Security Basics mailing list archives
Delegating Domain Administration - Win2k3
From: "WALI" <hkhasgiwale () gmail com>
Date: Sat, 4 Oct 2008 09:11:30 +0400
Hi All,Having recently commissioned a Windows 2003 R2 based and Exchange 2k3 included single domain AD model across various branches of my company spread across 4 different countries, I want to write a policy/procedural document detailing delegation of service/administration accounts across all units. The branch units are represented by OUs within the single child domain - say abc.zyz.local ( parent root domain 'xyz.local' being empty).
What's the best way to go about it? How should the OU administration be spread across? What would be the exchange administration best practices? Who/how should the schema admin/domain admin rights be spread across? Who should have the FSMO roles and what should be the criteria? We have a global 2Mbps MPLS network connecting all the DC's/exchange servers within this model, so bandwidth isn't an issue probably.
Any/all advise is welcome.
Current thread:
- Java Enterprise Safe ??, (continued)
- Java Enterprise Safe ?? Mattias Hemmmingsson (Oct 07)
- Re: Java Enterprise Safe ?? Joe (Oct 09)
- Re: Java Enterprise Safe ?? Gleb Paharenko (Oct 09)
- Re: Java Enterprise Safe ?? Adriel Desautels (Oct 14)
- Re: File traces Simone (Oct 06)
- Re: File traces Brian Johnson (Oct 06)
- Re: File traces dongle (Oct 07)
- Re: File traces the.soylent (Oct 06)
- Re: File traces Frynge Customer Support (Oct 07)
- Delegating Domain Administration - Win2k3 WALI (Oct 06)
- Re: Delegating Domain Administration - Win2k3 Salvador III Manaois (Oct 07)