Sorry, just venting: OK, so we implemented our new SCCM infrastructure about 9 months ago (all W2K8 servers). Almost done with the migration from our old SMS 2003 infrastructure (W2K3 R2 servers). I get a request from our desktop guys last week to create a few shares on the new SCCM servers to hold the workstation images. No problem. So I get a call from the desktop guys saying they can't access the new shares. I ask them how they are being accessed. They say from a bootable DOS CD. I thought them meant WinPE, so I tested that, and verified there are no issues. Go back to the desktop guys and they say, no it's really DOS 6.22 using NDIS 2.0. So I start looking into it and found that the old SMS servers have a GPO setting that allows NTLM connections, the rest of the network doesn't. I was not aware of this. Our currently policy is to allow NTLMv2 only, and refuse LM and NTLM. I ask them if they can move to WinPE. They tell me the engineering involved will be too much work. So now the question is..... do I put up a fight and go to our Security group and tell them I want to keep NTLMv2, and have the desktops guys re-engineer the process? My guess is that I'll be over ruled, and be forced to allow NTLM for the new SCCM servers.
Uggghhhh......... Chris Bodnar, MCSE Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: [email protected] Phone: 610-807-6459 Fax: 610-807-6003 ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
