Over 1 million tech questions and answers.

Saving a Domain Controller Users Listing

Q: Saving a Domain Controller Users Listing

Is it possible to save the results of a people/user search on a domain server? I would like to transfer every user to my address book or at the least save it to some type of file.

Thanks,
tekyamaster

Read other answers
RELEVANCY SCORE 200
Preferred Solution: Saving a Domain Controller Users Listing

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

RELEVANCY SCORE 74.8

My server is a domain controller thus i cannot add users with admin rights and so i cannot use lusrmgr.msc to add or change... i've added the user i want =active directory>users> and added the user and set it to admin..but when loged onto does not have the admin rights... learned that this was becuiase it was a domain controller
 

A:Add users to domain controller server

Correct, the DC admin has the keys to the kingdom and can create a user-id with/without admin privs.

Unless the admin is your very best friend, I would expect exactly what you are reporting.
 

Read other 7 answers
RELEVANCY SCORE 70

I have a Machine with windows 7 x64 pro which was connected to a domain controller that is dead and not available anymore.
I want to continue to use this computer standalone and keep all the software and configurations already installed, however i need to change my pass and i am not able to do it getting this msg : configuration
information could not be read from the domain controller, either because the machine is unavailable, or because access is denied.
How can i solve this (change the pass or copy all the user settings to local) without the domain controller server?
thank you
vitor

Read other answers
RELEVANCY SCORE 65.6

What does it mean (in layman's terms) when you see this message in ATA?
<computer A> was queried by one or more users from <computer B> using SAMR against <domain controller> 
I am seeing this every four hours in our network/domain. 

Read other answers
RELEVANCY SCORE 61.2

Our ATA Center shows directory data for all of our groups except for the really important ones - Domain Admins, Enterprise Admins, Schema Admins, etc. I've verified that the Directory Services account successfully connects and has read access on the groups.
All other ATA functions appear to be working properly. Anyone here have any ideas?
We are running version 1.9.7412.9649

Read other answers
RELEVANCY SCORE 60

I am trying to add a win 7 pro pc to a domain and I get this error " an attempt to resolve the DNS name of a domain controller in the domain being joined has failed"
I am running win server 2003 can anyone help?

A:error an attempt to resolve the DNS name of a domain controller in the domain being joined has failed

Ok I got it to work I put in the DNSserver address agine same as I did yesterday ( I must have put it in 3 or 4 times) and it din''t work I did it agine today and it worked the frist time. Thank you every one for your help
 
Derrick

Read other 13 answers
RELEVANCY SCORE 60

dear all

i have a problem in adding addtional domain controller in my forest domain.

when i try to add additional; domain controller after working few miniutes it gives meessage THE ACTIVE DIRECTORY WIZARD IS UNABLE TO CONVERT THE COMPUTER TO DOMAIN CONTROLLER ACESSES DENIED

ENTER THE USER NAME AND PASSWORD OF AN ACCOUNT WITH SUFFFICIENT PREVILAGE TO CREATE AN ADDITIONA DOMAIN CONTROLLER .

But the user name has full permission he is administrator

please help me
 

Read other answers
RELEVANCY SCORE 59.2

Hello everyone,

So on my work laptop yesterday i got disconnected from the network, and upon trying to reconnect i had internet access but no network access, ran through some diag, was able to ping my other work station, ip,dns and dg where all fine, checked for dns records issue, none found. so i removed it from the domain and tried re-adding it, and this is where the problem is no matter what i do i cannot add this laptop on the domain. i get full internet access on the network but no network access. i know the Dns server is functioning perfectly and cant be the issue, i have also flushed dns, rebuilt tcp/Ip stack and removed all lan and wlan profiles. i am also getting a certificate error when trying to access the network on wlan.

Using my local admin here are some print screens of first the issue when trying to add the laptop back to the domain, then Ping results to my DNS server .

after removing the machine from the domain it now no longer picking up the correct DNS server.

Would assigning a new DNS record resolve the issue???

he following error occurred when DNS was queried for the service location (SRV) resource record used to locate an Active Directory Domain Controller (AD DC) for domain "bareesc.bareescentuals.com":

The error was: "DNS name does not exist."
(error code 0x0000232B RCODE_NAME_ERROR)

The query was for the SRV record for
_ldap._tcp.dc._msdcs.bareesc.bareescentuals.com

Common causes of this error include th... Read more

A:An active directory domain controller for the domain could not be contacted

Funny enough, we've found a handful of users on our network today unable to access local resources for the same reason!

Your DNS settings are being hijacked. They should point at your DC, but instead are pointed at a malicious DNS server hosted somewhere in Israel. Give your computer a good bath before letting play with the other children again.

We're currently in the process of mediation around here, too.

Hope that helps!

Read other 2 answers
RELEVANCY SCORE 59.2

I've been trying to join a new Windows 7 Professional machine to a domain controller running Windows 2003 Server with no luck.  We currently have 4 Windows XP machines running on that domain without any issues, but when I try to add the Windows 7 computer,
here is what happens:

A computer account on the domain could not be found (confirmed it is already there)
I put in the computer name and domain again, and Administrator credentialsNow it tells me: "An attempt to resolve the DNS name of a DC in the domain being joined has failed."
I currently have DNS on the Windows 7 PC set to the Domain Controller and have IPv6 unchecked under Network Properties.  I can even ping the domain name (resolves to IP of the domain controller).  It looks like it can, indeed, find the domain from
the message in step 1, so am I missing something here?
Thanks in advance for any help!

A:Cannot join Windows 7 to domain even after setting DNS to domain controller IP

Hi,
You need flush your DNS cache in client side first.
Then, let?s create the following registry value for a try:
HKLM\System\CurrentControlSet\Services\LanManWorkstation\Parameters
 
 - Created a DWORD DomainCompatibilityMode = 1
 - Created a DWORD DNSNameResolutionRequired = 0
Reboot the machine and check the result again.Alex Zhao
TechNet Community Support

Read other 17 answers
RELEVANCY SCORE 58.8

I have PCs sitting in a shared area and I would like to prevent users from different domain to logon to my computers. How do I do that with GPO? I searched internet and they suggested "Deny logon locally" I don't think that applies to
my case. Said, my users from DomainOne, I don't want users from DomainTwo, DomainThree, etc to logon and use my department computers.
Thanks,

Thang Mo

Read other answers
RELEVANCY SCORE 58

Hello everyone. I really hope that you can help me. You are my last hope.

I maintain about 30 domain computers. Recently when users try to log in on most of them the following error appears frequently:

"Windows cannot connect to the domain, either because the domain controller is down or otherwise unavailable, or because your computer account was not found. Please try again later. if the message continues to appear, contact your system administrator for assistance."

I have seen that this error appears only in the computers with Windows XP and not in the computers with Windows Vista or 7. We have 2 domain controllers.

Please let me tell you about the ways I tried to resolve this problem and their results:

- on some computers, after several restarts the users are able to log in, but if they restart or shutdown after that the error appears again; this worked for some computers, but I do not know if the error will appear again in the future.
- on some computers, when i disabled the windows firewall or allowed all kind of ICMPs it was resolved, but this did not work for all the computers and I do not know if the error will appear again in the future.
- I unjoined and then rejoined some computers from the domain and it was resolved but after restarting the error appears again.
- If I unplug the network cable the users can log in but after restart the error appears again.
- I have tried to reset the user password and computer on the Active Directory for some users and... Read more

A:windows cannot connect to the domain, either because the domain controller is down...

Read other 16 answers
RELEVANCY SCORE 58

I have an employee that gets this upon every boot on his assigned laptop. I have utterly no idea what it means or how to correct it. Help needed please.
 

A:Error: Domain controller could not be found for the specified domain.

Check the machine account. You might also delete it and recreate it. This may require a domain admin to rejoin the machine to the domain.
 

Read other 2 answers
RELEVANCY SCORE 58

Hello,

We have a server set up with serval computers t. I formated a pc that was on the domain and now trying to attach it back to domain and i get the message.

Domain Contriller could not be contacted
I putted all the settings same as the other pc's..

i'm also getting the message " ip adress already in use. but i'm using the same ip as the pc had before i formated the pc. is this the reason that i get the message , Domain Contriller could not be contacted

i also can ping from the pc. to the server

Any Ideas?

thanks for the help
 

A:Problem:A domain controller for the domain could not by contacted

sorry i mean i also get the message " a duplicate name exist on the network"
 

Read other 1 answers
RELEVANCY SCORE 57.2

Hi, I don't know what happened, I was wanting to get AHCI working in Windows 8 but someone had suggested to change a Windows registry setting and I did so so now it is no longer listed.

Long story short, I don't know how I can recover these settings without a backup. And I don't have one!!! :-|

Here is the location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\msahci\Start

msahci is not listed in my registry, so is there a workaround?

Thanks in Advance.

A:Intel ICH10R Controller:ACHI Registry Listing omitted

Boot WinPE or any Live *IX DVD and manually edit the registry on your computer to add the registry key back. Done this a few times works well. -WS

Read other 2 answers
RELEVANCY SCORE 56.4

Hi,

I'm using Windows 7 Home Premium x64, IE9, with Comodo Firewall and HIPs, Avast AV, MBAM, EMET and SAS.

I have one LUA and one Admin a/c, both strong passworded---Guest a/c is disabled, Real Administrator is enabled, passworded, and never used. I'm behind a router with no network or file & printer sharing and have all recommended blocks on my firewall.

I've just replaced my admin and lua accounts after finding a lot of null sid logon fails at all my accounts over a few months. It might have been a self-snafu, but I seem to have cured the issue. All except Type 3 Anon Logons at every boot, but i read somewhere that too can be a snafu. I'll keep an eye on them.

Meanwhile, eventlog showed my old accounts being removed from a 'no name' global group that had the Domain users group sid S-1-5-21-*-*-*-513. The new accounts were both added to this 'no name' global group. I'm a workgroup pc, not domain.

Home premium doesn't have secpol and I can't get NET command to enlighten me on this domain group. Should I have any global/ domain groups?

Finally, Is there a way to enforce 'Do not allow enumeration of SAM accounts and shares from the Local policy' or disable 'Network access: Allow anonymous SID/Name translation' or equivalent on Win 7 Home Premium?
Cheers

A:Domain users group - no domain?

Good grief, I am afraid after just reading all of this. I recommend keeping only your windows built-in firewall, but its up to you.

Do you go to some heavy virus-infected websites a lot? All you really need for a home computer is something like MSE. MBAM is great to use with it as well. If you have more than one antivirus, chances are they will begin to conflict with eachother. update and scan for viruses, and if there aren't any, relax. DO you do things on your computer that require top notch security?

If you are looking for better, you might start looking into paying for a AV. google best antivirus to find reviews on different ones.

Windows itself has ways of locking down your computer, such as bit-locker.

Read other 9 answers
RELEVANCY SCORE 56.4

Windows
2012 

IP settings           172.17.2.36

Subnet mask       255.255.0.0

Gatevay                 172.17.2.1

DNS                       8.8.8.8

                           
     

Windows 7

Obtain
IP address automatically  

----------------------------------

----------------------------------

DNS
                       8.8.8.8

 
                                

The
error code reads 

------------------------------------------------------------------------------------------------------------------------------------------------

The
following error occored wen DNS was queried for the servise location (SRV)

resource
record used to locate an Active Directory Domane Controller (AD DC) for Domain

"dalek.local
".

 

the
error was: "This operation returned because the timeout period expired."

(error
code 0x000005b4 ERROR_TIMEOUT)

 

The
query was for SRV record_ldap._tcp.dc._msdcs.dalek.local.

the
DNS server used  by this com... Read more

Read other answers
RELEVANCY SCORE 56

Hi all - I have a problem with my domain.

I have 1 domain "europe1" with the PDC in the UK.
I have 2 bdc's for europe1 in the a location in france.

europe1 is the accounts domain and is trusted by lots of resource domains.

The problem is this : Open user manager for domains on either one of the BDC's, it tries to retrive the list of users but gives the error "cannot find a domain controller for this domain".
If I try to retrieve a list of users from any one of the trusting domains it works no problem.

As a test we built a new bdc and it worked with no problems.

Any idea's what is wrong with our original BDC's ??

Thanks in advance
 

A:Cannot find domain controller for this domain

Have you done the standard what I term Microsoft solutions.

Reapply service pack the BDC's
Apply the latest Network card driver and reapply the service pack.

Only other thing I can think to check is can the BDC's resolve the PDC computer name.

Hope this is some what helpful.

Scott
 

Read other 1 answers
RELEVANCY SCORE 56

When I logon to our network I get "Domain controller for this domain could not be found:. The event viewer records event ID 5719 in the system log:
No Windows NT Domain Controller is available for domain PGMS_LAW. (This event is expected and can be ignored when booting with the 'No Net' Hardware Profile.) The following error occurred:
The RPC server is unavailable.
According to MS support the way to resolve this is to disable LMHOSTS lookup box. This was not enable on any machines and now I'm stuck. Does anyone have any ideas?
 

A:Domain controller for this domain could not be found

Simplest thing to try is remove it from the domain (make sure you have a local account with admin rights FIRST). Then re-add it to the domain.
Can you see/use network resources otherwise? Are the lights on on the NIC? Have you tried a different cable/network port?
Maybe remove/re-add the NIC. Check all the properties, correct IP/subnet/gateway/etc.......
 

Read other 1 answers
RELEVANCY SCORE 52.4

Have 2 problems - one which appears to be resolved. The big one now is that a malware has taken over my desktop about a week ago. Started with all these popups and a request to me to do a system restore, which I now know is theirs and not Microsofts. System Restore (theirs) said my hard drive was unreadable, and that for a mere $59.95 they could fix it. Of course, I did not buy it, but it has messed up my computer.

The symptoms: 1. Many desktop icons have disappeared (hidden) including Mozilla and Microsoft Word. I know programs are still in there because they do show up on Add/Delete programs listing. 2. When you click Start up and go to All Programs, there is a list of only about 10 programs; obviously I have many more than that. 3. There is a System Restore icon on desktop (as well as on bottom bar) which is obviously theirs; it was not there before.

My other problem was a redirecting of Google searches which developed back in September after the computer had been shut off for three months while I was on vacation. This also had happened back in April and I worked with tetonbob of Tech Support and he got it resolved. This time while waiting for a response from tetonbob, I did a Malwarebytes scan and it detected a number "Hijack" malwares; Upon deletion through Malwarebytes, the redirecting went away, so this one is hopefully resolved.

T

A:Malware has hidden desktop icons and program listing on Startup listing-All Programs

Hello Tom,

I don't have time at the moment to guide you, but shall in several hours. In the meantime - whatever you do - do NOT run any tools that will clean the temp directory. Just sit tight and we'll get you through this.

Read other 19 answers
RELEVANCY SCORE 51.2

Having trouble accessing Active Directory users/computers it times out and says it cannot connect to the domain controller and when I boot up takes forever and on the internet it takes minutes to switch screens.

Using XP Pro and Windows Server 2003. This is happenning on the admin PC. Thanks

A:Domain Controller

Hello & welcome to TSF,

you need to do this to both systems


do you have a Windows Xp cd, not the restore cd's that come with some systems, the cd will have the Windows logo & 3D hollowgram/image on it

if you do not maybe you can barrow one from a friend/family member/co-worker as long as it is the same version that is on your system

if you have (Windows XP Home Ed. sp2 ) then the cd will have to be that / if you have a cd with (Windows XP Home Ed. )you will have to slipstream (SP2 ) onto a disk that you create
this also applies for (SP3)

this also applies to (Windows XP Professsional )

http://www.helpwithwindows.com/Windo...p2-bootcd.html

now if you do have the Windows XP cd with sp2 please follow these steps

--------------------------------------------

performing a (sfc) system file checker

It is a scan that checks the core files & dlls of the (os) operating system and replaces them if they are corrupt or missing with the correct original version

start

#1 then select (run) , then press enter
a window will open
#2 type in ( cmd ) then press enter
another window will open
#3 type in ( sfc )then press enter
another window will open
#4 type in (sfc /purgecache) then enter / your pc will work like crazy / this helps in rebuiding the cache file (notice the space between (sfc & /)
#5 type in (sfc /scannow ) then press enter ( notice the space between the (sfc & / )

now a scan will start , have your... Read more

Read other 1 answers
RELEVANCY SCORE 51.2

How do I run a domain network?
 

A:Domain controller?

Read other 6 answers
RELEVANCY SCORE 51.2

Ok here is my situation, I have 2 pc's running Win 2000 and a third running 2000 server, how do I get the 2 machines to join into the domain.....I installed AD and now have a domain called "something.local." does this make sense to anyone? also I am behind a linky router and have given my 2 pc's a static ip of "192.168.x.x" do I have to run a DHCP server on the 2000 server machine? I am completly lost and could use some help....I know Active Directory is not for the timid, maybe I bit off more than I can chew!!!
 

A:Domain Controller

In control panel, open system, under identification, change it, and add the domain name, apply, and you'll get a message as to whether it was sucessful or not.
 

Read other 1 answers
RELEVANCY SCORE 51.2

We have over 110 laptop users all logging on using cached domain login information.

Recently I've had a couple ring up saying that they can't log on to their laptops remotely as they get a message saying the domain controller is not available so all I've been able to do is get them to drive all the way on to our Head Office so i can reconnect their computer on to the domain and then get them to log on and then off the domain to create a cache of their logon details.

Any ideas the previous cached information has not allowed them to log on?

I'm guessing it has become corrupt but not sure how.

Read other answers
RELEVANCY SCORE 51.2

Ok here is my situation, I have 2 pc's running Win 2000 and a third running 2000 server, how do I get the 2 machines to join into the domain.....I installed AD and now have a domain called "something.local." does this make sense to anyone? also I am behind a linky router and have given my 2 pc's a static ip of "192.168.x.x" do I have to run a DHCP server on the 2000 server machine? I am completly lost and could use some help....I know Active Directory is not for the timid, maybe I bit off more than I can chew!!!
 

A:Domain Controller

You do not have to run DHCP from your server. You could run it from your router, or not at all. The key to getting your Win2k machines onto the domain is that you must build Domain User accounts on your server for them. This server must be configured as a Domain Controller. They must then change their Network Identification to join the Domain and log into the Domain Controller (your server) using the accounts that you have built for them under the Active Directory Groups and Computers area. (Start-->Programs-->Administrative Tools-->Active Directory Users and Computers.

When you boot your Win2k clients, be sure when the logon screen appears, that you use the drop-down box to select your domain not the local computer.

I use my Win 2k server as a Domain Controller and a file/backup server which I have found the most useful role for my small home network.

Hope this helps--

Telepro
 

Read other 2 answers
RELEVANCY SCORE 51.2

I'll be adding a new Domain Controller to our network this evening. It's not currently connected to anything right now, so I need to know if I actually have to join the machine to the domain, or can I just plug it in and bring it up as a new DC on the domain? In other words, do I have to go through the process of going in to Active Directory on the existing DC and actually adding a new computer to the domain and then bring it up as a DC, or does it automatically join when I make it a DC on the network?

Steph
IT Intern
 

A:New Domain Controller

Read other 12 answers
RELEVANCY SCORE 51.2

how many domain controller can be added in windows server 2003
 

A:domain controller

You will need at least one per domain.
 

Read other 1 answers
RELEVANCY SCORE 51.2

i am looking at changing what rights users require on my companys domain, as all the IT staff have domain admin rights, which most of then dont need, is there a way making new groups and giving the certain rights like being able to install software and printer ect.

we are running a windows 2003 domain with AD
 

A:Solved: domain users

BigC said:

i am looking at changing what rights users require on my companys domain, as all the IT staff have domain admin rights, which most of then dont need, is there a way making new groups and giving the certain rights like being able to install software and printer ect.

we are running a windows 2003 domain with ADClick to expand...

Hi BigC,

It sounds like you need to create a "Power Users" Group for them. All I know is that WinXP Pro has this category of user which is like a restricted Admin, but I don't know for certain if it is available for a windows 2003 domain with AD (perhaps).

-- Tom
 

Read other 3 answers
RELEVANCY SCORE 51.2

Self explanatory.




What are the specific steps to take in order to map, say, 3 drives to all domain users when they logon. I have seen a few pages and they are all different, so if anyone has the exact script or steps (not a link) that'd be awesome. Going to sites and getting two or three different instructions is frustrating. It is a windows 7 environment on 2008R2.

Read other answers
RELEVANCY SCORE 51.2

Hi,

I try Windows 7 with our environnement which is based on Windows 2003 SBS.

I have created a user on this server and i try to connect my test computer on this domain.

It recognizes the domain.

I have created the username on my PC with the short method (user in control pannel) and with ProfWiz. User is recognized too.

I restart the PC and i try to connect with the correct user. Username and password are correctly checked but i have already the message 'You have been logged with a temporary file'. Then a can't really organize the PC.

Someone can help me ??

Thanks and regards.

PS : I'm not englishspeaker then sorry for the message and fauts.

A:Windows 7, users and Domain

  
Quote: Originally Posted by EricF


'You have been logged with a temporary file'. Then a can't really organize the PC.


Hello and welcome.

Why not log on as a local user to configure the PC (rather than a domain user)?

If you want to log in as a domain user then you should first create that user on the domain controller.

Can you attach a screenshot of the user profiles? (computer > properties > advanced > user profiles > settings)

Read other 3 answers
RELEVANCY SCORE 51.2

i am looking at changing what rights users require on my companys domain, as all the IT staff have domain admin rights, which most of then dont need, is there a way making new groups and giving the certain rights like being able to install software and printer ect.

we are running a windows 2003 domain with AD
 

A:Solved: Domain users

You would be better posting this in the networking forum for a better response!
 

Read other 2 answers
RELEVANCY SCORE 51.2

Hi. Sorry my language i am from Portugal, and is the first time i post in this f?rum!

I have a question!

I working with several computers in a domain! After restarting before installing the operating system again, I was wondering how do I set the same profile for all profiles!
In windows XP configured a profile with a user, and then put it in the default user folder!
In Windows 7 I have no idea!!!

Any ideia?

A:How to have same profile for all users in the domain!

Hi WildCatPT, welcome to the Seven Forums.

Windows 7 default user profile must be configured and customized in so called Audit Mode when no user profiles exist. In your case, deploying the same image to several computers, the procedure is as follows:Start Windows 7 installation on your reference computer
After installation boots to OOBE / Welcome mode after last reboot, enter Audit Mode
Customize the default user profile
Generalize the Windows image with Sysprep
Capture the image
Deploy the image (install to other computers using the captured image)

See this tutorial for instructions in customizing Windows default user profile in Audit Mode: User Profile - Customize During Installation.

Notice that as this tutorial is made to show how to customize default profile in just one computer as opposite to your need to do it for several computers, you need to change the /reboot switch in Sysprep command told in Step 3 to /shutdown switch in order to be able to capture the image before any user accounts have been created.

In your case, the Sysprep command told in Step 3 must look like this (changed part highlighted):

Code:
%windir%\system32\sysprep\sysprep.exe /generalize /oobe /shutdown /unattend:E:\DefaultProfile.xml
More complete walkthrough tutorial for preparing a Windows image for deployment, including default user profile customization: Windows 7 Image - Customize in Audit Mode with Sysprep

Kari

Read other 1 answers
RELEVANCY SCORE 51.2

Windows Server 2003. I want one shared folder on the server to be visible to only one group of users. When I created the foler, it seems to have come with settings that make it visible to all users and all users have read&execute privileges. The security tab does not see to permit removing these users so I can resttrict access to a single group.

What am I missing?
 

Read other answers
RELEVANCY SCORE 51.2

I have 3 local accounts on a laptop (1 admin and 2 standard users)

I will open the file in the admin user (from a memory stick)

Is there a way to save a file and a web url to ALL users' desktops?

Tommy

Read other answers
RELEVANCY SCORE 51.2

I run a computer room for a group of disabled veterans at the local VA medical center. A while ago I was directed to make it
impossible for my users to save any information to any internal or external storage device. Our Internet access was suspended until I have accomplished this.

I have yet to fully accomplish it. I was refered to these programs for removable media and USB storage devices:

cdromdisabler_free
disableusb_free
floppydisabler -free
usbdisablerpro

I haven't found anything similar for the hard drive. I have looked through Computer Management and the Registry but found
nothing that looked like it would do the job. I asked for help in a number of forums. One recommendation was:

"go to the group policy editor (gpedit.msc)
computer config....
administrative templates....
system...
disk quotas...
there are 6 settings there..."

I didn't understand this approach.

A more promising recommendation was to restart in Safe Mode, right click on the hard drive, select properties and click on the Security tab. This led to the following:

Groups or user names

Administrator
CREATOR OWNER
Everyone
SYSTEM
User

I selected User

Permissions for Users

Full Control
Modify
Read & Execute
List Folder Contents
Read
Write
Special Permissions

I had been advised to check only Read & Execute, List Folder Contents and Read under the Allow column heading. Actually, I found those boxes already checked. No other boxes were checked in either column. I didn�... Read more

A:Prevent users from saving files

Why would they want to disable write access to everything? They must be completely illogically paranoid about something...

The idea of setting attributes in the security tab is how you will get it done.
didn't work? then you did it wrong.

You probably changed the settings for one user, then tested it on another user.

Do you know how to create a batch file?
If so, here is a batch script that will change the permissions to "read write" and "Execute", for "Everyone"

echo off
cls
set /p pth="please type the drive letter for your Hard drive e.g. C:":
cacls %pth% /T /G Everyone:RClick to expand...

If you don't know how to make a batch file, follow these instructions.

1. open notepad.
2. copy and paste the script I gave you, into notepad.
3. click file, then click "save as".
4. where it says "save as type", change it to "all files"
5. save it as userpermissions.bat
6. now go find the file you just saved, it will be a "batch file".
Once you have the batch file open, it will ask you to type the drive letter of the harddrive you want to restrict.
So you might want to restrict C drive, so you type C:
after typing the drive letter, press enter, and it will ask you if you are sure. click yes, and it will be done.
WARNING: restricting write permissions for the entire harddrive, could cause problems for internet explorer/firefox, or whatever browsers you are using on the comptuters. Not ent... Read more

Read other 1 answers
RELEVANCY SCORE 50.8

Hello everyone,

I'm in a predicament. Our small company uses a domain controller which every user logs into for access to the network and their local profiles. The profiles are NOT coming/stored on the server side however, they are simply local, but users are given rights to certain file server areas. The machine used as the DC is VERY old and we're not confident it will stay running much longer.
What's the best way to migrate users to a new server?
We have a new machine, with a proper Windows 2003 server installed. We set up another domain (OfficeNet2). I was under the impression we simply needed to "promote" the new server to become the new Domain Controller - however, we're not sure how to do this, and do we need to "copy" the old user login information from the old server to the new (If that's even required?)
Any help or ideas would be GREATLY appreciated!
Thanks!
Katt
All users are XP PRO SP3 (with a few MACs) and both servers are Win2003.
 

A:Migrating from one Domain Controller to Another

Actually it would have been easier if you kept the new server on the same domain -

http://forums.techguy.org/windows-server-2003-2008/823462-domain-controller-advice-needed.html

If you have the ability to do it you may want to just do that. I have some links in this thread that wshow you how to have 2 DCs in one domain and to promote the new one.

When you have 2 different domains it becomes a bit more convoluted and you have to do some trusting and domain migrations.
 

Read other 1 answers
RELEVANCY SCORE 50.8

I Have a Windows Server 2003, Windows Vista Home Basic and a Windows 7 (Based on Vista). I just got a Belkin router but i installed and set it up on my Windows 7 PC. Is there any way to make my Server 2003 become the new Domain Controller. I need it to install Ranger for networks.
 

A:Solved: How do I become a Domain Controller?

Read other 7 answers
RELEVANCY SCORE 50.8

Exactly what do we mean when we hear/use the term "Domain Controller"? What sort of services run Exactly what do we mean when we hear/use the term "Domain Controller"? What sort of services run on the server that is designated as the Domain Controller? Is this the server on which DHCP and DNS and maybe some other services also run? What are the minimum specs for a Domain Controller server for say 30 - 50 users and would the standard version of Windows 2003 be sufficient for this?

Can we have more than 1 servers in an organization but only 1 of those designated as the domain controller? And last question: Can we have MS-Exchange running on the domain controller?

I know I have asked many questions in 1 post but will be grateful for a reply.

Thanks.
 

A:Trying to understand a Domain Controller

Let me google that for you: http://lmgtfy.com/?q=Server+Domain+Controller

Google is your friend
 

Read other 1 answers
RELEVANCY SCORE 50.8

An old client called me and he's still running a system I set up for him over a decade ago running an NT server. For some reason his network went down. When I looked it said "domain controller not found. What happened? I noticed that his HD only had around 600MB left. Could that be it? No room to load and swap out etc.?

Also event viewer says there is a bad block on the HD. maybe that?

Thanks,

Bernie
 

A:NTt domain controller not found (yup!)

Did you check to see that WINS is running and the workstations are set up to connect to it? Have you checked to see that the workstations can do name lookups?
 

Read other 2 answers
RELEVANCY SCORE 50.8

- Windows 2000 Network. PDC has Win2k Server.
- All Win2k computers can connect to the domain w/o problem
- NT 4.0 (SP6a) machine used to connect fine but can't recently.
- Only recent change to the PDC was the installation of SP4.
- I can ping the PDC by IP address but not by name

Stuff I have tried:
- I tried switching it to a workgroup, rebooting, then switching
them back to the domain but now they give "Unable to connect to
the domain controller for this domain. Have your administrator
check your computer account on the domain." The computer account is on the PDC and a member of "Domain Computers"
and "Pre-Windows 2000 Compatible Access"
- I tried unchecking the "Enable LMHOSTS Lookup" check box in
Network\Protocols -> TCP/IP Protocol -> Properties -> WINS Address, as recommended by MSKB Article 271925 but that did not help.
- I tried changing the HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services
\LanManServer\Parameters values for EnableSecuritySignature and RequireSecuritySignature, then restarting Net Logon as recommended by
http://content.techweb.com/winmag/library/1999/0501/sol00074.htm, but that did nothing.
- Lastly I tried what was recommended in MSKB Article 293127 which was:
Change the HKEY_LOCAL_MACHINE\System\CurretnControlSet\COntrol\Lsa
\restrictanonymous DWORD value to 0, but I haven't rebooted yet since I don't want to boot everyone else who is currently on the domain... I am not holding ... Read more

A:NT 4.0 can't connect to domain controller

Read other 8 answers
RELEVANCY SCORE 50.8

I have two servers running NT 4.0 the problem is that the backup domain controller cannot log on to the primary domain controller. I've tried setting trust relationships and I get the "this server is already on the Domain" message.
 

A:Domain Controller Situation

If you have a Primary and Backup domain controllers in the same domain there is no need to set up a trust.

Trusts are used to define relationships between two seperate domains.

Can you explain in more detail what you are trying to do when you say

"the backup domain controller cannot log on to the primary domain controller"

Cheers

Craig
 

Read other 3 answers
RELEVANCY SCORE 50.8

I am tryin to add a user to a computer running W2k pro and when I type in the name and domain all I get is an error that says
"the trust relationship between this workstation and the primary domain failed"

This is a new workstation just added to the network, the user I am adding is myself and I have admin rights. For some reason all the users have to be local, I have checked the IP,DNS, and gateway. I can see the computer on the network.
 

A:Domain Controller does not trust me!

Hi tushkahoma
It seems that although you have local admin rights at the workstation, you may not have domain admin rights in order to join the domain.

Paul V
 

Read other 2 answers
RELEVANCY SCORE 50.8

The title says it all. Can Windows 7 Professional be modified to run as a domain controller and use Active Directory? If so please point the way to a tutorial if you know of one. Thank you.

A:Can Win 7 Pro be modified to run as a domain controller and use A.D?

No. If it could Microsoft would be on you faster then Winnie-the-pooh stalking a jar of honey.
The only way you are going to have a domain controller is by using Windows Server.

Read other 1 answers
RELEVANCY SCORE 50.8

I'm trying to get rid of an old w2k server that is the DC and DNS server. I added DC and DNS to an existing w2k3 server and it looks like it replicated all the AD data ( I see users and machines listed ) but when I unplug the old server and login to the network at a workstation I don't get access to the internet trying to use the new server as the DNS server or to local network stuff. I think I may have both a DC and DNS server configuration problems.

Thanks in advance

14Mike
 

A:New Domain Controller problem

Are you using the new DC as the DHCP server? If so you will need to do an ipconfig/release ipconfig/renew from the workstations so they get the new DNS information otherwise the workstations will be using the old DNS server for their lookups.

And did you demote the old server? You can't just unplug a DC from a network, AD has to know it is gone.
 

Read other 2 answers
RELEVANCY SCORE 50.8

Hello everybody,
On some of my computers, when I tried to log in, I get the error say that it cannot find the domain controller, so I must log in locally. But the others log in OK. And when I log in locally (on the computers that has the error), I can ping the domain controller, that's mean I don't have any connection problems, but why it cannot find the domain controller? Have anybody had a problem similar to me? Do you have any quick solution for this?

Thanks in advance
 

A:Cannot find domain controller

Did you add the WINS address under Advanced TCP/IP settings?
 

Read other 3 answers
RELEVANCY SCORE 50.8

Hello everyone!
Today I have received a High severity alert for Suspected DCSync attack. The origin of this attack was a workstation that ATP tell us that has it's right private IP and a secondary IP, the one of our DC. How it can be possible? I've investifated on DNS,
on AV client logs, and other auditing tools and everything looks ok. No evidences for any risk on this computer or secondary IP address assigned to this workstation. How it can be possible?
Thank you.

Read other answers
RELEVANCY SCORE 50.8

I am new here and I hope someone will be able to advise me regarding the problem I am having.

I am responsible of a small office network that is based on one domain controller which also works as the DNS.

Yesterday, I was planning to join a new PC to our domain name and usually when I do this I change the administrator's password temporarily to use it on the new PC and then change it back to the original one. (it is a secuitry phobia issue!)

After successful join to the domain I changed the AD administrator password back to the original one and tested it immediately and it worked just fine.

I locked the server and few hours later I wanted to make a change in the AD and I was very surprised that the administrator password is not working anymore.

(Please note that other users passwords haven't change)

My questions here are:

1- Are there any type of (hacking) tools that can be run from a local network pc (which have local administrative privilages) that can hack the domain controller this way and change the administrator's password or harm the domain controller?

2- Could this be a problem/bug from the windows 2003 OS itself?

3- Is there any legitimate way to reset the password in this case?

4- Is the built in windows 2003 firewall reliable and what do you recommened for software secuitry.

This happened once before (about a year ago) and the network was smaller so I finally decided to resintall wndows 2003 and start from scratch. But this time I just w... Read more

A:Problem on my Domain Controller

One aspect of maintaining servers is to create additonal administrator accounts so you can use them to edit/change the default administator account if its profile becomes corrupt or you have issues with passwords.

Q1 not that I am aware of
Q2 doubtful
Q3 use another admin account
Q4 software firewalls are OK but you get better protection from a hardware router/firewall. Not sure what you mean by software security. That is what share and ntfs permissions are about.
 

Read other 2 answers