If you are part of AD, then you are subject to a Domain Admin, period. Now, if they are establishing various trust relationships then things are different. Since we don't know how any of this is being implemented, it's next to impossible to really know one way or the other. :)
-- Puryear Information Technology, LLC Baton Rouge, LA * 225-706-8414 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices Identity Management, LDAP, and Linux Integration Andrew Baudouin wrote: > He's talking about the fact that IT has promised the department admins > the ability to lock IT out of their servers. > > Nothing to see here, move along. > > On 9/27/07, * Dustin Puryear* <dustin at puryear-it.com > <mailto:dustin at puryear-it.com>> wrote: > > Honestly, I don't know what you mean by "AD lockout". :) > > -- > Puryear Information Technology, LLC > Baton Rouge, LA * 225-706-8414 > http://www.puryear-it.com > > Author, "Best Practices for Managing Linux and UNIX Servers" > http://www.puryear-it.com/pubs/linux-unix-best-practices > > Identity Management, LDAP, and Linux Integration > > > willhill wrote: > > The problems is that people like you are already running ADs of > their own and > > think they are doing a better job than IT will. I've gotten > conflicting > > reports of how much control this will actually give the IT > people. IT claims > > they will let you lock them out and there's no way around that > lock out. > > Others have their doubts. These people know their machines and their > > department needs much better than the IT people do, so I can > understand their > > suspicion and fear. Job security is another thing for them to > worry about. > > > > So, Dustin, who's right about the AD lockout? > > > > On Thursday 27 September 2007 10:36 am, Dustin Puryear wrote: > >> My thoughts are that if LSU owns the equipment, then they get to > manage > >> it. And when it comes to AD, fact is, I *like* AD. It's powerful > and has > >> some very strong policy enforcement mechanisms. > >> > >> What I think gets lost in the shuffle sometimes is the fact that it > >> costs much more to manage a box than it does to buy a box. MUCH MORE. > >> And it's a recurring expense. So any mechanism that makes improves > >> management is usually fine by me. :) > >> > >> This goes for Windows, Linux, whatever. > > > > _______________________________________________ > > General mailing list > > General at brlug.net <mailto:General at brlug.net> > > http://mail.brlug.net/mailman/listinfo/general_brlug.net > > _______________________________________________ > General mailing list > General at brlug.net <mailto:General at brlug.net> > http://mail.brlug.net/mailman/listinfo/general_brlug.net > > > > ------------------------------------------------------------------------ > > _______________________________________________ > General mailing list > General at brlug.net > http://mail.brlug.net/mailman/listinfo/general_brlug.net
