Re: AD and ISA in the same machine
- From: "Greg Mulholland" <greg@xxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 9 Dec 2005 06:51:52 +1100
How do you know?
Greg Mulholland
-----Original Message-----
From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
Sent: Friday, December 09, 2005 6:02 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine
http://www.ISAserver.org
...one does not think.. they do instead...
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, December 08, 2005 12:54 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine
http://www.ISAserver.org
..one would think so...
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Thursday, December 08, 2005 09:37
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine
http://www.ISAserver.org
But you can't use SBS in his situation anyway. If they went to the
expense of purchasing ISA for branch offices, then they must be large
enough to justify another box.
Amy
Harbor Computer Services
Small Business Computer Specialists
Client Blog: http://smalltechnotes.blogspot.com/
Tech Blog: http://isainsbs.blogspot.com/
Website: http://www.harborcomputerservices.net/
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, December 08, 2005 11:53 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine
http://www.ISAserver.org
As Tim alluded to, this is silly.
SBS was built to serve the extremely cheap" market.
Hell, the cost of SBS PE alone is the same as ISA SE.
-------------------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
http://isatools.org
Read the help / books / articles!
-------------------------------------------------------
-----Original Message-----
From: pagemontreal@xxxxxxxxx [mailto:pagemontreal@xxxxxxxxx]
Sent: Thursday, December 08, 2005 08:33
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine
http://www.ISAserver.org
I've tested some features. And is working well.
Some customers use this 'solution', because the don't have a lot of
options($$).
I know, is not a best practice, there is some security questions (I
could say a lot of) about it, I can find more problems ahead, but it
works.
Unfortunately we can't install dc on the pix, but we can build one (
http://www.packetattack.com/frankenpix.html
<http://www.packetattack.com/frankenpix.html> for more information).
Some times we have to think out of the box....
Cheers,
Denis
On 12/8/05, Thomas W Shinder <tshinder@xxxxxxxxxxx > wrote:
http://www.ISAserver.org <http://www.isaserver.org/>
You just think you did. There are many and varied surprizes
awaiting you, which will present themselves as security issues or
impossible to solve "weird" problems. Put the DC on the PIX.
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
<http://spaces.msn.com/members/drisa/>
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7>
MVP -- ISA Firewalls
**Who is John Galt?**
________________________________
From: Denis Page [mailto:pagemontreal@xxxxxxxxx]
Sent: Thursday, December 08, 2005 8:46 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same machine
http://www.ISAserver.org <http://www.isaserver.org/>
I'm testing a branch office solution. The customer
DON'T have more than 1 server in branch.
I solve the problem. Thanks anyway.
On 12/8/05, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:
http://www.ISAserver.org
<http://www.isaserver.org/>
One Acronym - DCOM.
Take
ISA
Off
The
DC
--------------------------------------------
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://isaserver.org/Jim_Harrison/
<http://isaserver.org/Jim_Harrison/>
http://isatools.org <http://isatools.org/>
Read the help / books / articles!
--------------------------------------------
-----Original Message-----
From: Denis Page [mailto:pagemontreal@xxxxxxxxx
]
Sent: Wednesday, December 07, 2005 6:59 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: AD and ISA in the same
machine
http://www.ISAserver.org
<http://www.isaserver.org/>
Yes. I've installed in a DC. To test some
features with AD groups and
users.
I could install more computers, but can I use
isa server and DC in a
same machine?
I'd like to know what can I do to leave the
authentication ports open on
ISA/DC Server.
On 12/8/05, Thor (Hammer of God)
<thor@xxxxxxxxxxxxxxx> wrote:
http://www.ISAserver.org
<http://www.isaserver.org/>
Just to make sure I understand-- You've
installed ISA 2004 on a
domain
controller?
If so, uninstall ISA from your DC. ISA
serves a completely
different
function than a DC. That's like marrying
a hooker.
To test, install on a dedicated box or in
a VM.
t
-----
"And yet, even if one person finds his
way... that means
there is a Way. Even if I personally
fail to reach it."
Mr. Nobusuke Tagomi
Top Place, Ranking Imperial Trade Mission
Pacific States of America
----- Original Message -----
From: "Denis Page" <
pagemontreal@xxxxxxxxx <mailto:pagemontreal@xxxxxxxxx> >
To: "[ISAserver.org Discussion List]" <
isalist@xxxxxxxxxxxxx
<mailto:isalist@xxxxxxxxxxxxx > >
Sent: Wednesday, December 07, 2005 6:25
PM
Subject: [isalist] AD and ISA in the same
machine
http://www.ISAserver.org
<http://www.isaserver.org/>
Hi,
I've installed ISA Server 2004 STD in a
AD machine (to test some
features).
After the Install ISA server in DC, the
clients don't
authenticate
anymore (can't log in domain).
I've created an access rule with the
logon ports (internal to
localhost)
but it doesn't work.
Can anyone help me?
Tnks
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information
about our other sites:
http://www.techgenix.com
<http://www.techgenix.com/>
------------------------------------------------------
You are currently subscribed to this
ISAserver.org Discussion
List as:
thor@xxxxxxxxxxxxxxx
<mailto:thor@xxxxxxxxxxxxxxx>
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist>
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
<http://www.isaserver.org/pages/larticle.asp?type=FAQ>
------------------------------------------------------
Visit TechGenix.com for more information
about our other sites:
http://www.techgenix.com
<http://www.techgenix.com/>
------------------------------------------------------
You are currently subscribed to this
ISAserver.org Discussion
List as: pagemontreal@xxxxxxxxx
<mailto:pagemontreal@xxxxxxxxx>
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------ List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server
Newsletter:
http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletter.asp> ISA Server
FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Visit
TechGenix.com for more information about our
other sites:
http://www.techgenix.com
<http://www.techgenix.com/>
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List
as: jim@xxxxxxxxxxxx <mailto:jim@xxxxxxxxxxxx> To
unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about
our other sites:
http://www.techgenix.com
<http://www.techgenix.com/>
------------------------------------------------------
You are currently subscribed to this
ISAserver.org Discussion List as: pagemontreal@xxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
<mailto:listadmin@xxxxxxxxxxxxx>
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> ISA Server
Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server
FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Visit
TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/>
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
<http://www.webelists.com/cgi/lyris.pl?enter=isalist> Report abuse to
listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter:
http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ:
http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com <http://www.techgenix.com/>
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion
List as: pagemontreal@xxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
<mailto:listadmin@xxxxxxxxxxxxx>
------------------------------------------------------ List Archives:
http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server
Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server
FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------ Visit
TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------ You are currently
subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To
unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
andrew@xxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
greg@xxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
