Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security NTBugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Restoring deleted security groups in AD

from [Johny Wishbone] Network Security [Permanent Link]
Subject: Re: Restoring deleted security groups in AD
Date: Thu, 14 Apr 2005 11:28:50 -0700 
Ensure that you have permissions on the source and destination domainsto 
complete the move. The following error message is logged in theMoveTree.err 
file if you have insufficient permissions:Error: 0x2098 Insufficient Access 
Rights to perform the operation.MoveTree cross domain move failed. The extended 
error is 00002098:SrcErr:DSID-0031B02E2, problem 5003 (WILL_NOT_PERFORM), data 
0• Use quotation marks for parameters with spaces. • Use all lowercase letters 
when designating the source anddestination subtree root domain names. If you 
use uppercase letters,the following error message is logged in the MoveTree.err 
file:Error: 0x20e4 The Naming Context could not be found. MoveTree cross domain 
move failed. The extended error is 0000020e4: SvcErr: DSID-031B02E2, problem 
5003(WILL_NOT_PERFORM), data 0

This is from http://support.microsoft.com/?kbid=238394

On 4/12/05, Eric Ayre <era@bigpond.com> wrote:> Hello,> > I have been 
investigating the restoration process for deleted objects in AD> in response to 
the situation where by if you remove IIS from a domain the> group IIS_WPG gets 
removed despite the existence of other IIS servers and> other accounts in this 
group. Although the problem is fixed in 2003 SP1,> there is a concern that some 
one will bring up a standard DC with IIS> installed then decide to remove IIS 
as this is not required.> > I have been following MS article, 840001 "How to 
restore deleted user> accounts and their group memberships in Active 
Directory", specifically the> section on "How to manually undelete objects in a 
deleted object's> container" as an authoritative restore is viewed as taking 
too long.> > Problem> > I can restore a deleted user account and a distribution 
group when I attempt> a security group I get the following error.> > ***Call 
Modify...> > ldap_modify_ext_s(ld,> 
'CN=MyTestGroup\0ADEL:e9901a47-182e-41e8-b025-888d9e7c5f7a,CN=Deleted> 
Objects,DC=mydom,DC=com,DC=au',[2] attrs, SvrCtrls, ClntCtrls);> > Error: 
Modify: Unwilling To Perform. <53>> > Server error: 0000001F: SvcErr: 
DSID-031A0FBC, problem 5003> (WILL_NOT_PERFORM), data 0> > I found an article 
on movetree where by case sensitivity was an issue,> however this did not help 
when tested.> > I have not been able find any references in technet for this 
error.> > Any suggestions and explanations will be welcome.> > Thanks,> > Eric 
Ayre> > --> NTBugtraq Editor's Note:> > Most viruses these days use spoofed 
email addresses. As such, using an Anti-Virus product which automatically 
notifies the perceived sender of a message it believes is infected may well 
cause more harm than good. Someone who did not actually send you a virus may 
receive the notification and scramble their support staff to find an infection 
which never existed in the first place. Suggest such notifications be disabled 
by whomever is responsible for your AV, or at least that the idea is 
considered.> -->
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  MS05-01x Network Problems on Systems with VERITAS Backup Exec Dr ivers, Darryl J Roberts
Next by Date:  Bug in Patch MS05-019, Brian G.
Previous by Thread:  Restoring deleted security groups in AD, Eric Ayre
Next by Thread:  Re: Restoring deleted security groups in AD, Higareda, Robert
Indexes:  [Date] [Thread] [Top] [All Lists]