Search Results

Search found 1232 results on 50 pages for 'dc'.

Page 34/50 | < Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >

  • Active directory 1355 0x54b ERROR_NO_SUCH_DOMAIN

    - by Elgreco08
    Hi! I have 3 domain controlers 2x 2008 1x 2003 server When i use the nltest /server:dcN.domain.local /sc_verify:domain.local i get: on the 2 of them OK status on one of them i get I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN i did some tests and when i moved the role "Domain Role Owner" from the server i had the error to another DC the error moved also is there any connection with the Domain role owner role? and the 1355 error? //// To be more clear about: dc1 server FMSO role "domain owner role" testing nltest /sc_verify:domain.local error: I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN dc2 server no FMSO role testing nltest /sc_verify:domain.local success now i move fmso domain owner rule to server DC2 dc1 server FMSO none testing nltest /sc_verify:domain.local sucess dc2 server FMSO role "domain owner role" testing nltest /sc_verify:domain.local error: I_NetLogonControl failed: Status = 1355 0x54b ERROR_NO_SUCH_DOMAIN

    Read the article

  • FIM 2010 GAL MA - It appears this forest is not exchange enabled.

    - by WooYek
    I am trying to configure a Management Agent (MA) for Global Address List (GAL) sync in FIM 2010. I cannot move to the next step from "Configure GAL" because of an error message saying "It appears this forest is not exchange enabled". Nothing I change on "Configure GAL" step is changing this behavior. I'am configuring a standalone test lab. I have a Windows 2008 R2 x64 Server, promoted to a DC and SQL 2008 SP1 installed, DNS is also running locally. I have tried to install Exchange 2010 and 2007, but there is no difference. AD MA works fine. Any ideas what did I screw up?

    Read the article

  • What can cause a DirectAccess IPSec Main Mode Error "no policy configured"

    - by Mike Haboustak
    We have Microsoft's DirectAccess VPN set up on Server 2008 R2 with end-to-edge security, and we're having trouble with the manage-out tunnel. The DirectAccess client has DC/DNS and intranet connectivity, it can ping/rdp/etc to intranet hosts. However connections originating from those same intranet hosts can only intermittently reach the client. At times it works fine, other times it doesn't. When an inbound (intranet to client) connection is attempted there's an IPSec Main Mode failure logged: Event 4653 with a failure reason of "No Policy Configured". I think that it may be related to the state of the intranet (corp) access tunnel, and an overlap in the configured subnets for those polices. I haven't figured out exactly what's different in the scenario where the connection works and where it does not.

    Read the article

  • How to fix error with "class" when creating a dhcp split-scope on Windows 2008?

    - by Jonas Stensved
    I'm trying to split a dhcp scope between a existing domain controller TTP01 and the new DC TTP02 to provide failover. I'm using the the wizard in DHCP [my scope] Advanced Split-scope. In the final step I get an error saying: Migration of Scope Options on Added DHCP Server: Failed Error: 0x00004E4C - The class name being used is unknown or incorrect. I can't find anything that seems to be wrong with my Scope Options settings, they are: Option Name Vendor Value Class 003 Router Standard 192.168.137.1 None 006 DNS Server Standard 192.168.137.2 None 015 DNS Domain Name Standard ttp.local None 060 PXEClient Standard PXEClient None I can't find any information about this error except this msdn article when searching. How do make it work?

    Read the article

  • ffmpeg XDCAM HD vtag profiles

    - by sebastian
    Hey guys sorry for disturbing you again, but these days I have a lot of work to do with ffmpeg. I found on http://code.google.com/p/ffmbc/wiki/XDCAMHD422Encoding vtag settings for XDCAM HD 422 and used them in my script, everything works fine for HD 422, now I am desperately searching for normal HD vtags and have found only one so far was xd3v for Apple XDCAM HD 1080i50 (35 Mb/s VBR) which I don't need because its interlaced. What I need are the vtags for 1080p24, 1080p25 and 1080p30. Here is the script I have found and adapted a bit: ffmpeg -threads "4" -i "$2" -pix_fmt yuv420p -vtag xdv3 -vcodec mpeg2video -r 25 -flags +ildct+ilme -top 1 -dc 10 -intra_vlc 1 -non_linear_quant 1 -qmin 1 -qmax 3 -lmin '1*QP2LAMBDA' -rc_max_vbv_use 1 -rc_min_vbv_use 1 -b 35000k -minrate 35000k -maxrate 35000k -bufsize 36408333 -bf 2 -aspect 16:9 -acodec pcm_s16be -vf scale=${FC_PARAM_width}:${FC_PARAM_height} "$3" If there are any other mistakes in the script, please correct me :)

    Read the article

  • an attempt was made to logon, but the network logon service was not started

    - by RodH257
    We've recently had a catastrophic raid failure on our servers, which were being backed up with shadow protect. After 3 days of copying I finally got our file server back in a VM. As we used a 'virtualboot' for the file server in the meantime, I effectively had two copies of the server on the network at once. In order to copy back the files that changed, I tried to rename the file server, and change its IP address (I should also mention, the file server is a backup DC). When I renamed it, it came up with an error, so I rebooted. Now I can't login, it says "an attempt was made to logon, but the network logon service was not started" I don't care if I have to recreate the Vm and reinstall windows, but I would like to be able to get the files off this VM. How can I get access to it?

    Read the article

  • ISA 2006 refuses VPN DHCP requests as spoofing

    - by Daniel
    I'm running ISA 2006 with PPTP VPN for my AD-controlled network. DHCP is located on the ISA server itself and authentication is done by RADIUS (NPS) located on the DC. Right now my VPN clients can connect, access local DNS, and can ping ISA, the DC, and other clients. Here's where it gets weird. I noticed that despite all this, ipconfig shows the following: PPP adapter North Horizon VPN: Connection-specific DNS Suffix . : Description . . . . . . . . . . . : North Horizon VPN Physical Address. . . . . . . . . : DHCP Enabled. . . . . . . . . . . : No Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 10.42.4.7(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : 0.0.0.0 DNS Servers . . . . . . . . . . . : 10.42.1.10 NetBIOS over Tcpip. . . . . . . . : Enabled So I went over and checked my ISA logs for both DHCP requests and replies, only to find out that my VPN clients are being denied because ISA thinks its a spoof. Here's some relevant information from the log (the VPN subnet is 10.42.4.0/24): Client IP: 10.42.4.6 Destination: 255.255.255.255:67 Client Username: (blank) Protocol: DHCP (request) Action: Denied Connection Rule: (blank) Source Network: VPN Clients Destination Network: Local Host Result Code: 0xc0040014 FWX_E_FWE_SPOOFING_PACKET_DROPPED Network Interface: 10.42.4.11 --------------------------------------------------------- Original Client IP: 10.42.4.6 Destination: 10.42.1.1 Client Username: (valid user) Protocol: PING Action: Initiated Connection Rule: Allow PING to ISA Source Network: VPN Clients Destination Network: Local Host Result Code: 0x0 ERROR_SUCCESS Network Interface: (blank) I wasn't sure what this 10.42.4.11 network interface was - it certainly wasn't something I had setup - untill I saw it in Routing and Remote Access under IP Routing General as an interface called "Internal" bound to the same IP address. I also noticed that since ISA takes blocks of 10 IP addresses from DHCP for VPN, it had reserved 10.42.4.2-11. I'm not sure if it means anything, though. Thanks for your help.

    Read the article

  • SSRS 2008 & MOSS 2007 Alternate Access Mapping Problem

    - by Mauro
    I have a MOSS Server with SSRS 2008 Ent Ed configured in Sharepoint Integrated mode. It all works well as http://servername:88/ on the default host header. MOSS works fine using the external host name too on the intranet AAM field (http://site.domain.com/) however SSRS fails on the same url with the message: An unexpected error occurred while connecting to the report server. Verify that the report server is available and configured for SharePoint integrated mode. I think the issue is further complicated by our Windows 2008 infrastructure in which we've never been able to get SPN's working for Kerberos. SQL Server however, is on the same machine so I dont think it is a kerberos double hop issue. Extra info MOSS/SSRS are on a VM running Windows 2003 R2 VM is hosted on Win2008 HyperV DC is on Windows 2008 SBS

    Read the article

  • "net time" returns system error 5, "Access is denied", even when run as administrator

    - by Andrew Grant
    I am trying to run net time on a Windows 7 box with an account that is part of the Administrators group. When I run the command net time from an elevated command prompt I get the following error: System error 5 has occurred. Access is denied. Why is this happening? I've looked at this Microsoft Knowledge Base article and have gone through the steps. Both the computer and the DC are connected to the same NTP server and I've verified they're synced I'm working on a local account so there should be no permissions issues There is no local firewall running

    Read the article

  • uploading a python site to httpdocs?

    - by daniel Crabbe
    OK - so we've agreed to host a python site, got the files and not sure where to go next. We use a dedicated server and manage it mainly with plesk which has a tick box for a python support but not sure what this does. This is all the info i have from previous hosts; 10,000 ft overview The site is intended to run on a Linux host, specifically Ubuntu Server (tho it should be fine on most distros). The web framework is CherryPy ( http://cherrypy.org/ ), which is a Python based framework. There is no database as such, instead the data is kept in JS files and loaded by the front end. nicholasbarker.com.c6a4facf0192/www/js/video_content_items.js is a prime example of this. The main site templates are in nicholasbarker.com.c6a4facf0192/www/templates/ They are Cheetah templates ( http://www.cheetahtemplate.org/ ) and here's the file structure i've been sent - Could some explain to me how i'd go about uploading and running this site... Any help welcome! Dc

    Read the article

  • Transferring FSMO roles over vpn

    - by Tom Bowman
    I have a server located at one of our offices which is quite old and is due to be upgraded soon, this server holds the FSMO roles, I have another server in another office, both are DC's in the same domain and both are replicated, both run Server 2003 standard. I need to transfer the FSMO roles from the old server to the the one I have in the other office before I upgrade. Also I am looking at bringing in Exchange 2010 server however I cant install/configure that until I transfer the roles as it needs to be at the same site as the schema master. My question really is as both servers replicate over a vpn, how quickly will the roles transfer and will there be downtime as I need to make sure that while the transfer is running, both servers will service logon's and share files. or would it be better to do it out of hours? many thanks and apologies if I've missed out anything Regards Tom

    Read the article

  • Add server 2008 to 2003 domain schema upgrade failed

    - by Ken
    I'm trying to add a server 2008 r2 server to an existing 2003 domain (upgraded to 2003 functionality). I've followed the steps from microsoft which are clarified by this post: 2003 DC AD upgrade to 2008 on second server migration plan While running adprep /forestprep I lost my connection and wasn't able to resume or remote control that session, so I couldn't see the end result of the command. Rerunning adprep /forestprep indicates that the process has already been completed successfully. After finishing the rest of the steps (/domainprep ... and /gpprep, etc), the 2008 server won't join. The error message is the same "you need to run forestprep first" So the situation I'm in is that I can't rerun /forestprep, but my Registry key still reads schemaVer=30. Should I have staged forest upgrades? Any ideas how to get my schema ver to 44 at this point?

    Read the article

  • New set up DHCP Server on Server 2008 R2 won't work, Event-ID 1046

    - by Ian
    I just set up a 2008 R2 as DC, and DNS. Both worked fine, DNS works fine forward and reverse lookup. Now I wanted to install DHCP. As soon as the installation of the role is finished, I get this Event-ID Error 1046: Link When I first set it up there was also a Event-ID 1059 Error: Link The dhcp server is authorized. I don't know what else I should do. Getting crazy here, hope you guys can help me.

    Read the article

  • Cyrus on CentOS with sasl / pam / ldap

    - by Oscar
    SASL/PAM/LDAP is driving me crazy... that's what I read a lot when googling for problems in this area, and what I experience myself :-S I'm trying to get Cyrus imap working for virtual hosting on CentOS with this authorisation backend and really don't know what's happening. In saslauthd I configured the LDAP search filter to use, but it looks like pam completely ignores it. Here's what I do for testing (done more tests but all with similar results): [root@testserv ~]# imtest -u [email protected] -a [email protected] WARNING: no hostname supplied, assuming localhost S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS] testserv. Cyrus IMAP4 v2.3.7-Invoca-RPM-2.3.7-7.el5_6.4 server ready C: C01 CAPABILITY S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH S: C01 OK Completed Please enter your password: C: L01 LOGIN [email protected] {6} S: + go ahead C: <omitted> S: L01 NO Login failed: authentication failure Authentication failed. generic failure Security strength factor: 0 C: Q01 LOGOUT * BYE LOGOUT received Q01 OK Completed Connection closed. The LDAP entry does exist (and so does the mailbox in Cyrus): [root@testserv ~]# ldapsearch -WxD cn=Manager,o=mydomain,c=com [email protected] Enter LDAP Password: # extended LDIF # # LDAPv3 # base <> with scope subtree # filter: [email protected] # requesting: ALL # # myuser, accounts, testserv.mydomain.com, mydomain, com dn: uid=myuser,ou=accounts,dc=testserv.mydomain.com,o=mydomain,c=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: shadowAccount uidNumber: 16 uid: myuser gidNumber: 5 givenName: My sn: Name mail: [email protected] cn: My Name userPassword:: dYN5ebB0fXhNRn1pZllhRnJX7Uk= shadowLastChange: 15176 homeDirectory: /dev/null # search result search: 2 result: 0 Success # numResponses: 2 # numEntries: 1 This is what I get in /var/log/messages Aug 2 04:00:11 testserv cyrus/imap[12514]: auxpropfunc error invalid parameter supplied Aug 2 04:00:19 testserv saslauthd[5926]: do_auth : auth failure: [[email protected]] [service=imap] [realm=testserv.mydomain.com] [mech=pam] [reason=PAM auth error] ... /var/adm/auth.log Aug 2 04:00:11 testserv cyrus/imap[12514]: auxpropfunc error invalid parameter supplied Aug 2 04:00:11 testserv cyrus/imap[12514]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb Aug 2 04:00:19 testserv saslauthd[5926]: DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module Aug 2 04:00:19 testserv saslauthd[5926]: do_auth : auth failure: [[email protected]] [service=imap] [realm=testserv.mydomain.com] [mech=pam] [reason=PAM auth error] (AFAIK I can ignore the auxprop msg) ... and /var/log/slapd.log: Aug 2 04:00:19 testserv slapd[5968]: conn=61 fd=27 ACCEPT from IP=127.0.0.1:51403 (IP=0.0.0.0:389) Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=0 BIND dn="" method=128 Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=0 RESULT tag=97 err=0 text= Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=1 SRCH base="o=mydomain,c=com" scope=2 deref=0 filter="([email protected])" Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=1 SEARCH RESULT tag=101 err=0 nentries=0 text= Aug 2 04:00:19 testserv slapd[5968]: conn=61 op=2 UNBIND Aug 2 04:00:19 testserv slapd[5968]: conn=61 fd=27 closed These are the settings in In /etc/imapd.conf: sasl_mech_list: PLAIN LOGIN sasl_pwcheck_method: saslauthd ## sasl_auxprop_plugin: sasldb sasl_auto_transition: no and my sasl config: [root@testserv ~]# cat /etc/sysconfig/saslauthd # Directory in which to place saslauthd's listening socket, pid file, and so # on. This directory must already exist. SOCKETDIR=/var/run/saslauthd # Mechanism to use when checking passwords. Run "saslauthd -v" to get a list # of which mechanism your installation was compiled with the ablity to use. MECH=pam # Additional flags to pass to saslauthd on the command line. See saslauthd(8) # for the list of accepted flags. FLAGS="-c -r -O /etc/saslauthd.conf" [root@testserv ~]# cat /etc/saslauthd.conf ldap_servers: ldap://127.0.0.1/ ldap_search_base: dc=%d,o=mydomain,c=com ldap_auth_method: bind #ldap_filter: (|(uid=%u)((&(mail=%u@%d)(accountStatus=active))) ldap_filter: (&(mail=%u@%d)(accountStatus=active)) ldap_debug: 1 ldap_version: 3 The accountStatus=active is not in ldap yet, but that doesn't make a difference since I don't see it in the filter... that's not the reason for the failure. The weird thing is, I do get an error when I rename or remove /etc/saslauthd.conf, but when the file exists it seems happily ignored... The filter in slapd.log seems to be taken from /etc/ldap.conf. Apart from some timers, that only contains: host 127.0.0.1 base o=mydomain,c=com pam_login_attribute mail Outcommenting the pam_login_attribute results in this filter in slapd.log: filter="([email protected])" Pam-imap looks like this: [root@testserv ~]# cat /etc/pam.d/imap auth required pam_ldap.so debug account required pam_ldap.so debug #auth sufficient pam_unix.so likeauth nullok #auth sufficient pam_ldap.so use_first_pass #auth required pam_deny.so #account sufficient pam_unix.so #account sufficient pam_ldap.so The outcommented stuff is because I don't have the cyrus admin user in Ldap; that's a Linux user. That works fine when uncommented, but I still need to play around with that a little and first I wanna get imap working. Finally nsswitch: [root@testserv ~]# cat /etc/nsswitch.conf # # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # nisplus or nis+ Use NIS+ (NIS version 3) # nis or yp Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # db Use the local database (.db) files # compat Use NIS on compat mode # hesiod Use Hesiod for user lookups # [NOTFOUND=return] Stop searching if not found so far # # To use db, put the "db" in front of "files" for entries you want to be # looked up first in the databases # # Example: #passwd: db files nisplus nis #shadow: db files nisplus nis #group: db files nisplus nis passwd: compat ldap group: compat ldap shadow: compat ldap hosts: files dns bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc: files services: files netgroup: nisplus publickey: nisplus automount: files nisplus aliases: files nisplus Any info where to start looking will be greatly appreciated! Thnx in advance

    Read the article

  • Certificate Template Missing from "Certificate Template to Issue"

    - by Adam Robinson
    I'm having a problem similar to that posted in this question: Missing Certificate template From certificate to issue The short version is that I've created a duplicate certificate template and I'm trying to add it to my domain CA so that I can issue certificates with it. However, when I go into the Certification Authority MMC and go to "Certificate Templates - New - Certificate Template To Issue", my template is missing (along with quite a number of other templates that are present in the domain). Unlike the previous question, however, my CA is running on Server 2008 R2 Enterprise. Our organization has a single DC and a single CA, so I'm not seeing where there could be propagation delay. Any ideas how to get my template to show so that I can issue certificates?

    Read the article

  • Distributing Files using a Group Policy on Windows Server 2003

    - by tonedeath
    A piece of software that we use at our office has recently moved to a new licensing system. This means that from now on a new set of license key files will need to be distributed to each of our 25 client installations every year. All of the clients run XP and are part of an AD domain controlled by a Windows 2003 DC. I'm already using group policies to deploy software updates. I gather that this is possible with Group Policy Preferences in Server 2008. I'm just looking for a good method using Server 2003. The same set of files need copying to each client. I also have them hosted on a network share accessible by each client. I'm more of a *nix person, so I'm not particularly up on scripting in a Windows environment.

    Read the article

  • Cannot create a new domain in an existing active directory forest

    - by Mackenzie Carr
    I have a domain controller setup on Windows Server 2008 R2 (Forest) and I have another Windows Server 2008 R2 (New Domain) and I want to create a new domain in an existing forest. I get the following error: An Active Directory domain controller for the domain mackdev.mackenziecarr.com could not be contacted The error was "no records found for the given DNS query" The query was for the SRV record for: _ldap._tcp.dc._msdcs.mackdev.mackenziecarr.com I've seem to have tried everything even tried adding this record to the DNS server of the primary forest. I even successfully joined this server to the domain without any issues but trying to create a new domain under the existing forest is no luck. The primary forest I.P. address is 192.168.2.20 the server that I am using to try to make a child domain is 192.168.2.21 My ipconfig are as follows: I.P. Address: 192.168.2.21 Subnetmask: 255.255.255.0 Gateway: 192.168.2.1 Primary DNS: 192.168.2.20

    Read the article

  • Duplicate of Certificate Templates does not appear in Certificate Template to Issue

    - by Sean
    I'm following what should be simple instructions to enable LDAP SSL on our domain controller (instructions here). Duplicating the Kerberos certificate is successful however, when attempting to select "Certificate Template to Issue", the created certificate does not appear. What gives? A long time ago, I actually completed this step on a now decommissioned DC with no problem. Our environment is Windows Server 2008 Standard, and we have two domain controllers. Only one has the role of certificate authority. I look forward to any help here, thank you ahead of time.

    Read the article

  • prevent domain controller using wpad for windows update

    - by BeowulfNode42
    We have a 2012 domain controller in an environment where we are running a web proxy auto discovery (WPAD) setup for client devices, and that proxy server requires authentication. However windows update does not support proxy servers requiring authentication. So we want to prevent windows update on our servers from using the WPAD proxy settings. On a domain member server we can log in to the local administrator account (not domain admin) and un-tick the the "Auto detect proxy settings" in IE internet options and that fixes the issue on those servers. But a domain controller does not have a local admin account, as that account is the domain admin account. Doing this to the domain admin account on the DC does not prevent it from using WPAD. Our whole purpose of running a proxy server that requires authentication is so we can identify what the users on our session based remote desktop servers are doing on the internet. See this MS KB Article for some info about Windows update and proxy servers "How the Windows Update client determines which proxy server to use to connect to the Windows Update Web site" - http://support.microsoft.com/kb/900935

    Read the article

  • Slow logins with roaming profiles

    - by tliff
    We are running an ActiveDirectory environment with Windows 2008 as DC and Samba 3.3 as fileserver, using roaming profiles. Some of our offices are connected to HQ via slowish links (1/2 Mbit). Naturally this is not very fast but that was expected. What I do not understand is, that if a user logs out (taking a long time to sync, as expected) and then logs in again the next day it also takes a long time to login. And that is what I don't understand. Shouldn't the sync recognize that nothing has changed rather quickly? Also: Is there any decent docu on how the synchronization is implemented?

    Read the article

  • Disk Redundancy across different server

    - by Mascarpone
    I have 3 servers, all with the same specs: Intel CPU 8 GB RAM Linux or BSD Single 2TB desktop SATA with more than 10K Hours of operation, with only less than 300 GB Used My provider cannot install a second hard drive, but can guarantee me that the drive will be replaced immediately in case of failure, with another equally crappy drive. The likelihood of drive failure is high, and since I can't use RAID, I was thinking about keeping a back up of each machine on all the other machines, so that there are always 2 copies on 2 different drives, plus the original. I would synchronize the drives every hour, with rsync, to guarantee some sort of redundancy, since bandwidth inside the DC is free, so it would be much cheaper than offsite backup. (A daily offiste backup is kept anyhow). What do you think? Any suggestion?

    Read the article

  • Require TLS on RDP for all connections

    - by MarkM
    I have a 2008 DC and a 2008 AD CS server and a Windows 7 client. What I would like is to require the certificate to be used when RDPing to the server. The certificate is valid, and if I connect using the FQDN I am shown that i was authenticated by both the certificate and Kerberos as expected. When I connect with just the hostname I am allowed to connect and am only authenticated by Kerberos, even though I have Require TLS 1.0 set on the server that I am RDPing to. I fully understand that the certificate will not be valid unless the server is accessed by FQDN, what I want to do is disallow connections that do not use the certificate AND Kerberos. I thought that setting Require TLS 1.0 would do it. What am I missing?

    Read the article

  • Roaming profile migration failed using Windows explorer manual copy

    - by Albert Widjaja
    Hi All, I'm at the final stage of migrating an old demoted DC server, now I'm stuck in migrating/copying the roaming profiles of the users from the old win2k server (oldServer1) into the new win2k3 server (newServer1) there are lots of profiles which points into the old server: \\oldServer1\profiles\user1 \\oldServer1\profiles\user2 \\oldServer1\profiles\user3 . . . \\oldServer1\profiles\userN in the ProfilePath I'd like to move it into: \\newServer1\profiles\user1 \\newServer1\profiles\user2 \\newServer1\profiles\user3 . . . \\newServer1\profiles\userN I tried to copy paste from my DOMAIN\Administrator account but it is failed to copy ? i cannot even browse inside the directory of user1 until userN ? is there any fastest way to do the copy process rather than "taking ownership" for each of those directory one by one ? [hopefully by taking ownership the user will still be able to use their profile normally] Thanks.

    Read the article

  • Should I install an AV product on my domain controller?

    - by mhud
    Should I run a server-specific antivirus, regular antivirus, or no antivirus at all on my servers, particularly my Domain Controllers? Here's some background about why I'm asking this question: I've never questioned that antivirus software should be running on all windows machines, period. Lately I've had some obscure Active Directory related issues that I have tracked down to antivirus software running on our domain controllers. The specific issue was that Symantec Endpoint Protection was running on all domain controllers. Occasionally, our Exchange server triggered a false-positive in Symantec's "Network Threat Protection" on each DC in sequence. After exhausting access to all DCs, Exchange began refusing requests, presumably because it could not communicate with any Global Catalog servers or perform any authentication. Outages would last about ten minutes at a time, and would occur once every few days. It took a long time to isolate the problem because it was not easily reproducible and generally investigation was done after the issue resolved itself.

    Read the article

  • Explanation of WCF application life cycle in IIS 6 hosting environment.

    - by David Christiansen
    Hi all and thanks for reading, I have a delay issue where my application takes a long time to start up when first called after an determinate period since the last call. The web application is a WCF service and we are talking about a delay of ~18seconds before the actual processing starts. Now, I believe I know how to reduce this delay so that is not my question (it's more a stackoverflow deal anyway) My question is, Can anyone explain to me why is it that despite me disabling worker process shutdown, and worker process recycling the application still 'winds down' after a indeterminate period of time of inactivity? To understand this I need to know more about the innerworkings of WCF services hosted in IIS. I fully expect there to be a straight forward answer to this. Thank you v. much for any help you may offer, DC

    Read the article

< Previous Page | 30 31 32 33 34 35 36 37 38 39 40 41  | Next Page >