Search Results

Search found 13178 results on 528 pages for 'subsonic active record'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 77/528 | < Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >

  • Why is GPO Tool reporting a GPO version mismatch when the GPO version #'s do match?

    - by SturdyErde
    Any ideas why the group policy diagnostic utility GPOTool would report a GPO version mismatch between two domain controllers if the version numbers are a match? Policy {GUID} Error: Version mismatch on dc1.domain.org, DS=65580, sysvol=65576 Friendly name: Default Domain Controllers Policy Error: Version mismatch on dc2.domain.org, DS=65580, sysvol=65576 Details: ------------------------------------------------------------ DC: dc1.domain.org Friendly name: Default Domain Controllers Policy Created: 7/7/2005 6:39:33 PM Changed: 6/18/2012 12:33:04 PM DS version: 1(user) 44(machine) Sysvol version: 1(user) 40(machine) Flags: 0 (user side enabled; machine side enabled) User extensions: not found Machine extensions: [{GUID}] Functionality version: 2 ------------------------------------------------------------ DC: dc2.domain.org Friendly name: Default Domain Controllers Policy Created: 7/7/2005 6:39:33 PM Changed: 6/18/2012 12:33:05 PM DS version: 1(user) 44(machine) Sysvol version: 1(user) 40(machine) Flags: 0 (user side enabled; machine side enabled) User extensions: not found Machine extensions: [{GUID}] Functionality version: 2

    Read the article

  • SQL Server Windows Auth Login sees Domain as untrusted...

    - by Mr Shoubs
    I've had someone set up a domain controller on windows 2008 on one server, and sql server 2008 on another. The domain seems to be working fine, I'm logged on as a domain user on both servers, nothing seems to be a problem there. However, when I try to add a domain user/group to SQL Server Security (e.g. clicking ok from the create login screen) it says it can't find it (even though I've used the search to find the correct account in the first place), when I try to logon (even though I haven't added it yet) it says something about the account being part of an untrusted domain instead of saying I don't have permission to log on. Anyone have any ideas on what is set up incorrectly?

    Read the article

  • SQL Server Windows Auth Login not working

    - by Mr Shoubs
    I've had someone set up a domain controller on windows 2008 on one server, and sql server 2008 on another. The domain seems to be working fine, I'm logged on as a domain user on both servers, nothing seems to be a problem there. However, when I try to add a domain user/group to SQL Server Security (e.g. clicking ok from the create login screen) it says it can't find it (even though I've used the search to find the correct account in the first place), when I try to logon (even though I haven't added it yet) it says something about the account being part of an untrusted domain instead of saying I don't have permission to log on. Anyone have any ideas on what is set up incorrectly?

    Read the article

  • Blocking password policy (expiry) for a particular OU in AD

    - by Kip
    Hey SF Folks, Situation is this: I need to have a particular container in my AD environment which blocks password expiry policy, but accepts all other policies. Is this something that would work by simply adding in a GPO at the sub-ou level (the ou in question is a child of ou's where GPO's including password stuff is set). These accounts (and this ou) already exist and will have the default domain policy as well as other policies applied and they should continue to receive policy settings as per those GPO's, with the exception of the Password Expiry. We have tried the password do not expire tickbox and that seems not to have worked. Thanks in advance. Kip

    Read the article

  • gpupdate failing when using Samba 4 AD DC

    - by darthfoolish
    I have a Samba 4 AD domain running with 2 DCs on Centos 6.5, with a named DNS backend. I have multiple Windows 7 machines joined to this domain, which is fine. However, I can't get GPOs to apply. When running gpupdate, I get the following output The processing of Group Policy failed. Windows attempted to read the file \\sysvol\\Policies{31B2F340-016D-11D2-945F-00C04FB984F9}\gpt.ini Obviously, you don't normally see what it's trying to connect to when it's successful, but I would have thought the first place shows up, I should be seeing So, what governs what data gets put in between those angle brackets? If it is just supposed to be the domain, then what else could be going wrong? Thanks in advance for any help.

    Read the article

  • Slow logins with roaming profiles

    - by tliff
    We are running an ActiveDirectory environment with Windows 2008 as DC and Samba 3.3 as fileserver, using roaming profiles. Some of our offices are connected to HQ via slowish links (1/2 Mbit). Naturally this is not very fast but that was expected. What I do not understand is, that if a user logs out (taking a long time to sync, as expected) and then logs in again the next day it also takes a long time to login. And that is what I don't understand. Shouldn't the sync recognize that nothing has changed rather quickly? Also: Is there any decent docu on how the synchronization is implemented?

    Read the article

  • How to change the default domain controller when querying AD in a different site?

    - by Linefeed
    We have 2 different locations, and at both site we have multiple domain controllers (Win2008). In our application we use Serverless Binding to execute our LDAP queries http://msdn.microsoft.com/en-us/library/ms677945(v=vs.85).aspx. If we look at de DnsHostName of the LDAP://RootDse on site B we always get the default domain controller of site A. Therefor all LDAP queries go much slower. Is there a way to change the default domain controller per site ?

    Read the article

  • GPO refresh error - Policy Refresh has not completed in the expected time. Exiting...

    - by Albert Widjaja
    Hi All, I'm having problem with my GPO changes, that I'd like to force to my terminal server users here's what I've done: I've made some necessary changes in one of the Domain Controllers to disable the GPO which applies to my Terminal Server user OU and then I go to the Terminal Server mstsc /admin console to perform the GPo refresh by using /force parameter, however I got this error instead: C:\Documents and Settings\Adminisratorgpupdate /force Refreshing Policy... User Policy Refresh has not completed in the expected time. Exiting... User Policy Refresh has completed. Computer Policy Refresh has not completed in the expected time. Exiting... Computer Policy Refresh has completed. but then the changes still got no effect yet as I logged in to the terminal server ? is there any way of how to make it in effect immediately please ? Thanks

    Read the article

  • How do I use Group Policy on a domain to delete Temporary Internet Files?

    - by Muhammad Ali
    I have a domain controller running on Windows 2008 Server R2 and users login to application servers on which Windows 2003 Server SP2 is installed. I have applied a Group Policy to clean temporary internet files on exit i.e to delete all temporary internet files when users close the browser. But the group policy doesn't seem to work as user profile size keeps on increasing and the major space is occupied by temporary internet files therefore increasing the disk usage. How can i enforce automatic deletion of temporary internet files?

    Read the article

  • Hide notification area GPO not applying

    - by Richard
    I have created a GPO to hide the notification area on Windows XP SP3. The GPO must apply to all students but only in certain rooms so I've also enabled loopback processing on the GPO and linked to the OUs the computers are in. I've then added a group to the security filter that contains all student accounts. This is not applying. It doesn't even show up in gpresult. I have also tried linking it in the Students OU which contains all student accounts and applying a security filter with a group of the computers I want it to apply to. This didn't work either. It's possible I'm missing something straightforward. Would a WMI filter do the job, and if so how would I go about writing one so that it'll only apply to computers whose name begins with XX-RT for example.

    Read the article

  • Powershell script for setting password expiry

    - by Pierre E
    Due to mistakes by the helpdesk staff, I found that over a 100 user accounts in my company AD have been set so that their passwords never expire. To avoid the situation in which all these users suddenly find themselves unable to log in, I want to run a script to set the password expiry to a specified date. I'm using Quest AD cmdlets, but I've only used powershell for simple scripts to get lists of users. The attribute I'm trying to modify is 'PasswordStatus' and I want to set those with this attribute set as "password never expires' to a specific date. Not much of a scripting guy, so any help in this would be most welcome.

    Read the article

  • How to logon with local account? RODC "There are no logon servers to process your request"

    - by g18c
    I have a site-to-site VPN, writeable DC in main office, Read-only DC. Today the VPN went down, but i couldnt log in to the read-only DC - the error message came up There are no logon servers to process your request. Since the RODC is a domain controller, there is no local administrator. How can i ensure that i am always able to log on to the RODC with a known account in an emergency if the writeable DC is not available?

    Read the article

  • Windows NT workstation on AD domain

    - by Tom
    We run a Windows NT workstation connected to special manufacturing equipment, that everyone is deathly afraid to touch. It has custom software and special cards inside of the machine, making a rebuild impossible. The problem is, we are migrating to an AD domain from an NT domain, and this workstation stills needs access to storage on the network (AD computers). How should I go about doing this, after we get rid of our NT Domain controller? Upgrading to 2000 is not an option (so says management). I know, I know, if it dies we are in trouble. But that's managements choice, we just need to get rid of this NT domain.

    Read the article

  • Temporarily disable an AD server

    - by 3molo
    Topology and setup We have main office A, and branch office (abroad) B. Our ISP somehow messed up the MPLS, and office A<B will not be connected until a few days. At location B, we have an AD (and the other two ADs at location A). Location A also have an exchange server. The problems A few users at A have problem to login to their computers running Windows XP, the logon process kind of hangs where "Applying computer policies". Additionally, I can't start the Exchange management shell, it fails on get-recipient because the AD abroad (location B) is unreachable. Solution? I could delete the AD at B, but Im pretty sure it will be a hazzle to re-join it, and since the office is abroad it's not an option to just go there and re-install it - re join, I now wonder how I in location As primary and secondary ADs can temporarily disable AD at location B.

    Read the article

  • Netdom to restore machine secret

    - by icelava
    I have a number of virtual machines that have not been switched on for over a month, and some others which have been rolled back to an older state. They are members of a domain, and have expired their machine secrets; thus unable to authenticate with the domain any longer. Event Type: Warning Event Source: LSASRV Event Category: SPNEGO (Negotiator) Event ID: 40960 Date: 14/05/2009 Time: 10:24:54 AM User: N/A Computer: TFS2008WDATA Description: The Security System detected an authentication error for the server ldap/iceland.icelava.home. The failure code from authentication protocol Kerberos was "The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc000006d)". For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: c000006d Event Type: Warning Event Source: LSASRV Event Category: SPNEGO (Negotiator) Event ID: 40960 Date: 14/05/2009 Time: 10:24:54 AM User: N/A Computer: TFS2008WDATA Description: The Security System detected an authentication error for the server cifs/iceland.icelava.home. The failure code from authentication protocol Kerberos was "The attempted logon is invalid. This is either due to a bad username or authentication information. (0xc000006d)". For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: c000006d Event Type: Error Event Source: NETLOGON Event Category: None Event ID: 3210 Date: 14/05/2009 Time: 10:24:54 AM User: N/A Computer: TFS2008WDATA Description: This computer could not authenticate with \\iceland.icelava.home, a Windows domain controller for domain ICELAVA, and therefore this computer might deny logon requests. This inability to authenticate might be caused by another computer on the same network using the same name or the password for this computer account is not recognized. If this message appears again, contact your system administrator. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Data: 0000: c0000022 So I try to use netdom to re-register the machine back to the domain C:\Documents and Settings\Administrator>netdom reset tfs2008wdata /domain:icelava /UserO:enterpriseadmin /PasswordO:mypassword Logon Failure: The target account name is incorrect. The command failed to complete successfully. But have not been successful. I wonder what else needs to be done?

    Read the article

  • Roaming profile migration failed using Windows explorer manual copy

    - by Albert Widjaja
    Hi All, I'm at the final stage of migrating an old demoted DC server, now I'm stuck in migrating/copying the roaming profiles of the users from the old win2k server (oldServer1) into the new win2k3 server (newServer1) there are lots of profiles which points into the old server: \\oldServer1\profiles\user1 \\oldServer1\profiles\user2 \\oldServer1\profiles\user3 . . . \\oldServer1\profiles\userN in the ProfilePath I'd like to move it into: \\newServer1\profiles\user1 \\newServer1\profiles\user2 \\newServer1\profiles\user3 . . . \\newServer1\profiles\userN I tried to copy paste from my DOMAIN\Administrator account but it is failed to copy ? i cannot even browse inside the directory of user1 until userN ? is there any fastest way to do the copy process rather than "taking ownership" for each of those directory one by one ? [hopefully by taking ownership the user will still be able to use their profile normally] Thanks.

    Read the article

  • Send mail from a distrobution groups email address

    - by Campo
    A user has send permission on a distro group on a WINDOWS SERVER 2003 domain. I am the admin. When either of us send email using the distrobution groups email adress we get a non delivery report Your message did not reach some or all of the intended recipients. Subject: TEST Sent: 4/19/2010 4:46 PM The following recipient(s) cannot be reached: [email protected] on 4/19/2010 4:46 PM You do not have permission to send to this recipient. For assistance, contact your system administrator. MSEXCH:MSExchangeIS:/DC=local/DC=DOMAIN:SERVERNAME Thanks, JC

    Read the article

  • Setting user calendar permissions on Exchange 2007

    - by blizz
    We have Exchange 2007 with about 100 users. I would like to change everyone's free/busy permissions to grant Reviewer status to a specific AD group. I have tried PFDAVAdmin tool but when I commit any changes, they do not affect the users. If I grant myself Reviewer permissions to another user's calendar using the tool, I still cannot view that user's free/busy details, and I also don't show up on the list of people with permissions on that user's Outlook calendar options. It seems like PFDAVAdmin simply appears to do something, but doesn't actually change anything. Is there any other way for me to accomplish what I need to do? Or is there something I may not be doing right with PFDAVAdmin? FYI I have followed directions from this link: http://exchangeshare.wordpress.com/2008/05/27/faq-give-calendar-read-permission-on-all-mailboxes-pfdavadmin/

    Read the article

  • Cross domain LDAP

    - by Adam
    For a system we are developing we have 2 domains an internal and an external domain with bi directional trust between them. However the servers are only able to connect to their own DC's. We have an application server on the internal domain which needs to use an LDAP query to gather a list of users from a group on the external domain. How do i go about writing an LDAP query that asks one DC to go ask another DC for a list of users. I tried querying the internal DC with the same LDAP query I would use if it could hit the external DC directly but this does not work. When i use Softerra LDAP Administraor I can view the full hierarchy of the interal domain but despite the trust relationship between domains i am unable to see any of the external doamin. Any suggestions or help would be greatly appreciated

    Read the article

  • Mac Share Points automatically authenticate with matching Windows AD credentials from Windows

    - by Ron L
    I recently started administering an OS X server (10.8) that is on the same network as our AD domain. While setting up Mac Share Points, I encountered some odd behavior that I hope someone can explain. For the purposes of this example assume the following: 1) Local User on OS X Server: frank, password: Help.2012 2) AD Domain User: frank, password: Help.2012 3) AD Domain: mycompany 4) OS X Server hostname: macserver (not bound to AD, not running OD) When joined to the domain on a a Win 7 computer and logged in as frank and accessing the shares at \\macserver, it automatically authenticates using frank's OS X credentials (because they are the same). However, if I change frank's OS X password, the standard Windows authentication dialog pops-up preset to use frank's AD domain (my company\frank). However, after entering the new OS X password, it will not authenticate without changing the domain to local (.\frank). Basically, if a user in AD has the same User name and password in OS X, it will authenticate automatically regardless of the domain. If the passwords differ, authenticating to the OS X shares must be done from the local machine. (and slightly off topic - how come an OS X administrator can access the root drives on the Mac server from Windows when accessing the Mac shares even when they aren't shared? In other words, it will show all the shared folders from "File Sharing" plus whatever drives are mounted in OS X)

    Read the article

  • How to setup a 1 way trust, Windows Server 2008 R2

    - by MichaelOz
    I am on my home network and connect to workplace via a VPN. I have a DC on my home network (DC1 , domain = home). How can I setup a 1 way trust, so that I am able to run executables, such as SQL Management Studio using RunAs - then type in credentials for work domain? First question is, will a 1 way trust solve this, and can I set this up without bothering a network admin at workplace (assuming I have a domain account with enough permissions on work domain) If yes - any good step by step guide to setup 1 way trust? Server is Windows Server 2008 R2. As mentioned its DC running DNS Role too. Thanks in advance

    Read the article

  • What breaks in a Windows domain if a member has a high time skew?

    - by Ryan Ries
    It's taken for granted by most IT people that in a Windows domain, if a member server's clock is off by more than 5 minutes (or however many minutes you've configured it for) from that of its domain controller - logons and authentications will fail. But that is not necessarily true. At least not for all authentication processes on all versions of Windows. For instance, I can set my time on my Windows 7 client to be skewed all to heck - logoff/logon still works fine. What happens is that my client sends an AS_REQ (with his time stamp) to the domain controller, and the DC responds with KRB_AP_ERR_SKEW. But the magic is that when the DC responds with the aforementioned Kerberos error, the DC also includes his time stamp, which the client in turn uses to adjust his own time and resubmits the AS_REQ, which is then approved. This behavior is not considered a security threat because encryption and secrets are still being used in the communication. This is also not just a Microsoft thing. RFC 4430 describes this behavior. So my question is does anyone know when this changed? And why is it that other things fail? For instance, Office Communicator kicks me off if my clock starts drifting too far out. I really wish to have more detail on this. edit: Here's the bit from RFC 4430 that I'm talking about: If the server clock and the client clock are off by more than the policy-determined clock skew limit (usually 5 minutes), the server MUST return a KRB_AP_ERR_SKEW. The optional client's time in the KRB-ERROR SHOULD be filled out. If the server protects the error by adding the Cksum field and returning the correct client's time, the client SHOULD compute the difference (in seconds) between the two clocks based upon the client and server time contained in the KRB-ERROR message. The client SHOULD store this clock difference and use it to adjust its clock in subsequent messages. If the error is not protected, the client MUST NOT use the difference to adjust subsequent messages, because doing so would allow an attacker to construct authenticators that can be used to mount replay attacks.

    Read the article

  • Can I log into a Domain account without pointing DNS to the domain controller?

    - by user72593
    My situation is as follows: I have a Windows 2003 Domain Controller which is also my DNS server. I have 10 Windows XP Pro PC's which all login to domain accounts. I am about the forward my DNS requests to OPENDNS so I can regulate web access but I have (2) PC's that I would like to keep unregulated. I manually changed their DNS server IP to (8.8.8.8) which worked but that caused my login to fail (by creating a 3 minute delay before it would let me get to the desktop) when I change the DNS IP back to the IP of the Domain Controller, everything works smoothly. Question is, how can I continue to login to the domain but have a different DNS path...is this possible ?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 73 74 75 76 77 78 79 80 81 82 83 84  | Next Page >