A perfect example of the difference between big server world and SBS-land. In big server world the tendency is to try and turn everything off that doesn't absolutely have to be on where I think the tendency in SBS-land is to have everything on, heck the DC is even running Exchange, it can't get much worse than that...
Seriously though, most companies have found that many "cool" Microsoft technologies rarely scale well to large environments. All of the little broadcasts and such that are fine on a small network with 15 PCs are ok but once you get into segments with hundreds of machines on networks with hundreds of thousands of machines things can get ugly. The less you have turned on, the less you have to worry about breaking and then trying to figure out how to fix. Big companies have enough other issues to deal with like how to change the email addresses of some 10,000 users who are now in a new division that needs a new name but is still in the main email system, etc. In general new "cool" things are adopted much more slowly if ever in large environments unless those things were initially scaled to enterprise sizes in design and are intended to make the enterprise more liveable in a way that the admins and management feel it needs to be more liveable. Unfortunately, most of the MS stuff doesn't qualify, usually on the first points. Active Directory things, now those are often cool and needed, but not say link tracking which worked great in mom and pop areas but devastated some large companies until they knew they could delete all of that useless crap. Microsoft has always had and seems to still have serious issues in testing several things 1. Scaled deployments 2. Reduced permission sets 3. Disjoint namespace or other unusual deployments that are not the result of clicking ok all of the time 4. Generic group selection (for instance LCS requires Global Groups... What century is this? Boneheads) 5. Multidomain forests 6. Multiforest deployments Basically if you do not have an environment that you built with point and click and hitting OK several times then you need to test test test before you implement most MS anything. Even if you do, I still think you should test test test before you implement anything. But since you are probably small too and the idea of a test lab makes you laugh uncontrollably because you could barely get production hardware, I understand. -- O'Reilly Active Directory Third Edition - http://www.joeware.net/win/ad3e.htm -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP] Sent: Thursday, March 09, 2006 4:23 PM To: ActiveDir@mail.activedir.org Subject: Re: [ActiveDir] What do you do when ooops won't work? If this is a 2k3 environment and that admin doesn't have VSS agents on the workstations so that you can restore your own deleted items...then shame on that admin. I have an entire drive snapping snapshots every hour on the hour (yes, every hour on the hour) for data, and mailbox retention is 30 days. [EMAIL PROTECTED] wrote: >Wouldn't that be just wonderful? Only if the admin were human :) > > >Sincerely, > >Dèjì Akómöláfé, MCSE+M MCSA+M MCT >Microsoft MVP - Directory Services >www.readymaids.com - we know IT >www.akomolafe.com >Do you now realize that Today is the Tomorrow you were worried about >Yesterday? -anon > >________________________________ > >From: [EMAIL PROTECTED] on behalf of Gil Kirkpatrick >Sent: Thu 3/9/2006 1:05 PM >To: ActiveDir@mail.activedir.org >Subject: RE: [ActiveDir] What do you do when ooops won't work? > > > >Can you get the server admin to pull a tape? You could do the restore >yourself in a VM environment. > >-g > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED] On Behalf Of >[EMAIL PROTECTED] >Sent: Thursday, March 09, 2006 1:46 PM >To: ActiveDir@mail.activedir.org >Subject: [ActiveDir] What do you do when ooops won't work? > >I just f-fingered a synch between my PDA and Outlook. Short story, all >my contacts (painfully built over several years) just took a road-trip >to neverland on a one-way ticket. > >Local backup? I was meaning to do it tomorrow. Really ;) > >Server backup restore? Yeah..... I have a greater chance of being the >next King of <insert-favorite-empire-here> than getting my corporate >server admin to help me here. Just won't happen. > >So, am I really SOL? > >Sincerely, > >Dèjì Akómöláfé, MCSE+M MCSA+M MCT >Microsoft MVP - Directory Services >www.readymaids.com - we know IT >www.akomolafe.com >Do you now realize that Today is the Tomorrow you were worried about >Yesterday? -anon >List info : http://www.activedir.org/List.aspx >List FAQ : http://www.activedir.org/ListFAQ.aspx >List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ >List info : http://www.activedir.org/List.aspx >List FAQ : http://www.activedir.org/ListFAQ.aspx >List archive: >http://www.mail-archive.com/activedir%40mail.activedir.org/ > > >List info : http://www.activedir.org/List.aspx >List FAQ : http://www.activedir.org/ListFAQ.aspx >List archive: >http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > -- Letting your vendors set your risk analysis these days? http://www.threatcode.com List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
