Untrusted Forest Discovery failed
I'm having a issue with remote untrusted forest. Forest Discovery fails, but I can publish site server information to this forest.
ERROR: [ForestDiscoveryAgent]: Failed to connect to forest domain.com. This can be because of disjoint DNS namespaces, network connectivity or server availibility issue. Error Information The specified forest does not exist or cannot be contacted.
Entering function ReportForestConnectionFailureStatusMessage()
Calling ReportStatus, keys= SMS_AD_FOREST_DISCOVERY_MANAGER, -2147474744, 2
I have configured conditional forwarders between forests and name resolution works. There shouldn't be any firewall issues either and I tested SRV records via nslookup with this method
Type nslookup, and then press ENTER.
Type set type=all, and then press ENTER.
Type _ldap._tcp.dc._msdcs.<var>Domain_Name</var>, where <var>Domain_Name</var> is the name of your domain, and then press ENTER.
Nslookup lists correct domain controllers from remote forest.
Any ideas what could be causing this? I think it's AD related problem.
LDAP://DCNAME.domain.com/OU=Computers,DC=domain,DC=com
I tested this last week and this works. Now I can discover computer objects from untrusted forest. There must be something wrong with the ad/dns infrastructure becasue
normally you dont need to specify domain controller directly because it should find it with srvlookup.
Similar Messages
-
Hi all,
installed SCCM 2012 R2 in one domain - all seems to be functioning well. We have a second, untrusted domain which I need to deploy a DP and MP into. In order to do this I first need to use the Add Forest feature to discover the untrusted domain and all the
machines which lurk therein. To this end, I have created a new discovery account (SCCM2012discovery) in the untrusted domain.
Are there any particular rights the new account needs in the untrusted domain? Since all Domain Users can 'Read' Active Directory I'm presuming not.
Second, is there a particular log file I can view to watch the discovery process ticking over?To Narcoticoo:
So, NSlookup from the sccm 2012 server resolves both the domain.local and domaincontroller.domain.local names. However, when I try changing the LDAP path as you suggested I get a "Configuraiton Manager Cannot Connect to the Active Directory container
you specified......The server is not operational". If I revert to just using the LDAP://DC=domain,DC=local then the connection verifies successfully. Not sure whether this is expected behaviour or not?
To Torsten:
So I re-ran a Full Forest Discovery and opened up adforestdisc.log to see what was going on. Had multiple entries for the various subnets of the untrusted domain which read as follows:
ERROR: [ForestDiscoveryAgent]: Discovered subnet (subnet) in AD site Kew-Untrusted in forest web.local was not saved in the database. Return value was -1. Discovery will be attempted on the next cycle.
and then once they had all been listed, this popped up:
ERROR: [ForestDiscoveryAgent]: Failed to get trust relationships of forest domain.local due to ActiveDirectoryOperationException. Discovery will be attempted on next cycle.
In spite of this ominous sounding error all the subnets have appeared in SCCM's 'Boundaries' list.
I then re-ran the Full System Discovery and, once again, encountered this in adsysdis.log
ERROR: Failed to read account (domain\sccmaccount) from site control file (0x87D20702)
ERROR: Failed to enumerate directory objects in AD container
LDAP://DC=domain,DC=local
Sort of feel like I may have missed something obvious here. Can anyone shed any light on why the system discovery process might be having trouble reading the account info from the site control file?
Thanks to both of you for taking the time to help me out! -
Why client installation fails in untrusted forest?
I have one untrusted forest and my ConfigMgr site is published to this untrusted forest ad successfully. When running ccmsetup.exe in untrusted forest it fails and when I look ccmsetup.log I can see that it fails to locate management point. Why is this happening
because site information is available in AD?If you are trying to do auto site assignment, is there a boundary published for site assignment that this client falls within?
If not, have you considered just doing SMSSITECODE=<your site code> and also specifying an initial management point for it to contact with SMSMP=<accessible MP>?
Nash
Nash Pherson, Senior Systems Consultant
Now Micro -
My Blog Posts
If you've found a bug or want the product worked differently,
share your feedback.
<-- If this post was helpful, please click "Vote as Helpful". -
Problem installing SCCM client in remote untrusted forest
Hi,
My configuration is :
My network is in two parts : intranet and a DMZ. In the DMZ there is another forest and domain. There is no trust between the forest in the DMZ and the internal network. I configured the remote forest in SCCM with a user account that has Domain Admin acces
in the DMZ forest/domain.
The primary site server is located in the internal part of my network. SQL is installed on a remote server. Management point, distribution point, Fallback Status Point roles are installed on the primary site server. SMS Provider is installed on the primary
site server.
In the DMZ part, I have a management point, distribution point installed on one server.
The forest discovery works fine. I can query AD in the remote forest (DMZ).
I have a problem installing the SCCM client on computers located in the remote forest with client push or with the command line.
CCMSETUP.EXE /MP:DMZ site server /DP:DMZ site server /FSP: primary site server SMSSITECODE:SIT
In CCMSetup.log I can see that the client try to communicate with my DMZ site server but it reverts to the management point and distribution point located in the internal part of the network. The installation fails and will try in 10 minutes.
Do anyone has seen this problem before? Am I missing something? Could it be a configuration issue?
Could you help me whit this please?
Thanks in advance for your time!
JacquesDoes the client installation work when you install the client manually on the untrusted domain client? What does the CCM.log say on the site server?
Have you double checked the firewall ports for the client push installation? The ports needed for the client push to work are as follows (from the site server to the client):
SMB - TCP 445
RPC Endpoint Mapper - TCP 135 / UDP 135
RPC Dynamic Ports
And to Management Point:
HTTP - TCP 80 (When using HTTP)
HTTPS - TCP 443 (When using HTTPS)
Also a quote from
TechNet: "In addition to the ports listed in the following table, client push installation also uses Internet Control Message Protocol (ICMP) echo request messages from the site server to the client computer to confirm whether the client
computer is available on the network. ICMP is sometimes referred to as TCP/IP ping commands. ICMP does not have a UDP or TCP protocol number, and so it is not listed in the following table. However, any intervening network devices, such as firewalls, must
permit ICMP traffic for client push installation to succeed." -
Domain is not discovered in untrusted forest
I have the following Setup.
Domain A in forest A. ASCCM2012 Primary Server with SCCM 2012 SP1 CU1 server installed with MP,DP and SUP. Domain A i a 2008 R2 domain.
Domain B in Forest B, MP and DP and SUP installed on BSCCM2012. Domain B is a 2012 domain.
There is no trust between forest A and forest B. For the testing the firewalls on the SCCM servers are disabled. There is full network connectivity between the servers. I have setup a forest discover account SCCMADDiscover that is created in domain B as a normal
user.
Problem.
I have setup forest discovery (and thereby forest publishing) of the Forest B on the Primary SCCM server.
In the console on the "Active Directory Forests" it says that both the discover and the publishing have been successfully.
But when I look at the "Domains" tab for the Forest B it says “No Items Found”.
When I look in the ADForestDisc.log file I see the following errors:
Entering function GetUserCredentials() SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:20 7988 (0x1F34)
ERROR: [ForestDiscoveryAgent]: Failed to save data for domain B in forest B due to ActiveDirectoryOperationException. Discovery will be attempted on next cycle. SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Entering function ReportForestDiscoverySuccessStatusMessage() SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Raising discovery success status message for forest B, in which we discovered 1 site(s) and 0 subnet(s). SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Calling ReportStatus, keys= SMS_AD_FOREST_DISCOVERY_MANAGER, 1073750724, 0 SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
STATMSG: ID=8900 SEV=I LEV=M SOURCE="SMS Server" COMP="SMS_AD_FOREST_DISCOVERY_MANAGER" SYS=ASCCM2012 SITE=P01 PID=2344 TID=7988 GMTDATE=to maj 16 11:07:21.315 2013 ISTR0="AssensOpen.dk" ISTR1="" ISTR2="" ISTR3=""
ISTR4="0" ISTR5="1" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Entering function CActiveDirectoryForestDiscovery::UpdateForestNamesForAllSiteSystems() SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Trying to update forest fqdn for all site systems associated with site P01 SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Entering function CActiveDirectoryForestDiscovery::UpdateForestNamesForSiteSystems() SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Entering function CActiveDirectoryForestDiscovery::GetForestName() SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Trying to discover forest name for server BSCCM2012. SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Failed to get the domain basic info for machine BSCCM2012. Error returned is: 5 SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Entering function CActiveDirectoryForestDiscovery::GetForestName() SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Trying to discover forest name for server BSCCM2012 SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
Failed to get the domain basic info for machine BSCCM2012 Error returned is: 5 SMS_AD_FOREST_DISCOVERY_MANAGER 16-05-2013 13:07:21 7988 (0x1F34)
As it can be seen in the log file it fails to get forest name and domain name for the server BSCCM2012 in the untrusted domain. It gets an error 5 that I assume is a Access Denied.
I have tried to give the SCCMADDiscover account domain and enterprise admin rights but that did not help. I have also tried to add the SCCMADDiscover to the local admin group on BSCCM2012 server but that didn’t help either.
It also seems that the data is not saved correct.
ERROR: [ForestDiscoveryAgent]: Failed to save data for domain B in forest B due to ActiveDirectoryOperationException
Where is it the SCCMADDiscover account have insufficient rights?
Thomas Forsmark SoerensenThanks for letting me know. This means that this is not the root cause, so I can focus on other things.
There´s also another problem I´m not sure if it related to the Forest Discovery and I wonder if it´s the same for you. I will create a separate topic if it´s not related, but maybe you can confirm from your side. For the Computers which have been discovered
in the untrusted Forest, when I go to the properties of a system, the property "System OU Name" changes from time to time. When I look at the property throughout the day for different systems it´s sometimes empty, sometimes shows the complete OU paths and
sometimes just the single OU Containers. For example when a System is located in EU\COMPUTERS\SERVERS, sometimes the whole path is shown (like for all systems in the trusted Forest) and sometimes it just shows "EU";"COMPUTERS";"SERVERS" or it´s just empty.
All for the same system during different times throughout the day. Like it´s not able to grab the complete OU paths. I have no error in the AD System discovery log, so I wonder if this is related to the Forest Discovery too.
This makes it impossible to build collections based on System OUs, so I am using the DN currently (which is populated properly). -
Question on Untrusted Forest and Roles Required.
Hi, i need some help understanding untrusted forests and system roles.
All my untrusted forests are well connected to each other; they are all in the same data-center for that matter.
Is at least 1 site system role (MP?) required in an untrusted forest to manage those clients in each untrusted forest from the Pri?
I read this blog here,
http://blog.coretech.dk/kea/multi-forest-support-in-configmgr-2012-part-i-managing-clients-in-an-untrusted-forest/
But one of the readers posted at the bottom of the blog that is it not supported referencing technet.More info:
Cross Forest Support in ConfigMgr 2012 Part 2: Forest Discovery, Publishing, and Client Push Installation
http://blogs.technet.com/b/neilp/archive/2012/08/21/cross-forest-support-in-configmgr-2012-part-2-forest-discovery-publishing-and-client-push-installation.aspx
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Hi
I have a forest (Internal) and I have another forest (External).
SCCM 2012 R2 and SQL 2012 is installed in the "internal forest", I would like to add a new forest (external) to my SCCM setup which is "Untrusted". The two forests are not trusted across domains or
forests (internal and external).
Currently, I have clients in a workgroup capable of communicating with the "external" forest.
My question:
1- It's possible to install a MP and DP in the external forest ? because i have clients within a workgroup that I would like to manage through that MP and DP.
If so, HOW TO PLEASE!?
ThanksYes this is possible.
Take a look at the following blog entries which explains the process
http://blogs.technet.com/b/neilp/archive/2012/08/20/cross-forest-support-in-system-center-2012-configuration-manager-part-1.aspx
http://blogs.technet.com/b/neilp/archive/2012/08/21/cross-forest-support-in-configmgr-2012-part-2-forest-discovery-publishing-and-client-push-installation.aspx
http://blogs.technet.com/b/neilp/archive/2012/08/24/cross-forest-support-in-configmgr-2012-part-3-deploying-site-server-site-systems-in-an-untrusted-forest.aspx
Cheers
Paul | sccmentor.wordpress.com -
Untrusted forest with duplicate AD site names
Can anyone speculate on the behavior when enabling Forest discovery of an untrusted forest that has AD sites with the same names as what are in the installed forest (The forest where Config Mgr lives)?
My concern is that the currently discovered boundaries (AD Site boundaries) already exist with the Site names so there may be some kind of conflict when Config Mgr tries to create AD Site boundaries based on the untrusted forest's duplicate named AD sites.There will be a conflict, but not with Forest discovery per se. I don't think it will really care. The conflict will come when clients actually use the boundaries for content lookup.
Do the like-named sites represent the same locations in the enterprise? If so, then this should be a non-issue. If not, then you'll have to switch to another boundary type or get the AD folks to rename their sites -- it would be kind of dumb to name two
different locations the same thing though so I suspect the former is the case.
Jason | http://blog.configmgrftw.com | @jasonsandys -
Active Directory service discovery failed
Hi forum user,
I have integrated my SGD with AD.
I saw the following error in jserver log file:
# more jserver2698_error.log
2007/07/24 15:25:22.626 (pid 2698) server/ldap/error #1185261922626
Sun Secure Global Desktop Software (4.31) ERROR:
Active Directory service discovery failed: Failed to find any valid Site objects.
Looking up Global Catalog DNS name: gc.tcp.telbru.com.bn. - HIT
Looking for GC on server: Active Directory:ts1.telbru.com.bn:/172.25.11.96:3268:Up - HIT
Checking for CN=Configuration: DC=telbru,DC=com,DC=bn - MISS
Checking for CN=Configuration: CN=Configuration,DC=telbru,DC=com,DC=bn - HIT
Looking up domain root context: DC=telbru,DC=com,DC=bn - HIT
Looking up site context: CN=Sites,CN=Configuration
Searching for sites: (&(objectClass=site)(siteObjectBL=*)) - HIT
Looking up addresses for peer DNS: portal.telbru.com.bn - HIT
Failed to discover Active Directory Site, Domain and server data.
This might mean LDAP users cannot log in.
Make sure the DNS server contains the Active Directory service
records for the forest. Make sure a Global Catalog server is available.
Why the error occurred ?
What is the resolution to this error ?
Appreciate any help. Thanks.This error message is telling you that SGD failed to find any site objects in your AD tree. This should not stop users from logging in, it will just mean that SGD will not be able to work out which AD site is local to the SGD server.
If you are not using sites in your AD setup, then you do not need to worry about this.
Hope this helps,
DD -
SCCM Console, untrusted forest
Hi,
I have a site system server with MP, DP in a untrusted forest. Is it possible to install SCCM console on it and connect back to Primary server?
I have checked all ports that are in the documentation https://technet.microsoft.com/en-us/library/hh427328.aspx?f=255&MSPPError=-2147217396 regarding "Configuration Manager Console" but I still cannot run the console. I have tried opening
SCCM Console with RunAs and a account in the Primary servers forest.
Does the MP, DP need to have firewall ports open to the Primary servers forests domain controllers and to authenticate ?
In that case what are ports needed?
/AHi Peter,
We want to have a console on each untrusted forest site system server to be able to manage the computers in the untrusted forest with Right-Click Tools and Remote Control. Because the untrusted site system server is on the network already, many firewall
ports all already allowed. We don't want to do it through the Primary because of the difficulty of opening for all firewall ports that are needed for remote tools.
Does that make sense? -
User-based deployment to untrusted forest
Case:
Domain A has ConfigMgr 2012 server with all roles (MP, DP, SUP...)
Domain B is untrusted and hasn't got any ConfigMgr site server roles installed
ConfigMgr site has been introduced to Domain B also, so all the resources can be discovered (systems, users)
I can deploy software to systems in the untrusted forest
I cannot deploy software to users in the untrusted forest
Is this normal behavior? Do I need MP to untrusted forest so that I can get my user deployment's working? When I deploy software to users in the untrusted domain, they don't even show up in the AppDiscovery.log and deployment status on the console doesn't
show the device for the user.See the Support for users in untrusted forests section at http://blogs.technet.com/b/configmgrteam/archive/2012/07/05/tips-and-tricks-for-deploying-the-application-catalog-in-system-center-2012-configuration-manager.aspx
Jason | http://blog.configmgrftw.com -
Software Updates in an Untrusted Forest
Hi all,
I've build a SCCM2012R2 site with 2 forests involved. They are UNTRUSTED.
Forest 1 contains a primary site with SQL and a secondary across WAN distribution point. This all worked great for Applications and Window Updates.
The second untrusted forest has 1 site server with a Management Point, Fallback Status point, Distribution point and default roles. for some reason I can't get a client in the untrusted forest to get the software update packages I create.
I have deployed them to all distribution points and the clients in the untrusted forest (manually installed) have shown up in SCCM and are in the correct test collection.
Boundary groups have been setup with boundaries on IP subnets.
Is there any specific logs I can check? Does the a Software update point need adding to the untrusted forest site system?
A firewall block communication between the forest to I have created Site server to Site server rules but untrusted forest client don't have access back to the primary site server.
If I could just get this software updates working I'm complete!! Any help would be great!!Thanks for the help trouble shooting,
This is now resolved.
For info the clients in the untrusted forest need to be able to access the WSUS website. As I have a locked down firewall between my forests I add an Any to SCCM WSUS on port 8530 and tested on IE. Page comes up as access denied but it proves the connection.
Software deployment and WSUS on an untrusted domain with out any AD connection, DNS or WINS requires a manual (or scripted) install of the clients specifying the SMSLP, SMSSITECODE, SMSMP and SMSFSP for that forest. All these roles need are required
to be installed for the site server for that untrusted forest when adding it into SCCM if you don't have access to the forests AD or DNS.
The only connection clients seem to need back to the primary site it the WSUS website for syncing. Packages are still distributed to the servers in the untrusted.
As I have been using a firewall between the sites I allowed the site servers communication over the following ports.
80,443,445, 135,1027, 49152-65535
Note: Without the RPC dynamic port range I got errors in SCCM distribution logs.
Site servers to SQL was as standard. 1433,4022. -
Hi All,
We have actually the following configuration with SCCM 2012 R2 CU4 :
Same Forest, same Domain (2 x 2 DCs + AD DNS)
+ Primary Site Server with 300 clients (MP,DP,SUP,SDB,SS,FSP,RSP)
+ Secondary site Server with 300 clients (MP,DP,SUP,SDB,SS)
distinct Untrusted Forest (2 DC + AD DNS)
+ 15 clients
What's the best configuration to manage the untrusted forest ? I already checked the following link (http://blogs.technet.com/b/neilp/archive/2012/08/20/cross-forest-support-in-system-center-2012-configuration-manager-part-1.aspx)
what's the comm ports requirements ? clients + site system <-> primary site
Can we avoid the untrusted clients to access to the pri/sec site servers.
We plan to add a site System to the primary site in the remote untrusted forest with MP,DP,SUP Roles)
(afaik a secondary site need trusts which is not permitted)
We need Inventory, Software Distribution, Windows Updates features on the untrusted forest
Link between primary and secondary site is ~16Mb/s
Link between primary and untrusted forest is about ~16Mb/s
Link between secondary site and untrusted forest is about ~1Gb/s
Thanks a lot !Port used by ConfigMgr is well explained here:
https://technet.microsoft.com/en-us/library/hh427328.aspx#BKMK_CommunicationPorts
In addition, be aware that for discovering computers in untrusted forest you need to open port 53 (DNS) between the SCCM server and remote DC (in untrusted forest) OR create a secondary DNS zone for the untrusted forest in your DNS.
Please take a moment to Vote as Helpful and/or Mark as Answer where applicable. Thanks. -
SUP in untrusted forest using SCCM 2012 SP1
Hi, I have a single primary site in a single domain/AD forest. I also have a single site system in an untrusted forest behind a firewall.
I have installed a DP and an MP onto this server in the untrusted forest and have now installed WSUS and added the SUP role. The SUP role has been installed, however the SUP in the untrusted forest isnt synching its catalog from the SUP in the primary
site.
In the Software Update Point Synchronisation Status, its source is specified as Microsoft Update, rather than the name of the Priamry Site server with the SUP role.
The relevant ports 80/443/8530/8531 are open between the two forests, but it doesnt appear to attempt to sync from the primary site.
How do I get this SUP to sync from the Primary site? I've tried setting a WSUS Server Connection Account, but this doesnt appear to make any difference.
Thanks for your help.
CarlI had to remove the use of the proxy server at the primary SUP so that it downloads directly from the internet without the use of a proxy.
As soon as this was removed the untrusted SUP synchronised successfully. Even though the proxy isnt specified in the SUP properties of the untrusted site system, it still appears to use this when performing a sync.
Do you want to file this on Connect as feedback to the Product Group?
https://connect.microsoft.com/ConfigurationManagervnext/Feedback
Rob Marshall | UK | My Blog |
WMUG |
File CM12 Feedback |
CM12 Docs |
CM12 Release Notes -
Hi,
I realize you cannot force a client to use a particular MP, which is creating a design problem for us.
We have multiple DMZs in an untrusted forest.
I am not sure how to get around this problem.
The clients cannot communicate with an MP outside of that DMZ.
If I have 20 DMZs, and a MP in each, will this not create an MP rotation issue at some point?
I came across this posting by Anoop, is the only workaround?
http://anoopcnair.com/2014/04/11/workaround-sccm-2012-clients-mp-selection-rotation-issue-untrusted-dmz-forests/
Appreciate any suggestions.Is there a single, shared forest (or domain) for all DMZ or a separate forests (or domains) for each DMZ?
The workaround describe in that blog post is for the perception of a bug, not for providing for MP selection.
Yes, MP rotation could cause an issue -- 20 MPs aren't supported within a single primary site either so you are also running into a support limitation.
Depending upon your answer to the forest question, LocationAware is probably the only answer today (without doing something crazy like using multiple primary sites).
Reverse proxy is another possible solution. This would enable a single MP (or sets of central MPs) to be accessed in a protected manner.
Jason | http://blog.configmgrftw.com | @jasonsandys
Maybe you are looking for
-
How to access SOAP web service with authentication, HTTP basic Authentication
Dear All i use Flash Builder 4.5, flex 4..1, i am developing a flex client to soap webservices hosted over Glassfish 2 Java server, the web services is protected by HTTP Basic Authentication, everythime i run my code , the prombt for username and pas
-
Need to default dates based on appraisal model in Java Iview MboStatusApp
Hi Gurus, I Need to default dates based on appraisal model selected in Java Iview MboStatusApp in MSS->Team->Performance Managemeent->Update Appraisals of reportees->Status overview . In this iview we have drop down with list of appraisal models al
-
Can Sound Blaster live 24bits external work at usb2
hello! my pc work with usb2.0 and i would like to know to now if usb. connection of sound blaster li've 24bits, can work at 2.0 or, if there are any update that make it work at 2.0? i would appreciate a answer. thank you.Message Edited by jhonyy00 on
-
Imovie 11 crashes when I try to finalize?
I hope someone can help! I just upgraded to imove 11 and had no problem importing, editing, adding music, etc. Once I tried to "finalize" the project, the computer restarted about 10 minutes later. On successive attempts, I had the same problem. I th
-
How to get google earth for free
How to get google earth for free