Security a goal? It's more of a journey where the destination is we didn't get hacked this week (month/year)BTW, I wasn't saying that it's the worst idea ever to put e-mail on a DC (if it's a GC it will save you the journey for authentication), but in an organization where you have 2+ sites (and
We agree on security as a journey. We seem to disagree about putting an application on a DC. Exchange especially. Will it work? Yes. But the tradeoffs in thatsituation can be distasteful from an operational and security point of view if security, flexibility, scalability, and availability are of
Boy, Al, Id dearly *love* to step away from the
keyboard, keep your hands where we can see em! but I am the
monkey in charge of doing this.
Problem was (is?), I stupidly shut down
the FTPSERVER without seeing if it was a time server, the OU master, the AD
controller, and/or the PDC.
Glad you're able to retain a sense of humor. That's important too. :)
You're in good shape if AD and DNS is working fine or at least as expected. You can find out if the old FTP server held any roles etc and clean up based on that.
I don't have the links handy, but you'll want to check for the
You mean the people on this thread are
less than honest?? ;P
Steve Egan
Purcell Systems
System/Network Administrator
desk 509 755-0341 x110
cell 509 475-7682
fax 509 755-0345
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Matt Hargraves
Sent: Friday,
Yeah next they'll be SBS servers being installed there.
(For some of us having our DCs do other things doesn't freak us out as
much as it does you big serverland guys)
Matt Hargraves wrote:
I know you probably haven't been there very long, but what in the heck
are they thinking, making DCs
Well, the servers running the DC, mail, PDC, etc. are quad-processor
SuperMicros, so they aren't even sweatin' hard. I'm watching them,
they're golden. (Thanks, Susan - we think alike.)
(Ahem... don't look now, but we already have 8 IBM e-Business servers
(quad xeon) and are getting more. Don'
It's not speed or resources that scare most of us when it comes to
sharing DC space with other apps, it's security. With SBS Microsoft has
(at least in theory) covered most of those security bases for the admin.
The last time I allowed another admin to install FTP on a server he
inadvertently put
Granted external FTP isn't one that SBSers recommend either and we're
freaking out going WHAT ARE YOU THINKING? as well.
As we say down here we don't get hacked... we get stupid.
Tim Vander Kooi wrote:
It's not speed or resources that scare most of us when it comes to
sharing DC space
Hmm... I'm becoming more and more convinced that security on any platform is more of a goal than a destination anyway :)
Putting other apps on a server that is designed to be a security server is not best practice on any platform SBS or not.SBS exists because it makes more economic sense
My first instinct is to say please step away from the keyboard but that's just to make me chuckle. :)
It looks like the old server, FTP1 was configured as a time server? Or was it an AD domain controller?
The answer to that guides the rest of the conversation, but the best thing to do
are you by any chance trying to promote a R2 DC? If yes, use ADPREP from the
SECOND CD from the R2 distribution set
Met vriendelijke groeten / Kind regards,
Ing. Jorge de Almeida Pinto
Senior Infrastructure Consultant
MVP Windows Server - Directory Services
LogicaCMG Nederland B.V. (BU RTINC
12 matches
Mail list logo