Add permissions for local workstation client
in [Windows Servers]
|
Prev: new forest domain setup not allowing domain logins
Next: Doesn't file sharing really need "NetBios over TCP" in Win2000/XP?
From: Ace Fekay [MVP-DS, MCT] on 4 Mar 2010 19:50 "Terry" <Terry(a)discussions.microsoft.com> wrote in message news:54E683C0-DC40-42E6-B6D2-FF51B371D339(a)microsoft.com... > Yes, > I selected change location. I could only see the "local" machine not the > entire directory. > > I have a screen shot of the "select" location if needed. > Sure, please post it to a photo sharing site and provide the link here. Also, please post an ipconfig /all from this workstation and of your domain controller. I have a feeling there is a misconfig going on. Please also post any event log errors EventID# and Source names from the workstation and domain controller's event logs. Ace
From: Terry on 5 Mar 2010 06:44 Ace - Thanks for your replys I agree there is something not correct. Since there is no data on the server and only 10 users, I have deceided to re build the system. Thanks again "Ace Fekay [MVP-DS, MCT]" wrote: > "Terry" <Terry(a)discussions.microsoft.com> wrote in message news:54E683C0-DC40-42E6-B6D2-FF51B371D339(a)microsoft.com... > > Yes, > > I selected change location. I could only see the "local" machine not the > > entire directory. > > > > I have a screen shot of the "select" location if needed. > > > > Sure, please post it to a photo sharing site and provide the link here. > > Also, please post an ipconfig /all from this workstation and of your domain controller. I have a feeling there is a misconfig going on. Please also post any event log errors EventID# and Source names from the workstation and domain controller's event logs. > > Ace > > > . >
From: Ace Fekay [MVP-DS, MCT] on 5 Mar 2010 15:48 "Terry" <Terry(a)discussions.microsoft.com> wrote in message news:BAE56E11-AB4F-40F2-AB09-2055788272E5(a)microsoft.com... > Ace - Thanks for your replys > > I agree there is something not correct. Since there is no data on the server > and only 10 users, I have deceided to re build the system. > > Thanks again > Rebuilding it when it could only be a minor setting, is not the normal resolution response. However, if I can't talk you out of it, I wish you luck. It would be better that you can figure out what is going on in order to understand the issue if it reappears in the future. That was why I was asking for ipconfigs. You can rebuild it using the same mis-configurations, still have a problem, and we've learned nothing. -- Ace This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution. Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 Microsoft Certified Trainer Microsoft MVP - Directory Services If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers.
From: Terry on 5 Mar 2010 21:48 Unfortunately my problem still exists; I still cannot add local rights for a domain user. Assuming it was a server problem I re built the server (SBS 2003), configured users and an administrator. Logged on to a local workstation (XP Pro) as a local administrator and joined the new domain just fine. Logged off as administrator and on as a domain user on the workstation without problem. I then logged on as the domain administrator and tried to add the domain user as a local administrator, I could not, again! Again I could not choose users from the domain directory only the local machine. (see image) Still logged on as domain admin I could not see the server or shared folders on the server unless I searched for the server by name. I could ping it by name and IP, all antivirus and firewalls are turned off. So I brought in a workstation (XP Pro) that worked fine on another domain. Joined this problem domain just fine, and added the domain user to the local workstation administrators' just fine. What can be configured wrong on all these existing workstations that I'm not seeing? You can see images here http://eriemetroparks.com/Network/default.html The ipconfig shows for the workstation the IP of 192.168.1.21 subnet of 255.255.255.0 gateway of 192.168.1.1 DNS of 192.168.1.10 72.240.13.5 The server is IP of server 192.168.1.10 subnet of 255.255.255.0 gateway of 192.168.1.1 DNS of 72.240.13.5 209.143.0.0 "Ace Fekay [MVP-DS, MCT]" wrote: > "Terry" <Terry(a)discussions.microsoft.com> wrote in message news:BAE56E11-AB4F-40F2-AB09-2055788272E5(a)microsoft.com... > > Ace - Thanks for your replys > > > > I agree there is something not correct. Since there is no data on the server > > and only 10 users, I have deceided to re build the system. > > > > Thanks again > > > > > Rebuilding it when it could only be a minor setting, is not the normal resolution response. However, if I can't talk you out of it, I wish you luck. It would be better that you can figure out what is going on in order to understand the issue if it reappears in the future. That was why I was asking for ipconfigs. You can rebuild it using the same mis-configurations, still have a problem, and we've learned nothing. > > -- > Ace > > This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. > > Please reply back to the newsgroup or forum for collaboration benefit among responding engineers, and to help others benefit from your resolution. > > Ace Fekay, MVP, MCT, MCITP EA, MCTS Windows 2008 & Exchange 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003 > Microsoft Certified Trainer > Microsoft MVP - Directory Services > > If you feel this is an urgent issue and require immediate assistance, please contact Microsoft PSS directly. Please check http://support.microsoft.com for regional support phone numbers. > . >
From: Ace Fekay [MVP-DS, MCT] on 6 Mar 2010 21:43 "Terry" <Terry(a)discussions.microsoft.com> wrote in message news:29AE2AD2-476C-4A33-A1FE-B3F184567C66(a)microsoft.com... > Unfortunately my problem still exists; I still cannot add local rights for a > domain user. Assuming it was a server problem I re built the server (SBS > 2003), configured users and an administrator. Logged on to a local > workstation (XP Pro) as a local administrator and joined the new domain just > fine. Logged off as administrator and on as a domain user on the workstation > without problem. I then logged on as the domain administrator and tried to > add the domain user as a local administrator, I could not, again! Again I > could not choose users from the domain directory only the local machine. (see > image) Still logged on as domain admin I could not see the server or shared > folders on the server unless I searched for the server by name. I could ping > it by name and IP, all antivirus and firewalls are turned off. > > So I brought in a workstation (XP Pro) that worked fine on another domain. > Joined this problem domain just fine, and added the domain user to the local > workstation administratorsâ just fine. > > What can be configured wrong on all these existing workstations that Iâm not > seeing? > > You can see images here > http://eriemetroparks.com/Network/default.html > > The ipconfig shows for the workstation > > the IP of 192.168.1.21 > subnet of 255.255.255.0 > gateway of 192.168.1.1 > > DNS of 192.168.1.10 > 72.240.13.5 > > The server is > > IP of server 192.168.1.10 > subnet of 255.255.255.0 > gateway of 192.168.1.1 > > DNS of 72.240.13.5 > 209.143.0.0 > Ah, I see the problem. It can't find the domain, that's why. The reason is the workstation is using a DNS IP of 72.240.13.5, which is NOT the SBS server. It is essentially asking the DNS server at 72.240.13.5, "where is my domain controller?" Unfortunately it does not have that answer. WIth the SBS using 72.240.13.5 and 209.143.0.0, it can't even find itself! And that IP 209.143.0.0, is not really an IP, rather is it's a subnet ID. I don't know where you got that IP from. Recommendations to fix everything: 1. Remove all references of 72.240.13.5 and 209.143.0.0. If you are using DHCP, in DHCP console, Scope Option 006, remove those addresses and only show 192.168.1.10. 2. For DNS address, ONLY use 192.168.1.10 on all machines' interfaces. 3. For efficient internet resolution, create a Forwarder. In SBS, DNS console, DNS servername properties, Forwarders Tab, create a Forwarder using 72.240.13.5. If you are not sure how to do this, the following article shows you how. HOW TO Configure DNS for Internet Access in Windows Server 2003 (including how to configure a Forwarder) : http://support.microsoft.com/?id=323380 4. Restart the SBS, then restart your workstations. 5. I assume the SBS only has one NIC. If it has two, it's highly suggested to disable the outer NIC and only use one NIC, and rely on your edge router for internet access and NAT translation. After restarting everything, try your tasks again and report back, please. Ace reconfigure ALL machine
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 Prev: new forest domain setup not allowing domain logins Next: Doesn't file sharing really need "NetBios over TCP" in Win2000/XP? |