Search Results

Search found 20796 results on 832 pages for 'active window'.

Page 69/832 | < Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >

  • Should I install an AV product on my domain controller?

    - by mhud
    Should I run a server-specific antivirus, regular antivirus, or no antivirus at all on my servers, particularly my Domain Controllers? Here's some background about why I'm asking this question: I've never questioned that antivirus software should be running on all windows machines, period. Lately I've had some obscure Active Directory related issues that I have tracked down to antivirus software running on our domain controllers. The specific issue was that Symantec Endpoint Protection was running on all domain controllers. Occasionally, our Exchange server triggered a false-positive in Symantec's "Network Threat Protection" on each DC in sequence. After exhausting access to all DCs, Exchange began refusing requests, presumably because it could not communicate with any Global Catalog servers or perform any authentication. Outages would last about ten minutes at a time, and would occur once every few days. It took a long time to isolate the problem because it was not easily reproducible and generally investigation was done after the issue resolved itself.

    Read the article

  • Linux - How to control Winbind Authentication cache timeout

    - by cybervedaa
    I have configured my linux machines (running CentOS 5.2) to authenticate against a Windows server running Active Directory. I have even enabled winbind offline logon. Everything works as expected, however I'm also looking to impose a TTL for the winbind authentication cache. So far all I found was the below snippet from the samba documentation winbind cache time (G) This parameter specifies the number of seconds the winbindd(8) daemon will cache user and group information before querying a Windows NT server again. **This does not apply to authentication requests**, these are always evaluated in real time unless the winbind offline logon option has been enabled. Default: winbind cache time = 300 Clearly the winbind cache time parameter does not control the cache TTL for authentication requests. Is there any other way I can implement a cache timeout for winbind authentication requests? Thank you

    Read the article

  • Authenticating Linux users against AD without Likewise Open

    - by Graeme Donaldson
    Has anyone got their Linux systems authenticating against Active Directory without using Likewise Open? We are close to implementing Likewise Open, but first we need to rename roughly 70 of 110 Linux servers so that their hostnames are not longer than 15 characters. This is required because Likewise Open actually joins the Linux computer to the domain, and it fails to do so if the hostname is too long due to some legacy NetBIOS naming limitation. Is there a way to authenticate via AD, using only LDAP perhaps? What are the advantages/disadvantages over doing it like that vs just using Likewise?

    Read the article

  • Best way to find the computer a user last logged on from?

    - by Garrett
    I am hoping that somewhere in Active Directory the "last logged on from [computer]" is written/stored, or there is a log I can parse out? The purpose of wanting to know the last PC logged on from is for offering remote support over the network - our users move around pretty infrequently, but I'd like to know that whatever I'm consulting was updating that morning (when they logged in, presumably) at minimum. I'm also considering login scripts that write the user and computer names to a known location I can reference, but some of our users don't like to logout for 15 days at a time. If there is an elegant solution that uses login scripts, definitely mention it - but if it happens to work for merely unlocking the station, that would be even better!

    Read the article

  • How to install Microsoft Exchange 2007 as a member server

    - by O_O
    I am trying to install Microsoft Exchange 2007 to a Windows Server 2003 as a member server. I already have a Windows Server 2008 as my domain controller. I'm having a hard time figuring out what is needed to prepare the machine for Exchange 2007 installation. My specific question is: While following the procedures here in the TechNet Library , do I still need to go through with the section "How to Prepare Active Directory and Domains" and do the following commands if I am making it a member server and NOT a domain controller? ie.. setup /ps setup /p /on: setup /PrepareDomain: Thank you.

    Read the article

  • windows 2008 always keep local dns in first

    - by user3085220
    I have a windows 2008 system and it always keep ::1 in first of the dns setting. I can see the following in "ipconfig /all": DNS Servers . . . . . . . . . . . . : ::1 8.8.8.8 8.8.4.4 and "Obtain dns server address automatically" option in network interface setting is disabled. I installed active directory once and uninstalled now, I think it's the reason. But I can't find any answer from google or bing how to fix.

    Read the article

  • Try exchange in real domain

    - by AndreaCi
    We (as a company) 'd like to try exchange server to replace our mail server. I downloaded the demo version from Microsoft website, but during the installation it wants administrator access to domain to edit the Active Directory database structure. The test will last for (at least) a month to see if it will bring real advantages to our management systems. Here is my question: Is it "dangerous"? If I uninstall the exchange server everything will be reverted to previous state? I'm kind of "scared" about the changes he may apply to our domain controllers.

    Read the article

  • Error setting up Data Protection Manager 2010 Agents / Network "Unauthenticated" in network settings

    - by Bowsa
    I'm not sure if the two are connected but i suspect they are. Basically I'm tring to setup Data Protection Manager 2010 on a fresh install of Server 2008 R2 in a SBS 2003 domain. Everything went fine until trying to install agents across the network. Upon clicking add, i get the following error message: Unable to connect to the Active Directory Domain Services Database. Make sure that the DPM server is a member of a domain and that the controller is running. Also verify that there is network connectivity between the DPM server and the domain controller. ID: 7 As usual (worryingly) the MSDN support for 2010 products is nearly non existant, clicking the error ID simply gives a page not found error. So after 2 days of Googling and trying various fixes (DNS settings, adding permissions to GPO objects, rejoining the domain and many more) I thought I'd ask here in the hope that someone out there may have had this issue before. Any help greatly appreciated!

    Read the article

  • How to execute everything in the Local Area Network

    - by matnagel
    We have a very small LAN here, but some peolpe here think we need Active Directory, though nobody knows how to maintain it. I am not in the position to change this. How can I get full access (on Linux it would be "execute" rights) also for files on network drives (the files are just on another machine next room) My account is in the group Administrators on a windows 2003 server Domain Controller. I cannot open simple MS Access 2000 Databases or CHM Files from network drives in the lan How to do that? Some policy setting? I want to change that once. It is useless. We have no distinction between local or network files here. I would have to copy everything to a local drive and then do what I want.

    Read the article

  • PKI Issuing CA on Domain Controllers

    - by dunxd
    I am setting up a PKI which will initially be used internally. As we may grow our use of this I have opted for a three tier hierarchy - Offline Root and Policy CAs (one Policy CA at the moment for internal use), and online issuing CAs. We had initially discussed using our Domain Controllers as the Issuing CAs rather than setting up dedicated ones. I am now starting to have doubts about whether it is a good idea to have our DCs do certificate issuing. We have less than 1000 users, so our DCs aren't hugely taxed. Does anyone have any suggestions for or against doing this? We are currently running Windows 2003 Active Directory, but will be upgrading to Windows 2008 in the coming year. I'm setting up Windows 2008 PKI.

    Read the article

  • trying to install lync 2010 and experiecing an error with central management store

    - by Itai Ganot
    I'm trying to install Lync 2010 and i'm getting stuck in the stage where i have to install or point to the local configuration store. I've tried finding it in the domain and without luck, any recommendations? PS C:\Users\Administrator.ASUTA> Get-csconfigurationstorelocation WARNING: No Configuration Store location has been set. PS C:\Users\Administrator.ASUTA> Get-CsComputer "$env:computername.$env:userdnsd omain" Get-CsComputer : Cannot find location of Central Management Store in Active Dir ectory. At line:1 char:15 + Get-CsComputer <<<< "$env:computername.$env:userdnsdomain" + CategoryInfo : ResourceUnavailable: (:) [Get-CsComputer], Manag ementStoreNotFoundException + FullyQualifiedErrorId : ManagementStoreNotFound,Microsoft.Rtc.Management .Xds.GetComputerCmdlet PS C:\Users\Administrator.ASUTA>

    Read the article

  • Outlook 2007 GAL Phone List

    - by s15199d
    I just spent a lot of time populating Phone Numbers and Fax Numbers in our GAL/Active Directory. The goal of which was to replace our static *.xlsx file that we use as a corporate phone directory. I know I can see the GAL by clicking on the To... button, and I can see more specific info for a particular user, by adding them as a recipient and double-clicking their name in the To: field. Is there any way (inside Outlook) to have a laundry-list view of all users and phone/fax/mobile/address similar to the phone list view for contacts? Are there any other tools that might provide this functionality. I've used a GAL web interface before, but that cost $ and as I recall was challenging to manage.

    Read the article

  • ISC Bind support for GSS-TSIG DDNS Updates?

    - by netlinxman
    First, has anyone EVER configured ISC bind 9.5.0 OR greater with support for GSS-TSIG Dynamic DNS Updates AND gotten it to work? If so, what is the configuration that was used to make that happen? I feel close to having this working. I see that GSS cred passes w/o apparent error during the TKEY negotiation with an Active Directory DC and the BIND DNS server: client 192.168.0.30#52314: query gss cred: "DNS/[email protected]", GSS_C_ACCEPT, 4294967256 gss-api source name (accept) is [email protected] process_gsstkey(): dns_tsigerror_noerror client 192.168.0.30#52314: send But, when the Update is sent, it is refused: client 192.168.0.30#58330: update client 192.168.0.30#58330: updating zone 'example.com/IN': update failed: rejected by secure update (REFUSED) client 192.168.0.30#58330: send Does anyone have this working in the real world?

    Read the article

  • How to deploy SQL Server 2005 Reporting Services on a network without a domain server?

    - by ti
    I have a small Windows network (~30 machines) and I need to deploy SQL Server 2005 Reporting Services. Because I use SQL Server Standard Edition and not Enterprise, I am forced to use Windows Authentication to the users. I am a Linux admin, and have near zero knowledge on Active Directory. As deep as my shallow knowledge goes, I think that I would need to invest in a domain server, a mirrored backup of that domain server. I think that I need to change every computer to use this domain too, and if the domain server goes down, every computer will be unavailable. Is there a easier way to deploy Windows Authentication so that users can access Reporting Services from their computers without changing the infra-structure that much? Thanks!

    Read the article

  • Can't make updates with LDAP from Linux box to Windows AD

    - by amburnside
    I have a webapp (built using Zend Framework - PHP) that runs on a Linux environment which needs to authenticate against Active Directory on a Windows server. So far my webapp can authenticate with LDAPS, but cannot perform any kind of write operation (add/update/delete). It can only read. I have configured my server as follows: I have exported the CA Certificate from my Windows AD server to /etc/opendldap/certs I have created a pem file based on this certificate using openssl I have update /etc/openldap/ldap.conf so that it knows where to look for the pem certificate: TLS_CACERT /etc/openldap/certs/xyz.internal.pem When I run my script, I get the following error: 0x35 (Server is unwilling to perform; 0000209A: SvcErr: DSID-031A1021, problem 5003 (WILL_NOT_PERFORM), data 0 ): Have I missed something with my configuration, which is causing the server to reject making updates to AD?

    Read the article

  • Service Accounts LastLogonTimestamp

    - by Ryan Ries
    In an Active Directory domain, if I configure a Windows service on a domain member computer to start with an AD user account (aka "ye olde service account",) and the then the service stays running but I don't restart the service or reboot the machine for a year... does the LastLogonTimestamp of the service account's user object continue to update? Edit: If you say "it depends on the service," then use MS SQL Server as an example. I set MSSQL Engine to run as contoso\sql-service. Then I leave it alone for a year.

    Read the article

  • Cannot Login to SBS 2008

    - by Ryan Holt
    Hi All, I'm hoping someone has an answer for me... I installed a new Microsoft SBS 2008 server last week and everything appeared to be working normally. I went to reboot the server yesterday to finish the install for Microsoft Windows Installer 4.5 and upon reboot could no longer login to the server via either RDP or local console. The error message I get states that there are no logon servers available to service the logon request. I'm able to login to the server fine via Safe Mode with Networking but cannot login via a normal method. The server is currently at SP1. I attempted to install SP2 inside of safe mode after enabling the installation services via a registry edit but the install failed and rolled back after 2 or 3 hours. It appears that one of the services is not starting for some reason. I believe it's LSASS but can't actually login to see the active services during a normal boot. Does anyone have any suggestions?

    Read the article

  • reverse nslookup fails for single machine

    - by matt wilkie
    I have a computer on a windows Active Directory network for which reverse dns lookup fails. It doesn't matter which machine runs the lookup. The problem computer is a debian vm on a windows server 2003 host. >nslookup wiki.dept Server: primary.internal.domain.org Address: 192.111.222.44 Name: wiki.dept.internal.domain.org Address: 192.111.111.185 >nslookup 192.111.111.185 Server: primary.internal.domain.org Address: 192.111.222.44 *** primary.internal.domain.org can't find 192.111.111.185: Non-existent domain Contents of /etc/resolv.conf on the debian guest: nameserver 192.111.111.244 nameserver 192.111.222.44 search internal.domain.org What is wrong? how do I get ip-to-name resolution to work for this machine? Thank you.

    Read the article

  • How to execute files on LAN drives in a Windows Domain

    - by matnagel
    We have a very small LAN here, but some peolpe here think we need Active Directory, though nobody knows how to maintain it. I am not in the position to change this. How can I get full access (on Linux it would be "execute" rights) also for files on network drives (the files are just on another machine next room) My account is in the group Administrators on a windows 2003 server Domain Controller. I cannot open simple MS Access 2000 Databases or CHM Files from network drives in the lan How to do that? Some policy setting? I want to change that once. It is useless. We have no distinction between local or network files here. I would have to copy everything to a local drive and then do what I want.

    Read the article

  • AD Users outside the building

    - by gammaRED
    I've never had a customer ask me this, but they keep insisting if they have Active Directory and a Domain, that mobile[road warriors] users will not be able to login to their laptops if they are at home or away from the office. I told them that is would use "cache" creds to do this. Am I right or wrong? I've been told this and found a couple of forums saying the same thing. What is really going on and how are the laptops able to do this?

    Read the article

  • The security database on the server does not have a computer account for this workstation trust relationship

    - by alex
    I have a Server 2008 machine called OTTO I recently, by mistake, booted up an old machine, also called OTTO (the hardware was unstable, so the new one was set up to take it's place) I shut down the old machine, turned it off, and recycled it (it won't ever be back on) Now, whenever i try to log in to the real OTTO with the domain account (mydomain\Administrator) i get the following error: The security database on the server does not have a computer account for this workstation What can I do to fix this? It doesn't appear in active directory any more I've added it, but I'm guessing this had no effect, due to a different SID I can log in as the local administrator however

    Read the article

  • Split DNS clarification

    - by RidableCthulu
    I need some clarification if I understood this correctly. I've been reading about Active Directory and naming my domain, and the reason Microsoft didn't suggest using external public domain was DNS Split. If I understood correctly (and please correct me if I did) in this case I have two Domain Name Servers, both doing the same job, but one of them is internal (in my company i.e.) and the other is a public one. Did I misunderstand this and if I did could somebody explain this to me? I hope this question is not too broad for this site! Cheers.

    Read the article

  • APIPA ip address in server 2003 dns for (same as parent folder record) can anyone suggest why this i

    - by dasko
    have a server 2003 domain controller i have installed active directory integrated dns under the forward lookup zone for domain_name.local i see an APIPA ip address that is set for (same as parent folder) with ip number 169.x.x.x looks like (same as parent folder) Host A 169.x.x.x (apipa subnet range) problem is, from other forums that i have read, that this is due to dual nics and one on that is not getting a dynamic or static ip address BUT... I only have one nic in this server? where could this be coming from and could it mess up other settings or not allowing the DC to be contacted? i am just wondering what symptoms could arise due to the record being there. any help would be greatly appreciated thanks.

    Read the article

  • Exchange 2010 install locks out high level accounts

    - by tearman
    Basically, when we installed Exchange 2010 alongside our Exchange 2003 server (we assume), this is what caused our problem. The Exchange 2010 server is not active, just running on the domain. What's actually going on is that user groups like Enterprise Admins are getting a single deny flag on Full Control over mailboxes currently residing on the Exchange 2003 server which is preventing any of us from making changes. It says these permissions are inherited from the Parent Object, but we have no idea which one that is. Any idea on how to go about fixing this?

    Read the article

  • Publishing and setting permissions to a Linux share to AD

    - by blsub6
    I have a Linux share that I want to publish to users on my Active Directory domain. I'd like to be able to control the permissions to access that share using security groups. So say I have a share named "Share" on my Linux machine named "Linux" with IP address 192.168.1.2. I publish \\192.168.1.2\Share in AD and make it so that only people who are part of the "IT" security group can access it. What's to stop anyone who's not in the "IT" security group from just going to explorer and typing in \\192.168.1.2\Share or \\Linux\Share into their Explorer to access this share? Do I need to set up permissions on the Linux file server?

    Read the article

< Previous Page | 65 66 67 68 69 70 71 72 73 74 75 76  | Next Page >