You want something done right, do it yourself....
:)
-g From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, October 10, 2005 1:48 PM To: ActiveDir@mail.activedir.org Subject: RE: [ActiveDir] Results of survey - Most common cause of Active Directory "failures"? Maybe I shouldn’t be
pushing so hard to take over DNS operations for clients and servers.
;-) Actually, we manage the
SRV records only, and while they are a bit tricky, but once it’s working it just
works. But trying to explain what’s going on to a Windows admin who
doesn’t have an AD background is almost a bigger
challenge.
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Gil
Kirkpatrick Here's the summary of the results
from last weeks informal survey. By far the most popular cause of AD failure is
the inadvertant misconfiguration of MSFT DNS, which is interesting, because that
was true 2 years ago as well. I guess some things never
change. (45 pts) C. Inadvertant
misconfiguration of MSFT DNS. (28 pts) A. Inadvertant data
deletion (fat-fingering a user object or, God-forbid, an OU) (14 pts) F. Hardware failure of a DC
(2 pts) K. Malicious attack by
an authenticated user I ignored anything that was ranked
lower than 5th... A little surprising is that the
there were two votes for malicious attacks by an internal
source. Some of the other failure reasons
cited (no overlap, so I must have listed all the important
reasons...) Incomplete load of an IPSec filter
list Impact of a 3rd party
agent or application on a DC e.g. Antivirus
software Issues with FW config that hindered
replication over tombstone livetime (may belong to
E) Corrupt AD DC database
/ required metadata cleanup and repromotion of
DC Misconfiguration by a previous
admin, and shutting down a DC with out dcpromo, or cleaning up metadata
afterwards. Inadvertantly double-clicking a
_vbscript_ when someone meant to right-click > edit it
:) The two winners of the "nothing too
fancy" prize are Hunter Coleman and Stuart Fuller (wait for applause to die
down...) Please email your shipping particulars to me at
mailto:[EMAIL PROTECTED], and I
will get your gifts sent out ASAP. I only received about 20
responses... I was expecting maybe 40 or 50. Any suggestions as to how to make
this more effective (I don't have any money to spend on this, so large
cash-value prizes are right out :) -gil From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Gil
Kirkpatrick Greetings
fellow travellers, Here's a quick, informal,
non-scientific survey. Please reply to me directly at mailto:[EMAIL PROTECTED] so we don't
spam the list with responses. I've got a some swell gifts to give away at random
to a couple of lucky respondants (nothing too fancy). I'll post the summary in a
few days. Question: *In your experience*,
which are the most common causes of Active Directory "failure" (where failure is
defined as failure to authenticate, authorize, replicate, or apply GPOs as
expected). List as many as you care to, in order from most common to least
common. Note that I am not considering the consequences of the failure, just how
frequent they are. Just send me a response like B, A, F
or some such, along with any commentary you might have.
A.
Inadvertant data deletion (fat-fingering a user object or, God-forbid, an
OU) C.
Inadvertant misconfiguration of MSFT DNS. Thanks for your
feedback. -gil Gil
Kirkpatrick Don''t miss the
Directory Experts Conference 2006. More information at www.dec2006.com.
|
Title: Most common cause of Active Directory "failures"?
- RE: [ActiveDir] Results of survey - Most common cause of A... Gil Kirkpatrick
- RE: [ActiveDir] Results of survey - Most common cause... Gil Kirkpatrick
- RE: [ActiveDir] Results of survey - Most common cause... Gil Kirkpatrick
- RE: [ActiveDir] Results of survey - Most common cause... Jensen, Ken