TFS 2010 with Active Directory 2012 R2? Domain controllers are being updated from 2003 to 2012 R2, and the Domain/Forest mode will be set to AD DS Server 2012R2, value=6.
  James Bristow, Software Configuration Manager

  Hi James, 
  Thanks for your post.
  Your AD 2012 R2 will running on your Windows Server 2012 R2 machine, right? Please note that: TFS 2010 not support Windows Server 2012 R2, so you cannot install TFS 2010 Server on this Windows Server 2012 R2 machine. Please refer to this document:
  https://msdn.microsoft.com/en-us/library/dd578592.aspx.
  As far as I know TFS 2010 works fine with AD 2012 R2, so you can install your TFS 2010 another machine and use this AD 2012 R2 Server.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Exchange 2010 - Issues after rollup update installation.

  Exchange 2010 - Issues after rollup update installation.
  We are having issues since we installed SP3 Rollup updates 1, 2, 3, and 4.
  Issue1 - People get an error messages constantly popping up when they access our webmail. The error messages are:
  An unexpected error occurred and your request couldn't be handled. and
  Your network connection is unavailable. Please reconnect and try again.
  Issue2 - When I open the Exchange Management Shell I get the following error:
  Failed to connect to an Exchange server in the current site. Enter the server FQDN where you want to connect.
  Issue3 - We have been using third party software to filter spam email. It is installed on our Exchange server. Since the updates it has not been working and we have tons of spam coming through. I dont think that this issue is that important at the moment and
  hope that it will be fixed after resolving issues 1 and 2.
  We uninstalled all four rollup updates in hopes that everything would go back to normal but it hasnt. We still have the same issues.
  Currently we are running Exchange 2010 SP3 on 2008R2 SP1.
  Please help.
  Thanks.
  Greg

  Hi,
  Based on the description, you got the error below when you tried to accessed OWA after rollup update installation.
  "An unexpected error occurred and your request couldn't be handled, and Your network connection is unavailable. Please reconnect and try again."
  For this issue, I recommend you check the OWA virtual directory to see if "Redirect requests to this destination" is checked. If it is checked, please uncheck the option. Then please restart IIS service to check the result.
  Open IIS Manager -> owa -> HTTP Redirect -> uncheck "Redirect requests to this destination:"
  Best regards,
  Belinda
  Belinda Ma
  TechNet Community Support

• Event ID 31138 "during the active directory update not -uc enabled agents were found"

  Hi All,
  I have Lync standard 2013 server on-premise and Exchange Office 365. I have enabled my users for Voice. 
  When I add a user to a response group I get the warning that the user is not enterprise voice enabled. This is strange as the user is enterprise enabled and can make and receive calls. 
  I also have Event ID 31138 on my Front End server. 
  "during the active directory update not -uc enabled agents were found
  The following agents are specified as agents but are not UC enabled:
  sip:[email protected]"
  Any thoughts? 

  Hi,
  Did you change the default SIP Domain before?
  If yes. You may need to remove agent from database. As the agents of a Response Group are added to the rgsconfigdatabase, within the database you will find a table called dbo.Agents. When open it you will see an overview of theagents which are member
  of the groups. You can do the following steps to remove an agent from this table:
  Right click on the dbo.Agents table and select the option Edit Top 200 rows
  Search for the user and remove the specific record.
  More details:
  http://troubleshootinglync.blogspot.com/2013/05/event-id-31137-unable-to-removeadd.html
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there.
  Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• I am trying to update my iphone to the latest software version, but am getting a message saying 'make sure your network settings are correction and your connection is active'.  i know my connection is active, so how can I fix this problem?

  I am trying to update my iphone to the latest software version, but am getting a message saying 'make sure your network settings are correction and your connection is active'.  i know my connection is active, so how can I fix this problem?

  Hi there pamela123456,
  I would recommend taking a look at the troubleshooting steps found in the article below.
  iTunes for Windows: iTunes cannot contact the iPhone, iPad, or iPod software update server
  http://support.apple.com/kb/ts1814
  -Griff W.

• InDesign CS5 is not opening after deactivation/activation. How can I fix this? Illustrator and Photoshop open and are working fine. Please help!

  InDesign CS5 is not opening after deactivation/activation. How can I fix this? Illustrator and Photoshop open and are working fine. Please help!

  First of all, thank you for replying so promptly to my posts this morning!
  I can't remember how I got the software on his computer, but I'm pretty sure it wasn't through migration assistant.
  I was looking into doing an uninstall of InDesign and a fresh install. However, I initially downloaded the CS5 suite digitally and I can't find out how I am able to perform a fresh install of InDesign. Do you know where I find this info or gain access to download just InDesign again? I can't seem to find anything in my Adobe account that shows where I might do another download.

• Exchange 2010 Powershell virtual directory recreation

  Nevermind Fixed.....
  So apparently you have to run those commands in Powershell version 2.0, Exchange 2010 doesn't like powershell 3.0
  to do that type  powershell -version 2.0
  then type the exchange commands. 

  Ok, so I opened up my IIS console today to fix a problem with Exchange and the fix was to change one of the Modules in the Powershell Virtual Directory, but when I clicked on Modules it threw an error.  So I started to try an fix that, all the forums and suggestions I read said to remove the Virtual directory and recreate it...
  My problem is recreating it, I get the following error,  I've googled and searched a lot and can't find how to fix this. 
  This topic first appeared in the Spiceworks Community

• Active Directory Services Can't Connect to Domain

  I removed Active Directory services form a server running 2012. I then went to reinstall and reconfigure it, but I keep running into issues. When I launch active directory admin center it gives me an error that it can't connect to any domain, and I can't
  make any changes. The local server has already been promoted to the domain controller. Here is the output from dcdiag:
  Directory Server Diagnosis
  Performing initial setup:
     Trying to find home server...
     Home Server = ACSSVR
     * Identified AD Forest. 
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\ACSSVR
        Starting test: Connectivity
           ......................... ACSSVR passed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\ACSSVR
        Starting test: Advertising
           Fatal Error:DsGetDcName (ACSSVR) call failed, error 1355
           The Locator could not find the server.
           ......................... ACSSVR failed test Advertising
        Starting test: FrsEvent
           ......................... ACSSVR passed test FrsEvent
        Starting test: DFSREvent
           There are warning or error events within the last 24 hours after the
           SYSVOL has been shared.  Failing SYSVOL replication problems may cause
           Group Policy problems. 
           ......................... ACSSVR failed test DFSREvent
        Starting test: SysVolCheck
           ......................... ACSSVR passed test SysVolCheck
        Starting test: KccEvent
           A warning event occurred.  EventID: 0x80000B46
              Time Generated: 03/02/2015   12:00:00
              Event String:
              The security of this directory server can be significantly enhanced by configuring the server to reject SASL (Negotiate,  Kerberos, NTLM, or Digest) LDAP binds that do not request signing (integrity verification)
  and LDAP simple binds that  are performed on a cleartext (non-SSL/TLS-encrypted) connection.  Even if no clients are using such binds, configuring the server to reject them will improve the security of this server. 
           A warning event occurred.  EventID: 0x80000734
              Time Generated: 03/02/2015   12:00:37
              Event String:
              The local domain controller could not connect with the following domain controller hosting the following directory partition to resolve distinguished names. 
           ......................... ACSSVR passed test KccEvent
        Starting test: KnowsOfRoleHolders
           ......................... ACSSVR passed test KnowsOfRoleHolders
        Starting test: MachineAccount
           ......................... ACSSVR passed test MachineAccount
        Starting test: NCSecDesc
           ......................... ACSSVR passed test NCSecDesc
        Starting test: NetLogons
           Unable to connect to the NETLOGON share! (\\ACSSVR\netlogon)
           [ACSSVR] An net use or LsaPolicy operation failed with error 67,
           The network name cannot be found..
           ......................... ACSSVR failed test NetLogons
        Starting test: ObjectsReplicated
           ......................... ACSSVR passed test ObjectsReplicated
        Starting test: Replications
           ......................... ACSSVR passed test Replications
        Starting test: RidManager
           ......................... ACSSVR passed test RidManager
        Starting test: Services
           ......................... ACSSVR passed test Services
        Starting test: SystemLog
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/02/2015   11:21:34
              Event String:
              Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers responded.
           A warning event occurred.  EventID: 0x000727A5
              Time Generated: 03/02/2015   11:21:58
              Event String:
              The WinRM service is not listening for WS-Management requests. 
           An error event occurred.  EventID: 0xC0001B58
              Time Generated: 03/02/2015   11:26:01
              Event String:
              The Vstor2 Virtual Storage Driver service failed to start due to the following error: 
           An error event occurred.  EventID: 0xC0001B58
              Time Generated: 03/02/2015   11:26:01
              Event String:
              The Vstor2 MntApi 2.0 Driver (shared) service failed to start due to the following error: 
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/02/2015   11:26:16
              Event String:
              Name resolution for the name teredo.ipv6.microsoft.com. timed out after none of the configured DNS servers responded.
           An error event occurred.  EventID: 0x0000002E
              Time Generated: 03/02/2015   11:34:32
              Event String:
              The time service encountered an error and was forced to shut down. The error was: 0x80070700: An attempt was made to logon, but the network logon service was not started.
           An error event occurred.  EventID: 0xC0001B6F
              Time Generated: 03/02/2015   11:34:32
              Event String:
              The Windows Time service terminated with the following error: 
           A warning event occurred.  EventID: 0x000727A5
              Time Generated: 03/02/2015   11:35:01
              Event String:
              The WinRM service is not listening for WS-Management requests. 
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/02/2015   11:39:08
              Event String:
              Name resolution for the name _ldap._tcp.dc._msdcs.ACS.local. timed out after none of the configured DNS servers responded.
           An error event occurred.  EventID: 0xC0001B58
              Time Generated: 03/02/2015   11:39:27
              Event String:
              The Vstor2 Virtual Storage Driver service failed to start due to the following error: 
           An error event occurred.  EventID: 0xC0001B58
              Time Generated: 03/02/2015   11:39:27
              Event String:
              The Vstor2 MntApi 2.0 Driver (shared) service failed to start due to the following error: 
           A warning event occurred.  EventID: 0x000727AA
              Time Generated: 03/02/2015   11:39:40
              Event String:
              The WinRM service failed to create the following SPNs: WSMAN/ACSSVR.ACS.local; WSMAN/ACSSVR. 
           A warning event occurred.  EventID: 0x0000000C
              Time Generated: 03/02/2015   11:39:39
              Event String:
              Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in
  the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the
  authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
           A warning event occurred.  EventID: 0xC000042B
              Time Generated: 03/02/2015   11:42:01
              Event String:
              The RD Session Host server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
           An error event occurred.  EventID: 0x00000469
              Time Generated: 03/02/2015   11:44:31
              Event String:
              The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
  controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
           An error event occurred.  EventID: 0x00000469
              Time Generated: 03/02/2015   11:45:05
              Event String:
              The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
  controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
           An error event occurred.  EventID: 0x0000168F
              Time Generated: 03/02/2015   11:55:22
              Event String:
              The dynamic deletion of the DNS record 'ACS.acsolutionsinc.net. 600 IN A 192.168.56.1' failed on the following DNS server:  
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/02/2015   11:55:22
              Event String:
              Name resolution for the name acsolutionsinc.net timed out after none of the configured DNS servers responded.
           An error event occurred.  EventID: 0x0000168F
              Time Generated: 03/02/2015   11:55:47
              Event String:
              The dynamic deletion of the DNS record '_ldap._tcp.ACS.acsolutionsinc.net. 600 IN SRV 0 100 389 ACSSVR.ACS.acsolutionsinc.net.' failed on the following DNS server:  
           A warning event occurred.  EventID: 0x000727A5
              Time Generated: 03/02/2015   11:55:53
              Event String:
              The WinRM service is not listening for WS-Management requests. 
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/02/2015   11:55:53
              Event String:
              Name resolution for the name _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.ACS.local. timed out after none of the configured DNS servers responded.
           A warning event occurred.  EventID: 0x000003F6
              Time Generated: 03/02/2015   11:59:53
              Event String:
              Name resolution for the name _ldap._tcp.dc._msdcs.ACS.local. timed out after none of the configured DNS servers responded.
           An error event occurred.  EventID: 0xC0001B58
              Time Generated: 03/02/2015   12:00:13
              Event String:
              The Vstor2 Virtual Storage Driver service failed to start due to the following error: 
           An error event occurred.  EventID: 0xC0001B58
              Time Generated: 03/02/2015   12:00:13
              Event String:
              The Vstor2 MntApi 2.0 Driver (shared) service failed to start due to the following error: 
           A warning event occurred.  EventID: 0x000727AA
              Time Generated: 03/02/2015   12:00:25
              Event String:
              The WinRM service failed to create the following SPNs: WSMAN/ACSSVR.ACS.local; WSMAN/ACSSVR. 
           A warning event occurred.  EventID: 0x0000000C
              Time Generated: 03/02/2015   12:00:25
              Event String:
              Time Provider NtpClient: This machine is configured to use the domain hierarchy to determine its time source, but it is the AD PDC emulator for the domain at the root of the forest, so there is no machine above it in
  the domain hierarchy to use as a time source. It is recommended that you either configure a reliable time service in the root domain, or manually configure the AD PDC to synchronize with an external time source. Otherwise, this machine will function as the
  authoritative time source in the domain hierarchy. If an external time source is not configured or used for this computer, you may choose to disable the NtpClient.
           A warning event occurred.  EventID: 0xC000042B
              Time Generated: 03/02/2015   12:02:47
              Event String:
              The RD Session Host server cannot register 'TERMSRV' Service Principal Name to be used for server authentication. The following error occured: The specified domain either does not exist or could not be contacted.
           An error event occurred.  EventID: 0x00000469
              Time Generated: 03/02/2015   12:05:17
              Event String:
              The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
  controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
           An error event occurred.  EventID: 0x00000469
              Time Generated: 03/02/2015   12:05:17
              Event String:
              The processing of Group Policy failed because of lack of network connectivity to a domain controller. This may be a transient condition. A success message would be generated once the machine gets connected to the domain
  controller and Group Policy has successfully processed. If you do not see a success message for several hours, then contact your administrator.
           ......................... ACSSVR failed test SystemLog
        Starting test: VerifyReferences
           ......................... ACSSVR passed test VerifyReferences
     Running partition tests on : Schema
        Starting test: CheckSDRefDom
           ......................... Schema passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Schema passed test CrossRefValidation
     Running partition tests on : Configuration
        Starting test: CheckSDRefDom
           ......................... Configuration passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Configuration passed test CrossRefValidation
     Running partition tests on : ACS
        Starting test: CheckSDRefDom
           ......................... ACS passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... ACS passed test CrossRefValidation
     Running enterprise tests on : ACS.local
        Starting test: LocatorCheck
           Warning: DcGetDcName(GC_SERVER_REQUIRED) call failed, error 1355
           A Global Catalog Server could not be located - All GC's are down.
           Warning: DcGetDcName(TIME_SERVER) call failed, error 1355
           A Time Server could not be located.
           The server holding the PDC role is down.
           Warning: DcGetDcName(GOOD_TIME_SERVER_PREFERRED) call failed, error
           1355
           A Good Time Server could not be located.
           Warning: DcGetDcName(KDC_REQUIRED) call failed, error 1355
           A KDC could not be located - All the KDCs are down.
           ......................... ACS.local failed test LocatorCheck
        Starting test: Intersite
           ......................... ACS.local passed test Intersite
  I've been trying to debug errors one at a time, but I'm having a hard time finding any information that pertains to this issue as a whole. Anything you can tell me about this would be great, thank you for reading. 

  It was the only server in the network, the only dc in the old forest. When I re-installed ad ds I gave the new forest different name, but I guess the old settings are still in the system somewhere conflicting with the new setup? Is there a way to
  purge the old setup entirely and start over with ad ds, or am I going to have to re-install the whole OS? Thanks again for the help.
  Honestly, the best way to handle this is to rebuild the server. There are many things that are "left behind" when you remove the Domain / Forest from a Domain Controller. In fact many articles will say after using ADMT (active directory migration
  tool) you should decommission the original Domain Controller (aka reinstall the OS).
  While you could spend more time trying to get that domain controller working, it absolutely is going to be 1) More reliable 2) faster to reinstall the OS on the old domain controller. If you are still leveraging storage, or services on that domain controller,
  you will want to back them up, or have a transition plan before reinstalling everything on the server. I have a feeling if you choose to keep troubleshooting this, you will run into more issues down the road.
  Entrepreneur, Strategic Technical Advisor, and Sr. Consulting Engineer - Strategic Services and Solutions Check out my book - Powershell 3.0 - WMI: http://amzn.to/1BnjOmo | Mastering PowerShell Coming in April 2015!

• Exchange 2013 fails Active Directory Prep

  This is a new, new, installation of Windows Server 2012 R2 Essentials followed by Exchange 2013, all on a single server that is also the DC, in a lab environment.   This is to replace an existing SBS2000 installation in a small business. 
  Server 2012 setup without any significant issues.  The first pass at Exchange 2013 resulted in "access denied" when attempting to access the Exchange Management PS and login credentials failure for Exchange EAC (ECP).   After manually
  adding the installation Administrator to a number of the Exchange security groups, I was able to access Exchange Manager.  I checked that there was a mailbox associated with the Installation Admin ID, attempted to reset passwords and a number of other
  things to no avail.  I uninstalled Exchange (what a pain).
  I reinstalled Exchange.  As with the first time, no prerequisite errors and no installation failure alerts.   Again, I could not access Exchange Manager (access denied) or the EAC (login credentials failure).   This time, I was not
  able change the security group permissions to gain access to Exchange Manager.  Again, checked about everything there was to check on the web and found a reference to Exchange possibly not installing correctly due to lingering entries from the first install.  
  As I could not access Exchange Manager to perform the uninstall prerequisites, I attempted to manually delete it (nothing to loose at this point), but made the anticipated mess.
  Wiped the RAID and started over with a clean sheet install of Server 2012 Essentials-OK.  Progressed in the Exchange install prep to "Prepare Active Directory and Domains" (http://technet.microsoft.com/en-us/library/bb125224(v=exchg.150).aspx)
  and stopped when I could not detect the confirming ADSI entries of AD prep set forth at the close of the TechNet document.
  I methodically stepped through the install procedure and again received no prerequisite failures or installation failure alerts.  I examined the install logs and found no errors, either.
  Any words of wisdom?

  Hi,
  From your description, Windows Server 2012 R2 Essentials and Exchange 2013 are installed on a single server that is also the DC.
  Microsoft does not support installing Exchange Server on a server that is running Windows Server Essentials. You need to install Exchange Server on a second server and then join the second server to the Windows Server Essentials domain.
  And it is not recommended to install Exchange server on DC.
  Here is a related article for your reference.
  Integrate an On-Premises Exchange Server with Windows Server Essentials
  http://technet.microsoft.com/en-us/library/jj200172.aspx
  Best regards,
  Belinda Ma
  TechNet Community Support

• Help with setting up active directory domain controller/DNS - need this for Clustering

  Disclaimer: I am new to Active Directory, so please dont rule out the obvious things I may have overlooked.
  I need to set up Active Directory Domain controller on at least one server so I can run clustering. I set up the domain controller and ran Cluster validation and that failed - unable to reach writable domain controller.
  When I look at my server manager AD DS complain about DNS:
  NASE-2012-234    4015    Error    Microsoft-Windows-DNS-Server-Service    DNS Server    1/14/2014 12:54:06 AM
  The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
  When I click on DNS this is the error:
  The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
  Output of DCDiag -v is below.
  PS C:\Users\Administrator> dcdiag -v
  Directory Server Diagnosis
  Performing initial setup:
     Trying to find home server...
     * Verifying that the local machine NASE-2012-234, is a Directory Server.
     Home Server = NASE-2012-234
     * Connecting to directory service on server NASE-2012-234.
     * Identified AD Forest.
     Collecting AD specific global data
     * Collecting site info.
     Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=
  ntDSSiteSettings),.......
     The previous call succeeded
     Iterating through the sites
     Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lab,DC=nas
  e,DC=com
     Getting ISTG and options for the site
     * Identifying all servers.
     Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntD
  SDsa),.......
     The previous call succeeded....
     The previous call succeeded
     Iterating through the list of servers
     Getting information for the server CN=NTDS Settings,CN=NASE-2012-234,CN=Servers,CN=Default-First-Site-Name,CN=Sites,C
  N=Configuration,DC=lab,DC=nase,DC=com
     objectGuid obtained
     InvocationID obtained
     dnsHostname obtained
     site info obtained
     All the info for the server collected
     * Identifying all NC cross-refs.
     * Found 1 DC(s). Testing 1 of them.
     Done gathering initial info.
  Doing initial required tests
     Testing server: Default-First-Site-Name\NASE-2012-234
        Starting test: Connectivity
           * Active Directory LDAP Services Check
           The host c0c507c4-fb9b-49a6-9a01-ef79d7960c94._msdcs.lab.nasecom could not be resolved to an IP address.
           Check the DNS server, DHCP, server name, etc.
           Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
           ......................... NASE-2012-234 failed test Connectivity
  Doing primary tests
     Testing server: Default-First-Site-Name\NASE-2012-234
        Skipping all tests, because server NASE-2012-234 is not responding to directory service requests.
        Test omitted by user request: Advertising
        Test omitted by user request: CheckSecurityError
        Test omitted by user request: CutoffServers
        Test omitted by user request: FrsEvent
        Test omitted by user request: DFSREvent
        Test omitted by user request: SysVolCheck
        Test omitted by user request: KccEvent
        Test omitted by user request: KnowsOfRoleHolders
        Test omitted by user request: MachineAccount
        Test omitted by user request: NCSecDesc
        Test omitted by user request: NetLogons
        Test omitted by user request: ObjectsReplicated
        Test omitted by user request: OutboundSecureChannels
        Test omitted by user request: Replications
        Test omitted by user request: RidManager
        Test omitted by user request: Services
        Test omitted by user request: SystemLog
        Test omitted by user request: Topology
        Test omitted by user request: VerifyEnterpriseReferences
        Test omitted by user request: VerifyReferences
        Test omitted by user request: VerifyReplicas
        Test omitted by user request: DNS
        Test omitted by user request: DNS
     Running partition tests on : ForestDnsZones
        Starting test: CheckSDRefDom
           ......................... ForestDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... ForestDnsZones passed test CrossRefValidation
     Running partition tests on : DomainDnsZones
        Starting test: CheckSDRefDom
           ......................... DomainDnsZones passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... DomainDnsZones passed test CrossRefValidation
     Running partition tests on : Schema
        Starting test: CheckSDRefDom
           ......................... Schema passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Schema passed test CrossRefValidation
     Running partition tests on : Configuration
        Starting test: CheckSDRefDom
           ......................... Configuration passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... Configuration passed test CrossRefValidation
     Running partition tests on : lab
        Starting test: CheckSDRefDom
           ......................... lab passed test CheckSDRefDom
        Starting test: CrossRefValidation
           ......................... lab passed test CrossRefValidation
     Running enterprise tests on : lab.nasecom
        Test omitted by user request: DNS
        Test omitted by user request: DNS
        Starting test: LocatorCheck
           GC Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           PDC Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           Time Server Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           Preferred Time Server Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           KDC Name: \\NASE-2012-234.lab.nasecom
           Locator Flags: 0xe000f3fd
           ......................... lab.nase.com passed test LocatorCheck
        Starting test: Intersite
           Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
           provided.
           ......................... lab.nasecom passed test Intersite
  PS C:\Users\Administrator>

  http://social.technet.microsoft.com/Forums/en-US/home?forum=winserverDS is the forum for Directory Services questions.  You might want to post your question there.
  .:|:.:|:. tim

• Why can't I Drag & Drop a link from my address bar to my Bookmarks Toolbar in 4.0? I have the toolbar activated, but I can't do this. I was able to do it no problem with 3.6.

  Drag & Drop for bookmarking a link from Address bar to Bookmarks Toolbar is not working in 4.0. Was working in 3.6, then I upgraded to 4.0 and everything got screwed up. How can I fix this?

  I ditched 4.0 and went back to 3.6.17 but I can't drag and drop with it either. The Favicom idea didn't work for me either. Once in a great while it will work, but usually that ends up screwing up my bookmarks and everything being re-arranged. How could something so simple and basic NOT WORK anymore?

• Just installed ilife11cannot open iPhoto always asking for updates when checked no updates available only had this computer a week i am not impressed

  can anyone advise me on what to do i have just installed ilife11 onto my computer it seems to have stopped my iphoto from working, I cant open it always says install updates when having done this no upgrades are available. How do i get my iphoto to work again.

  Download the 9.1 update and install it -
  LN

• Strange DNS, Group Policy & Active Directory Issues - Can't track down root issue!

  For the last few weeks, we've been getting complaints, from our developers, about not being able to authenticate on various systems.  The issues were hit & miss but still problematic enough to warrant our looking into it.  It seems to be getting
  worse...  I now have new servers that aren't getting group policy updates.  They may get some, like the list of local admins but won't pick up NTFS permissions for folder-access.  Those that pick up the AD group full of local admins have trouble
  authenticating members of the group.  Some were showing event log entries regarding authentication issues due to being unable to contact an AD DC.  We reloaded that DC but many of the issues still persist.  At this point, I'm running
  out of places to look for ideas.  I've spent the last week looking up Event Log IDs and looking though their meanings and possible remedies but, again, the issues persist.  It doesn't seem to matter what the OS is.  We've been seeing
  this on 2008, 2008-R2 & 2012-R2.
  Here are some examples of events I'm seeing.  I can't figure out the root cause(s).
  Log Name: Application
  Source: Group Policy Files
  Date: 2/19/2015 2:35:12 PM
  Event ID: 4098
  Task Category: (2)
  Level: Warning
  Keywords: Classic
  User: SYSTEM
  Computer: H2T8-IOLDP1.HOMENET.local
  Description:
  The computer 'uptime.exe' preference item in the 'APPS (UpTime) {3BF05605-27C0-43AD-AC0F-873B678EB217}' Group Policy Object did not apply because it failed with error code '0x80090006 Invalid Signature.' This error was suppressed.
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
  <Provider Name="Group Policy Files" />
  <EventID Qualifiers="34305">4098</EventID>
  <Level>3</Level>
  <Task>2</Task>
  <Keywords>0x80000000000000</Keywords>
  <TimeCreated SystemTime="2015-02-19T19:35:12.000000000Z" />
  <EventRecordID>1871</EventRecordID>
  <Channel>Application</Channel>
  <Computer>H2T8-IOLDP1.HOMENET.local</Computer>
  <Security UserID="S-1-5-18" />
  </System>
  <EventData>
  <Data>computer</Data>
  <Data>uptime.exe</Data>
  <Data>APPS (UpTime) {3BF05605-27C0-43AD-AC0F-873B678EB217}</Data>
  <Data>0x80090006 Invalid Signature.</Data>
  </EventData>
  </Event>
  Log Name: Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin
  Source: Microsoft-Windows-TerminalServices-RemoteConnectionManager
  Date: 2/19/2015 9:38:13 AM
  Event ID: 20499
  Task Category: None
  Level: Warning
  Keywords:
  User: NETWORK SERVICE
  Computer: H2T8-IOLDP1.HOMENET.local
  Description:
  Remote Desktop Services has taken too long to load the user configuration from server \\h2s3-addc1.HOMENET.local for user RSickler
  Event Xml:
  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
  <Provider Name="Microsoft-Windows-TerminalServices-RemoteConnectionManager" Guid="{C76BAA63-AE81-421C-B425-340B4B24157F}" />
  <EventID>20499</EventID>
  <Version>0</Version>
  <Level>3</Level>
  <Task>0</Task>
  <Opcode>0</Opcode>
  <Keywords>0x4000000000000000</Keywords>
  <TimeCreated SystemTime="2015-02-19T14:38:13.182363700Z" />
  <EventRecordID>4</EventRecordID>
  <Correlation />
  <Execution ProcessID="1932" ThreadID="2156" />
  <Channel>Microsoft-Windows-TerminalServices-RemoteConnectionManager/Admin</Channel>
  <Computer>H2T8-IOLDP1.HOMENET.local</Computer>
  <Security UserID="S-1-5-20" />
  </System>
  <UserData>
  <EventXML xmlns="Event_NS">
  <ServerName>\\h2s3-addc1.HOMENET.local</ServerName>
  <UserName>RSickler</UserName>
  </EventXML>
  </UserData>
  </Event>
  Note that these servers are sitting in OUs that are full of other servers that don't have these issues.  These GPOs have been in place for years.  I suspect there's a deeper issue with AD, GP or a combination thereof.  The group policy issues
  seem to only affect freshly loaded servers...

  Hello,
  assure that no firewall is blocking connection for AD required ports as listed in
  https://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx
  You have error about not connect setup from AD sites and services with the used subnets in your network and linking them to the correct site, please check this in AD sites and services and also have the DCs placed correct to the site they belong to.
  "During the past 4.20 hours there have been 83 connections to this Domain Controller from client machines whose IP addresses don't map to any of the existing sites in the enterprise. Those clients, therefore, have undefined sites and may connect to
  any Domain Controller including those that are in far distant locations from the clients. A client's site is determined by the mapping of its subnet to one of the existing sites. To move the above clients to one of the sites, please consider creating subnet
  object(s) covering the above IP addresses with mapping to one of the existing sites.  The names and IP addresses of the clients in question have been logged on this computer in the following log file '%SystemRoot%\debug\netlogon.log' and, potentially,
  in the log file '%SystemRoot%\debug\netlogon.bak' created if the former log becomes full. The log(s) may contain additional unrelated debugging information. To filter out the needed information, please search for lines which contain text 'NO_CLIENT_SITE:'.
  The first word after this string is the client name and the second word is the client IP address. The maximum size of the log(s) is controlled by the following registry DWORD value 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters\LogFileMaxSize';
  the default is 20000000 bytes.  The current maximum size is 20000000 bytes.  To set a different maximum size, create the above registry value and set the desired maximum size in bytes."
  This error is about a not run adprep /rodcprep:
  Starting test: NCSecDesc
           Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
              Replicating Directory Changes In Filtered Set
           access rights for the naming context:
           DC=ForestDnsZones,DC=HOMENET,DC=local
           Error NT AUTHORITY\ENTERPRISE DOMAIN CONTROLLERS doesn't have
              Replicating Directory Changes In Filtered Set
           access rights for the naming context:
  So either run the command on a DC or ignore this error.
  Please provide also the following data as file:
  ipconfig /all >c:\ipconfig.log [all DCs]
  dcdiag /v /c /d /e /s:dcname >c:\dcdiag.log
  repadmin /showrepl dc* /verbose /all /intersite >c:\repl.log  ["dc* is a place holder for the starting name of the DCs if they all begin the same (if more then one DC exists)]
  dnslint /ad /s "DCipaddress" (http://support.microsoft.com/kb/321045)
  ADREPLSTATUS:
  http://www.microsoft.com/en-us/download/details.aspx?id=30005 can also be exported to file.
  As the output will become large, DON'T post them into the thread, please use Windows Sky Drive(with open access!)
  https://skydrive.live.com and add the link from it here. Also the /e in dcdiag scans the complete forest, so better run it on COB.
  Best regards
  Meinolf Weber
  MVP, MCP, MCTS
  Microsoft MVP - Directory Services
  My Blog: http://blogs.msmvps.com/MWeber
  Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
  Twitter:  
  Info you requested:
  ipconfig_dcs.txt
  dcdiag.txt
  repl.log
  dnslint.htm
  ADREPLSTATUS: ADReplicationStatus.2015.2.23.9.21.16.csv ADReplicationStatusToolData.zip