Re: [PLUG] NTP rant

[Michael Leone <turgon@mike-leone.com>]

On Thu, Feb 23, 2012 at 9:24 AM, jeff <jeffv@op.net> wrote:
> On 02/23/2012 09:17 AM, Art Alexion wrote:
>>
>> This is the correct answer. We tracked down a rogue DC in a branch
>> office which had grabbed the PDC role from the real PDC.
>
>
> Another great MS `feature'.

A rogue DC? Someone (not you or the IT staff) installed a Windows
server, and then installed Active Directory on it? That requires the
password of a domain admin account to do (or one delegate those
rights).

AD roles usually have to be manually transferred, they don't just
transfer between DCs due to new installations. Someone had to
deliberately transfer that role.

You've got much more than a technical problem, if you have non-IT
staff installing DCs at branch offices, and that know your domain
passwords and how to transfer AD roles ....
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug