KISS. John W. Cook Systems Administrator Partnership for Strong Families From: Crawford, Scott [mailto:[email protected]] Sent: Friday, December 09, 2011 12:35 PM To: NT System Admin Issues <[email protected]> Subject: RE: things to include in a vm server template?
Fully agree. My images are all pretty lean. Drivers and sometimes base os updates. From: David Lum [mailto:[email protected]] Sent: Friday, December 09, 2011 10:35 AM To: NT System Admin Issues Subject: RE: things to include in a vm server template? Any app that gets updated regularly for security updates (a PDF reader, etc) I wouldn’t have on my template – have a GPO or something push them once the server is built and online. The less places you have to keep something up to date the better. Dave From: John Cook [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Friday, December 09, 2011 7:49 AM To: NT System Admin Issues Subject: RE: things to include in a vm server template? I don’t install anything that isn’t absolutely necessary so I don’t have any PDF reader or other third party apps in my template (I don’t put a PDF reader on any server for that matter but that’s a personal preference just like not browsing the web with a server). I also don’t disable IPV6, it breaks a lot of things and it can easily be turned off after the fact if there is an issue with it. I go very basic, all Windows updates and AV and I convert it to a VM occasionally to run updates and return it to template state. John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: Jonathan [mailto:[email protected]]<mailto:[mailto:[email protected]]> Sent: Friday, December 09, 2011 10:43 AM To: NT System Admin Issues Subject: Re: things to include in a vm server template? Like I said, I was torn about Adobe Reader, but you're saying PrimoPDF is an issue as well? Why? What vulnerability/ies does PrimoPDF expose to your environment? Jonathan On Thu, Dec 8, 2011 at 6:35 PM, Sam Cayze <[email protected]<mailto:[email protected]>> wrote: My list: Common scripts folder I use a lot A LogOff icon in the QuickLaunch. Bginfo (Altough I have a GPO doing this now). A DR Tools Folder. (Random tools I have found myself using when doing test DR Restores. Great if you restored but are stuck in safe mode or something) Everything else is run off a network share so I only have to update one location Oh, and seriously get those PDF tools OFF your servers. Sam From: Jonathan [mailto:[email protected]<mailto:[email protected]>] Sent: Thursday, December 08, 2011 4:45 PM To: NT System Admin Issues Subject: things to include in a vm server template? Hi everyone! It has been a while....I've been quite busy and haven't had much time to do anything here other than occasionally lurk.... I'm in the midst of building some Server 2008 R2 and Windows 7 templates for my new vSphere 5 environment. I'm close to being done, but am thinking about tools i should include over and above the stock OS install. I'm interested to hear what you guys install when you build servers... For instance, perhaps things like: primopdf msinfo a telnet client, such as putty adobe reader (I'm torn on this one because of how many security concerns there are with Adobe Reader, historically, but it sure would be handy to be able to view a PDF on the fly) Portscanner, such as SuperScan or AngryIP I'm curious to hear about your add-ons and tweaks. I've already got the builds pretty well tweaked for performance, but if you have any specific tweaks that have been helpful, I'd love to hear those too. I used this as a sort of base guide: http://www.jasonsamuel.com/2010/05/07/how-to-build-a-vmware-vsphere-vm-template-for-windows-server-2008-r2/ I made a few of my own modifications, but didn't stray too far from this one. A lot of the tweaks and settings already in this made sense to me. Thanks, -- Jonathan, A+, MCSA, MCSE ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin -- Jonathan, A+, MCSA, MCSE ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ________________________________ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected]<mailto:[email protected]> with the body: unsubscribe ntsysadmin ________________________________ CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
