| Author | Messages | |
HanValk
Posts:5
 | | 07/06/2010 2:39 PM |
| Hi list,
Say one has a DC that is also a DNS and DHCP server. What could be a reason one has to log on interactively to a DC exept for DNS, DHCP, Group Policy, AD and Event Log management?
Han.
| | | |
| pbbergs
Posts:281
| | 07/06/2010 2:45 PM |
| Everything you have mentioned can be done with snap-ins on an mmc console. It is recommended to never log onto a dc except for maintenance of the o/s. Even then you can push patches remotely.
Thanks
Paul
-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Han Valk
Sent: Tuesday, July 06, 2010 8:37 AM
To: activedir@mail.activedir.org
Subject: [ActiveDir] Reasons to log on to a DC interactively
Hi list,
Say one has a DC that is also a DNS and DHCP server. What could be a reason one has to log on interactively to a DC exept for DNS, DHCP, Group Policy, AD and Event Log management?
Han.
| | | |
| tonyszko
Posts:140
| | 07/06/2010 2:47 PM |
| On 7/6/2010 3:37 PM, Han Valk wrote:
> Hi list,
>
> Say one has a DC that is also a DNS and DHCP server. What could be a reason one has to log on interactively to a DC exept for DNS, DHCP, Group Policy, AD and Event Log management?
>
All services can be maanged remotely - problem is that to manage DHCP on
DC you have to have Domain Admin rights, so you will have right to log
on to DC interactively anyway ... question is if You will do this.
What's the point of the question?
--
Tomasz Onyszko
http://www.w2k.pl/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)
| | | |
| PARRIS
Posts:291
| | 07/06/2010 2:53 PM |
| None of them, I would use adminpak.msi or the RSAT tools and do it all remotely.
Mark
------Original Message------
From: Han Valk
Sender: activedir-owner@mail.activedir.org
To: ActiveDir
ReplyTo: ActiveDir
Subject: [ActiveDir] Reasons to log on to a DC interactively
Sent: 6 Jul 2010 14:37
Hi list,
Say one has a DC that is also a DNS and DHCP server. What could be a reason one has to log on interactively to a DC exept for DNS, DHCP, Group Policy, AD and Event Log management?
Han.
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
Regards,
Mark
MVP-DS,MCT,MCITP:EA:SA,MCSE
t.01372 740373
m.07801 690596
linkedin http://uk.linkedin.com/in/markparris
facebook http://facebook.com/markparris
twitter http://twitter.com/markparris
| | | |
| listmail
Posts:822
| | 07/06/2010 3:30 PM |
| There really shouldn't be a reason to log interactively into a DC unless you
are very small and don't have a mechanism to handle patching remotely. And
if you are that small, you should likely just have auto-update on so a hot
patch doesn't slip through the cracks while you are managing file shares and
fixing Microsoft Word for the secretary.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
Blog: http://blog.joeware.net
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Han Valk
Sent: Tuesday, July 06, 2010 9:37 AM
To: activedir@mail.activedir.org
Subject: [ActiveDir] Reasons to log on to a DC interactively
Hi list,
Say one has a DC that is also a DNS and DHCP server. What could be a reason
one has to log on interactively to a DC exept for DNS, DHCP, Group Policy,
AD and Event Log management?
Han.
| | | |
| Bitzie
Posts:251
| | 07/06/2010 4:25 PM |
| I don't care how small you are, there are reasons to keep auto updates
off of any server. You want to know what changed and when it changed.
Most security issues these days are coming in through social engineering
and browser threats. That shouldln't be happening on a server.
Period. End of story.
SharePoint security patch for example... low risk in a SMB firm, yet
with the Yukon database, has a potential for not finishing.
.NET updates... again, sorry, the risk of those getting stuck and then
having to rip those suckers out and reinstall them these days is high.
You want to ensure in SMB you patch when it makes sense, not on some
random 3 am timeframe that you walk in the office and then have to deal
with the mess in the morning.
The receiptionist is either still using the vintage 2003 Word Perfect or
Word and it's running just fine, or she knows more about it than you do.
joe wrote:
> There really shouldn't be a reason to log interactively into a DC unless you
> are very small and don't have a mechanism to handle patching remotely. And
> if you are that small, you should likely just have auto-update on so a hot
> patch doesn't slip through the cracks while you are managing file shares and
> fixing Microsoft Word for the secretary.
>
> joe
>
> --
> O'Reilly Active Directory Fourth Edition -
> http://www.joeware.net/win/ad4e.htm
> Blog: http://blog.joeware.net
>
>
>
>
> -----Original Message-----
> From: activedir-owner@mail.activedir.org
> [mailto:activedir-owner@mail.activedir.org] On Behalf Of Han Valk
> Sent: Tuesday, July 06, 2010 9:37 AM
> To: activedir@mail.activedir.org
> Subject: [ActiveDir] Reasons to log on to a DC interactively
>
> Hi list,
>
> Say one has a DC that is also a DNS and DHCP server. What could be a reason
> one has to log on interactively to a DC exept for DNS, DHCP, Group Policy,
> AD and Event Log management?
>
> Han.
>
>
>
>
>
| | | |
| Bitzie
Posts:251
| | 07/06/2010 4:51 PM |
| One good reason that is the exception to the rule -- you have to when
you are migrating from SBS 2003 to SBS 2008...otherwise "normal" DC
people can use remote tools.
Mark Parris wrote:
> None of them, I would use adminpak.msi or the RSAT tools and do it all remotely.
>
> Mark
>
>
>
>
> ------Original Message------
> From: Han Valk
> Sender: activedir-owner@mail.activedir.org
> To: ActiveDir
> ReplyTo: ActiveDir
> Subject: [ActiveDir] Reasons to log on to a DC interactively
> Sent: 6 Jul 2010 14:37
>
> Hi list,
>
> Say one has a DC that is also a DNS and DHCP server. What could be a reason one has to log on interactively to a DC exept for DNS, DHCP, Group Policy, AD and Event Log management?
>
> Han.
>
>
>
> ______________________________________________________________________
> This email has been scanned by the MessageLabs Email Security System.
> For more information please visit http://www.messagelabs.com/email
> ______________________________________________________________________
>
>
> Regards,
>
> Mark
>
> MVP-DS,MCT,MCITP:EA:SA,MCSE
>
> t.01372 740373
> m.07801 690596
>
> linkedin http://uk.linkedin.com/in/markparris
> facebook http://facebook.com/markparris
> twitter http://twitter.com/markparris
>
| | | |
| kevinrjames
Posts:35
| | 07/06/2010 5:28 PM |
| Safe mode, trouble shooting, configuring the NIC, when Directory
Services are stopped (2008+)... maybe a few others.
Routine operations? - almost never.
/kj
> -----Original Message-----
> From: activedir-owner@mail.activedir.org [mailto:activedir-
> owner@mail.activedir.org] On Behalf Of Han Valk
> Sent: Tuesday, July 06, 2010 6:37 AM
> To: activedir@mail.activedir.org
> Subject: [ActiveDir] Reasons to log on to a DC interactively
>
> Hi list,
>
> Say one has a DC that is also a DNS and DHCP server. What could be a
> reason one has to log on interactively to a DC exept for DNS, DHCP,
> Group Policy, AD and Event Log management?
>
> Han.
>
Sent to activedir@mail.activedir.org from Kevin R. James
Virus scanned by GFI MailSecurity 6/7/2010
| | | |
| bijubabuk
Posts:109
| | 07/07/2010 8:55 AM |
| I would agree with Kevin.
And my understanding is that you can delegate MS DNS and MS DHCP administration to non Domain Admins
Regards
Biju Babu
IT Technical Analyst, Identity and Service Management
Phone : +91-124-4090264
Rnet : 791-345
Email : biju_babu@cargill.com
My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
Please consider our environmental responsibility before printing this e-mail
-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Kevin@jameses.net
Sent: Tuesday, July 06, 2010 9:58 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
Safe mode, trouble shooting, configuring the NIC, when Directory
Services are stopped (2008+)... maybe a few others.
Routine operations? - almost never.
/kj
> -----Original Message-----
> From: activedir-owner@mail.activedir.org [mailto:activedir-
> owner@mail.activedir.org] On Behalf Of Han Valk
> Sent: Tuesday, July 06, 2010 6:37 AM
> To: activedir@mail.activedir.org
> Subject: [ActiveDir] Reasons to log on to a DC interactively
>
> Hi list,
>
> Say one has a DC that is also a DNS and DHCP server. What could be a
> reason one has to log on interactively to a DC exept for DNS, DHCP,
> Group Policy, AD and Event Log management?
>
> Han.
>
Sent to activedir@mail.activedir.org from Kevin R. James
Virus scanned by GFI MailSecurity 6/7/2010
| | | |
| kurtbuff
Posts:200
| | 07/07/2010 3:12 PM |
| Can you point me to the documentation on that?
I have been unable to do so, and have a situation where being able
delegate at least DHCP for one of my offices would be *very* helpful.
Win2k3 R2 SP2 DCs, at 2k3 ffl/dfl
Kurt
On Wed, Jul 7, 2010 at 00:54, <Biju_babu@cargill.com> wrote:
> I would agree with Kevin.
>
> And my understanding is that you can delegate MS DNS and MS DHCP administration to non Domain Admins
>
> Regards
>
> Biju Babu
> IT Technical Analyst, Identity and Service Management
>
> Phone : +91-124-4090264
> Rnet : 791-345
> Email : biju_babu@cargill.com
>
> My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
>
> Please consider our environmental responsibility before printing this e-mail
>
> -----Original Message-----
> From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Kevin@jameses.net
> Sent: Tuesday, July 06, 2010 9:58 PM
> To: activedir@mail.activedir.org
> Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
>
> Safe mode, trouble shooting, configuring the NIC, when Directory
> Services are stopped (2008+)... maybe a few others.
>
> Routine operations? - almost never.
>
>
> /kj
>> -----Original Message-----
>> From: activedir-owner@mail.activedir.org [mailto:activedir-
>> owner@mail.activedir.org] On Behalf Of Han Valk
>> Sent: Tuesday, July 06, 2010 6:37 AM
>> To: activedir@mail.activedir.org
>> Subject: [ActiveDir] Reasons to log on to a DC interactively
>>
>> Hi list,
>>
>> Say one has a DC that is also a DNS and DHCP server. What could be a
>> reason one has to log on interactively to a DC exept for DNS, DHCP,
>> Group Policy, AD and Event Log management?
>>
>> Han.
>>
>
>
> Sent to activedir@mail.activedir.org from Kevin R. James
>
> Virus scanned by GFI MailSecurity 6/7/2010
>
>
>
>
| | | |
| bijubabuk
Posts:109
| | 07/07/2010 4:26 PM |
|
Assuming you installed the DHCP service in a DC, there will be a group called "DHCP Administrators" (Domain Local in scope) in your domain and you can add members to that group to delegate the DHCP administration.
Note: This lets the members of this domain local group to have administrator rights for all DHCP services if the DHCP services run on a domain controller.
I think this is better than adding the dhcp administrators to Domain Admins group (following principle of least privilege)
http://www.windowsecurity.com/articles/DHCP-Security-Part2.html - This articles gives some tip to manage that group more securely.
Assuming you installed the DHCP service in normal member server, there will be a "DHCP Administrator" local group. You can add members in that group, but the down side is you have to manage each group separately. May be what you can do is you can create a global group in AD and nest it to the "DHCP Administrator" group in each DHCP server.
Hope this helps.
Regards
Disclaimer: All postings are provided "AS IS" with no warranties, and confer no rights
Biju Babu
IT Technical Analyst, Identity and Service Management
Phone : +91-124-4090264
Rnet : 791-345
Email : biju_babu@cargill.com
My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
Please consider our environmental responsibility before printing this e-mail
-----Original Message-----
From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of kurt.buff@gmail.com
Sent: Wednesday, July 07, 2010 7:41 PM
To: activedir@mail.activedir.org
Subject: Re: [ActiveDir] Reasons to log on to a DC interactively
Can you point me to the documentation on that?
I have been unable to do so, and have a situation where being able
delegate at least DHCP for one of my offices would be *very* helpful.
Win2k3 R2 SP2 DCs, at 2k3 ffl/dfl
Kurt
On Wed, Jul 7, 2010 at 00:54, <Biju_babu@cargill.com> wrote:
> I would agree with Kevin.
>
> And my understanding is that you can delegate MS DNS and MS DHCP administration to non Domain Admins
>
> Regards
>
> Biju Babu
> IT Technical Analyst, Identity and Service Management
>
> Phone : +91-124-4090264
> Rnet : 791-345
> Email : biju_babu@cargill.com
>
> My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
>
> Please consider our environmental responsibility before printing this e-mail
>
> -----Original Message-----
> From: activedir-owner@mail.activedir.org [mailto:activedir-owner@mail.activedir.org] On Behalf Of Kevin@jameses.net
> Sent: Tuesday, July 06, 2010 9:58 PM
> To: activedir@mail.activedir.org
> Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
>
> Safe mode, trouble shooting, configuring the NIC, when Directory
> Services are stopped (2008+)... maybe a few others.
>
> Routine operations? - almost never.
>
>
> /kj
>> -----Original Message-----
>> From: activedir-owner@mail.activedir.org [mailto:activedir-
>> owner@mail.activedir.org] On Behalf Of Han Valk
>> Sent: Tuesday, July 06, 2010 6:37 AM
>> To: activedir@mail.activedir.org
>> Subject: [ActiveDir] Reasons to log on to a DC interactively
>>
>> Hi list,
>>
>> Say one has a DC that is also a DNS and DHCP server. What could be a
>> reason one has to log on interactively to a DC exept for DNS, DHCP,
>> Group Policy, AD and Event Log management?
>>
>> Han.
>>
>
>
> Sent to activedir@mail.activedir.org from Kevin R. James
>
> Virus scanned by GFI MailSecurity 6/7/2010
>
>
>
>
| | | |
| kurtbuff
Posts:200
| | 07/07/2010 7:19 PM |
| It does help somewhat.
We are running a single domain, and DHCP is on the DCs in all three offices.
One office has a part-time admin who I don't trust a whole lot, and
he's running DHCP on a Linux box currently. I'd like to force him off
of that, but he's whining that he wants to maintain DHCP for some
reason that I can't quite fathom.
I'll look all this over and see what I can work up for this situation.
Kurt
On Wed, Jul 7, 2010 at 08:17, <Biju_babu@cargill.com> wrote:
> Assuming you installed the DHCP service in a DC, there will be a group
> called "DHCP Administrators" (Domain Local in scope) in your domain and you
> can add members to that group to delegate the DHCP administration.
>
> Note: This lets the members of this domain local group to have
> administrator rights for all DHCP services if the DHCP services run on a
> domain controller.
>
> I think this is better than adding the dhcp administrators to Domain
> Admins group (following principle of least privilege)
>
> http://www.windowsecurity.com/articles/DHCP-Security-Part2.html -
> This articles gives some tip to manage that group more securely.
>
> Assuming you installed the DHCP service in normal member server, there will
> be a "DHCP Administrator" local group. You can add members in that group,
> but the down side is you have to manage each group separately. May be what
> you can do is you can create a global group in AD and nest it to the "DHCP
> Administrator" group in each DHCP server.
>
> Hope this helps.
>
> Regards
>
> Disclaimer: All postings are provided "AS IS" with no warranties, and confer
> no rights
>
> Biju Babu
>
> IT Technical Analyst, Identity and Service Management
>
> Phone : +91-124-4090264
>
> Rnet : 791-345
>
> Email : biju_babu@cargill.com
>
> My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
>
> Please consider our environmental responsibility before printing this
> e-mail
>
> -----Original Message-----
> From: activedir-owner@mail.activedir.org
> [mailto:activedir-owner@mail.activedir.org] On Behalf Of kurt.buff@gmail.com
> Sent: Wednesday, July 07, 2010 7:41 PM
> To: activedir@mail.activedir.org
> Subject: Re: [ActiveDir] Reasons to log on to a DC interactively
>
> Can you point me to the documentation on that?
>
> I have been unable to do so, and have a situation where being able
>
> delegate at least DHCP for one of my offices would be *very* helpful.
>
> Win2k3 R2 SP2 DCs, at 2k3 ffl/dfl
>
> Kurt
>
> On Wed, Jul 7, 2010 at 00:54, <Biju_babu@cargill.com> wrote:
>
>> I would agree with Kevin.
>
>>
>
>> And my understanding is that you can delegate MS DNS and MS DHCP
>> administration to non Domain Admins
>
>>
>
>> Regards
>
>>
>
>> Biju Babu
>
>> IT Technical Analyst, Identity and Service Management
>
>>
>
>> Phone : +91-124-4090264
>
>> Rnet : 791-345
>
>> Email : biju_babu@cargill.com
>
>>
>
>> My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
>
>>
>
>> Please consider our environmental responsibility before printing this
>> e-mail
>
>>
>
>> -----Original Message-----
>
>> From: activedir-owner@mail.activedir.org
>> [mailto:activedir-owner@mail.activedir.org] On Behalf Of Kevin@jameses.net
>
>> Sent: Tuesday, July 06, 2010 9:58 PM
>
>> To: activedir@mail.activedir.org
>
>> Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
>
>>
>
>> Safe mode, trouble shooting, configuring the NIC, when Directory
>
>> Services are stopped (2008+)... maybe a few others.
>
>>
>
>> Routine operations? - almost never.
>
>>
>
>>
>
>> /kj
>
>>> -----Original Message-----
>
>>> From: activedir-owner@mail.activedir.org [mailto:activedir-
>
>>> owner@mail.activedir.org] On Behalf Of Han Valk
>
>>> Sent: Tuesday, July 06, 2010 6:37 AM
>
>>> To: activedir@mail.activedir.org
>
>>> Subject: [ActiveDir] Reasons to log on to a DC interactively
>
>>>
>
>>> Hi list,
>
>>>
>
>>> Say one has a DC that is also a DNS and DHCP server. What could be a
>
>>> reason one has to log on interactively to a DC exept for DNS, DHCP,
>
>>> Group Policy, AD and Event Log management?
>
>>>
>
>>> Han.
>
>>>
>
>>
>
>>
>
>> Sent to activedir@mail.activedir.org from Kevin R. James
>
>>
>
>> Virus scanned by GFI MailSecurity 6/7/2010
>
>>
>
>>
>
>>
>
>>
| | | |
| HanValk
Posts:5
| | 07/08/2010 8:33 AM |
| Joe and everybody else, thank you for your thoughts.
It's a 500 employee shop that needs to tighten security. At this time all admins are domain admins and thus admin on every member. That needs to change and I need to make a plan to make it possible. So I thought of Quest Active Roles, delegate Group Policy, DNS and DHCP management to groups like DHCP Administrators, DnsAdmins and Group Policy Creator Owners.
So do you all think I'm on the right track?
Han.
________________________________________
From: activedir-owner@mail.activedir.org [activedir-owner@mail.activedir.org]behalf of joe [listmail@joeware.net]
Sent: Tuesday, 06 July, 2010 4:29 PM
To: activedir@mail.activedir.org
Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
There really shouldn't be a reason to log interactively into a DC unless you
are very small and don't have a mechanism to handle patching remotely. And
if you are that small, you should likely just have auto-update on so a hot
patch doesn't slip through the cracks while you are managing file shares and
fixing Microsoft Word for the secretary.
joe
--
O'Reilly Active Directory Fourth Edition -
http://www.joeware.net/win/ad4e.htm
Blog: http://blog.joeware.net
-----Original Message-----
From: activedir-owner@mail.activedir.org
[mailto:activedir-owner@mail.activedir.org] On Behalf Of Han Valk
Sent: Tuesday, July 06, 2010 9:37 AM
To: activedir@mail.activedir.org
Subject: [ActiveDir] Reasons to log on to a DC interactively
Hi list,
Say one has a DC that is also a DNS and DHCP server. What could be a reason
one has to log on interactively to a DC exept for DNS, DHCP, Group Policy,
AD and Event Log management?
Han.
| | | |
| gabriel/tfi
Posts:425
| | 07/08/2010 9:11 PM |
| Quest Active Roles Server rocks, I fell in love with it!
I do not like to delegate GPO and DNS, given the impact of a bad DNS or GPO
change over the domain I think it's better that Domain Admins control those
pieces.
gbr
> -----Original Message-----
> From: activedir-owner@mail.activedir.org [mailto:activedir-
> owner@mail.activedir.org] On Behalf Of Han Valk
> Sent: giovedì 8 luglio 2010 9:33
> To: activedir@mail.activedir.org
> Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
>
> Joe and everybody else, thank you for your thoughts.
> It's a 500 employee shop that needs to tighten security. At this time
> all admins are domain admins and thus admin on every member. That needs
> to change and I need to make a plan to make it possible. So I thought
> of Quest Active Roles, delegate Group Policy, DNS and DHCP management
> to groups like DHCP Administrators, DnsAdmins and Group Policy Creator
> Owners.
> So do you all think I'm on the right track?
>
> Han.
>
> ________________________________________
> From: activedir-owner@mail.activedir.org [activedir-
> owner@mail.activedir.org]behalf of joe [listmail@joeware.net]
> Sent: Tuesday, 06 July, 2010 4:29 PM
> To: activedir@mail.activedir.org
> Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
>
> There really shouldn't be a reason to log interactively into a DC
> unless you
> are very small and don't have a mechanism to handle patching remotely.
> And
> if you are that small, you should likely just have auto-update on so a
> hot
> patch doesn't slip through the cracks while you are managing file
> shares and
> fixing Microsoft Word for the secretary.
>
> joe
>
> --
> O'Reilly Active Directory Fourth Edition -
> http://www.joeware.net/win/ad4e.htm
> Blog: http://blog.joeware.net
>
>
>
>
> -----Original Message-----
> From: activedir-owner@mail.activedir.org
> [mailto:activedir-owner@mail.activedir.org] On Behalf Of Han Valk
> Sent: Tuesday, July 06, 2010 9:37 AM
> To: activedir@mail.activedir.org
> Subject: [ActiveDir] Reasons to log on to a DC interactively
>
> Hi list,
>
> Say one has a DC that is also a DNS and DHCP server. What could be a
> reason
> one has to log on interactively to a DC exept for DNS, DHCP, Group
> Policy,
> AD and Event Log management?
>
> Han.
| | | |
| fhartono
Posts:27
| | 07/09/2010 1:59 AM |
| I guess its for just in case scenarios.. Eg. dc has some process with
memory leaking, server service laggy slow and remoting doesn't really
work..
Also when you have a satellite sites with slow links its always way
faster to do it from the server..
On 7/7/10, Biju_babu@cargill.com <Biju_babu@cargill.com> wrote:
> I would agree with Kevin.
>
> And my understanding is that you can delegate MS DNS and MS DHCP
> administration to non Domain Admins
>
> Regards
>
> Biju Babu
> IT Technical Analyst, Identity and Service Management
>
> Phone : +91-124-4090264
> Rnet : 791-345
> Email : biju_babu@cargill.com
>
> My working hours are from 11:00 to 19:30 IST (00:30 to 09:00 CST)
>
> Please consider our environmental responsibility before printing this
> e-mail
>
> -----Original Message-----
> From: activedir-owner@mail.activedir.org
> [mailto:activedir-owner@mail.activedir.org] On Behalf Of Kevin@jameses.net
> Sent: Tuesday, July 06, 2010 9:58 PM
> To: activedir@mail.activedir.org
> Subject: RE: [ActiveDir] Reasons to log on to a DC interactively
>
> Safe mode, trouble shooting, configuring the NIC, when Directory
> Services are stopped (2008+)... maybe a few others.
>
> Routine operations? - almost never.
>
>
> /kj
>> -----Original Message-----
>> From: activedir-owner@mail.activedir.org [mailto:activedir-
>> owner@mail.activedir.org] On Behalf Of Han Valk
>> Sent: Tuesday, July 06, 2010 6:37 AM
>> To: activedir@mail.activedir.org
>> Subject: [ActiveDir] Reasons to log on to a DC interactively
>>
>> Hi list,
>>
>> Say one has a DC that is also a DNS and DHCP server. What could be a
>> reason one has to log on interactively to a DC exept for DNS, DHCP,
>> Group Policy, AD and Event Log management?
>>
>> Han.
>>
>
>
> Sent to activedir@mail.activedir.org from Kevin R. James
>
> Virus scanned by GFI MailSecurity 6/7/2010
>
>
>
>
--
Kind Regards,
Freddy Hartono
| | | |
|
|