Re: AD and ISA in the same machine

  • From: "Lists" <lists@xxxxxxxxxxxxxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 8 Dec 2005 11:09:46 -0800

Hmmmm-doing without thinking can lead to big problems. 

-----Original Message-----
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] 
Sent: Thursday, December 08, 2005 11:02 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine

http://www.ISAserver.org



...one does not think.. they do instead... 



-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, December 08, 2005 12:54 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine

http://www.ISAserver.org

..one would think so... 


-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Thursday, December 08, 2005 09:37
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine

http://www.ISAserver.org

But you can't use SBS in his situation anyway. If they went to the
expense of purchasing ISA for branch offices, then they must be large
enough to justify another box.

Amy
 
Harbor Computer Services
Small Business Computer Specialists

Client Blog: http://smalltechnotes.blogspot.com/
Tech Blog: http://isainsbs.blogspot.com/
Website: http://www.harborcomputerservices.net/
 

 

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, December 08, 2005 11:53 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine

http://www.ISAserver.org

As Tim alluded to, this is silly. 
SBS was built to serve the extremely cheap" market.
Hell, the cost of SBS PE alone is the same as ISA SE.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: pagemontreal@xxxxxxxxx [mailto:pagemontreal@xxxxxxxxx]
Sent: Thursday, December 08, 2005 08:33
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine

http://www.ISAserver.org 
 
  I've tested some features. And is working well. 
  Some customers use this 'solution', because the don't have a lot of
options($$). 
  I know, is not a best practice, there is some security questions (I
could say a lot of) about it, I can find more problems ahead,  but  it
works. 
  Unfortunately we can't install dc on the pix, but we can build one (
http://www.packetattack.com/frankenpix.html
<http://www.packetattack.com/frankenpix.html>  for more information).

  Some times we have to think out of the box....

 

 

Cheers, 

Denis



 
On 12/8/05, Thomas W Shinder <tshinder@xxxxxxxxxxx > wrote: 

        http://www.ISAserver.org <http://www.isaserver.org/> 
        
        You just think you did. There are many and varied surprizes
awaiting you, which will present themselves as security issues or
impossible to solve "weird" problems. Put the DC on the PIX. 
        
         
        Thomas W Shinder, M.D.
        Site: www.isaserver.org <http://www.isaserver.org/> 
        Blog: http://spaces.msn.com/members/drisa/
<http://spaces.msn.com/members/drisa/> 


        Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
        MVP -- ISA Firewalls
        **Who is John Galt?** 
         


________________________________

                From: Denis Page [mailto:pagemontreal@xxxxxxxxx] 
                Sent: Thursday, December 08, 2005 8:46 AM 
                
                To: [ISAserver.org Discussion List]
                Subject: [isalist] Re: AD and ISA in the same machine
                

                 
                
                http://www.ISAserver.org <http://www.isaserver.org/>  
                  I'm testing a branch office solution. The customer
DON'T have more than 1 server in branch. 
                  I solve the problem. Thanks anyway.


                 
                On 12/8/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote: 

                        http://www.ISAserver.org
<http://www.isaserver.org/> 
                        
                        One Acronym - DCOM.
                        Take
                        ISA
                        Off
                        The
                        DC
                        
                        --------------------------------------------
                        Jim Harrison
                        MCP(NT4, W2K), A+, Network+, PCG
                        http://isaserver.org/Jim_Harrison/
<http://isaserver.org/Jim_Harrison/> 
                        http://isatools.org <http://isatools.org/> 
                        Read the help / books / articles!
                        -------------------------------------------- 
                        
                        -----Original Message-----
                        From: Denis Page [mailto:pagemontreal@xxxxxxxxx
]
                        Sent: Wednesday, December 07, 2005 6:59 PM 
                        To: [ISAserver.org Discussion List]
                        Subject: [isalist] Re: AD and ISA in the same
machine
                        
                        http://www.ISAserver.org
<http://www.isaserver.org/> 
                        Yes. I've installed in a DC. To test some
features with AD groups and
                        users.
                        I could install more computers, but can I use
isa server and DC in a
                        same machine?
                        I'd like to know what can I do to leave the
authentication ports open on 
                        ISA/DC Server.
                        
                        
                        
                        On 12/8/05, Thor (Hammer of God)
<thor@xxxxxxxxxxxxxxx> wrote:
                        
                               http://www.ISAserver.org
<http://www.isaserver.org/>  
                        
                               Just to make sure I understand-- You've
installed ISA 2004 on a 
                        domain
                               controller?
                        
                               If so, uninstall ISA from your DC.  ISA
serves a completely
                        different
                               function than a DC.  That's like marrying
a hooker. 
                        
                               To test, install on a dedicated box or in
a VM. 
                        
                               t
                        
                        
                               -----
                               "And yet, even if one person finds his
way... that means
                               there is a Way.  Even if I personally
fail to reach it." 
                        
                               Mr. Nobusuke Tagomi
                               Top Place, Ranking Imperial Trade Mission
                               Pacific States of America
                        
                               ----- Original Message -----
                               From: "Denis Page" <
pagemontreal@xxxxxxxxx <mailto:pagemontreal@xxxxxxxxx> >
                               To: "[ISAserver.org Discussion List]" <
isalist@xxxxxxxxxxxxx 
                        <mailto:isalist@xxxxxxxxxxxxx > >
                               Sent: Wednesday, December 07, 2005 6:25
PM
                               Subject: [isalist] AD and ISA in the same
machine
                        
                        
                               http://www.ISAserver.org
<http://www.isaserver.org/> 
                        
                                 Hi, 
                        
                               I've installed ISA Server 2004 STD in a
AD machine (to test some
                               features).
                               After the Install ISA server in DC, the
clients don't
                        authenticate
                               anymore (can't log in domain). 
                               I've created an access rule with the
logon ports (internal to
                        localhost)
                               but it doesn't work.
                               Can anyone help me?
                        
                               Tnks
                        
                        
        

Report abuse to listadmin@xxxxxxxxxxxxx


Other related posts: