valter

as per NTP open cmd and then type the following .. • w32tm /config /manualpeerlist:NTP_server_IP_Address,0x8 /syncfromflags:MANUAL • net stop w32time • net start w32time • w32tm /resync NTP_server_IP_Address replace with the IP address of the closest NTP server fromt this list http://ntp.isc.org/bin/view/Servers/NTPPoolServers

In your event you have failure audit on the file C:\WINDOWS\system32\mstsc.exe so right click on the file, Properties, Security, Advanced and the Audit and remove the audit for the file

you can install child domain, then you will have what you want ... or setup a trus between 2 domains

Try to disable autdit on that file ...

..

Well you need to enable the very first option, otherwise firewall is not working ... and don't forget to update your gpo, open cmd and type gpupdate /force on both the server and the client ...

Open GPO on the OU u want to configure and navigate to COmputer Configuration/Administrative Templates/Network/Windows Firewall ...

To allow user log on physically locally on the server is not good idea, using Terminal Services is another story. When you configure your server for using Terminal Services, and use gpo to hide stuff you don't want your users to see, then loging onto the server is just like the workstation ... but anyway use what ever make you comfortable

This means that basically your website is in your LAN. Correct? Where is your public DNS record for your website? On your own DNS or on some public register? If it is on the public register, you need to add a DNS record on your own DNS and point www to the LAN address of your server, same with MX record (first create mail host i.e. mail.domain.com point to your public IP address of your mail server, then point MX record to mail.domain.com) Now the question is how do you route your traffic? Do you use router? If so, do you use Single User Account (SUA - port forwarding) or you use Network Address Translation (NAT - mapping between public and local IPs)? What router do you use? When working on your LAN, you don't need to use public IPs at all. You sould use your private IP addresses at all time. If you can't access your server using private IPs then ip nat loopback must be off, consult the maual of your router, for example if your're using Zyxel router, then you would open command interpreter mode and type in the following command ip nat loopback on this would allow you to see your Internet website on your LAN ..

Why - did you do that? if so what happened???? im curious as to the way you wrote your post <{POST_SNAPBACK}> no, I didn't but AD and other AD related services such as DNS, DHCP, IIS ... are VERY dependant on IP addresses and network cards ...

Roman if I were you, I wouldn't dare to diable onboard LAN controller on the production server within AD, particulary server that holds FSMO roles ...

when you say clients, you mean clients in your LAN or WAN?

I think the correct way to install it would be the other way arround ... first Windows and then any other OS

try configuring firewall using gpo

any particular reason why?

You MUST be kidding me!!!!! Why wouldn't this work well? From what you say is that one should slipstream SP and reinstall all the servers once service pack is out!? LOL, if this is what you mean then this is definatelly not the way to do it!

check www.eventid.net

open cmd and type gpupdate /force

you need to add your users to Remote Desktop user group

Why don't you uninstall SP1, disable your firewall and install SP1 again ...

yep ... I've missed that one

SBS = [major difference] single domain, max 75 users, includes Exchange and ISA (premium edition)

I've had exactly the sam scenario as you have now ... the way I did it is as follows: Upgrade AD infrastructure with adprep /forestprep and adprep /domainprep commands ... install one Win2003 server and transfer FSMO roles over to the new 2003 server .... [http://support.microsoft.com/default.aspx?scid=kb;en-us;255690], then transfer the Global Catalog server role using AD Site and services ... once you're done and all replication is finished (can take up to 24 hrs)then you can start transfering user data, shared folders, home folders, profiles ... all data you might need ... then you can uninstall AD from Win2000 server using dcpromo ... don't forget NOT to use "This is the last domain controler in this domain" option ...

You have to install Terminal Services on the server (click Start - Control Panel - Add/Remove Programs - Add/Remove Windows Components) and then on the list select Terminal Services ... (note that you have 120 days to purchase CALs for TS) Now you can setup either Terminal Serices Web Client on the server or your engineers can use Remote Desktop Connection client to connect to Terminal server. Don't forget to configure options for temrinal server like session lenght and other options ... once user logs on, same logon script is executed as the user was in the office .. so he can access shared files ... Using web client you can configure web client to ask user if they want to connect local printers and hard drives to the session ... same can be configured on the remote desktop connection client ...

install another AV