Existing machines ignore domain policies
I have a Mac OS X Tiger Server installation on which I've dictated several configuration policies to computer in my "Macs" group. For example, I point Software Update at the Server's SU Service, and I dictate a Login Window message, and that Network Users should appear in the Login Window list (among other things)
On a machine where I install a brand-new version of Tiger on a clean disk, everything works as it should. So, I believe the server is setup right.
However, on existing machines (installations that existed before there was a Mac OS X server around) it's kinda half and half. Policies like the Software Update setting took and work fine.
However, the Login Window settings are entirely ignored. I can't access any Network users as they're not in the list. I can't select "Other" (enabled by policy). The message does not appear. I can't turn on Fast User Switching on the machine (it's supposed to be on by policy, but I can't even enable it manually - the control is greyed out)
With Spotlight's help, I looked at the MCX files and both the working and non-working machines appear to be getting the proper policies locally in the plist files. It seems to me that the existing installations have some file or setting somewhere that prevent them from honoring domain policies.
Is there any way to get them to start working without doing a clean reinstall?
Have you recently changed the Open Directory server's IP or search path? Regardless, try deleteing the MCX cache on the clients and reboot. You can also try to remove the server from Directory Access and then add it back.
Similar Messages
-
Hello Friends,
In my Organization, they are planning to block all existing Windows XP machines in domain.
So that, no user can login on domain using XP machine. And if logged on using Local credential cannot access the network.
I thought to do the same by GPO to push a Scheduled Task which runs a Vbscript to disable all NIC's on machine.
Unfortunately, this vbscript is not running on Non English OS. It works only on English OS.
Please suggest.Hi Jack,
Thanks!
But i am not using netsh command as it is not working on XP machines. I am using below vbscript:
'Initialization Section
Option Explicit
Const ForAppending = 8
Dim objDictionary, objFSO, wshNetwork, scriptBaseName, scriptPath, scriptLogPath
On Error Resume Next
Set objDictionary = NewDictionary
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set wshNetwork = CreateObject("Wscript.Network")
scriptBaseName = objFSO.GetBaseName(Wscript.ScriptFullName)
scriptPath = objFSO.GetFile(Wscript.ScriptFullName).ParentFolder.Path
scriptLogPath = scriptPath & "\" & scriptBaseName
If Err.Number <> 0 Then
Wscript.Quit
End If
On Error Goto 0
'Main Processing Section
On Error Resume Next
ProcessScript
If Err.Number <> 0 Then
MsgBox "An unexpected error occurred!", vbCritical, scriptBaseName
Wscript.Quit
End If
PromptScriptEnd
On Error Goto 0
'Name : ProcessScript -> Primary Function that controls all other script processing.
'Parameters : None ->
'Return : None ->
Function ProcessScript
Dim hostName, connectionNames, connectionFolder, connectionVerb
hostName = wshNetwork.ComputerName
connectionFolder = "Connexions réseaus"
'connectionsFolder = "Network and Dial-up Connections" (This value should be used for Windows 2000)
connectionVerb = "&désactiver"
'connectionVerb = "&Activer"
PromptScriptStart
If Not GetNetworkConnectionNames(hostName, connectionNames) Then
Exit Function
End If
If Not ToggleNetworkConnections(connectionNames, connectionFolder, connectionVerb) Then
Exit Function
End If
End Function
'Name : ProcessScript -> Primary Function that controls all other script processing.
'Parameters : None ->
'Return : None ->
Function GetNetworkConnectionNames(hostName, connectionNames)
Dim wmi, networkAdapters, networkAdapter, connectionsDict
GetNetworkConnectionNames = False
connectionNames = ""
On Error Resume Next
Set connectionsDict = NewDictionary
Set wmi = GetObject("winmgmts:\\" & hostName & "\root\cimv2")
Set networkAdapters = wmi.ExecQuery("Select * from Win32_NetworkAdapter",,48)
If Err.Number <> 0 Then
Exit Function
End If
For Each networkAdapter in networkAdapters
If Not IsNull(networkAdapter.NetConnectionID) Then
connectionsDict(connectionsDict.Count) = networkAdapter.NetConnectionID
End If
Next
On Error Goto 0
If Err.Number <> 0 Then
Exit Function
End If
connectionNames = connectionsDict.Items
GetNetworkConnectionNames = True
End Function
'Name : NewDictionary -> Creates a new dictionary object.
'Parameters : None ->
'Return : NewDictionary -> Returns a dictionary object.
Function NewDictionary
Dim dict
Set dict = CreateObject("scripting.Dictionary")
dict.CompareMode = vbTextCompare
Set NewDictionary = dict
End Function
'Name : DQ -> Place double quotes around a string and replace double quotes
' : -> within the string with pairs of double quotes.
'Parameters : stringValue -> String value to be double quoted
'Return : DQ -> Double quoted string.
Function DQ (ByVal stringValue)
If stringValue <> "" Then
DQ = """" & Replace (stringValue, """", """""") & """"
Else
DQ = """"""
End If
End Function
'Name : ToggleNetworkConnections -> Toggles (enables/disables) all Connexions réseaus.
'Parameters : connectionNames -> Array containing the names of the Connexions réseaus to enable\disable.
' : connectionFolder -> String containing the name of the network folder (varies dependant on OS).
' : connectionType -> String containing the verb to enable\disable all Connexions réseaus.
'Return : ToggleNetworkConnections -> Returns a True if all connections were enabled\disabled othewise returns False.
Function ToggleNetworkConnections(connectionNames, connectionFolder, connectionVerb)
Dim item, enabled, verb, connectionType, i
Dim objNetworkConnections, objNetworkConnection
ToggleNetworkConnections = False
enabled = True
'Ensure the connectionNames parameter is an Array.
If Not IsArray(connectionNames) Then
connectionNames = Array(connectionNames)
End If
'Bind to the Connexions réseaus folder
For Each item in CreateObject("Shell.Application").Namespace(3).Items
If StrComp(item.Name, "Connexions réseaus", vbTextCompare) = 0 Then
On Error Resume Next
Set objNetworkConnections = item.GetFolder
If Err.Number <> 0 Then
Exit Function
End If
Exit For
On Error Goto 0
End If
Next
'Ensure the Connexions réseaus folder is bound to an object.
If Not IsObject(objNetworkConnections) Then
Exit Function
End If
'Loop through the Array of Connexions réseau names and bind to each connection.
For i = 0 To UBound(connectionNames)
For Each item in objNetworkConnections.items
If StrComp(item.Name, connectionNames(i), vbTextCompare) = 0 Then
On Error Resume Next
Set objNetworkConnection = item
If Err.Number <> 0 Then
Exit Function
End If
Exit For
On Error Goto 0
End If
Next
'Ensure the Connexions réseau is bound to an object.
If Not IsObject(objNetworkConnection) Then
Exit Function
End If
'Ensure the Connexions réseau is bound to an object.
For Each verb in objNetworkConnection.Verbs
If verb.Name = connectionVerb Then
On Error Resume Next
Set connectionType = verb
If Err.Number <> 0 Then
Exit Function
End If
enabled = False
On Error Goto 0
End If
Next
On Error Resume Next
If enabled Then
connectionType.DoIt
Else
connectionType.DoIt
End If
If Err.Number <> 0 Then
Exit Function
End If
On Error Goto 0
WScript.Sleep 2000
Next
ToggleNetworkConnections = True
End Function
'Name : PromptScriptStart -> Prompt when script starts.
'Parameters : None
'Return : None
Function PromptScriptStart
'MsgBox "Now processing the " & DQ(Wscript.ScriptName) & " script.", vbInformation, scriptBaseName
End Function
'Name : PromptScriptEnd -> Prompt when script has completed.
'Parameters : None
'Return : None
Function PromptScriptEnd
'MsgBox "The " & DQ(Wscript.ScriptName) & " script has completed successfully.", vbInformation, scriptBaseName
End Function
Yes, you are right in this case that i will have to use the System Locale, i tried making changes in this script according to the System Locale i.e. Used Connexions réseaus in place of Network Connections and &désactiver" "&Activer" in place of Disable
Enable. But still its not working.
Please have a look at the script, if you can help me in changing the script. -
Linked policies not copying to sysvol\domain\policies?
This problem started recently, and I have not been able to find any resolutions online.
This is a relatively new installation of Server 2012 R2 on a small network of about 25 PCs. I was able to set up a number of GPOs without issue, but all of a sudden, newly linked GPOs are not copying to sysvol\domain\policies. That path is accessible from client
PCs, but the folder itself (5C53E...) isn't created, and gpupdate is producing the error:
The processing of Group Policy failed. Windows attempted to read the file \\dominionair.local\SysVol\dominionair.local\Policies\{5C53EB48-F4BA-4763-8500-E05BB54E3AB4}\gpt.ini from a domain controller and was not successful. Group Policy settings may
not be applied until this event is resolved. This issue may be transient and could be caused by one or more of the following:
a) Name Resolution/Network Connectivity to the current domain controller.
b) File Replication Service Latency (a file created on another domain controller has not replicated to the current domain controller).
c) The Distributed File System (DFS) client has been disabled.
Computer Policy update has completed successfully.
To diagnose the failure, review the event log or run GPRESULT /H GPReport.html f
rom the command line to access information about Group Policy results.
I AM able to add to existing GPOs and the settings update on client PCs, so this doesn't appear to be a permissions issue. Any idea where to start on this?
Thank you!> /The processing of Group Policy failed. Windows attempted to read the
> file
> \\dominionair.local\SysVol\dominionair.local\Policies\{5C53EB48-F4BA-4763-8500-E05BB54E3AB4}\gpt.ini
> from a domain controller and was not successful./
Your sysvol replication is broken. Check NTFRS or DFSR eventlogs on all
DCs and then follow either
http://support.microsoft.com/kb/315457
(NTFRS) or
http://support.microsoft.com/kb/2218556 (DFSR).
Martin
Mal ein
GUTES Buch über GPOs lesen?
NO THEY ARE NOT EVIL, if you know what you are doing:
Good or bad GPOs?
And if IT bothers me - coke bottle design refreshment :)) -
Flash security domain policies
Guys,
What is that pop up message which comes up when you test a swf file in a browser? (find attached)
Im sure it is related to external URL links. And also I think that it has something to do with the Security Domains Policies which, by the way, I specified within the AS code:
Security.allowDomain("www.youtube.com");
Security.allowDomain("youtube.com");
Security.allowDomain("s.ytimg.com");
Security.allowDomain("i.ytimg.com");
Security.loadPolicyFile("http://i.ytimg.com/crossdomain.xml");
Security.loadPolicyFile("http://www.youtube.com/crossdomain.xml");
Security.loadPolicyFile("http://s.ytimg.com/crossdomain.xml")
In this code the link goes to a youtube video. In another scene it should go to Google Maps.
The strange thing is that when I run TEST MOVIE a message appears in the Output window, like this:
*** Security Sandbox Violation ***
SecurityDomain 'http://s.ytimg.com/crossdomain.xml' tried to access incompatible context(...)
So, what should I do in order to get rid of this pop up message so the link can work properly?
Thanks!The link probably works just fine. The message you are getting is common when testing a .swf on your local machine.
To "Allow this location", click the "Settings" button and follow the dialog box instructions, "Add location" means allow that file on your machine to communicate with the Internet.
This is ONLY a local machine issue and will not appear once the file is uploaded to server and displayed from there.
I suggest you upload to your Web server and see for yourself.
Best wishes,
Adninjastrator -
How to install Small Business Server 2008 in an existing Active Directory domain
It is shown on this page:
http://support.microsoft.com/kb/884453, "How to install Small Business Server 2003 in an existing Active Directory domain".
Is it possible to do this with SBS2008 ?
If "YES", are there any published information about the procedure ?Yes, it is. Thank you very much.
But there is something that confuses me - I want to migrate from Win2003Std to SBS2008. And also, I want to keep the existing Win2003Std as a second DC for a long time.
But it is written in the shown article:
... After the migration is finished, you must remove the Source Server from the network within 21 days. ...
Is this rule mandatory for the scenarios where the Source Server is Std, not SBS ? As I know, I can have more than one DC(Win2003Std/Win2008Std) together with SBS2003. But what about SBS2008 ? -
Hello All,
we have created shared folder on multiple client machine in domain environment on different 2 OS like-XP,Vista, etc.
from some day's When we facing problem when we are access from host name that shared folder is accessible but same time same computer when we are trying to access the share folder with IP it asking for credentials i have type again and again
correct credential but unable to access that. If i re-share the folder then we are access it but when we are restarted the system then same problem is occurring.
I have checked IP,DNS,Gateway and more each & everything is well.
Pls suggest us.
Pankaj KumarHi,
According to your description, my understanding is that the same shared folder can be accessed by name, but can’t be accessed be IP address and asks for credentials.
Please try to enable the option below on the device which has shared folder:
Besides, check the Advanced Shring settings of shared folder and confrim that if there is any limitation settings.
Best Regards,
Eve Wang
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
Unable to join the client machine into domain in low banswidth 16kbps
Hi,<o:p></o:p>
I'm unable to join the client machine into domain which is in low bandwidth 16 kbps.but i can able join other machine into domain which is having
more bandwidth,please help me on this issue<o:p></o:p>Depending on the version of your domain, you could try an offline join.
http://technet.microsoft.com/en-us/library/offline-domain-join-djoin-step-by-step(v=WS.10).aspx
Paul Bergson
MVP - Directory Services
MCITP: Enterprise Administrator
MCTS, MCT, MCSE, MCSA, Security, BS CSci
2012, 2008, Vista, 2003, 2000 (Early Achiever), NT4
Twitter @pbbergs http://blogs.dirteam.com/blogs/paulbergson
Please no e-mails, any questions should be posted in the NewsGroup.
This posting is provided AS IS with no warranties, and confers no rights.
I would say that it depends on the client OS (Windows 7 or Windows 8) if offline domain join could be used or not, not that much regarding the level of the domain, you can always use the
/downlevel switch to target a DC running Windows Server 2003 for example.
Enfo Zipper
Christoffer Andersson – Principal Advisor
http://blogs.chrisse.se - Directory Services Blog -
User machine without domain require domain\username authentication.
Hi,
When I try to connect in lync 2013 with machine unjoined domain the "domain\username" is required, however in another organization it´s not required. How can I set this?
Thanks.
Diego Riera | Linkedin |
Twitter |
diegoriera.wordpress.com
Por favor, lembre-se de clicar em "Marcar como Resposta" no post que o ajuda, e clique em "Desmarcar como resposta" se um post marcado na verdade não responder a sua pergunta. Isto pode ser benéfico para outros membros da comunidade. Esta
postagem é fornecida, sem garantias e sem direitos.Diego,
if you set the users' UPN to match that of your SIP domain (sign-in name), then AD username should not be required. Check
http://support.microsoft.com/kb/243629
http://blog.schertz.name/2012/08/understanding-active-directory-naming-formats/
Alessio Giombini | Microsoft Solutions Architect | Twitter: @AlessioGiombini
Lync 2013 Detailed Design Calculator: try it at http://goo.gl/jU1hZR -
DNS Error while joining the machine to domain.
I get the below error while joining a new Win7 machine to the domain.
I can ping and successfully resolve nslookup on both server and client machine.
Both client and server (2008r2) are virtual machines, with private ip's on LAN...
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain
magic.com:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.magic.com
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
magic.com
com
. (the root zone)
For information about correcting this problem, click Help.
Looks like some problem with my DNS.
Also i tried to uninstall/ re-install the DNS role.
What should be the TCP/IP network configuration???
System Security analyst at CapGI get the below error while joining a new Win7 machine to the domain.
I can ping and successfully resolve nslookup on both server and client machine.
Both client and server (2008r2) are virtual machines, with private ip's on LAN...
The following error occurred when DNS was queried for the service location (SRV) resource record used to locate a domain controller for domain
magic.com:
The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)
The query was for the SRV record for _ldap._tcp.dc._msdcs.magic.com
Common causes of this error include the following:
- The DNS SRV record is not registered in DNS.
- One or more of the following zones do not include delegation to its child zone:
magic.com
com
. (the root zone)
For information about correcting this problem, click Help.
Looks like some problem with my DNS.
Also i tried to uninstall/ re-install the DNS role.
What should be the TCP/IP network configuration???
System Security analyst at CapG
Also something to look in, i do not have the usual folders below 'Forward lookup zone', i.e, Sites, Home, tcp etc..
I beleive these are required. I am not sure.!!. I did re-install the role, no change :-(
System Security analyst at CapG -
Install Oracle Access Manager in existing Access Manager domain
Hi
I am operator of a windows system with Oracle Access Manager installed.
We use OAM for SSO against Webpages in OIM running on Jboss, and now we are going to implement against a WebLogic webapplication too.
The userbase is standard Active Directory
I did not set up OAM myself so I'm not completely sure how it works.
To be able to test the SSO solution given by an external provider, I need to have a proper stage environment.
My idea is to set up another OAM on another server, wich points towards the same AD domaincontroller as the existing OAM
Is this possible? In the installation guide I find that the new AccessManager system should be added into the existing OAM configuration , before we turn of the existing OAM and then install the complete OAM on the new server. Then we can turn on the existing OAM again, and implement them as clusters. I would like them to be two indipendent instances not affecting one another, but in the same AD domain to be able to test features in one of them and use the other as the production server.
My fear is that I "mess up" the form in AD created from the old OAM, and that way mess the upp production environment.
Edited by: user631873 on 11.sep.2009 06:22Hi,
Technically, you can certainly set up a new OAM infrastructure which points to the existing AD instance. You could do this in a number of ways, for example:
- set up the new instance so that it points to the same users and configuration branch as the existing instance, so that the new instance is effectively just an extension of the existing instance (with extra Identity and Access Servers, etc) ;
- set up the new instance so that it points to the same AD instance, but uses different User searchbase and Config branch. In this case the new instance is more or less completely separate, but it happens to use the same directory ;
- set up the new instance so that it points to the same Users, but a different Config branch, in which case the new instance has independed OAM configuration (policies, authentication schemes etc) but operates on the same user base.
(In OAM you can define separate ldap locations for the Users, Identity Config and Access Config.)
It depends on exactly what you want, but if the idea is to have a proper stage environment, then it is usually better for them to be completely independent, including the directory. OAM can update users as well as policies, and additionally different major versions of OAM have different schemas, so there are risks when using the same directory instance. Load testing is also an issue, since the directory is accessed extensivley by OAM.
Regards,
Colin -
Cannot join Server 2012 machine to domain
I am trying to join a clean Server 2012 machine configured with Active Directory Domain Services and DNS features enabled to a domain (alekatest.com) which I have purchased. The Active Directory Domain Services option in Server Manager advises me that
the server requires promotion to a Domain Controller, but if I select "Add a domain controller to an existing domain" and enter "alekatest.com", and supply Domain Admin credentials I get a message "Encountered an error contacting
domain alekatest.com. The server is not operational". The DNS server has address 10.0.0.2.
When I try and change from workgroup to new domain alekatest.com, it fails with the message "No records found for given DNS query. The query was for the SRV record for _ldap._tcp.dc._msdcs.alekatest.com". The server is connected by Ethernet to
a wireless router in a home network.
The ipconfig/all data from the server is:
Windows IP Configuration
Host Name . . . . . . . . . . . . : SERVER2012
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Broadcast
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82567LM-3 Gigabit Network Connecti
Physical Address. . . . . . . . . : 00-26-B9-82-D5-76
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.138
DNS Servers . . . . . . . . . . . : 10.0.0.2
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:386b:2023:f5ff:fffd(Prefer
Link-local IPv6 Address . . . . . : fe80::386b:2023:f5ff:fffd%14(Preferred)
Default Gateway . . . . . . . . . : ::
DHCPv6 IAID . . . . . . . . . . . : 335544320
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-FC-79-E8-00-26-B9-82-D5-76
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter isatap.{6945E26E-B530-4271-8CF1-AD4BC13AF147}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Reusable ISATAP Interface {74B5ED96-D12C-413B-9ED4-5B6270328AE0}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Reusable ISATAP Interface {A9E91CEE-5350-4ACA-934D-D2AA5188B694}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
I can ping alekatest.com from the server:
Pinging alekatest.com [203.170.87.12] with 32 bytes of data:
Reply from 203.170.87.12: bytes=32 time=86ms TTL=50
Reply from 203.170.87.12: bytes=32 time=109ms TTL=50
Reply from 203.170.87.12: bytes=32 time=106ms TTL=50
Reply from 203.170.87.12: bytes=32 time=81ms TTL=50
and nslookup alekatest.com returns
Server: UnKnown
Address: 10.0.0.2
Non-authoritative answer:
Name: alekatest.com
Address: 203.170.87.12
if I try to return srv records from alekatest.com as follows, no records are returned
PS C:\Users\Administrator> nslookup
Default Server: UnKnown
Address: 10.0.0.2
> set q=srv
> _ldap._tcp.dc._msdcs.alekatest.com
Server: UnKnown
Address: 10.0.0.2
_ldap._tcp.dc._msdcs.alekatest.com
primary name server = ns1.crazydomains.com
responsible mail addr = dns.crazydomains.com
serial = 2010010101
refresh = 7200 (2 hours)
retry = 120 (2 mins)
expire = 1209600 (14 days)
default TTL = 3600 (1 hour)
In order to add an srv record I would appear to need to access the server ns1.crazydomains.com, which I doubt is possible.
Any help would be much appreciatedYou're confusing DNS Domains and Active Directory Domains. While there are similarities the two are and do completely different things.
A DNS domain, in your case alekatest.com hosted by crazydomains.com is used to direct people to resources, for instance on the internet, to get to things like your website, email etc. It's not specific to Windows, and generally speaking after purchasing
it from a 3rd party you control what the DNS records are through that 3rd party.
An Active Directory domain is what you're referring to when you talk about joining a machine to a domain, setting up users on a domain, controlling access to resources on your network etc. This doesn't require you to purchase a domain from a 3rd party, and
could potentially be called anything you like.
So, in terms of your AD server, assuming you don't already have an AD domain configured on another AD controller on the network, when you do the setup you'll need to select the option to create a new domain. You could then set it to use alekatest.com, but
that isn't recommended as you can get into all kinds of issues with your local and public DNS records conflicting, so unless you know what you're doing and why you're doing it I'd suggest avoiding that. A better idea would be to set the AD domain to something
like alekatest.local. That would then become the local domain, so for instance your users would login as akekatest\<username> on the domain, and your local machines can then be joined to that domain.
Once all that is done, if you did need to have local records for alekatest.com pointing to local resources, there's nothing stopping you from adding that zone into DNS Manager on the AD server and configuring the records accordingly, however be aware that
once you did that your server would assume that it has all the records for the domain. So if you had a website configured on
www.alekatest.com and had the DNS records for that pointing to your website hosted somewhere else via your domain provider, if you didn't re-create that same record on your local copy of the domain then you'll be unable
to reach that website from your local network (since your users will be trying to find it locally rather than on the internet).
Hope that makes sense. -
Will Windows 7 domain policies work with new Windows 8 workstations?
Dear all,
We have five number of Windows 7 processional workstations in our Organization. Now company decided to replace these workstations to windows 8 professional. My questions is these five new windows 8 workstations are in work group. I will add these machines
to the existing domain,after adding these machines to the domain can I get the same settings like earlier or I will do any changes in active directory.
Thanks in advance.
Regards
BiswajeetHi,
They are basically similar. About the exact new feature than Windows 7, please read this article:
What's New in Windows 8.1 and Windows 8
https://technet.microsoft.com/en-us/library/hh832028.aspx
Ten must-know Windows 8 features for IT pros
https://technet.microsoft.com/en-us/windows/jj721664.aspx
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected] -
I created a new apple id because the previous one no longer exists as an email (domain had to be cancelled). I keep seeing the old one pop up in my iPhone for which I don't remember the password. How can I get rid of it??? Or how can I reset the password if the email doesn't exist??? I also tried answering a question (my date of birth) but it says it's wrong.
I'm really frustrated with the apple id!!!
Frustrated!!!In one of the help pages for managing your Apple ID (http://support.apple.com/kb/HE40), it shows two separate sections, one for Apple ID and one for Primary Email address. When I go to manage my Apple ID, I see only a single section for both. Can the two be 'separated', especially when you face the situation of having to discontinue your email address for some reason?
I also noticed that when navigating to Apple ID Support Communities, it shows my nickname 'dishdy'. How and when did I insert this? In the current sequence for creating an Apple ID I don't see this. In my current profile I don't see this.
In any case, I have freed myself from my previous Apple ID (@artemis.it) on my iPhone.
Thanks for your help. -
Error While Joining a domain.| Adding a virtual box machine to host machine's domain
Dear All,
I have a Virtual Box(guest) Where Windows Server 2008 r2 is installed.Virtual box is hosted by a machine which Uses Windows Server 2008 r2. Host machine is a domain controller.I have added guest to another domain
other than host.But whenever I tried to add guest machine to host domain It shows me following error(See below).
An error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "crmrc.com".
The error was: "No records found for given DNS query."
(error code 0x0000251D DNS_INFO_NO_RECORDS)
The query was for the SRV record for _ldap._tcp.dc._msdcs.crmrc.com
Could you please suggest me the solution for it?
Thanks and Regards,
YusufHello,
C:\Users\Administrator>ipconfig/all
Windows
IP Configuration
Host Name . . . . . . . . . . . . : MSCRM
Primary Dns Suffix . . . . . . . : crmrc.com
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : crmrc.com
Ethernet
adapter Network Bridge:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : MAC Bridge Miniport
Physical Address. . . . . . . . . : BA-AC-6F-3F-A3-51
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::8573:2122:495b:93bc%16(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.78(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 280669295
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-B1-48-BF-B8-AC-6F-3F-A3-51
DNS Servers . . . . . . . . . . . : 192.168.1.78
59.144.127.17
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel
adapter isatap.{39C0341C-67DC-405D-B8F4-25DA555D53C0}:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.78%12(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.78
59.144.127.17
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel
adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
I suppose here that this is a DC/DNS server. I see that 59.144.127.17 is
configured as a DNS server. If 59.144.127.17 is
a public DNS server then please add it as a forwarder.
Once done, run ipconfig /registerdns and restart netlogon service on the DC.
Windows
IP Configuration
Host Name . . . . . . . . . . . . : MYLYC
Primary Dns Suffix . . . . . . . : ow.pearl
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : ow.pearl
Ethernet
adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) PRO/1000 MT De
Physical Address. . . . . . . . . : 08-00-27-43-C7-47
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::781f:3c7d:edc:684
IPv4 Address. . . . . . . . . . . : 192.168.1.105(Preferred
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 235405351
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-15-7A-16-5B
DNS Servers . . . . . . . . . . . : 192.168.1.78
59.144.127.17
NetBIOS over Tcpip. . . . . . . . : Enabled
Please delete the second DNS server.
Also, disable all security softwares and try again.
Are you able to ping the DC? If not, that may be a problem with your routes.
Also, use nslookup to check that all is okay with DNS records.
This
posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
Microsoft
Student Partner 2010 / 2011
Microsoft Certified
Professional
Microsoft Certified
Systems Administrator: Security
Microsoft Certified
Systems Engineer: Security
Microsoft Certified
Technology Specialist: Windows Server 2008 Active Directory, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows Server 2008 Applications Infrastructure, Configuration
Microsoft Certified
Technology Specialist: Windows 7, Configuring
Microsoft Certified
IT Professional: Enterprise Administrator -
Problems to join a virtual machine on Domain.
Hi Everybody
Im trying to join my windows 8 virtual machine on a Domain mounted in Windows server 2012, but I.m not able to do it, when I try, i receive the below message.
Note: This information is intended for a network administrator. If you are not your network's administrator, notify the administrator that you received this information, which has been recorded in the file C:\Windows\debug\dcdiag.txt.
DNS was successfully queried for the service location (SRV) resource record used to locate a domain controller for domain "tcsgdl.com":
The query was for the SRV record for _ldap._tcp.dc._msdcs.tcsgdl.com
The following domain controllers were identified by the query:
tcsgdldc01.tcsgdl.com
However no domain controllers could be contacted.
Common causes of this error include:
- Host (A) or (AAAA) records that map the names of the domain controllers to their IP addresses are missing or contain incorrect addresses.
- Domain controllers registered in DNS are not connected to the network or are not running.
Thanks in advance, if you require extra information just let me know.Hi Susie
Yes, DC is hosting DNS Role, DC and Client are pointing to DC.
nslookup on client:
C:\Users\gdladm>NSLOOKUP
Default Server: UnKnown
Address: 169.254.187.10
> SERVER 169.254.187.10
Server: [169.254.187.10]
Address: 169.254.187.10
*** 169.254.187.10 can't find SERVER: Server failed
Outputs "IPCONFIG / ALL"
Client:
C:\Users\gdladm>IPCONFIG /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : PCTEST
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connec
n
Physical Address. . . . . . . . . : 00-50-56-3B-E7-C2
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 169.254.187.40(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 169.254.187.10
DNS Servers . . . . . . . . . . . : 169.254.187.10
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{D09F1650-4E09-4AA8-B2C0-326D66081D0B}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
DC:
C:\Users\Administrator.TCSGDLDC01>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : TCSGDLDC01
Primary Dns Suffix . . . . . . . : TCSGDL.COM
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : TCSGDL.COM
Ethernet adapter Ethernet0:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connectio
n
Physical Address. . . . . . . . . : 00-50-56-39-BD-69
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 169.254.187.10(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 169.254.187.1
DNS Servers . . . . . . . . . . . : 169.254.187.40
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{D728DFCE-4C40-4236-82BF-2B2BFD10641B}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Thanks for the support, if any information is required please let me know.
Maybe you are looking for
-
Can Dreamweaver CS5 connect to MySQL via ODBC?
I am unable to make a direct connection to an external MySQL database because most hosting provider does not allow this type of connection due to security reasons. I am however able to make an ODBC connection to the database (which I am currently usi
-
SecurityError #2148 in nightly builds
Hello all, I have little doubt that I've done something daft here, or completely missed a piece of documentation somewhere pertaining to using nightly builds, but I'm getting a security error when I try to build my Gumbo application with a nightly bu
-
Access to Safari is blocked because Apple file is allegedly damaged
An alert from <techsupportnumber.us> appears repeatedly when I try to use Safari on my MacBook Pro (OSX Lion). It says that my Apple file has been damaged and that I should contact Apple customer care. The phone number is different from the Apple sup
-
How can I get a listing of web orders entered by specific time period
How can I get a listing of all the orders which has been entered via website using webtools. We need to make sure that all the orders which has been entered from website it is synced to B1 instead of looking at the synch error messages. The problem i
-
Component can not be downloaded
Every 15 minutes I get a pop-up 'component can not be downloaded'. There's no information about the component or app. I installed ios8 on my ipad2. Install ios8.0.2 has no solution. Even a complete restore to factory settings as a new iPad, gives no