OR maybe start looking elsewhere but don't jump until you have another boat. When it hits none of it is likely to stick to the PHP or that group they will point their fingers at you for not giving them the warning.
Jon On Fri, Jan 8, 2010 at 10:42 AM, Steven M. Caesare <scaes...@caesare.com>wrote: > Dude, that blows. > > > > Carefully document your “I told you so’s” for when it explodes > spectacularly! > > > > -sc > > > > *From:* David Lum [mailto:david....@nwea.org] > *Sent:* Friday, January 08, 2010 9:16 AM > > *To:* NT System Admin Issues > *Subject:* RE: Adding 2008 DC's... > > > > Amazing, after a meeting yesterday the deployment of 2008 has been taken > out of my area altogether, to the team of SE’s that hasn’t even deployed > 2003 R2 anywhere much less a 2008 machine, because that team doesn’t really > care about such minutiae until they find out that some OS is no longer > supported. Oh yeah, and it’s me pointing THAT out… > > > > I feel like I’ve been demoted. > > > > TGIF…I think. > > *David Lum** **// *SYSTEMS ENGINEER BUT MAYBE SHOULD BE HELP DESK TECH > > NORTHWEST EVALUATION ASSOCIATION > (Desk) 971.222.1025 > *// *(Cell) 503.267.9764 > > > > > > > > *From:* Michael B. Smith [mailto:mich...@smithcons.com] > *Sent:* Thursday, January 07, 2010 10:51 AM > > *To:* NT System Admin Issues > *Subject:* RE: Adding 2008 DC's... > > > > It removes a number of “obsolete” security options. > > > > I quote the word “obsolete” because some older/insecure products depend on > them. Older versions of SAMBA for example. Some NAS that based on older > versions of SAMBA, etc. > > > > I ran into a product at one customer called a “CAS” that allowed a single > sign-on to Apache/IIS/and Windows by actually doing a man-in-the-middle > attack! It depended on this too. > > > > *From:* David Lum [mailto:david....@nwea.org] > *Sent:* Thursday, January 07, 2010 1:36 PM > *To:* NT System Admin Issues > *Subject:* RE: Adding 2008 DC's... > > > > From what I’ve read changing the functional level to 2008 doesn’t really > “do” anything I particular anyway, right? > > > > *From:* Michael B. Smith [mailto:mich...@smithcons.com] > *Sent:* Thursday, January 07, 2010 9:09 AM > *To:* NT System Admin Issues > *Subject:* RE: Adding 2008 DC's... > > > > You have to run the schema upgrade, but nothing says that you ever have to > bump the domain functional level or the forest functional level. > > > > I’ve done this for a number of customers, with no ill effect. > > > > I’d recommend you roll out 2008 or 2008 R2. It’ll save you work in the > future. > > > > *From:* David Lum [mailto:david....@nwea.org] > *Sent:* Thursday, January 07, 2010 12:00 PM > *To:* NT System Admin Issues > *Subject:* Adding 2008 DC's... > > > > We have an environment with five 2003 Server DC’s. I need to roll out two > new DC’s and would like to make them 2008 Server. Do you guys consider this > a major or minor infrastructure change? I’m on the fence – existing DC’s are > untouched save for running ADPREP on the schema master, otherwise the > existing DC’s are untouched. Lots of new features though and to me just as > importantly 2008 will be supported for years to come. > > > > My fellow SE’s are telling me to just roll out 2003 and call it good, but > to me it seems silly since our DC’s typically hang around a long time (6+ > years currently), and in 5 years security patches go away for 2003 (extended > support ends 7/2015, and mainstream support ends 7/2010). > > > > Comments? > > *David Lum** **// *SYSTEMS ENGINEER > NORTHWEST EVALUATION ASSOCIATION > (Desk) 971.222.1025 *// *(Cell) 503.267.9764 > > > > > > > > > > > > > > > > > > > > > > > > > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
