| Author | Messages | |
PARRIS
Posts:97
 | | 05/02/2008 11:25 AM |
| What about "Defending Security Infrastructures"?
Regards,
Mark Parris
-----Original Message-----
From: "joe" <listmail@joeware.net>
Date: Thu, 1 May 2008 23:15:53
To:<ActiveDir@mail.activedir.org>
Subject: AD: RE: [ActiveDir] WINS? Ick. WAS [OT] introduction
Wow Deji, not only are you on the assumption bandwagon, you are on the I
didn't read a fricken thing joe has said but I am going to misquote him
anyway bandwagon...
Let me summarize the thread...
1. Deji says which is better, WINS Or DNS
2. joe says in what way?
3. Deji shouts out in glee like he won a cupie doll or maybe a barbie and
rips on me for "my professed bias for WINS"
4. joe says he likes simple things; makes comment about living in country
5. Someone makes comment about Al Gore and internet and DNS
6. joe says the internet should use DNS but it shouldn't be necessary in
intranet environments
7. Brandon says some things.
8. Deji says some things.
9. Some folks try to say that WINS isn't a standard obviously not ever
looking into it.
10. Some other folks say things they don't like about DNS
11. Deji makes a bunch of assumptions about what joe does and likes and says
12. joe tells Deji to stop making assumptions because he looks like a tool
when he does so
13. Deji makes more assumptions
14. joe looks around and says what the heck is Deji smoking? Then sighs and
tries once more to help Deji stop making assumptions
15. Deji goes around and says joe is telling everyone basically to dump DNS
for WINS and that is bad because people listen to joe
16. joe looks around and says what the heck is Deji smoking?
17. Deji goes out further on a limb and starts talking about joe and cutting
bread or the physics of bicycles or some other such irrelevant thing
18. joe looks around and says what the heck is Deji smoking?
Deji, people listen to me (or notΏ]) because I don't tend to say entirely
stupid things because I don't tend to make a lot of assumptions about a
golfball based on my experiences with a snowball because they seem to look
similar. If I did do things like that, people would tend to snicker a lot
behind my back and refuse to hang out with me and not listen to me so much.
I'm sure you understand this. Not sure why you persist.
joe
Ώ] Though this may not be the common assuming, it is not something I tend
to concern myself with. I could have 10,000,000 blog subscribers or possibly
I could have 3 (my mom, grandmom, and sister - I certainly don't read that
tripe...). When I feel like saying things, I say them. I try not to appear
like a complete idiot but I do think out and stick with my opinions until
someone presents a good enough argument or I for some other reason choose to
change my mind on that opinion. Overall there is only one person qualified
to tell people what my opinion is or what I am saying; this is not you...
that would be me.
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
-----Original Message-----
From: ActiveDir-owner@mail.activedir.org
[mailto:ActiveDir-owner@mail.activedir.org] On Behalf Of Akomolafe, Deji
Sent: Thursday, May 01, 2008 3:35 PM
To: ActiveDir@mail.activedir.org
Subject: RE: [ActiveDir] WINS? Ick. WAS [OT] introduction
It's actually not a religious thing. At least not to meΏ]. It's more
academic. It just does not make much sense to say: WINS is easy/better and
where/when it appears to be not so, it is a 'quality-of-admin' issue. But,
DNS? Not only is it not easy, it sucks eggs too, and its suckage has nothing
to do with 'qualtiy-of-admin' issue.
And, coming from an expert like joe, it is a doubly dangerous stipulation
because next thing you know, blogs and white papers will be springing up all
over the place lamenting the "stupidity" of MS jettisoning WINS in favor of
DNS when "all the experts" agree that WINS is better.
It is the same type of mindset that gave rise to FACTS like "XYZ application
NEEDS WINS", or (the classic) "If you have more than one subnet, you NEED
WINS". Try explaining to anyone who has read the "official" White Papers or
KB articles that "substantiate" those claims that they are not true, and you
will understand what I'm talking about.
Ώ] and I don't give a rat's patootie what Al thinks Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________
From: ActiveDir-owner@mail.activedir.org
[ActiveDir-owner@mail.activedir.org] On Behalf Of Susan Bradley, CPA aka
Ebitz - SBS Rocks [MVP] [sbradcpa@pacbell.net]
Sent: Thursday, May 01, 2008 11:47 AM
To: ActiveDir@mail.activedir.org
Subject: Re: [ActiveDir] WINS? Ick. WAS [OT] introduction
WINS/DNS
XP/Vista
Ubuntu/Mac/Windows
Obama/Clinton/McCain
Why not bring all the religious arguments into the mix while we're at it?
IMHO change is hard.
We all hate change.
And we typically don't RTFM.
Brian Desmond wrote:
I don't think it's you or anyone's place to say that this is a true/false
question. It depends on each environment, and I've worked in large shops
wehre either WINS is easier than DNS or WINS is harder than DNS apply.
--brian
On Thu, May 1, 2008 at 1:08 PM, Akomolafe, Deji
<deji@readymaids.com<mailto:deji@readymaids.com>> wrote:
The argument that WINS is "easier" to manage is false. And, much as joe
would like to avoid stating it, even he had "issues" with it in his "widget"
shop.
I totally agree with the position that, like everything else, the efficacy
of a tool is greatly affected by the expertise of the person
holding/deploying/managing it. Anyone can wield a machette, but few can
employ it as well as a farmer can.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________________
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.or
g>] On Behalf Of Darren Mar-Elia
[darren@sdmsoftware.com<mailto:darren@sdmsoftware.com>]
Sent: Thursday, May 01, 2008 8:58 AM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] WINS? Ick. WAS [OT] introduction
Actually, I don't really understand that. Is it because the WINS namespace
is flat and so somehow that is simpler to manage? Because my experience with
WINS management is that it was not easy (at least in a large environment)
and required quite a bit of expertise and baby-sitting to keep it healthy.
Things like replication that are handled for you today with AD-integrated
DNS had to be manually managed in WINS and were fraught with peril if not
designed well. Also, WINS was/is completely inflexible with respect to
functionality equivalent to CNAMES, had issues with name lengths, required
you to keep track of a myriad of ridiculous suffixes and generally speaking
was constantly requiring database maintenance.
Darren
-----Original Message-----
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[mailto:ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activ
edir.org>] On Behalf Of Wells, James Arthur
Sent: Thursday, May 01, 2008 8:51 AM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] [OT] introduction
That might be the case - but I think the point is that WINS is less complex
to manage.
So it'll take fewer admins/lower TCO/fewer operational risks vs. DNS, given
the same quality admins.
--James
-----Original Message-----
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[mailto:ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activ
edir.org>] On Behalf Of Akomolafe, Deji
Sent: Thursday, May 01, 2008 9:22 AM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] [OT] introduction
You cleverly side-stepped the question, joe.
If you truly believe that the health of a WINS implementation is directly
proportional to the "quality" of its implementor/administrator, then is it
not logical to assume the same of DNS?
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________________
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.or
g>] On Behalf Of joe [listmail@joeware.net<mailto:listmail@joeware.net>]
Sent: Thursday, May 01, 2008 6:20 AM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] [OT] introduction
You know we didn't run Windows DNS at all. We needed functionality that MSFT
didn't put in because they thought they knew what we were doing...
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
-----Original Message-----
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[mailto:ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activ
edir.org>] On Behalf Of Akomolafe, Deji
Sent: Thursday, May 01, 2008 1:17 AM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] [OT] introduction
Did I just hear you say "DNS worked very well for us on NT4 (and beyond).
Possibly it was simply the quality of the admins running it"?
Does that mean you are going to stop dumping on DNS now?
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________________
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.or
g>] On Behalf Of joe [listmail@joeware.net<mailto:listmail@joeware.net>]
Sent: Wednesday, April 30, 2008 10:09 PM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] [OT] introduction
Maybe because you are recalling this poorly Deji.
I wasn't always chasing errant 1C/1B records, I wasn't ever chasing errant
1B/1C records but then you weren't involved in the Enterprise domain stuff
where we worked, you worked on resource dp,aom servers. We occasionally has
Samba boxes hijacking 1C records and I had a script that monitored that so
when it happened we had it fixed in very short order. Outside of that the
biggest issue was "admins" miscofiguring servers to either not point at the
proper WINS servers or loading and running the WINS Service on them. Got to
the point where when someone would call with a WINS issue my team would
first check the member server in question to make sure it was configured
properly and it usually wasn't. Didn't matter how many times we tried to
explain you couldn't configure WINS on a server than then point it at
another WINS server for name res and have it work properly.
WINS worked very well for us on NT4. Possibly it was simply the quality of
the admins running it.
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
-----Original Message-----
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[mailto:ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activ
edir.org>] On Behalf Of Akomolafe, Deji
Sent: Thursday, May 01, 2008 12:29 AM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] [OT] introduction
Even in NT 4.0. joe just wouldn't admit that it was a kludge, even for
someone with his expertise. He was always chasing after some errant 1C and
1B (or is it 3x) records that periodically go missing for no reason.
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.akomolafe.name<http://www.akomolafe.name/> - we know IT -5.75, -3.23 Do
you now realize that Today is the Tomorrow you were worried about Yesterday?
-anon ________________________________________
From:
ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.org
>
[ActiveDir-owner@mail.activedir.org<mailto:ActiveDir-owner@mail.activedir.or
g>] On Behalf Of Darren Mar-Elia
[darren@sdmsoftware.com<mailto:darren@sdmsoftware.com>]
Sent: Wednesday, April 30, 2008 9:23 PM
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Subject: RE: [ActiveDir] [OT] introduction
Brandon-
Apparently you never used WINS in NT 3.50... :-)
Darren Mar-Elia
CTO & Founder
SDM Software, Inc.
"The Group Policy Experts"
www.sdmsoftware.com<http://www.sdmsoftware.com/>
-----Original Message-----
From: "Brandon Shell" <tshell@gmail.com<mailto:tshell@gmail.com>>
To: ActiveDir@mail.activedir.org<mailto:ActiveDir@mail.activedir.org>
Sent: 4/30/2008 6:53 PM
Subject: Re: [ActiveDir] [OT] introduction
The suffering point was that DNS is harder to configure, Manage, and
troubleshoot than WINS.
But I agree... lets move on 
On Wed, Apr 30, 2008 at 9:43 PM, Akomolafe, Deji
<deji@readymaids.com<mailto:deji@readymaids.com>>
wrote:
> You've completely lost me, and I still don't understand the "suffering"
> part of your original statement. And you still haven't explained how MS'
> decision to adopt Kerberos was the beginning of your woes, especially
since
> you just stated that other Kerberos implementations depend on DNS as
wellList info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
--
Thanks,
Brian Desmond
brian@briandesmond.com<mailto:brian@briandesmond.com>
c - 312.731.3132
List info : http://www.activedir.org/List.aspx List FAQ :
http://www.activedir.org/ListFAQ.aspx List archive:
http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ma/default.aspx
.+-��0������j�q.+-��0�����ˊ�E��Kj�!i�b��b����ןj�m | | | |
|
|