Hi Susan,
No, we haven't tried with small business server.. Our average customer has
11,000 employees. :-)
That said, I can't imagine why it wouldn't work. Moreover, we do work with
lots of IT outsourcers / managed service providers, and support things like
multi-tenant, hopping firewalls, etc. That's getting a bit far outside of
this list's topic, and starting to sound a bit too much like advertising,
though. Continue offline please?
Cheers,
--
Idan Shoham
Chief Technology Officer
M-Tech Information Technology, Inc.
[EMAIL PROTECTED]
http://mtechIT.com
****************************************************************************
Please visit M-Tech in booth 80 at the Insight booth at GTC East Conference:
September 25-28, 2006 in Albany, New York.
M-Tech's CTO will be featured in the September 27 3:00PM panel discussion:
"Identity Management, Track: Embracing Technology"
****************************************************************************
The information in this email is confidential and may be legally
privileged. It is intended solely for the addressee. Access to this
email by anyone else is unauthorized. If you are not the intended
recipient, any disclosure, copying, distribution or any action taken or
omitted to be taken in reliance on it, is prohibited and may be unlawful.
****************************************************************************
On Mon, 4 Sep 2006, Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] wrote:
... as I go click on your web site to figure out your company and if it's
SBSized :-) Remember my space... managed services and var/vaps.
[EMAIL PROTECTED] wrote:
Susan,
Your point about lots of admins coming and going, with transient access to
hundreds or thousands of machines, is an important and separate one from
the multiple password policies question that this thread started out with.
I think trying to revoke all the admin creds that a given person had
access to in the last N days (N could be very large) is a hard problem,
and may be unnecessary. If you change all those admin passwords
frequently (e.g., every 24 hrs), then you can rest assured that the
person who just left the org won't have access to anything sensitive
tomorrow. That's good enough in most cases.
Of course, changing every admin cred every 24 hours creates a completely
new problem: how do you do that, in a manner that still makes the admin
creds reliably accessible to the people who need them, and only the people
who need them, only when they need them, and (heck, while we're at it)
with an audit log that shows which person looked up which cred.
Problems like this usually cause products to be written. E-mail me if
you want to get the advertising pitch for our particular solution. :-)
L8r,
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
