RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest

• From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Tue, 27 Sep 2005 19:58:55 -0500

I'll elaborate.

That advice is wrong.

The rest is just words.

HTH,

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7
MVP -- ISA Firewalls

 

> -----Original Message-----
> From: Danny [mailto:nocmonkey@xxxxxxxxx] 
> Sent: Tuesday, September 27, 2005 7:55 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: 2000 to 2004 Possible Upgrade 
> Scenarios with Seperate ISA AD Forest
> 
> http://www.ISAserver.org
> 
> On 9/27/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
> > First bad assumption - don't build your forest structure 
> around ISA -
> > build ISA into the forest structure.  Design your AD before 
> you worry
> > about your edge.
> 
> I should have mentioned that I came across this document 
> before posting:
> 
> http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/sec
> urityhardeningguide.mspx
> 
> "Determining Domain Membership
> 
> In many cases, you may want to set up the ISA Server computer as a
> member of a domain. For example, if you will create a policy that
> relies on domain user authentication, ISA Server should belong to a
> domain.
> 
> If the ISA Server computer is protecting the edge of your network, we
> recommend that you install it in a separate forest (rather than in the
> internal forest of your corporate network). ..."
> 
> Can you please elaborate, Jim?
> 
> > You can adapt the ISA deployment to that later.
> 
> Good point.  On the same token, I want to focus on doing it right the
> first time.
> 
> Much appreciated,
> 
> ...D
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion 
> List as: tshinder@xxxxxxxxxxxxxxxxxx
> To unsubscribe visit 
> http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
> 
> 

Other related posts:

• » 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest
• » RE: 2000 to 2004 Possible Upgrade Scenarios with Seperate ISA AD Forest

1. Home
2. isalist
3. Archive
4. 09-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---