This could also be "How to confuse and confound yourself in the name of security." I am now working on an automated security package that lets users deploy XP Pro and Server 2003 in a standardized baseline. The premise is to: Patch the system (up to date of package release) Apply local security templates (you get the option of member server or DC for WS2003 builds) Install approved and licensed apps for machine via option menu Now, this has been going on for about 18 months now, and the project was

OK, so it's been awhile but I am going to try this again. Current topics include: AD (given) VMware (no longer using Virtual Server) ESX and Workstation Autocross Other I just switched contracts and I am now working on an automated deployment platform for pushing out common security and application baseline of Windows XP Pro and Windows Server 2003. I am using VMware ESX 2.5.2 right now on Compaq DL580G2 boxes. As I get more time, I will try to cover more DNS/AD issues.

By default, Active Directory does not require the use of reverse lookup zones to validate clients. The primary function of AD DNS is to permit the lookup of clients, services, and the all-valuable DC GUIDs for inter-DC communication. Spiffy. However, it appears that not everybody likes this. Now, I will be the first to admit that I don't read all of the RFCs for a given protocol or spec. OK, I will also admit that I like to lie about reading anything regarding RFCs, and in fact have better luck reading

Hi there, I am James Carter, and I am a Windows Server MVP in Directory Services. Basically, I am an Active Directory geek. I am a moderator at both www.ntcompatible.com and www.linuxcompatible.org (a.k.a. "clutch"), and I am an AD engineer/contractor (Subject Matter Expert, Enterprise Directory Services) for the US Army. My plan for this blog is to be a diary mostly of things I come up with at work, or things that can just simply make AD/DNS deployment easier. In addition, I am a BIG fan of virtualization