valter

I think you can set IP filtering for your routers web site ... check remote administration/web interface and see if you can set the ip address filter

Maybe you should modify default domain controller policy ... anyway, users are not suppsed to log in onto server (phisicaly)

I logged in as this user and i could browse around C:\ drive which is something i dont want to allow Cheers <{POST_SNAPBACK}> you mean you're logged in as a user phisicaly on the server or from the workstation?

I don't think gpo is binded with domain name, gpo is set of rules that attaches to the domain, not domain name, so I think it should be possible to import it to another domain ...

How can users browse anything on the server unless it's shared!? Why would you restrict access to server partition when it's already restricted ... the only share by default is the "$" (admin) share ...

Check this one http://www.shavlik.com/hf.aspx

Here you go ...

I really doubt that XP's Computer Browser service causes that error. All my XPs have Computer Browser service running but that error is never logged. I've seen that error only when there is a problem with replication, including all other errors. Anyway, I would advise you, to remove those 3 NICs and see what happens. I believe that as soon as those 3 NICs are removed, replication should start again. Otherwise you could install support tools and use replmon.exe to monitor replication and locate the problem ...

Are you sure those 3 NICs are actually disabled because 90% of replication errors comes from multihomed DCs ... and you have 8003 that points to more than one master browser on the network ...

Huh you sure have SOME configuration there lol ... having multihomes server as DC (server with more than 1 NIC) is not supported by MS. Anyway, you would have to install a DHCP server bebore you go further, and once installed, authorize it in Active Directory, next, disable DHCP on the DLINK modem/router, same with wireless router. I will make you small drawing how this should be done ...

Before we go deeper into this, just a single question. Is your server multihomed? What I mean is, how many network cards do you have on the server that has replication issue?

welcome to the club ... what do you think, how Gates became rich

Well, from what I saw, you're not the only 1 with that problem ... some MS's MVP's suggest to look into drivers.cab file, other says that it will be installed automatically ... anyway, the besto would be to post the question on MS's newsgroups at http://www.microsoft.com/technet/community...rver.networking

My Host have advised that is not something they can do. I currently have my Domain name registered with 1 company but the NS Records are pointing to my host for the website. I will ask my domain handler to see if they can setup the MX records for the mail.domain.com and go from there. Thanks for you advise. Dave <{POST_SNAPBACK}> Just to make sure you don't make a mistake .... domain.com should be replaced with your actual internet domain name

ERD Commander

Is this something my webhost can do? I don't manage my own DNS, so would I just ask them to setup a sub-domain with the A Record pointing to the public IP Address of my Router, which using port forwarding sends the requests to my server? <{POST_SNAPBACK}> Your ISP or who ever is hosting your Internet domain must create an MX record for your domain ... and you need to setup a port forwarding like 110 and 25 for mail server beside OWA ...

If your mail server works, and if you can send and receive e-mails then port forwarding is done ... you would have to point your Outlook to mail.domain.com if that DNS record exists at all ...

If you're aiming at Outlook trying to connect to \\servername that doesn't exist, then open Outlook, Click Tools menu, then E-mail Accounts and then change the address of the server Outlook should connect to ...

When you say can no longer log into the Network, do you mean they can no longer log on to Active Directory Domain? Because I don't think enabling Routing and Remote Access should have anything to do with this. Those 3 IP addresses you've mentioned, are they global or private? Anyway this is how your tcp/ip should be setup. Server. 1. Intranet (LAN1) IP: 172.16.1.1 SM: 255.255.0.0 DG: (leave empty) DNS1: 172.16.1.1 (if your DNS is on the same server) 2. Internet (LAN2) IP: 192.168.1.1 (must be the same class as your LAN interface on the router) SM: 255.255.255.0 DG: IP address of your LAN interface on the router DNS1: 192.168.1.1 (if your DNS is on the same server) In the Routing and Remote Access/IP Routing/NAT/Firewall select properties of the interface LAN2 and select Public interface connected to the Internet, make sure that Enable NAT on this interface is checked. now select properties of the LAN1 interface and make sure that Private interface connected to private network is selected. Make sure that your DNS is listening on both LAN1 and LAN2 addresses. On DHCP Settings deliver this to your clients: Default Gateway: 172.16.1.1 DNS: 172.16.1.1 Don't forget to use your own IP addresses class Also note that, Microsoft doesn't support multihomed neither AD domain conrollers nor AD member servers.

Thank for the hint ... I've locate the problem. It was DNS Suffix Search List that had multiple enteries including net.test.org NET.TEST.ORG and TEST.ORG ... so I configured a GPO (Computer Configuration/Administrative Templates/Network/DNS Client/DNS Sufix Search List) to include just my AD domain name, and now everything works just fine ... thanks

You can't restrict storage by file type.

I have (I believe) a small DNS problem. Lets say my domain is net.test.org and if I try to resolve some addresses using nslookup I got this answer: Server: server1.net.test.org Address: 172.16.1.11 I'm trying to resolve for example www3.xxy.org or www.microsoft.com or any other address ... Non-authoritative answer: Name: www3.xxy.org.TEST.ORG Address: 212.212.212.212 Non-authoritative answer: Name: www.microsoft.com.TEST.ORG Address: 212.212.212.212 IP address 212.212.212.212 in this case represents my web server. As you can see my DNS ads part of my internal domain name to the domain I'm trying to resolve. It removes the net part and ads TEST.ORG .... any clue what might causes this???

It prevents conflicts between gpos ... policy that is on the top is to mandatory one, should you create your own, you of course place it under the top one, but if a single setting is Not Configured in the top gpo and Enabled in your gpo, then final setting will be Not Configured ... no override prevents these things from happening

Even though I didn't offer a solution, I must ask, did you modify Default Domain Policy, or you just made your own? The best way to control the policy behavior (takes time as well) it to make a new gpo, set a single rule in that gpo, set the gpo to no override, and once you're sure it doesn't cause any problems, then apply it in YOUR OWN policy withiun target container. Default Domain Policy SHOULD NOT be modified at all, so you have a solution to go back at all time.

Well I assumes to play in TEST lab environment .... I wouldn't even dare to install it on production server ... not even first few months after it has been released ... I personally do lot's of testing before deploying such important piece of software as service pack ... just to illustrate this, today I started Windows SP2 deployment in my compnay