|
No use if you're not using Active Directory
The opinions expressed in this communication do not necessarily represent those of the author (especially if you find them impolite, discourteous or inflammatory).
|
|
|
|
|
|
i want to create a active directory without connecting to a dns server and it seems that i am always ask for an ip address to install the active directory. THANKS A LOT!!!!I really need help on this because i want to practice active directory at home.
|
|
|
|
|
If you have two network card in your PC connect it with the wire and run command DCPROMO from the command prompt. Follow the instruction...
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
ok i will try it... Thanks a lot!!
|
|
|
|
|
A while back I posted a question here about running two networks on a single hub, but I never reported back on the project. Sorry about that.
To recap, the upstairs network has DSL while the downstairs has dialup connectivity to the Internet. The people upstairs are management drones who don't need broadband, while the people downstairs are the ones dealing with customers and really need fast response times. The upstairs folks were paranoid about the downstairs troops being able to access their PCs, and there was much gnashing of teeth and rending of clothes involved in making the decision to link the two.
My solution, sound in theory but untried by me, was to readdress the upstairs network and downstairs network to use different subnets, then to run a single cable between their two hub/switches. In theory it should work fine - hubs are relatively dumb and shouldn't care what addresses are carried by the packets passing through them. I'm happy to report that it works as well in practice (it really should) as in theory. I ran a cable, plugged it in, readdressed the nets and all is humming along nicely now, with everyone sharing the same gateway DSL device. The only glitch arose from the fact that the creative genius who originally set this up named each of the servers (one on each network) \\SERVER, which intially made Windows choke. It was with much trepidation that I renamed the downstairs server and rebooted - it is WinNT4, after all - but after chanting a silent mantra for the ten minutes it took to restart it turned out that the computer gods were benign that day. Neither side can even see the other, so the drones are content, and being able to place orders online, retrieve information in seconds, and the like makes for happy customers downstairs.
Thanks to all for the reassurance that my plan wasn't totally mad.
"My kid was Inmate of the Month at Adobe Mountain Juvenile Corrections Center" - Bumper Sticker in Bullhead City
|
|
|
|
|
I'm trying to open the system store from IIS web extension and I
get an ACESS_DENIED error. It works when I run extension in "High-Isolation" mode under account belonging to Administrators group (which is not safe at all!!!), but id doesn't work if I run it under local IWAM_<machinename> account or specially-created "non-administrator" domain account. Where (and how) adjustments should be done to make it work?
Here is the call I make (C++)
store = CertOpenStore( CERT_STORE_PROV_SYSTEM,
PKCS_7_ASN_ENCODING | X509_ASN_ENCODING,
NULL,
CERT_SYSTEM_STORE_LOCAL_MACHINE,
L"MY"
);
Thanks,
Andrey
|
|
|
|
|
I cannot install updates from Windows Update because it does not pass the Windows Logo program.
Isn't this strange, since it comes from MS web site?
Also, is there a way disable it?
--------
"I say no to drugs, but they don't listen."
- Marilyn Manson
|
|
|
|
|
This shouldn't happen. Have you installed and enabled the Root Certificates Update feature? You'll find it in Add/Remove Windows Components in the Add/Remove Programs Control Panel applet (Update Root Certificates, on an English operating system).
The original key Microsoft used for signing updates expired at the end of 2002. Since then they've relied upon certificate-path features, using a code-signing key signed by their root certificate. If you've disabled the above feature, you may not have a current copy of the certificate. I don't believe there's any harm in having this feature enabled. Microsoft describes how it works here[^].
If you're talking about disabling the check for driver updates, go to Control Panel > System > Hardware tab and click Driver Signing. Select either Warn or Install rather than Block, then click OK.
Windows XP SP2 should include an up-to-date copy of Microsoft's certificates. You should also be able to get a copy from Windows Update - you may need to check for refused or hidden updates if you decided not to install them previously.
Stability. What an interesting concept. -- Chris Maunder
|
|
|
|
|
Hi, can any one give me a brief explaination? why using remote access via VPN is secure then using remote access by using dial up network?
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
Ugh. The risk in dial-up networking is that an attacker could tap the phone line and connect up a modem to monitor the signal and hence see the data on the line. You can mitigate this risk by using encrypted PPP - Windows Remote Access Service has this capability, both on the client and server side (Routing and Remote Access).
Encrypted PPP, and VPN, use some form of public-key cryptography to encrypt packets before they're sent. Only the intended recipient should have the key to decrypt the packets. In fact it turns out that full public-key cryptography is too slow for practical encryption, so instead the two keys are used to derive a shared key for use with a simpler encryption algorithm (such as RC4) which is quick enough to keep up with the stream of packets. The higher-level protocol changes this key periodically to reduce the risk that an attacker could work out the key.
The main thing that VPN offers is that you don't need a rack of modems at the server end - you just need a suitable internet connection. The client's packets can come across any intermediate connections and networks; this is less likely to be an issue for you, but it means that the client can be connected to a Digital Subscriber Line. We've recently deployed VPN for ten mobile users - some are still on dial-up, others are using broadband connections.
Stability. What an interesting concept. -- Chris Maunder
|
|
|
|
|
Thank you very much for your detail explaination.
|
|
|
|
|
Hi, can any one give me detail instruction how to setup lamplink between two computer?
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
Did you mean "Lap Link", using parallel port?
Arsalan Malik
|
|
|
|
|
Yes, do you have any idea or suggestion? I need it in step by step connection and configuration.
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
Hi, some people said that using windows 2000 is for the server is better than windows server 2003 because windows server 2003 have some error. But some people said that windows server 2003 is better than windows 2000 server (if we use in the server too) because windows server 2003 has some new feature that windows 2000 server doesn't have. Does any body have any comment about using windows 2000 server and windows server 2003 on the server? Which one is better? Are there any website that give the result between windows 2000 and windows server 2003 benchmark?
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
Look here,
Lab Report: Windows Server 2003 Outperforms Predecessors
Published: April 24, 2003
http://www.microsoft.com/windowsserver2003/evaluation/performance/etest.mspx
Progload
|
|
|
|
|
All software has bugs. If you encounter one that's causing a problem, call MS technical support - if you don't have a support contract, they'll charge you for the initial call, but if it's a confirmed bug, you'll be refunded. If you do have a support contract with a given number of calls you can make, one will be deducted when you open the issue but again if the bug is confirmed and they issue a hotfix, it'll be credited.
Our experience with Windows Server 2003 is good - one 2.8GHz P4 with 768MB RAM runs Exchange Server 2003 Enterprise Edition for 15 users, SourceGear Vault for 5 users, is a department file-server (about 80GB in use) and is an Active Directory domain controller. CPU rarely goes above 20% - however, this system is mainly bandwidth-limited since we only have 256Kbps upstream bandwidth on our ADSL connection, which the VPN users often saturate. Downstream is either 512Kbps or 1Mbps, I can't remember which. Six users (including myself) in the same office use a 100Mbps switched LAN. I don't think we've had any blue screens on this box, and it's seriously cheap hardware - assembled by myself from some parts bought from an online retailer and some parts left over from a previous system that had fried its processor. I wouldn't advise this, but it does work.
If you plan to run a web server, I'd recommend Server 2003 since IIS 6.0 is a big improvement over its predecessor.
Stability. What an interesting concept. -- Chris Maunder
|
|
|
|
|
For a web server the Web Edition of Server 2003 is great -- highly recommended. Stable as a rock, very configurable, and runs on low-end hardware.
Ours is a lowly PII 400MHz with 128MB RAM, and it performs very well.
my blog
|
|
|
|
|
Last I heard you could only get Web Edition if you're already a volume license customer or prepared to become one - it's only available through volume licensing programmes.
Is this still true?
Stability. What an interesting concept. -- Chris Maunder
|
|
|
|
|
As far as I know, yes, it is only available through certain licensing arrangements with Microsoft.
my blog
|
|
|
|
|
Hi, I know that IP address 192.168.x.x is assigned to private IP address for use in our LAN. But I wonder that when our windows 2000 start it try to obtain IP address from DHCP server (if we choose to "Obtain an IP Address Automatically" from TCP/IP property dialog box). If it find DHCP server then it will get an IP address from the server. If it could not find DHCP server then it will assign an IP address itself to 169.254.x.x. From here i have the question, does an IP address of 169.254.x.x is the private IP address like 192.168.x.x? If I choose IP address of 169.254.x.x and assign it (static IP address) to use in my LAN, is it possible to do that?
APO-CEDC
Save Children Norway-Cambodia Office
|
|
|
|
|
Private Address ranges
IANA reserved 4 address ranges to be used in private networks, these addresses won't appear on the Internet avoiding IP address conflicts:
10.0.0.0 through 10.255.255.255
172.16.0.0 through 172.31.255.255
192.168.0.0 through 192.168.255.255
169.254.0.1 through 169.254.255.254 (Reserved for Automatic Private IP Addressing)
(Automatic, meaning Non-Static.)
The range 127.0.0.0 to 127.255.255.255 is reserved for IP loopback addresses, which is mainly used for testing purposes and to check if the TCP/IP stack has correctly loaded.
|
|
|
|
|
Thank you very much for your explaination.
|
|
|
|
|
Ok. Service running using local system account can be allowed to interact with desktop, right? But if service is set to use some other specified account will it be able to interact with desktop?
Also a little off - can I set an application to be running in other then current user account?
We are talking 2000, XP (and possibly NT).
|
|
|
|