Oh, I agree with the educate part. That's why we fax and have them sign off on recommendations that won't get followed.... Veritas and CA are extremely picky about domain to domain with no trusts in place. Veritas's phone support is good and all, but there are like 5 installs we have that are having major issues with that and their recommendation with just give them local admin. My response was we can't, their domain controllers..... Then she repeated herself. Then I asked for my $86 back. Then she laughed and told me I was funny. Then I went home and drank a few beers..... It's Monday, if my brain was geared up I'd come up with something better for an example for you Jim, but alas, the well is currently dry..... Hi ho, hi ho! Back to modifying GPO's I go..... -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Monday, January 10, 2005 12:10 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2004 and AOL 9.0 http://www.ISAserver.org YaDamnSkippy! Your "backup breakage" example is a poor one; there are system and domain rights tailored specifically to that task. So long as you're willing to let the tail wag the dog, you get what you create. I'll also stipulate that there are customers that don't want to "deal with the hassles" of non-local-admin users and this makes your life a living hell come virus / worm time, but if you're not continually banging on them, it's your own fault and you get what you take. Educate, educate, educate. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: TRadtke@xxxxxxxxxxxx [mailto:TRadtke@xxxxxxxxxxxx] Sent: Monday, January 10, 2005 09:53 To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2004 and AOL 9.0 http://www.ISAserver.org Some businesses run out of AOL accounts. Just because it's not a good idea doesn't mean people won't demand to do it. Just like a few places we support demand that the end users have the abilities of administrator on the local system even though they don't need it. It's definitely not a good idea, but it's a requirement by their corporate IT. And if it makes or breaks a $4 million sale, administrator you shall be. Then they get audited. Then their IT staff gets grumpy. Then you take away local admin. They get more grumpy since it breaks their backup software.... Fun, fun for everyone! So, Jim, you'd refuse to configure a system for someone because it wasn't the best choice? -----Original Message----- From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] Sent: Monday, January 10, 2005 11:35 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2004 and AOL 9.0 http://www.ISAserver.org That's so cute; relating AOL client to basic security needs... I'll stipulate that the clients often have conflicting requirements, but it's up to you; the security expert, to educate them. ------------------------------------------------------- Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://isaserver.org/Jim_Harrison/ http://isatools.org Read the help / books / articles! ------------------------------------------------------- -----Original Message----- From: TRadtke@xxxxxxxxxxxx [mailto:TRadtke@xxxxxxxxxxxx] Sent: Monday, January 10, 2005 09:14 To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2004 and AOL 9.0 http://www.ISAserver.org End user requirements.... End user requirements.... Just like nobody should be local administrator if they don't need it.... -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Monday, January 10, 2005 11:12 AM To: [ISAserver.org Discussion List] Subject: [isalist] RE: ISA 2004 and AOL 9.0 http://www.ISAserver.org AOL has no place in a business! <Blast shields up, fire away.> John Tolmachoff Engineer/Consultant/Owner eServices For You > -----Original Message----- > From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] > Sent: Monday, January 10, 2005 8:32 AM > To: [ISAserver.org Discussion List] > Subject: [isalist] ISA 2004 and AOL 9.0 > > http://www.ISAserver.org > > http://www.microsoft.com/isaserver/techinfo/guidance/2004.asp > > ------------------------------------------------------- > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://isaserver.org/Jim_Harrison/ > http://isatools.org > Read the help / books / articles! > ------------------------------------------------------- > > > > All mail to and from this domain is GFI-scanned. > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > johnlist@xxxxxxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist > Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tradtke@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tradtke@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx All mail to and from this domain is GFI-scanned. ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tradtke@xxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist Report abuse to listadmin@xxxxxxxxxxxxx