majd

we can go like this forever i propose that the guy tries both way and then let him be the judge, i am not going to convience u while u are probably 10000 miles away from me, keep ur knowledge for urself and god bless u! that's my knowledge it might not be as great as urs but that's life. thanks for ur time!

what trust relation are u talking about do u know what a STANDALONE server mean? my point was that u shouldn't allow users to access locally on a DC i don't know how u understood it and i don't care about ur CV either. i know what i am talking about and i don't need to put definitions on a 10 lines responce i am assuming that i am talking to people that have a basic of what they are doing. i know what i do and believe me i am not a paper MCSE guy. it seems that u need to refresh ur knowledge man. and the link is great specially to describ what kind of user scopes can be found on A STANDLONE server! BRAVO! that's what i've said go and show it to ur security buddies, maybe they will give u a NEW SECURITY BOOK as a gift for ur great knowledge. "never ever put the RRAS on a DC, because when the user authenticates it will log locally into the DC ,not a very smart thing to do, the RRAS must be a standalone server with its own user scope, the user log into it with certain credentiels (which should have practiaclly no permissions on the network) then they will have to reauthenticate with the DC in order to log into the domain USERS NOW HAVE THEIR PERMISSIONS AND THE ACCOUNTS THAT U WANT THEM TO ACCES THE NETWORK WITH(more secured, and this account should have the desired permissions)"

i am really impressed with ur respond, it seems that u can't understand english! it was clear that the scope stuff is not related to the security matter , reread and try to understand! bye

hi i am an MCSE holder and i've found a security hole in ur design, never ever put the RRAS on a DC, because when the user authenticates it will log locally into the DC ,not a very smart thing to do, the RRAS must be a standalone server with its own user scope, the user log into it with certain credentiels (which should have practiaclly no permissions on the network) then they will have to reauthenticate with the DC in order to log into the domain (more secured, and this account should have the desired permissions).hope that u will fix that. try to create in the RRAS a scope of IP addresses that will be handled by the RAS users (make sure that their is no overlapping with ur DHCP scope). hope that i've helped.

first delete the neutral partition. then go to win2k and run computer management then press on the harddisk tab and u should be able to expand the ntfs volume over the unallocated free space of the deleted partition. win2k allow that u to expand ntfs volumes. enjoy. bye

u can fix that by 2 ways. 1st u can boot from the win2k cd after installing winme and run recovery console and then type fixboot. or u can copy boot.ini,ntdetect, and ntldr form ur root directory ie c:\ to a disk and then copy then back after finishing ur installation. hope that this will help.