Just curious of your forest\domain setup. Are you single forest single domain? How many users? how large is your DIT file?
I am trying to plan partition sizes for 2008 now as well. On Thu, Apr 23, 2009 at 8:18 AM, Christopher Bodnar < [email protected]> wrote: > I am not recommending any of these settings, just passing on our choices: > > Our standard 2003 build used a 17G partition, we bumped this up to 34G for > 2008. Mostly due to the size of the Winsxs directory and the inability to > really manage it's size. > > Disable IPv6 > Disable Link-layer Topology Discovery Mapper I/IO Driver > Disable Link-layer Topology Discovery Responder > Disable UAC > Disable IE ESC for Administrators > Page file on separate partition > Enable PAE > > > YMMV > > > Chris Bodnar, MCSE > Sr. Systems Engineer > Distributed Systems Service Delivery - Intel Services > Guardian Life Insurance Company of America > Email: [email protected] > Phone: 610-807-6459 > Fax: 610-807-6003 > > > -----Original Message----- > From: Juned Shaikh [mailto:[email protected]] > Sent: Thursday, April 23, 2009 12:00 AM > To: NT System Admin Issues > Subject: Win2k8-Gold Build Question > > Am sure many on these must have gone to similar exercise.. > > Finally got an approval to build a gold win2k8std-image for generic server > rollout, but had to review and advice on all available guidelines and best > practices. And I would like to tap on this vast knowledge pool of this > list: > > Considering, I am building a gold VM - Win2k8 Std.. > > 1) What should be the standard C drive.. (base install itself gobbles over > 10GB) > 2) What are the current published and credible hardening guidelines? > 3) What security template tweaks everyone on this list has done on their > builds ? > 4) What Roles and features should be part of standard build.. i.e. > Powershell, Telnet client? > 5) Firewall rules: Apart from allowing ICMP response and RDP.. what else > should be allowed? > > I know it has many variations, but any pointers will be much appreciated. > > Thanks in advance, > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ----------------------------------------- > This message, and any attachments to it, may contain information > that is privileged, confidential, and exempt from disclosure under > applicable law. If the reader of this message is not the intended > recipient, you are notified that any use, dissemination, > distribution, copying, or communication of this message is strictly > prohibited. If you have received this message in error, please > notify the sender immediately by return e-mail and delete the > message and any attachments. Thank you. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
