Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Domain Controller Best Practice

from [Sullivan Tim P] Network Security [Permanent Link]
Subject: Domain Controller Best Practice
Date: Mon, 21 Feb 2005 18:21:42 -0700 
I am in need of some supporting documentation relating to Domain
Controllers.

The situation is this. A medium sized school would like their single DC
to also be a file server. This DC would be serving about 300 people,
along with another file server and an email server.

My initial recommendation is multiple domain controllers for the simple
reason of fault tolerance of the schema. They buy this.

However, they would like to see technical documentation saying that it
is not a good idea to have a domain controller share roles as a DC and a
file server. 

One of my main concerns, aside from load, is that high school age kids
are using the network. They like to poke and prod. I would rather them
not even poke at the DC. Also, as the DC has no local security database,
you can no longer use permission assignment best practice. To me it just
seems like a bad idea, but I need documentation to back it up.

Can anyone offer resources to illustrate this? I am scouring technet and
the MS AD deployment docs now.

Thanks,
Tim

 

______________________
Tim Sullivan
Nativemode Technologies
(623) 910-4700
tim@nativemode.com

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  SecurityFocus Microsoft Newsletter #228, Marc Fossi
Next by Date:  RE: Domain Controller Best Practice, Depp, Dennis M.
Previous by Thread:  SecurityFocus Microsoft Newsletter #228, Marc Fossi
Next by Thread:  RE: Domain Controller Best Practice, John Fellers
Indexes:  [Date] [Thread] [Top] [All Lists]