Re: Last logon User [WILDPACKET]
- From: "WILD PACKET." <mailtomohsin@xxxxxxxxxxx>
- Date: Fri, 7 Oct 2005 21:30:18 -0400
Thank you Steve for you assistance. All the DCs on LAN are working now.
I have few member servers on the LAN, how do I do those now, Do I go on each
member server and do them or there exists an easy and other way to do it?
I also want to do the same for the servers in the DMZ, we have 12 servers in
the DMZ and they are all in one workgroup.
Please advise
"Steven L Umbach" <n9rou@xxxxxxxxxxxxxxxxxx> wrote in message
news:OfmVTI3yFHA.2556@xxxxxxxxxxxxxxxxxxxxxxx
> You should not have to restart it but using gpupdate /force for Windows
> 2003 may speed up propagation but domain controllers usually refresh
> fairly often using a five minute default. Gpupdate /force will prompt for
> restart if it is needed. If problems persist use the support tool gpotool
> to make sure your Group Policies are replicating correctly. You will get
> an error message if they are not. --- Steve
>
>
> "WILDPACKET" <WILDPACKET@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
> news:C6AB601A-2711-4751-B34B-81007E0A57F1@xxxxxxxxxxxxxxxx
>> Thank you Steve for the information.
>>
>> Yes, all the DCs are in a Domain Controllers OU and I have applied the
>> Policy. Will the policy be applied autmatically or I have to restart the
>> Dcs. These are not in the DMZ. These are on my LAN.
>>
>>
>>
>> "Steven L Umbach" wrote:
>>
>>> If the domain controllers are all in the same default container then
>>> defining the setting in Domain Controller Security Policy should work
>>> for
>>> domain controllers in the domain. If you are still having a problem and
>>> have
>>> a domain controller in the DMZ for that same domain then firewall
>>> settings
>>> isolating the DMZ from the internal lan could be causing failure of
>>> Group
>>> Policy to propagate. The support tools such as netdiag, gpresult, and
>>> viewing the logs using Event Viewer are a good place to start and
>>> troubleshoot. Having a domain controller for a domain in the DMZ is not
>>> what
>>> would be called best practice unless it is not the same domain as the
>>> domain
>>> used on the lan. Sometimes separate forests are created - one for the
>>> lan
>>> and one for the DMZ with a one way trust where the DMZ forest/domain
>>> trusts
>>> the lan forest/domain only but not vice versa. --- Steve
>>>
>>> http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B179442 ---
>>> firewall configuration for domains and trusts.
>>>
>>> "WILDPACKET" <WILDPACKET@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
>>> news:608CF45B-D75C-47A8-9D47-C68C96A37338@xxxxxxxxxxxxxxxx
>>> >I have set the DC Security Policy to -
>>> >
>>> > Do not display last last logged on user to ENABLE and it works fine.
>>> >
>>> > How do I make this work for the DCs sitting in the DMZ because I
>>> > notice
>>> > this
>>> > does not work for the DCs in DMZ.
>>> >
>>> > Please advise.
>>> >
>>> > Thanks in advance.
>>>
>>>
>>>
>
>
.
- Follow-Ups:
- Re: Last logon User [WILDPACKET]
- From: Steven L Umbach
- Re: Last logon User [WILDPACKET]
- References:
- Re: Last logon User [WILDPACKET]
- From: Steven L Umbach
- Re: Last logon User [WILDPACKET]
- From: Steven L Umbach
- Re: Last logon User [WILDPACKET]
- Prev by Date: Why am I missing some settings in one domain but seeing those in another one?
- Next by Date: Re: Last logon User [WILDPACKET]
- Previous by thread: Re: Last logon User [WILDPACKET]
- Next by thread: Re: Last logon User [WILDPACKET]
- Index(es):
Relevant Pages
|
