Re: Desperate seeking some tech. information
From: pdk (anonymous_at_discussions.microsoft.com)
Date: 07/21/04
- Next message: Jeff Harbaugh [MSFT]: "Re: ccmclean fails!"
- Previous message: nickmo: "Re: ccmclean fails!"
- In reply to: Stan White [MS]: "Re: Desperate seeking some tech. information"
- Next in thread: Stan White [MS]: "Re: Desperate seeking some tech. information"
- Reply: Stan White [MS]: "Re: Desperate seeking some tech. information"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 21 Jul 2004 10:30:10 -0700
Hi
Thanks for your reply! Much appreciated. Will this be
posted in an update of the document ??
Not to bug you but I still have not gained knowledge of
the changes that SMS makes to the default domain policy.
-----Original Message-----
>Thanks for bringing this to our attention, we have not
formally tested this
>tool with SMS that I can recall, though I'm sure the AD
test team did.
>
>>From the documentation, it's not entirely clear if this
tool removes the SMS
>container, objects within that container or just strips
the security
>settings from them. We will have to try this tool in our
lab and see
>exactly which objects are removed and what the
remediation steps are.
>In any case, the site will attempt to re-create
the 'System Management'
>container and publish the site and site system objects,
and will succeed if
>the service account has permission to do so. In the case
the tool rolls back
>the schema (unlikely) , extadsch.exe on the SMS CD should
take care of that.
>
>Exchange and other applications may be a bit different.
>
>--
>--
>Stan [MSFT]
>--
>--
>This posting is provided "AS IS" with no warranties, and
confers no rights.
>--
>--
>
>"pdk" <anonymous@discussions.microsoft.com> wrote in
message
>news:07ba01c46dba$0fd294a0$a501280a@phx.gbl...
>>I am aware of the schemaextensions. But Microsoft
>> stipulates in their whitepaper "Troubleshooting Group
>> policy in Microsoft Server 2003" that if you restore a
GPO
>> default setting changes such as those made by SMS or
>> Exchanges will be lost. So my question is what are these
>> changes.
>>
>>>-----Original Message-----
>>>SMS does not make any changes to domain group policy.
>>>If you specify a windows user account as a service
>> account and the account
>>>is missing rights to log on as a service or local admin
>> rights on the site
>>>server you will be prompted before any rights are
granted.
>>>SMS uses AD as a secure information store for locating
>> servers and
>>>boundaries, and providing a public key for data
>> validation.
>>>(If you choose to extend the schema).
>>>
>>>--
>>>--
>>>Stan [MSFT]
>>>--
>>>--
>>>This posting is provided "AS IS" with no warranties, and
>> confers no rights.
>>>--
>>>--
>>>
>>>"pdk" <anonymous@discussions.microsoft.com> wrote in
>> message
>>>news:2f49f01c46d63$0702f240$a401280a@phx.gbl...
>>>>
>>>> I am troubleshooting some settings in The default
domain
>>>> policycausing problems around the Enterprise.
>>>>
>>>> We have security settings that we can not explain and
>>>> suspects the upgrade of SMS2000 => SMS2003 to have
>>>> something to do with it.
>>>>
>>>> Does SMS alter the security settings in the default
>> domain
>>>> policy as it adds something but I can not locate
>>>> information on what SMS exactly does during
>> installation.
>>>>
>>>>
>>>
>>>
>>>.
>>>
>
>
>.
>
- Next message: Jeff Harbaugh [MSFT]: "Re: ccmclean fails!"
- Previous message: nickmo: "Re: ccmclean fails!"
- In reply to: Stan White [MS]: "Re: Desperate seeking some tech. information"
- Next in thread: Stan White [MS]: "Re: Desperate seeking some tech. information"
- Reply: Stan White [MS]: "Re: Desperate seeking some tech. information"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
