Re: Can i lock access to AD with a security policy?
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 12/10/03
- Next message: anonymous_at_discussions.microsoft.com: "Services Control Manager security event"
- Previous message: Holly Mazerolle: "RE: administrator password"
- In reply to: 13th_Victor: "Can i lock access to AD with a security policy?"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Can i lock access to AD with a security policy?"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Can i lock access to AD with a security policy?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 10 Dec 2003 00:04:47 GMT
It could possibly be a network connectivity, dns configuration, or computer account
problem. I would run netdiag [on install cdrom, run setup in support/tools folder] on
that computer looking for any failed tests that may help pinpoint the problem such as
dns , dc list, or secure channel. Also check Event Viewer for any errors that may
give a clue. Incompatible security options in security policy can cause network
connectivity problems such as smb/digitally signing, or ipsec policy. Using netmon
while trying to accomplish your task may also reveal the problem. --- Steve
http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B321708
"13th_Victor" <hector@redwingsfan.com> wrote in message
news:0daa01c3be92$e0a4b860$a001280a@phx.gbl...
> ...Here goes...
>
> I have a Windows 2000 server machine that is used to run
> IIS it is not a DC...
> I was hoping to add a domain user account to a local group
> on the IIS box...
>
> I can not
>
> When I right click my computer > manage > Local Users and
> Groups > I right click "theGroupName" > Properties > then
> click Add... here is where the problems start, if the look
> in pull down is not grayed out I select the domain then
> the user, but when I click the ok button I get a pop up
> that says "Processing of the object <username> failed with
> the following error: The specified domain either does not
> exist or can not be contacted" and then the look in grays
> out for. I don't know about 15mins?
>
> Now I have only been working on the network for about 6
> weeks, and I can see that other local groups on this IIS
> box that have domain users as members, so I think there is
> a security policy that may have been activated after these
> domain users where added to the local groups, and I know
> that I can add domain users to local shares and grant them
> NTFS permissions, so it not that the domain doesn't exist
> or can be contacted?
>
> Any one have an idea?
>
- Next message: anonymous_at_discussions.microsoft.com: "Services Control Manager security event"
- Previous message: Holly Mazerolle: "RE: administrator password"
- In reply to: 13th_Victor: "Can i lock access to AD with a security policy?"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Can i lock access to AD with a security policy?"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Can i lock access to AD with a security policy?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
