Archive for October, 2008

Printer sharing

October 31, 2008

Picture this; I have a network with multiple computers (Mac and Windows machines). I share a printer from a Windows XP Home machine. 

I get the Mac’s up and running on that shared printer in seconds. the same goes for my XP home laptop.

When it comes to an XP pro laptop which is a member of a different domain it won’t work. When I type in the machine name using UNC or even the IP address I get a listing of the shares on that machine including the printer I want to connect to. If I try to connect to it I get the error “operation could not be completed”.

I tried many many things to resolve this (I thought it must have been the XP pro machine that was causing the error initially).

The fix was to remove Norton 360 from the host machine and install something more sensible such as BitDefender AntiVirus. Once that was complete it worked from the XP Pro laptop.

Another strange but true issue.


AD replication woes

October 25, 2008

Problem: Two domain controllers – in mixed mode. I wanted to move to Native mode so I can transfer the roles to newer server and then eventually demote the old DC’s. I changed the first DC to native and then tried to replicate to the second. Didn’t work. The second DC was actively disabling replication inbound AND outbound!

The fix: Basically after reading lots of sites and pulling out of hair I found that you need to remove the DISABLED tag on the DC that won’t replicate. We thought it was horribly more complicated than that but it’s not.

Here’s the actual fix: 

  • repadmin /options <DC NAME> -DISABLE_OUTBOUND_REPL
  • repadmin /options <DC NAME> -DISABLE_INBOUND_REPL
****NOTE**** YOU MUST PUT THE “-” (minus) before the DISABLE command to REMOVE the disable flag. You’d think that Microsoft would have made things a tad easier and allowed a command, Oooo such as, I dunno…. ENABLE_OUTBOUND_REPL?!?!?!?!? But Noooo you’ve got to remove the disable flag. Oh well what do I know. Anyway we removed the flag and it worked instantly. Woot!

Subnet wierdness

October 25, 2008

Had an issue with a machine not able to connect through to a different subnet even though all other machines could.

I had a look at the Subnet setting on the machine and it was set to – this should be fine I thought as it gives a wider range for the machine to connect to.

What I forogt was the the subnets are connected via an IPSEC tunnel between the two routers. This meant that i had to force the machine to use the router to get through to the other network rather than go directly. 

It was such an interesting issue that I thought I should note it down.

Wierd DNS / AD problem

October 23, 2008

Today I had an odd issue with adding a domain user to a local machine’s administrators group. It wouldn’t go – it kept saying it couldn’t find the domain, even though I was logged in as the domain administrator!! I removed the machine from the domain, rejoined and had the same problem. I added the domain server to the host file – no difference. I left the domain, renamed the machine, deleted the machine account and rejoined the domain. Again, no difference. I allowed remote access to the machine and tried to add the user from the domain server but it wouldn’t connect to the machine (even though I had specifically allowed remote management of the computer). I added the user to manage the machine account – not entirely sure what this does but it didn’t give the user admin rights on the machine.


In the end I added the domain (and DNS) server’s IP to the DNS on the local machine and nothing else (IP address was still set to DHCP), rebooted and hey presto it worked.

Strange but true.

Simple VPN reminder

October 17, 2008

To setup a VPN in windows XP go to:

  1. Network connections
  2. Click on “Create a new connection”
  3. Next
  4. “Connect to the network at my workplace”
  5. “Virtual Private Network connection”
  6. Name the connection (something relevant)
  7. Add in the DNS name or IP address of the VPN host
The thing I forgot and why I added this entry, is that to add this to the begining of the windows login (so you can login to the domain during startup – and get those nice login scripts), all you need to do is get past the “dial-up” wizard.
When you start to login, there will be a small check box that says “Log on using dial-up connection”. Check that box, type in all your login details and click OK.
It’ll then bring you to another window that gives you the option to start the VPN that you setup previously.