On Tue, Feb 28, 2012 at 6:54 PM, Kurt Buff <[email protected]> wrote: > One other thing that I've been mulling over along with the other > credentials is a set of VMs on which to run them. Want to manage > AD/DNS/WINS/CA? RDP into this Win7 VM with the correct tools on it. > Want to manage AV/WSUS/other workstation stuff? Log into that Win7 VM > over there with those tools on it. Lather, Rinse, Repeat. Then my > laptop would be just another end-user station, with much reduced > chances of getting my elevated credentials compromised.
Hmmm. Interesting idea. Definitely some advantages. You mention RDP. So does that mean a bunch of VMs running all the time on some other box somewhere? If not, why RDP? If yes, are those VMs all shared between the admin team, or are they dedicated to one body? If the former, how do we handle contention? If the later, why not just run them on one's own end-user station? Questions posed for mulling purposes. :-) -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
