Re: Wrong Machine Role listed in Active Directory
From: Chris (ckuderna_at_hotmail.com)
Date: 10/29/04
- Next message: Andrew Mitchell: "Re: Complex Active Directory Logon Scripting"
- Previous message: svesax: "Re: ADAM and Authorization and Profile Application Block"
- In reply to: Chriss3 [MVP]: "Re: Wrong Machine Role listed in Active Directory"
- Messages sorted by: [ date ] [ thread ]
Date: 29 Oct 2004 02:55:06 -0700
Hi Christoffer,
thanks for your reply.
So far I couldn't get a hold of the guy who set this server up. Next
week...
You mentioned the OS attribute of the computer object. I used LDIFDE
to export the computer objects of the affected machine and one that
looks "normal" in AD Users and Computers.
The output follows - but I can't really tell a difference that might
be relevant to the problem:
Server that displays as "domain controller":
dn: CN=GSM1007,OU=Infrastructure,OU=Member-Server,OU=Administration,DC=mydomain,DC=corp
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer
cn: GSM1007
description: AUG: SUS, Repository-Manager, NI-ManagementPoint
distinguishedName:
CN=GSM1007,OU=Infrastructure,OU=Member-Server,OU=Administration,DC=mydomain,
DC=corp
instanceType: 4
whenCreated: 20040427075907.0Z
whenChanged: 20041028093140.0Z
displayName: GSM1007$
uSNCreated: 16512
uSNChanged: 3181166
name: GSM1007
objectGUID:: t9rgiq4Xw0yukasyZYkFtg==
userAccountControl: 528384
codePage: 0
countryCode: 0
localPolicyFlags: 0
pwdLastSet: 127434294787427050
primaryGroupID: 515
objectSid:: AQUAAAAAAAUVAAAASWDH16liMTdJvKAgZisAAA==
accountExpires: 9223372036854775807
sAMAccountName: GSM1007$
sAMAccountType: 805306369
operatingSystem: Windows Server 2003
operatingSystemVersion: 5.2 (3790)
dNSHostName: gsm1007.mydomain.corp
servicePrincipalName:
NtFrs-88f5d2bd-b646-11d2-a6d3-00c04fc9b232/gsm1007.mydomain.corp
servicePrincipalName: MSSQLSvc/gsm1007.mydomain.corp:1433
servicePrincipalName: HOST/GSM1007
servicePrincipalName: HOST/gsm1007.mydomain.corp
objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=mydomain,DC=corp
isCriticalSystemObject: FALSE
frsComputerReferenceBL:
CN={8ae0dab7-17ae-4cc3-ae91-ab32658905b6},CN=Setup|Config,CN=Setup,CN=DFS
Volu
mes,CN=File Replication Service,CN=System,DC=mydomain,DC=corp
lastLogonTimestamp: 127427862185312973
Server that displays correctly:
dn: CN=AS210050,OU=Infrastructure,OU=Member-Server,OU=Administration,DC=mydomain,DC=corp
changetype: add
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer
cn: AS210050
description: AUG: Jazzey - Oracle
distinguishedName:
CN=AS210050,OU=Infrastructure,OU=Member-Server,OU=Administration,DC=mydomain
,DC=corp
instanceType: 4
whenCreated: 20041027133505.0Z
whenChanged: 20041027135119.0Z
displayName: AS210050$
uSNCreated: 3143522
memberOf:
CN=VPPSMachines,OU=4-Application,OU=PermissionGroups,OU=Admin-Groups,OU=Admini
stration,DC=mydomain,DC=corp
uSNChanged: 3144315
name: AS210050
objectGUID:: jaP30dPyw0SX4WSmnbvngg==
userAccountControl: 4096
codePage: 0
countryCode: 0
localPolicyFlags: 0
pwdLastSet: 127433577051226587
primaryGroupID: 515
objectSid:: AQUAAAAAAAUVAAAASWDH16liMTdJvKAg+pEAAA==
accountExpires: 9223372036854775807
sAMAccountName: AS210050$
sAMAccountType: 805306369
operatingSystem: Windows Server 2003
operatingSystemVersion: 5.2 (3790)
dNSHostName: as210050.mydomain.corp
servicePrincipalName: HOST/AS210050
servicePrincipalName: HOST/as210050.mydomain.corp
objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=mydomain,DC=corp
isCriticalSystemObject: FALSE
dSCorePropagationData: 20041027135033.0Z
dSCorePropagationData: 20041027135033.0Z
dSCorePropagationData: 20041027135033.0Z
dSCorePropagationData: 20041027134018.0Z
dSCorePropagationData: 16010721193112.0Z
lastLogonTimestamp: 127433577064507837
Any idea?
"Chriss3 [MVP]" <noSpamHere@chrisse.se> wrote in message news:<uNGJp9EvEHA.1264@TK2MSFTNGP12.phx.gbl>...
> Where they predefined or did you joined them to the domain? its the
> application that joins the computer to the domain that write this
> information to the OS attribute at the computer object.
>
> --
> Regards
> Christoffer Andersson
> Microsoft MVP - Directory Services
>
> No email replies please - reply in the newsgroup
> ------------------------------------------------
> http://www.chrisse.se - Active Directory Tips
>
> "Chris" <ckuderna@hotmail.com> skrev i meddelandet
> news:d585d1ee.0410270630.6429167e@posting.google.com...
> > We have a Windows Server 2003 based Active Directory with several
> > thousand PCs and servers.
> >
> > I have a strange effect in Active Directory Users and Computers:
> > - right-click the domain
> > - select FIND
> > - select "Computers" from the drop-down list
> > - select "Workstations and Servers" from the ROLE drop-down list
> > - the results list has a second column called "Machine Role" which
> > reads "Workstation or Server" for most clients.
> >
> > Interestingly enough some machines are listed as "Domain Controller",
> > which none of them are. Some are LINUX machines/SAMBA servers - ok.
> > But one of them is definitely a Windows Server 2003 member server, no
> > DC and never was.
> >
> > When I select "Domain Controller" from the ROLE drop-down list the
> > resulting list contains only the real DCs - everything fine.
> >
> > How does AD Users and Computers decide what it lists in the "Machine
> > Role" column?
> > Why is one member server listed as "domain controller"?
> >
> > Any hints would be greatly appreciated!
> >
> > Chris
- Next message: Andrew Mitchell: "Re: Complex Active Directory Logon Scripting"
- Previous message: svesax: "Re: ADAM and Authorization and Profile Application Block"
- In reply to: Chriss3 [MVP]: "Re: Wrong Machine Role listed in Active Directory"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
