ICTCity

Check on all of your GROUP POLICY if somewhere there's the policy "Password must meet minimal complexity requirements". I don't understand what you mean with "can i set it so the domain to automatically create a user for the local user account? or do i need to manually add it?"

I think I will write a tutorial / explenation regarding policies in Windows' domain. There's a lot of confusion and to troubleshoot these problems is a really hard task. First of all you must determine which polices are applied to that group / ou / user, then you can start troubleshoot. So, open gp manager and run a RESULTANT GROUP OF POLICY and select the computer / user. Once finished you can easily see which policies have been applied, in case of an error (permissions) you will see "ACCESS DENIED" or something like this. Good question, TEORICALLY no, you just need a common DNS with the needed record (_ldap, _tcp, ...) so your router cannot do this (you can't add DNS entries). Pratically --> mhhh more or less, you can set up a dns server BEFORE and then create a domain. In this way dcpromo should create the the entries for you but anyway you will ever have a local dns but the client's DNS can also be another (different from you DC). Mhh no idea, usually when a PC joins correctly to a domain you are prompted to enter domain's credentials. If you write domain\username it works?

Don't confuse things. Windows server COULD do RAID but if you can, DON'T do a software raid! It's sloooow, really slow. Use your raid controller. This will be configured after the POST and before the Windows installation. I don't want to believe that your controller cannot manage 2 differents RAID. Today I have installed a server with 3 RAID on a HP which is really old (7 years) so... Said that, once you are able to configure your controller, install windows on first RAID and once ready to install create just one partition for WINDOWS (let's say 200 gb) you can adjust this value based on your needs. Once installed, create others partitions (mail, db, webApp) so you will have 4 parts on your FIRST hard drive. Having multiple partitions has (no) drawbacks, but has advantages (one is that when you want to move something maybe on a storage in the future, you can do this easier than with a single confused partition), another advantage... let's say that something screw up your C:\ partition. You have an image of 1 month ago, with a single partition you must restore the image and THEN recover the database backup (and if you don't know... recovery a database no matter if it's sql, mysql, ... it's a BEAUTIFUL job... do it one time for test... you will see when partials records are not recovered... or tables weren't close... beautiful...), so finally you spent one day to recover the system and people cannot work. With multiple partitions you must restore the old image and windows starts up and the DB file is up to date. You (maybe) must do just some adjustment on your "old" windows. In the worst case you can simply reinstall a fresh windows server (30-40 mins?) and install your DB software but data is still available! Just a quick thing, if you use shared storage (san, nas) you can map each partition on a host of your choice so you really have a great no-downtime! (Almost :P) Back to you, you have your part (windows), now you can create the others partitions based on your needs. Finally you have the second RAID ready to "host" your web app database. Also in this case... if you have a db which is 100 gb create a partition of 200 or 250 gb but DON'T use the entire disk. It's EASIER to grow a partition instead of stretch it. Trust me :P With windows you can expand partitions but not stretch. I wrote too much? mhhh maybe :P

I'm not sure (I will check on Monday), but I think you cannot do this on the same IP. Actually one IP is listening on 443, so the same IP cannot listen on 443 but for a different website (unless you use virtual host). A cert is assigned to a hostname so if you change the assignment, it's CHANGED not duplicated or copied or whatever. I'm quite sure about this...

And why you have to use as a single disk? Even on single raid controller you can have different config... Well if you must use the single configuration switch to raid 5. if not... Well actually is the same. The different between raid 1 and 5 is not only in the raid itself. The most important thing are the spindle of your disk, the more you have, the faster they are.

the crt should be the key and cer the certificate. Usually the public key is a pub or key file.

Remember that MOST restrictive policy will be applied. If you set the GROUP accounting as READ-ONLY and then you set a USER inside the accounting group as full access, the full access should be applied.

The link I gave you before should explain exactly what you must do :) regarding speed... well normal... not impressive but in some way I'm on the other part of the world ahahaha

I think I get it. but you manage both sites from IIS or the forum is working on ANOTHER server?

stupid router... contact the assitance... I have no idea.

so what's the problem?

DNS records can only convert to IP. That means if you insert an A record forum.megahosting.co.nz it must point to your public IP but this (now) will point to home page. What you can do is to create another zone or a redirect that points to the folder FORUMS. Usually it works like this: You have the folder somewhere called megahosting.co.nz then you have a folder called www (so: www.megahosting.co.nz) and then you can create others folders like FORUMS and so on. This article is well explained and it should be your case: http://www.windowsnetworking.com/articles_tutorials/web-sites-windows-2003.html

Mhhh not really... when you have a problem, and you have a resolution but you must wait for a 3rd part... it's... well you know... not funny ^^ What you mean by binding to a directory? you can BIND a website which resides in a directory. Do you want to bind another website which is in the same directory of another website? like this: mysite.mydomain.com which is in C:\www\mysite\ and anothersite.mydomain.com which is in C:\www\mysite\anothersite\ ? Right now I can't read inside human mind... but I'm working (hard) on this. I will update too when I can do this... remotely... wireless...

just another thing... Set up a reminder somewhere to renew the certificate... maybe one month before it expires so you have time to re-buy another one and nobody notice anything :). Well, I did this but unfortunatly I did so many time POSTPONE on outlook and one day people started to call me asking why there was a "certificate error". I have ordered a new cert but in some way the file was corrupted so I passed almost 5 hours answering questions about cert error. Finally when everything was resolved outlook give me a pop-up: REMINDER: Renew SSL Cert! What a great day ^^

Mhhhh now everything's fine... odd

Mhhh ok now it's redirecting on the right website but once loaded I have "internal error" mhhh strange.

mhhh not for me :P

The red marked profiles should stay there. Rename the others (simply add OLD at the beginning of the SID) and check if everything's still working.

the problem with that router... it doesn't provide a serious debug / log like many "home" router :/

You don't understand how to redirect :P Now the redirection points to: https://megahosting.co.nz/index.phpmegahosting.co.nz/ You are really close... really close...

Same as before. Stop the IIS and start. If you can, restart the server. Check the event viewer for errors

I think you have a redirection in REDIRECT (from IIS) but you also have a script running in some page that redirects too. Right? If yes, delete one of them.

You are almost there... if I vist http:// I have a redirection on: https://megahosting.co.nz/index.phpmegahosting.co.nz/ So fix the last part ;)

I don't know... depends on WHICH level do you create your DMZ. Most of the router have the DMZ functionality so Windows doesn't know anything about the DMZ. At this point I think the problem is with routing and redirection on your router because if you disable the firewall in your DMZ (assasin!) and nothing works... the problem is not your firewall.

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\ And check if you can find any account named admin002 and so. Under the folder ProfileList there are SIDs but once you have selected one of them, on the right pane you can find ProfileImagePath that can tell you what's the name of that account. Honestly I think the problem is a permission issue on the admin profile folder (you should be the owner of that folder), because the 001, 002, ... profiles are created to avoid duplicates when windows cannot write to the profile directory.