Re: Account Identifier Pool

From: IOC_MartinConrad (IOCMartinConrad_at_discussions.microsoft.com)
Date: 09/14/04 

Date: Tue, 14 Sep 2004 07:31:14 -0700

Chris,
           One of the DC's I have listed doesn't exist anymore...how do I
remove it from AD?

Thanks.

"Chriss3 [MVP]" wrote:

> We have a DC that is an emergency redundant that is normally.
> powered down, You should never have Domain Controllers in the Directory
> Service that's not up and running like the reason redundancy, instead make a
> good recovery plan.
>
> --
> Regards
> Christoffer Andersson
> Microsoft MVP - Directory Services
>
> No email replies please - reply in the newsgroup
> ------------------------------------------------
> http://www.chrisse.se - Active Directory Tips
>
> "IOC_MartinConrad" <IOCMartinConrad@discussions.microsoft.com> skrev i
> meddelandet news:CC22F380-2DF7-4066-A702-231BB7873556@microsoft.com...
> > Chris,
> > Actually, we have a DC that is an emergency redundant that is normally
> > powered down, and anothe that no longer exists but has not been removed
> > from
> > AD. Could this be the reason?
> >
> > Thanks.
> > "Chriss3 [MVP]" wrote:
> >
> >> Sorry for delay of replay.
> >> You may have broken computer accounts between DCs, is replication fine?
> >>
> >> --
> >> Regards
> >> Christoffer Andersson
> >> Microsoft MVP - Directory Services
> >>
> >> No email replies please - reply in the newsgroup
> >> ------------------------------------------------
> >> http://www.chrisse.se - Active Directory Tips
> >>
> >> "IOC_MartinConrad" <IOCMartinConrad@discussions.microsoft.com> skrev i
> >> meddelandet news:383FF942-2DCC-4B82-90B0-35C23FF6FC00@microsoft.com...
> >> > Christoffer,
> >> > I have seen this article. I do not get the error that is in the
> >> > article's
> >> > title, and in addition to this, when I run the Ridmanager test in
> >> > DCDiag,
> >> > the
> >> > server passes the test. In this light, what could these log entries
> >> > mean?
> >> >
> >> > Thanks.
> >> >
> >> > "Chriss3 [MVP]" wrote:
> >> >
> >> >> Have a look in to this KB
> >> >> http://support.microsoft.com/?kbid=839879
> >> >>
> >> >> --
> >> >> Regards
> >> >> Christoffer Andersson
> >> >> Microsoft MVP - Directory Services
> >> >>
> >> >> No email replies please - reply in the newsgroup
> >> >> ------------------------------------------------
> >> >> http://www.chrisse.se - Active Directory Tips
> >> >>
> >> >> "IOC_MartinConrad" <IOC_MartinConrad@discussions.microsoft.com> skrev
> >> >> i
> >> >> meddelandet news:9933F27E-064F-419B-A869-E4F08EDE3C4C@microsoft.com...
> >> >> > Hello,
> >> >> > I have a question: when I add an account to Active Directory on our
> >> >> > domain
> >> >> > controller, I get the following message in the System Log:
> >> >> >
> >> >> > Event Type: Information
> >> >> > Event Source: SAM
> >> >> > Event Category: None
> >> >> > Event ID: 16647
> >> >> > Date: 9/10/2004
> >> >> > Time: 1:34:32 PM
> >> >> > User: N/A
> >> >> > Computer: IOC
> >> >> > Description:
> >> >> > The domain controller is starting a request for a new
> >> >> > account-identifier
> >> >> > pool.
> >> >> >
> >> >> > This message is immediately followed by the following:
> >> >> >
> >> >> > Event Type: Warning
> >> >> > Event Source: Schannel
> >> >> > Event Category: None
> >> >> > Event ID: 36872
> >> >> > Date: 9/10/2004
> >> >> > Time: 1:34:32 PM
> >> >> > User: N/A
> >> >> > Computer: IOC
> >> >> > Description:
> >> >> > No suitable default server credential exists on this system. This
> >> >> > will
> >> >> > prevent server applications that expect to make use of the system
> >> >> > default
> >> >> > credentials from accepting SSL connections. An example of such an
> >> >> > application
> >> >> > is the directory server. Applications that manage their own
> >> >> > credentials,
> >> >> > such
> >> >> > as the internet information server, are not affected by this.
> >> >> >
> >> >> >
> >> >> > The account is able to be added and all seems well. This message
> >> >> > will
> >> >> > appear
> >> >> > again after a reboot, the first time I use Active Directory to add
> >> >> > an
> >> >> > account.
> >> >> >
> >> >> > What does this mean?
> >> >> >
> >> >> > Also, it should be noted that I have a certificate authority
> >> >> > installed
> >> >> > on
> >> >> > a
> >> >> > member server, but I don't believe it is an Enterprise CA (is there
> >> >> > any
> >> >> > way
> >> >> > to tell?)
> >> >> >
> >> >> > Thanks.
> >> >>
> >> >>
> >> >>
> >>
> >>
> >>
>
>
>

Relevant Pages

  • Re: Authentication with pcAnywhere.
    ... I will try to change the reason later. ... This can be set in the Default Domain Controllers ... > to normal users? ...
    (microsoft.public.win2000.security)
  • Re: Single user with Domain Auth Issue
    ... backup terms was indeed for that reason, ... Windows 2003 Domain authentication doesn't work the same way as Windows ... Be careful using the terms Primary and Backup Domain Controllers, ...
    (microsoft.public.windows.server.setup)
  • Re: DC/site placement question
    ... If they are well connected then I can't see a good reason to get them to prefer one DC over another. ... manageablitly over directing those subnets to use the specific DC. ... The Furthest of these buildings is approximately 20 miles away. ... > are planning on placing 4 additional domain controllers at 4 different ...
    (microsoft.public.windows.server.active_directory)
  • Re: UF_PASSWD_NOTREQD Flag Set in DCs userAccountControl
    ... I would set up a lab environment and play with this before doing so in a ... You do have six Domain Controllers (I am going to ... I just inherited this domain and see no reason not to set the ... UF_PASSWD_NOTREQD flag? ...
    (microsoft.public.windows.server.active_directory)
  • Re: 2000 AD to 2003 AD
    ... WIN2000 Domain Controllers. ... going to WIN2003 Forest level would be the only reason. ... >I have a question concerning upgrading to Win2K3 environment. ... > mix one of which is an exchange 2003 server on a win2K3 box. ...
    (microsoft.public.windows.server.active_directory)