Yes there was explanation, and I understand with the decision they made and why they made it, heck it even makes sense on many levels, but that doesn't mean I have to LIKE it :). In fact I used to be the team that this is now assigned to.
It boils down to the team that has this responsibility has nobody that cares about such things - nobody on that team wants to do it or has the desire to keep astride of MS Server OS developments. They deployed a server last month and it's not even 2003 R2, they have no 2008 servers even for testing purposes. OTOH I have 2008 Terminal Server, 2008 Server with MOSS, and a couple other 2008 Server's for development and shake-out purposes. I am allowed to build servers as long as they are handling just employee-facing use (file/print/SMS/anti-virus/SharePoint, etc) but I now have no say in infrastructure planning and design. "We'll hand this to the team that doesn't care about it, they'll get to it when they have to" is in essence what I heard. If they had an SE who was driven to pay attention to this stuff I would be MUCH happier. From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Friday, January 08, 2010 8:29 AM To: NT System Admin Issues Subject: Re: Adding 2008 DC's... Was there any explanation as to why they chose the other team to handle this particular task? If not, I would discuss it with one of the decision makers before thinking the worst. It sounds like you had a vested interest in completing this new initiative. If that's that kind of attitude you typically bring to all of the projects you're responsible for, it's quite possible they would just rather you focus on more important tasks. I've had the fortunate history to work with some decent and not so decent managers/executives. While I'm positive they were all responsible for decisions I originally could not wrap my head around, not one of them refused to explain their actions if they were approached in a calm, professional manner. Their explanations didn't always make sense, but it was the willingness to take the time to explain that was an eye opener for me. Just food for thought. - Sean On Fri, Jan 8, 2010 at 7:00 AM, David Lum <david....@nwea.org<mailto:david....@nwea.org>> wrote: Yeah, intellectually I get that. It's frustrating to me because it goes from someone who actually _likes_ to pay attention to that stuff to a team that couldn't care less about it and will do the minimum necessary to roll it out, they'll do it because they HAVE to. Anyone think the results will be different than if it was handled by a team that WANTED to do it? Well...I still have SCCM, Citrix, and Terminal Servers on my plate among other things, maybe I could actually get proficient at one of 'em. From: Kim Longenbaugh [mailto:k...@colonialsavings.com<mailto:k...@colonialsavings.com>] Sent: Friday, January 08, 2010 6:23 AM To: NT System Admin Issues Subject: RE: Adding 2008 DC's... Not demoted, just a victim of political maneuvering, or a decision by some PHB that hasn't reset his Etch-a-Sketch lately. ________________________________ From: David Lum [mailto:david....@nwea.org<mailto:david....@nwea.org>] Sent: Friday, January 08, 2010 8:16 AM To: NT System Admin Issues Subject: RE: Adding 2008 DC's... Amazing, after a meeting yesterday the deployment of 2008 has been taken out of my area altogether, to the team of SE's that hasn't even deployed 2003 R2 anywhere much less a 2008 machine, because that team doesn't really care about such minutiae until they find out that some OS is no longer supported. Oh yeah, and it's me pointing THAT out... I feel like I've been demoted. TGIF...I think. David Lum // SYSTEMS ENGINEER BUT MAYBE SHOULD BE HELP DESK TECH NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 From: Michael B. Smith [mailto:mich...@smithcons.com<mailto:mich...@smithcons.com>] Sent: Thursday, January 07, 2010 10:51 AM To: NT System Admin Issues Subject: RE: Adding 2008 DC's... It removes a number of "obsolete" security options. I quote the word "obsolete" because some older/insecure products depend on them. Older versions of SAMBA for example. Some NAS that based on older versions of SAMBA, etc. I ran into a product at one customer called a "CAS" that allowed a single sign-on to Apache/IIS/and Windows by actually doing a man-in-the-middle attack! It depended on this too. From: David Lum [mailto:david....@nwea.org<mailto:david....@nwea.org>] Sent: Thursday, January 07, 2010 1:36 PM To: NT System Admin Issues Subject: RE: Adding 2008 DC's... >From what I've read changing the functional level to 2008 doesn't really "do" >anything I particular anyway, right? From: Michael B. Smith [mailto:mich...@smithcons.com<mailto:mich...@smithcons.com>] Sent: Thursday, January 07, 2010 9:09 AM To: NT System Admin Issues Subject: RE: Adding 2008 DC's... You have to run the schema upgrade, but nothing says that you ever have to bump the domain functional level or the forest functional level. I've done this for a number of customers, with no ill effect. I'd recommend you roll out 2008 or 2008 R2. It'll save you work in the future. From: David Lum [mailto:david....@nwea.org<mailto:david....@nwea.org>] Sent: Thursday, January 07, 2010 12:00 PM To: NT System Admin Issues Subject: Adding 2008 DC's... We have an environment with five 2003 Server DC's. I need to roll out two new DC's and would like to make them 2008 Server. Do you guys consider this a major or minor infrastructure change? I'm on the fence - existing DC's are untouched save for running ADPREP on the schema master, otherwise the existing DC's are untouched. Lots of new features though and to me just as importantly 2008 will be supported for years to come. My fellow SE's are telling me to just roll out 2003 and call it good, but to me it seems silly since our DC's typically hang around a long time (6+ years currently), and in 5 years security patches go away for 2003 (extended support ends 7/2015, and mainstream support ends 7/2010). Comments? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
