Ooops ... my apologies :O( -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Adner Sent: Friday, October 14, 2005 10:44 PM To: [email protected] Subject: RE: [ActiveDir] AD/DNS BPA? Boo, hiss. It's Engineering Services that offers it, not MCS. ;> > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells > Sent: Thursday, October 13, 2005 11:22 AM > To: Send - AD mailing list > Subject: RE: [ActiveDir] AD/DNS BPA? > > The tool I spoke about in confidence with Tony (just teasing > ;o) is an offering from MCS known as the ADHC or AD Health Check ... > it is a nicely shrink-wrapped series of powerful interrogation > scripts/tools that, when compiled by someone sufficiently trained, > produces a very detailed configuration breakdown, useful > recommendations and/or general mis-configurations. As I understand > it, it is available exclusively via an MCS engagement. > > -- > Dean Wells > MSEtechnology > * Email: [EMAIL PROTECTED] > http://msetechnology.com > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Tony Murray > Sent: Tuesday, October 11, 2005 7:45 PM > To: [email protected] > Subject: RE: [ActiveDir] AD/DNS BPA? > > If find DNSlint to be pretty good, but obviously limited in scope. I > think Dean mentioned to me recently that PSS have a tool that provides > BPA-like functionality. It sounded like the output might be a little > too complicated to make it publicly available. > > Perhaps Dean has more info on this (assuming it's not under NDA)? > > Tony > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Al Mulnick > Sent: Wednesday, 12 October 2005 2:58 p.m. > To: [email protected] > Subject: RE: [ActiveDir] AD/DNS BPA? > > The tools are there, but the interpretation is sometimes lacking <G> > I've been told that several companies are currently offering health > checks, but I haven't tested any of them. > > As for Microsoft tools, I'm a fan of using dcdiag and netdiag right > after scanning the event logs. That'll give me an idea of where to > focus more effort if needed. Most of what I want to know is going to > show up there without having to do too much waving of the magic wand. > There are some additional tools, but they get used after these two > steps in my normal approach. That'll indicate whether or not I have to > dig deeper. > Some other tools such as repadmin are useful as well. And there was a > tool, SPA that could be helpful in some situations depending on what > you want to know. > > I haven't seen an AD BPA though. Be interesting to see one. > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Susan > Bradley, CPA aka Ebitz - SBS Rocks [MVP] > Sent: Tuesday, October 11, 2005 9:34 PM > To: [email protected] > Subject: [ActiveDir] AD/DNS BPA? > > > <lurk mode off> > > Stupid question... okay we have Exchange Best practices analyzer > right? > http://www.microsoft.com/exchange/downloads/2003/exbpa/default.mspx > > I know you guys don't like GUI...but besides DNSlint, dnsdiag, > Sysinternals, Joeware stuff and such things... is there currently > enough tools in your bag'o'tricks to ensure DNS/AD is set up right? > Do you guys have a tool that you consider 'the' DNS/AD BPA and if so > what is it? > > Or is AD/DNS health review like security log reviews/dump files where > it's an art and not a science? > > And feel free to lob 'SBS could run on ipx/spx' comments my way as > well. > > ;-) > > <lurk mode back on> > > -- > > Letting your vendors set your risk analysis these days? > http://www.threatcode.com > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > ############################################################## > ########## > ##### > This communication, including any attachments, is confidential. > If you are not the intended recipient, you should not read it > - please contact me immediately, destroy it, and do not copy or use > any part of this communication or disclose anything about it. > Thank You. > > Please note that this communication does not designate an information > system for the purposes of the NZ Electronic Transactions Act 2002. > > This email has been scanned for Viruses and Content and cleared by > NetIQ MailMarshal at Gen-i. > ############################################################## > ########## > ##### > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
