dcdiag errors
in [Active Directory]
|
Prev: active directory problems"naming information cannot be located because the logon attempt failed "
Next: Domain membership test: Failed
From: Ace Fekay [MVP] on 15 May 2008 00:28 In news:ehnoMtetIHA.4492(a)TK2MSFTNGP02.phx.gbl, Phil Loper <phil(a)nospam-gracelivingcenters.com> typed: > It is just for vpn, and I just installed rras on a member server, > setup just like the existing one. Do you know where I might find a > step by step guide for setting up a RRAS/VPN server on Windows 2000 > Server so that I can make sure I'm not missing something? It has > been a long time since I set the first one up. Thanks! This may help. http://www.windowsnetworking.com/articles_tutorials/w2krras.html What about the DC? Was that connected to the internet or do you have a router? Ace
From: Phil Loper on 16 May 2008 16:01 Ace Fekay [MVP] wrote: > In news:ehnoMtetIHA.4492(a)TK2MSFTNGP02.phx.gbl, > Phil Loper <phil(a)nospam-gracelivingcenters.com> typed: > >> It is just for vpn, and I just installed rras on a member server, >> setup just like the existing one. Do you know where I might find a >> step by step guide for setting up a RRAS/VPN server on Windows 2000 >> Server so that I can make sure I'm not missing something? It has >> been a long time since I set the first one up. Thanks! > > This may help. > http://www.windowsnetworking.com/articles_tutorials/w2krras.html > > What about the DC? Was that connected to the internet or do you have a > router? > > Ace > > We have a pix firewall and a router on the Internet t1's.
From: Ace Fekay [MVP] on 16 May 2008 20:44 In news:OqN2w%234tIHA.3564(a)TK2MSFTNGP03.phx.gbl, Phil Loper <phil(a)nospam-gracelivingcenters.com> typed: > > We have a pix firewall and a router on the Internet t1's. Good. Then simply moving the VPN server to a member server and disabling it on the DC will take care of it. Don't forget to adjust the port map rules to reflect the new location for PPTP. You know you can also use the Cisco PIX VPN service. It's much more secure, especially with using the Cisco client. You can configure it to use AD by using RADIUS. Ace
From: Phil Loper on 19 May 2008 13:28 Ace Fekay [MVP] wrote: > In news:OpW4fmFsIHA.672(a)TK2MSFTNGP02.phx.gbl, > Phil Loper <phil(a)nospam-gracelivingcenters.com> typed: >> There are 2 DCs and 2 DNS servers. DC1 is a DC and a DNS server, DC2 >> is DC only, and the third server I was referring to is DNS only and >> is set up as secondary. Should it be set up differently? My >> problems still exist after making the previous changes and rebooting. >> Thanks! > > If you have two DCs, I would suggest to make the other a DNS server and > eliminate the Secondary on the member server. Numerous benefits. I would > make the partner as the first entry, and itself as the second entry. Same > with the client machines. Make sure updates are allowed on the zone. > Should dc2 be setup as active directory like dc1 or should it be set up as a secondary?
From: Phil Loper on 19 May 2008 13:31
Ace Fekay [MVP] wrote: > In news:OqN2w%234tIHA.3564(a)TK2MSFTNGP03.phx.gbl, > Phil Loper <phil(a)nospam-gracelivingcenters.com> typed: >> We have a pix firewall and a router on the Internet t1's. > > Good. Then simply moving the VPN server to a member server and disabling it > on the DC will take care of it. Don't forget to adjust the port map rules to > reflect the new location for PPTP. You know you can also use the Cisco PIX > VPN service. It's much more secure, especially with using the Cisco client. > You can configure it to use AD by using RADIUS. > > Ace > Finally got the other rras server working. We tried using the pix for vpn, but there were problems with the cisco client not working with the exchange owa. It has been a long time since we tried that, so cisco may have fixed the client by now, so I will look into it. Thanks! |