Re: Desperate seeking some tech. information
From: Stan White [MS] (stanwh_at_microsoft.com)
Date: 07/21/04
- Next message: Lillian: "SMS 2003 vs Zenworks"
- Previous message: Evan [MSFT]: "Re: SMS Tasks"
- In reply to: pdk: "Re: Desperate seeking some tech. information"
- Next in thread: pdk: "Re: Desperate seeking some tech. information"
- Reply: pdk: "Re: Desperate seeking some tech. information"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 21 Jul 2004 07:57:37 -0700
Thanks for bringing this to our attention, we have not formally tested this
tool with SMS that I can recall, though I'm sure the AD test team did.
>From the documentation, it's not entirely clear if this tool removes the SMS
container, objects within that container or just strips the security
settings from them. We will have to try this tool in our lab and see
exactly which objects are removed and what the remediation steps are.
In any case, the site will attempt to re-create the 'System Management'
container and publish the site and site system objects, and will succeed if
the service account has permission to do so. In the case the tool rolls back
the schema (unlikely) , extadsch.exe on the SMS CD should take care of that.
Exchange and other applications may be a bit different.
-- -- Stan [MSFT] -- -- This posting is provided "AS IS" with no warranties, and confers no rights. -- -- "pdk" <anonymous@discussions.microsoft.com> wrote in message news:07ba01c46dba$0fd294a0$a501280a@phx.gbl... >I am aware of the schemaextensions. But Microsoft > stipulates in their whitepaper "Troubleshooting Group > policy in Microsoft Server 2003" that if you restore a GPO > default setting changes such as those made by SMS or > Exchanges will be lost. So my question is what are these > changes. > >>-----Original Message----- >>SMS does not make any changes to domain group policy. >>If you specify a windows user account as a service > account and the account >>is missing rights to log on as a service or local admin > rights on the site >>server you will be prompted before any rights are granted. >>SMS uses AD as a secure information store for locating > servers and >>boundaries, and providing a public key for data > validation. >>(If you choose to extend the schema). >> >>-- >>-- >>Stan [MSFT] >>-- >>-- >>This posting is provided "AS IS" with no warranties, and > confers no rights. >>-- >>-- >> >>"pdk" <anonymous@discussions.microsoft.com> wrote in > message >>news:2f49f01c46d63$0702f240$a401280a@phx.gbl... >>> >>> I am troubleshooting some settings in The default domain >>> policycausing problems around the Enterprise. >>> >>> We have security settings that we can not explain and >>> suspects the upgrade of SMS2000 => SMS2003 to have >>> something to do with it. >>> >>> Does SMS alter the security settings in the default > domain >>> policy as it adds something but I can not locate >>> information on what SMS exactly does during > installation. >>> >>> >> >> >>. >>
- Next message: Lillian: "SMS 2003 vs Zenworks"
- Previous message: Evan [MSFT]: "Re: SMS Tasks"
- In reply to: pdk: "Re: Desperate seeking some tech. information"
- Next in thread: pdk: "Re: Desperate seeking some tech. information"
- Reply: pdk: "Re: Desperate seeking some tech. information"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
