Re: AD and ISA in the same machine

• From: <pagemontreal@xxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 8 Dec 2005 14:32:37 -0200

  I've tested some features. And is working well.
  Some customers use this 'solution', because the don't have a lot of
options($$).
  I know, *is not a* best practice,* there is some security questions* (*I
could say a lot of*) about it, I can find more problems ahead,  but *it
works*.

  Unfortunately we can't install dc on the pix, but we can build one (
http://www.packetattack.com/frankenpix.html for more information).

  Some times we have to think out of the box....





Cheers,

Denis




On 12/8/05, Thomas W Shinder <tshinder@xxxxxxxxxxx> wrote:
>
> http://www.ISAserver.org <http://www.isaserver.org/>
> You just think you did. There are many and varied surprizes awaiting you,
> which will present themselves as security issues or impossible to solve
> "weird" problems. Put the DC on the PIX.
>
> *
>
> Thomas W Shinder, M.D.
> Site: www.isaserver.org
> Blog: http://spaces.msn.com/members/drisa/
> *
> *Book: **http://tinyurl.com/3xqb7* <http://tinyurl.com/3xqb7>
> *MVP -- ISA Firewalls
> ****Who is John Galt?*****
>
>  ------------------------------
> *From:* Denis Page [mailto:pagemontreal@xxxxxxxxx]
> *Sent:* Thursday, December 08, 2005 8:46 AM
> *To:* [ISAserver.org Discussion List]
> *Subject:* [isalist] Re: AD and ISA in the same machine
>
>
>  http://www.ISAserver.org <http://www.isaserver.org/>   I'm testing a
> branch office solution. The customer *DON'T* have more than 1 server in
> branch.
>   I solve the problem. Thanks anyway.
>
>
>
> On 12/8/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
> >
> > http://www.ISAserver.org <http://www.isaserver.org/>
> >
> > One Acronym - DCOM.
> > Take
> > ISA
> > Off
> > The
> > DC
> >
> > --------------------------------------------
> > Jim Harrison
> > MCP(NT4, W2K), A+, Network+, PCG
> > http://isaserver.org/Jim_Harrison/
> > http://isatools.org
> > Read the help / books / articles!
> > --------------------------------------------
> >
> > -----Original Message-----
> > From: Denis Page [mailto:pagemontreal@xxxxxxxxx ]
> > Sent: Wednesday, December 07, 2005 6:59 PM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] Re: AD and ISA in the same machine
> >
> > http://www.ISAserver.org <http://www.isaserver.org/>
> > Yes. I've installed in a DC. To test some features with AD groups and
> > users.
> > I could install more computers, but can I use isa server and DC in a
> > same machine?
> > I'd like to know what can I do to leave the authentication ports open on
> >
> > ISA/DC Server.
> >
> >
> >
> > On 12/8/05, Thor (Hammer of God) <thor@xxxxxxxxxxxxxxx> wrote:
> >
> >        http://www.ISAserver.org <http://www.isaserver.org/>
> >
> >        Just to make sure I understand-- You've installed ISA 2004 on a
> > domain
> >        controller?
> >
> >        If so, uninstall ISA from your DC.  ISA serves a completely
> > different
> >        function than a DC.  That's like marrying a hooker.
> >
> >        To test, install on a dedicated box or in a VM.
> >
> >        t
> >
> >
> >        -----
> >        "And yet, even if one person finds his way... that means
> >        there is a Way.  Even if I personally fail to reach it."
> >
> >        Mr. Nobusuke Tagomi
> >        Top Place, Ranking Imperial Trade Mission
> >        Pacific States of America
> >
> >        ----- Original Message -----
> >        From: "Denis Page" < pagemontreal@xxxxxxxxx>
> >        To: "[ISAserver.org Discussion List]" < isalist@xxxxxxxxxxxxx
> > <mailto:isalist@xxxxxxxxxxxxx > >
> >        Sent: Wednesday, December 07, 2005 6:25 PM
> >        Subject: [isalist] AD and ISA in the same machine
> >
> >
> >        http://www.ISAserver.org <http://www.isaserver.org/>
> >
> >          Hi,
> >
> >        I've installed ISA Server 2004 STD in a AD machine (to test some
> >        features).
> >        After the Install ISA server in DC, the clients don't
> > authenticate
> >        anymore (can't log in domain).
> >        I've created an access rule with the logon ports (internal to
> > localhost)
> >        but it doesn't work.
> >        Can anyone help me?
> >
> >        Tnks
> >
> >
> >        ------------------------------------------------------
> >        List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >        ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> >        ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >        ------------------------------------------------------
> >        Visit TechGenix.com for more information about our other sites:
> >        http://www.techgenix.com
> >        ------------------------------------------------------
> >        You are currently subscribed to this ISAserver.org Discussion
> > List as:
> >        thor@xxxxxxxxxxxxxxx
> >        To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > <http://www.webelists.com/cgi/lyris.pl?enter=isalist>
> >        Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >        ------------------------------------------------------
> >        List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >        ISA Server Newsletter:
> > http://www.isaserver.org/pages/newsletter.asp
> >        ISA Server FAQ:
> > http://www.isaserver.org/pages/larticle.asp?type=FAQ
> >        ------------------------------------------------------
> >        Visit TechGenix.com for more information about our other sites:
> >        http://www.techgenix.com
> >        ------------------------------------------------------
> >        You are currently subscribed to this ISAserver.org Discussion
> > List as: pagemontreal@xxxxxxxxx
> >        To unsubscribe visit
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >        Report abuse to listadmin@xxxxxxxxxxxxx
> >
> >
> >
> > ------------------------------------------------------ List Archives:
> > http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server
> > Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server
> > FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------ Visit
> > TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------ You are currently
> >
> > subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To
> > unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
> > All mail to and from this domain is GFI-scanned.
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Visit TechGenix.com for more information about our other sites:
> > http://www.techgenix.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > pagemontreal@xxxxxxxxx
> > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> >
> > Report abuse to listadmin@xxxxxxxxxxxxx
> >
>
> ------------------------------------------------------ List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter:
> http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ:
> http://www.isaserver.org/pages/larticle.asp?type=FAQ------------------------------------------------------
>  Visit
> TechGenix.com for more information about our other sites:
> http://www.techgenix.com------------------------------------------------------
>  You are currently
> subscribed to this ISAserver.org Discussion List as:
> tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to
> listadmin@xxxxxxxxxxxxx
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Visit TechGenix.com for more information about our other sites:
> http://www.techgenix.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> pagemontreal@xxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
> Report abuse to listadmin@xxxxxxxxxxxxx
>

Other related posts:

• » AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine
• » Re: AD and ISA in the same machine

1. Home
2. isalist
3. Archive
4. 12-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---