Wow....this thread went off on one. Not to try and resurrect it or anything....but I recall that you mentioned some strange permissions on DCs that could be inherited by the Server Operators group. Do you have any further details on these - purely out of interest. I know a few admins who've used the group for certain things and I might mention it to them when I see them next.
Cheers, On 30 September 2010 23:16, Brian Desmond <br...@briandesmond.com> wrote: > *Alright guys. I really am flattered that you all respect me so much in > this space, but, we need to remember that everyone is entitled to their own > opinion regardless of whether or not we agree with them. William and I > chatted offline and we’re good, so I think at this point we need to just > kill this thread.* > > * * > > *To circle back to the technical details of the OP’s long lost question, > whatever you deny can be worked around by someone in the Domain Admins group > if they so desire. You need to have a serious discussion with your > management chain and if they’re not going to listen and I were in your shoes > I’d suggest they hire a third party consultant to review your design and > their requirements and determine how to best merge them.* > > * * > > *Thanks,* > > *Brian Desmond* > > *br...@briandesmond.com* > > * * > > *c – 312.731.3132* > > * * > > *From:* John Cook [mailto:john.c...@pfsf.org] > *Sent:* Thursday, September 30, 2010 5:12 PM > > *To:* NT System Admin Issues > *Subject:* Re: Restricting groups in Active Directory > > > > Are you guys blasting Shookie again? > John W. Cook > Systems Administrator > Partnership for Strong Families > > > ------------------------------ > > *From*: William Robbins <dangerw...@gmail.com> > *To*: NT System Admin Issues <ntsysadmin@lyris.sunbelt-software.com> > *Sent*: Thu Sep 30 17:59:00 2010 > *Subject*: Re: Restricting groups in Active Directory > > Micrometers. > > - WJR > > On Thu, Sep 30, 2010 at 16:58, Mathew Shember <mathew.shem...@synopsys.com> > wrote: > > Isn't that what tweezers are for? > > > > -----Original Message----- > From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] > Sent: Thursday, September 30, 2010 2:56 PM > To: NT System Admin Issues > Subject: RE: Restricting groups in Active Directory > > are the measurement increments on your tape measure small enough? > > >>> Kim Longenbaugh <k...@colonialsavings.com> 9/30/2010 2:44 PM >>> > Do you have a tape measure or would you like to borrow one? > > > > From: Mathew Shember [mailto:mathew.shem...@synopsys.com] > Sent: Thursday, September 30, 2010 4:43 PM > To: NT System Admin Issues > Subject: RE: Restricting groups in Active Directory > > > > Alright I will ask. > > > > What exactly are your credentials? > > > > > > Thanks, > > Mathew > > > > From: William J. Robbins [mailto:dangerw...@gmail.com] > Sent: Thursday, September 30, 2010 2:39 PM > To: NT System Admin Issues > Subject: Re: Restricting groups in Active Directory > > > > Look I didn't start picking his statement apart without asking who he > was or what his experience is. > > He did it to me. > > No one seems interested to know my credentials so I'm not about to start > some technical d!ck measuring contest. > > Fact is I've seen his resume and I've been doing this longer. > > I'm glad he had the opportunity to work at HP and all the benefits an MS > partnered company incurs, like MVP status, and publishing books. I know > lots of HP folks who've done the same. > > Just because I'm not working as a consultant to run in put a directory > in and fly off...doesn't mean I don't have experience. > > Now if you'll excuse me there is a Guinness with my name on it calling > me. > > > WJR > - from my Crackberry. > > "If you find yourself in a fair fight, your tactics suck." > > ________________________________ > > From: "Webster" <carlwebs...@gmail.com> > > Date: Thu, 30 Sep 2010 16:29:21 -0500 > > To: NT System Admin Issues<ntsysadmin@lyris.sunbelt-software.com> > > ReplyTo: "NT System Admin Issues" > <ntsysadmin@lyris.sunbelt-software.com> > > Subject: RE: Restricting groups in Active Directory > > > > Did you actually just ask Brian Desmond that? > > > > To continue the thought, how many conferences have you spoken at? How > many books have you written or been asked to provide content for? How > long has Microsoft recognized you for you AD expertise? > > > > As an MCT, Microsoft hasn't recommended or taught the empty root forest > design in a long time. > > > > Just my $0.02US worth > > > > > > Webster > > > > From: William Robbins [mailto:dangerw...@gmail.com] > Subject: Re: Restricting groups in Active Directory > > > > I see. And how many directories have you designed for Fortune 500 > companies? > > I'm protecting them from people that think it's no big deal to continue > to design a directory as if it were still 1996...but that's just me and > my 10 years of experience designing directories for enterprise > environments talking. > > You go right ahead doing it your way, I'll do it mine. > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > > ------------------------------ > > CONFIDENTIALITY STATEMENT: The information transmitted, or contained or > attached to or with this Notice is intended only for the person or entity to > which it is addressed and may contain Protected Health Information (PHI), > confidential and/or privileged material. Any review, transmission, > dissemination, or other use of, and taking any action in reliance upon this > information by persons or entities other than the intended recipient without > the express written consent of the sender are prohibited. This information > may be protected by the Health Insurance Portability and Accountability Act > of 1996 (HIPAA), and other Federal and Florida laws. Improper or > unauthorized use or disclosure of this information could result in civil > and/or criminal penalties. > Consider the environment. Please don't print this e-mail unless you really > need to. > > This email and any attached files are confidential and intended solely for > the intended recipient(s). If you are not the named recipient you should not > read, distribute, copy or alter this email. Any views or opinions expressed > in this email are those of the author and do not represent those of the > company. Warning: Although precautions have been taken to make sure no > viruses are present in this email, the company cannot accept responsibility > for any loss or damage that arise from the use of this email or attachments. > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > --- > To manage subscriptions click here: > http://lyris.sunbelt-software.com/read/my_forums/ > or send an email to listmana...@lyris.sunbeltsoftware.com > with the body: unsubscribe ntsysadmin > -- "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin