Home / user-9004

Toto's questions

Martin Hope
Toto
Asked: 2009-07-03 10:16:55 +0800 CST
  • 0

I've long been a fan of site specific DNS domains (e.g. <site>.company.com). With AD, having a separate domain means an extra pair (for redundancy) of DCs which seems excessive (in cost and complexity) in small environments.

As a result, in my previous company we had a single AD domain but two DNS domains. This worked out pretty well but it also meant including the sitename in the Windows servers names (e.g. <site>name) which gives a redundant FQDN: <site>name.<site>.company.com (The reason for this is that, obviously, you can only have a single AD computer called "name" within a domain. [Yes, technically you can have one per OU but in practice the NetBIOS/pre2000 name prevents this from being practical.])

The answer then seems to be to give up site awareness in the DNS domain which may not be such a big deal with Windows (given that AD has subnet based site-awareness) but still seems wrong to me.

So, what do you do?

Also, if you have multiple AD domains,

  • where do you put your user accounts?
  • where do you locate your company.com DCs?
  • what else should I be thinking about?
domain-name-system active-directory netbios
Martin Hope
Toto
Asked: 2009-06-27 12:17:10 +0800 CST
  • 2

I haven't done this for quite a while, but I'm actually going to go through the process of evaluating various issue trackers.

Starting with these requirements:

  • needs to be customizable (custom fields, custom workflows)
  • email & web gateways
  • metadata manipulation via email (e.g. close via email, etc...)
  • email notifications (on demand)
  • ability to assign default "watcher(s)" for new issues
  • support for issue classification (categories, projects, ..)
  • issue relationships (sub issues, linked issues, duplicate issues, merge issues)
  • AD integration
  • Security (for example, only allow users to see their own issues)
  • API
  • CLI interface (i don't care, but others will suggest it)

What requirements am I missing here?

evaluation
Martin Hope
Toto
Asked: 2009-06-19 05:18:50 +0800 CST
  • 2

Does anyone know of a good solution to have a Windows desktop standby so that users can be back up and running quickly in case of hardware failure? Assumption is that the desktops aren't generic but highly customized for individual users.

Although I'm aware of bare-metal restore products out there, I'm looking for alternatives which would allow the standby to simply be booted/brought up without any delay. A bare-metal restore solution would be fine as every day type of backup when one only expects a desktop failure once in a while (or even a few failures a day). But this is for a DR type setup, where dozens or hundreds of desktops in a different site would need to be activated at the same time.

The backup/standby desktop doesn't need to be fully up to date. Ideally, the solution would allow scheduling periodic updates.

Finally, I realize that having VM desktops is a way to do this (by replicating the back-end storage). However, I'm yet to see a mature solution that will allow for powerful quad-core VMs.

Edit #1: Sure, all the desktops start with a generic image that has things like Office, and so on. However, there are many additional applications which go to specific users only, many of them aren't generic. They also often auto-update from the vendor, meaning that even if a second desktop is built with the right applications, only if they aren't used, they will fall out of date and not work.

I've never worked in an environment where desktops are truly generic. I can think of instances where this is a reality, but come on people, this is not the answer here.

Edit #2: Lots of curiosity (below) surrounding the requirements. Agreed, they may be unreasonable, but then again, if there's a way to do this well, I would spend the money. The question really is can this be done well, and if so how? It should be obvious from the initial question that I've already thought about this quite a bit, as well as looked at possible solutions. Now, as to why would I spend the money on such a perfect solution, because this is Wall Street.

windows backup replication disaster-recovery business-continuity
Martin Hope
Toto
Asked: 2009-06-18 11:56:15 +0800 CST
  • 5

If you aren't willing or able to prevent users from keeping old emails "forever", what solution do you have?

  • Exchange 2007 allows pretty massive mailboxes, but lots of people still recommend against it (although it's unclear whether there's a real reason for this, or it's just an old habit).
  • PST files should not be on a network drives -- the choice seems to be doing it anyways (which I've done for years without any real problem) or backing up desktops (not always an option)

So.. what else?

Notes:

  • Bonus points for solutions that works with hosted/outsourced exchange setups
  • Bonus points for solutions that allow for some archives to be shared amongst users
  • Bonus points for solutions that allow access/search via Outlook (Added w/ Edit)
  • This has nothing to do with compliance, I don't care to archive all emails
email outlook archive
Martin Hope
Toto
Asked: 2009-06-16 13:03:22 +0800 CST
  • 8

In the good old days, backups went to tapes, some of which were often offline if not offsite. This made it difficult to destroy all backups (accidentally or maliciously), especially if the network/servers have been compromised.

These days, disk to disk backups are all the rage which brings up two questions:

  • Is it common for a d2d setup to keep all backups online (as opposed to also using tapes, rotating drives, ...)?
  • How are online backups typically protected? In other words, how is access to the media (e.g. files), and the ability to destroy it, restricted? How many people typically have access? etc..
backup security