Re: Newbie with a smallbiz2000 installation, check my config?

From: Chad A. Gross [SBS MVP] (chad.gross_at_laytonflower.nospam.com)
Date: 04/14/04

• Next message: Chad Hooper: "IIS Problems with SBS2003"
• Previous message: Chad A. Gross [SBS MVP]: "Re: Newbie with a smallbiz2000 installation, check my config?"
• In reply to: Chad A. Gross [SBS MVP]: "Re: Newbie with a smallbiz2000 installation, check my config?"
• Next in thread: rcunningham8820: "Re: Newbie with a smallbiz2000 installation, check my config?"
• Reply: rcunningham8820: "Re: Newbie with a smallbiz2000 installation, check my config?"
• Messages sorted by: [ date ] [ thread ]

Date: Wed, 14 Apr 2004 02:02:03 -0500

Oops - just realized that we're working with SBS2k here, so no wizard for
redirecting My Documents . . . but that's no biggie, we can still do it via
GPOs . . .

-- 
Chad A. Gross - SBS MVP
SBS ROCKS!
Chad A. Gross [SBS MVP] wrote:
> We're definitely getting close to having all the kinks worked out . .
> .
> As for user profiles, you don't necessarily get a '.domain' behind
> every domain profile.  For example, let's say you have a domain user
> ( john.doe). The first time John logs on to a W2k / XP workstation,
> Windows creates a profile path under Documents & Settings.  It first
> tries to create a folder using just the username (e.g. john.doe) - if
> a folder with that name already exists (maybe a local user with the
> same name, profile from previous domain, etc.), it will then try
> username.domain (e.g. john.doe.company).  If that already exists, it
> will try username.000.  If that exists, it will then try username.001
> and so on until it can create a new unique folder for the profile. So, 
> just because you don't see .domain behind a profile folder
> doesn't mean you don't have a profile for that domain user.  Make
> sense?
> On to shares . . .  Ok, the share you created - did you share an
> existing folder, or create a new folder then share it?  On your
> server, open the properties for this folder, and ensure that you have
> proper permissions both under Share Permissions and under the
> Security tab.  If you don't have necessary permissions under both,
> you won't be able to access the share.
> Adding domain users to workstations:  You don't have to do anything
> special there.  All users have to do is log in.  Granted, the first
> time they log in, they may have to set up Outlook to use Exchange,
> but nothing too difficult by any means . . . :^)
>
> As for roaming profiles, I'm not a big fan of them - especially in
> any sort of mixed environment.  What you can do with SBS2k & SBS2k3
> is to use Folder Redirection instead of Roaming Profiles.  This let's
> you redirect key folders from a user's profile to a location on your
> server.  At a minimum I would recommend redirecting users' My
> Documents folder - for two reasons. 1) this puts their My Documents
> on the server, which means they get backed up with the rest of the
> server every night.  2)  When users do log in on a different PC, they
> still have access to their My Documents folder. Additionally, you can
> also redirect users' Application Data, Startup & Desktop folders as
> well.  SBS2k3 provides a wizard to redirect users' My Documents
> folder - Open Server Management, click on Backup, and on the left is
> a link for "Configure My Documents Redirection".  If you want to
> redirect Application Data, Startup and/or Desktop folders, you'll
> have to do that via Group Policies, but it's pretty straight forward
> . . .
> If you need anything else, just post back.  :^)    HTH!
>
>
> rcunningham8820 wrote:
>> Ok, great I'll ignore those errors, thank you for the article!
>>
>> Yes, the server is now setup with ad, exchange, isa, Symantec
>> Antivirus SBS, Backup Exec!  Everything is working reasonably
>> well...wait, hurry, backup!!!  :O)
>>
>> I'm able to access web and email from the clients fine, (haven't
>> tackled VPN yet).  I'll refrain from accessing the web and such from
>> the server.
>>
>> I'm having another problem but I don't really know what to call it. I 
>> setup a share on the server, gave my domain account full access to
>> it and setup my user account to mount it as M upon login.  That works,
>> drive M:\ shows up in My Computer on my Windows 2000 Pro workstaion
>> but when I double-click the icon it says "M:\ is not accessible".
>> When I explore I notice the user profile under the Documents and
>> Settings folder is not followed by a ".domain". What am I doing
>> wrong? I notice there is a Administrator.xyz profile I'm guessing was
>> created with the SCW disk.  Do you have to run SCW for each user
>> account you add to the computer?  I am logging on to the domain and
>> not local.  Do you have any urls that can tell me the correct way to
>> add domain users/profiles to workstations?  I haven't been able to
>> find anything good.
>>
>> If we are going to have users mainly use one computer and not other
>> computers is there any other benefit to roaming profiles?  The
>> organization will have all Windows 2000 workstations with the
>> acception of a couple XP Pros.
>>
>> I really do appreciate your help Chad, SBS wouldn't rock without you!
>>> O)
>>
>> I hope I've explained where it makes sense!
>>
>>
>> "Chad A. Gross  [SBS MVP]" <chad.gross@laytonflower.nospam.com> wrote
>> in message news:<ezfWnnbIEHA.3720@tk2msftngp13.phx.gbl>...
>>> Ok -
>>>
>>> All of those error can be ignored - that's just SBS tripping over
>>> it's own
>>> feet as it starts up.  (The Exchange services are calling AD during
>>> startup,
>>> but AD hasn't completely loaded yet, since Exchange is running on
>>> our only
>>> DC) . . .
>>> http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322837
>>>
>>> As for running Windows Update from the server, it's usually best to
>>> stop
>>> your Exchange & SQL services first - that will greatly increase your
>>> success
>>> rate and minimize unwanted side-effects.
>>>
>>> As for posting to the newsgroup via the web interface, are you
>>> trying to
>>> post from the server or a workstation?  Best practice is not to
>>> browse from
>>> the server . . .  On a slightly related topic, have you installed
>>> the firewall client on the workstations?  (I'm assuming you have ISA
>>> installed
>>> since you indicated you needed to set the browser to use port 8080)
>>> . . .
>>>
>>> --
>>>
>>> Chad A. Gross - SBS MVP
>>> SBS ROCKS!
>>>
>>> rcunningham8820 wrote:
>>>> Thank you for your help Chad, I'm making some progress.  I've
>>>> reinstalled SBS and tried my best to follow the wizards and the
>>>> docs you referred me to.  I have ISA loaded and plan on using it.  Two
>>>> nics
>>>> in the server, configured one for the internal network and one for
>>>> the
>>>> Interent.  I've got a workstation pulling up web pages through the
>>>> SBS (that was a stupid mistake...client wasn't configured to use
>>>> port 8080).  I've yet to tackle VPN.  I'm getting hung up with some
>>>> services that don't start, the first few messages in event log:
>>>>
>>>> Event Type: Error
>>>> Event Source: MSExchangeDSAccess
>>>> Event Category: Topology
>>>> Event ID: 2104
>>>> Date: 4/13/2004
>>>> Time: 12:25:57 PM
>>>> User: N/A
>>>> Computer: ARMSTRONG1
>>>> Description:
>>>> Process INETINFO.EXE (PID=1516). All the DS Servers in domain are
>>>> not
>>>> responding.
>>>>
>>>> Event Type: Error
>>>> Event Source: MSExchangeDSAccess
>>>> Event Category: Topology
>>>> Event ID: 2102
>>>> Date: 4/13/2004
>>>> Time: 12:26:01 PM
>>>> User: N/A
>>>> Computer: ARMSTRONG1
>>>> Description:
>>>> Process MAD.EXE (PID=1280). All Domain Controller Servers in use
>>>> are not responding:
>>>> armstrong1.armstronginc.local
>>>>
>>>> Event Type: Error
>>>> Event Source: MSExchangeAL
>>>> Event Category: Service Control
>>>> Event ID: 8250
>>>> Date: 4/13/2004
>>>> Time: 12:26:03 PM
>>>> User: N/A
>>>> Computer: ARMSTRONG1
>>>> Description:
>>>> The Win32 API call 'DsGetDCNameW' returned error code [0x862] The
>>>> specified component could not be found in the configuration
>>>> information.  The service could not be initialized.  Make sure that
>>>> the operating system was installed properly.
>>>>
>>>> ...The last error happens 3 times total about 5 seconds apart.
>>>>
>>>> I've tried several "DependOnService" entries but it always seems to
>>>> cause another error.  I've loaded the system enough to know I'm
>>>> making
>>>> the same mistake every time.  When the server comes up and fails, I
>>>> am
>>>> able to start the services then.
>>>>
>>>> Is there anyway to just make a service wait a while before it tries
>>>> to
>>>> start?
>>>>
>>>> On another note, last night I tried to do a windows update and I
>>>> selected all the critical updates except the IE 6 because it "had
>>>> to be done seperately".  The server locked down.  Is there anything
>>>> 'special' I should know about Windows Update?
>>>>
>>>> When posting this message to the newsgroups it told me that the
>>>> page couldn't be found.  Could ISA be blocking the /post page of
>>>> google? Thanks in advance!
>>>>
>>>>
>>>> "Chad A Gross [SBS-MVP]" <chad.gross@laytonflower.nospam.com> wrote
>>>> in message news:<#zcLuTFIEHA.2064@TK2MSFTNGP10.phx.gbl>...
>>>>> MS VPN uses PPTP (Point-to-Point Tunnelling Protocol), which
>>>>> communicates
>>>>> using port 1723.  You will need to ensure that any routers between
>>>>> your
>>>>> server and the remote VPN client allow for GRE packets to be
>>>>> passed.
>>>>> This
>>>>> is usually listed as VPN pass-thru on most routers - on some
>>>>> higher end
>>>>> routers (Cisco's, Netopia's, etc) you will most likely need to
>>>>> enter
>>>>> a
>>>>> routing rule to allow for GRE (protocol 47) packets . . .
>>>>>
>>>>> You can test PPTP VPN functionality using the pptpsvr & pptpclnt
>>>>> utilities
>>>>> found in pptpping from the Windows Resource Kit.  You can download
>>>>> pptpping.zip from Wayne's site:  http://www.sbsfaq.com/Files/
>>>>>
>>>>> --
>>>>> Chad A. Gross  [SBS-MVP]
>>>>>
>>>>> SBS ROCKS!!!
>>>>>
>>>>> "rcunningham8820" <rcunningham8820@yahoo.com> wrote in message
>>>>> news:2de05d67.0404112157.338e6516@posting.google.com...
>>>>>> Thank you for your quick reply.  I'm going to reinstall and do
>>>>>> what
>>>>>> you said maybe I can get it right this time.
>>>>>>
>>>>>> Later, I'll have a remote office with a W2K Pro workstation
>>>>>> connected
>>>>>> to broadband.  I'll want them to be a VPN client connected to
>>>>>> this main office.  Does the MS VPN solution require anything
>>>>>> special with
>>>>>> regards to the ISP or router equipment?  I've seen VPN
>>>>>> passthrough options on routers so I'll bet I've got to do
>>>>>> something there. Are
>>>>>> there any online tools to test VPN capabilities or will I just
>>>>>> have
>>>>>> to
>>>>>> wait until the server is in place?
>>>>>>
>>>>>> Thanks again!
>>>>>>
>>>>>> "Chad A Gross [SBS-MVP]" <chad.gross@laytonflower.nospam.com>
>>>>>> wrote
>>>>>> in
>>>  message news:<#3llVkDIEHA.2676@TK2MSFTNGP10.phx.gbl>...
>>>>>>> First - I'll say right away that I don't like the idea of
>>>>>>> multi-homing
>>>  each
>>>>>>> WS.  That is just going to cause undo headaches.  I personally
>>>>>>> prefer
>>>  using
>>>>>>> a multi-homed SBS, with the Netgear router between the external
>>>>>>> nic on
>>>  the
>>>>>>> SBS & internet connection.
>>>>>>>
>>>>>>> http://www.smallbizserver.net/DesktopDefault.aspx?tabid=52
>>>>>>>
>>>>>>> Alternatively, if you don't want to use ISA (although I
>>>>>>> recommend using
>>>  it),
>>>>>>> you can just attach your SBS to your existing network without
>>>  multi-homing.
>>>>>>> Just be sure to disable DHCP on the router and change it's IP to
>>>>>>> 192.168.16.1  (default IP for an SBS2k is 192.168.16.2).  Then,
>>>>>>> you'll
>>>  just
>>>>>>> need to change the router option in the DHCP scope on your SBS
>>>>>>> to point
>>>  to
>>>>>>> the router's IP . . .   Either way, you life will be much easier
>>>>>>> in the
>>>  long
>>>>>>> run if you don't multi-home the workstations and let the SBS
>>>>>>> handle
>>>  DHCP,
>>>>>>> DNS, etc.
>>>>>>>
>>>>>>> As for setting us SBS itself, use the wizards - they are the
>>>>>>> quickest
>>>  and
>>>>>>> easiest way to ensure a proper configuration.  If the SBS has
>>>>>>> more
>>>>>>> than
>>>  one
>>>>>>> nic, you'll need to manually set the binding order of the nics
>>>>>>> (LAN nic
>>>>>>> should be listed first).  Once you've completed the
>>>>>>> installation,
>>>  complete
>>>>>>> the items in the To Do List in order, and you'll be good to go.
>>>>>>> Make
>>>  sure
>>>>>>> that all clients are pointing to your SBS (and *only* the SBS)
>>>>>>> for
>>>>>>> DNS.
>>>>>>>
>>>>>>> As for ISA - check out
>>>>>>> http://www.smallbizserver.net/DesktopDefault.aspx?tabid=91
>>>>>>>
>>>>>>> --
>>>>>>> Chad A. Gross  [SBS-MVP]
>>>>>>>
>>>>>>> SBS ROCKS!!!
>>>>>>>
>>>>>>> "rcunningham8820" <rcunningham8820@yahoo.com> wrote in message
>>>>>>> news:2de05d67.0404111821.4dd71191@posting.google.com...
>>>>>>>> I've been thrust into a situation where I have to setup a
>>>>>>>> smallbiz2000
>>>>>>>> server, with little time and no training.  Please tell me if
>>>>>>>> there are
>>>>>>>> any errors in my thought or any potiential long term planning
>>>>>>>> issues
>>>>>>>> with the say I plan on doing this?  TIA, here is my proposed
>>>>>>>> configuration:
>>>>>>>>
>>>>>>>> Existing is 13 Windows 2000 Professional workstations (with MS
>>>>>>>> Office
>>>>>>>> XP Pro and Outlook) configured to the Internet through a
>>>>>>>> broadband
>>>>>>>> gateway (NetGear or something like it) who's ip is 192.168.1.1
>>>>>>>> and all
>>>>>>>> the clients are DHCP.
>>>>>>>>
>>>>>>>> I've had numerous troubles with installing smallbiz2000.
>>>>>>>> Configuring
>>>>>>>> ISA was the straw that broke my back, so I thought my easiest
>>>>>>>> solution
>>>>>>>> was a multihomed network configuration.  Each workstation's NIC
>>>>>>>> will
>>>>>>>> be configured with two ip addresses one on the gateway's subnet
>>>>>>>> and
>>>>>>>> one for the subnet that the server is on.  I'll configure the
>>>>>>>> server
>>>>>>>> with an ip 10.0.0.100 (I'm using 10.0.0.100 only because on the
>>>>>>>> 192.168.1.x network it is .100 also)
>>>>>>>>
>>>>>>>> The smallbiz2000 server will be Active Directory enabled,
>>>>>>>> running
>>>>>>>> Exchange Server (full schedule, task, contact sharing, etc.)
>>>>>>>> and Network fax and file sharing.
>>>>>>>>
>>>>>>>> I've set this configuration up on a lab setting and everything
>>>>>>>> seems
>>>>>>>> to work fine.  I'm concerned with two issues down the line.
>>>>>>>> First
>>>>>>>> question/issue, we're going to want VPN so can I add say a
>>>>>>>> linksys
>>>>>>>> BEFVP41 at this location and one at a remote location with a
>>>>>>>> W2K Pro
>>>>>>>> workstation without any issues?  The other question/issue is if
>>>>>>>> the
>>>>>>>> workstations will reliably be able to see the server for Active
>>>>>>>> Directory issues. Is this config ok?  Any help is greatly
>>>>>>>> appreciated! 

• Next message: Chad Hooper: "IIS Problems with SBS2003"
• Previous message: Chad A. Gross [SBS MVP]: "Re: Newbie with a smallbiz2000 installation, check my config?"
• In reply to: Chad A. Gross [SBS MVP]: "Re: Newbie with a smallbiz2000 installation, check my config?"
• Next in thread: rcunningham8820: "Re: Newbie with a smallbiz2000 installation, check my config?"
• Reply: rcunningham8820: "Re: Newbie with a smallbiz2000 installation, check my config?"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint