[NTSysADM] Backing up Active Directory

We are trying to figure out what we need to back up for Active Directory as part of our disaster recovery plan. Is backing up just the System State on a domain controller enough or do we need the entire server? Should all domain controllers be backed up or is one per domain OK?

[NTSysADM] RE: IIS and cals

Right, I fetched the doc as per Michael, but the part I am still confused about is your second sentence. So if an unauthenticated user via a non-Windows kiosk accesses the site for which no windows based auth is setup, but application level authentication, then they do or don't need a cal?

RE: [NTSysADM] DNS and DHCP and Scavenging...oh my!

It’ll work just fine, but there is a security issue that requires some extra steps. Its discussed here: http://blogs.technet.com/b/stdqry/archive/2012/04/03/dhcp-server-in-dcs-and-dns-registrations.aspx From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of

[NTSysADM] RE: IIS and cals

I view it like this: If I have to log into a DC to gain access to the site. I require a CAL. If I log in but not to a DC then I do not require a CAL. Regardless of the back end. If you use your scope then someone like Verizon or Xbox would be broke paying for all the CALs they would require

[NTSysADM] RE: IIS and cals

Going to go out on a limb here and suggest Xbox doesn't have to buy Cals, or any software from Microsoft. :) But your explanation is well written and nails it pretty well I believe. -Original Message- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On

[NTSysADM] RE: IIS and cals

inline -Original Message- From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Joseph L. Casale Sent: Tuesday, November 18, 2014 8:28 AM To: 'ntsysadm@lists.myitforum.com' Subject: [NTSysADM] RE: IIS and cals Right, I fetched the doc as per

[NTSysADM] MS out of band today.

https://technet.microsoft.com/library/security/ms14-nov

RE: [NTSysADM] Backing up Active Directory

For simply protecting AD as opposed to real DR, you could just back up the system state, but a full server backup isn’t much bigger if it’s a DC that does nothing else, so why not do that? In any case, back up every single DC at staggered times so that you have a version of AD that is as recent

Re: [NTSysADM] MS out of band today.

*(^*# ^$*#^ On Tue, Nov 18, 2014 at 9:45 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote: https://technet.microsoft.com/library/security/ms14-nov

Re: [NTSysADM] MS out of band today.

You knew it was coming... *ASB **http://XeeMe.com/AndrewBaker* http://xeeme.com/AndrewBaker *Providing Virtual CIO Services (IT Operations Information Security) for the SMB market...* On Tue, Nov 18, 2014 at 9:45 AM, Kennedy, Jim kennedy...@elyriaschools.org wrote:

Re: [NTSysADM] RE: IIS and cals

*If you use your scope then someone like Verizon or Xbox would be broke paying for all the CALs they would require for all the users needing access to their sites but not using Active Directory.* Not so... There are separate SKUs for the products that will be internet connected where the number

RE: [NTSysADM] Backing up Active Directory

Standard guidance is at least 2 DCs from each Domain in the forest. There are a number of resources on TechNet including a detailed whitepaper that can be used as a basis for planning and testing. Basics- http://technet.microsoft.com/en-us/library/cc771290(v=ws.10).aspx Also-

RE: [NTSysADM] Backing up Active Directory

Thanks, I’ll hold on to this as well. *From:* listsad...@lists.myitforum.com [mailto: listsad...@lists.myitforum.com] *On Behalf Of *Free, Bob *Sent:* Tuesday, November 18, 2014 11:18 AM *To:* ntsysadm@lists.myitforum.com *Subject:* RE: [NTSysADM] Backing up Active Directory Standard

RE: [NTSysADM] Problems with the schannel update?

Disclaimer: This is all YMMV, Caveat emptor but I thought I'd share what I dug up. --As I was preparing to send I see the bulletin has been re-released as expected so much of this is likely moot. My understanding is that at least one of the roots of the root of the problem is the new cipher

RE: [NTSysADM] Problems with the schannel update?

https://technet.microsoft.com/en-us/library/security/ms14-066.aspx V2.0 (November 18, 2014): Bulletin revised to announce the reoffering of the 2992611 update to systems running Windows Server 2008 R2 and Windows Server 2012. The reoffering addresses known issues that a small number of

[NTSysADM] partition or data recovery?

It's been quite a while and I've not done a lot of this type of thing. So help would be appreciated: My dad's hard drive died (4 year old HP desktop). So I took out the drive and slaved it to one of my machines at home. It sees (2) partitions one of which is the recovery partition and it sees

Re: [NTSysADM] Problems with the schannel update?

By and large we didn’t have issues with the patch on Windows products, but we have some 3rd party products that do LDAP look ups against our DCs and those all pretty much broke so we had to take it off the DC’s. It stayed on on everything else. With the out of band and the rerelease, we are

RE: [NTSysADM] Problems with the schannel update?

ms14-068 is pretty scary and kind of dwarfs it in my mind. From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Steven Peck Sent: Tuesday, November 18, 2014 11:54 AM To: ntsysadm@lists.myitforum.com Subject: Re: [NTSysADM] Problems with the schannel update?

RE: [NTSysADM] RE: IIS and cals

sounds like external connector license for IIS, depending of course http://blogs.technet.com/b/volume-licensing/archive/2014/03/10/licensing-how-to-when-do-i-need-a-client-access-license-cal.aspx If you have Windows Servers configured to run a “web workload” these users will not require CALs