Michael Leone on 23 Feb 2012 06:44:00 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] NTP rant

On Thu, Feb 23, 2012 at 9:24 AM, jeff <jeffv@op.net> wrote:
> On 02/23/2012 09:17 AM, Art Alexion wrote:
>> This is the correct answer. We tracked down a rogue DC in a branch
>> office which had grabbed the PDC role from the real PDC.
> Another great MS `feature'.

A rogue DC? Someone (not you or the IT staff) installed a Windows
server, and then installed Active Directory on it? That requires the
password of a domain admin account to do (or one delegate those

AD roles usually have to be manually transferred, they don't just
transfer between DCs due to new installations. Someone had to
deliberately transfer that role.

You've got much more than a technical problem, if you have non-IT
staff installing DCs at branch offices, and that know your domain
passwords and how to transfer AD roles ....
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug