RE: Putting 2003 servers on the domain

From: "David Davis" <DavidDavis@xxxxxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 17 Jun 2005 10:19:03 -0700

Depends on what these servers are doing. If the engineer can join the servers
to the domain, then they must have some Admin rights. I don't know if I would
go as far as creating a subdomain, however I would definately consider
assigning the servers to a OU and restrict using Group Policy.
--
David Davis [MCSE, CCNA, Security +]

"nyugati" wrote:

> We are a software company with many wise engineers on board. They are
> popping up servers on our main domain.
>
> Would that it make sense to create a child domain for these engineers
> under our main productional domain or it really does not matter as the
> servers can not do any harm to our production domain without having
> domain admin rights?
>
>
.

References:
- Putting 2003 servers on the domain
  - From: nyugati

Prev by Date: RE: Shadow Copy client
Next by Date: Running PerfMon as a Non-Admin
Previous by thread: Putting 2003 servers on the domain
Next by thread: i is not accesible access
Index(es):
- Date
- Thread

Relevant Pages

Re: Heart Warming Story
... "There is a temporary power supply interuption - engineers are investing" really means "I just pulled the plug out of the wrong server and took out 400 people" ... "Due to system work backups may not run on all servers for the next two days, please keep local copies of critical data" means "A tape cartridge got stuck in the main tape silo. ...
(uk.rec.scouting)
How many servers do I need
... many servers are best for a certain scenario and I wanted to get the ... This is the scenario: XYZ Engineering ... The engineers are using softwares that generate large data files, ... CADD files, one houses modeling data, one houses office data, etc. ...
(microsoft.public.windows.server.general)
Re: Visual Studio 2005 Web Site <-> Visual Source Safe Problems...
... you log on locally with Admin rights because their browser is part of the o/s and has an ActiveX instantiation layer. ... Browsing to ANY internet site while logged in with local Admin rights puts you machine at HIGH RISK of being infected by trojans and SpyWare. ... Still, when switching between websites, it gets to be a bit of a pain to have to create a new website and then add from source safe every time we switch. ... I can't test this fully, because I only have one client machine left with IIS on it, we changed our main .NET 2.0 dev team over to using Cassini which has solved the complications of trying to manage local IIS servers and their security across multiple machines, but the built-in server does have some limitations - if you want to use ISAPI etc. ...
(microsoft.public.vsnet.general)
RE: question regarding SAM file / l0phtcrack / pwdump2
... Are you sure you attached to the servers as a user with admin rights. ... I tried running pwdump2 and pwdump3. ... I can boot to dos and snag the SAM file, ...
(Focus-Microsoft)
Re: question regarding SAM file / l0phtcrack / pwdump2
... long as I was connected with admin rights, ... The servers are all win2k. ... I tried running pwdump2 and pwdump3. ... only common thread is norton anti-virus. ...
(Focus-Microsoft)