Re: exdeploy dsscopescan problem

From: Gary Cooper (gc_at_hrizns.com)
Date: 08/10/04

Next message: Boris Lokhvitsky: "Re: RPC over HTTPS - need help!"
Previous message: Mark Arnold [MVP]: "Re: Exchange Setup for Beginner"
In reply to: confused: "exdeploy dsscopescan problem"
Next in thread: confused: "Re: exdeploy dsscopescan problem"
Reply: confused: "Re: exdeploy dsscopescan problem"
Messages sorted by: [ date ] [ thread ]

Date: Tue, 10 Aug 2004 13:41:36 -0500

Check for name resolution issues. Since you said you can add the account to
the local machine (admin group I assume), then when you look again it can
not resolve the SID, that sounds like that server is not using the same
DNS/WINS services the others are.

"confused" <confused@discussions.microsoft.com> wrote in message
news:A8959FC4-CF71-4976-8512-BE97D12033B5@microsoft.com...
> When trying to run dsscopescan, i get an error that I cannot connect to
> my
> exchange 5.5 server. My setup is as follows:
>
> - two site exchange 5.5 org. 1 server in each site, running 5.5/SP4 on
> winnt4 sp6a
> - windows 2003 forest with empty root domain and four child domains; all
> domains are windows 2000 mixed functional level except the child domain
> that
> includes the exchange server i cannot connect to via exdeploy
> - i am running exdeploy with an enterprise/schema admin account that has
> service admin rights to all exchange site and configuration levels and to
> the
> exchange org object.
> - i can log on locally to the exchange 5.5 server with this account
> - i can run the exdeploy dsscopescan on the 5.5 server in the other site
> successfully
> - when i try to bind to the 5.5 server using ldp.exe and the accounts ldap
> name:
> cn=administrator,cn=lab_domain,cn=admin
> it fails.
> - one last observation - on the 5.5 server, the forest root account i am
> using for exdeploy can be added as a local admin. However, when i reopen
> usrmgr on the local machine, the account in the administrators group says
> 'Account unknown'.
>
> thanks.

Next message: Boris Lokhvitsky: "Re: RPC over HTTPS - need help!"
Previous message: Mark Arnold [MVP]: "Re: Exchange Setup for Beginner"
In reply to: confused: "exdeploy dsscopescan problem"
Next in thread: confused: "Re: exdeploy dsscopescan problem"
Reply: confused: "Re: exdeploy dsscopescan problem"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

PLEASE help: After Changing User Rights can no longer logon on to machine
... local machine has one local user account, ... Admin account. ... account are in the local Admin group. ...
(microsoft.public.win2000.security)
Re: ADAM Service Account
... It provides just sufficient privileges on the local machine (admin is too much), and it also has sufficient permissions in the domain, to be able to register SPNs on the computer account, and to create SCPs. ...
(microsoft.public.windows.server.active_directory)
RE: DCOM Hole Fix Suggestions
... After I log off as me, and log back in as the new local account (the local ... account with the same name as the domain server admin), ... network folder and try to access the server. ... > since I am an administrator on my local machine). ...
(microsoft.public.security)
Re: Exchange 2003 Service Account
... have a 'service account' and it must run in the contxt of the local ... to wipe out the local machine but also to destroy the ad, ... whatever 'best practices' you recommend! ... MS Exchange FAQ at http://www.swinc.com/resource/exch_faq.htm ...
(microsoft.public.exchange.admin)
Re: Delegating Echange Full Admin Roghts
... logged in with an account that has exchange full admin ... admin), and trying to delegate Exchange Full admin rights to your account, ...
(microsoft.public.exchange.admin)