Quantcast
Viewing all 31638 articles
Browse latest View live

Exchange 2010 Mail Store Size Exceeds

Hi all I received continuous mail from my exchange server's email address administrator@domian.xx.xx

The contents of the email is

"The mail store[Mailbox-database-XX] size exceeds 85 GB(s), the time
interval of notification is 1 hr(s)" 

Any could provide some hints on these or solution might be appreciated.

Regards


----- bsl


Full fully qualifed domain address not resolving

Hello

I currently have a 2008 AD set up (1 Domain controller, a VM).  originally, i set up the Site in the AD as mysite.local and everything worked. i could type

ping computername.mysite.local

and windows would find the machine

then with out me actively messing in the AD configurations, it (my network) changed to where if i typed

ping computername.mysite.local 

it no longer works but if i type

ping computer.mysite  

it works fine.  I currently have an application (ArcGIS WebAdaptor) that forces the domain name to .local and it cause the thing to not work.

I have root hints set up.  Does anyone know, based off the info i told, places to look for what might be causing the issue?

Even if you can tell me the name of what the ".local" is in my fully qualified domain name is that will help in my google efforts (everything i seem to find is for server 2003)

Thanks!

How AD replication will work after restoring active directory on one DC?

Hi Everybody,

Hope all of you are fine and doing well.

I have a question: I have one domain Adatum.com, and I have 3 Domain controllers (all are 2012 R2, DNSs, GCs, one is PDC and the remaining are additional DCs), I take backup for the three servers every week by backing-up the System State for all the DCs, now in case I will restore one of these DCs to old backup, how replication will work? is the restored data will be restored to other DCs or, the un-recovered DCs will replicate data to the recovered DC and override the recovered data?

Thanks

Best regards

Event 5774 on simple DC with AD and AD based DNS with internet forwarding to DSL router

Every 4 Hours I get about 10 NETLOGON Errors 5774, for example:

Bei der dynamischen Registrierung des DNS-Eintrags "_ldap._tcp.Standardname-des-ersten-Standorts._sites.dc._msdcs.domain.de. 600 IN SRV 0 100 389 SERVER.domain.local." auf folgendem DNS-Server ist ein Fehler aufgetreten: 

IP-Adresse des DNS-Servers: 217.160.80.136 / Verbindungsantwortcode (RCODE): 0 / Zurückgegebener Statuscode: 1460 

Here domain.de is the old domainname, Domain.local the new one, the change was made about 3 years ago. The Server runs well, there are no known Problems on daily work.

Over a long time I tried many things to solve the Problem, but no success.

- Recreating the DNS Zones

- dcdiag /fix

- Deleting the DNS Cache at Client/Serverside

- gpfixup

- Seaching the AD for old entries with Domain.de -> nothing found

- deleting netlogon.dns/netlogon.dnb and restart NETLOGON, call nltest /dsregdns

The last test recreates the netlogon-files and there I can see some obsolete entries pointing to domain.de,

for example: domain.de 600 IN A 192.168.0.11

but I don't find the right place, where I can fix this.

Has everyone an idea where I can find the source definition of this entries and what I can do to clean this?




systemMayContain and MayContain

Hi

I have a interforest migration scenario with a 15 year old domain where there are 100 custom attributes that are bound to a class.

Source domain is FFL and DFL 2003

In the source domain the class have all 100 attributes in systemMayContain 

Target domain FFL and DFL 2008R2

When I create the class (Auxiliary-Class) in target all attributes I add are placed under MayContain instead of systemMayContain in the source, when I have been reading about this it has to do with inheritence from the Auxiliary-Class

Will this cause any problems later on?


remove crashed RODC

we had a RODC which was crashed. its not even booting up and its totally dead.

How can i remove it from the PDC since on the AD replication status tool shows errors. 

Server 2012 R2

Domain Controller Failure and Trust Issues with child domain

Morning,

Came in on Monday morning to find one of my domain controllers dead and died Friday night, which I thourght it would be fine as I have 2 domain controllers in this domain.

DC1 = dead

DC2 = OK

So I logged in to DC2 and Seized control of the 5 roles..schema, infrastructure etc.

ran ntdsutil metadata cleanup commands.

And all seamed to be going well, but now the two child domains no longer trust the parent domain.

In AD Sites and Services I cannot replicate between the domains....

I get.."The System detected a possible attempt to compromise security.Please ensure that you can contact the server that authenticated you" or I Get.."The RPC server is unavailable. The Condition may be caused by a DNS lookup problem"

In AD Domains and Trusts the parent trusts the the children "outgoing" but not the other way. 

on the child DC's trusts the other Child DC but not the parent. if I run the Validate in ADDT I get "Windows Cannot find an AD Domain Controller for the parent.local domain. Verify that an AD DC is available and then try again"

The network is still working, I can ping each of the servers from each other.

remove crashed RODC

we had a RODC which was crashed. its not even booting up and its totally dead.

How can i remove it from the PDC since on the AD replication status tool shows errors. 


Import pictures to AD from office 365

Good day,

Recently while studying I ran onto a problem which I am not able to solve out.

I'd have a question how can I import user pictures from Office 365 to AD. I am using Server 2012 and there are 8 users in domain. I found out scripts to import into AD and force Office 365 to use those thumbmails. But this way user can not change pic himself using online portal services. 

Thanks in advance.

Replication error Between Two Domians

Dears,

I have two Domain controllers installed between to sites, when I run repadmin /replsum the data collection for replication summer will show me operation encountered a database error, I thing this issue related to NTDS database corrupted, kindly any advice for solution. based on my search I have found recommended to see log files for 467 for NTDS corrupted, if the NTDS database corrupted how can I fixed?

Thanks..

AD Migration & Syncronization

Hi,

I have to syncronize the data between the Business Units of my Company with the central Platform.

At that moment I have a domain at my Business unit and another Domain at the platform.

I have to migrate all the users and computers from the BU to the platform and then install an RODC at the business unit which will have the data of the platform(read only). The only problem is that the users of the business unit are present in the AD local but also on the AD of the platform. In the AD local I have the users and computers but on the AD of the platform I have only the users, that were created because some applications needed this.

My question is: how can I do the migration so that I won't have two times the users. Can I migrate the computers and assign them the users that are already on the AD of the platform? Is there any other solution for this type of migration?

I thought to migrate the domain of the business unit to be in the same domain as the platforms (uninstalling the AD of the BU and then nmigrate it as a member server for the platform and then reinstall the AD. The only problem is the users which are already on the platform.

Any help would be apreciated!

Can't access the main DC (which has the active directory service running on it) due to the following error: The security database on the server does not have a computer account for this workstation

I have an environment containing 2 physical servers (MS Windows Server 2012). I've been facing many problem with client access to my exchange server, so i did some investigation and found out that the active directory has three other registered servers with active directory services, so i deleted those servers and left the main DC (I did this from the main DC itself)

And now i can't access either one of the physical servers, (The security database on the server does not have a computer account for this workstation trust relationship)

And I don't know the local user credentials. Please help, this is really urgent! 

NTFRS Error on the disk

Folks,

I encounter a strange error on my hdd-

Log Name:      File Replication Service
Source:        NtFrs
Date:          9/7/2015 14:38:36
Event ID:      13568
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      dcw01.room.com
Description:
The File Replication Service has detected that the replica set "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)" is in JRNL_WRAP_ERROR.
 
 Replica set name is    : "DOMAIN SYSTEM VOLUME (SYSVOL SHARE)"
 Replica root path is   : "c:\windows\sysvol\domain"
 Replica root volume is : "\\.\C:"
 A Replica set hits JRNL_WRAP_ERROR when the record that it is trying to read from the NTFS USN journal is not found.  This can occur because of one of the following reasons.
 
 [1] Volume "\\.\C:" has been formatted.
 [2] The NTFS USN journal on volume "\\.\C:" has been deleted.
 [3] The NTFS USN journal on volume "\\.\C:" has been truncated. Chkdsk can truncate the journal if it finds corrupt entries at the end of the journal.
 [4] File Replication Service was not running on this computer for a long time.
 [5] File Replication Service could not keep up with the rate of Disk IO activity on "\\.\C:".
 Setting the "Enable Journal Wrap Automatic Restore" registry parameter to 1 will cause the following recovery steps to be taken to automatically recover from this error state.
 [1] At the first poll, which will occur in 5 minutes, this computer will be deleted from the replica set. If you do not want to wait 5 minutes, then run "net stop ntfrs" followed by "net start ntfrs" to restart the File Replication Service.
 [2] At the poll following the deletion this computer will be re-added to the replica set. The re-addition will trigger a full tree sync for the replica set.
 
WARNING: During the recovery process data in the replica tree may be unavailable. You should reset the registry parameter described above to 0 to prevent automatic recovery from making the data unexpectedly unavailable if this error condition occurs again.
 
To change this registry parameter, run regedit.
 
Click on Start, Run and type regedit.
 
Expand HKEY_LOCAL_MACHINE.
Click down the key path:
   "System\CurrentControlSet\Services\NtFrs\Parameters"
Double click on the value name
   "Enable Journal Wrap Automatic Restore"
and update the value.
 
If the value name is not present you may add it with the New->DWORD Value function under the Edit Menu item. Type the value name exactly as shown above.

I've never come across such type of error and i do see this kind of errors quite a lot. Can anyone make me understand what is this error about?

Is my hdd dying? Do advise.


Cheers, Alan.

failed to authenticate to DC (event ID 3210)

I´m troubleshooting different Workstation slowness scenarios, and one of the conserning event ID is 3210 which indicates some authorization issues between Client Computer and Domain. Also group policy errors (lack of connectivity to domain controller) follows this error.

I´m tryng to solve this event ID 3210 issue without succsess, so far I´ve done:

- Ports are opened between Client and DC (I ran portQui tests)
- Computer is patched 100%, also KB2958122 included.
- Computer account deleted, Computer re-joined to domain


Server is not showing the exact time and running fast.

Hi Support,

We are using Active Directory server of Windows 2008.The server timing is  running fast(i.e showing time 20 minutes fast) because of that all the computers which are connected to Active directory server are also showing the server time 20 minutes fast compare to original time.

I have set the correct time in the server but it is showing again showing 20 minutes fast.

Please let me know how to set the correct time in the server to avoid running fast and also let me know if we set the correct time in the server whether all the computers will automatically set time in the computer as per the server time.

Looking forward for your reply at the earliest.

Regards

R.Pradeep


When DC is rebooted, users cannot logon when computer has been locked

In the scenario we have 3 DC's

When one of the DC is rebooted within normal working hours (Guess it is the same out of working hours - have not tested that). Users who has locked their computers, will not be able to logon when they return to their computer again. Computer has to be rebooted before they are able to login again. DC's are 2008 R2 and computeres are Windows 7.

Best regards,

Thomas

Do I need to install language package in the target domain during migration of Active directory via ADMT?

I'm going to migrate users and groups via ADMT.
Server's OS in both source and target domains are Windows server 2012 R2.
Language setting of OS in source is Japanese, on the other hand the one in target domain is English.
Do I need to install language pack for Japanese in the target domain to avoid encoding probrem(mojibake)?

Thank you,
Kazuo Ieiri

Help Required to restore Deleted OU

Hi,

I was doing a system state restore in my test DC to restore Deleted OU.

OS : windows 2008 R2

The system state backup I have stored in Remote share and from that remote share I am trying to restore the backup.But After restoration the deleted OU is not coming back .

Can anyone help me with this please ?

Account lockout - No events recorded in netlogon and IIS log

Strange issue with one of our users, every once or twice a day his account locks. He's only using one device to synchronize, double-checked if he is using another device. If i check security the eventlog on the DC i can see that the workstation name is one of our CAS Exchange servers (2010). The source network address points to his mobile provider, so it's pretty clear that his phone is locking his account. 

For additional information I've enabled netlogon debug logging for the DC and CAS server, when viewing the log there isn't a single entry that his account is locked or that he provided a wrong password. I've also check the IIS log on the CAS server, also no event logged regarding a sync request (Sync requests from other users are logged). This doesn't make any sense, because all sync requests are logged right? Even more confused to why there's no event in the netlogon.log file??

LastBadPasswordAttemt Attribute Shows Incorrect Time

Hello,

It may be a simple question. Sorry for that. 

I try to see users' last bad password attemt using C# but lastbadpasswordattemd attribute shows wrong time. When i try to sign in with ad account with wrong password, this attribute is not updating. 

What is the problem? 

Thank you for your answers. 

Viewing all 31638 articles
Browse latest View live


<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>