Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

WIN 2003 STANDARD SERVER ON DOMAIN

Posted on 2009-04-12
19
Medium Priority
?
242 Views
Last Modified: 2013-11-11
1. where exactly do i go to check:?

- Domain controllers have the read and apply rights to the Domain Controllers Policy.
- NTFS file system permissions and share permissions are set correctly on the Sysvol share.
0
Comment
Question by:mikey250
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 8
19 Comments
 
LVL 9

Assisted Solution

by:bharrington83
bharrington83 earned 80 total points
ID: 24125763
What exactly do you want to check?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1920 total points
ID: 24126400
Right-click the domain controllers OU go to the Group Policy tab click the permissions button this is where you check. If you have GP Management installed you will need to check the permissions there.
0
 

Author Comment

by:mikey250
ID: 24133093
1. what about sys vol share, i cant seem to find what im looking for?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 1920 total points
ID: 24134046
Go to the Run \\127.0.0.1 then check permissions. Go to C: to see the SYSVOL folder.
0
 

Author Comment

by:mikey250
ID: 24135964
1. Yes i can see, but what exactly should i be looking at?
0
 

Author Comment

by:mikey250
ID: 24135994
hi,  as i have not installed gpmc  all i see after doing:

Right-click the domain controllers OU go to the Group Policy tab click the permissions button this is where you check. If you have GP Management installed you will need to check the permissions there.

- is yes the gp policy tab, but no permissions in there although everything else is dimmed out anyway unless i select new, but either way no permissions tab or button is on win 2003.

- dont know if it shows it on nt 4 or win 2000!  so im assuming it is set to a default setting as nothing is in the list for gp policies either!
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1920 total points
ID: 24137688
0
 

Author Comment

by:mikey250
ID: 24137846
when i locate the OU ive created and as there is not a permissions to select in the gp policy tab.

I opened up the OU ive created and in there is the "dc1.local", which is my primary domain i created and then I
right click, select properties,
group policy tab
security tab
and in the list it does already show:

Authenticated Users  Read, Apply Group Policy, Special Permissions
Creator Owner  Special Permissions
Domain Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Domain Controllers  Read, Special Permissions
System  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions


although at the moment i am not using GPO's as yet, because it wouldnt work and wouldnt allow me to redirect a users folder to my fileserver!!  i will have to come back to this at a later date.  all the experts ive spoken to with have given me the same advice and ive followed it but this will still not work and they cannot advise on where to start even after doing a: gpupdate /force & gpresult.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1920 total points
ID: 24137876
What exactly are you trying to do? In the question it seemed you were trying to find out where the permissions were.
0
 

Author Comment

by:mikey250
ID: 24137887
i have just looked again at the above and only the "Authenticated Users" has  the box ticked for "Apply Group Policy"!

i have in the passed always used the administrators account, so should it have worked under the category of "Authenticated Users"?

the others have not got "apply gp policy" ticked, although they all have some of the others ticked and the "special permissions".

Creator Owner  Special Permissions
Domain Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Domain Controllers  Read, Special Permissions
System  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1920 total points
ID: 24137913
Does this help? You should always use a domain user account for testing GPOs
0
 

Author Comment

by:mikey250
ID: 24137933
i have been told to check to make sure all the permissions have been allocated to the right places, although I have always used the administrators account anyway.

i have the following:

1 x primary ad win 2003 sp2 & some hotfixes

1 x win 2003 & sp2 and some hotfixes on domain with also exchange 2003, linked to primary dc above and the dns in tcp/ip is also pointing to the above.

i can send email externally from my home domain and exchange server.  i do want to eventually install gpmc and use it but it never worked.  in the end i did a fresh install, as at the time i had my primary dc & exchange on the same pc and this may have caused issues that if i havent the experience to put right, i might go round in circles, which ive been doing for about 2 months now on it.

once ive sorted my email hopefully this week, i will want to redirect my client pc to a fileserver, via the default settings and other stuff and if this works, i will then attempt to install gpmc again and see if i can continue to do stuff.
0
 

Author Comment

by:mikey250
ID: 24137970
ive always used the adminstrators account to configure anything & when logging onto my client pc with admin rights and selecting share, which i DID NOT think i had to do if id already redirected it to the fileserver on my primary dc.  hence logging onto the clien pc via admin account, making what i thought were the correct changes and then logging back on the the client pc back onto the domain, but nothing every changing.
0
 

Author Comment

by:mikey250
ID: 24137999
just to clarify my last paragraph above, after making relevant changes using and admin account, id log back onto client pc with a user account:  corinne which could also log onto the domain, so it obviously had those rights.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1920 total points
ID: 24143764
So, file redirection isn't working then. Have you tried to right-click the My Documents folder and redirecting from there to see if this worked? Also, is the client pointing to the DC for DNS and only the DC?
0
 

Author Comment

by:mikey250
ID: 24147553
this is exactly the instructions ive been following from all experts and it shows  my path pointing to my fileserver.  i havent got it now but in the event viewer it shows its pointing to the right place but does say there is an issue but didnt understand.

of corse the client pc is pointing to the only DC because it is logged onto the domain.

ive attached a screenshot if you wish to look!!
eventviewer-file-server1.doc
0
 

Author Comment

by:mikey250
ID: 24147572
1. no it doesnt work.  i thought file redirection did everything after it was configured, all i had to do was log onto the client pc and everything would be automatically set.  is this true, or is it a case of configure file redirection on server first and do something on the client pc?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1920 total points
ID: 24150112
These are some good post to go through to setup folder redirection.

http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 1920 total points
ID: 24150114
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some time ago I faced the need to use a uniform folder structure that spanned across numerous sites of an enterprise to be used as a common repository for the Software packages of the Configuration Manager 2007 infrastructure. Because the procedu…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question