Solved

WIN 2003 STANDARD SERVER ON DOMAIN

Posted on 2009-04-12
19
205 Views
Last Modified: 2013-11-11
1. where exactly do i go to check:?

- Domain controllers have the read and apply rights to the Domain Controllers Policy.
- NTFS file system permissions and share permissions are set correctly on the Sysvol share.
0
Comment
Question by:mikey250
  • 10
  • 8
19 Comments
 
LVL 9

Assisted Solution

by:bharrington83
bharrington83 earned 20 total points
ID: 24125763
What exactly do you want to check?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 480 total points
ID: 24126400
Right-click the domain controllers OU go to the Group Policy tab click the permissions button this is where you check. If you have GP Management installed you will need to check the permissions there.
0
 

Author Comment

by:mikey250
ID: 24133093
1. what about sys vol share, i cant seem to find what im looking for?
0
 
LVL 59

Accepted Solution

by:
Darius Ghassem earned 480 total points
ID: 24134046
Go to the Run \\127.0.0.1 then check permissions. Go to C: to see the SYSVOL folder.
0
 

Author Comment

by:mikey250
ID: 24135964
1. Yes i can see, but what exactly should i be looking at?
0
 

Author Comment

by:mikey250
ID: 24135994
hi,  as i have not installed gpmc  all i see after doing:

Right-click the domain controllers OU go to the Group Policy tab click the permissions button this is where you check. If you have GP Management installed you will need to check the permissions there.

- is yes the gp policy tab, but no permissions in there although everything else is dimmed out anyway unless i select new, but either way no permissions tab or button is on win 2003.

- dont know if it shows it on nt 4 or win 2000!  so im assuming it is set to a default setting as nothing is in the list for gp policies either!
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 480 total points
ID: 24137688
0
 

Author Comment

by:mikey250
ID: 24137846
when i locate the OU ive created and as there is not a permissions to select in the gp policy tab.

I opened up the OU ive created and in there is the "dc1.local", which is my primary domain i created and then I
right click, select properties,
group policy tab
security tab
and in the list it does already show:

Authenticated Users  Read, Apply Group Policy, Special Permissions
Creator Owner  Special Permissions
Domain Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Domain Controllers  Read, Special Permissions
System  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions


although at the moment i am not using GPO's as yet, because it wouldnt work and wouldnt allow me to redirect a users folder to my fileserver!!  i will have to come back to this at a later date.  all the experts ive spoken to with have given me the same advice and ive followed it but this will still not work and they cannot advise on where to start even after doing a: gpupdate /force & gpresult.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 480 total points
ID: 24137876
What exactly are you trying to do? In the question it seemed you were trying to find out where the permissions were.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:mikey250
ID: 24137887
i have just looked again at the above and only the "Authenticated Users" has  the box ticked for "Apply Group Policy"!

i have in the passed always used the administrators account, so should it have worked under the category of "Authenticated Users"?

the others have not got "apply gp policy" ticked, although they all have some of the others ticked and the "special permissions".

Creator Owner  Special Permissions
Domain Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Administrators  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
Enterprise Domain Controllers  Read, Special Permissions
System  Read, Write, Create All Child Objects, Delete All Child Objects, Special Permissions
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 480 total points
ID: 24137913
Does this help? You should always use a domain user account for testing GPOs
0
 

Author Comment

by:mikey250
ID: 24137933
i have been told to check to make sure all the permissions have been allocated to the right places, although I have always used the administrators account anyway.

i have the following:

1 x primary ad win 2003 sp2 & some hotfixes

1 x win 2003 & sp2 and some hotfixes on domain with also exchange 2003, linked to primary dc above and the dns in tcp/ip is also pointing to the above.

i can send email externally from my home domain and exchange server.  i do want to eventually install gpmc and use it but it never worked.  in the end i did a fresh install, as at the time i had my primary dc & exchange on the same pc and this may have caused issues that if i havent the experience to put right, i might go round in circles, which ive been doing for about 2 months now on it.

once ive sorted my email hopefully this week, i will want to redirect my client pc to a fileserver, via the default settings and other stuff and if this works, i will then attempt to install gpmc again and see if i can continue to do stuff.
0
 

Author Comment

by:mikey250
ID: 24137970
ive always used the adminstrators account to configure anything & when logging onto my client pc with admin rights and selecting share, which i DID NOT think i had to do if id already redirected it to the fileserver on my primary dc.  hence logging onto the clien pc via admin account, making what i thought were the correct changes and then logging back on the the client pc back onto the domain, but nothing every changing.
0
 

Author Comment

by:mikey250
ID: 24137999
just to clarify my last paragraph above, after making relevant changes using and admin account, id log back onto client pc with a user account:  corinne which could also log onto the domain, so it obviously had those rights.
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 480 total points
ID: 24143764
So, file redirection isn't working then. Have you tried to right-click the My Documents folder and redirecting from there to see if this worked? Also, is the client pointing to the DC for DNS and only the DC?
0
 

Author Comment

by:mikey250
ID: 24147553
this is exactly the instructions ive been following from all experts and it shows  my path pointing to my fileserver.  i havent got it now but in the event viewer it shows its pointing to the right place but does say there is an issue but didnt understand.

of corse the client pc is pointing to the only DC because it is logged onto the domain.

ive attached a screenshot if you wish to look!!
eventviewer-file-server1.doc
0
 

Author Comment

by:mikey250
ID: 24147572
1. no it doesnt work.  i thought file redirection did everything after it was configured, all i had to do was log onto the client pc and everything would be automatically set.  is this true, or is it a case of configure file redirection on server first and do something on the client pc?
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 480 total points
ID: 24150112
These are some good post to go through to setup folder redirection.

http://www.windowsnetworking.com/articles_tutorials/Profile-Folder-Redirection-Windows-Server-2003.html
0
 
LVL 59

Assisted Solution

by:Darius Ghassem
Darius Ghassem earned 480 total points
ID: 24150114
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Welcome to my series of short tips on migrations. Whilst based on Microsoft migrations the same principles can be applied to any type of migration. My first tip Migration Tip #1 – Source Server Health can be found listed in my profile here: http:…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now