Re: Newbie with a smallbiz2000 installation, check my config?

From: Chad A. Gross [SBS MVP] (chad.gross_at_laytonflower.nospam.com)
Date: 04/14/04 

Date: Wed, 14 Apr 2004 02:02:03 -0500

Oops - just realized that we're working with SBS2k here, so no wizard for
redirecting My Documents . . . but that's no biggie, we can still do it via
GPOs . . . 

-- 
Chad A. Gross - SBS MVP
SBS ROCKS!
Chad A. Gross [SBS MVP] wrote:
> We're definitely getting close to having all the kinks worked out . .
> .
> As for user profiles, you don't necessarily get a '.domain' behind
> every domain profile.  For example, let's say you have a domain user
> ( john.doe). The first time John logs on to a W2k / XP workstation,
> Windows creates a profile path under Documents & Settings.  It first
> tries to create a folder using just the username (e.g. john.doe) - if
> a folder with that name already exists (maybe a local user with the
> same name, profile from previous domain, etc.), it will then try
> username.domain (e.g. john.doe.company).  If that already exists, it
> will try username.000.  If that exists, it will then try username.001
> and so on until it can create a new unique folder for the profile. So, 
> just because you don't see .domain behind a profile folder
> doesn't mean you don't have a profile for that domain user.  Make
> sense?
> On to shares . . .  Ok, the share you created - did you share an
> existing folder, or create a new folder then share it?  On your
> server, open the properties for this folder, and ensure that you have
> proper permissions both under Share Permissions and under the
> Security tab.  If you don't have necessary permissions under both,
> you won't be able to access the share.
> Adding domain users to workstations:  You don't have to do anything
> special there.  All users have to do is log in.  Granted, the first
> time they log in, they may have to set up Outlook to use Exchange,
> but nothing too difficult by any means . . . :^)
>
> As for roaming profiles, I'm not a big fan of them - especially in
> any sort of mixed environment.  What you can do with SBS2k & SBS2k3
> is to use Folder Redirection instead of Roaming Profiles.  This let's
> you redirect key folders from a user's profile to a location on your
> server.  At a minimum I would recommend redirecting users' My
> Documents folder - for two reasons. 1) this puts their My Documents
> on the server, which means they get backed up with the rest of the
> server every night.  2)  When users do log in on a different PC, they
> still have access to their My Documents folder. Additionally, you can
> also redirect users' Application Data, Startup & Desktop folders as
> well.  SBS2k3 provides a wizard to redirect users' My Documents
> folder - Open Server Management, click on Backup, and on the left is
> a link for "Configure My Documents Redirection".  If you want to
> redirect Application Data, Startup and/or Desktop folders, you'll
> have to do that via Group Policies, but it's pretty straight forward
> . . .
> If you need anything else, just post back.  :^)    HTH!
>
>
> rcunningham8820 wrote:
>> Ok, great I'll ignore those errors, thank you for the article!
>>
>> Yes, the server is now setup with ad, exchange, isa, Symantec
>> Antivirus SBS, Backup Exec!  Everything is working reasonably
>> well...wait, hurry, backup!!!  :O)
>>
>> I'm able to access web and email from the clients fine, (haven't
>> tackled VPN yet).  I'll refrain from accessing the web and such from
>> the server.
>>
>> I'm having another problem but I don't really know what to call it. I 
>> setup a share on the server, gave my domain account full access to
>> it and setup my user account to mount it as M upon login.  That works,
>> drive M:\ shows up in My Computer on my Windows 2000 Pro workstaion
>> but when I double-click the icon it says "M:\ is not accessible".
>> When I explore I notice the user profile under the Documents and
>> Settings folder is not followed by a ".domain". What am I doing
>> wrong? I notice there is a Administrator.xyz profile I'm guessing was
>> created with the SCW disk.  Do you have to run SCW for each user
>> account you add to the computer?  I am logging on to the domain and
>> not local.  Do you have any urls that can tell me the correct way to
>> add domain users/profiles to workstations?  I haven't been able to
>> find anything good.
>>
>> If we are going to have users mainly use one computer and not other
>> computers is there any other benefit to roaming profiles?  The
>> organization will have all Windows 2000 workstations with the
>> acception of a couple XP Pros.
>>
>> I really do appreciate your help Chad, SBS wouldn't rock without you!
>>> O)
>>
>> I hope I've explained where it makes sense!
>>
>>
>> "Chad A. Gross  [SBS MVP]" <chad.gross@laytonflower.nospam.com> wrote
>> in message news:<ezfWnnbIEHA.3720@tk2msftngp13.phx.gbl>...
>>> Ok -
>>>
>>> All of those error can be ignored - that's just SBS tripping over
>>> it's own
>>> feet as it starts up.  (The Exchange services are calling AD during
>>> startup,
>>> but AD hasn't completely loaded yet, since Exchange is running on
>>> our only
>>> DC) . . .
>>> http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322837
>>>
>>> As for running Windows Update from the server, it's usually best to
>>> stop
>>> your Exchange & SQL services first - that will greatly increase your
>>> success
>>> rate and minimize unwanted side-effects.
>>>
>>> As for posting to the newsgroup via the web interface, are you
>>> trying to
>>> post from the server or a workstation?  Best practice is not to
>>> browse from
>>> the server . . .  On a slightly related topic, have you installed
>>> the firewall client on the workstations?  (I'm assuming you have ISA
>>> installed
>>> since you indicated you needed to set the browser to use port 8080)
>>> . . .
>>>
>>> --
>>>
>>> Chad A. Gross - SBS MVP
>>> SBS ROCKS!
>>>
>>> rcunningham8820 wrote:
>>>> Thank you for your help Chad, I'm making some progress.  I've
>>>> reinstalled SBS and tried my best to follow the wizards and the
>>>> docs you referred me to.  I have ISA loaded and plan on using it.  Two
>>>> nics
>>>> in the server, configured one for the internal network and one for
>>>> the
>>>> Interent.  I've got a workstation pulling up web pages through the
>>>> SBS (that was a stupid mistake...client wasn't configured to use
>>>> port 8080).  I've yet to tackle VPN.  I'm getting hung up with some
>>>> services that don't start, the first few messages in event log:
>>>>
>>>> Event Type: Error
>>>> Event Source: MSExchangeDSAccess
>>>> Event Category: Topology
>>>> Event ID: 2104
>>>> Date: 4/13/2004
>>>> Time: 12:25:57 PM
>>>> User: N/A
>>>> Computer: ARMSTRONG1
>>>> Description:
>>>> Process INETINFO.EXE (PID=1516). All the DS Servers in domain are
>>>> not
>>>> responding.
>>>>
>>>> Event Type: Error
>>>> Event Source: MSExchangeDSAccess
>>>> Event Category: Topology
>>>> Event ID: 2102
>>>> Date: 4/13/2004
>>>> Time: 12:26:01 PM
>>>> User: N/A
>>>> Computer: ARMSTRONG1
>>>> Description:
>>>> Process MAD.EXE (PID=1280). All Domain Controller Servers in use
>>>> are not responding:
>>>> armstrong1.armstronginc.local
>>>>
>>>> Event Type: Error
>>>> Event Source: MSExchangeAL
>>>> Event Category: Service Control
>>>> Event ID: 8250
>>>> Date: 4/13/2004
>>>> Time: 12:26:03 PM
>>>> User: N/A
>>>> Computer: ARMSTRONG1
>>>> Description:
>>>> The Win32 API call 'DsGetDCNameW' returned error code [0x862] The
>>>> specified component could not be found in the configuration
>>>> information.  The service could not be initialized.  Make sure that
>>>> the operating system was installed properly.
>>>>
>>>> ...The last error happens 3 times total about 5 seconds apart.
>>>>
>>>> I've tried several "DependOnService" entries but it always seems to
>>>> cause another error.  I've loaded the system enough to know I'm
>>>> making
>>>> the same mistake every time.  When the server comes up and fails, I
>>>> am
>>>> able to start the services then.
>>>>
>>>> Is there anyway to just make a service wait a while before it tries
>>>> to
>>>> start?
>>>>
>>>> On another note, last night I tried to do a windows update and I
>>>> selected all the critical updates except the IE 6 because it "had
>>>> to be done seperately".  The server locked down.  Is there anything
>>>> 'special' I should know about Windows Update?
>>>>
>>>> When posting this message to the newsgroups it told me that the
>>>> page couldn't be found.  Could ISA be blocking the /post page of
>>>> google? Thanks in advance!
>>>>
>>>>
>>>> "Chad A Gross [SBS-MVP]" <chad.gross@laytonflower.nospam.com> wrote
>>>> in message news:<#zcLuTFIEHA.2064@TK2MSFTNGP10.phx.gbl>...
>>>>> MS VPN uses PPTP (Point-to-Point Tunnelling Protocol), which
>>>>> communicates
>>>>> using port 1723.  You will need to ensure that any routers between
>>>>> your
>>>>> server and the remote VPN client allow for GRE packets to be
>>>>> passed.
>>>>> This
>>>>> is usually listed as VPN pass-thru on most routers - on some
>>>>> higher end
>>>>> routers (Cisco's, Netopia's, etc) you will most likely need to
>>>>> enter
>>>>> a
>>>>> routing rule to allow for GRE (protocol 47) packets . . .
>>>>>
>>>>> You can test PPTP VPN functionality using the pptpsvr & pptpclnt
>>>>> utilities
>>>>> found in pptpping from the Windows Resource Kit.  You can download
>>>>> pptpping.zip from Wayne's site:  http://www.sbsfaq.com/Files/
>>>>>
>>>>> --
>>>>> Chad A. Gross  [SBS-MVP]
>>>>>
>>>>> SBS ROCKS!!!
>>>>>
>>>>> "rcunningham8820" <rcunningham8820@yahoo.com> wrote in message
>>>>> news:2de05d67.0404112157.338e6516@posting.google.com...
>>>>>> Thank you for your quick reply.  I'm going to reinstall and do
>>>>>> what
>>>>>> you said maybe I can get it right this time.
>>>>>>
>>>>>> Later, I'll have a remote office with a W2K Pro workstation
>>>>>> connected
>>>>>> to broadband.  I'll want them to be a VPN client connected to
>>>>>> this main office.  Does the MS VPN solution require anything
>>>>>> special with
>>>>>> regards to the ISP or router equipment?  I've seen VPN
>>>>>> passthrough options on routers so I'll bet I've got to do
>>>>>> something there. Are
>>>>>> there any online tools to test VPN capabilities or will I just
>>>>>> have
>>>>>> to
>>>>>> wait until the server is in place?
>>>>>>
>>>>>> Thanks again!
>>>>>>
>>>>>> "Chad A Gross [SBS-MVP]" <chad.gross@laytonflower.nospam.com>
>>>>>> wrote
>>>>>> in
>>>  message news:<#3llVkDIEHA.2676@TK2MSFTNGP10.phx.gbl>...
>>>>>>> First - I'll say right away that I don't like the idea of
>>>>>>> multi-homing
>>>  each
>>>>>>> WS.  That is just going to cause undo headaches.  I personally
>>>>>>> prefer
>>>  using
>>>>>>> a multi-homed SBS, with the Netgear router between the external
>>>>>>> nic on
>>>  the
>>>>>>> SBS & internet connection.
>>>>>>>
>>>>>>> http://www.smallbizserver.net/DesktopDefault.aspx?tabid=52
>>>>>>>
>>>>>>> Alternatively, if you don't want to use ISA (although I
>>>>>>> recommend using
>>>  it),
>>>>>>> you can just attach your SBS to your existing network without
>>>  multi-homing.
>>>>>>> Just be sure to disable DHCP on the router and change it's IP to
>>>>>>> 192.168.16.1  (default IP for an SBS2k is 192.168.16.2).  Then,
>>>>>>> you'll
>>>  just
>>>>>>> need to change the router option in the DHCP scope on your SBS
>>>>>>> to point
>>>  to
>>>>>>> the router's IP . . .   Either way, you life will be much easier
>>>>>>> in the
>>>  long
>>>>>>> run if you don't multi-home the workstations and let the SBS
>>>>>>> handle
>>>  DHCP,
>>>>>>> DNS, etc.
>>>>>>>
>>>>>>> As for setting us SBS itself, use the wizards - they are the
>>>>>>> quickest
>>>  and
>>>>>>> easiest way to ensure a proper configuration.  If the SBS has
>>>>>>> more
>>>>>>> than
>>>  one
>>>>>>> nic, you'll need to manually set the binding order of the nics
>>>>>>> (LAN nic
>>>>>>> should be listed first).  Once you've completed the
>>>>>>> installation,
>>>  complete
>>>>>>> the items in the To Do List in order, and you'll be good to go.
>>>>>>> Make
>>>  sure
>>>>>>> that all clients are pointing to your SBS (and *only* the SBS)
>>>>>>> for
>>>>>>> DNS.
>>>>>>>
>>>>>>> As for ISA - check out
>>>>>>> http://www.smallbizserver.net/DesktopDefault.aspx?tabid=91
>>>>>>>
>>>>>>> --
>>>>>>> Chad A. Gross  [SBS-MVP]
>>>>>>>
>>>>>>> SBS ROCKS!!!
>>>>>>>
>>>>>>> "rcunningham8820" <rcunningham8820@yahoo.com> wrote in message
>>>>>>> news:2de05d67.0404111821.4dd71191@posting.google.com...
>>>>>>>> I've been thrust into a situation where I have to setup a
>>>>>>>> smallbiz2000
>>>>>>>> server, with little time and no training.  Please tell me if
>>>>>>>> there are
>>>>>>>> any errors in my thought or any potiential long term planning
>>>>>>>> issues
>>>>>>>> with the say I plan on doing this?  TIA, here is my proposed
>>>>>>>> configuration:
>>>>>>>>
>>>>>>>> Existing is 13 Windows 2000 Professional workstations (with MS
>>>>>>>> Office
>>>>>>>> XP Pro and Outlook) configured to the Internet through a
>>>>>>>> broadband
>>>>>>>> gateway (NetGear or something like it) who's ip is 192.168.1.1
>>>>>>>> and all
>>>>>>>> the clients are DHCP.
>>>>>>>>
>>>>>>>> I've had numerous troubles with installing smallbiz2000.
>>>>>>>> Configuring
>>>>>>>> ISA was the straw that broke my back, so I thought my easiest
>>>>>>>> solution
>>>>>>>> was a multihomed network configuration.  Each workstation's NIC
>>>>>>>> will
>>>>>>>> be configured with two ip addresses one on the gateway's subnet
>>>>>>>> and
>>>>>>>> one for the subnet that the server is on.  I'll configure the
>>>>>>>> server
>>>>>>>> with an ip 10.0.0.100 (I'm using 10.0.0.100 only because on the
>>>>>>>> 192.168.1.x network it is .100 also)
>>>>>>>>
>>>>>>>> The smallbiz2000 server will be Active Directory enabled,
>>>>>>>> running
>>>>>>>> Exchange Server (full schedule, task, contact sharing, etc.)
>>>>>>>> and Network fax and file sharing.
>>>>>>>>
>>>>>>>> I've set this configuration up on a lab setting and everything
>>>>>>>> seems
>>>>>>>> to work fine.  I'm concerned with two issues down the line.
>>>>>>>> First
>>>>>>>> question/issue, we're going to want VPN so can I add say a
>>>>>>>> linksys
>>>>>>>> BEFVP41 at this location and one at a remote location with a
>>>>>>>> W2K Pro
>>>>>>>> workstation without any issues?  The other question/issue is if
>>>>>>>> the
>>>>>>>> workstations will reliably be able to see the server for Active
>>>>>>>> Directory issues. Is this config ok?  Any help is greatly
>>>>>>>> appreciated!

Relevant Pages

  • Re: Newbie with a smallbiz2000 installation, check my config?
    ... profile path under Documents & Settings. ... It first tries to create a folder ... folders from a user's profile to a location on your server. ... Chad A. Gross - SBS MVP ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: SBS 2003 "My Documents" redirection failure
    ... Ask all computers to redirect the folder ... Run gpupdate on the server and clients. ... Logoff and logon the users on the client computers. ...
    (microsoft.public.windows.server.sbs)
  • RE: need to migrate a older win 2003 srvr sbs to newer one
    ... as I assume I should reading upon Windows Server 2003 inside out book. ... there are three method to move the SBS 2k3 to new ... Also check the path of the public folder database ... Another way is to create a local profile, ...
    (microsoft.public.windows.server.migration)
  • Re: Windows Server 2003 Service Pack 1 will not install
    ... Microsoft CSS Online Newsgroup Support ... Open Server Management. ... <of the public folder database files. ... <domain to the new SBS 2003 installation, way is to create a local profile, ...
    (microsoft.public.windows.server.sbs)
  • RE: Third Request - Exchange will not install
    ... if you want to move the Windows Small Business Server ... Also check the path of the public folder database ... Another way is to create a local profile, ...
    (microsoft.public.windows.server.sbs)