نمایش نتایج: از شماره 1 تا 7 از مجموع 7
سپاس ها 1سپاس

موضوع: Loading Active Directory

  
  1. #1
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272

    Loading Active Directory

    کد:
    http://utools.com/help/LoadingAd.asp
    Loading Active Directory

    Loading Active Directory is done on the destination computer. When you click the Finish button UMove will load the Active Directory files into the computer.
    Interview

    When you start UMove it will ask you a series of questions. Your answers to these questions will tell UMove how to load Active Directory into your computer. Answer each question as best you can. Click Next to continue to the next question.
    For more information regarding the interview see


    See also Results of Moving Active Directory.





    موضوعات مشابه:

  2. #2
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://utools.com/help/MediaSelect.asp
    Selecting Backup Media

    Note: The following information only applies to Windows Server 2000 or 2003.
    When prompted, select the name of the NTBACKUP media for loading the Active Directory files.
    To select a .BKF file, type the path to the file; or click the Browse button and click on the file's name.
    To select a backup device, click on the backup device name. Then click on the type of backup media (tape, removable optical disc, etc).
    Damaged Media

    If during the loading process UMove encounters a damaged or corrupt block on the backup media it will report an error and abort the load. This is done for your protection in order to avoid loading corrupt data into Active Directory.
    In an emergency you can check the box .BKF file is damaged (for a .BKF file) or Media is damaged (for a backup device). This will cause UMove to skip damaged blocks on the backup media and attempt to load the remaining data.
    Note: UMove cannot skip damaged media blocks inside of the file NTDS.DIT or the files EDB*.*. It can only skip damage in non-essential files.
    More than one tape or disc

    If your backup is large it may span more than one tape or disc. In this case UMove will prompt you to insert each backup tape/disc in succession. (The term “backup media” usually means a single tape or disc. But when a backup session spans multiple tapes/discs it means all of the tapes/discs that were written in the same backup session.)
    To save time: Insert the last tape/disc first

    A large backup session may span several tapes/discs. If you have multiple tapes/discs you can save time by inserting the last tape or disc first. UMove needs to read the catalog of the backup set in order to locate the AD files. NTBACKUP appends the catalog to the last tape or disc. By inserting the last backup tape/disc first you can save time.
    If you do not insert the last tape/disc first, UMove will be forced to read the entire backup set, prompting you to insert the each tape/disc one by one, until it reaches the end. Then it will rewind and prompt you to insert the first tape/disc again. By inserting the last tape/disc first you can avoid reading the entire backup set twice.

    For more information

    See the topics Select Volumes and Incremental Restore.





  3. #3
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://utools.com/help/Incremental.asp
    Incremental or Differential Restore

    Note: The following information is for Windows Server 2000 or 2003 only.
    Whenever you back up files with NTBACKUP you have a choice of four different methods to select which files should be backed up:

    • Normal: Backs up all files. Each file is marked to indicate that it has been backed up.
    • Copy: Backs up all files, but does not mark any as backed up.
    • Incremental: Backs up each file if it was not marked (typically since the last normal backup). Each backed up file is marked to indicate that it has been backed up.
    • Differential: Backs up each file if it was not marked (typically since the last incremental backup). The mark is not changed.

    The backup mark (sometimes called the “archive bit”) is removed any time a file is modified for any reason.
    During the interview UMove may detect that the staging folder already contains Windows files that were previously loaded from another backup. UMove needs to know if you are trying to merge files from an incremental or differential backup.
    UMove will ask if you want to erase the files in staging folder. If you intend to load from a single backup media answer “Yes”. UMove will erase the old files from the folder. The files will be replaced by the new files from the backup media.
    If you are using incremental or differential backups, answer “No” and see the next section.
    Incremental or Differential Restore

    To perform an incremental or differential restore of Active Directory use the following procedure:

    1. Run UMove. Insert the backup media for the latest full normal or copy backup. Click the Extract button to load the initial AD files to an empty staging folder.
    2. Insert the first incremental backup that was taken after the normal/copy backup. Click the Extract button again to merge the changed AD files into the staging folder.
    3. Repeat step 2 with each subsequent incremental backup, from oldest to newest.
    4. Insert the latest differential backup (if any) that was taken after the last normal or incremental backup. Click the Extract button again to merge the remaining changed files into the staging folder.

    After you have loaded all the necessary backups you can proceed. Click Next and proceed to the end of the interview. On the last page click the Finish button.
    Multiple Volumes on the Same Media

    In rare cases you may have appended the incremental or differential backups after the normal backup on the same backup media. If so, you must inform UMove of the correct order in which to load the volumes. See Selecting Volumes on the Backup Media.






  4. #4
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://utools.com/help/IpAddr.asp
    Internet Address

    Select the Internet Address for the Network Interface
    UMove will copy the source computer's Internet Address(es) to the destination computer.
    A question arises when a computer has more than one network interface controller (NIC). In this case you need to tell UMove which NIC on the destination computer should get the Internet address from the NIC on the source computer.
    If the both computers have only one NIC, UMove will skip the question and simply copy the Internet address from the old NIC to the new NIC.
    How to Respond

    Click on the dropbox to see a list of Internet addresses on the source computer. Select the Internet address that should be assigned to the NIC on the destination computer.
    If you have more NICs on the destination computer than the source computer, an additional option will appear. For the extra destination NICs select Do not use -- leave IP address unchanged. You can later use these NICs by assigning an Internet address manually after you finish moving Active Directory.
    If you are unsure how to respond, you can review the Internet address assignment for each NIC using the Control Panel. Click on Network Connections. Select the NIC so that it is highlighted. Right-click and select Properties.
    The Properties dialog will appear. The text box Connect using will show the name of the NIC including the name of the hardware manufacturer. It should match the name shown by UMove.
    Scroll down and select the item Internet Protocol (TCP/IP) so that it is highlighted. Click the button Properties.
    The dialog Internet Protocol (TCP/IP) Properties will appear. Write down the Internet address assigned to the NIC. (If there is more than one address, clicking the button Advanced will view them all.)
    Using this information you can decide which NIC should be assigned the Internet address on the destination computer.
    Issue: Windows 2000 reports stale NICs

    If you physically remove an old NIC card (or change the physical slot), Windows 2000 will fail to remove the information about the old NIC from the registry. This can cause the old NIC to appear in the dropbox for the source computer. You should disregard any old NIC(s) in the dropbox for the source computer. Choose a good NIC that was active on the source computer when the backup was taken.
    This is not an issue on Windows 2003 or later.
    For more information

    See also Networking.






  5. #5
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://utools.com/help/MovingSysVol.asp
    Moving SYSVOL Files

    The SYSVOL is identical on all Domain Controllers
    The System Volume (SYSVOL) contains a shared copy of the domain's public files. It includes a copy of the domain's Group Policy settings and the domain's user logon scripts. The files in SYSVOL should be identical on every domain controller in the domain.
    The File Replication Service (FRS) replicates the contents of SYSVOL to all of the domain controllers in the domain. Its purpose is to to ensure that the files in SYSVOL are always identical.
    Windows Server 2008 replaces FRS with the Distributed File System Replication Service (DFSR). DFSR is used when all domain controllers in the domain are running Windows Server 2008 (or later) and migration from FRS is completed.
    How to Respond

    A question arises when there is more than one domain controller for the same domain. In this case you need to tell UMove how to handle discrepencies between the loaded SYSVOL and the copies of SYSVOL on the other domain controllers.
    Unless otherwise instructed you should generally select Authoritative Restore.
    If you are restoring two or more domain controllers, select Non-authoritative Restore on the second, third, fourth, etc, domain controllers. The domain controllers will erase their local copy of SYSVOL and then replicate SYSVOL from the authoritative domain controller.
    If your SYSVOLs are out of sync and you need to cross-replicate SYSVOL back-and-forth between two or more DCs, select Normal Restore. (This is rarely needed. It can cause harmful side effects; see caution below.)
    Consequences of incorrect response

    If you select Non-authoritative for all domain controllers but fail to select Authoritative for at least one, the SYSVOL replication service (DFSR or FRS) will stall. This is because the service will wait indefinitely for an authoritative replication that it will never receive.
    Normal Restore is Abnormal

    Caution: Normal Restore is peculiar and should not be used unless you understand how it works. If you select a Normal Restore, FRS will hide all the SYSVOL files in the folder “NtFrs_PreExisting___See_EventLog”. FRS will move the files back to their original locations only when it can successfully cross-replicate with another domain controller and compare timestamps. (It will compare timestamps and select whichever file is newer between the two domain controllers.) But until at least one such successful replication occurs, all the files in SYSVOL will remain hidden in the PreExisting folder. This means that until at least one successful replication occurs the SYSVOL will be empty and Group Policy will fail with mysterious error messages. For example, “Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted.) Group Policy processing aborted.” (Event ID 1054).
    You should always select Authoritative Restore (not Normal Restore) when moving only one DC. If you accidentally selected Normal Restore you can fix the problem by running UMove again and this time selecting Authoritative Restore.
    Read-only Domain Controller (RODC)

    Windows Server 2008: If you are restoring a read-only domain controller (RODC) you should generally select Non-authoritative Restore for the RODC. Exception: If you are testing a single RODC in an isolated network in your lab, you should choose Authoritative Restore to allow the SYSVOL replication service to start.
    For more information about SYSVOL recovery

    For information on how to recover SYSVOL manually, see the following Knowledge Base articles. These are for reference only. UMove will automatically recover SYSVOL by doing all the steps described in the KB articles. For example, UMove will automatically synchronize the Group Policy version numbers in SYSVOL with the Group Policy Containers (GPCs) in Active Directory.

    • KB315457 How to Rebuild SYSVOL and Its Content in a Domain
    • KB887303 Applying Group Policy causes Userenv errors and events to occur
    • KB312862 Recovering Missing FRS Objects and FRS Attributes in Active Directory








  6. #6
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://utools.com/help/FinishButton.asp
    Clicking the Finish Button

    When you click the Finish button, UMove will load Active Directory into the computer. During this process your computer will reboot.
    Your computer (and Active Directory) will be ready when the logon prompt appears.
    How to Cancel

    You can interrupt the procedure by clicking the Cancel button. UMove will stop and roll back all pending changes to the computer.
    Execution Time

    It will typically take about 5-15 minutes for the operation to complete depending on how fast your computer can reboot.
    If you have a large NTDS.DIT database (more than one gigabyte, for example) the process may take additional time depending the speed of your disk drive.
    During the first boot, if you are booting the first domain controller in a domain and the other domain controllers are not present, Windows may pause up to 15 minutes while booting as it searches for the other domain controllers. During this time Windows will display the message Preparing network connections.. The delay is normal.
    In rare cases it may take up to 30 minutes to complete the first boot if DNS is not configured correctly. Be patient and the computer will eventually finish startup and present the logon screen.
    If you are running Exchange, there may be an additional 10-15 minute delay during each shutdown.
    Error Messages During the First 30 Minutes

    When booting for the first time, some error messages may appear in the Event Log during the first 30 minutes. These error messages are normal and can be ignored. The normal error messages include those generated by NetLogon and by the NT Directory Service during the initial dynamic DNS registration of the domain controllers and the Global Catalog.
    AD should stabilize within 30 minutes and the error messages will stop automatically.
    The normal temporary error messages include the following:

    • NetLogon: “Dynamic registration or deletion of one or more DNS records associated with DNS domain MyDomain failed.” (Event ID 5781/5782) More information.
    • NetLogon: “The computer was not able to set up a secure session with a domain controller in domain DomainName due to the following: There are currently no logon servers available to service the logon request.” (Event ID 5719)
    • LsaSrv: “The Security System detected an authentication error for the server MyServer. There failure code from authentication protocol Kerberos was 'There are current no logon servers available to service the logon request.'” (Event ID 40960)
    • LsaSrv: “The Security System could not establish a secured connection with the server ldap/myhost.com@MYHOST.COM. No authentication protocol was available.” (Event ID 40961)
    • NTDS Replication: “Active Directory could not resolve the following DNS host name of the domain controller to an IP address: ComputerName” (Event ID 2087) More information.
    • NTDS General: “Active Directory attempted to communicate with the global catalog and the attempts were unsuccessful. Global catalog: ComputerName” (Event ID 1655)
    • NTDS General: “Active Directory was unable to establish a connection with the global catalog.” (Event ID 1126)
    • GroupPolicy: “The processing of Group Policy failed. Windows could not obtain the name of a domain controller. This could be caused by a name resolution failure. Verify your Domain Name System (DNS) is configured and working correctly.” (Event ID 1054)
    • EventSystem: “The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070005 from line xxx of d:\rtm\com\complus...” (Event ID 4609). This error message is normal and expected. It appears during shutdown because Active Directory was not running at shutdown time.
    • DFSR: “The DFS Replication service failed to contact the domain controller to access configuration information. Replication is stopped. The service will try again during the next configuration polling interval which will occur in 60 minutes.” (Event ID 1202).
    • DfsSvc: “The DFS Namespace service could not initialize cross forest trust information on this domain controller, but will periodically retry the operation.” (Event ID 14550).
    • NtFrs: “File Replication Service is scanning the data in the system volume. Computer cannot become a domain controller until this process is complete. The system volume will then be shared as SYSVOL.” (Event ID 13566)
    • NtFrs: “The File Replication Service moved the preexisting files in C:\windows\sysvol\domain to c:\windows\sysvol\domain\NtFrs_PreExisting___See_E ventLog.” (Event ID 13520). More information.
    • MSDTC: “MS DTC could not correctly process a DC Promotion/Demotion event.” (Event ID 53258)
    • MSMQ: “The Message Queuing sevice failed to join the computer's domain” (Event ID 2124)
    • Schannel: “No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this.” (Event ID 36782).
    • Userenv: “Windows cannot obtain the domain controller name for your computer network. (The specified domain either does not exist or could not be contacted.) Group Policy processing aborted.” (Event ID 1054).
    • WinRM: “The WinRM service failed to create the following SPNs: WSMAN/myhost.com; WSMAN/MyComputerName.”

    The error messages shown above are norming during the first 30 minutes. If the above messages persist after 30 minutes you may need to troubleshoot your DNS settings.
    For More Information

    See also the topics Results of Moving Active Directory, and Unattended Operation.






  7. #7
    نام حقيقي: 1234

    مدیر بازنشسته
    تاریخ عضویت
    Jul 2009
    محل سکونت
    5678
    نوشته
    5,634
    سپاسگزاری شده
    2513
    سپاسگزاری کرده
    272
    کد:
    http://utools.com/help/LoadingConsequences.asp
    Results of Moving Active Directory

    UMove will load Active Directory into the destination computer. It will copy the files from the staging folder into the operating system. Simple Restore

    If you are doing a simple restore, UMove will load the Active Directory files (NTDS.DIT and EDB*.LOG) and the System Volume (SYSVOL). It will not load any other files.
    Comprehensive Restore

    If you are doing a comprehensive restore, UMove will load the following additional information from the staging folder into the operating system:
    Computer Name

    UMove will set the computer name and domain name to match the name of the source computer.
    Network Settings

    UMove will set the network settings to match the source computer's network interface controller (NIC). This includes the following:

    • Internet address (example: 192.168.0.1).
    • Network mask (example: 255.255.255.0).
    • Client DNS address. This is the address that the computer will contact to send DNS queries.
    • Client settings for dynamic DNS registration.
    • Client WINS address (if applicable). This is the address that the computer will contact to send WINS queries. (WINS is the legacy network naming system from Windows NT.)
    • Client settings for DHCP.
    • IPV6 settings (if installed).

    To view the NIC network settings: Click on Start -> Control Panel -> Network Connections. Select the NIC and right-click on Properties. In the pop-up dialog scroll down and select Internet Protocol (TCP/IP) and click the button Properties.
    DNS Server Database

    UMove will move the DNS server database to the destination computer. This includes all DNS zones and all RR records. If the computer has a previous DNS database it will be replaced.
    DHCP Database, WINS Database, Certificate Server Database

    If requested UMove will move certain databases that are closely connected with Active Directory. These databases include the DHCP database, the WINS database, the Certificate Services database, and other databases.
    User Accounts and Passwords

    UMove will replace all local user accounts and passwords on the destination computer. They will be replaced by the domain user accounts and passwords in Active Directory.
    The destination computer's local (SAM) user account database will be replaced. It will be replaced by a stub that contains only one local account. The account is used to access the computer when Active Directory is not running. This is called Directory Services Restore Mode (DSRM). The password for the DSRM Administrator account will be set to the value you specified during the interview.
    These steps are exactly the same as those executed by the DCPROMO utility when promoting a domain controller.
    Cryptographic Keys

    UMove will replace the computer's cryptographic keys with the keys from the source computer. This includes the master keys for the Encrypting File System (EFS) and Protected Storage. (Protected Storage stores passwords for e-mail, web, and dial-up access.)
    File and Registry Security

    The files in the operating system folders “\WINDOWS”, “\Program Files”, and “\Documents and Settings” will be changed to permit access by the domain administrators. The Access Control List (ACL) of each folder will be updated to allow access by the domain administrators.
    In a similar fashion the ACLs of registry keys will be updated to allow access by the domain administrators.
    These steps are exactly the same as those executed by the DCPROMO utility when promoting a domain controller.
    Permissions for Shared Folders

    UMove will copy the user and group permissions for shared folders from the source computer.
    Security Identifier (SID) Prefix

    UMove will copy the Security Identifier (SID) prefix from the source computer. The SID prefix is used to uniquely identify the computer on the network for security purposes.
    When reloading AD onto the same computer the SID prefix is left unchanged.
    UMove will adjust the permission settings on the destination computer for Windows Firewall (if necessary) to allow access to Active Directory from your member computers.
    Advanced: You can tighten security by telling UMove to limit AD access to computers on the local subnet. See Advanced Options: Windows Firewall.
    Windows Server 2008: UMove will copy the Windows Firewall settings from the source computer.





    pardazande سپاسگزاری کرده است.

کلمات کلیدی در جستجوها:

dfssvc 14550

dfssvc error 14550

event 14550 dfssvc

event id 14550

dfssvc 14550 error

event id 14550 dfssvc

the dfs namespace service could not initialize cross forest trust information on this domain

dfssvc id 14550

initializing the File Replication backup sessionereignis id 14550odin backup differential backuperror dfssvc 14550EventID 14550 The DFS Namespace service could not initialize cross forest trust information on this domain controllerlsasrv there are currently no logon serverevent id 40960 lsasrv rodccode erreur 14550 ipv6rodc event 14550 dfssvcrodc no logon servers available after 10 minutesevent 1054 winrmwindows server 2008 ereignis id 14550dfssvc erreur 14550directory services restore mode there are currently no logon servers available 2008forest trust windows 2008 r2 lsasrv 40961windows 2008 source dfssvc eventid 14550

برچسب برای این موضوع

مجوز های ارسال و ویرایش

  • شما نمی توانید موضوع جدید ارسال کنید
  • شما نمی توانید به پست ها پاسخ دهید
  • شما نمی توانید فایل پیوست ضمیمه کنید
  • شما نمی توانید پست های خود را ویرایش کنید
  •