RE: Disaster Recovery Exchange 2K with Win2K A D

  • From: Calderón Vilches Luis Daniel <Daniel@xxxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Thu, 12 Feb 2004 18:04:56 -0500

Definitevely it's not a GPO. I've already checked that.
The problem it's the same in any machine.
I have other symptoms like this: A user newly created user account can´t logon 
on any machine of the domain except for the domain controller (previously 
changing the user rights assignment).
I've also discarded name resolution problem.
As I mention, I run dcdiag.exe and it fails on the Fsmocheck part.

Anyway, I didn´t know about associating accounts.
I am reading a paper about that right now.

Thank you very much for the info!

Daniel.

> -----Original Message-----
> From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx] 
> Sent: Thursday, February 12, 2004 17:50
> To: [ExchangeList]
> Subject: [exchangelist] RE: Disaster Recovery Exchange 2K 
> with Win2K A D
> 
> 
> http://www.MSExchange.org/
> 
> Are you sure it's not maybe a GPO or something wrong with the 
> particular
> client?  
> 
> Your other question asks if you can associate the account with the new
> accounts even though the sID is different (after a rebuild).  
> The sID has
> nothing to do with it.  You can associate a mail store with 
> just about any
> user object with few exceptions.  It might be a pain if you 
> have more than
> 50 to do this with, but you can do it.  You'll want to have a 
> list of these
> prior to getting rid of the old ones (LDIFDE or VBS are good 
> tools for this)
> so you can match it later.
> 
> I just can't help but think that you have something wrong 
> that may not be
> fixed by re-building.  It may not require that.
> 
> Al
> 
> 
> 
> -----Original Message-----
> From: Calderón Vilches Luis Daniel [mailto:Daniel@xxxxxxxxxxxx] 
> Sent: Thursday, February 12, 2004 4:12 PM
> To: [ExchangeList]
> Subject: [exchangelist] RE: Disaster Recovery Exchange 2K 
> with Win2K AD
> 
> 
> http://www.MSExchange.org/
> 
> Thanks Al!!
> 
> I will answer with an example of my problem:
> If I run the AD tools locally on the server, I can add users, 
> groups and
> computers. But when I tried to access these objects from a client, by
> example set NTFS permissions on a share, I can´t get the 
> users list from the
> domain controller.
> 
> I'm afraid that is something wrong with the PDC emulator 
> role. So, I can´t
> add domain controllers.
> 
> Daniel
> 
> > -----Original Message-----
> > From: Mulnick, Al [mailto:Al.Mulnick@xxxxxxxxxx]
> > Sent: Thursday, February 12, 2004 15:23
> > To: [ExchangeList]
> > Subject: [exchangelist] RE: Disaster Recovery Exchange 2K 
> > with Win2K AD
> > 
> > 
> > http://www.MSExchange.org/
> > 
> > If you think the problem is just the machine locally, try
> > installing a new
> > DC into the mix and transferring the roles to it once stable. 
> >  If you still
> > have the problem, then keeping the Active Directory as is may 
> > not be an
> > option for you or you may have other issues that would show 
> > up in the event
> > log. 
> > 
> > If you are unable to install additional computer objects,
> > then you likely
> > can't add user objects either.  Is that right? If so, it's 
> > likely a role
> > master issue that you're having.  Restoring system state and 
> > databases etc
> > will restore the Active Directory exactly like it is for that 
> > point in time.
> > That might not be a good idea given what you described.  
> > 
> > 
> > 
> > 
> > Al
> > 
> > -----Original Message-----
> > From: Calderón Vilches Luis Daniel [mailto:Daniel@xxxxxxxxxxxx]
> > Sent: Thursday, February 12, 2004 10:31 AM
> > To: [ExchangeList]
> > Subject: [exchangelist] Disaster Recovery Exchange 2K with Win2K AD
> > 
> > 
> > http://www.MSExchange.org/
> > 
> > Hi everybody,
> > 
> > This is my first time in the list, so I hope you could give
> > me more ideas.
> > 
> > Have the following environment:
> > 
> > A Win2k DC which also is Exchange2K server, this is the
> > lonely server in the
> > organization, I call it THE server.
> > 
> > This DC has problems with some FSMO roles with impact on the
> > end users:
> > things like we can not add more machines to the domain. 
> > However, the AD
> > tools run ok, even I can add users or groups to the domain, 
> > only if I run it
> > locally on the server, of course. I have received the 
> server with this
> > problems from a previous administration.
> > 
> > The thing is: I want to reinstall the server.
> > BUT I have this problems:
> > - I need to preserve the AD accounts in order to associate
> > them with their
> > mailboxes once I have restored the exchange services.
> > - I think that a System State backup of the server will preserve the
> > accounts, BUT maybe also preserve the misconfigurations I described.
> > 
> > Has anybody experienced with a similar situation??
> > Any suggestions will be well received.
> > 10xs!!!
> > 
> > Daniel
> > 
> > ------------------------------------------------------
> > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?> enter=exchangelist
> > 
> > Exchange Newsletters:
> > http://www.msexchange.org/pages/newsletter.asp
> > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: 
> > http://www.serverfiles.com No.1 ISA
> > Server Resource Site: 
> > http://www.isaserver.org Windows Security Resource
> > Site: http://www.windowsecurity.com/ Network Security Library:
> > http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> > http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > 
> > ------------------------------------------------------
> > List Archives:
> > http://www.webelists.com/cgi/lyris.pl?> enter=exchangelist
> > 
> > Exchange Newsletters:
> > http://www.msexchange.org/pages/newsletter.asp
> > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 ISA Server Resource Site: http://www.isaserver.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > 
> > 
> 
> ------------------------------------------------------
> List Archives: 
> http://www.webelists.com/cgi/lyris.pl?> enter=exchangelist
> 
> Exchange Newsletters: 
> http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: 
> http://www.serverfiles.com No.1 ISA
> Server Resource Site: 
> http://www.isaserver.org Windows Security Resource
> Site: http://www.windowsecurity.com/ Network Security Library:
> http://www.secinf.net/ Windows 2000/NT Fax Solutions:
> http://www.ntfaxfaq.com
> ------------------------------------------------------
> 
> ------------------------------------------------------
> List Archives: 
> http://www.webelists.com/cgi/lyris.pl?> enter=exchangelist
> 
> Exchange Newsletters: 
> http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> 
> 


Other related posts: