Re: Please help refresh my memory on AD DC
- From: Meinolf Weber <meiweb(nospam)@gmx.de>
- Date: Fri, 14 Nov 2008 14:20:41 +0000 (UTC)
Hello Joe,
In Administrative tools, you have a lot of management consoles. Also that one for IIS.
On the server where the folder is located that you like to share you have to open the folder properties, choose the sharing tab and do your settings. Only AD is not enough to share a folder.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and confers no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hello Meinolf,
Ok I did post in the IIS newsgroups and in IIS.Net a few days back. I
haven't received and answer in this part yet.
In between my last post I logged into IIS MC from the DC I just used
the MMC console Not the ADUC as I thought you would.
I created the folder share just from the ADUC and I didn't do anything
else.
Where would I go from here Locally at that server or on the DC?
Thank you
Joseph
"Meinolf Weber" wrote:
Hello Joe,
See inline.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties, and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hello Meinolf,Use the Administrative tools on the DC.
I do thank you for hanging in there for me.
I wanted to add the servers to a Domain Controller for central
mangement and easier file sharing. Plus a few applications that
require it.
I problem that I am running into is the management of file foldersI meant to connect from the DC's administrative tools to the IIS.
and IIS.
You say RDP intothe server and then make the changes in IS MMC. Ok
that is fine because that is what I have been doing all this time.
The question is when I RDP in who am I loggin in as ?
It's also possible. But as said before, i am not IIS specialist. Alos
in a domain you should use the domain accounts, local accounts will
have no effect to configure for domain needs.
If I login as a local adminstrator I cannot set permissions on aIf the server is domain member and the accounts also from the domain,
folder in IIS MMC because when select a user (and that user is
IUSR_MACHINAME or NETWORK SERVICE for ASP.NET) I get promted to the
Domain Credentials. Is this correct?
yes.
Do I no longer use the diabled Red Arrowed Users? Do I select onlyBecause you installed the IIS before creating the domain you will not
the
ones that begin with Domain..?
Domain Users
Domain Administrators
etc...
If so, now, Which one is the anonymous account? Is it still
IUSR_MACHINENAME Because I don't see it available in a non red
arrow.
Plus existing sites already have this as the anonymous user
(IUSR_MACHINENAME)
have the IIS accounts on the users container in AD users and computer
i assume. I don't know enough about IIS and how to make also the IIS
available for the complete domain access. Maybe you can export the
complete IIS and then import this to a fresh installed IIS with
complete domain setup. But again Ask this in an IIS NG. There are
your experts.
I must say that this is confusing. I am going to post some images onDid you only create the shared folder with ADUC or did you also share
a Community Server Forum would you please look at them?
Second Question:
I logged on to the DC pysically standing at the machine.
I created a file share on a remote member server through the Active
Dir
Users and Computers.
I selected Everyone as read only. I then finished and went over to
my
laptop
and logged in locally
I can see the share but not access it. Is this correct?
it on the server itself via the sharing tab on the folder properties?
What share permissions did you configure and what NTFS permissions on
the folder. These both are different from the permissions tab ion
ADUC, that let as default.
Thanks again Meinolf
Joseph
"Meinolf Weber" wrote:
Hello Joe,
I can not really follow, what you are trying to achive. If you like
to set folder/file permissions on a remote server harddisk/volume
you should map a drive or connect to the server with RDP. If you
like to configure the IIS, you should use the "Internet Services
Manager" from the Administrative tools and connect to the server
which holds the IIS.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!! http://www.blakjak.demon.co.uk/mul_crss.htm
Hello Meinolf,
Then how do I go about editing/configuring permissions on folder?
There is no IIS MMC in the DC management. Do notever logonlocally
again?
Do I just logon the DC and go to Active Directoy Users and
Computers
Click the PC and select manage. When I do that I do not get an IISRight
MMC
I get
most of the others. I can do disk management, SQL, event Viewer, I
can
add
and modify users.
I see all that and understand it. But when it comes to adding a
user
for a folder also
How to manage installed programs is this done locally?
Thank you
Joseph
"Meinolf Weber" wrote:
Hello Joe,
As said before:
"On domain controllers the local users and groups are disabled
because the
domain controller has it's own Security database and is not
having
the local
SAM."
That's the reason for the red one.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Hello Meinolf,
You are correct. I can administer the server from the DC but I
cannot set permissions on the IIS or local box. I had to login
to do so. This was my entire concern. Why the red arrows?
What am I missing here?
Thanks
"Meinolf Weber" wrote:
Hello Joe,
What folder are you talking about? Looks like you are in
computer management and have connected to a domain controller
form the member server. On domain controllers the local users
and groups are disabled because the domain controller has it's
own Security database and is not having the local SAM.
Best regards
Meinolf Weber
Disclaimer: This posting is provided "AS IS" with no
warranties,
and
confers
no rights.
** Please do NOT email, only reply to Newsgroups
** HELP us help YOU!!!
http://www.blakjak.demon.co.uk/mul_crss.htm
Hello Jorge,
Yes I did thanks. I succeccfully added all servers to the
domain.
I just had one question left over after soing so.
When I logged in locally on one of the 2003 boxes I wanted to
make
a
permissions change on a folder an I was asked to enter the
domain
credentials
again.
I did so with the domain admin credentials and I saw red
arrows
next
to the groups and accounts icons
What is that and why was I asked to login again to make this
change?
Thanks Joe
"Jorge Silva" wrote:
Sounds that your problem is solved, great :)
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and
confers
no
rights.
"Joe" <Joe@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9E332231-20B4-43C5-8803-50BEBAA17F17@xxxxxxxxxxxxxxxx
Hi Jorge!
Thanks for jumping in. No this is a Standard Box not a SBS.
Never saw a DC promo go like this one. That is why I posted
and
of
corse
my
short time with using one.
Thanks so much!!
Joe
"Jorge Silva" wrote:
Hi Joe,
Sounds that your new DC is an SBS DC, correct?
--
I hope that the information above helps you.
Have a Nice day.
Jorge Silva
MCSE, MVP Directory Services
Please no e-mails, any questions should be posted in the
NewsGroup
This posting is provided "AS IS" with no warranties, and
confers
no
rights.
"Joe" <Joe@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:0D84A7F8-8760-4CF8-9771-1168396CFBC3@xxxxxxxxxxxxxxxx
Hello,
I am currently using a workgroup infrastructure with 9
servers
and
I am
in
need of changinf it to a AD DC Domain infrastrucrture.
However
I
am a
little
rusty in some areas. I have 4 Server 2003 Enterprise
machines
and
4
Server
2008 Standard machines. One Linux but that doesn't matter.
1. When I created the domain I used the same name as the
server
and
this
caused the installation wizard to change the NetBIOS name
from
WEB308
to
WEB3080 The Original name for this server was
web308.mydomainname.com
and
when I was asked for the FQDN I entered the same thing.
This
is
what
prompted
the NetBIOS change as it told me to avoid conflict with
the
DC.
2. Ok so when I rebooted the server and it rebooted as a
DC
I
could no
longer access the server by the old administrator password
as
it
was as
so
Administratator
password1
I now had to change the password but not for WEB308 it now
was
WEB3080.
What I am struggling with is there are so many names that
I
am
unsure
which
is the DC and which is just the NetBIOS.
I kinda figured that out as I tried to access old shares
that
still had
WEB308 as the label . But when prompted I had to use the
new
WEB3080
and
the
new password for access.
Part two:
Now I have always been confused about what SHOULD you use
as
a
DC
FQDN?
.
- Follow-Ups:
- Re: Please help refresh my memory on AD DC
- From: Joe
- Re: Please help refresh my memory on AD DC
- From: Joe
- Re: Please help refresh my memory on AD DC
- References:
- Prev by Date: Re: Please help refresh my memory on AD DC
- Next by Date: Re: Events 1030 and 1058 logged on domain controller every 5 minutes
- Previous by thread: Re: Please help refresh my memory on AD DC
- Next by thread: Re: Please help refresh my memory on AD DC
- Index(es):
Relevant Pages
|
Loading
