On Tue, Feb 28, 2012 at 17:47, Ben Scott <[email protected]> wrote: > On Tue, Feb 28, 2012 at 6:54 PM, Kurt Buff <[email protected]> wrote: >> One other thing that I've been mulling over along with the other >> credentials is a set of VMs on which to run them. Want to manage >> AD/DNS/WINS/CA? RDP into this Win7 VM with the correct tools on it. >> Want to manage AV/WSUS/other workstation stuff? Log into that Win7 VM >> over there with those tools on it. Lather, Rinse, Repeat. Then my >> laptop would be just another end-user station, with much reduced >> chances of getting my elevated credentials compromised. > > Hmmm. Interesting idea. Definitely some advantages. > > You mention RDP. So does that mean a bunch of VMs running all the > time on some other box somewhere? If not, why RDP? If yes, are those > VMs all shared between the admin team, or are they dedicated to one > body? If the former, how do we handle contention? If the later, why > not just run them on one's own end-user station? > > Questions posed for mulling purposes. :-) > > -- Ben
All good questions, and all worth mulling over. I'll let you know when I think I have some answers. Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
