Boo, hiss. It's Engineering Services that offers it, not MCS. ;> > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells > Sent: Thursday, October 13, 2005 11:22 AM > To: Send - AD mailing list > Subject: RE: [ActiveDir] AD/DNS BPA? > > The tool I spoke about in confidence with Tony (just teasing > ;o) is an offering from MCS known as the ADHC or AD Health > Check ... it is a nicely shrink-wrapped series of powerful > interrogation scripts/tools that, when compiled by someone > sufficiently trained, produces a very detailed configuration > breakdown, useful recommendations and/or general > mis-configurations. As I understand it, it is available > exclusively via an MCS engagement. > > -- > Dean Wells > MSEtechnology > * Email: [EMAIL PROTECTED] > http://msetechnology.com > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray > Sent: Tuesday, October 11, 2005 7:45 PM > To: [email protected] > Subject: RE: [ActiveDir] AD/DNS BPA? > > If find DNSlint to be pretty good, but obviously limited in > scope. I think Dean mentioned to me recently that PSS have a > tool that provides BPA-like functionality. It sounded like > the output might be a little too complicated to make it > publicly available. > > Perhaps Dean has more info on this (assuming it's not under NDA)? > > Tony > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick > Sent: Wednesday, 12 October 2005 2:58 p.m. > To: [email protected] > Subject: RE: [ActiveDir] AD/DNS BPA? > > The tools are there, but the interpretation is sometimes > lacking <G> I've been told that several companies are > currently offering health checks, but I haven't tested any of them. > > As for Microsoft tools, I'm a fan of using dcdiag and netdiag > right after scanning the event logs. That'll give me an idea > of where to focus more effort if needed. Most of what I want > to know is going to show up there without having to do too > much waving of the magic wand. > There are some additional tools, but they get used after > these two steps in my normal approach. That'll indicate > whether or not I have to dig deeper. > Some other tools such as repadmin are useful as well. And > there was a tool, SPA that could be helpful in some > situations depending on what you want to know. > > I haven't seen an AD BPA though. Be interesting to see one. > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] > Sent: Tuesday, October 11, 2005 9:34 PM > To: [email protected] > Subject: [ActiveDir] AD/DNS BPA? > > > <lurk mode off> > > Stupid question... okay we have Exchange Best practices > analyzer right? > http://www.microsoft.com/exchange/downloads/2003/exbpa/default.mspx > > I know you guys don't like GUI...but besides DNSlint, > dnsdiag, Sysinternals, Joeware stuff and such things... is > there currently enough tools in your bag'o'tricks to ensure > DNS/AD is set up right? Do you guys have a tool that you > consider 'the' DNS/AD BPA and if so what is it? > > Or is AD/DNS health review like security log reviews/dump > files where it's an art and not a science? > > And feel free to lob 'SBS could run on ipx/spx' comments my > way as well. > > ;-) > > <lurk mode back on> > > -- > > Letting your vendors set your risk analysis these days? > http://www.threatcode.com > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > ############################################################## > ########## > ##### > This communication, including any attachments, is confidential. > If you are not the intended recipient, you should not read it > - please contact me immediately, destroy it, and do not copy > or use any part of this communication or disclose anything about it. > Thank You. > > Please note that this communication does not designate an > information system for the purposes of the NZ Electronic > Transactions Act 2002. > > This email has been scanned for Viruses and Content and > cleared by NetIQ MailMarshal at Gen-i. > ############################################################## > ########## > ##### > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
