Correct.
Normally "alwite, me ol
mucker?" though :)
From:
[EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Dean Wells
Sent: 17 May 2006 21:35
To: Send - AD mailing list
Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
Sent: 17 May 2006 21:35
To: Send - AD mailing list
Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
Try again -
"Noun. Friend. E.g."Alright my old
mucker." [1940s]"
... Neil or Mark or any of the other English
folk will no doubt attest to its usage.
--
Dean Wells
MSEtechnology
* Email: dwells@msetechnology.com
http://msetechnology.com
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jef Kazimer
Sent: Wednesday, May 17, 2006 4:24 PM
To: [email protected]
Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
http://dictionary.reference.com/search?q=mucker
mucker
\Muck"er\, n. A term of reproach for a low or vulgar labor person. [Slang]
Let the Ragin' begin!
(Thought I could have sworn it was a lazy way to say "mofo" :) )
> From: [EMAIL PROTECTED]
> To: [email protected]
> Subject: RE: [ActiveDir][OT] DNS on a DC or NOT
> Date: Wed, 17 May 2006 15:45:01 -0400
>
> Ignore Dean. He's going to try and D.O.S. a couple of companies I specified
> to him. If you see Dean's name in the papers next to buildings that are
> burning to the ground then you can listen to the conspiracy theories that
> require running S-DDNS. ;o) How many times was your NT environment DOS'ed
> by purposeful attacks on WINS? If you had an issue with WINS being
> unauthenticated at any point it was one of a couple of items
>
> 1. You screwed up WINS yourself some how by doing something stupid or
> through inaction allowing something stupid to happen.
> 2. Someone fired up a SAMBA box and had no flipping clue what they were
> doing on Linux OR Windows.
> 3. Someone tried to set up a test domain using production WINS and using the
> real name of the production domains.
>
> Even with those three items I can think of 2 cases in 10 years of these
> things and one was cleared up in about a week and the other was cleared up
> in about 15 minutes. The first should have been cleared up in 15 minutes too
> except the people working on it didn't understand Windows nor WINS nor did
> the Alliance people working the issue.
>
> In the meanwhile, if an employee of a company wants to hurt AD, there are
> more subtle and less trackable mechanisms to do so than going after DNS.
> Anyone that attacked AD by going after AD is just a script kiddie punk with
> no vision. Heck even the script kiddies aren't going after it.
>
> BTW, anyone know what a mucker is? I am trying to figure out if I am
> supposed to be morally outraged. <eg>
>
> joe
>
>
> --
> O'Reilly Active Directory Third Edition -
> http://www.joeware.net/win/ad3e.htm
>
>
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells
> Sent: Wednesday, May 17, 2006 2:55 PM
> To: Send - AD mailing list
> Subject: RE: [ActiveDir] DNS on a DC or NOT
>
> Ignore joe ... he's just an LDAP/DS purist ... as a general rule of thumb,
> keep the AD representative DNS zones within the directory configured to
> accept secure updates only. Use app. NCs or don't depending upon the
> forest's config., too many variables and much discussion for me right now on
> that one I'm afraid ... but suffice it to say that for me; I prefer app. NCs
> where possible.
>
> --
> Dean Wells
> MSEtechnology
> * Email: [EMAIL PROTECTED]
> http://msetechnology.com
>
>
>
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of joe
> > Sent: Wednesday, May 17, 2006 10:01 AM
> > To: [email protected]
> > Subject: RE: [ActiveDir] DNS on a DC or NOT
> >
> > SO you are concerned about overall load then. This is something that
> > is addressed in larger orgs often by segregating the PDC off in its
> > own logical site which is hung off the main site it would normally be
> > part of. That means it will usually not be used for autocoverage of
> > other WAN sites and it will not become a large site bridgehead[1] and
> > naturally avoided by any Exchange in that site if Exchange for some
> > reason decides to beat on it due to some bad decision by an Exchange
> > admin during configuration. This is especially helpful if you have a
> > large legacy client load or lots of stupid applications that are using
> > the old NET API (or WinNT provider) primarily which already overly
> > target PDCs.
> >
> > joe
> >
> >
> > [1] I recall asking way back at the 2003 RAP/RDP conference for a
> > switch to say use all DCs but these special ones for bridgeheads, I
> > would rather manage exceptions than manage the ones that are the ones
> > to be used. Best is to be able to specify either way.
> >
> >
> > --
> > O'Reilly Active Directory Third Edition -
> > http://www.joeware.net/win/ad3e.htm
> >
> >
> > -----Original Message-----
> > From: [EMAIL PROTECTED]
> > [mailto:[EMAIL PROTECTED] On Behalf Of
> > Carlos Magalhaes
> > Sent: Wednesday, May 17, 2006 9:44 AM
> > To: [email protected]
> > Subject: Re: [ActiveDir] DNS on a DC or NOT
> >
> > Let me put that into perspective (and from reading the post
> > again I thought it came across), the blog entry refers to
> > networks with a large client load.
> > I don't mean do NOT have DNS on your server it recommends
> > (Option 2) releasing some of the load with the two registry
> > settings, i.e.
> > *LdapSrvPriority *and *LdapSrvWeight*.which is explained in
> > the entry :)
> >
> > These settings I have only ever used on large networks when I
> > have noticed a large amount of DNS traffic being routed to
> > the PDC DNS Service. :)
> >
> > Does that explain the post if not just let me know what more
> > information you need and I will explain it :)
> >
> > Carlos Magalhaes
> >
> > ASB wrote:
> > > Which blog entry...
> > >
> > > -ASB
> > >
> > >
> > > On 5/17/06, *Krenceski, William* <[EMAIL PROTECTED]
> > > <mailto:[EMAIL PROTECTED]>> wrote:
> > >
> > > I was reading Carlos's blog about not running DNS on the PDC
> > > emulator. It all makes perfect sense to not have DNS running on
> > > it. In my relatively small setup we have @60 servers,
> > 560pc's, on
> > > 8 networks (some remote some vlans). I have 2 DC's at
> > my main site
> > > with one at each remote site. All DC's are GC and DNS. I always
> > > thought that in order for DNS to work as AD integrated
> > you're DNS
> > > servers had to be DC's. If that is NOT true my face is red for
> > > believing so for so long.
> > >
> > >
> > >
> > > **
> > > **
> > > *William Krenceski*
> > > *Network Administrator*
> > > [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
> > >
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> > List info : http://www.activedir.org/List.aspx
> > List FAQ : http://www.activedir.org/ListFAQ.aspx
> > List archive:
> > http://www.mail-archive.com/activedir%40mail.activedir.org/
> >
> >
>
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
>
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
Express yourself instantly with MSN Messenger! MSN Messenger
PLEASE READ: The information contained in this email is confidential and
intended for the named recipient(s) only. If you are not an intended
recipient of this email please notify the sender immediately and delete your
copy from your system. You must not copy, distribute or take any further
action in reliance on it. Email is not a secure method of communication and
Nomura International plc ('NIplc') will not, to the extent permitted by law,
accept responsibility or liability for (a) the accuracy or completeness of,
or (b) the presence of any virus, worm or similar malicious or disabling
code in, this message or any attachment(s) to it. If verification of this
email is sought then please request a hard copy. Unless otherwise stated
this email: (1) is not, and should not be treated or relied upon as,
investment research; (2) contains views or opinions that are solely those of
the author and do not necessarily represent those of NIplc; (3) is intended
for informational purposes only and is not a recommendation, solicitation or
offer to buy or sell securities or related financial instruments. NIplc
does not provide investment services to private customers. Authorised and
regulated by the Financial Services Authority. Registered in England
no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St Martin's-le-Grand,
London, EC1A 4NP. A member of the Nomura group of companies.
