How to use DNS server for name resolution for items which don't exist in active directory domain controller DNS
Dear Experts,
In our office we have a domain controller call it 'Office.com', all computers and corporate servers e.g. exchange, antivirus etc. are member of this 'office.com', it is also having a DNS. All users in office have there preferred DNS set to the corporate
DNS
We are working for ministry and offering services to them from our data center so have many servers which are for ministry but they are in our data center. For all these servers we created another DNS server which contains all entries for these servers in
forward and reverse lookup zones. In this DNS we also created a forward lookup zone for our corporate servers and zone name is 'office.com'
What we are trying to have is name resolution of all servers which are listed in other DNS build in our office on Win 2008 R2 for ministry servers
If the user change his preferred DNS to ministry DNS he can resolve the ministry server but then we can not control any thing through group policy since they are using other DNS and not the corporate DNS.
How this can be done ? like any group policy applied to corporate domain controller must take effect on users and in addition to this user must also be able to resolve server names in ministry project DNS
Please assist ASAP.
regards,
Hello,
ok so the GPO setting doesn't apply in any case.
Clients machines use the first DNS server in the list of configured ones on the NIC. If that one is available search for additional DNS servers will stop.
What i can not really understand is your description about the second DNS server. This should normally either another DC with AD integrated DNS, so everything is replicatedwithin AD replication or you use a secondary DNS on domain member server that pulls
the informations from the Master.
It sounds for me that you have configured a machine with DNS server role and created manually the zone with the same name as the domainand manually create there the required A records?
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://msmvps.com/blogs/mweber/
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Similar Messages
-
Help with setting up active directory domain controller/DNS - need this for Clustering
Disclaimer: I am new to Active Directory, so please dont rule out the obvious things I may have overlooked.
I need to set up Active Directory Domain controller on at least one server so I can run clustering. I set up the domain controller and ran Cluster validation and that failed - unable to reach writable domain controller.
When I look at my server manager AD DS complain about DNS:
NASE-2012-234 4015 Error Microsoft-Windows-DNS-Server-Service DNS Server 1/14/2014 12:54:06 AM
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
When I click on DNS this is the error:
The DNS server has encountered a critical error from the Active Directory. Check that the Active Directory is functioning properly. The extended error debug information (which may be empty) is "". The event data contains the error.
Output of DCDiag -v is below.
PS C:\Users\Administrator> dcdiag -v
Directory Server Diagnosis
Performing initial setup:
Trying to find home server...
* Verifying that the local machine NASE-2012-234, is a Directory Server.
Home Server = NASE-2012-234
* Connecting to directory service on server NASE-2012-234.
* Identified AD Forest.
Collecting AD specific global data
* Collecting site info.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectCategory=
ntDSSiteSettings),.......
The previous call succeeded
Iterating through the sites
Looking at base site object: CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=lab,DC=nas
e,DC=com
Getting ISTG and options for the site
* Identifying all servers.
Calling ldap_search_init_page(hld,CN=Sites,CN=Configuration,DC=lab,DC=nase,DC=com,LDAP_SCOPE_SUBTREE,(objectClass=ntD
SDsa),.......
The previous call succeeded....
The previous call succeeded
Iterating through the list of servers
Getting information for the server CN=NTDS Settings,CN=NASE-2012-234,CN=Servers,CN=Default-First-Site-Name,CN=Sites,C
N=Configuration,DC=lab,DC=nase,DC=com
objectGuid obtained
InvocationID obtained
dnsHostname obtained
site info obtained
All the info for the server collected
* Identifying all NC cross-refs.
* Found 1 DC(s). Testing 1 of them.
Done gathering initial info.
Doing initial required tests
Testing server: Default-First-Site-Name\NASE-2012-234
Starting test: Connectivity
* Active Directory LDAP Services Check
The host c0c507c4-fb9b-49a6-9a01-ef79d7960c94._msdcs.lab.nasecom could not be resolved to an IP address.
Check the DNS server, DHCP, server name, etc.
Got error while checking LDAP and RPC connectivity. Please check your firewall settings.
......................... NASE-2012-234 failed test Connectivity
Doing primary tests
Testing server: Default-First-Site-Name\NASE-2012-234
Skipping all tests, because server NASE-2012-234 is not responding to directory service requests.
Test omitted by user request: Advertising
Test omitted by user request: CheckSecurityError
Test omitted by user request: CutoffServers
Test omitted by user request: FrsEvent
Test omitted by user request: DFSREvent
Test omitted by user request: SysVolCheck
Test omitted by user request: KccEvent
Test omitted by user request: KnowsOfRoleHolders
Test omitted by user request: MachineAccount
Test omitted by user request: NCSecDesc
Test omitted by user request: NetLogons
Test omitted by user request: ObjectsReplicated
Test omitted by user request: OutboundSecureChannels
Test omitted by user request: Replications
Test omitted by user request: RidManager
Test omitted by user request: Services
Test omitted by user request: SystemLog
Test omitted by user request: Topology
Test omitted by user request: VerifyEnterpriseReferences
Test omitted by user request: VerifyReferences
Test omitted by user request: VerifyReplicas
Test omitted by user request: DNS
Test omitted by user request: DNS
Running partition tests on : ForestDnsZones
Starting test: CheckSDRefDom
......................... ForestDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... ForestDnsZones passed test CrossRefValidation
Running partition tests on : DomainDnsZones
Starting test: CheckSDRefDom
......................... DomainDnsZones passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... DomainDnsZones passed test CrossRefValidation
Running partition tests on : Schema
Starting test: CheckSDRefDom
......................... Schema passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Schema passed test CrossRefValidation
Running partition tests on : Configuration
Starting test: CheckSDRefDom
......................... Configuration passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... Configuration passed test CrossRefValidation
Running partition tests on : lab
Starting test: CheckSDRefDom
......................... lab passed test CheckSDRefDom
Starting test: CrossRefValidation
......................... lab passed test CrossRefValidation
Running enterprise tests on : lab.nasecom
Test omitted by user request: DNS
Test omitted by user request: DNS
Starting test: LocatorCheck
GC Name: \\NASE-2012-234.lab.nasecom
Locator Flags: 0xe000f3fd
PDC Name: \\NASE-2012-234.lab.nasecom
Locator Flags: 0xe000f3fd
Time Server Name: \\NASE-2012-234.lab.nasecom
Locator Flags: 0xe000f3fd
Preferred Time Server Name: \\NASE-2012-234.lab.nasecom
Locator Flags: 0xe000f3fd
KDC Name: \\NASE-2012-234.lab.nasecom
Locator Flags: 0xe000f3fd
......................... lab.nase.com passed test LocatorCheck
Starting test: Intersite
Skipping site Default-First-Site-Name, this site is outside the scope provided by the command line arguments
provided.
......................... lab.nasecom passed test Intersite
PS C:\Users\Administrator>http://social.technet.microsoft.com/Forums/en-US/home?forum=winserverDS is the forum for Directory Services questions. You might want to post your question there.
.:|:.:|:. tim -
I install Active Directory Domain Controller on Windows server 2008 enterprise and dont login on Sql Server 2008 R2. Before install ADDC, I have logon SQL Server 2008r2 Success, After when i install ADDC is don't logon on SQL Server 2008r2 -->not success.
I have uninstalled ADDC but i still can't login on SQL server 2008r2.
please help me. it is very very disaster!
I think is loss account SQL server 2008r2!Hello,
I stronly recommend you post the detail error message to us while you try to connect to SQL Server instance, it's useful for us to do further investigation.
Microsoft recommends that you do not install SQL Server 2008 R2 on a domain controller, there are some limitations:
You cannot run SQL Server services on a domain controller under a local service account or a network service account.
After SQL Server is installed on a computer, you cannot change the computer from a domain member to a domain controller. You must uninstall SQL Server before you change the host computer to a domain controller.
After SQL Server is installed on a computer, you cannot change the computer from a domain controller to a domain member. You must uninstall SQL Server before you change the host computer to a domain member.
SQL Server failover cluster instances are not supported where cluster nodes are domain controllers.
SQL Server Setup cannot create security groups or provision SQL Server service accounts on a read-only domain controller. In this scenario, Setup will fail.
On Windows Server 2003, SQL Server services can run under a domain account or a local system account.
So, I would suggest you try to open up Windows Services list and changed the account for SQL Server service.
Regards,
Elvis Long
TechNet Community Support -
Findings:
Currently, Windows 2012 R2 AD DS role and RDS With Broker services can only seem to coexist properly in a new domain not an existing domain. Any attempt to add to an existing domain causes internal database user access denied issues and any attempt to
adjust rights and circumvent is dubious at best.
The escalation technician said it best. Out of 50 clients that want to do this, they end up not being able to help 5 right off the bat for whatever reason. As for the other 40 they might be able to help by running reports, adjusting rights and trying to add
the roles until it works. This can end up being a 20 day process. Basically they are playing whack-a-mole with user rights and permissions until something sticks.
We tried creating an OU where any other domain policies would not be inherited to see if that was the issue, a fresh install with different sequence of adding the Roles, no effect.
Given the errors I witnessed when running procmon and then trying to add the roles, the NT System and the Windows Internal database user had access denied issues on 100+ registry keys when trying to add the roles. After that the system is not behaving normally.
The errors displayed almost mirror the errors that would occur on Windows 2012 when those two roles would be added which of course is officially NOT supported on that system.
This blog needs serious revision:
http://blogs.msdn.com/b/rds/archive/2013/07/09/what-s-new-in-remote-desktop-services-for-windows-server-2012-r2.aspx
This is the excerpt from that blog: Single server RDS deployment including Active Directory. We now support running our RD Connection Broker role service on the same physical instance as an Active Directory Domain Controller. In addition, we published
guidelines for how RD Session Host could be used without the RD Connection Broker.
Microsoft Support was curteous and helpful and they were the ones who advised cutting our losses, which mirrored my hunch after seeing what was transpiring in the system. They refunded my money for the support call.
For me, it was an opportunity to find out if there was any way to configure Windows 2012 R2 in the Same manner that it was setup as Windows 2008 R2 and lay that to rest. The coexistence is poorly implemented. It is as if there was a reaction from all the deprecation
of bread and butter features such as shadowing in TS and the coexistence of AD DS and RDS to where those features were re-added haphazardly. (I have no complaints on shadowing on Windows 2012 R2 it works, just do not like having to go to server manager to
use it).
I opted for virtualizing the Domain controller to eliminate the incompatibility issues and that is what I will be doing from now on. I found free solutions for backing up and reporting for virtual machines as well as the suggested procedures for configruing
a Domain controller as a virtual machine on a Hyper-V environment and I will be sticking to those. Thus far the setup has been operational.
I am not allergic to virtualization, but for really small setups it adds additional time and considerations but if that is how it has to be done, so be it. Windows 2008 R2 days are numbered and since we can usually squeeze 5-7 years on quality server equipment,
buying a Windows 2008 R2 setup now is a borderline disservice in my opinion.
Hopefully someone finds this useful and saves some time.Hi,
Thank you for posting in Windows Server Forum.
Do you need any other assistance?
Based on your description, you are describing your story of successfully implementing RDS server with AD role and more regarding all RDS related scenario. For shadowing feature, you can use with command also. Below is the syntax to shadow a session.
mstsc /v:<ServerName> /shadow:<SessionID>
Hope it helps!
Thanks.
Dharmesh Solanki
TechNet Community Support -
What is the benefit in using OID for names resolution?
I have been wondering about this for awhile. I have been working on getting this to work in Iplanet along with Pat Lehane ([email protected]), and it works now.
What are the benefits in using OID for names resolution when you can just use the static tnsnames.ora. Database and database names are not created dynamically and they don't change that often. Would creates a new database every day and has to worry about changing the static tnsnames.ora file. In my environment, we run Oracle applications from a server, so there is only one tnsnames.ora file, on the file server.
It would appear that using OID would cause extra traffic (LDAP lookups) on your network.
I would like some opinions from both Oracle and Oracle users. Thankshi,
A benefit of using OID for names resolution is that it allows you to centralize net8 naming (i.e., tnsnames) information in the same place (OID) where other types of administrative information (about users, enterprise groups, enterprise roles, etc) gets stored. If you are more comfortable using tnsnames.ora files for net8 naming, that is perfectly fine!
An important reason that Oracle had for providing Net8 naming functionality in OID is that the legacy 'Oracle Names' functionality of Oracle 7 will eventually be desupported. This is discussed in metalink Note #135696.1 on http://metalink.oracle.com .
Hope this helps. -
Lync Server 2013 Edge Server NetBios name resolution
We are working on a lync deployment in a very secure environment where we have Lync edge server deployed, in order to enable ports and traffic between the remote users and the edge servers and vice-versa there is a security vulnerability scan done that has
shown NetBios name resolution a security threat.
I just wanted to know if there is any guidence on NetBios name resolution for Lync Edge Servers. Can we disable NetBios services on the edge servers and what could be the possible issues if any?My 2 cents worth..
The Edge server is best suited as a non domain member, all communication with the Edge Server both from the Lync Front Ends and the clients is by means of the DNS name. There are no Lync related services (from my knowledge) that require\use NetBIOS when
communication from or to the Edge Servers. I have disabled NetBIOS on Edge just recently for similar reasons and am yet to be notified of any issues.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
Lync Sorted blog -
How to create two domains name in one active directory domain service .server 2012 ??
Hi there
I want to try sharepoint foundation and office web apps server .
I installed server 2012 sharepoint found 2013 sql server 2012 and create a new forest on active directory domain sevice
now I want to install office web apps server 2013 but when I run the setup said me can't install office web apps server on the domain name that installed sharepoint .
how can I create second domain name on this active directory domain service to install office web apps server ?
help me please I'm new and just want to try sharepoint and office web apps server .
mostly I need to create MS access custom web app and I need the web place to run my access custom web app on this server and because I live in iran can't create and sign up for office 365 and sharepoint online so i'm forced to run them on my system .help
me to complete ths server ?
Greate Regards :
Raha
whit the best regard : RahaHi,
For how to Use Office Web Apps with SharePoint 2013, the below links should be what you want to refer to:
Configure Office Web Apps for SharePoint 2013
http://technet.microsoft.com/en-us/library/ff431687.aspx
Video: Configure Office Web Apps for SharePoint 2013
http://technet.microsoft.com/en-us/library/dn455088.aspx
How Office Web Apps work on-premises with SharePoint 2013
http://technet.microsoft.com/en-us/library/ff431685.aspx
In addition, for further assistance for Sharepoint, I suggest you post in the SharePoint forum.
Regards,
Yan Li
Regards, Yan Li -
Hi,
I don't know how to use DHCP Server.
#Features > Networking > Network Management > DHCP Server
There seems to be no item to setting a DHCP Server in the Administrative Tools.
Is there function to which installation is necessary to use DHCP Server.
Thanks,DHCP server role is typically for Windows Server, but you can get some DHCP capability when you enable Internet Connection Sharing -http://answers.microsoft.com/en-us/windows/forum/windows_7-networking/make-windows-7-act-as-a-dhcp-server/8ff345f2-99b5-4670-bb6f-32d7bb63de3c
Sean Liming - Book Author: Starter Guide SIM (WEI), Pro Guide to WE8S & WES 7, Pro Guide to POS for .NET - www.annabooks.com / www.seanliming.com -
How to put Mediation Server on Maintenance Mode for LYNC server 2013
how to put the LYNC 2013 Mediation server on Maintenance mode???
Hi,
Did you solve the issue with the help the people above provided?
If you mean server draining feature you can also check Topology option on Lync Server Control Panel, on Topology interface, click “Action” and there is an action called “Prevent new sessions for service”.
Here is a similar case may help you:
http://social.technet.microsoft.com/Forums/lync/en-US/ef3515a9-54c0-4b7a-ab48-45196764d837/how-to-use-lync-server-draining-feature?forum=ocsplanningdeployment
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Lion Server 10.7.4 VPN service not using my Active Directory domain for authentication
I have Lion Server 10.7.4 setup on a Mac Mini and I have enabled the VPN service for both L2TP and PPTP. The Mac Mini is joined to my Windows Domain at a functional level of Server 2008 R2. I have set the authentication paths to point to my domain in Directory Utility.
What I would like to have happen is for my laptop to be able to VPN into my office network remotely using domain credentials and not local account credentials on the Mac Mini itself. This is a process I have done numerous times on Windows boxes, but for some reason the only way I can get the VPN to work on this instance of Lion Server 10.7.4 is by authenticating using local accounts only.
Does Lion Server 10.7.4 only authenticate VPN users based on it's local account schema? Or can it truly authenticate against an active directory domain?
Any suggestions or help is greatly appreciated. Thanks,Hi g-pirtle,
Yes, I had already done that a few days ago. I was able to add the desired AD group to the allowed users/groups for the VPN service. Thats exactly what is so weird about this...it allows me to search for and add an AD user or group to the list of allowed users/groups, but then when I actually try to use a domain account to authenticate to the VPN is just gives me the "cannot authenticate" error. Very strange.
I wondered if for some reason Apple is only allowing local accounts to be authenticated against. Sounds crazy, but I cannot for the life of me get this to work. I also wondered if Kerberizing the server would help, but when I go to join a Kerberos realm in Open Directory inside of Server Admin, it just has no realm listed in the drop down menu.
Other than that, all other aspects of the Mac Mini being joined to the AD domain seems to be good. I'm really stumped here...
Thanks again, -
How do use my ITunes balance to pay for Apps
How do use my ITunes balance to pay for Apps?
You just buy what you want. If you have a credit (balance), it is automatically used before you are billed (if you run over your balance).
How to manage unused iTunes Gift Card and Gift Certificate balances
"Each time you purchase content, iTunes will deduct funds from the credit until it's depleted." -
How to use same Data Type and Length for two fields
How to use same data type and length for two fields when using 'FOR ALL ENTRIES IN' in a select statement? For instance the select queries are :
SELECT bukrs gjahr belnr lifnr budat bldat zlspr dmbtr waers shkzg
FROM bsik
INTO TABLE it_bsik
WHERE bukrs = p_bukrs
AND lifnr IN s_lifnr.
IF it_bsik IS NOT INITIAL.
SELECT belnr gjahr awkey awtyp
FROM bkpf
INTO TABLE it_bkpf
FOR ALL ENTRIES IN it_bsik
WHERE belnr = it_bsik-belnr
AND gjahr = it_bsik-gjahr.
IF it_bkpf IS NOT INITIAL.
SELECT belnr gjahr lifnr xblnr
FROM rbkp
INTO TABLE it_rbkp
FOR ALL ENTRIES IN it_bkpf
WHERE belnr = it_bkpf-awkey+0(10)
AND gjahr = it_bkpf-awkey+10(4).
ENDIF.
ENDIF.
Here it gives an error in the 3rd select query that 'When you use the addition "FOR ALL ENTRIES IN itab", the fields "GJAHR" and "IT_BKPF2-AWKEY+10(4)" must have the same type and the same length.'
Kindly clarify.Hi Saurabh,
Please see the example code that I have developed for you. It will help you solve the problem.
REPORT ZTEST_3 .
tables : BKPF.
data : begin of it_bkpf occurs 1,
belnr type RE_BELNR,
awkey type awkey,
awtyp type awtyp,
gjahr type GJAHR,
end of it_bkpf.
data : begin of it_bkpf1 occurs 1,
belnr type RE_BELNR,
awkey type gjahr, " change the data type
awtyp type awtyp,
gjahr type GJAHR,
end of it_bkpf1.
data : begin of it_rbkp occurs 1,
belnr type BELNR_D,
gjahr type gjahr,
lifnr type LIFRE,
xblnr type XBLNR,
end of it_rbkp.
select belnr
awkey
awtyp
gjahr
from bkpf
into table it_bkpf
where BUKRS = 'TELH'.
loop at it_bkpf.
it_bkpf1-belnr = it_bkpf-belnr.
it_bkpf1-awkey = it_bkpf-awkey+10(4). "Here only append the required length.
it_bkpf1-awtyp = it_bkpf-awtyp.
it_bkpf1-gjahr = it_bkpf-gjahr.
append it_bkpf1.
clear it_bkpf1.
endloop.
select belnr
gjahr
lifnr
xblnr
from RBKP
into table it_rbkp
for all entries in it_bkpf1
where belnr = it_bkpf1-belnr
This is just an example. Change the fields according to your requirement.
Regards
Abhii
Edited by: Abhii on Mar 9, 2011 9:08 AM -
How to find the SQL Server Instances running across the given activer directory domain?
How to find the SQL Server Instances running across the given activer directory domain?
I have though of OSQL -L , Microsoft Assessment and Planning ( MAP ) tool and SQLPing3 (SQLSecurity) might help me.
I would appreciate if there any other way of finding the SQL Servers / Instances running across the given active directory domain.
Sivaprasad S
http://sivasql.blogspot.com
Please click the Mark as Answer button if a post solves your problem!Dear ,
Very simple u find all instances through the customized sp which is get all details about inventory. Like i put the sp bellow. This is without any tool.
USE [master]
GO
/****** Object: StoredProcedure [dbo].[DBStatus] Script Date: 08-01-2015 19:46:11 By Damodar Patle Sr. DBA Mumbai India ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
ALTER PROCEDURE [dbo].[DBStatus]
AS
SELECT
SERVERPROPERTY('servername') AS ServerName,
ConnectionProperty('local_net_address') AS 'local_net_address',
ConnectionProperty('local_tcp_port') AS 'local_tcp_port',
CONVERT(VARCHAR(25), @@VERSION) as VERSIONSQL,
SERVERPROPERTY('ErrorLogFileName') AS ErrorLogFilePath,
database_id,
CONVERT(VARCHAR(25), DB.name) AS DBName,
CONVERT(VARCHAR(10), DATABASEPROPERTYEX(name, 'status')) AS [Status],
CONVERT(VARCHAR(10), DATABASEPROPERTYEX(name, 'Recovery')) AS [Recovery_Model],
create_date as DBCreate_Date, --physical_device_name,
(SELECT COUNT(1) FROM sys.master_files WHERE DB_NAME(database_id) = DB.name AND type_desc = 'rows') AS DataFiles,
(SELECT SUM((size*8)/1024) FROM sys.master_files WHERE DB_NAME(database_id) = DB.name AND type_desc = 'rows') AS [Data MB],
(SELECT COUNT(1) FROM sys.master_files WHERE DB_NAME(database_id) = DB.name AND type_desc = 'log') AS LogFiles,
(SELECT SUM((size*8)/1024) FROM sys.master_files WHERE DB_NAME(database_id) = DB.name AND type_desc = 'log') AS [Log MB],
(SELECT physical_name FROM sys.master_files WHERE DB_NAME(database_id) = DB.name AND type_desc = 'rows') AS MDF_File_Location,
(SELECT physical_name FROM sys.master_files WHERE DB_NAME(database_id) = DB.name AND type_desc = 'log') AS LDF_File_Location,
user_access_desc
FROM sys.databases DB
ORDER BY dbName, [Log MB] DESC, NAME -
How to install Small Business Server 2008 in an existing Active Directory domain
It is shown on this page:
http://support.microsoft.com/kb/884453, "How to install Small Business Server 2003 in an existing Active Directory domain".
Is it possible to do this with SBS2008 ?
If "YES", are there any published information about the procedure ?Yes, it is. Thank you very much.
But there is something that confuses me - I want to migrate from Win2003Std to SBS2008. And also, I want to keep the existing Win2003Std as a second DC for a long time.
But it is written in the shown article:
... After the migration is finished, you must remove the Source Server from the network within 21 days. ...
Is this rule mandatory for the scenarios where the Source Server is Std, not SBS ? As I know, I can have more than one DC(Win2003Std/Win2008Std) together with SBS2003. But what about SBS2008 ? -
Strange issues with domain controller/DNS server
Our domain controller/DNS server was working fine this morning. Then suddenly we stopped being able to access certain things on it. I could ping it, RDP into it, and access some files on it, but I couldn't run any applications hosted on it, accessing shared
network files was slow, and different people around the office were getting access denied errors to files and folders they had full control of in NTFS (and in shared permissions).
At first I noticed an NTP error so I registered w32tm and started the service and that got rid of the error but didn't fix anything.
Oddly, machines still had internet access.
We tried rebooting everything, restarting services, nothing has helped.
When I accessed the server directly through the console I could access everything, could connect to any machine in the office, nothing seemed to be wrong with it.
Any ideas?Is there any recent changes in your network or firewall or antivirus? Is there any change/updates performed in the AD side? I would suggest find out changes being done at the AD or Network/FIrewall level. You can run various diagnostic test within your AD
environment to find the overall health of the AD infra.
What does DCDIAG actually… do?
Active Directory Replication Status Tool Released
http://msmvps.com/blogs/ad/archive/2008/06/03/active-directory-health-checks-for-domain-controllers.aspx
Awinish Vishwakarma - MVP
My Blog: awinish.wordpress.com
Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.
Maybe you are looking for
-
Aperture picture files...can I get them in the Finder?
I'm using Aperture 2.1. I know Aperture stores it's images in a library like iPhoto...but is there a way to get to the pictures in the Finder so I can open them or copy and paste? Message was edited by: wtgilles
-
OBIEE 11G - SQL filter Injection
will it be possible to SQL inject a dynamic filter at the RPD level? I was thinking of doing in the WHERE clause on the CONTENT tab of the Logical Table Source but then I'm not allowed to. The filter I want to apply is AS OF TIMESTAMP to_timestamp(<v
-
I am trying to install iOS 6 on my IPAD2 but none of the screens that are displayed are what is on my IPAD.
-
SAP best Practice for Construction industry in GCC countries
Dear Pals Pleas let me now the link for the SAP Best Practice document for Construction industry in GCC countries. Thanks & regards Rajaram
-
Can't Upgrade from 10.4.11 to 10.5.4
Have an iMac with intel processor 1.83 GHz, 512MB memory, version 10.4.11. Trying to upgrade using 10.5.4 using Install Discs from other computer but message says the software can not be installed on this computer. Not sure why not.